99 KiB
		
	
	
	
	
	
	
	
			
		
		
	
	
			99 KiB
		
	
	
	
	
	
	
	
Changelog
All notable changes to this project will be documented in this file.
[3.0.1] - 2019-10-10
Added
- Add tootctl media usagecommand (Gargron)
- Add admin setting to auto-approve trending hashtags (Gargron, Gargron)
Changed
- Change tootctl media refreshto skip already downloaded attachments (Gargron)
Removed
- Remove auto-silence behaviour from spam check (Gargron)
- Remove HTML langattribute from individual statuses in web UI (Gargron)
- Remove fallback to long description on sidebar and meta description (Gargron)
Fixed
- Fix preloaded JSON-LD context for identity not being used (Gargron)
- Fix media editing modal changing dimensions once the image loads (Gargron)
- Fix not showing whether a custom emoji has a local counterpart in admin UI (Gargron)
- Fix attachment not being re-downloaded even if file is not stored (Gargron)
- Fix old migration trying to use new column due to default status scope (Gargron)
- Fix column back button missing for not found accounts (trwnh)
- Fix issues with tootctl's parallelization and progress reporting (Gargron, Gargron)
- Fix existing user records with now-renamed ptlocale (Gargron)
- Fix hashtag timeline REST API accepting too many hashtags (Gargron)
- Fix GET /api/v1/instanceREST APIs being unavailable in secure mode (Gargron)
- Fix performance of home feed regeneration and merging (Gargron)
- Fix ffmpeg performance issues due to stdout buffer overflow (hugogameiro)
- Fix S3 adapter retrying failing uploads with exponential backoff (Gargron)
- Fix tootctl accounts culladvertising unused option flag (Kjwon15)
[3.0.0] - 2019-10-03
Added
- Add "not available" label to unloaded media attachments in web UI (Gargron, Gargron)
- Add profile directory to web UI (Gargron, mayaeh)
- Add profile directory opt-in federation
- Add profile directory REST API
 
- Add special alert for throttled requests in web UI (ThibG)
- Add confirmation modal when logging out from the web UI (ThibG)
- Add audio player in web UI (Gargron, Gargron, Gargron, ThibG, Gargron)
- Add autosuggestions for hashtags in web UI (Gargron, ThibG, Gargron, Gargron, Gargron)
- Add media editing modal with OCR tool in web UI (Gargron, Gargron, ThibG, ThibG, Gargron, Gargron, Gargron)
- Add indicator of unread notifications to window title when web UI is out of focus (Gargron, Gargron)
- Add indicator for which options you voted for in a poll in web UI (ThibG)
- Add search results pagination to web UI (Gargron, ThibG)
- Add option to disable real-time updates in web UI ("slow mode") (Gargron, ykzts, ThibG, Gargron, ThibG)
- Add option to disable blurhash previews in web UI (ThibG)
- Add native smooth scrolling when supported in web UI (ThibG)
- Add scrolling to the search bar on focus in web UI (Kjwon15)
- Add refresh button to list of rebloggers/favouriters in web UI (Gargron)
- Add error description and button to copy stack trace to web UI (Gargron)
- Add search and sort functions to hashtag admin UI (mayaeh, Gargron, mayaeh)
- Add setting for default search engine indexing in admin UI (brortao)
- Add account bio to account view in admin UI (ThibG)
- Add option to include reported statuses in warning e-mail from admin UI (Gargron, Gargron, Gargron, Gargron, mayaeh)
- Add number of pending accounts and pending hashtags to dashboard in admin UI (Gargron)
- Add account migration UI (Gargron, noellabo, noellabo, noellabo, noellabo)
- Add table of contents to about page (Gargron, ykzts, ykzts, Kjwon15)
- Add password challenge to 2FA settings, e-mail notifications (Gargron)
- Add optional public list of domain blocks with comments (ThibG, ThibG, Gargron)
- Add an RSS feed for featured hashtags (noellabo)
- Add explanations to featured hashtags UI and profile (Gargron)
- Add hashtag trends with admin and user settings (Gargron, Gargron, Gargron, Gargron, Gargron, mayaeh, Gargron, Gargron, Gargron, Gargron, Gargron, Gargron, ThibG, Sasha-Sorokin, Gargron, Gargron)
- Add hashtag usage breakdown to admin UI
- Add batch actions for hashtags to admin UI
- Add trends to web UI
- Add trends to public pages
- Add user preference to hide trends
- Add admin setting to disable trends
 
- Add categories for custom emojis (Gargron, Gargron, Gargron, highemerly)
- Add custom emoji categories to emoji picker in web UI
- Add categoryto custom emojis in REST API
- Add batch actions for custom emojis in admin UI
 
- Add max image dimensions to error message (raboof)
- Add aac, m4a, 3gp, amr, wma to allowed audio formats (Gargron, umonaca)
- Add search syntax for operators and phrases (Gargron)
- Add REST API for managing featured hashtags (noellabo)
- Add REST API for managing timeline read markers (Gargron)
- Add exclude_unreviewedparam toGET /api/v2/searchREST API (Gargron)
- Add reasonparam toPOST /api/v1/accountsREST API (Gargron)
- Add ActivityPub secure mode (Gargron, ThibG, ThibG)
- Add HTTP signatures to all outgoing ActivityPub GET requests (Gargron, ThibG)
- Add support for ActivityPub Audio activities (ThibG)
- Add ActivityPub actor representing the entire server (ThibG, rtucker, ThibG, Gargron)
- Add whitelist mode (Gargron, mayaeh)
- Add config of multipart threshold for S3 (ykzts, ykzts)
- Add health check endpoint for web (ykzts, ykzts)
- Add HTTP signature keyId to request log (Gargron)
- Add SMTP_REPLY_TOenvironment variable (hugogameiro)
- Add tootctl preview_cards removecommand (mayaeh)
- Add tootctl media refreshcommand (Gargron)
- Add tootctl cache recountcommand (Gargron)
- Add option to exclude suspended domains from tootctl domains crawl(dariusk)
- Add parallelization to tootctl search deploy(noellabo)
- Add soft delete for statuses for instant deletes through API (Gargron, Gargron)
- Add rails-level JSON caching (Gargron, Gargron)
- Add request pool to improve delivery performance (Gargron, ykzts)
- Add concurrent connection attempts to resolved IP addresses (ThibG)
- Add index for remember_token to improve login performance (abcang)
- Add more accurate hashtag search (Gargron, Gargron, Gargron)
- Add more accurate account search (Gargron, Gargron)
- Add a spam check (Gargron, Gargron, ThibG)
- Add new languages (Gargron)
- Breton
- Spanish (Argentina)
- Estonian
- Macedonian
- New Norwegian
 
- Add NodeInfo endpoint (Gargron, Gargron)
Changed
- Change conversations UI (Gargron)
- Change dashboard to short number notation (noellabo, noellabo)
- Change REST API GET /api/v1/timelines/publicto require authentication when public preview is off (ThibG)
- Change REST API POST /api/v1/follow_requests/:id/(approve|reject)to return relationship (ThibG)
- Change rate limit for media proxy (ykzts)
- Change unlisted custom emoji to not appear in autosuggestions (Gargron)
- Change max length of media descriptions from 420 to 1500 characters (Gargron, ThibG)
- Change deletes to preserve soft-deleted statuses in unresolved reports (Gargron)
- Change tootctl to use inline parallelization instead of Sidekiq (Gargron)
- Change account deletion page to have better explanations (Gargron, Gargron)
- Change hashtag component in web UI to show numbers for 2 last days (Gargron, Gargron, Gargron)
- Change OpenGraph description on sign-up page to reflect invite (Gargron)
- Change layout of public profile directory to be the same as in web UI (Gargron)
- Change detailed status child ordering to sort self-replies on top (ThibG)
- Change window resize handler to switch to/from mobile layout as soon as needed (ThibG)
- Change icon button styles to make hover/focus states more obvious (ThibG)
- Change contrast of status links that are not mentions or hashtags (ThibG)
- Change hashtags to preserve first-used casing (Gargron, Gargron, Gargron, Gargron, Gargron)
- Change unconfirmed user login behaviour (Gargron, ThibG, Gargron)
- Change single-column mode to scroll the whole page (Gargron, Gargron, Gargron, ThibG, Gargron, Gargron, ThibG, Gargron)
- Change tootctl accounts followto only work with local accounts (angristan)
- Change Dockerfile (Shleeble, ykzts, Shleeble)
- Change supported Node versions to include v12 (abcang)
- Change Portuguese language from pttopt-PT(Gargron)
- Change domain block silence to always require approval on follow (ThibG)
- Change link preview fetcher to not perform a HEAD request first (Gargron)
- Change tootctl domains purgeto accept multiple domains at once (Gargron)
Removed
- Remove OStatus support (Gargron, Gargron, Gargron, ThibG, ThibG)
- Remove Atom feeds and old URLs in the form of GET /:username/updates/:id(Gargron)
- Remove WebP support (angristan)
- Remove deprecated config options from Heroku and Scalingo (ykzts)
- Remove deprecated REST API GET /api/v1/searchAPI (Gargron)
- Remove deprecated REST API GET /api/v1/statuses/:id/card(Gargron)
- Remove deprecated REST API POST /api/v1/notifications/dismiss?id=:id(Gargron)
- Remove deprecated REST API GET /api/v1/timelines/direct(Gargron)
Fixed
- Fix manifest warning (ykzts)
- Fix admin UI for custom emoji not respecting GIF autoplay preference (ThibG)
- Fix page body not being scrollable in admin/settings layout (Gargron)
- Fix placeholder colors for inputs not being explicitly defined (Gargron)
- Fix incorrect enclosure length in RSS (tsia)
- Fix TOTP codes not being filtered from logs during enabling/disabling (Gargron)
- Fix webfinger response not returning 410 when account is suspended (Gargron)
- Fix ActivityPub Move handler queuing jobs that will fail if account is suspended (Gargron)
- Fix SSO login not using existing account when e-mail is verified (Gargron)
- Fix web UI allowing uploads past status limit via drag & drop (Gargron)
- Fix expiring polls not being displayed as such in web UI (ThibG)
- Fix 2FA challenge and password challenge for non-database users (Gargron, Gargron)
- Fix profile fields overflowing page width in web UI (Gargron)
- Fix web push subscriptions being deleted on rate limit or timeout (Gargron)
- Fix display of long poll options in web UI (ThibG, ThibG)
- Fix search API not resolving URL when typeis given (Gargron)
- Fix hashtags being split by ZWNJ character (Gargron)
- Fix scroll position resetting when opening media modals in web UI (Gargron)
- Fix duplicate HTML IDs on about page (ThibG)
- Fix admin UI showing superfluous reject media/reports on suspended domain blocks (ThibG)
- Fix ActivityPub context not being dynamically computed (ThibG)
- Fix Mastodon logo style on hover on public pages' footer (ThibG)
- Fix height of dashboard counters (ThibG)
- Fix custom emoji animation on hover in web UI directory bios (ThibG)
- Fix non-numbers being passed to Redis and causing an error (Gargron)
- Fix error in REST API for an account's statuses (Gargron)
- Fix uncaught error when resource param is missing in Webfinger request (Gargron)
- Fix uncaught domain normalization error in remote follow (Gargron)
- Fix uncaught 422 and 500 errors (Gargron, Gargron)
- Fix uncaught parameter missing exceptions and missing error templates (Gargron)
- Fix encoding error when checking e-mail MX records (Gargron)
- Fix items in StatusContent render list not all having a key (ThibG)
- Fix remote and staff-removed statuses leaving media behind for a day (Gargron)
- Fix CSP needlessly allowing blob URLs in script-src (ThibG)
- Fix ignoring whole status because of one invalid hashtag (Gargron)
- Fix hidden statuses losing focus (ThibG)
- Fix loading bar being obscured by other elements in web UI (Gargron)
- Fix multiple issues with replies collection for pages further than self-replies (ThibG)
- Fix blurhash and autoplay not working on public pages (Gargron)
- Fix 422 being returned instead of 404 when POSTing to unmatched routes (Gargron, Gargron)
- Fix client-side resizing of image uploads (ThibG)
- Fix short number formatting for numbers above million in web UI (Gargron)
- Fix ActivityPub and REST API queries setting cookies and preventing caching (ThibG, ThibG, ThibG, ThibG)
- Fix some emojis in profile metadata labels are not emojified. (kedamaDQ)
- Fix account search always returning exact match on paginated results (Gargron)
- Fix acct URIs with IDN domains not being resolved (Gargron)
- Fix admin dashboard missing latest features (Gargron)
- Fix jumping of toot date when clicking spoiler button (ariasuni)
- Fix boost to original audience not working on mobile in web UI (ThibG)
- Fix handling of webfinger redirects in ResolveAccountService (ThibG)
- Fix URLs appearing twice in errors of ActivityPub::DeliveryWorker (Gargron)
- Fix support for HTTP proxies (ThibG)
- Fix HTTP requests to IPv6 hosts (ThibG)
- Fix error in ElasticSearch index import (mayaeh)
- Fix duplicate account error when seeding development database (ysksn)
- Fix performance of session clean-up scheduler (abcang)
- Fix older migrations not running (zunda)
- Fix URLs counting towards RTL detection (ahangarha)
- Fix unnecessary status re-rendering in web UI (ThibG)
- Fix http_parser.rb gem not being compiled when no network available (petabyteboy)
- Fix muted text color not applying to all text (trwnh)
- Fix follower/following lists resetting on back-navigation in web UI (Gargron)
- Fix n+1 query when approving multiple follow requests (abcang)
- Fix records not being indexed into ElasticSearch sometimes (Gargron)
- Fix needlessly indexing unsearchable statuses into ElasticSearch (Gargron)
- Fix new user bootstrapping crashing when to-be-followed accounts are invalid (ThibG)
- Fix featured hashtag URL being interpreted as media or replies tab (Gargron)
- Fix account counters being overwritten by parallel writes (Gargron)
Security
- Fix performance of GIF re-encoding and always strip EXIF data from videos (Gargron)
[2.9.3] - 2019-08-10
Added
- Add GIF and WebP support for custom emojis (Gargron)
- Add logout link to dropdown menu in web UI (koyuawsmbrtn)
- Add indication that text search is unavailable in web UI (ThibG, ThibG)
- Add suffixtoMastodon::Versionto help forks (clarfon)
- Add on-hover animation to animated custom emoji in web UI (ThibG, ThibG, ThibG)
- Add custom emoji support in profile metadata labels (ThibG)
Changed
- Change default interface of web and streaming from 0.0.0.0 to 127.0.0.1 (Gargron, zunda, Gargron, zunda)
- Change the retry limit of web push notifications (highemerly)
- Change ActivityPub deliveries to not retry HTTP 501 errors (Gargron)
- Change language detection to include hashtags as words (Gargron)
- Change terms and privacy policy pages to always be accessible (Gargron)
- Change robots tag to include noarchivewhen user opts out of indexing (Kjwon15)
Fixed
- Fix account domain block not clearing out notifications (Gargron)
- Fix incorrect locale sometimes being detected for browser (Gargron)
- Fix crash when saving invalid domain name (Gargron)
- Fix pinned statuses REST API returning pagination headers (Gargron)
- Fix "cancel follow request" button having unreadable text in web UI (Gargron)
- Fix image uploads being blank when canvas read access is blocked (ThibG)
- Fix avatars not being animated on hover when not logged in (ThibG)
- Fix overzealous sanitization of HTML lists (ThibG)
- Fix block crashing when a follow request exists (ThibG)
- Fix backup service crashing when an attachment is missing (ThibG)
- Fix account moderation action always sending e-mail notification (Gargron)
- Fix swiping columns on mobile sometimes failing in web UI (ThibG)
- Fix wrong actor URI being serialized into poll updates (ThibG)
- Fix statsd UDP sockets not being cleaned up in Sidekiq (Gargron)
- Fix expiration date of filters being set to "never" when editing them (ThibG)
- Fix support for MP4 files that are actually M4V files (Gargron)
- Fix alertsnot being typecast correctly in push subscription in REST API (Gargron)
- Fix some notices staying on unrelated pages (ThibG)
- Fix unboosting sometimes preventing a boost from reappearing on feed (ThibG, Gargron)
- Fix only one middle dot being recognized in hashtags (Gargron, ThibG)
- Fix unnecessary SQL query performed on unauthenticated requests (Gargron)
- Fix incorrect timestamp displayed on featured tags (Kjwon15)
- Fix privacy dropdown active state when dropdown is placed on top of it (ThibG)
- Fix filters not being applied to poll options (ThibG)
- Fix keyboard navigation on various dropdowns (ThibG, ThibG, ThibG)
- Fix keyboard navigation in modals (ThibG)
- Fix image conversation being non-deterministic due to timestamps (Gargron)
- Fix web UI performance (ThibG, ThibG)
- Fix scrolling to compose form when not necessary in web UI (ThibG, ThibG)
- Fix save button being enabled when list title is empty in web UI (ThibG)
- Fix poll expiration not being pre-filled on delete & redraft in web UI (ThibG)
- Fix content warning sometimes being set when not requested in web UI (ThibG)
Security
- Fix invites not being disabled upon account suspension (ThibG)
- Fix blocked domains still being able to fill database with account records (Gargron)
[2.9.2] - 2019-06-22
Added
- Add short_descriptionandapproval_requiredtoGET /api/v1/instance(Gargron)
Changed
- Change camera icon to paperclip icon in upload form (koyuawsmbrtn)
Fixed
- Fix audio-only OGG and WebM files not being processed as such (Gargron)
- Fix audio not being downloaded from remote servers (Gargron)
[2.9.1] - 2019-06-22
Added
Changed
- Change domain blocks to automatically support subdomains (Gargron)
- Change Nanobox configuration to bring it up to date (danhunsaker)
Removed
- Remove expensive counters from federation page in admin UI (Gargron)
Fixed
- Fix converted media being saved with original extension and mime type (Gargron)
- Fix layout of identity proofs settings (acid-chicken)
- Fix active scope only returning suspended users (ThibG)
- Fix sanitizer making block level elements unreadable (Gargron)
- Fix label for site theme not being translated in admin UI (palindromordnilap)
- Fix statuses not being filtered irreversibly in web UI under some circumstances (ThibG)
- Fix scrolling behaviour in compose form (ThibG)
[2.9.0] - 2019-06-13
Added
- Add single-column mode in web UI (Gargron, Gargron, Gargron, Gargron, Hanage999, noellabo, abcang, Gargron, Gargron, Gargron, Gargron, noellabo, Hanage999)
- Add waiting time to the list of pending accounts in admin UI (Gargron)
- Add a keyboard shortcut to hide/show media in web UI (ThibG, Gargron, ThibG)
- Add account_idparam toGET /api/v1/notifications(pwoolcoc)
- Add confirmation modal for unboosting toots in web UI (aurelien-reeves)
- Add emoji suggestions to content warning and poll option fields in web UI (ThibG)
- Add sourceattribute to response ofDELETE /api/v1/statuses/:id(ThibG)
- Add some caching for HTML versions of public status pages (ThibG)
- Add button to conveniently copy OAuth code (ThibG)
Changed
- Change default layout to single column in web UI (Gargron)
- Change light theme (Gargron, Gargron, yuzulabo, Gargron)
- Change preferences page into appearance, notifications, and other (Gargron, Gargron)
- Change priority of delete activity forwards for replies and reblogs (Gargron)
- Change Mastodon logo to use primary text color of the given theme (Gargron)
- Change reblogs counter to be updated when boosted privately (Gargron)
- Change bio limit from 160 to 500 characters (trwnh)
- Change API rate limiting to reduce allowed unauthenticated requests (ThibG, hinaloe, mayaeh)
- Change help text of tootctl emoji importcommand to specify a gzipped TAR archive is required (dariusk)
- Change web UI to hide poll options behind content warnings (ThibG)
- Change silencing to ensure local effects and remote effects are the same for silenced local users (ThibG)
- Change tootctl domains purgeto remove custom emoji as well (Kjwon15)
- Change Docker image to keep aptworking (SuperSandro2000)
Removed
- Remove dist-upgradefrom Docker image (SuperSandro2000)
Fixed
- Fix RTL layout not being RTL within the columns area in web UI (Gargron)
- Fix display of alternative text when a media attachment is not available in web UI (ThibG)
- Fix not being able to directly switch between list timelines in web UI (Gargron)
- Fix media sensitivity not being maintained in delete & redraft in web UI (ThibG)
- Fix emoji picker being always displayed in web UI (noellabo, yuzulabo, wcpaez)
- Fix potential private status leak through caching (ThibG)
- Fix refreshing featured toots when the new collection is empty in web UI (ThibG)
- Fix undoing domain block also undoing individual moderation on users from before the domain block (ThibG)
- Fix time not being local in the audit log (yuzulabo)
- Fix statuses removed by moderation re-appearing on subsequent fetches (Kjwon15)
- Fix misattribution of inlined announces if attributedToisn't present in ActivityPub (ThibG)
- Fix GET /api/v1/polls/:idnot requiring authentication for non-public polls (Gargron)
- Fix handling of blank poll options in ActivityPub (ThibG)
- Fix avatar preview aspect ratio on edit profile page (Kjwon15)
- Fix web push notifications not being sent for polls (ThibG)
- Fix cut off letters in last paragraph of statuses in web UI (ariasuni)
- Fix list not being automatically unpinned when it returns 404 in web UI (Gargron)
- Fix login sometimes redirecting to paths that are not pages (Gargron)
[2.8.4] - 2019-05-24
Fixed
- Fix delivery not retrying on some inbox errors that should be retriable (ThibG)
- Fix unnecessary 5 minute cooldowns on signature verifications in some cases (ThibG)
- Fix possible race condition when processing statuses (ThibG)
Security
- Require specific OAuth scopes for specific endpoints of the streaming API, instead of merely requiring a token for all endpoints, and allow using WebSockets protocol negotiation to specify the access token instead of using a query string (ThibG)
[2.8.3] - 2019-05-19
Added
- Add og:image:altOpenGraph tag (BenLubar)
- Add clickable area below avatar in statuses in web UI (Dar13)
- Add crossed-out eye icon on account gallery in web UI (Kjwon15)
- Add media description tooltip to thumbnails in web UI (ThibG)
Changed
- Change "mark as sensitive" button into a checkbox for clarity (ThibG)
Fixed
- Fix bug allowing users to publicly boost their private statuses (ThibG, ThibG)
- Fix performance in formatter by a little (ThibG)
- Fix some colors in the light theme (yuzulabo)
- Fix some colors of the high contrast theme (yuzulabo)
- Fix ambivalent active state of poll refresh button in web UI (MaciekBaron)
- Fix duplicate posting being possible from web UI (hinaloe)
- Fix "invited by" not showing up in admin UI (ThibG)
[2.8.2] - 2019-05-05
Added
- Add SOURCE_TAGenvironment variable (ushitora-anqou)
Fixed
- Fix cropped hero image on frontpage (BaptisteGelez)
- Fix blurhash gem not compiling on some operating systems (Gargron)
- Fix unexpected CSS animations in some browsers (ThibG)
- Fix closing video modal scrolling timelines to top (ThibG)
[2.8.1] - 2019-05-04
Added
- Add link to existing domain block when trying to block an already-blocked domain (ThibG)
- Add button to view context to media modal when opened from account gallery in web UI (Gargron)
- Add ability to create multiple-choice polls in web UI (ThibG)
- Add GITHUB_REPOSITORYandSOURCE_BASE_URLenvironment variables (rosylilly)
- Add /interact/paths torobots.txt(ThibG)
- Add blurhashto the Attachment entity in the REST API (Gargron)
Changed
- Change hidden media to be shown as a blurhash-based colorful gradient instead of a black box in web UI (Gargron)
- Change rejected media to be shown as a blurhash-based gradient instead of a list of filenames in web UI (Gargron)
- Change e-mail whitelist/blacklist to not be checked when invited (Gargron)
- Change cache header of REST API results to no-cache (ThibG)
- Change the "mark media as sensitive" button to be more obvious in web UI (Gargron, Gargron)
- Change account gallery in web UI to display 3 columns, open media modal (Gargron, Gargron)
Fixed
- Fix LDAP/PAM/SAML/CAS users not being pre-approved (Gargron)
- Fix accounts created through tootctl not being always pre-approved (Gargron)
- Fix Sidekiq retrying ActivityPub processing jobs that fail validation (ThibG)
- Fix toots not being scrolled into view sometimes through keyboard selection (ThibG)
- Fix expired invite links being usable to bypass approval mode (ThibG)
- Fix not being able to save e-mail preference for new pending accounts (Gargron)
- Fix upload progressbar when image resizing is involved (ThibG)
- Fix block action not automatically cancelling pending follow request (ThibG)
- Fix stoplight logging to stderr separate from Rails logger (Gargron)
- Fix sign up button not saying sign up when invite is used (Gargron)
- Fix health checks in Docker Compose configuration (fabianonline)
- Fix modal items not being scrollable on touch devices (kedamaDQ)
- Fix Keybase configuration using wrong domain when a web domain is used (BenLubar)
- Fix avatar GIFs not being animated on-hover on public profiles (hyenagirl64)
- Fix OpenGraph parser not understanding some valid property meta tags (da2x)
- Fix wrong fonts being displayed when Roboto is installed on user's machine (ThibG)
- Fix confirmation modals being too narrow for a secondary action button (ThibG)
[2.8.0] - 2019-04-10
Added
- Add polls (Gargron, ThibG, Gargron, ThibG, Gargron, ThibG, ThibG, Gargron, Gargron, Gargron, Gargron,Gargron, Gargron, Gargron, ThibG, Gargron, Gargron, Gargron, Gargron, Gargron, Gargron, Gargron, ThibG, rinsuki, Gargron, Gargron, Gargron, Gargron, ThibG, Gargron, ThibG, ThibG, ThibG, ThibG, ThibG, ThibG, ThibG, ThibG, Gargron, Gargron, ThibG, ThibG, Gargron, ThibG, ThibG)
- Add follows & followers managing UI (Gargron, Gargron, Gargron, Gargron)
- Add identity proof integration with Keybase (Gargron, xgess, Gargron, Gargron, Gargron)
- Add option to overwrite imported data instead of merging (Gargron)
- Add featured hashtags to profiles (Gargron, Gargron, Gargron, ThibG)
- Add admission-based registrations mode (Gargron, ThibG, Gargron, ThibG, Gargron, Gargron)
- Add support for WebP uploads (acid-chicken)
- Add "copy link" item to status action bars in web UI (Gargron)
- Add list title editing in web UI (ThibG)
- Add a "Block & Report" button to the block confirmation dialog in web UI (ThibG)
- Add disappointed elephant when the page crashes in web UI (Gargron)
- Add ability to upload multiple files at once in web UI (tmm576)
- Add indication when you are not allowed to follow an account in web UI (Gargron, Gargron)
- Add validations to admin settings to catch common mistakes (Gargron, ThibG)
- Add type,limit,offset,min_id,max_id,account_idto search API (Gargron)
- Add a preferences API so apps can share basic behaviours (Gargron)
- Add visibilityparam to reblog REST API (Gargron, ThibG)
- Add allowfullscreenattribute to OEmbed iframe (rinsuki)
- Add blocked_byrelationship to the REST API (Gargron)
- Add tootctl statuses removeto sweep unreferenced statuses (Gargron)
- Add tootctl search deployto avoid ugly rake task syntax (Gargron)
- Add tootctl self-destructto shut down server gracefully (Gargron)
- Add option to hide application used to toot (ThibG, rinsuki, hinaloe)
- Add DB_SSLMODEconfiguration variable (sascha-sl)
- Add click-to-copy UI to invites page (Gargron)
- Add self-replies fetching (ThibG, ThibG, ThibG, ThibG)
- Add rate limit for media proxy requests (Gargron)
- Add tootctl emoji purge(Gargron)
- Add tootctl accounts approve(Gargron)
- Add tootctl accounts reset-relationships(noellabo)
Changed
- Change design of landing page (Gargron, Gargron, ThibG, ThibG, koyuawsmbrtn, Gargron)
- Change design of profile column in web UI (Gargron, Aditoo17, ThibG, mayaeh, ThibG)
- Change language detector threshold from 140 characters to 4 words (Gargron)
- Change language detector to always kick in for non-latin alphabets (Gargron)
- Change icons of features on admin dashboard (Gargron)
- Change DNS timeouts from 1s to 5s (ThibG)
- Change Docker image to use Ubuntu with jemalloc (Sir-Boops, BenLubar)
- Change public pages to be cacheable by proxies (BenLubar)
- Change the 410 gone response for suspended accounts to be cacheable by proxies (ThibG)
- Change web UI to not not empty timeline of blocked users on block (ThibG)
- Change JSON serializer to remove unused @contextvalues (Gargron)
- Change GIFV file size limit to be the same as for other videos (rinsuki)
- Change Webpack to not use @babel/preset-env to compile node_modules (ykzts)
- Change web UI to use new Web Share Target API (gol-cha)
- Change ActivityPub reports to have persistent URIs (ThibG)
- Change tootctl accounts cull --dry-runto list accounts that would be deleted (BenLubar)
- Change format of CSV exports of follows and mutes to include extra settings (ThibG, ThibG)
- Change ActivityPub collections to be cacheable by proxies (ThibG)
- Change REST API and public profiles to not return follows/followers for users that have blocked you (Gargron)
- Change the groupings of menu items in settings navigation (Gargron)
Removed
- Remove zopfli compression to speed up Webpack from 6min to 1min (nolanlawson)
- Remove stats.json generation to speed up Webpack (nolanlawson)
Fixed
- Fix public timelines being broken by new toots when they are not mounted in web UI (Gargron)
- Fix quick filter settings not being saved when selecting a different filter in web UI (ThibG)
- Fix remote interaction dialogs being indexed by search engines (Gargron)
- Fix maxed-out invites not showing up as expired in UI (Gargron)
- Fix scrollbar styles on compose textarea (Gargron)
- Fix timeline merge workers being queued for remote users (Gargron)
- Fix alternative relay support regression (Gargron)
- Fix trying to fetch keys of unknown accounts on a self-delete from them (ThibG)
- Fix CAS :service_validate_urloption (enewhuis)
- Fix race conditions when creating backups (ThibG)
- Fix whitespace not being stripped out of username before validation (aurelien-reeves)
- Fix n+1 query when deleting status (Gargron)
- Fix exiting follows not being rejected when suspending a remote account (ThibG)
- Fix the underlying button element in a disabled icon button not being disabled (ThibG)
- Fix race condition when streaming out deleted statuses (ThibG)
- Fix performance of admin federation UI by caching account counts (Gargron)
- Fix JS error on pages that don't define a CSRF token (hinaloe)
- Fix tootctl accounts cullsometimes removing accounts that are temporarily unreachable (BenLubar)
[2.7.4] - 2019-03-05
Fixed
- Fix web UI not cleaning up notifications after block (Gargron)
- Fix redundant HTTP requests when resolving private statuses (ThibG)
- Fix performance of account media query (abcang)
- Fix mention processing for unknown accounts (ThibG)
- Fix getting started column not scrolling on short screens (trwnh)
- Fix direct messages pagination in the web UI (ThibG)
- Fix serialization of Announce activities (ThibG)
- Fix home timeline perpetually reloading when empty in web UI (Gargron)
- Fix lists export (ThibG)
- Fix edit profile page crash for suspended-then-unsuspended users (ThibG)
[2.7.3] - 2019-02-23
Added
- Add domain filter to the admin federation page (ThibG)
- Add quick link from admin account view to block/unblock instance (ThibG)
Fixed
- Fix video player width not being updated to fit container width (ThibG)
- Fix domain filter being shown in admin page when local filter is active (ThibG)
- Fix crash when conversations have no valid participants (ThibG)
- Fix error when performing admin actions on no statuses (ThibG)
Changed
- Change custom emojis to randomize stored file name (hinaloe)
[2.7.2] - 2019-02-17
Added
- Add support for IPv6 in e-mail validation (zoc)
- Add record of IP address used for signing up (ThibG)
- Add tight rate-limit for API deletions (30 per 30 minutes) (Gargron)
- Add support for embedded Announceobjects attributed to the same actor (ThibG, Gargron)
- Add spam filter for CreateandAnnounceactivities (Gargron, Gargron, Gargron)
- Add registrationsattribute toGET /api/v1/instance(Gargron)
- Add vapid_keytoPOST /api/v1/appsandGET /api/v1/apps/verify_credentials(Gargron)
Fixed
- Fix link color and add link underlines in high-contrast theme (Gargron, Gargron)
- Fix unicode characters in URLs not being linkified (JMendyk, hinaloe)
- Fix URLs linkifier grabbing ending quotation as part of the link (Gargron)
- Fix authorized applications page design (rinsuki)
- Fix custom emojis not showing up in share page emoji picker (rinsuki)
- Fix too liberal application of whitespace in toots (trwnh)
- Fix misleading e-mail hint being displayed in admin view (ThibG)
- Fix tombstones not being cleared out (abcang)
- Fix some timeline jumps (ThibG, ThibG, rinsuki)
- Fix content warning input taking keyboard focus even when hidden (hinaloe)
- Fix hashtags select styling in default and high-contrast themes (Gargron)
- Fix style regressions on landing page (Gargron)
- Fix hashtag column not subscribing to stream on mount (Gargron)
- Fix relay enabling/disabling not resetting inbox availability status (Gargron)
- Fix mutes, blocks, domain blocks and follow requests not paginating (Gargron)
- Fix crash on public hashtag pages when streaming fails (ThibG)
Changed
- Change icon for unlisted visibility level (clarcharr)
- Change queue of actor deletes from push to pull for non-follower recipients (ThibG)
- Change robots.txt to exclude media proxy URLs (nightpool)
- Change upload description input to allow line breaks (BenLubar)
- Change dist/mastodon-streaming.serviceto recommend running node without intermediary npm command (nolanlawson)
- Change conversations to always show names of other participants (Gargron)
- Change buttons on timeline preview to open the interaction dialog (Gargron)
- Change error graphic to hover-to-play (Gargron)
[2.7.1] - 2019-01-28
Fixed
- Fix SSO authentication not working due to missing agreement boolean (Gargron)
- Fix slow fallback of CopyAccountStats migration setting stats to 0 (Gargron)
- Fix wrong command in migration error message (angristan)
- Fix initial value of volume slider in video player and handle volume changes (ThibG)
- Fix missing hotkeys for notifications (ThibG)
- Fix being able to attach unattached media created by other users (ThibG)
- Fix unrescued SSL error during link verification (renatolond)
- Fix Firefox scrollbar color regression (trwnh)
- Fix scheduled status with media immediately creating a status (ThibG)
- Fix missing strong style for landing page description (Kjwon15)
[2.7.0] - 2019-01-20
Added
- Add link for adding a user to a list from their profile (namelessGonbai)
- Add joining several hashtags in a single column (gdpelican)
- Add volume sliders for videos (sumdog)
- Add a tooltip explaining what a locked account is (pawelngei)
- Add preloaded cache for common JSON-LD contexts (ThibG)
- Add profile directory (Gargron)
- Add setting to not group reblogs in home feed (ThibG)
- Add admin ability to remove a user's header image (ThibG)
- Add account hashtags to ActivityPub actor JSON (Gargron)
- Add error message for avatar image that's too large (sumdog)
- Add notification quick-filter bar (pawelngei)
- Add new first-time tutorial (Gargron)
- Add moderation warnings (Gargron)
- Add emoji codepoint mappings for v11.0 (Gargron)
- Add REST API for creating an account (Gargron)
- Add support for Malayalam in language filter (tachyons)
- Add exclude_reblogs option to account statuses API (Gargron)
- Add local followers page to admin account UI (chr-1x)
- Add healthcheck commands to docker-compose.yml (BenLubar)
- Add handler for Move activity to migrate followers (Gargron)
- Add CSV export for lists and domain blocks (Gargron)
- Add tootctl accounts follow ACCT(Gargron)
- Add scheduled statuses (Gargron)
- Add immutable caching for S3 objects (nolanlawson)
- Add cache to custom emojis API (Gargron)
- Add preview cards to non-detailed statuses on public pages (Gargron)
- Add modandmoderatorto list of default reserved usernames (Gargron)
- Add quick links to the admin interface in the web UI (ThibG)
- Add tootctl domains crawl(Gargron)
- Add attachment list fallback to public pages (ThibG)
- Add tootctl --version(Gargron)
- Add information about how to opt-in to the directory on the directory (Gargron)
- Add timeouts for S3 (Gargron)
- Add support for non-public reblogs from ActivityPub (Gargron)
- Add sending of Rejectactivity when sending aBlockactivity (ThibG)
Changed
- Temporarily pause timeline if mouse moved recently (lmorchard)
- Change the password form order (mayaeh)
- Redesign admin UI for accounts (Gargron, Gargron)
- Redesign admin UI for instances/domain blocks (Gargron)
- Swap avatar and header input fields in profile page (ThibG)
- When posting in mobile mode, go back to previous history location (ThibG)
- Split out is_changing_upload from is_submitting (ThibG)
- Back to the getting-started when pins the timeline. (kedamaDQ)
- Allow unauthenticated REST API access to GET /api/v1/accounts/:id/statuses (Gargron)
- Limit maximum visibility of local silenced users to unlisted (ThibG)
- Change API error message for unconfirmed accounts (noellabo)
- Change the icon to "reply-all" when it's a reply to other accounts (mayaeh)
- Do not ignore federated reports targetting already-reported accounts (ThibG)
- Upgrade default Ruby version to 2.6.0 (Gargron)
- Change e-mail digest frequency (Gargron)
- Change Docker images for Tor support in docker-compose.yml (Sir-Boops)
- Display fallback link card thumbnail when none is given (Gargron)
- Change account bio length validation to ignore mention domains and URLs (Gargron)
- Use configured contact user for "anonymous" federation activities (yukimochi)
- Change remote interaction dialog to use specific actions instead of generic "interact" (Gargron)
- Always re-fetch public key when signature verification fails to support blind key rotation (ThibG)
- Make replies to boosts impossible, connect reply to original status instead (valerauko)
- Change e-mail MX validation to check both A and MX records against blacklist (Gargron)
- Hide floating action button on search and getting started pages (tmm576)
- Redesign public hashtag page to use a masonry layout (Gargron)
- Use summaryas summary instead of content warning for converted ActivityPub objects (Gargron)
- Display a double reply arrow on public pages for toots that are replies (ThibG)
- Change admin UI right panel size to be wider (Kjwon15)
Removed
- Remove links to bridge.joinmastodon.org (non-functional) (Gargron)
- Remove LD-Signatures from activities that do not need them (ThibG)
Fixed
- Remove unused computation of reblog references from updateTimeline (ThibG)
- Fix loaded embeds resetting if a status arrives from API again (ThibG)
- Fix race condition causing shallow status with only a "favourited" attribute (ThibG)
- Remove intermediary arrays when creating hash maps from results (Gargron)
- Extract counters from accounts table to account_stats table to improve performance (Gargron)
- Change identities id column to a bigint (Gargron)
- Fix conversations API pagination (ThibG)
- Improve account suspension speed and completeness (Gargron)
- Fix thread depth computation in statuses_controller (ThibG)
- Fix database deadlocks by moving account stats update outside transaction (ThibG)
- Escape HTML in profile name preview in profile settings (pawelngei)
- Use same CORS policy for /@:username and /users/:username (ThibG)
- Make custom emoji domains case insensitive (Esteth)
- Various fixes to scrollable lists and media gallery (ThibG)
- Fix bootsnap cache directory being declared relatively (Gargron)
- Fix timeline pagination in the web UI (ThibG)
- Fix padding on dropdown elements in preferences (ThibG)
- Make avatar and headers respect GIF autoplay settings (ThibG)
- Do no retry Web Push workers if the server returns a 4xx response (Gargron)
- Minor scrollable list fixes (ThibG)
- Ignore low-confidence CharlockHolmes guesses when parsing link cards (ThibG)
- Fix tootctl accounts rotatenot updating public keys (Gargron)
- Fix CSP / X-Frame-Options for media players (jomo)
- Fix unnecessary loadMore calls when the end of a timeline has been reached (ThibG)
- Skip mailer job retries when a record no longer exists (Gargron)
- Fix composer not getting focus after reply confirmation dialog (ThibG)
- Fix signature verification stoplight triggering on non-timeout errors (Gargron)
- Fix ThreadResolveWorker getting queued with invalid URLs (Gargron)
- Fix crash when clearing uninitialized timeline (ThibG)
- Avoid duplicate work by merging ReplyDistributionWorker into DistributionWorker (ThibG)
- Skip full text search if it fails, instead of erroring out completely (Kjwon15)
- Fix profile metadata links not verifying correctly sometimes (shrft)
- Ensure blocked user unfollows blocker if Block/Undo-Block activities are processed out of order (ThibG)
- Fix unreadable text color in report modal for some statuses (Gargron)
- Stop GIFV timeline preview explicitly when it's opened in modal (kedamaDQ)
- Fix scrollbar width compensation (ThibG)
- Fix race conditions when processing deleted toots (ThibG)
- Fix SSO issues on WebKit browsers by disabling Same-Site cookie again (moritzheiber)
- Fix empty OEmbed error (renatolond)
- Fix drag & drop modal not disappearing sometimes (hinaloe)
- Fix statuses with content warnings being displayed in web push notifications sometimes (ThibG)
- Fix scroll-to-detailed status not working on public pages (ThibG)
- Fix media modal loading indicator (ThibG)
- Fix hashtag search results not having a permalink fallback in web UI (ThibG)
- Fix slightly cropped font on settings page dropdowns when using system font (ariasuni)
- Fix not being able to drag & drop text into forms (tmm576)
Security
- Sanitize and sandbox toot embeds in web UI (ThibG)
- Add tombstones for remote statuses to prevent replay attacks (ThibG)
[2.6.5] - 2018-12-01
Changed
- Change lists to display replies to others on the list and list owner (ThibG)
Fixed
- Fix failures caused by commonly-used JSON-LD contexts being unavailable (ThibG)
[2.6.4] - 2018-11-30
Fixed
- Fix yarn dependencies not installing due to yanked event-stream package (Gargron)
[2.6.3] - 2018-11-30
Added
- Add hyphen to characters allowed in remote usernames (ThibG)
Changed
- Change server user count to exclude suspended accounts (Gargron)
Fixed
- Fix ffmpeg processing sometimes stalling due to overfilled stdout buffer (hugogameiro)
- Fix missing DNS records raising the wrong kind of exception (Gargron)
- Fix already queued deliveries still trying to reach inboxes marked as unavailable (Gargron)
Security
- Fix TLS handshake timeout not being enforced (Gargron)
[2.6.2] - 2018-11-23
Added
- Add Page to whitelisted ActivityPub types (mbajur)
- Add 20px to column width in web UI (Gargron)
- Add amount of freed disk space in tootctl media remove(Gargron, Gargron, mayaeh)
- Add "Show thread" link to self-replies (Gargron)
Changed
- Change order of Atom and RSS links so Atom is first (Alkarex)
- Change Nginx configuration for Nanobox apps (danhunsaker)
- Change the follow action to appear instant in web UI (Gargron)
- Change how the ActiveRecord connection is instantiated in on_worker_boot (Gargron)
- Change tootctl accounts cullto always touch accounts so they can be skipped (renatolond)
- Change mime type comparison to ignore JSON-LD profile (valerauko)
Fixed
- Fix web UI crash when conversation has no last status (sammy8806)
- Fix follow limit validator reporting lower number past threshold (Gargron)
- Fix form validation flash message color and input borders (Gargron)
- Fix invalid twitter:player cards being displayed (ThibG)
- Fix emoji update date being processed incorrectly (ThibG)
- Fix playing embed resetting if status is reloaded in web UI (ThibG, Gargron)
- Fix web UI crash when favouriting a deleted status (ThibG)
- Fix intermediary arrays being created for hash maps (Gargron)
- Fix filter ID not being a string in REST API (Gargron)
Security
- Fix multiple remote account deletions being able to deadlock the database (Gargron)
- Fix HTTP connection timeout of 10s not being enforced (Gargron)
[2.6.1] - 2018-10-30
Fixed
- Fix resolving resources by URL not working due to a regression in valerauko (Gargron)
- Fix reducer error in web UI when a conversation has no last status (Gargron)
[2.6.0] - 2018-10-30
Added
- Add link ownership verification (Gargron)
- Add conversations API (Gargron)
- Add limit for the number of people that can be followed from one account (Gargron)
- Add admin setting to customize mascot (ashleyhull-versent)
- Add support for more granular ActivityPub audiences from other software, i.e. circles (Gargron, Gargron, Gargron)
- Add option to block all reports from a domain (Gargron)
- Add user preference to always expand toots marked with content warnings (webroo)
- Add user preference to always hide all media (fvh-P)
- Add force_loginparam to OAuth authorize page (Gargron)
- Add tootctl accounts backup(Gargron, Gargron)
- Add tootctl accounts create(Gargron, Gargron)
- Add tootctl accounts cull(Gargron, Gargron)
- Add tootctl accounts delete(Gargron, Gargron)
- Add tootctl accounts modify(Gargron, Gargron)
- Add tootctl accounts refresh(Gargron, Gargron)
- Add tootctl feeds build(Gargron, Gargron)
- Add tootctl feeds clear(Gargron, Gargron)
- Add tootctl settings registrations open(Gargron, Gargron)
- Add tootctl settings registrations close(Gargron, Gargron)
- Add min_idparam to REST API to support backwards pagination (Gargron)
- Add a confirmation dialog when hitting reply and the compose box isn't empty (ThibG)
- Add PostgreSQL disk space growth tracking in PGHero (Gargron)
- Add button for disabling local account to report quick actions bar (Gargron)
- Add Czech language (Aditoo17)
- Add same-site(lax) attribute to cookies (sorin-davidoi)
- Add support for styled scrollbars in Firefox Nightly (sorin-davidoi)
- Add highlight to the active tab in web UI profiles (rhoio)
- Add auto-focus for comment textarea in report modal (ThibG)
- Add auto-focus for emoji picker's search field (ThibG)
- Add nginx and systemd templates to dist/directory (Gargron)
- Add support for /.well-known/change-password(Gargron)
- Add option to override FFMPEG binary path (sascha-sl)
- Add dns-prefetchtag when using different host for assets or uploads (Gargron)
- Add descriptionmeta tag (Gargron)
- Add Content-Security-Policyheader (ThibG)
- Add cache for the instance info API (ykzts)
- Add suggested follows to search screen in mobile layout (Gargron)
- Add CORS header to /.well-known/*routes (BenLubar)
- Add cardattribute to statuses returned from REST API (Gargron)
- Add in-stream link preview (Gargron)
- Add support for ActivityPub Pageobjects (mbajur)
Changed
- Change forms design (Gargron)
- Change reports overview to group by target account (Gargron)
- Change web UI to show "read more" link on overly long in-stream statuses (lanodan)
- Change design of direct messages column (Gargron, Gargron)
- Change home timelines to exclude DMs (Gargron)
- Change list timelines to exclude all replies (cbayerlein)
- Change admin accounts UI default sort to most recent (Gargron)
- Change documentation URL in the UI (Gargron)
- Change style of success and failure messages (Gargron)
- Change DM filtering to always allow DMs from staff (qguv)
- Change recommended Ruby version to 2.5.3 (zunda)
- Change docker-compose default to persist volumes in current directory (Gargron)
- Change character counters on edit profile page to input length limit (Gargron)
- Change notification filtering to always let through messages from staff (Gargron)
- Change "hide boosts from user" function also hiding notifications about boosts (ThibG)
- Change CSS detailed-status__wrapperclass actually wrap the detailed status (trwnh)
Deprecated
- GET /api/v1/timelines/direct→- GET /api/v1/conversations(Gargron)
- POST /api/v1/notifications/dismiss→- POST /api/v1/notifications/:id/dismiss(Gargron)
- GET /api/v1/statuses/:id/card→- cardattributed included in status (Gargron)
Removed
- Remove "on this device" label in column push settings (rhoio)
- Remove rake tasks in favour of tootctl commands (Gargron)
Fixed
- Fix remote statuses using instance's default locale if no language given (Kjwon15)
- Fix streaming API not exiting when port or socket is unavailable (Gargron)
- Fix network calls being performed in database transaction in ActivityPub handler (Gargron)
- Fix dropdown arrow position (ThibG)
- Fix first element of dropdowns being focused even if not using keyboard (ThibG)
- Fix tootctl requiring bundle execinvocation (abcang)
- Fix public pages not using animation preference for avatars (renatolond)
- Fix OEmbed/OpenGraph cards not understanding relative URLs (ThibG)
- Fix some dark emojis not having a white outline (ThibG)
- Fix media description not being displayed in various media modals (ThibG)
- Fix generated URLs of desktop notifications missing base URL (GenbuHase)
- Fix RTL styles (mabkenar, mabkenar, mabkenar, mabkenar, mabkenar, mabkenar, mabkenar, mabkenar, mabkenar, mabkenar)
- Fix crash in streaming API when tag param missing (Gargron)
- Fix hotkeys not working when no element is focused (ThibG)
- Fix some hotkeys not working on detailed status view (ThibG)
- Fix og:url on status pages (ThibG)
- Fix upload option buttons only being visible on hover (Gargron)
- Fix tootctl not returning exit code 1 on wrong arguments (sascha-sl)
- Fix preview cards for appearing for profiles mentioned in toot (ThibG, ThibG)
- Fix local accounts sometimes being duplicated as faux-remote (Gargron)
- Fix emoji search when the shortcode has multiple separators (ThibG)
- Fix dropdowns sometimes being partially obscured by other elements (kedamaDQ)
- Fix cache not updating when reply/boost/favourite counters or media sensitivity update (Gargron)
- Fix empty display name precedence over username in web UI (Gargron)
- Fix td instead of th in sessions table header (Gargron)
- Fix handling of content types with profile (valerauko)
[2.5.2] - 2018-10-12
Security
- Fix XSS vulnerability (Gargron)
[2.5.1] - 2018-10-07
Fixed
- Fix database migrations for PostgreSQL below 9.5 (Gargron)
- Fix class autoloading issue in ActivityPub Create handler (Gargron)
- Fix cache statistics not being sent via statsd when statsd enabled (ykzts)
- Bump puma from 3.11.4 to 3.12.0 (dependabot[bot])
Security
- Fix some local images not having their EXIF metadata stripped on upload (ThibG)
- Fix being able to enable a disabled relay via ActivityPub Accept handler (ThibG)
- Bump nokogiri from 1.8.4 to 1.8.5 (dependabot[bot])
- Fix being able to report statuses not belonging to the reported account (ThibG)