v4.2.0-rc2
版本发布时间: 2023-09-19 23:06:45
mastodon/mastodon最新发布版本:v4.3.0-beta.2(2024-09-17 23:53:19)
:warning: This is a pre-release! This has not been as widely tested as regular releases, although it is still tested on mastodon.social and some other servers. If you update to this release, you will not be able to safely downgrade to the existing stable releases. You will, however, be able to upgrade to later nightly releases as well as the upcoming 4.2.0 stable release.
:warning: This release is an important security release fixing major security issues (CVE-2023-42451, CVE-2023-42452, CVE-2023-42450).
Corresponding security releases are available for the 4.1.x branch, the 4.0.x branch and the 3.5.x branch.
Upgrade overview
This release contains upgrade notes that deviate from the norm:
ℹ️ Requires streaming API restart ℹ️ Requires database migrations ℹ️ Starting from this release, Mastodon will periodically check for updates (see below if you want to disable that behavior) :warning: Requires rebuilding Elasticsearch indexes :warning: The minimal supported version for Ruby has been bumped to 3.0 :warning: The minimal supported version for Node.js has been bumped to 16 :warning: The minimal supported version for PostgreSQL has been bumped to 10. Please note that using PostgreSQL 10 or 11 is deprecated and will not be supported in 4.3.0. :warning: The minimal supported version for LibreTranslate has been bumped to 1.3.3 :warning: The way database replicas are configured has changed :warning: Disables part of the StatsD integration by default :warning: Drops built-in clustering support from the streaming server :warning: Updated systemd unit files for the streaming server :warning: A configuration change is required for some S3-compatible storage providers :warning: We will stop bundling PgHero in a future release
For more information, scroll down to the upgrade instructions section.
Changelog (v4.2.0-rc2)
Added
- Add additional metrics for streaming (ThisIsMissEm)
Changed
- Change video bitrate to always fit within size limit (Gargron)
Fixed
- Fix hashtag bar being sometimes incorrectly hidden (ClearlyClaire)
- Fix crash when viewing a moderation appeal and the moderator account has been deleted (xrobau)
- Fix Web UI making duplicate search queries when scrolling (ClearlyClaire)
- Fix error in Web UI when server rules cannot be fetched (ClearlyClaire)
- Fix
Setting.authorized_fetch
not being properly taken into consideration (ClearlyClaire) - Fix post edits not being forwarded as expected (ClearlyClaire)
- Fix dismiss button overlapping with text in dismissable banners (ClearlyClaire)
- Fix obsolete cache key in status cache invalidation logic (ClearlyClaire)
- Fix processing of
min_id
andmax_id
parameters in/api/v2/search
(ClearlyClaire)
Security
- Fix incorrect URL normalization (CVE-2023-42450, GHSA-hcqf-fw2r-52g4)
- Fix missing HTML sanitization in translation API (CVE-2023-42452, GHSA-2693-xr3m-jhqr)
- Fix incorrect domain name normalization (CVE-2023-42451, GHSA-v3xf-c9qf-j667)
Changelog (v4.2.0-rc1)
Added
-
Add full-text search of opted-in public posts and rework search operators (Gargron, jsgoldstein, ClearlyClaire, ClearlyClaire, jsgoldstein, Gargron, Gargron, Gargron, Gargron, Gargron, Gargron, Gargron, ClearlyClaire, Gargron, Gargron, ClearlyClaire, ClearlyClaire, ClearlyClaire, Gargron, ClearlyClaire, Gargron, Gargron, Gargron, ClearlyClaire, Gargron, Gargron, Gargron, Gargron, Gargron, arbolitoloco1, tribela)
This introduces a new
public_statuses
Elasticsearch index for public posts by users who have opted in to their posts being searchable (toot#indexable
flag). This also revisits the other indexes to provide more useful indexing, and adds new search operators such asfrom:me
,before:2022-11-01
,after:2022-11-01
,during:2022-11-01
,language:fr
,has:poll
, orin:library
(for searching only in posts you have written or interacted with). Results are now ordered chronologically. -
Add admin notifications for new Mastodon versions (ClearlyClaire)
This is done by querying
https://api.joinmastodon.org/update-check
every 30 minutes in a background job. That URL can be changed using theUPDATE_CHECK_URL
environment variable, and the feature outright disabled by setting that variable to an empty string (UPDATE_CHECK_URL=
). - Add “Privacy and reach” tab in profile settings (Gargron, ClearlyClaire) This reorganized scattered privacy and reach settings to a single place, as well as improve their wording.
- Add display of out-of-band hashtags in the web interface (Gargron, arbolitoloco1, ClearlyClaire, ClearlyClaire, ClearlyClaire, Gargron)
- Add role badges to the web interface (ClearlyClaire, Gargron)
-
Add ability to pick domains to forward reports to using the
forward_to_domains
parameter inPOST /api/v1/reports
(ClearlyClaire, ClearlyClaire) Theforward_to_domains
REST API parameter is a list of strings. If it is empty or omitted, the previous behavior is maintained. Theforward
parameter still needs to be set forforward_to_domains
to be taken into account. The forwarded-to domains can only include that of the original author and people being replied to. - Add forwarding of reported replies to servers being replied to (Gargron, ClearlyClaire)
- Add
ONE_CLICK_SSO_LOGIN
environment variable to directly link to the Single-Sign On provider if there is only one sign up method available (CSDUMMI, ClearlyClaire, CSDUMMI, ClearlyClaire) - Add webhook templating (Gargron)
-
Add webhooks for local
status.created
,status.updated
,account.updated
andreport.updated
(VyrCossont, VyrCossont, VyrCossont) - Add exclusive lists (dariusk, necropolina, ClearlyClaire)
- Add a confirmation screen when suspending a domain (ClearlyClaire, ClearlyClaire)
- Add support for importing lists (ClearlyClaire, mgmn, ClearlyClaire)
- Add optional hCaptcha support (ClearlyClaire, ClearlyClaire, Gargron, ClearlyClaire)
- Add lines to threads in web UI (Gargron, ClearlyClaire, ClearlyClaire, ClearlyClaire, ClearlyClaire, ClearlyClaire, ClearlyClaire, ClearlyClaire, teeerevor, renchap)
- Add new onboarding flow to web UI (Gargron, Gargron, Gargron, ClearlyClaire, ThisIsMissEm, Gargron, stevenjlm, ClearlyClaire, ClearlyClaire, Gargron, ClearlyClaire)
-
Add
S3_DISABLE_CHECKSUM_MODE
environment variable for compatibility with some S3-compatible providers (ClearlyClaire) - Add auto-refresh of accounts we get new messages/edits of (ClearlyClaire)
- Add Elasticsearch cluster health check and indexes mismatch check to dashboard (ClearlyClaire, ClearlyClaire, ClearlyClaire)
- Add admin API for managing tags (rrgeorge)
- Add a link to hashtag timelines from the Trending hashtags moderation interface (gunchleoc)
- Add timezone to datetimes in e-mails (ClearlyClaire)
- Add
authorized_fetch
server setting in addition to env var (ClearlyClaire) - Add avatar image to webfinger responses (tvler)
- Add debug logging on signature verification failure (ClearlyClaire, ClearlyClaire)
- Add explicit error messages when DeepL quota is exceeded (lutoma)
- Add Elasticsearch/OpenSearch version to “Software” in admin dashboard (ClearlyClaire)
- Add
data-nosnippet
attribute to remote posts and local posts withnoindex
(ClearlyClaire) - Add support for federating
memorial
attribute (rrgeorge) - Add Cherokee and Kalmyk to languages dropdown (gunchleoc, gunchleoc)
- Add
DELETE /api/v1/profile/avatar
andDELETE /api/v1/profile/header
to the REST API (danielmbrasil, ClearlyClaire) - Add
ES_PRESET
option to customize numbers of shards and replicas (Gargron, ClearlyClaire) This can have a value ofsingle_node_cluster
(default),small_cluster
(uses one replica) orlarge_cluster
(uses one replica and a higher number of shards). - Add
CACHE_BUSTER_HTTP_METHOD
environment variable (renchap, ClearlyClaire) - Add support for
DB_PASS
when usingDATABASE_URL
(ThisIsMissEm) - Add
GET /api/v1/instance/languages
to REST API (danielmbrasil) - Add primary key to
preview_cards_statuses
join table (ClearlyClaire, ClearlyClaire, ClearlyClaire, ClearlyClaire) - Add client-side timeout on resend confirmation button (Gargron)
- Add published date and author to news on the explore screen in web UI (Gargron)
- Add
lang
attribute to various UI components (c960657, c960657, c960657, c960657) - Add stricter protocol fields validation for accounts (ClearlyClaire)
- Add support for Azure blob storage (mistydemeo, mistydemeo)
- Add toast with option to open post after publishing in web UI (Gargron, Signez, Gargron)
- Add canonical link tags in web UI (Gargron)
- Add button to see results for polls in web UI (Gargron)
- Add at-symbol prepended to mention span title (forsamori)
- Add users index on
unconfirmed_email
(ClearlyClaire, ClearlyClaire) - Add superapp index on
oauth_applications
(ClearlyClaire) - Add index to backups on
user_id
column (mjankowski) - Add onboarding prompt when home feed too slow in web UI (Gargron, ClearlyClaire, Gargron, renchap, ClearlyClaire, ClearlyClaire, ClearlyClaire, Gargron)
- Add
POST /api/v1/conversations/:id/unread
API endpoint to mark a conversation as unread (ClearlyClaire) - Add
translate="no"
to outgoing mentions and links (ClearlyClaire) - Add unsubscribe link and headers to e-mails (Gargron, c960657)
- Add logging of websocket send errors (ThisIsMissEm)
- Add time zone preference (Gargron, ClearlyClaire)
- Add
legal
as report category (Gargron, renchap, ClearlyClaire) - Add
data-nosnippet
so Google doesn't use trending posts in snippets for/
(ClearlyClaire) - Add card with who invited you to join when displaying rules on sign-up (ClearlyClaire)
- Add missing primary keys to
accounts_tags
andstatuses_tags
(ClearlyClaire) - Add support for custom sign-up URLs (ClearlyClaire, renchap, ClearlyClaire, mgmn)
This is set using
SSO_ACCOUNT_SIGN_UP
and reflected in the REST API by addingregistrations.sign_up_url
to the/api/v2/instance
endpoint. - Add polling and automatic redirection to
/start
on email confirmation (ClearlyClaire) - Add ability to block sign-ups from IP using the CLI (danielmbrasil)
- Add ALT badges to media that has alternative text in web UI (Gargron, c960657
- Add ability to include accounts with pending follow requests in lists (ClearlyClaire, ClearlyClaire)
- Add trend management to admin API (rrgeorge)
-
POST /api/v1/admin/trends/statuses/:id/approve
-
POST /api/v1/admin/trends/statuses/:id/reject
-
POST /api/v1/admin/trends/links/:id/approve
-
POST /api/v1/admin/trends/links/:id/reject
-
POST /api/v1/admin/trends/tags/:id/approve
-
POST /api/v1/admin/trends/tags/:id/reject
-
GET /api/v1/admin/trends/links/publishers
-
POST /api/v1/admin/trends/links/publishers/:id/approve
-
POST /api/v1/admin/trends/links/publishers/:id/reject
-
- Add user handle to notification mail recipient address (HeitorMC)
- Add progress indicator to sign-up flow (Gargron)
- Add client-side validation for taken username in sign-up form (Gargron)
- Add
--approve
option totootctl accounts create
(danielmbrasil) - Add “In Memoriam” banner back to profiles (ClearlyClaire, ClearlyClaire)
This adds the
memorial
attribute to theAccount
REST API entity. - Add colour to follow button when hashtag is being followed (c960657)
- Add further explanations to the profile link verification instructions (drzax)
- Add a link to Identity provider's account settings from the account settings (CSDUMMI, ClearlyClaire)
- Add support for streaming server to connect to postgres with self-signed certs through the
sslmode
URL parameter (ramuuns) - Add support for specifying S3 storage classes through the
S3_STORAGE_CLASS
environment variable (hyl) - Add support for incoming rich text (ClearlyClaire)
- Add support for Ruby 3.2 (tenderlove, casperisfine, ClearlyClaire)
- Add API parameter to safeguard unexpected mentions in new posts (ClearlyClaire)
Changed
- Change hashtags to be displayed separately when they are the last line of a post (renchap, renchap, renchap)
- Change reblogs to be excluded from "Posts and replies" tab in web UI (Gargron)
- Change interaction modal in web interface (Gargron, ClearlyClaire, ClearlyClaire, ClearlyClaire, ClearlyClaire, mgmn, tribela, ClearlyClaire, ClearlyClaire)
- Change design of link previews in web UI (Gargron, ClearlyClaire, Gargron, Gargron, Gargron, Gargron, c960657)
- Change "direct message" nomenclature to "private mention" in web UI (Gargron)
- Change translation feature to cover Content Warnings, poll options and media descriptions (c960657, S-H-GAMELINKS, c960657, ClearlyClaire)
- Change account search to match by text when opted-in (jsgoldstein, Gargron)
- Change import feature to be clearer, less error-prone and more reliable (ClearlyClaire, mgmn)
- Change local and federated timelines to be tabs of a single “Live feeds” column (ClearlyClaire, Gargron, mgmn, Plastikmensch, ClearlyClaire)
-
Change user archive export to be faster and more reliable, and export
.zip
archives instead of.tar.gz
ones (ClearlyClaire, TheEssem) -
Change
mastodon-streaming
systemd unit files to be templated (e-nomem) -
Change
statsd
integration to disable sidekiq metrics by default (mjankowski, mjankowski, ClearlyClaire) This deprecatesstatsd
support and disables the sidekiq integration unlessSTATSD_SIDEKIQ
is set totrue
. This is because thensa
gem is unmaintained, and its sidekiq integration is known to add very significant overhead. Later versions of Mastodon will have other ways to get the same metrics. -
Change replica support to native Rails adapter (krainboltgreene, Gargron, Gargron, Gargron, Gargron, ClearlyClaire, ClearlyClaire, ClearlyClaire, ClearlyClaire)
This is a breaking change, dropping
makara
support, and requiring you to update your database configuration if you are using replicas. To tell Mastodon to use a read replica, you can either set theREPLICA_DB_NAME
environment variable (along withREPLICA_DB_USER
,REPLICA_DB_PASS
,REPLICA_DB_HOST
, andREPLICA_DB_PORT
, if they differ from the primary database), or theREPLICA_DATABASE_URL
environment variable if your configuration is based onDATABASE_URL
. - Change DCT method used for JPEG encoding to float (electroCutie)
- Change from
node-redis
toioredis
for streaming (gmemstr) - Change private statuses index to index without crutches (ClearlyClaire)
- Change video compression parameters (Gargron, Gargron, Gargron)
- Change admin e-mail notification settings to be their own settings group (ClearlyClaire)
- Change opacity of the delete icon in the search field to be more visible (AntoninDelFabbro)
- Change Account Search to prioritize username over display name (jsgoldstein)
- Change follow recommendation materialized view to be faster in most cases (renchap, ClearlyClaire)
- Change
robots.txt
to block GPTBot (Foritus) - Change header of hashtag timelines in web UI (Gargron, ClearlyClaire)
- Change streaming
/metrics
to include additional metrics (ThisIsMissEm) - Change indexing frequency from 5 minutes to 1 minute, add locks to schedulers (Gargron)
- Change column link to add a better keyboard focus indicator (teeerevor)
- Change poll form element colors to fit with the rest of the ui (teeerevor, teeerevor, ClearlyClaire)
- Change 'favourite' to 'favorite' for American English (marekr, gunchleoc, nabijaczleweli)
- Change ActivityStreams representation of suspended accounts to not use a blank
name
(ClearlyClaire) - Change focus UI for keyboard only input (teeerevor, Gargron, Gargron)
- Change thread view to scroll to the selected post rather than the post being replied to (ClearlyClaire)
- Change links in multi-column mode so tabs are open in single-column mode (Signez, Signez, ClearlyClaire, Signez, Signez)
- Change searching with
#
to include account index (jsgoldstein) - Change label and design of sensitive and unavailable media in web UI (Gargron, Gargron, Gargron)
- Change button colors to increase hover/focus contrast and consistency (teeerevor, Gargron)
- Change dropdown icon above compose form from ellipsis to bars in web UI (Gargron)
- Change header backgrounds to use fewer different colors in web UI (Gargron)
- Change files to be deleted in batches instead of one-by-one (Gargron, S-H-GAMELINKS, ClearlyClaire)
- Change emoji picker icon (iparr)
- Change edit profile page (Gargron, c960657)
- Change "bot" label to "automated" (Gargron)
- Change design of dropdowns in web UI (Gargron)
- Change wording of “Content cache retention period” setting to highlight destructive implications (ClearlyClaire)
- Change autolinking to allow carets in URL search params (renchap)
- Change share action from being in action bar to being in dropdown in web UI (Gargron)
- Change remote report processing to accept reports with long comments, but truncate them (ThisIsMissEm)
- Change sessions to be ordered from most-recent to least-recently updated (frankieroberto)
- Change vacuum scheduler to also delete expired tokens and unused application records (ClearlyClaire, ClearlyClaire)
- Change "Sign in" to "Login" (Gargron)
- Change domain suspensions to also be checked before trying to fetch unknown remote resources (ClearlyClaire)
- Change media components to use aspect-ratio rather than compute height themselves (ClearlyClaire, ClearlyClaire, ClearlyClaire)
- Change logo version in header based on screen size in web UI (Gargron)
- Change label from "For you" to "People" on explore screen in web UI (Gargron)
- Change logged-out WebUI HTML pages to be cached for a few seconds (ClearlyClaire)
- Change unauthenticated responses to be cached in REST API (Gargron, ClearlyClaire, ClearlyClaire)
- Change HTTP caching logic (Gargron, ClearlyClaire)
- Change hashtags and mentions in bios to open in-app in web UI (Gargron)
- Change styling of the recommended accounts to allow bio to be more visible (chike00)
- Change account search in moderation interface to allow searching by username including the leading
@
(HeitorMC) - Change all components to use the same error page in web UI (Gargron)
- Change search pop-out in web UI (Gargron)
- Change user settings to be stored in a more optimal way (Gargron, c960657, ClearlyClaire, ClearlyClaire, ClearlyClaire, Gargron, Gargron, ClearlyClaire, jsgoldstein, ClearlyClaire)
- Change media upload limits and remove client-side resizing (Gargron)
- Change design of account rows in web UI (Gargron, Gargron, Gargron, ClearlyClaire)
- Change log-out to use Single Logout when using external log-in through OIDC (CSDUMMI)
- Change sidekiq-bulk's batch size from 10,000 to 1,000 jobs in one Redis call (ClearlyClaire)
- Change translation to only be offered for supported languages (c960657, c960657)
This adds the
/api/v1/instance/translation_languages
REST API endpoint that returns an object with the supported translation language pairs in the form:
(where{ "fr": ["en", "de"] }
fr
is a supported source language anden
andde
or supported output language when translating afr
string) - Change compose form checkbox to native input with
appearance: none
(ClearlyClaire) - Change posts' clickable area to be larger (c960657)
- Change
followed_by
link tolocation=all
if account is local on /admin/accounts/:id page (tribela)
Removed
- Remove support for Node.js 14 (renchap)
- Remove support for Ruby 2.7 (nschonni)
- Remove clustering from streaming API (ThisIsMissEm)
- Remove anonymous access to the streaming API (ClearlyClaire)
- Remove obfuscation of reply count in web UI (Gargron)
- Remove
kmr
from language selection, as it was a duplicate forku
(gunchleoc, ClearlyClaire) - Remove 16:9 cropping from web UI (Gargron)
- Remove back button from bookmarks, favourites and lists screens in web UI (Gargron)
- Remove display name input from sign-up form (Gargron)
- Remove
tai
locale (c960657) - Remove empty Kushubian (csb) local files (nschonni)
- Remove
Permissions-Policy
header from all responses (Gargron)
Fixed
- Fix filters not being applying in the explore page (ClearlyClaire)
- Fix being unable to load past a full page of filtered posts in Home timeline (ClearlyClaire)
- Fix log-in flow when involving both OAuth and external authentication (CSDUMMI)
- Fix broken links in account gallery (c960657)
- Fix blocking subdomains of an already-blocked domain (ClearlyClaire)
- Fix migration handler not updating lists (ClearlyClaire)
- Fix paragraph margins resulting in irregular read-more cut-off in web UI (Gargron)
- Fix notification permissions being requested immediately after login (ClearlyClaire)
- Fix performances of profile directory (ClearlyClaire, ClearlyClaire)
- Fix mute button and volume slider feeling disconnected in web UI (Gargron, ClearlyClaire)
- Fix “Scoped order is ignored, it's forced to be batch order.” warnings (ClearlyClaire)
- Fix blocked domain appearing in account feeds (ClearlyClaire)
- Fix moderator rights inconsistencies (ClearlyClaire)
- Fix crash when encountering invalid URL (ClearlyClaire)
- Fix invalid
Content-Type
header for WebP images (c960657) - Fix minor inefficiencies in
tootctl search deploy
(ClearlyClaire) - Fix filter form in profiles directory overflowing instead of wrapping (arbolitoloco1)
- Fix
/api/v1/timelines/tag/:hashtag
allowing for unauthenticated access when public preview is disabled (danielmbrasil) - Fix inefficiencies in
PlainTextFormatter
(ClearlyClaire) - Fix sign up steps progress layout in right-to-left locales (ClearlyClaire)
- Fix bug with “favorited by” and “reblogged by“ view on posts only showing up to 40 items (timothyjrogers, timothyjrogers)
- Fix bad search type heuristic (Gargron)
- Fix not being able to negate prefix clauses in search (Gargron)
- Fix timeout on invalid set of exclusionary parameters in
/api/v1/timelines/public
(danielmbrasil) - Fix unexpected audio stream transcoding when uploaded video is eligible to passthrough (yufushiro)
- Fix uploading of video files for which
ffprobe
reports0/0
average framerate (NicolaiSoeborg) - Fix cached posts including stale stats (ClearlyClaire)
- Fix adding column with default value taking longer on Postgres >= 11 (Gargron)
- Fix light theme select option for hashtags (teeerevor)
- Fix AVIF attachments (c960657)
- Fix incorrect URL normalization when fetching remote resources (c960657, c960657)
- Fix being unable to filter posts for individual Chinese languages (gunchleoc)
- Fix preview card sometimes linking to 4xx error pages (c960657)
- Fix emoji picker button scrolling with textarea content in single-column view (ClearlyClaire)
- Fix missing border on error screen in light theme in web UI (Gargron)
- Fix UI overlap with the loupe icon in the Explore Tab (gol-cha)
- Fix unexpected redirection to
/explore
after sign-in (ClearlyClaire) - Fix
/api/v1/statuses/:id/unfavourite
and/api/v1/statuses/:id/unreblog
returning non-updated counts (c960657) - Fix clicking the “Back” button sometimes leading out of Mastodon (c960657, CSFlorin, S-H-GAMELINKS, ClearlyClaire)
- Fix processing of
null
ActivityPub activities (tribela) - Fix hashtag posts not being removed from home feed on hashtag unfollow (ClearlyClaire)
- Fix for "follows you" indicator in light web UI not readable (vmstan)
- Fix incorrect line break between icon and number of reposts & favourites (edent)
- Fix sounds not being loaded from assets host (Signez)
- Fix buttons showing inconsistent styles (teeerevor, ClearlyClaire, ClearlyClaire, ClearlyClaire)
- Fix trend calculation working on too many items at a time (Gargron)
- Fix dropdowns being disabled for logged out users in web UI (Gargron, ClearlyClaire)
- Fix explore page being inaccessible when opted-out of trends in web UI (Gargron)
- Fix re-activated accounts possibly getting deleted by
AccountDeletionWorker
(ClearlyClaire) - Fix
/api/v2/search
not working with following query param (danielmbrasil) - Fix inefficient query when requesting a new confirmation email from a logged-in account (ClearlyClaire)
- Fix unnecessary concurrent calls to
/api/*/instance
in web UI (mgmn) - Fix resolving local URL for remote content (ClearlyClaire)
- Fix search not being easily findable on smaller screens in web UI (Gargron, ClearlyClaire)
- Fix j/k keyboard shortcuts on some status lists (ClearlyClaire)
- Fix missing validation on
default_privacy
setting (ClearlyClaire) - Fix incorrect pagination headers in
/api/v2/admin/accounts
(danielmbrasil) - Fix non-interactive upload container being given a
button
role and tabIndex (ClearlyClaire) - Fix always redirecting to onboarding in web UI (Gargron)
- Fix inconsistent use of middle dot (·) instead of bullet (•) to separate items (j-f1)
- Fix spacing of middle dots in the detailed status meta section (j-f1)
- Fix prev/next buttons color in media viewer (renchap)
- Fix email addresses not being properly updated in
tootctl maintenance fix-duplicates
(mjankowski) - Fix unicode surrogate pairs sometimes being broken in page title (eai04191)
- Fix various inefficient queries against account domains (ClearlyClaire)
- Fix video player offering to expand in a lightbox when it's in an
iframe
(ClearlyClaire) - Fix post embed previews (ClearlyClaire)
- Fix inadequate error handling in several API controllers when given invalid parameters (danielmbrasil, danielmbrasil, danielmbrasil, danielmbrasil, danielmbrasil, danielmbrasil)
- Fix uncaught
ActiveRecord::StatementInvalid
in Mastodon::IpBlocksCLI (danielmbrasil) - Fix various edge cases with local moves (ClearlyClaire)
- Fix
tootctl accounts cull
crashing when encountering a domain resolving to a private address (ClearlyClaire) - Fix
tootctl accounts approve --number N
not aproving the N earliest registrations (danielmbrasil) - Fix being unable to clear media description when editing posts (c960657)
- Fix unavailable translations not falling back to English (mgmn)
- Fix anonymous visitors getting a session cookie on first visit (ClearlyClaire, ClearlyClaire, ClearlyClaire)
- Fix cutting off first letter of hashtag links sometimes in web UI (Gargron)
- Fix crash in
tootctl accounts create --reattach --force
(ClearlyClaire, danielmbrasil) - Fix characters being emojified even when using Variation Selector 15 (text) (ClearlyClaire, ClearlyClaire)
- Fix uncaught ActiveRecord::StatementInvalid exception in
Mastodon::AccountsCLI#approve
(danielmbrasil) - Fix email confirmation skip option in
tootctl accounts modify USERNAME --email EMAIL --confirm
(danielmbrasil) - Fix tooltip for dates without time (c960657)
- Fix missing loading spinner and loading more on scroll in Private Mentions column (c960657)
- Fix account header image missing from
/settings/profile
on narrow screens (c960657) - Fix height of announcements not being updated when using reduced animations (c960657)
- Fix inconsistent radius in advanced interface drawer (thislight)
- Fix loading more trending posts on scroll in the advanced interface (OmmyZhang)
- Fix poll ending notification for edited polls (c960657)
- Fix max width of media in
/about
and/privacy-policy
(mgmn) - Fix streaming API not being usable without
DATABASE_URL
(Gargron) - Fix external authentication not running onboarding code for new users (ClearlyClaire)
Upgrade notes
To get the code for v4.2.0-rc2, use git fetch && git checkout v4.2.0-rc2
.
As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look:
docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump
Dependencies
External dependencies have changed since v4.1.7, with the Ruby, PostgreSQL and Node.js minimum version being higher.
- Ruby: 3.0 to 3.2
- PostgreSQL: 10 or newer
- Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
- LibreTranslate (optional, for translations): 1.3.3 or newer
- Redis: 4 or newer
- Node: 16 or newer
- ImageMagick: 6.9.7-7 or newer
If your uploaded images are broken after the upgrade, it means your installed ImageMagick version is older than the new minimum version (6.9.7-7), for example if you are running Ubuntu 18.04. If this happens, you can find more information and ways to fix it on this page.
Database replica configuration
The way Mastodon handles read replicas has changed, removing the makara
gem and using native Rails support instead.
This changes how database replicas are configured. Instead of editing config/database.yml
, you should use an unmodified one and use the REPLICA_DB_NAME
, along with REPLICA_DB_USER
, REPLICA_DB_PASS
, REPLICA_DB_HOST
and REPLICA_DB_PORT
, if they differ from the primary database.
If you are using DATABASE_URL
, you can configure your read replica in a similar way using REPLICA_DATABASE_URL
.
StatsD integration
We have identified the current implementation of the StatsD integration for sidekiq to cause a lot of overhead. Therefore, we have disabled it by default, but since we do not have an alternative yet, it is still available by setting the following environment variable: STATSD_SIDEKIQ=true
.
Please note that StatsD integration is deprecated and will not be supported in 4.3.0.
S3-compatible configuration change
If you experience issues with file uploads after this update, you may need to set S3_DISABLE_CHECKSUM_MODE=true
, as our S3 library now defaults to use a feature that is not implemented by every S3-compatible provider.
Streaming server changes
We have dropped built-in clustering support from the streaming server, which means, depending on the load you are facing, that you may need to run multiple instances of it and configure a load-balancer.
Unless you are using Docker, it is recommended that you update your mastodon-streaming
unit scripts with the ones we provide:
-
sudo cp ~mastodon/live/dist/mastodon-streaming*.service /etc/systemd/system/
-
sudo systemctl daemon-reload
-
sudo systemctl restart mastodon-streaming
If you then need to run more than one mastodon-streaming server
, you can:
- Start a new instance with
sudo systemctl start mastodon-streaming@port
(e.g.mastodon-streaming@4001
) - Edit your nginx configuration file to add the new server to the load-balancing (an example is provided in the comments in
dist/nginx.conf
)
Automatic update checking
Starting from this release, Mastodon will periodically check for updates by querying https://api.joinmastodon.org/update-check
every 30 minutes in a background job.
That URL can be changed using the UPDATE_CHECK_URL
environment variable, and the feature outright disabled by setting that variable to an empty string (UPDATE_CHECK_URL=
).
Update steps
The following instructions are for updating from 4.1.7.
If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations.
Non-Docker only:
- If you are using
rbenv
, update the list of available versions and install Ruby 3.2.2 by doingRUBY_CONFIGURE_OPTS=--with-jemalloc rbenv install
in the Mastodon install directory (e.g./home/mastodon/live
) - Install dependencies:
bundle install
andyarn install --frozen-lockfile
- Precompile the assets:
RAILS_ENV=production bundle exec rails assets:precompile
- Run the pre-deployment database migrations by specifying the
SKIP_POST_DEPLOYMENT_MIGRATIONS=true
environment variable:SKIP_POST_DEPLOYMENT_MIGRATIONS=true RAILS_ENV=production bundle exec rails db:migrate
- Restart all Mastodon processes
- Run the post-deployment database migrations:
RAILS_ENV=production bundle exec rails db:migrate
- If you use Elasticsearch, rebuild the search indexes with
RAILS_ENV=production bin/tootctl search deploy --reset-chewy
Using Docker:
- Run the pre-deployment database migrations by specifying the
SKIP_POST_DEPLOYMENT_MIGRATIONS=true
environment variable:docker-compose run --rm -e SKIP_POST_DEPLOYMENT_MIGRATIONS=true web bundle exec rails db:migrate
- Restart all Mastodon processes
- Run the post-deployment database migrations:
docker-compose run --rm web bundle exec rails db:migrate
- If you use Elasticsearch, rebuild the search indexes with
docker-compose run --rm web bin/tootctl search deploy --reset-chewy