Mastodon v3.3.0.rc1 Release Notes

Release Date: 2020-12-01 // over 3 years ago
  • Mastodon

    Note: This is a release candidate. It is intended to be stable, but not guaranteed.

    ๐Ÿ”„ Changelog

    โž• Added

    • โž• Add hotkeys for audio/video control in web UI (Gargron, Gargron)
      • Space and k to toggle playback
      • m to toggle mute
      • f to toggle fullscreen
      • j and l to go back and forward by 10 seconds
      • . and , to go back and forward by a frame (video only)
    • โž• Add expand/compress button on media modal in web UI (mashirozx, mashirozx, mashirozx)
    • โž• Add border around ๐Ÿ•บ emoji in web UI (ThibG)
    • โž• Add border around ๐Ÿž emoji in web UI (ThibG)
    • โž• Add home link to the getting started column when home isn't mounted (ThibG)
    • โž• Add option to disable swiping motions across the web UI (ThibG)
    • โž• Add pop-out player for audio/video in web UI (Gargron, Gargron, Gargron)
      • Continue watching/listening when you scroll away
      • Action bar to interact with/open toot from the pop-out player
    • โž• Add unread notification markers in web UI (ThibG, ThibG, ThibG, noellabo, noellabo)
    • โž• Add paragraph about browser add-ons when encountering errors in web UI (ThibG)
    • โž• Add import and export for bookmarks (ThibG)
    • โž• Add cache buster feature for media files (Gargron)
      • If you have a proxy cache in front of object storage, deleted files will persist until the cache expires
      • If enabled, cache buster will make a special request to the proxy to signal a cache reset
    • โž• Add duration option to the mute function (aquarla)
    • โž• Add replies policy option to the list function (ThibG)
    • โž• Add og:published_time OpenGraph tags on toots (nornagon)
    • โž• Add option to be notified when a followed user posts (Gargron, ThibG, Gargron)
      • If you don't want to miss a toot, click the bell button!
    • โž• Add client-side validation in password change forms (ThibG)
    • โž• Add client-side validation in the registration form (ThibG, ThibG)
    • โž• Add support for Gemini URLs (joshleeb)
    • โž• Add WebAuthn as an alternative 2FA method (santiagorodriguez96, jiikko)
    • โž• Add icon for mutual relationships in relationship manager (noellabo)
    • โž• Add follow selected followers button in relationship manager (noellabo)
    • โž• Add subresource integrity for JS and CSS assets (Gargron)
      • If you use a CDN for static assets (JavaScript, CSS, and so on), you have to trust that the CDN does not modify the assets maliciously
      • Subresource integrity compares server-generated asset digests with what's actually served from the CDN and prevents such attacks
    • โž• Add ku, sa, sc, zgh to available locales (ykzts)
    • โž• Add ability to force an account to mark media as sensitive (noellabo)
    • โž• Add ability to block access or limit sign-ups from chosen IPs (Gargron)
      • Add rules for IPs or CIDR ranges that automatically expire after a configurable amount of time
      • Choose the severity of the rule, either blocking all access or merely limiting sign-ups
    • โž• Add support for reversible suspensions through ActivityPub (Gargron)
      • Servers can signal that one of their accounts has been suspended
      • During suspension, the account can only delete its own content
      • A reversal of the suspension can be signalled the same way
      • A local suspension always overrides a remote one
    • โž• Add ActivityPub follower synchronization mechanism (ThibG, ThibG)
    • โž• Add outbox attribute to instance actor (ThibG)
    • โž• Add featured hashtags as an ActivityPub collection (Gargron)
    • โž• Add support for dereferencing objects through bearcaps (Gargron, noellabo)
    • Add S3_READ_TIMEOUT environment variable (tateisu)
    • Add ALLOWED_PRIVATE_ADDRESSES environment variable (ThibG)
    • โž• Add --fix-permissions option to tootctl media remove-orphans (Gargron, uist1idrju3i)
    • โž• Add tootctl accounts merge (Gargron)
      • Has someone changed their domain or subdomain thereby creating two accounts where there should be one?
      • This command will fix it on your end
    • โž• Add tootctl maintenance fix-duplicates (ThibG, Gargron)
      • Index corruption in the database?
      • This command is for you
    • โž• Add support for managing multiple stream subscriptions in a single connection (Gargron, Gargron, mfmfuyu, zunda)
      • Previously, getting live updates for multiple timelines required opening a HTTP or WebSocket connection for each
      • More connections means more resource consumption on both ends, not to mention the (ever so slight) delay when establishing a new connection
      • Now, with just a single WebSocket connection you can subscribe and unsubscribe to and from multiple streams
    • Add support for limiting results by both min_id and max_id at the same time in REST API (tateisu)
    • โž• Add GET /api/v1/accounts/:id/featured_tags to REST API (noellabo)
    • โž• Add optional tootctl remove media cronjob in Helm chart (dunn)

    ๐Ÿ”„ Changed

    • ๐Ÿ”„ Change media modals look in web UI (Gargron, Gargron)
      • Background of the overlay matches the color of the image
      • Action bar to interact with or open the toot from the modal
    • ๐Ÿ”„ Change order of announcements in admin UI to be newest-first (ThibG)
    • ๐Ÿ”„ Change account suspensions to be reversible by default (Gargron, ThibG, ThibG, ThibG, ThibG, noellabo)
      • Suspensions no longer equal deletions
      • A suspended account can be unsuspended with minimal consequences for 30 days
      • Immediate deletion of data is still available as an explicit option
      • Suspended accounts can request an archive of their data through the UI
    • ๐Ÿ”„ Change REST API to return empty data for suspended accounts (Gargron)
    • ๐Ÿ”„ Change web UI to show empty profile for suspended accounts (Gargron)
    • ๐Ÿ”„ Change featured hashtag suggestions to be recently used instead of most used (abcang)
    • ๐Ÿ”„ Change direct toots to appear in the home feed again (Gargron, ThibG, noellabo)
      • Return to treating all toots the same instead of trying to retrofit direct visibility into an instant messaging model
    • ๐Ÿ”„ Change email address validation to return more specific errors (ThibG)
    • ๐Ÿ”„ Change HTTP signature requirements to include Digest header on POST requests (ThibG)
    • ๐Ÿ”„ Change click area of video/audio player buttons to be bigger in web UI (ariasuni)
    • ๐Ÿ”„ Change order of filters by alphabetic by "keyword or phrase" (ariasuni)
    • ๐Ÿ”„ Change suspension of remote accounts to also undo outgoing follows (ThibG)
    • ๐Ÿ”„ Change string "Home" to "Home and lists" in the filter creation screen (ariasuni)
    • ๐Ÿ”„ Change string "Boost to original audience" to "Boost with original visibility" in web UI (3n-k1)
    • ๐Ÿ”„ Change string "Show more" to "Show newer" and "Show older" on public pages (ariasuni)
    • ๐Ÿ”„ Change order of announcements to be reverse chronological in web UI (dariusk, dariusk)
    • ๐Ÿ”„ Change visibility icon next to timestamp to be clickable in web UI (ariasuni, mayaeh)

    โœ‚ Removed

    • โœ‚ Remove fade-in animation from modals in web UI (Gargron)
    • โœ‚ Remove auto-redirect to direct messages in web UI (Gargron)
    • โœ‚ Remove obsolete IndexedDB operations from web UI (Gargron)
    • โœ‚ Remove dependency on unused and unmaintained http_parser.rb gem (ThibG)

    ๐Ÿ›  Fixed

    • ๐Ÿ›  Fix deletes not reaching every server that interacted with toot (Gargron)
      • Previously, delete of a toot would be primarily sent to the followers of its author, people mentioned in the toot, and people who reblogged the toot
      • Now, additionally, it is ensured that it is sent to people who replied to it, favourited it, and to the person it replies to even if that person is not mentioned
    • ๐Ÿ›  Fix resolving an account through its non-canonical form (i.e. alternate domain) (ThibG)
    • ๐Ÿ›  Fix sending redundant ActivityPub events when processing remote account deletion (ThibG)
    • ๐Ÿ›  Fix Move handler not being triggered when failing to fetch target account (ThibG)
    • ๐Ÿ›  Fix downloading remote media files when server returns empty filename (ThibG)
    • ๐Ÿ›  Fix account processing failing because of large collections (ThibG)
    • ๐Ÿ›  Fix not being able to unfavorite toots one has lost access to (ThibG)
    • ๐Ÿ›  Fix not being able to unbookmark toots one has lost access to (ThibG)
    • ๐Ÿ›  Fix possible casing inconsistencies in hashtag search (ThibG)
    • ๐Ÿ›  Fix updating account counters when association is not yet created (Gargron)
    • ๐Ÿ›  Fix cookies not having a SameSite attribute (Gargron)
    • ๐Ÿ›  Fix poll ending notifications being created for each vote (ThibG)
    • ๐Ÿ›  Fix multiple boosts of a same toot erroneously appearing in TL (ThibG)
    • ๐Ÿ›  Fix asset builds not picking up CDN_HOST change (ThibG)
    • ๐Ÿ›  Fix desktop notifications permission prompt in web UI (Gargron, Gargron, ThibG)
      • Some time ago, browsers added a requirement that desktop notification prompts could only be displayed in response to a user-generated event (such as a click)
      • This means that for some time, users who haven't already given the permission before were not getting a prompt and as such were not receiving desktop notifications
    • ๐Ÿ›  Fix "Mark media as sensitive" string not supporting pluralizations in other languages in web UI (ariasuni)
    • ๐Ÿ›  Fix glitched image uploads when canvas read access is blocked in web UI (ThibG)
    • ๐Ÿ›  Fix some account gallery items having empty labels in web UI (ThibG)
    • ๐Ÿ›  Fix alt-key hotkeys activating while typing in a text field in web UI (ThibG)
    • ๐Ÿ›  Fix wrong seek bar width on media player in web UI (mfmfuyu)
    • ๐Ÿ›  Fix logging out on mobile in web UI (ThibG)
    • ๐Ÿ›  Fix wrong click area for GIFVs in media modal in web UI (noellabo)
    • ๐Ÿ›  Fix unreadable placeholder text color in high contrast theme in web UI (Gargron)
    • ๐Ÿ›  Fix scrolling issues when closing some dropdown menus in web UI (ThibG)
    • ๐Ÿ›  Fix notification filter bar incorrectly filtering gaps in web UI (ThibG)
    • ๐Ÿ›  Fix disabled boost icon being replaced by private boost icon on hover in web UI (ThibG)
    • ๐Ÿ›  Fix hashtag detection in compose form being different to server-side in web UI (kedamaDQ, ThibG)
    • ๐Ÿ›  Fix home last read marker mishandling gaps in web UI (ThibG)
    • ๐Ÿ›  Fix inefficiency when fetching hashtag timeline (noellabo, akihikodaki)
    • ๐Ÿ›  Fix inefficiency when fetching bookmarks (akihikodaki)
    • ๐Ÿ›  Fix inefficiency when fetching favourites (akihikodaki)
    • ๐Ÿ›  Fix inefficiency when fetching media-only account timeline (akihikodaki)
    • ๐Ÿ›  Fix redundant query when processing batch actions on custom emojis (niwatori24)
    • ๐Ÿ›  Fix PostgreSQL secret name for cronjob in Helm chart (metal3d)
    • ๐Ÿ›  Fix Procfile not being compatible with herokuish (acuteaura)
    • ๐Ÿ›  Fix installation of tini being split into multiple steps in Dockerfile (ryncsn)

    ๐Ÿ”’ Security

    • ๐Ÿ›  Fix streaming API allowing connections to persist after access token invalidation (Gargron)
    • ๐Ÿ›  Fix 2FA/sign-in token sessions being valid after password change (Gargron)

    โฌ†๏ธ Upgrade notes

    โฌ†๏ธ > As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

    ๐Ÿณ Non-Docker only:

    • โฌ†๏ธ The recommended Ruby version has been bumped to 2.7.2. You can upgrade, or you can continue using the old version by overwriting the .ruby-version file with e.g. 2.6.6 which was recommended previously
    • Install dependencies: bundle install and yarn install

    ๐Ÿณ Both Docker and non-Docker:

    ๐Ÿš€ 1. Run the pre-deployment database migrations by specifying the SKIP_POST_DEPLOYMENT_MIGRATIONS=true environment variable:

    • Non-Docker: SKIP_POST_DEPLOYMENT_MIGRATIONS=true RAILS_ENV=production bundle exec rails db:migrate
    • Docker: docker-compose run --rm -e SKIP_POST_DEPLOYMENT_MIGRATIONS=true web rails db:migrate ๐Ÿฑ 2. Precompile the assets:
    • Non-Docker: RAILS_ENV=production bundle exec rails assets:precompile
    • Docker: The assets are already precompiled during the build step
      1. Restart all Mastodon processes
      2. Clear cache:
    • Non-Docker: RAILS_ENV=production bin/tootctl cache clear
    • Docker: docker-compose run --rm web bin/tootctl cache clear ๐Ÿš€ 5. Now that the new code is running, we can finish the database migrations. This will run the post-deployment ones:
    • Non-Docker: RAILS_ENV=production bundle exec rails db:migrate
    • Docker: docker-compose run --rm web rails db:migrate
      1. Restart all Mastodon processes

    Translators

    TBA