fedimovies/CHANGELOG.md

394 lines
12 KiB
Markdown
Raw Normal View History

# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
## [Unreleased]
2023-04-15 23:43:19 +00:00
### Added
- Added support for content warnings.
- Added `authentication_methods` field to `CredentialAccount` object (Mastodon API).
2023-04-15 23:43:19 +00:00
### Changed
- Ignore errors when importing activities from outbox.
- Make activity limit in outbox fetcher adjustable.
- Changed `reset-subscriptions` command arguments (removes subscription options by default).
- Return error if specified Monero account doesn't exist.
2023-04-15 13:28:09 +00:00
- Updated actix to latest version. MSRV changed to 1.57.
- Make `/api/v1/accounts` endpoint accept optional `authentication_method` parameter.
### Deprecated
- Calling `/api/v1/accounts` without `authentication_method` parameter.
### Fixed
- Make `/api/v1/accounts/{account_id}/follow` work with form-data.
2023-04-12 20:40:46 +00:00
## [1.21.0] - 2023-04-12
### Added
- Support Monero Wallet RPC authentication.
2023-04-10 21:20:47 +00:00
- Added `create-user` command.
2023-04-10 23:04:41 +00:00
- Added `read-outbox` command.
### Changed
- Added emoji count check to profile data validator.
- Check mention and link counts when creating post.
- Disable transaction monitor tasks if blockchain integration is disabled.
- Allow multiple configurations in `blockchains` array.
- Re-fetch object if `attributedTo` value doesn't match `actor` of `Create` activity.
- Added actor validation to `Update(Note)` and `Undo(Follow)` handlers.
### Fixed
- Fixed database query error in `Create` activity handler.
2023-04-12 20:40:46 +00:00
## [1.20.0] - 2023-04-07
2023-04-06 23:54:11 +00:00
### Added
- Support calling `/api/v1/accounts/search` with `resolve` parameter.
- Created `/api/v1/accounts/aliases/all` API endpoint.
2023-04-02 21:23:04 +00:00
- Created API endpoint for adding aliases.
- Populate `alsoKnownAs` property on actor object with declared aliases.
- Support account migration from Mastodon.
- Created API endpoint for managing client configurations.
2023-04-05 20:58:09 +00:00
- Reject unsolicited public posts.
### Changed
- Increase maximum number of custom emojis per post to 50.
- Validate actor aliases before saving into database.
- Process incoming `Move()` activities in background.
- Allow custom emojis with `image/webp` media type.
- Increase object ID size limit to 2000 chars.
- Increase fetcher timeout to 15 seconds when processing search queries.
### Fixed
- Added missing `CHECK` constraints to database tables.
- Validate object ID length before saving post to database.
- Validate emoji name length before saving to database.
## [1.19.1] - 2023-03-31
2023-03-31 18:15:41 +00:00
### Changed
- Limit number of mentions and links in remote posts.
### Fixed
- Process queued background jobs before re-trying stalled.
- Remove activity from queue if handler times out.
- Order attachments by creation date when new post is created.
2023-03-30 13:56:27 +00:00
## [1.19.0] - 2023-03-30
2023-03-25 00:12:20 +00:00
### Added
- Added `prune-remote-emojis` command.
2023-03-25 10:58:33 +00:00
- Prune remote emojis in background.
- Added `limits.media.emoji_size_limit` configuration parameter.
- Added `federation.fetcher_timeout` and `federation.deliverer_timeout` configuration parameters.
2023-03-25 00:12:20 +00:00
2023-03-25 10:12:55 +00:00
### Changed
- Allow emoji names containing hyphens.
- Increased remote emoji size limit to 500 kB.
- Set fetcher timeout to 5 seconds when processing search queries.
2023-03-25 10:12:55 +00:00
2023-03-24 22:54:51 +00:00
### Fixed
- Fixed error in emoji update SQL query.
2023-03-25 20:14:48 +00:00
- Restart stalled background jobs.
2023-03-27 20:50:18 +00:00
- Order attachments by creation date.
- Don't reopen monero wallet on each subscription monitor run.
2023-03-24 22:54:51 +00:00
2023-03-28 22:57:54 +00:00
### Security
- Updated markdown parser to latest version.
2023-03-21 18:33:05 +00:00
## [1.18.0] - 2023-03-21
2022-12-29 13:36:34 +00:00
### Added
- Added `fep-e232` feature flag (disabled by default).
- Added `account_index` parameter to Monero configuration.
- Added `/api/v1/instance/peers` API endpoint.
- Added `federation.enabled` configuration parameter that can be used to disable federation.
2022-12-29 13:36:34 +00:00
### Changed
- Documented valid role names for `set-role` command.
- Granted `delete_any_post` and `delete_any_profile` permissions to admin role.
- Updated profile page URL template to match mitra-web.
### Fixed
- Make webclient-to-object redirects work for remote profiles and posts.
- Added webclient redirection rule for `/@username` routes.
- Don't allow migration if user doesn't have identity proofs.
2023-03-15 11:21:42 +00:00
## [1.17.0] - 2023-03-15
2023-03-12 20:13:53 +00:00
### Added
- Enabled audio and video uploads.
- Added `audio/ogg` and `audio/x-wav` to the list of supported media types.
2023-03-12 20:13:53 +00:00
### Changed
- Save latest ethereum block number to database instead of file.
2023-03-14 15:17:56 +00:00
- Removed hardcoded upload size limit.
### Deprecated
- Reading ethereum block number from `current_block` file.
2023-03-08 23:16:42 +00:00
### Removed
2023-03-09 01:05:45 +00:00
2023-03-08 23:16:42 +00:00
- Disabled post tokenization (can be re-enabled with `ethereum-extras` feature).
- Removed ability to switch from Ethereum devnet to another chain without resetting subscriptions.
2023-03-09 01:05:45 +00:00
2023-03-11 17:12:37 +00:00
### Fixed
- Allow `!` after hashtags and mentions.
- Ignore emojis with non-unique names in remote posts.
2023-03-11 17:12:37 +00:00
2023-03-08 01:42:38 +00:00
## [1.16.0] - 2023-03-08
### Added
- Allow to add notes to generated invite codes.
- Added `registration.default_role` configuration option.
2023-03-03 22:23:52 +00:00
- Save emojis attached to actor objects.
- Added `emojis` field to Mastodon API Account entity.
2023-03-05 14:08:26 +00:00
- Support audio attachments.
- Added CLI command for viewing unreachable actors.
2023-03-06 19:49:45 +00:00
- Implemented NodeInfo 2.1.
- Added `federation.onion_proxy_url` configuration parameter (enables proxy for requests to `.onion` domains).
### Changed
- Use .jpg extension for files with image/jpeg media type.
### Deprecated
- Deprecated `default_role_read_only_user` configuration option (replaced by `registration.default_role`).
2023-02-27 00:57:44 +00:00
## [1.15.0] - 2023-02-27
2023-02-22 21:48:19 +00:00
### Added
- Set fetcher timeout to 3 minutes.
2023-02-22 21:54:08 +00:00
- Set deliverer timeout to 30 seconds.
- Added `federation` parameter group to configuration.
- Add empty `spoiler_text` property to Mastodon API Status object.
- Added `error` and `error_description` fields to Mastodon API error responses.
- Store information about failed activity deliveries in database.
- Added `/api/v1/accounts/{account_id}/aliases` API endpoint.
### Changed
- Put activities generated by CLI commands in a queue instead of immediately sending them.
- Changed path of user's Atom feed to `/feeds/users/{username}`.
- Increase number of delivery attempts and increase intervals between them.
### Deprecated
- Deprecated `proxy_url` configuration parameter (replaced by `federation.proxy_url`).
- Deprecated Atom feeds at `/feeds/{username}`.
- Deprecated `message` field in Mastodon API error response.
2023-02-22 21:48:19 +00:00
### Fixed
- Prevent `delete-extraneous-posts` command from removing locally-linked posts.
- Make webfinger response compatible with GNU Social account lookup.
- Prefer `Group` actor when doing webfinger query on Lemmy server.
- Fetch missing profiles before doing follower migration.
- Follow FEP-e232 links when importing post.
2023-02-22 17:34:17 +00:00
## [1.14.0] - 2023-02-22
### Added
2023-02-10 23:29:42 +00:00
- Added `/api/v1/apps` endpoint.
2023-02-11 16:12:15 +00:00
- Added OAuth authorization page.
- Support `authorization_code` OAuth grant type.
- Documented `http_cors_allowlist` configuration parameter.
- Added `/api/v1/statuses/{status_id}/thread` API endpoint (replaces `/api/v1/statuses/{status_id}/context`).
- Accept webfinger requests where `resource` is instance actor ID.
- Added `proxy_set_header X-Forwarded-Proto $scheme;` directive to nginx config example.
- Add `Content-Security-Policy` and `X-Content-Type-Options` headers to all responses.
### Changed
- Allow `instance_uri` configuration value to contain URI scheme.
- Changed `/api/v1/statuses/{status_id}/context` response format to match Mastodon API.
- Changed status code of `/api/v1/statuses` response to 200 to match Mastodon API.
- Removed `add_header` directives for `Content-Security-Policy` and `X-Content-Type-Options` headers from nginx config example.
### Deprecated
- Deprecated protocol guessing on incoming requests (use `X-Forwarded-Proto` header).
### Fixed
- Fixed actor object JSON-LD validation errors.
- Fixed activity JSON-LD validation errors.
- Make media URLs in Mastodon API responses relative to current origin.
2023-02-09 20:07:39 +00:00
## [1.13.1] - 2023-02-09
### Fixed
- Fixed permission error on subscription settings update.
2023-02-06 00:35:31 +00:00
## [1.13.0] - 2023-02-06
### Added
- Replace post attachments and other related objects when processing `Update(Note)` activity.
- Append attachment URL to post content if attachment size exceeds limit.
2023-02-02 12:38:02 +00:00
- Added `/api/v1/custom_emojis` endpoint.
- Added `limits` parameter group to configuration.
- Made file size limit adjustable with `limits.media.file_size_limit` configuration option.
- Added `limits.posts.character_limit` configuration parameter (replaces `post_character_limit`).
- Implemented automatic pruning of remote posts and empty profiles (disabled by default).
2023-01-28 01:11:47 +00:00
### Changed
- Use proof suites with prefix `Mitra`.
- Added `https://w3id.org/security/data-integrity/v1` to JSON-LD context.
- Return `202 Accepted` when activity is accepted by inbox endpoint.
2023-02-02 00:48:03 +00:00
- Ignore forwarded `Like` activities.
- Set 10 minute timeout on background job that processes incoming activities.
- Use "warn" log level for delivery errors.
- Don't allow read-only users to manage subscriptions.
2023-01-28 01:11:47 +00:00
### Deprecated
- Deprecated `post_character_limit` configuration option.
### Fixed
- Change max body size in nginx example config to match app limit.
- Don't create invoice if recipient can't accept subscription payments.
2023-02-05 20:46:58 +00:00
- Ignore `Announce(Delete)` activities.
2023-01-26 19:05:41 +00:00
## [1.12.0] - 2023-01-26
### Added
- Added `approval_required` and `invites_enabled` flags to `/api/v1/instance` endpoint response.
- Added `registration.type` configuration option (replaces `registrations_open`).
- Implemented roles & permissions.
- Added "read-only user" role.
- Added configuration option for automatic assigning of "read-only user" role after registration.
2023-01-25 05:52:58 +00:00
- Added `set-role` command.
### Changed
- Don't retry activity if fetcher recursion limit has been reached.
### Deprecated
- `registrations_open` configuration option.
2023-01-24 21:11:07 +00:00
### Removed
- Dropped support for `blockchain` configuration parameter.
### Fixed
- Added missing `<link rel="self">` element to Atom feeds.
- Added missing `<link rel="alternate">` element to Atom feed entries.
2023-01-23 12:53:57 +00:00
## [1.11.0] - 2023-01-23
### Added
- Save sizes of media attachments and other files to database.
2023-01-17 00:09:09 +00:00
- Added `import-emoji` command.
2023-01-21 00:23:15 +00:00
- Added support for emoji shortcodes.
- Allowed custom emojis with `image/apng` media type.
### Changed
- Make `delete-emoji` command accept emoji name and hostname instead of ID.
- Replaced client-side tag URLs with collection IDs.
2023-01-20 18:47:26 +00:00
### Security
- Validate emoji name before saving.
2023-01-18 20:20:26 +00:00
## [1.10.0] - 2023-01-18
### Added
- Added `/api/v1/settings/move_followers` API endpoint (replaces `/api/v1/accounts/move_followers`).
- Added `/api/v1/settings/import_follows` API endpoint.
2023-01-12 00:56:52 +00:00
- Validation of Monero subscription payout address.
- Accept webfinger requests where `resource` is actor ID.
2023-01-17 00:51:17 +00:00
- Adeed support for `as:Public` and `Public` audience identifiers.
2023-01-16 22:40:03 +00:00
- Displaying custom emojis.
### Changed
- Save downloaded media as "unknown" if its media type is not supported.
- Use `mediaType` property value to determine file extension when saving downloaded media.
- Added `mediaType` property to images in actor object.
- Prevent `delete-extraneous-posts` command from deleting post if there's a recent reply or repost.
2023-01-16 16:54:57 +00:00
- Changed max actor image size to 5 MB.
### Removed
- `/api/v1/accounts/move_followers` API endpoint.
### Fixed
- Don't ignore `Delete(Person)` verification errors if database error subtype is not `NotFound`.
- Don't stop activity processing on invalid local mentions.
- Accept actor objects where `attachment` property value is not an array.
- Don't download HTML pages attached by GNU Social.
- Ignore `Like()` activity if local post doesn't exist.
- Fixed `.well-known` paths returning `400 Bad Request` errors.
2023-01-07 23:10:57 +00:00
## [1.9.0] - 2023-01-08
### Added
- Added `/api/v1/accounts/lookup` Mastodon API endpoint.
2022-12-11 18:41:08 +00:00
- Implemented activity delivery queue.
- Started to keep track of unreachable actors.
- Added `configuration` object to response of `/api/v1/instance` endpoint.
- Save media types of uploaded avatar and banner images.
- Support for `MitraJcsRsaSignature2022` and `MitraJcsEip191Signature2022` signature suites.
2022-12-27 21:15:19 +00:00
### Changed
- Updated installation instructions, default mitra config and recommended nginx config.
- Limited the number of requests made during the processing of a thread.
- Limited the number of media files that can be attached to a post.
2022-12-27 21:15:19 +00:00
### Deprecated
- Deprecated `post_character_limit` property in `/api/v1/instance` response.
- Avatar and banner uploads without media type via `/api/v1/accounts/update_credentials`.
- `JcsRsaSignature2022` and `JcsEip191Signature2022` signature suites.
### Removed
- Removed ability to upload non-images using `/api/v1/media` endpoint.
### Fixed
- Fixed post and profile page redirections.
2023-01-05 19:18:08 +00:00
- Fixed federation with GNU Social.