8 KiB
8 KiB
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog.
[Unreleased]
Added
- Allow to add notes to generated invite codes.
- Added
registration.default_role
configuration option. - Save emojis attached to actor objects.
- Added
emojis
field to Mastodon API Account entity. - Support audio attachments.
- Added CLI command for viewing unreachable actors.
- Implemented NodeInfo 2.1.
- Added
federation.onion_proxy_url
configuration parameter (enables proxy for requests to.onion
domains).
Changed
- Use .jpg extension for files with image/jpeg media type.
Deprecated
- Deprecated
default_role_read_only_user
configuration option (replaced byregistration.default_role
).
[1.15.0] - 2023-02-27
Added
- Set fetcher timeout to 3 minutes.
- Set deliverer timeout to 30 seconds.
- Added
federation
parameter group to configuration. - Add empty
spoiler_text
property to Mastodon API Status object. - Added
error
anderror_description
fields to Mastodon API error responses. - Store information about failed activity deliveries in database.
- Added
/api/v1/accounts/{account_id}/aliases
API endpoint.
Changed
- Put activities generated by CLI commands in a queue instead of immediately sending them.
- Changed path of user's Atom feed to
/feeds/users/{username}
. - Increase number of delivery attempts and increase intervals between them.
Deprecated
- Deprecated
proxy_url
configuration parameter (replaced byfederation.proxy_url
). - Deprecated Atom feeds at
/feeds/{username}
. - Deprecated
message
field in Mastodon API error response.
Fixed
- Prevent
delete-extraneous-posts
command from removing locally-linked posts. - Make webfinger response compatible with GNU Social account lookup.
- Prefer
Group
actor when doing webfinger query on Lemmy server. - Fetch missing profiles before doing follower migration.
- Follow FEP-e232 links when importing post.
[1.14.0] - 2023-02-22
Added
- Added
/api/v1/apps
endpoint. - Added OAuth authorization page.
- Support
authorization_code
OAuth grant type. - Documented
http_cors_allowlist
configuration parameter. - Added
/api/v1/statuses/{status_id}/thread
API endpoint (replaces/api/v1/statuses/{status_id}/context
). - Accept webfinger requests where
resource
is instance actor ID. - Added
proxy_set_header X-Forwarded-Proto $scheme;
directive to nginx config example. - Add
Content-Security-Policy
andX-Content-Type-Options
headers to all responses.
Changed
- Allow
instance_uri
configuration value to contain URI scheme. - Changed
/api/v1/statuses/{status_id}/context
response format to match Mastodon API. - Changed status code of
/api/v1/statuses
response to 200 to match Mastodon API. - Removed
add_header
directives forContent-Security-Policy
andX-Content-Type-Options
headers from nginx config example.
Deprecated
- Deprecated protocol guessing on incoming requests (use
X-Forwarded-Proto
header).
Fixed
- Fixed actor object JSON-LD validation errors.
- Fixed activity JSON-LD validation errors.
- Make media URLs in Mastodon API responses relative to current origin.
[1.13.1] - 2023-02-09
Fixed
- Fixed permission error on subscription settings update.
[1.13.0] - 2023-02-06
Added
- Replace post attachments and other related objects when processing
Update(Note)
activity. - Append attachment URL to post content if attachment size exceeds limit.
- Added
/api/v1/custom_emojis
endpoint. - Added
limits
parameter group to configuration. - Made file size limit adjustable with
limits.media.file_size_limit
configuration option. - Added
limits.posts.character_limit
configuration parameter (replacespost_character_limit
). - Implemented automatic pruning of remote posts and empty profiles (disabled by default).
Changed
- Use proof suites with prefix
Mitra
. - Added
https://w3id.org/security/data-integrity/v1
to JSON-LD context. - Return
202 Accepted
when activity is accepted by inbox endpoint. - Ignore forwarded
Like
activities. - Set 10 minute timeout on background job that processes incoming activities.
- Use "warn" log level for delivery errors.
- Don't allow read-only users to manage subscriptions.
Deprecated
- Deprecated
post_character_limit
configuration option.
Fixed
- Change max body size in nginx example config to match app limit.
- Don't create invoice if recipient can't accept subscription payments.
- Ignore
Announce(Delete)
activities.
[1.12.0] - 2023-01-26
Added
- Added
approval_required
andinvites_enabled
flags to/api/v1/instance
endpoint response. - Added
registration.type
configuration option (replacesregistrations_open
). - Implemented roles & permissions.
- Added "read-only user" role.
- Added configuration option for automatic assigning of "read-only user" role after registration.
- Added
set-role
command.
Changed
- Don't retry activity if fetcher recursion limit has been reached.
Deprecated
registrations_open
configuration option.
Removed
- Dropped support for
blockchain
configuration parameter.
Fixed
- Added missing
<link rel="self">
element to Atom feeds. - Added missing
<link rel="alternate">
element to Atom feed entries.
[1.11.0] - 2023-01-23
Added
- Save sizes of media attachments and other files to database.
- Added
import-emoji
command. - Added support for emoji shortcodes.
- Allowed custom emojis with
image/apng
media type.
Changed
- Make
delete-emoji
command accept emoji name and hostname instead of ID. - Replaced client-side tag URLs with collection IDs.
Security
- Validate emoji name before saving.
[1.10.0] - 2023-01-18
Added
- Added
/api/v1/settings/move_followers
API endpoint (replaces/api/v1/accounts/move_followers
). - Added
/api/v1/settings/import_follows
API endpoint. - Validation of Monero subscription payout address.
- Accept webfinger requests where
resource
is actor ID. - Adeed support for
as:Public
andPublic
audience identifiers. - Displaying custom emojis.
Changed
- Save downloaded media as "unknown" if its media type is not supported.
- Use
mediaType
property value to determine file extension when saving downloaded media. - Added
mediaType
property to images in actor object. - Prevent
delete-extraneous-posts
command from deleting post if there's a recent reply or repost. - Changed max actor image size to 5 MB.
Removed
/api/v1/accounts/move_followers
API endpoint.
Fixed
- Don't ignore
Delete(Person)
verification errors if database error subtype is notNotFound
. - Don't stop activity processing on invalid local mentions.
- Accept actor objects where
attachment
property value is not an array. - Don't download HTML pages attached by GNU Social.
- Ignore
Like()
activity if local post doesn't exist. - Fixed
.well-known
paths returning400 Bad Request
errors.
[1.9.0] - 2023-01-08
Added
- Added
/api/v1/accounts/lookup
Mastodon API endpoint. - Implemented activity delivery queue.
- Started to keep track of unreachable actors.
- Added
configuration
object to response of/api/v1/instance
endpoint. - Save media types of uploaded avatar and banner images.
- Support for
MitraJcsRsaSignature2022
andMitraJcsEip191Signature2022
signature suites.
Changed
- Updated installation instructions, default mitra config and recommended nginx config.
- Limited the number of requests made during the processing of a thread.
- Limited the number of media files that can be attached to a post.
Deprecated
- Deprecated
post_character_limit
property in/api/v1/instance
response. - Avatar and banner uploads without media type via
/api/v1/accounts/update_credentials
. JcsRsaSignature2022
andJcsEip191Signature2022
signature suites.
Removed
- Removed ability to upload non-images using
/api/v1/media
endpoint.
Fixed
- Fixed post and profile page redirections.
- Fixed federation with GNU Social.