commit: 2e6ddc49910419590470902d9c36b84cf5a0b895 parent f2dc706f6f8913e21d2a21e5c6ca4e411afc559a Author: Lain Soykaf <lain@lain.com> Date: Thu, 1 Aug 2024 11:43:44 +0400 Prepare changelogDiffstat:
214 files changed, 153 insertions(+), 173 deletions(-)diff --git a/CHANGELOG.md b/CHANGELOG.md@@ -4,6 +4,159 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## 2.7.0 + +### Security +- HTTP Security: By default, don't allow unsafe-eval. The setting needs to be changed to allow Flash emulation. +- Fix webfinger spoofing. +- Use proper workers for fetching pins instead of an ad-hoc task, fixing a potential fetch loop + +### Changed +- Update to Phoenix 1.7 +- Elixir Logger configuration is now longer permitted through AdminFE and ConfigDB +- Refactor the user backups code and improve test coverage +- Invalid activities delivered to the inbox will be rejected with a 400 Bad Request +- Support Bandit as an alternative to Cowboy for the HTTP server. +- Update Bandit to 1.5.2 +- Replace eblurhash with rinpatch_blurhash. This also removes a dependency on ImageMagick. +- Elixir 1.13 is the minimum required version. +- Document maximum supported version of Erlang & Elixir +- Update and extend NetBSD installation docs +- Make `/api/v1/pleroma/federation_status` publicly available +- Increase outgoing federation parallelism +- Change Hackney connection pool timeouts to align with the values Gun uses +- Transmogrifier: handle non-validate errors on incoming Delete activities +- Remote object fetch failures will prevent the object fetch job from retrying if the object request returns 401, 403, 404, 410, or exceeds the maximum thread depth. +- - Change AccountView `last_status_at` from a datetime to a date (as done in Mastodon 3.1.0) +- Improve error logging when LDAP authentication fails. +- Publisher jobs will not retry if the error received is a 400 +- PollWorker jobs will not retry if the activity no longer exists. +- Improved detecting unrecoverable errors for incoming federation jobs +- Changed some jobs to return :cancel on unrecoverable errors that should not be retried +- Discard Remote Fetcher jobs which errored due to an MRF rejection. +- Oban queues have refactored to simplify the queue design +- Ensure all Oban jobs have timeouts defined +- Optimistic Inbox reduces the processing overhead of incoming activities without instantly verifiable signatures. +- HTTP connection pool adjustments +- Disable jit by default for PostgreSQL +- Update the documentation for configuring Prometheus metrics. +- Change the prometheus library to PromEx. +- Publisher jobs now store the the activity id instead of inserting duplicate JSON data in the Oban queue for each delivery. +- Activity publishing failures will prevent the job from retrying if the publishing request returns a 403 or 410 +- Publisher errors will now emit logs indicating the inbox that was not available for delivery. +- Reduce the reachability timestamp update to a single upsert query +- A 422 error is returned when attempting to reply to a deleted status +- Rich Media backfilling is now an Oban job +- Refactored Rich Media to cache the content in the database. Fetching operations that could block status rendering have been eliminated. +- Set default values on validators for transient objects (attachment, poll options) +- User profile refreshes are now asynchronous +- Change mediaproxy previews to use vips to generate thumbnails instead of ImageMagick +- Render nice web push notifications for polls +- Refactor the Mastodon /api/v1/streaming websocket handler to use Phoenix.Socket.Transport + +### Added +- Uploader: Add support for uploading attachments using IPFS +- Add NSFW-detecting MRF +- Add DNSRBL MRF +- Add options to the mix prune_objects task +- Add Anti-mention Spam MRF backported from Rebased +- HTTPSignaturePlug: Add :authorized_fetch_mode_exceptions configuration +- Support /authorize-interaction route used by Mastodon +- Add an option to reject certain domains when authorized fetch is enabled. +- Include following/followers in backups +- Allow to group bookmarks in folders +- Include image description in status media cards +- Implement `/api/v1/accounts/familiar_followers` +- Add support for configuring favicon, embed favicon and PWA manifest in server-generated meta +- Implement FEP-2c59, add "webfinger" to user actor +- Framegrabs with ffmpeg will execute with a 5 second timeout and cache the URLs of failures with a TTL of 15 minutes to prevent excessive retries. +- Added a Mix task "pleroma.config fix_mrf_policies" which will remove erroneous MRF policies from ConfigDB. +- Add ForceMention MRF +- [docs] add frontends management documentation +- Implement group actors +- Add contact account to InstanceView +- Add instance rules +- Implement /api/v2/instance route +- Verify profile link ownership with rel="me" +- Logger metadata is now attached to some logs to help with troubleshooting and analysis +- Add new parameters to /api/v2/instance: configuration[accounts][max_pinned_statuses] and configuration[statuses][characters_reserved_per_url] +- Add meilisearch, make search engines pluggable +- Add missing indexes on foreign key relationships +- Startup detection for configured MRF modules that are missing or incorrectly defined +- Permit passing --chunk and --step values to the Pleroma.Search.Indexer Mix task +- Deleting, Unfavoriting, Unrepeating, or Unreacting will cancel undelivered publishing jobs for the original activity. +- Oban jobs can now be viewed in the Live Dashboard +- Add media proxy to opengraph rich media cards +- Support for Erlang OTP 26 +- Prioritize mentioned recipients (i.e., those that are not just followers) when federating. +- PromEx documentation +- Expose nonAnonymous field from Smithereen polls +- Add Qdrant/OpenAI embedding search +- Adds the capability to add a URL to a scrobble (optional field) +- scrubbers/default: Add more formatting elements from HTML4 / GoToSocial (acronym, bdo, big, cite, dfn, ins, kbd, q, samp, s, tt, var, wbr) +- Monitoring of search backend health to control the processing of jobs in the search indexing Oban queue +- Display reposted replies with exclude_replies: true +- Add "status" notification type +- Support honk-style attachment summaries as alt-text. + +### Fixed +- Fix Emoji object IDs not always being valid +- Remove checking ImageMagick's commands for Pleroma.Upload.Filter.AnalyzeMetadata +- Ensure that StripLocation actually removes everything resembling GPS data from PNGs +- Fix authentication check on account rendering when bio is defined +- ap userview: add outbox field. +- Fix #strip_report_status_data +- Fix federation with Convergence AP Bridge +- ChatMessage: Tolerate attachment field set to an empty array +- Config: Check the permissions of the linked file instead of the symlink +- MediaProxy was setting the content-length header which is not permitted by RFC9112§6.2 when we are chunking the reply as it conflicts with the existence of the transfer-encoding header. +- Restore Cowboy's ability to stream MediaProxy responses without Chunked encoding. +- Fix the processing of email digest jobs. +- Client application data was always missing from the status +- Elixir 1.15 compatibility +- When downloading remote emojis packs, account for pagination +- Make remote emoji packs API use specifically the V1 URL. Akkoma does not understand it without V1, and it works either way with normal pleroma, so no reason to not do this +- Following HTTP Redirects when the HTTP Adapter is Finch +- Video framegrabs were not working correctly after the change to use Exile to execute ffmpeg +- Deactivated groups would still try to repeat a post. +- Fix logic error in Gun connection pooling which prevented retries even when the worker was launched with retry = true +- Connection pool errors when publishing an activity is a soft-error that will be retried shortly. +- Gun Connection Pool was not retrying to acquire a connection if the pool was full and stale connections were reclaimed +- TwitterAPI: Return proper error when healthcheck is disabled +- Handle cases when users.inbox is nil. +- Fix LDAP support +- Use correct domain for fqn and InstanceView +- The query for marking notifications as read has been simplified +- Mastodon API /api/v1/directory: Fix listing directory contents when not authenticated +- Ensure MediaProxy HTTP requests obey all the defined connection settings +- Fix a memory leak caused by Websocket connections that would not enter a state where a full garbage collection run could be triggered. +- Fix OpenGraph and Twitter metadata providers when parsing objects with no content or summary fields. +- MRF: Log sensible error for subdomains_regex +- MRF.StealEmojiPolicy: Properly add fallback extension to filenames missing one +- Federated timeline removal of hashtags via MRF HashtagPolicy +- Support objects with a null contentMap (firefish) +- Fix notifications query which was not using the index properly +- Notifications: improve performance by filtering on users table instead of activities table +- Prevent Rich Media backfill jobs from retrying in cases where it is likely they will fail again. +- Oban Jobs for refreshing users were not respecting the uniqueness setting +- Fix Optimistic Inbox for failed signatures +- MediaProxy Preview failures prevented when encountering certain video files +- pleroma_ctl: Use realpath(1) instead of readlink(1) +- ReceiverWorker: Make sure non-{:ok, _} is returned as {:error, …} +- Harden Rich Media parsing against very slow or malicious URLs +- Rich Media Preview cache eviction when the activity is updated. +- Parsing of RichMedia TTLs for Amazon URLs when query parameters are nil +- End of poll notifications were not streamed over websockets or web push +- Fix eblurhash and elixir-captcha not using system cflags +- Video thumbnails were not being generated due to a negative cache lookup logic error +- Fix web push notifications not successfully delivering +- Web Push notifications are no longer generated for muted/blocked threads and users. +- Fix validate_webfinger when running a different domain for Webfinger + +### Removed +- Mastodon API: Remove deprecated GET /api/v1/statuses/:id/card endpoint https://github.com/mastodon/mastodon/pull/11213 +- Removed support for multiple federator modules as we only support ActivityPub + ## 2.6.2 ### Securitydiff --git a/changelog.d/2.6.0-mergeback.skip b/changelog.d/2.6.0-mergeback.skipdiff --git a/changelog.d/2.6.1-mergeback.skip b/changelog.d/2.6.1-mergeback.skipdiff --git a/changelog.d/3280-fix-emoji-ids.fix b/changelog.d/3280-fix-emoji-ids.fix@@ -1 +0,0 @@ -Fix Emoji object IDs not always being validdiff --git a/changelog.d/3900.change b/changelog.d/3900.change@@ -1 +0,0 @@ -Update to Phoenix 1.7diff --git a/changelog.d/3904.security b/changelog.d/3904.security@@ -1 +0,0 @@ -HTTP Security: By default, don't allow unsafe-eval. The setting needs to be changed to allow Flash emulation.diff --git a/changelog.d/3907.skip b/changelog.d/3907.skipdiff --git a/changelog.d/3987.fix b/changelog.d/3987.fix@@ -1 +0,0 @@ -Remove checking ImageMagick's commands for Pleroma.Upload.Filter.AnalyzeMetadatadiff --git a/changelog.d/4167-strip-gps-info-in-png.fix b/changelog.d/4167-strip-gps-info-in-png.fix@@ -1 +0,0 @@ -Ensure that StripLocation actually removes everything resembling GPS data from PNGsdiff --git a/changelog.d/account-rendering-auth-check.fix b/changelog.d/account-rendering-auth-check.fix@@ -1 +0,0 @@ -Fix authentication check on account rendering when bio is defineddiff --git a/changelog.d/add-ipfs-upload.add b/changelog.d/add-ipfs-upload.add@@ -1 +0,0 @@ -Uploader: Add support for uploading attachments using IPFSdiff --git a/changelog.d/add-nsfw-mrf.add b/changelog.d/add-nsfw-mrf.add@@ -1 +0,0 @@ -Add NSFW-detecting MRFdiff --git a/changelog.d/add-outbox.fix b/changelog.d/add-outbox.fix@@ -1 +0,0 @@ -ap userview: add outbox field.diff --git a/changelog.d/add-rbl-mrf.add b/changelog.d/add-rbl-mrf.add@@ -1 +0,0 @@ -Add DNSRBL MRFdiff --git a/changelog.d/adminfe-logger.change b/changelog.d/adminfe-logger.change@@ -1 +0,0 @@ -Elixir Logger configuration is now longer permitted through AdminFE and ConfigDBdiff --git a/changelog.d/akkoma-prune-options.add b/changelog.d/akkoma-prune-options.add@@ -1 +0,0 @@ -Add options to the mix prune_objects taskdiff --git a/changelog.d/anonymous-exception-else.fix b/changelog.d/anonymous-exception-else.fix@@ -1 +0,0 @@ -Fix #strip_report_status_datadiff --git a/changelog.d/anti-mentionspam-mrf.add b/changelog.d/anti-mentionspam-mrf.add@@ -1 +0,0 @@ -Add Anti-mention Spam MRF backported from Rebaseddiff --git a/changelog.d/api-docs-2.skip b/changelog.d/api-docs-2.skipdiff --git a/changelog.d/api-docs.skip b/changelog.d/api-docs.skipdiff --git a/changelog.d/atom-leak.skip b/changelog.d/atom-leak.skipdiff --git a/changelog.d/auth-fetch-exception.add b/changelog.d/auth-fetch-exception.add@@ -1 +0,0 @@ -HTTPSignaturePlug: Add :authorized_fetch_mode_exceptions configuration -\ No newline at end of filediff --git a/changelog.d/authorize-interaction.add b/changelog.d/authorize-interaction.add@@ -1 +0,0 @@ -Support /authorize-interaction route used by Mastodon -\ No newline at end of filediff --git a/changelog.d/authorized-fetch-rejections.add b/changelog.d/authorized-fetch-rejections.add@@ -1 +0,0 @@ -Add an option to reject certain domains when authorized fetch is enabled.diff --git a/changelog.d/backups-follows.add b/changelog.d/backups-follows.add@@ -1 +0,0 @@ -Include following/followers in backups -\ No newline at end of filediff --git a/changelog.d/backups-refactor.change b/changelog.d/backups-refactor.change@@ -1 +0,0 @@ -Refactor the user backups code and improve test coveragediff --git a/changelog.d/bad_inbox_request.change b/changelog.d/bad_inbox_request.change@@ -1 +0,0 @@ -Invalid activities delivered to the inbox will be rejected with a 400 Bad Requestdiff --git a/changelog.d/bandit.change b/changelog.d/bandit.change@@ -1 +0,0 @@ -Support Bandit as an alternative to Cowboy for the HTTP server.diff --git a/changelog.d/bandit_update_1.5.2.change b/changelog.d/bandit_update_1.5.2.change@@ -1 +0,0 @@ -Update Bandit to 1.5.2diff --git a/changelog.d/bare_uri_test.skip b/changelog.d/bare_uri_test.skipdiff --git a/changelog.d/benchee.skip b/changelog.d/benchee.skipdiff --git a/changelog.d/blurhash.change b/changelog.d/blurhash.change@@ -1 +0,0 @@ -Replace eblurhash with rinpatch_blurhash. This also removes a dependency on ImageMagick.diff --git a/changelog.d/bookmark-folders.add b/changelog.d/bookmark-folders.add@@ -1 +0,0 @@ -Allow to group bookmarks in folders -\ No newline at end of filediff --git a/changelog.d/bookmark-folders.skip b/changelog.d/bookmark-folders.skipdiff --git a/changelog.d/bugfix-ccworks.fix b/changelog.d/bugfix-ccworks.fix@@ -1 +0,0 @@ -Fix federation with Convergence AP Bridge -\ No newline at end of filediff --git a/changelog.d/build-release-with-local-libvips.skip b/changelog.d/build-release-with-local-libvips.skipdiff --git a/changelog.d/bump-elixir.change b/changelog.d/bump-elixir.change@@ -1 +0,0 @@ -Elixir 1.13 is the minimum required version.diff --git a/changelog.d/card-endpoint.remove b/changelog.d/card-endpoint.remove@@ -1 +0,0 @@ -Mastodon API: Remove deprecated GET /api/v1/statuses/:id/card endpoint https://github.com/mastodon/mastodon/pull/11213diff --git a/changelog.d/card-image-description.add b/changelog.d/card-image-description.add@@ -1 +0,0 @@ -Include image description in status media cards -\ No newline at end of filediff --git a/changelog.d/chat-attachment-empty-array.fix b/changelog.d/chat-attachment-empty-array.fix@@ -1 +0,0 @@ -ChatMessage: Tolerate attachment field set to an empty arraydiff --git a/changelog.d/ci-cache.skip b/changelog.d/ci-cache.skipdiff --git a/changelog.d/ci-elixir-1.16.skip b/changelog.d/ci-elixir-1.16.skipdiff --git a/changelog.d/ci-elixir-1.17.skip b/changelog.d/ci-elixir-1.17.skipdiff --git a/changelog.d/ci-erratic.skip b/changelog.d/ci-erratic.skipdiff --git a/changelog.d/ci-otp-update.skip b/changelog.d/ci-otp-update.skipdiff --git a/changelog.d/cleanup.skip b/changelog.d/cleanup.skipdiff --git a/changelog.d/commonapi-reordering.skip b/changelog.d/commonapi-reordering.skipdiff --git a/changelog.d/config-stat-symlink.fix b/changelog.d/config-stat-symlink.fix@@ -1 +0,0 @@ -- Config: Check the permissions of the linked file instead of the symlinkdiff --git a/changelog.d/content-length.fix b/changelog.d/content-length.fix@@ -1 +0,0 @@ -MediaProxy was setting the content-length header which is not permitted by RFC9112§6.2 when we are chunking the reply as it conflicts with the existence of the transfer-encoding header.diff --git a/changelog.d/cowboy-stream-chunked.fix b/changelog.d/cowboy-stream-chunked.fix@@ -1 +0,0 @@ -Restore Cowboy's ability to stream MediaProxy responses without Chunked encoding.diff --git a/changelog.d/debug-logs.skip b/changelog.d/debug-logs.skipdiff --git a/changelog.d/deprecations.skip b/changelog.d/deprecations.skip@@ -1 +0,0 @@ -diff --git a/changelog.d/deprecations2.skip b/changelog.d/deprecations2.skipdiff --git a/changelog.d/deps-bump-2024-01-25.skip b/changelog.d/deps-bump-2024-01-25.skipdiff --git a/changelog.d/deps-bump-2024-06-07.skip b/changelog.d/deps-bump-2024-06-07.skip@@ -1,2 +0,0 @@ -Update dependencies held back due to old Elixir version -diff --git a/changelog.d/deps-poison-test-only.skip b/changelog.d/deps-poison-test-only.skipdiff --git a/changelog.d/description-meilisearch-type.skip b/changelog.d/description-meilisearch-type.skipdiff --git a/changelog.d/dialyzer.skip b/changelog.d/dialyzer.skipdiff --git a/changelog.d/dialyzer2.skip b/changelog.d/dialyzer2.skipdiff --git a/changelog.d/dialyzer3.skip b/changelog.d/dialyzer3.skipdiff --git a/changelog.d/dialyzer4.skip b/changelog.d/dialyzer4.skipdiff --git a/changelog.d/dialyzer5.skip b/changelog.d/dialyzer5.skipdiff --git a/changelog.d/digest_emails.fix b/changelog.d/digest_emails.fix@@ -1 +0,0 @@ -Fix the processing of email digest jobs.diff --git a/changelog.d/disclose_client.fix b/changelog.d/disclose_client.fix@@ -1 +0,0 @@ -Client application data was always missing from the statusdiff --git a/changelog.d/doc-fix.skip b/changelog.d/doc-fix.skipdiff --git a/changelog.d/docs-max-elixir-erlang.change b/changelog.d/docs-max-elixir-erlang.change@@ -1 +0,0 @@ -- Document maximum supported version of Erlang & Elixirdiff --git a/changelog.d/docs-netbsd-update.change b/changelog.d/docs-netbsd-update.change@@ -1 +0,0 @@ -Update and extend NetBSD installation docsdiff --git a/changelog.d/elixir-1.15.fix b/changelog.d/elixir-1.15.fix@@ -1 +0,0 @@ -Elixir 1.15 compatibilitydiff --git a/changelog.d/emoji-download-paginate.fix b/changelog.d/emoji-download-paginate.fix@@ -1 +0,0 @@ -When downloading remote emojis packs, account for pagination -\ No newline at end of filediff --git a/changelog.d/emoji-use-v1.fix b/changelog.d/emoji-use-v1.fix@@ -1 +0,0 @@ -Make remote emoji packs API use specifically the V1 URL. Akkoma does not understand it without V1, and it works either way with normal pleroma, so no reason to not do this -\ No newline at end of filediff --git a/changelog.d/exile-bsds.skip b/changelog.d/exile-bsds.skipdiff --git a/changelog.d/exile-freebsd.skip b/changelog.d/exile-freebsd.skipdiff --git a/changelog.d/exile-macos.skip b/changelog.d/exile-macos.skipdiff --git a/changelog.d/exile.skip b/changelog.d/exile.skipdiff --git a/changelog.d/familiar-followers.add b/changelog.d/familiar-followers.add@@ -1 +0,0 @@ -Implement `/api/v1/accounts/familiar_followers` -\ No newline at end of filediff --git a/changelog.d/favicon.add b/changelog.d/favicon.add@@ -1 +0,0 @@ -Add support for configuring favicon, embed favicon and PWA manifest in server-generated metadiff --git a/changelog.d/federation_status-access.change b/changelog.d/federation_status-access.change@@ -1 +0,0 @@ -- Make `/api/v1/pleroma/federation_status` publicly availablediff --git a/changelog.d/federator-modules.remove b/changelog.d/federator-modules.remove@@ -1 +0,0 @@ -Removed support for multiple federator modules as we only support ActivityPubdiff --git a/changelog.d/federator.skip b/changelog.d/federator.skipdiff --git a/changelog.d/federator_outgoing_increase.change b/changelog.d/federator_outgoing_increase.change@@ -1 +0,0 @@ -Increase outgoing federation parallelismdiff --git a/changelog.d/fep-2c59.add b/changelog.d/fep-2c59.add@@ -1 +0,0 @@ -Implement FEP-2c59, add "webfinger" to user actor -\ No newline at end of filediff --git a/changelog.d/ffmpeg-limiter.add b/changelog.d/ffmpeg-limiter.add@@ -1 +0,0 @@ -Framegrabs with ffmpeg will execute with a 5 second timeout and cache the URLs of failures with a TTL of 15 minutes to prevent excessive retries.diff --git a/changelog.d/finch_redirects.fix b/changelog.d/finch_redirects.fix@@ -1 +0,0 @@ -Following HTTP Redirects when the HTTP Adapter is Finchdiff --git a/changelog.d/fix-bookmark-folder-tests.skip b/changelog.d/fix-bookmark-folder-tests.skipdiff --git a/changelog.d/fix-dockerfile.skip b/changelog.d/fix-dockerfile.skipdiff --git a/changelog.d/fix-duplicate-inbox-deliveries.fix b/changelog.d/fix-duplicate-inbox-deliveries.fixdiff --git a/changelog.d/fix-migration.skip b/changelog.d/fix-migration.skipdiff --git a/changelog.d/fix-mrfs.add b/changelog.d/fix-mrfs.add@@ -1 +0,0 @@ -Added a Mix task "pleroma.config fix_mrf_policies" which will remove erroneous MRF policies from ConfigDB.diff --git a/changelog.d/fix-otp-comparison.skip b/changelog.d/fix-otp-comparison.skipdiff --git a/changelog.d/fix-tests.skip b/changelog.d/fix-tests.skipdiff --git a/changelog.d/fix-webfinger-spoofing.security b/changelog.d/fix-webfinger-spoofing.security@@ -1 +0,0 @@ -Fix webfinger spoofing.diff --git a/changelog.d/force-mention-mrf.add b/changelog.d/force-mention-mrf.add@@ -1 +0,0 @@ -Add ForceMention MRF -\ No newline at end of filediff --git a/changelog.d/framegrabs.fix b/changelog.d/framegrabs.fix@@ -1 +0,0 @@ -Video framegrabs were not working correctly after the change to use Exile to execute ffmpegdiff --git a/changelog.d/frontend-management.add b/changelog.d/frontend-management.add@@ -1 +0,0 @@ -[docs] add frontends management documentationdiff --git a/changelog.d/generate-unset-user-keys-migration.skip b/changelog.d/generate-unset-user-keys-migration.skipdiff --git a/changelog.d/group-actor.add b/changelog.d/group-actor.add@@ -1 +0,0 @@ -Implement group actorsdiff --git a/changelog.d/group-repeats.fix b/changelog.d/group-repeats.fix@@ -1 +0,0 @@ -Deactivated groups would still try to repeat a post.diff --git a/changelog.d/gun-logs-debug.skip b/changelog.d/gun-logs-debug.skipdiff --git a/changelog.d/gun-logs.skip b/changelog.d/gun-logs.skipdiff --git a/changelog.d/gun_pool.fix b/changelog.d/gun_pool.fix@@ -1 +0,0 @@ -Fix logic error in Gun connection pooling which prevented retries even when the worker was launched with retry = truediff --git a/changelog.d/gun_pool2.fix b/changelog.d/gun_pool2.fix@@ -1 +0,0 @@ -Connection pool errors when publishing an activity is a soft-error that will be retried shortly.diff --git a/changelog.d/gun_pool3.skip b/changelog.d/gun_pool3.skipdiff --git a/changelog.d/gun_pool4.fix b/changelog.d/gun_pool4.fix@@ -1 +0,0 @@ -Gun Connection Pool was not retrying to acquire a connection if the pool was full and stale connections were reclaimeddiff --git a/changelog.d/hackney-pool-timeouts.change b/changelog.d/hackney-pool-timeouts.change@@ -1 +0,0 @@ -Change Hackney connection pool timeouts to align with the values Gun usesdiff --git a/changelog.d/handle-non-validate-delete-errors.change b/changelog.d/handle-non-validate-delete-errors.change@@ -1 +0,0 @@ -Transmogrifier: handle non-validate errors on incoming Delete activitiesdiff --git a/changelog.d/handle_object_fetch_failures.change b/changelog.d/handle_object_fetch_failures.change@@ -1 +0,0 @@ -Remote object fetch failures will prevent the object fetch job from retrying if the object request returns 401, 403, 404, 410, or exceeds the maximum thread depth.diff --git a/changelog.d/healthcheck-disabled-error.fix b/changelog.d/healthcheck-disabled-error.fix@@ -1 +0,0 @@ -TwitterAPI: Return proper error when healthcheck is disableddiff --git a/changelog.d/ingestion-queue.skip b/changelog.d/ingestion-queue.skipdiff --git a/changelog.d/instance-contact-account.add b/changelog.d/instance-contact-account.add@@ -1 +0,0 @@ -Add contact account to InstanceView -\ No newline at end of filediff --git a/changelog.d/instance-defdelegates.skip b/changelog.d/instance-defdelegates.skipdiff --git a/changelog.d/instance-rules.add b/changelog.d/instance-rules.add@@ -1 +0,0 @@ -Add instance rules -\ No newline at end of filediff --git a/changelog.d/instance-v2.add b/changelog.d/instance-v2.add@@ -1 +0,0 @@ -Implement /api/v2/instance route -\ No newline at end of filediff --git a/changelog.d/instance-v2.skip b/changelog.d/instance-v2.skipdiff --git a/changelog.d/ipfs-dialyzer.skip b/changelog.d/ipfs-dialyzer.skip@@ -1 +0,0 @@ -no commentdiff --git a/changelog.d/issue-3241.fix b/changelog.d/issue-3241.fix@@ -1 +0,0 @@ -Handle cases when users.inbox is nil.diff --git a/changelog.d/last_status_at.change b/changelog.d/last_status_at.change@@ -1 +0,0 @@ -- Change AccountView `last_status_at` from a datetime to a date (as done in Mastodon 3.1.0) -\ No newline at end of filediff --git a/changelog.d/ldap-error-logging.change b/changelog.d/ldap-error-logging.change@@ -1 +0,0 @@ -Improve error logging when LDAP authentication fails.diff --git a/changelog.d/ldap.fix b/changelog.d/ldap.fix@@ -1 +0,0 @@ -Fix LDAP supportdiff --git a/changelog.d/link-verification.add b/changelog.d/link-verification.add@@ -1 +0,0 @@ -Verify profile link ownership with rel="me" -\ No newline at end of filediff --git a/changelog.d/loading-order-test-fix.skip b/changelog.d/loading-order-test-fix.skipdiff --git a/changelog.d/local-webfinger.fix b/changelog.d/local-webfinger.fix@@ -1 +0,0 @@ -Use correct domain for fqn and InstanceView -\ No newline at end of filediff --git a/changelog.d/logger-metadata.add b/changelog.d/logger-metadata.add@@ -1 +0,0 @@ -Logger metadata is now attached to some logs to help with troubleshooting and analysisdiff --git a/changelog.d/mark-read.fix b/changelog.d/mark-read.fix@@ -1 +0,0 @@ -The query for marking notifications as read has been simplifieddiff --git a/changelog.d/mastodon_api_v2.add b/changelog.d/mastodon_api_v2.add@@ -1 +0,0 @@ -Add new parameters to /api/v2/instance: configuration[accounts][max_pinned_statuses] and configuration[statuses][characters_reserved_per_url]diff --git a/changelog.d/mastodon_directory.fix b/changelog.d/mastodon_directory.fix@@ -1 +0,0 @@ -Mastodon API /api/v1/directory: Fix listing directory contents when not authenticateddiff --git a/changelog.d/mediaproxy-http.fix b/changelog.d/mediaproxy-http.fix@@ -1 +0,0 @@ -Ensure MediaProxy HTTP requests obey all the defined connection settingsdiff --git a/changelog.d/meilisearch.add b/changelog.d/meilisearch.add@@ -1 +0,0 @@ -Add meilisearch, make search engines pluggablediff --git a/changelog.d/memleak.fix b/changelog.d/memleak.fix@@ -1 +0,0 @@ -Fix a memory leak caused by Websocket connections that would not enter a state where a full garbage collection run could be triggered.diff --git a/changelog.d/mergeback-2.6.2.skip b/changelog.d/mergeback-2.6.2.skipdiff --git a/changelog.d/metadata-provider-empty-post.fix b/changelog.d/metadata-provider-empty-post.fix@@ -1 +0,0 @@ -Fix OpenGraph and Twitter metadata providers when parsing objects with no content or summary fields.diff --git a/changelog.d/migration-fix.skip b/changelog.d/migration-fix.skip@@ -1 +0,0 @@ -diff --git a/changelog.d/missing-fks.add b/changelog.d/missing-fks.add@@ -1 +0,0 @@ -Add missing indexes on foreign key relationshipsdiff --git a/changelog.d/missing-mrfs.add b/changelog.d/missing-mrfs.add@@ -1 +0,0 @@ -Startup detection for configured MRF modules that are missing or incorrectly defineddiff --git a/changelog.d/mix-indexer.add b/changelog.d/mix-indexer.add@@ -1 +0,0 @@ -Permit passing --chunk and --step values to the Pleroma.Search.Indexer Mix taskdiff --git a/changelog.d/mrf-nsfw-otp25.skip b/changelog.d/mrf-nsfw-otp25.skip@@ -1 +0,0 @@ -noopdiff --git a/changelog.d/mrf-regex-error.fix b/changelog.d/mrf-regex-error.fix@@ -1 +0,0 @@ -MRF: Log sensible error for subdomains_regexdiff --git a/changelog.d/mrf-steal-emoji-extname.fix b/changelog.d/mrf-steal-emoji-extname.fix@@ -1 +0,0 @@ -MRF.StealEmojiPolicy: Properly add fallback extension to filenames missing onediff --git a/changelog.d/mrf_hashtags.fix b/changelog.d/mrf_hashtags.fix@@ -1 +0,0 @@ -Federated timeline removal of hashtags via MRF HashtagPolicydiff --git a/changelog.d/nil-content-map.fix b/changelog.d/nil-content-map.fix@@ -1 +0,0 @@ -Support objects with a null contentMap (firefish)diff --git a/changelog.d/no-async-with-clear-config.skip b/changelog.d/no-async-with-clear-config.skipdiff --git a/changelog.d/notification-spex.skip b/changelog.d/notification-spex.skipdiff --git a/changelog.d/notifications-index.fix b/changelog.d/notifications-index.fix@@ -1 +0,0 @@ -Fix notifications query which was not using the index properlydiff --git a/changelog.d/notifications.fix b/changelog.d/notifications.fix@@ -1 +0,0 @@ -Notifications: improve performance by filtering on users table instead of activities table -\ No newline at end of filediff --git a/changelog.d/oauth-nickname.skip b/changelog.d/oauth-nickname.skip@@ -1 +0,0 @@ -Use User.full_nickname/1 in oauth html template -\ No newline at end of filediff --git a/changelog.d/oban-cancel-badreq.change b/changelog.d/oban-cancel-badreq.change@@ -1 +0,0 @@ -Publisher jobs will not retry if the error received is a 400diff --git a/changelog.d/oban-cancel-federation.add b/changelog.d/oban-cancel-federation.add@@ -1 +0,0 @@ -Deleting, Unfavoriting, Unrepeating, or Unreacting will cancel undelivered publishing jobs for the original activity.diff --git a/changelog.d/oban-cancel-poll-result.change b/changelog.d/oban-cancel-poll-result.change@@ -1 +0,0 @@ -PollWorker jobs will not retry if the activity no longer exists.diff --git a/changelog.d/oban-cancel-receiverworker.change b/changelog.d/oban-cancel-receiverworker.change@@ -1 +0,0 @@ -Improved detecting unrecoverable errors for incoming federation jobsdiff --git a/changelog.d/oban-cancel.change b/changelog.d/oban-cancel.change@@ -1 +0,0 @@ -Changed some jobs to return :cancel on unrecoverable errors that should not be retrieddiff --git a/changelog.d/oban-deprecated-discards.skip b/changelog.d/oban-deprecated-discards.skipdiff --git a/changelog.d/oban-fetcher-rejected.change b/changelog.d/oban-fetcher-rejected.change@@ -1 +0,0 @@ -Discard Remote Fetcher jobs which errored due to an MRF rejection.diff --git a/changelog.d/oban-live_dashboard.add b/changelog.d/oban-live_dashboard.add@@ -1 +0,0 @@ -Oban jobs can now be viewed in the Live Dashboarddiff --git a/changelog.d/oban-queues.change b/changelog.d/oban-queues.change@@ -1 +0,0 @@ -Oban queues have refactored to simplify the queue designdiff --git a/changelog.d/oban-rich-media-errors.fix b/changelog.d/oban-rich-media-errors.fix@@ -1 +0,0 @@ -Prevent Rich Media backfill jobs from retrying in cases where it is likely they will fail again.diff --git a/changelog.d/oban-timeouts.change b/changelog.d/oban-timeouts.change@@ -1 +0,0 @@ -Ensure all Oban jobs have timeouts defineddiff --git a/changelog.d/oban-timeouts.skip b/changelog.d/oban-timeouts.skipdiff --git a/changelog.d/oban-transmogrifier.skip b/changelog.d/oban-transmogrifier.skipdiff --git a/changelog.d/oban-user-refresh-unique.fix b/changelog.d/oban-user-refresh-unique.fix@@ -1 +0,0 @@ -Oban Jobs for refreshing users were not respecting the uniqueness settingdiff --git a/changelog.d/opengraph-rich-media-proxy.add b/changelog.d/opengraph-rich-media-proxy.add@@ -1 +0,0 @@ -Add media proxy to opengraph rich media cardsdiff --git a/changelog.d/optimistic-inbox-sigs.fix b/changelog.d/optimistic-inbox-sigs.fix@@ -1 +0,0 @@ -Fix Optimistic Inbox for failed signaturesdiff --git a/changelog.d/optimistic-inbox.change b/changelog.d/optimistic-inbox.change@@ -1 +0,0 @@ -Optimistic Inbox reduces the processing overhead of incoming activities without instantly verifiable signatures.diff --git a/changelog.d/otp26.add b/changelog.d/otp26.add@@ -1 +0,0 @@ -Support for Erlang OTP 26diff --git a/changelog.d/pinned-collection-fetch.security b/changelog.d/pinned-collection-fetch.security@@ -1 +0,0 @@ -Use proper workers for fetching pins instead of an ad-hoc task, fixing a potential fetch loopdiff --git a/changelog.d/pools.change b/changelog.d/pools.change@@ -1 +0,0 @@ -HTTP connection pool adjustmentsdiff --git a/changelog.d/postgres-jit.change b/changelog.d/postgres-jit.change@@ -1 +0,0 @@ -Disable jit by default for PostgreSQLdiff --git a/changelog.d/prioritize-direct-recipients.add b/changelog.d/prioritize-direct-recipients.add@@ -1 +0,0 @@ -- Prioritize mentioned recipients (i.e., those that are not just followers) when federating.diff --git a/changelog.d/prometheus-docs.change b/changelog.d/prometheus-docs.change@@ -1 +0,0 @@ -Update the documentation for configuring Prometheus metrics.diff --git a/changelog.d/promex.change b/changelog.d/promex.change@@ -1 +0,0 @@ -Change the prometheus library to PromEx.diff --git a/changelog.d/promexdocs.add b/changelog.d/promexdocs.add@@ -1 +0,0 @@ -PromEx documentationdiff --git a/changelog.d/public-polls.add b/changelog.d/public-polls.add@@ -1 +0,0 @@ -Expose nonAnonymous field from Smithereen polls -\ No newline at end of filediff --git a/changelog.d/publisher.change b/changelog.d/publisher.change@@ -1 +0,0 @@ -Publisher jobs now store the the activity id instead of inserting duplicate JSON data in the Oban queue for each delivery.diff --git a/changelog.d/publisher_discard.change b/changelog.d/publisher_discard.change@@ -1 +0,0 @@ -Activity publishing failures will prevent the job from retrying if the publishing request returns a 403 or 410diff --git a/changelog.d/publisher_log.change b/changelog.d/publisher_log.change@@ -1 +0,0 @@ -Publisher errors will now emit logs indicating the inbox that was not available for delivery.diff --git a/changelog.d/qdrant_search.add b/changelog.d/qdrant_search.add@@ -1 +0,0 @@ -Add Qdrant/OpenAI embedding searchdiff --git a/changelog.d/qtfaststart.fix b/changelog.d/qtfaststart.fix@@ -1 +0,0 @@ -MediaProxy Preview failures prevented when encountering certain video filesdiff --git a/changelog.d/quotes-count.skip b/changelog.d/quotes-count.skipdiff --git a/changelog.d/reachability.change b/changelog.d/reachability.change@@ -1 +0,0 @@ -Reduce the reachability timestamp update to a single upsert querydiff --git a/changelog.d/realpath-over-readlink.fix b/changelog.d/realpath-over-readlink.fix@@ -1 +0,0 @@ -pleroma_ctl: Use realpath(1) instead of readlink(1)diff --git a/changelog.d/receiverworker-error-handling.fix b/changelog.d/receiverworker-error-handling.fix@@ -1 +0,0 @@ -ReceiverWorker: Make sure non-{:ok, _} is returned as {:error, …} -\ No newline at end of filediff --git a/changelog.d/remote-fetcher-error.skip b/changelog.d/remote-fetcher-error.skipdiff --git a/changelog.d/reply-to-deleted.change b/changelog.d/reply-to-deleted.change@@ -1 +0,0 @@ -A 422 error is returned when attempting to reply to a deleted statusdiff --git a/changelog.d/rich-media-hardening.fix b/changelog.d/rich-media-hardening.fix@@ -1 +0,0 @@ -Harden Rich Media parsing against very slow or malicious URLsdiff --git a/changelog.d/rich_media.fix b/changelog.d/rich_media.fix@@ -1 +0,0 @@ -Rich Media Preview cache eviction when the activity is updated.diff --git a/changelog.d/rich_media_backfill.change b/changelog.d/rich_media_backfill.change@@ -1 +0,0 @@ -Rich Media backfilling is now an Oban jobdiff --git a/changelog.d/rich_media_config.skip b/changelog.d/rich_media_config.skipdiff --git a/changelog.d/rich_media_oban.skip b/changelog.d/rich_media_oban.skipdiff --git a/changelog.d/rich_media_refactor.change b/changelog.d/rich_media_refactor.change@@ -1 +0,0 @@ -Refactored Rich Media to cache the content in the database. Fetching operations that could block status rendering have been eliminated.diff --git a/changelog.d/rich_media_stream_test.skip b/changelog.d/rich_media_stream_test.skipdiff --git a/changelog.d/rich_media_tests.skip b/changelog.d/rich_media_tests.skipdiff --git a/changelog.d/richmediattl.fix b/changelog.d/richmediattl.fix@@ -1 +0,0 @@ -Parsing of RichMedia TTLs for Amazon URLs when query parameters are nildiff --git a/changelog.d/scrobble-url.add b/changelog.d/scrobble-url.add@@ -1 +0,0 @@ -Adds the capability to add a URL to a scrobble (optional field)diff --git a/changelog.d/scrubbers-html4-GtS.add b/changelog.d/scrubbers-html4-GtS.add@@ -1 +0,0 @@ -- scrubbers/default: Add more formatting elements from HTML4 / GoToSocial (acronym, bdo, big, cite, dfn, ins, kbd, q, samp, s, tt, var, wbr)diff --git a/changelog.d/search-healthcheck.add b/changelog.d/search-healthcheck.add@@ -1 +0,0 @@ -Monitoring of search backend health to control the processing of jobs in the search indexing Oban queuediff --git a/changelog.d/show-reposter-replies.add b/changelog.d/show-reposter-replies.add@@ -1 +0,0 @@ -Display reposted replies with exclude_replies: true -\ No newline at end of filediff --git a/changelog.d/spex-error-log.skip b/changelog.d/spex-error-log.skipdiff --git a/changelog.d/status-notification-type.add b/changelog.d/status-notification-type.add@@ -1 +0,0 @@ -Add "status" notification type -\ No newline at end of filediff --git a/changelog.d/stream-end-poll.fix b/changelog.d/stream-end-poll.fix@@ -1 +0,0 @@ -End of poll notifications were not streamed over websockets or web pushdiff --git a/changelog.d/support-honk-image-summaries.add b/changelog.d/support-honk-image-summaries.add@@ -1 +0,0 @@ -Support honk-style attachment summaries as alt-text.diff --git a/changelog.d/system-cflags.fix b/changelog.d/system-cflags.fix@@ -1 +0,0 @@ -- Fix eblurhash and elixir-captcha not using system cflagsdiff --git a/changelog.d/tesla.deps b/changelog.d/tesla.deps@@ -1 +0,0 @@ -Update Tesla HTTP client middleware to 1.8.0diff --git a/changelog.d/test-improvements.skip b/changelog.d/test-improvements.skipdiff --git a/changelog.d/testsecrets.skip b/changelog.d/testsecrets.skipdiff --git a/changelog.d/transient-validators-defaults.change b/changelog.d/transient-validators-defaults.change@@ -1 +0,0 @@ -Set default values on validators for transient objects (attachment, poll options)diff --git a/changelog.d/typo.skip b/changelog.d/typo.skipdiff --git a/changelog.d/user-refresh-rework.skip b/changelog.d/user-refresh-rework.skipdiff --git a/changelog.d/user-refresh.change b/changelog.d/user-refresh.change@@ -1 +0,0 @@ -User profile refreshes are now asynchronousdiff --git a/changelog.d/video-thumbs.fix b/changelog.d/video-thumbs.fix@@ -1 +0,0 @@ -Video thumbnails were not being generated due to a negative cache lookup logic errordiff --git a/changelog.d/vips.change b/changelog.d/vips.change@@ -1 +0,0 @@ -Change mediaproxy previews to use vips to generate thumbnails instead of ImageMagickdiff --git a/changelog.d/web_push.fix b/changelog.d/web_push.fix@@ -1 +0,0 @@ -Fix web push notifications not successfully deliveringdiff --git a/changelog.d/web_push_actor_regression.skip b/changelog.d/web_push_actor_regression.skipdiff --git a/changelog.d/web_push_filtered.fix b/changelog.d/web_push_filtered.fix@@ -1 +0,0 @@ -Web Push notifications are no longer generated for muted/blocked threads and users.diff --git a/changelog.d/webfinger-validation.fix b/changelog.d/webfinger-validation.fix@@ -1 +0,0 @@ -Fix validate_webfinger when running a different domain for Webfinger -\ No newline at end of filediff --git a/changelog.d/webpush-polls.change b/changelog.d/webpush-polls.change@@ -1 +0,0 @@ -Render nice web push notifications for pollsdiff --git a/changelog.d/websocket-refactor.change b/changelog.d/websocket-refactor.change@@ -1 +0,0 @@ -Refactor the Mastodon /api/v1/streaming websocket handler to use Phoenix.Socket.Transport