Releases: kitsune-soc/kitsune
v0.0.1-pre.6
kitsune 0.0.1-pre.6
Another small release to kinda hit the 2-3 months release cycle.
Also because I'd forget too much if I didn't do this.
Notable changes
- Kitsune now runs on stable Rust again
- HTTP digest is now verified for inboxes
- Database connections can now be TLS encrypted
- It is now a configuration option to switch between language detection backends
- Kitsune is now licensed under the AGPL-v3
- Kitsune now has support for alpha-stage WASM MRFs
- Kitsune now deserializes more types of valid ActivityPub objects and activities through custom
serde
helpers (thanks @tesaguri)
Install kitsune 0.0.1-pre.6
Install prebuilt binaries via powershell script
powershell -c "irm https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.6/kitsune-installer.ps1 | iex"
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.6/kitsune-installer.sh | sh
Download kitsune 0.0.1-pre.6
File | Platform | Checksum |
---|---|---|
kitsune-aarch64-apple-darwin.tar.xz | Apple Silicon macOS | checksum |
kitsune-x86_64-apple-darwin.tar.xz | Intel macOS | checksum |
kitsune-x86_64-pc-windows-msvc.zip | x64 Windows | checksum |
kitsune-x86_64-unknown-linux-gnu.tar.xz | x64 Linux | checksum |
kitsune-job-runner 0.0.1-pre.6
Install kitsune-job-runner 0.0.1-pre.6
Install prebuilt binaries via powershell script
powershell -c "irm https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.6/kitsune-job-runner-installer.ps1 | iex"
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.6/kitsune-job-runner-installer.sh | sh
Download kitsune-job-runner 0.0.1-pre.6
File | Platform | Checksum |
---|---|---|
kitsune-job-runner-aarch64-apple-darwin.tar.xz | Apple Silicon macOS | checksum |
kitsune-job-runner-x86_64-apple-darwin.tar.xz | Intel macOS | checksum |
kitsune-job-runner-x86_64-pc-windows-msvc.zip | x64 Windows | checksum |
kitsune-job-runner-x86_64-unknown-linux-gnu.tar.xz | x64 Linux | checksum |
kitsune-cli 0.0.1-pre.6
Install kitsune-cli 0.0.1-pre.6
Install prebuilt binaries via powershell script
powershell -c "irm https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.6/kitsune-cli-installer.ps1 | iex"
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.6/kitsune-cli-installer.sh | sh
Download kitsune-cli 0.0.1-pre.6
File | Platform | Checksum |
---|---|---|
kitsune-cli-aarch64-apple-darwin.tar.xz | Apple Silicon macOS | checksum |
kitsune-cli-x86_64-apple-darwin.tar.xz | Intel macOS | checksum |
kitsune-cli-x86_64-pc-windows-msvc.zip | x64 Windows | checksum |
kitsune-cli-x86_64-unknown-linux-gnu.tar.xz | x64 Linux | checksum |
mrf-tool 0.0.1-pre.6
Install mrf-tool 0.0.1-pre.6
Install prebuilt binaries via powershell script
powershell -c "irm https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.6/mrf-tool-installer.ps1 | iex"
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.6/mrf-tool-installer.sh | sh
Download mrf-tool 0.0.1-pre.6
File | Platform | Checksum |
---|---|---|
mrf-tool-aarch64-apple-darwin.tar.xz | Apple Silicon macOS | checksum |
mrf-tool-x86_64-apple-darwin.tar.xz | Intel macOS | checksum |
mrf-tool-x86_64-pc-windows-msvc.zip | x64 Windows | checksum |
mrf-tool-x86_64-unknown-linux-gnu.tar.xz | x64 Linux | checksum |
What's Changed
- Verify HTTP digest for inbox in a streaming fashion by @aumetra in #466
- Update dependencies by @aumetra in #471
- Bump vite from 5.0.11 to 5.0.12 in /kitsune-fe by @dependabot in #472
- Revert back to Rust stable by @aumetra in #473
- Add ability to connect to database with TLS by @aumetra in #475
- README restructure and typo check by @aumetra in #476
- Move
kitsune-retry-policies
intolib/
directory by @aumetra in #478 - Make language detection more configurable by @aumetra in #481
- Update dependencies by @aumetra in #483
- Relicense Kitsune by @aumetra in #479
- Migrate away from Deadpool to BB8 for database connections by @aumetra in #486
- HTTP signatures rewrite by @aumetra in #488
- Custom Redis pool by @aumetra in #485
- Bump mio from 0.8.10 to 0.8.11 by @dependabot in #494
- Clock mocking for
http-signatures
by @aumetra in #495 - Add helpers to deserialise JSON-LD in a more robust way by @tesaguri in #492
- Simplify
masto_id_convert
by @aumetra in #496 - WASM-based MRF by @aumetra in #490
- Add
clean
subcommand toxtask
by @aumetra in #497 - Easier testability via
testcontainers
by @aumetra in #499 - Add crate for DNS verification by @aumetra in #502
- Better parallel testing by @aumetra in https://github.com/kitsune-soc/k...
v0.0.1-pre.5
kitsune 0.0.1-pre.5
This is another small mid-release. Just to finally give a small cut-off point of changes.
Kitsune now requires a nightly compiler (at least for now; we might get rid of the requirement with the next release again).
Highlights
Custom and remote emojis
(Thanks @zeerooth)
Kitsune now has internal support for uploading custom emoji (but the functionality isn't exposed yet).
Also Kitsune has a feature no other implementation really has yet (as far as I am aware): Remote emoji.
Remote emoji work like this:
- Some remote activity with a custom emoji arrives from an arbitrary instance
- Kitsune stores the emoji in the following format:
[emote name]@[instance name]
- We then show these emoji in the picker
These remote emoji will be moderatable via the eventual moderation tools.
Also, the media is not stored on your local instance. Meaning the availability of those emoji is dependent on the remote.
Usernames can contain unicode
Now supports usernames that contain unicode characters. We use custom unicode collation on the PostgreSQL level to prevent potential impersonation issues.
New HTML sanitizer
We migrated from ammonia
to bubble-bath
for sanitizing HTML content submitted to Kitsune.
This enables us to preserve the actual HTML in an escaped format instead of simply stripping it.
Additionally the sanitizer is a little faster. Not noticeably, but a bit.
Smaller changes
Upgrade to Hyper v1
We upgraded the codebase to Hyper v1. Right now we need a small compatibility layer between http
v0.2 and http
v1 for a few selected crates but most of the ecosystem we use is already there!
Large internal refactor
Kitsune was refactored to be more independent when it comes to the federation protocol it uses. That way it might be possible to add support for alternative protocols, such as AtProto.
CSRF protection for OAuth pages
We added an own implementation of the Signed Double-Submit Cookie pattern.
It is used on our OAuth consent page. This will be more useful once we migrate over to a database-session-based login method.
OIDC fixes
Thanks to multiple error reports over Matrix and GitHub, we were able to identify multiple OIDC issues and fix the most of them.
Install kitsune 0.0.1-pre.5
Install prebuilt binaries via powershell script
irm https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.5/kitsune-installer.ps1 | iex
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.5/kitsune-installer.sh | sh
Download kitsune 0.0.1-pre.5
File | Platform | Checksum |
---|---|---|
kitsune-aarch64-apple-darwin.tar.xz | macOS Apple Silicon | checksum |
kitsune-x86_64-apple-darwin.tar.xz | macOS Intel | checksum |
kitsune-x86_64-pc-windows-msvc.zip | Windows x64 | checksum |
kitsune-x86_64-unknown-linux-musl.tar.xz | musl Linux x64 | checksum |
kitsune-job-runner 0.0.1-pre.5
Install kitsune-job-runner 0.0.1-pre.5
Install prebuilt binaries via powershell script
irm https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.5/kitsune-job-runner-installer.ps1 | iex
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.5/kitsune-job-runner-installer.sh | sh
Download kitsune-job-runner 0.0.1-pre.5
File | Platform | Checksum |
---|---|---|
kitsune-job-runner-aarch64-apple-darwin.tar.xz | macOS Apple Silicon | checksum |
kitsune-job-runner-x86_64-apple-darwin.tar.xz | macOS Intel | checksum |
kitsune-job-runner-x86_64-pc-windows-msvc.zip | Windows x64 | checksum |
kitsune-job-runner-x86_64-unknown-linux-musl.tar.xz | musl Linux x64 | checksum |
kitsune-cli 0.0.1-pre.5
Install kitsune-cli 0.0.1-pre.5
Install prebuilt binaries via powershell script
irm https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.5/kitsune-cli-installer.ps1 | iex
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.5/kitsune-cli-installer.sh | sh
Download kitsune-cli 0.0.1-pre.5
File | Platform | Checksum |
---|---|---|
kitsune-cli-aarch64-apple-darwin.tar.xz | macOS Apple Silicon | checksum |
kitsune-cli-x86_64-apple-darwin.tar.xz | macOS Intel | checksum |
kitsune-cli-x86_64-pc-windows-msvc.zip | Windows x64 | checksum |
kitsune-cli-x86_64-unknown-linux-musl.tar.xz | musl Linux x64 | checksum |
Now follows the GitHub generated changelog:
What's Changed
- Move
speedy-uuid
impl block by @aumetra in #390 - Add
masto-id-convert
crate to monorepo by @aumetra in #391 - Remove unsound
lexical
dependency by @aumetra in #392 - fix: docker-compose start command by @alexohneander in #394
- Check
Content-Type
header when fetching entities by @aumetra in #388 - Fix nightly clippy lint by @aumetra in #396
- Restructure search logic by @aumetra in #397
- Make
meilisearch
enabled builds statically linked by @aumetra in #398 - Force registration in OIDC handler by @aumetra in #402
- Fix follows on Mastodon API by @aumetra in #403
- Restructure OIDC service by @aumetra in #404
- Upgrade dependencies by @aumetra in #411
- Add native support for the
X-Clacks-Overhead
header by @aumetra in #412 - Use nightly features by @aumetra in #413
- Make account names case-insensitive by @aumetra in #407
- Add configuration option for non-ASCII usernames by @aumetra in #417
- Split configuration crate across multiple files by @aumetra in #419
- Custom and remote emojis by @zeerooth in #405
- Rename
cargo machete
run by @aumetra in #423 - Use
oranda
for our website by @aumetra in #425 - Make the website style a bit more custom by @aumetra in #426
- Add documentation about
allow-non-ascii-usernames
by @aumetra in https://gi...
v0.0.1-pre.4
kitsune 0.0.1-pre.4
Another pre-release. It's somewhat regular by now. Let's talk about what changed!
Feel free to join one of the chat options to chat with us!
Both of them are connected via a bridge, so it doesn't matter which one you join
This release includes a fix for GHSA-5prv-r7jg-vrf7
Highlights
Post update support
You can now receive updates to posts from other services!
Notification support
Thanks to @zeerooth Kitsune now has notifications!
Mentions, favourites, reposts, etc. are now aggregated as notifications in your notification timeline.
Support for "webfinger domains"
We now store @[email protected]
instead of @[email protected]
if it's set-up in a compatible way.
Thanks for this @tesaguri!
Exif data is now stripped from select image formats
Kitsune now automatically strips the Exif data from the following image formats:
- JPEG
- PNG
- WebP
Thanks @zeerooth!
Dedicated job runner
We did some internal restructuring and you can now run headless job runners!
This was done to help you increase parallelism of job execution without running all the baggage of a web server.
Basic UI functionality
Kitsune gained some UI functionality with this release!
You can now check your home timeline, the local timeline, and global timeline; as well as checking out the "preview" of the upcoming rich-text post modal!
Build-time optimizations
Kitsune should now compile faster on most hardware by at least ~30sec.
Remove kitsune-search-server
With this release, we say goodbye to our home-grown search service.
It hasn't been particulary well maintained in general and has only been an additional binary that had to be compiled basically.
OpenTelemetry support
With this release, we retire our old Prometheus scraping endpoint in favour of OTLP push-based metrics.
We also added support for pushing traces (in addition to metrics).
This means you can export traces and metrics to whatever service, as long as they support the (rather ubiquitous) OpenTelemetry Wire Protocol.
Smaller changes
post-processor
rewrite
Our post-processor
crate (which is responsible for parsing your posts, turning mentions into actual mentions, etc.) was fully rewritten.
This rewrite improved performance and the basic transformation benchmark runs in ~212ns.
simple_transform time: [211.68 ns 212.69 ns 213.82 ns]
change: [-1.1595% -0.3741% +0.3490%] (p = 0.34 > 0.05)
No change in performance detected.
Replace jemalloc
with mimalloc
We replaced our memory allocators in this release.
This results in quicker builds and potentially improved performance due to faster allocations.
Updated documentation
Our documentation pages should be up-to-date now!
Automated release builds
We now offer release builds (courtesy of cargo-dist
).
Meaning you can download pre-installed versions of Kitsune from our releases.
We build binaries for:
- Windows (MSVC compiler)
- MacOS (Intel and Apple Silicon)
- Linux (glibc)
This release has incompatible database changes to the previous release.
Until we publish a full first alpha, we reserve us the right to continue making these kinds of breaking changes.
Install kitsune 0.0.1-pre.4
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.4/kitsune-installer.sh | sh
Install prebuilt binaries via powershell script
irm https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.4/kitsune-installer.ps1 | iex
Download kitsune 0.0.1-pre.4
File | Platform | Checksum |
---|---|---|
kitsune-aarch64-apple-darwin.tar.xz | macOS Apple Silicon | checksum |
kitsune-x86_64-apple-darwin.tar.xz | macOS Intel | checksum |
kitsune-x86_64-pc-windows-msvc.zip | Windows x64 | checksum |
kitsune-x86_64-unknown-linux-gnu.tar.xz | Linux x64 | checksum |
kitsune-job-runner 0.0.1-pre.4
Install kitsune-job-runner 0.0.1-pre.4
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.4/kitsune-job-runner-installer.sh | sh
Install prebuilt binaries via powershell script
irm https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.4/kitsune-job-runner-installer.ps1 | iex
Download kitsune-job-runner 0.0.1-pre.4
File | Platform | Checksum |
---|---|---|
kitsune-job-runner-aarch64-apple-darwin.tar.xz | macOS Apple Silicon | checksum |
kitsune-job-runner-x86_64-apple-darwin.tar.xz | macOS Intel | checksum |
kitsune-job-runner-x86_64-pc-windows-msvc.zip | Windows x64 | checksum |
kitsune-job-runner-x86_64-unknown-linux-gnu.tar.xz | Linux x64 | checksum |
kitsune-cli 0.0.1-pre.4
Install kitsune-cli 0.0.1-pre.4
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.4/kitsune-cli-installer.sh | sh
Install prebuilt binaries via powershell script
irm https://github.com/kitsune-soc/kitsune/releases/download/v0.0.1-pre.4/kitsune-cli-installer.ps1 | iex
Download kitsune-cli 0.0.1-pre.4
File | Platform | Checksum |
---|---|---|
kitsune-cli-aarch64-apple-darwin.tar.xz | macOS Apple Silicon | checksum |
kitsune-cli-x86_64-apple-darwin.tar.xz | macOS Intel | checksum |
kitsune-cli-x86_64-pc-windows-msvc.zip | Windows x64 | checksum |
kitsune-cli-x86_64-unknown-linux-gnu.tar.xz | Linux x64 | checksum |
Now follows the GitHub-generated changelog:
What's Changed
- Add
xtask
project for automation by @aumetra in #326 - Separate xtask from workspace by @aumetra in #327
- Add notifications by @zeerooth in #328
- Reduce dependency count by @aumetra in #329
- Rewrite
post-processor
based onlogos
by @aumetra in #333 - Increase Tokio worker stack size to 4MiB by @aumetra in #338
- Fix compile errors from security patch by @aumetra in #339
- Specify a formatter for 'nix fmt' by @aumetra in #340
- Add cargo-audit check by @aumetra in #341
- Upgrade dependencies by @aumetra in #335
- Update activity for posts by @zeero...
v0.0.1-pre.3: Breaking release conventions
What? Another release after two weeks? Yes!
This time we don't just wait two months, we throw out another preview release after two weeks!
Mainly because I really got excited about some of the big things we added, so I wanted to push that out.
We also have a security fix in this release
Feel free to join one of the chat options to chat with us!
Both of them are connected via a bridge, so it doesn't matter which one you join
Security fixes
We had a bug that enabled attackers to use a maliciously crafted activity to
- exhaust the connection pool if it was configured with less than 50 connections
- crash the server with an stack overflow
These issues have been solved with this release. We reduced the maximum recursion depth for thread fetching to 30 and changed the internals to handle database connections with more care.
Thanks @tesaguri for reporting this issue and helping with the testing and fixing!
Highlights
Language detection
As many of you know, in Mastodon you can tag your posts with a language to assist with translation and such, but what if these tags are wrong?
Well, we had the same concerns for Kitsune, so we came up with a solution: N-gram-based language detection models!
With posts over 100 characters, the language detection we utilise can pretty confidently tell what language you are posting in, and will tag the language accordingly.
The choice of your client will still have precedence, so if your client sends us a language, we won't even attempt to guess the language.
We think that this is a good way forward, to have more and reliable language tagging for posts
Better SQL full-text search
This is linked to the previous point! We now do language-specific tokenization for posts. Meaning your English posts will be tokenized differently from your German posts and those are tokenized differently from your Korean posts, and so on!
To support more languages, your instance admin needs to install the tokenizer in their PostgreSQL database. No further configuration needed!
Kitsune will automatically detect the newly installed tokenizer on start-up and will start using it for new posts.
Note: This automatic tokenizer detection assumes the name of the tokenizer's REGCONFIG
is equal to the english name of the language. This holds true for most languages.
Webfinger domain support
(Thanks @tesaguri for adding this feature!)
You can now specify a webfinger-domain
value in your configuration, making Mastodon refer to your instance by, for example, example.org
instead of fedi.example.org
.
Kitsune does not yet respect these webfinger domains, this is planned however and tracked in #285
Updating posts
(Thanks @zeerooth for adding this feature!)
You can now edit your posts! Made a typo or wanted to word something differently? You can now just use the edit feature of the Mastodon client!
Reposts
(Thanks @zeerooth for adding this feature!)
You can now repost posts on Kitsune! This feature has been missing for a while and is now here!
Captchas for sign-up
(Thanks @zeerooth for adding this feature!)
You can now choose between hCaptcha and mCaptcha as backends for a captcha service! This will help prevent issues with spam accounts and lessen moderation burden.
Note that these two options are fully accessible. Both of these options support navigation via your keyboard and are accessible to vision-impaired users.
- hCaptcha offers a so-called "accessibility cookie" where you can contact their support to give your browser a cookie that makes it automatically by-pass the verification
- mCaptcha is fully built around proof-of-work, meaning there will be no "choose a picture" challenges. Your browser will simply solve a mathematical puzzle and send us the solution.
If you want an additional Captcha service that isn't covered right now, feel free to open an issue!
Smaller changes
- Character limits are now correctly enforced
- Test coverage has been extended a bit (thanks @tesaguri)
- Tests are now mocked, enabling reproducible tests in offline environments (thanks @tesaguri)
This release has incompatible database changes to the previous release.
Until we publish a full first alpha, we reserve us the right to continue making these kinds of breaking changes.
Now follows the GitHub-generated changelog:
What's Changed
- test: Use mocked HTTP clients by @tesaguri in #296
- Language detection for posts by @aumetra in #293
- Add
webfinger-domain
configuration by @tesaguri in #297 - Add SECURITY.md by @aumetra in #300
- Add captcha by @zeerooth in #299
- Bump rustls-webpki from 0.100.1 to 0.100.2 by @dependabot in #301
- Small changes and updates by @aumetra in #302
- Wrapper around the Postgres connection pool by @aumetra in #303
- Add a test for fetching infinitely long reply chains by @tesaguri in #305
- Update, boost and unboost a status using mastodon api by @zeerooth in #306
- Use
garde
for validation by @aumetra in #311 - Add character limit tests by @aumetra in #314
- Add post source functionality by @aumetra in #315
- Fix transaction state panic by @aumetra in #316
- Add code of conduct by @aumetra in #317
- Fix issue #319 by @perillamint in #320
- Update dependencies by @aumetra in #321
- Use
devenv
for development shells by @aumetra in #324 - Bump version to v0.0.1-pre.3 by @aumetra in #325
New Contributors
Full Changelog: v0.0.1-pre.2...v0.0.1-pre.3
v0.0.1-pre.2: Yet another release
Another release without that many big changes. I had some personal stuff to get through over last weeks.
This release was made to have one clean cut-off point to not forget about things that happened and to keep the changelog somewhat manageable.
Also I wanted to keep the two month release "schedule"
Feel free to join one of the chat options to chat with us!
Both of them are connected via a bridge, so it doesn't matter which one you join
Highlights
Switch from Dhall to TOML
We are now using TOML for our configurations.
Dhall had issues with bad error messages, a more unfamiliar syntax for a lot of people, and the requirement to manually write types ourselves.
TOML, on the other hand, is a simple configuration format that is well-known and ubiquitous.
Our documentation isn't updated yet, we are tracking it in #281
More general ActivityPub federation
Kitsune now has basic federation with non-microblogging services such as Lemmy and PeerTube.
This federation includes:
- Loading profiles
- Loading videos and longer-form articles
- Parsing post bodies as Markdown, when requested
- Some special-case formatting for articles to link back to the source (similar to what Akkoma does)
Link previews
You know these nice little cards Mastodon has? Where it shows you an image and a bit about the link that was just posted?
Kitsune can do that, too!
Thanks to the generosity of @novacrazy, we now make use of Lantern Chat's embed service for fetching link metadata.
The service can be found here: https://github.com/Lantern-chat/embed-service
New job scheduler
This release includes a new job scheduler: Athena.
The scheduler aims to improve issues with contention and database utilization our old approach had.
Our old approach used to poll the database every few seconds for new jobs and lock rows exclusively.
Since we also ordered the jobs by a date key, this meant that locked rows would make each job runner wait.
We resolved this by outsourcing the job queuing to Redis but keeping the context in the database for latency reasons.
Redis Streams and Lua scripts are used to ensure atomicity and that we don't accidentally lose jobs, even with catastrophic failures, such as crashes.
This means that we require a Redis installation though
Email verification
You can now require email verification for new accounts by configuring an email server.
These Emails are somewhat nice looking HTML emails with a plain text fallback.
We use mrml
to not have to deal with the frankly ancient HTML you'd have to write for Email clients.
Improved OAuth2 implementation
Previously we rolled our own OAuth2 logic. The logic was not entirely perfect.
With this release we ported Kitsune to the oxide-auth
library, helping us provide standards-compliant OAuth2 flows.
Note: We did implement a hack to enable JSON-encoded bodies for OAuth endpoints, even though that is technically against the standard, since a lot of Mastodon clients did that.
Docker images and Docker Compose deployment
We used to have Docker images and a Docker Compose file, these weren't maintained and not kept up-to-date with newer changes.
Thanks to @zeerooth all the Docker files are now up-to-date and use cargo-chef
for improved build speed utilizing Docker's layer caching.
Smaller changes that might be of note
UI improvements
The UI has progressed. Even if not immediately visible, we now have:
- Working authentication
- a 404 page (thanks @zeerooth)
- Nicer registration forms
- A new, smaller GraphQL client
In-memory cache changes
@tesaguri recommended switching over our primitive self-rolled in-memory cache with a more sophisticated library.
We chose moka
which is giving us simplified internals and less faulty key-evictions, meaning Kitsune should be that little bit faster when using the in-memory cache.
Kitsune deployable via Nix
@Nemo157 updated our Nix flake, so you can now deploy Kitsune as a Nix service via the flake.
See #270 for an example.
General performance improvements
We make use of smol_str
string inlining and SIMD-accelerated libraries wherever possible.
Our JSON parsing is done via simd-json
, UUIDs are parsed via uuid-simd
, Base64 is handled via base64-simd
, and Hex encoding is powered by hex-simd
.
The following SIMD libraries we use are all maintained by a single person, @Nugine, big props to him:
base64-simd
hex-simd
uuid-simd
This release has incompatible configuration and database changes to the previous release.
Until we publish a full first alpha, we reserve us the right to continue making these kinds of breaking changes.
Now follows the GitHub-generated changelog:
What's Changed
- Fix URL parsing by @aumetra in #235
- Update dependencies by @aumetra in #236
- Minor size adjustments by @aumetra in #237
- Better ActivityPub compatibility by @aumetra in #238
- Split Kitsune into more subcrates by @aumetra in #239
- Bump vite from 4.2.1 to 4.2.3 in /kitsune-fe by @dependabot in #240
- Update
diesel_migrations_async
to newest git revision by @aumetra in #241 - Add link to a Discord server by @aumetra in #243
- Improve error messages by @aumetra in #245
- Ignore duplicate mentions by @aumetra in #246
- Port OAuth2 endpoints to
oxide-auth
by @aumetra in #242 - Add link previews by @aumetra in #247
- Skip
serde_json::Value
step by @aumetra in #249 - Small optimisations by @aumetra in #250
- Bump semver from 7.3.8 to 7.5.3 in /kitsune-fe by @dependabot in #255
- Improved job scheduler by @aumetra in #254
- Add
target-cpu=native
to the RUSTFLAGS by @aumetra in #259 - Add email verification by @aumetra in #257
- Add middleware for handling JSON to OAuth endpoints by @aumetra in #261
- Add STARTTLS option to configuration by @aumetra in #262
- Added service example file by @SlimeyIceCream in #266
- Add caddy example file. by @SlimeyIceCream in #268
- Replace Dhall with TOML by @aumetra in #271
- Add nixos service module to the flake by @Nemo157 in #270
- Improve error handling by @aumetra in #272
- Do not assume CPU support for aes instructions by @Houkime in #274
- Build for x86-64-v3 in CI by @aumetra in #275
- Bump word-wrap from 1.2.3 to 1.2.4 in /kitsune-fe by @dependabot in #276
- Improve Nix in CI by @aumetra in #277
- GraphQL improvements by @aumetra in #273
- Layered docker images and improved docker-compose deployment by @zeerooth in #282
- Some UI progress by @aumetra in #279
- WIP: make dev shell self-contained by @Houkime in #278
- Validate passwords with zxcvbn in-browser by @aumetra in #286
- Port frontend from
@vue/apollo-composable
to@urql/vue
by @aumetra in #287 - Autogenerate types for GraphQL queries by @aumetra in #288
- Remove errornous type annotation by @aumetra in #289
- Update dependencies by @aumetra in #290
- Implement follow requests by @zeerooth in #283
- Update the in-memory cache to use
moka
by @aumetra in #291 - Bump version to v0.0.1-pre.2 by @aumetra in #292
New Contributors
- @SlimeyIceCream made their first contribution in #266
- @Nemo157 made their first contribution in #270
- @Houkime made their first contribution in #274
- @zeerooth made their first contribution in #282
Full Changelog: v0.0.1-pre.1...v0.0.1-pre.2
v0.0.1-pre.1: Second alpha pre-release
This release doesn't have too many new features (sorry, I've been a bit busy the last few weeks) and mostly changes the internals and fixes bugs.
Onto a third (hopefully more featureful) release! 🎉
Feel free to join our Matrix room to chat. We also hold votes there for larger changes (such as foregoing the SQLite support or the switch of our ORM)
Highlights
Improved SQL search
The SQL search is now actually good, faster, and will scale better!
It uses PostgreSQL's integrated support for full-text search via tsvector
/tsquery
and stores the generated vectors into GIN indices.
This more advanced usage of database-specific features (as well as a vote in our Matrix room towards foregoing SQLite support) led to the deprecation of the SQLite support, effective immediately.
Kitsune will not work with SQLite from this release onwards and it is unlikely to change (unless someone is willing to put in the work to make diesel-async
compatible and figure out migrations and dynamic database connection switching).
Profiles are now updatable!
Standard profiles are a little boring. This update adds support for Mastodon's update for updating your account.
This includes:
- Setting a display name
- Setting a header
- Setting a profile picture
- Setting a description
- Locking your account
These things all federate to other instances like they would on Mastodon.
Support for Ed25519 in HTTP signatures
We introduce support for Ed25519 signed HTTP request in this release. We see this as an important step of the fediverse towards deprecating RSA signatures (which they rightfully deserve) and moving to more modern standards.
Currently we aren't aware of any other implementations that support Ed25519, therefore Kitsune has not fully switched to them yet. This is planned however as soon as a stable Mastodon release gets support for Ed25519 signatures.
This release has incompatible database changes to the previous release.
Until we publish a full first alpha, we reserve us the right to continue making these kinds of breaking changes.
Now follows the GitHub auto-generated changelog:
What's Changed
- Bump h2 from 0.3.16 to 0.3.17 by @dependabot in #173
- Add badges to the README by @aumetra in #174
- Fix Matrix link in README by @aumetra in #176
- Update dependencies by @aumetra in #175
- Support Ed25519 HTTP signatures by @aumetra in #177
- Add support for Mastodon's update profile API by @aumetra in #178
- Fix follows on unlocked accounts by @aumetra in #180
- Add
mention
class to links of mentions by @aumetra in #181 - Remove usage of
mem::take
by @aumetra in #182 - SQLite fixes by @aumetra in #183
- Fix home timeline by @aumetra in #186
- Replace
chrono
withtime
by @aumetra in #187 - Remove
tempdir
dependency by @aumetra in #188 - (Hopefully) last breaking database changes by @aumetra in #189
- Update flake and Cargo dependencies by @aumetra in #191
- Remove the unique requirement from the
username
column by @aumetra in #192 - Update deadpool-redis to v0.12 by @aumetra in #193
- Ensure the signature key owner is the author of the activity by @aumetra in #194
- Update dependencies by @aumetra in #197
- Use UUID in user path by @aumetra in #198
- Update dependencies by @aumetra in #202
- Build support via nix by @aumetra in #199
- Add white text colour attribute on registration form style by @perillamint in #204
- Better SQL search by @aumetra in #208
- Update dependencies by @aumetra in #209
- Enable CPU features by @aumetra in #211
- Add additional layers by @aumetra in #212
- Diesel migration by @aumetra in #210
- Announce activity support by @aumetra in #213
- Add default header to Mastodon API by @aumetra in #214
- Fix relationship mapping by @aumetra in #215
- Make URL column non-nullable by @aumetra in #216
- Update "State of federation" section by @aumetra in #218
- Update dependencies by @aumetra in #220
- Return 401 instead of 404 when user is not found by @perillamint in #222
- Do not try to update account if user does not have profile image and header image by @perillamint in #224
- Disable HTTP/2 by @aumetra in #226
- Remove the
Host
header by @aumetra in #227 - Small database-level optimisations by @aumetra in #228
- Query pipelining by @aumetra in #229
- Fix warnings when doing release builds by @aumetra in #230
- Include the Git revision in the versions by @aumetra in #231
- Update dependencies by @aumetra in #232
- Bump version by @aumetra in #233
New Contributors
- @perillamint made their first contribution in #204
Full Changelog: v0.0.1-pre.0...v0.0.1-pre.1
v0.0.1-pre.0: First alpha pre-release
This is the first alpha pre-release of Kitsune. Some basic stuff is already functional but still largely a work-in-progress.
State of things
Database support
- PostgreSQL works
- SQLite has some issues
- MySQL/MariaDB support is still completely untested
Search
- Meilisearch integration works
- Custom search service works
- SQL-based search works
Federation
(mainly tested against Mastodon, even though I don't expect issues with Akkoma and Misskey)
Posts
- Posts can be sent out
- Posts can be received
- Deletions can be sent out
- Deletions can be received
Likes
- Likes can be sent out
- Like undos can be sent out
Follows
- Follows can be received
- Follow undos can be received
Accounts
- Accounts can be created
- Account pages can be retrieved
Timelines
- Home timeline works
- Public timeline works
- Federated timeline works
Cache
- In-memory cache works
- Redis cache works
Storage
- On-disk storage works
- S3 storage works
Messaging (event bus)
- In-process messages work
- Redis PubSub messages work
Federation filters
- Allowlist-based federation works
- Denylist-based federation works
OIDC support
Not very sophisticated yet
- Basic support works