Releases · linuxserver/docker-mastodon

LinuxServer Changes:

Rebase to Alpine 3.20, enable Active Record Encryption. Existing users should update their nginx confs to avoid http2 deprecation warnings.

mastodon Changes:

Upgrade overview

This release contains upgrade notes that deviate from the norm:

‼️ Requires new encryption secrets environment variables
⚠️ The minimal supported version for PostgreSQL has been bumped to 12
⚠️ The minimal supported version for Ruby has been bumped to 3.1
⚠️ The minimal supported version for Node.js has been bumped to 18
⚠️ Requires rebuilding Elasticsearch accounts index
⚠️ We switched from yarn 1 to yarn 4, and recommend using corepack
⚠️ The Docker image has been split in two separate images
⚠️ Rolling updates from versions earlier than Mastodon 4.2 are not supported
⚠️ StatsD integration has been removed, replaced by OpenTelemetry integration
⚠️ ImageMagick is being deprecated and may be removed in a future version
ℹ️ Requires streaming API restart
ℹ️ Requires database migrations
ℹ️ The logging format of the streaming server has changed

For more information, scroll down to the upgrade instructions section.

Changelog

The following changelog entries focus on changes visible to users, administrators, client developers or federated software developers, but there has also been a lot of code modernization, refactoring, and tooling work, in particular by @mjankowski.

Security

Add confirmation interstitial instead of silently redirecting logged-out visitors to remote resources (#27792, #28902, and #30651 by @ClearlyClaire and @Gargron)
This fixes a longstanding open redirect in Mastodon, at the cost of added friction when local links to remote resources are shared.
Fix ReDoS vulnerability on some Ruby versions (GHSA-jpxp-r43f-rhvx)
Change form-action Content-Security-Policy directive to be more restrictive (#26897 and #32241 by @ClearlyClaire)
Update dependencies

Added

Add server-side notification grouping (#29889, #30576, #30685, #30688, #30707, #30776, #30779, #30781, #30440, #31062, #31098, #31076, #31111, #31123, #31223, #31214, #31224, #31299, #31325, #31347, #31304, #31326, #31384, #31403, #31433, #31509, #31486, #31513, #31592, #31594, #31638, #31746, #31652, #31709, #31725, #31745, #31613, #31657, #31840, #31610, #31929, #32089, #32085, #32243, #32179 and #32254 by @ClearlyClaire, @Gargron, @mgmn, and @renchap)
Group notifications of the same type for the same target, so that your notifications no longer get cluttered by boost and favorite notifications as soon as a couple of your posts get traction.
This is done server-side so that clients can efficiently get relevant groups without having to go through numerous pages of individual notifications.
As part of this, the visual design of the entire notifications feature has been revamped.
This feature is intended to eventually replace the existing notifications column, but for this first beta, users will have to enable it in the “Experimental features” section of the notifications column settings.
The API is not final yet, but it consists of:
- a new group_key attribute to Notification entities
- GET /api/v2/notifications: https://docs.joinmastodon.org/methods/grouped_notifications/#get-grouped
- GET /api/v2/notifications/:group_key: https://docs.joinmastodon.org/methods/grouped_notifications/#get-notification-group
- GET /api/v2/notifications/:group_key/accounts: https://docs.joinmastodon.org/methods/grouped_notifications/#get-group-accounts
- POST /api/v2/notifications/:group_key/dimsiss: https://docs.joinmastodon.org/methods/grouped_notifications/#dismiss-group
- GET /api/v2/notifications/:unread_count: https://docs.joinmastodon.org/methods/grouped_notifications/#unread-group-count
Add notification policies, filtered notifications and notification requests (#29366, #29529, #29433, #29565, #29567, #29572, #29575, #29588, #29646, #29652, #29658, #29666, #29693, #29699, #29737, #29706, #29570, #29752, #29810, #29826, #30114, #30251, #30559, #29868, #31008, #31011, #30996, #31149, #31220, #31222, #31225, #31242, #31262, #31250, #31273, #31310, #31316, #31322, #31329, #31324, #31331, #31343, #31342, #31309, #31358, #31378, #31406, #31256, #31456, #31419, #31457, #31508, #31540, #31541, #31723, #32062 and #32281 by @ClearlyClaire, @Gargron, @TheEssem, @mgmn, @oneiros, and @renchap)
The old “Block notifications from non-followers”, “Block notifications from people you don't follow” and “Block direct messages from people you don't follow” notification settings have been replaced by a new set of settings found directly in the notification column.
You can now separately filter or drop notifications from people you don't follow, people who don't follow you, accounts created within the past 30 days, as well as unsolicited private mentions, and accounts limited by the moderation.
Instead of being outright dropped, notifications that you chose to filter are put in a separate “Filtered notifications” box that you can review separately without it clogging your main notifications.
This adds the following REST API endpoints:
- GET /api/v2/notifications/policy: https://docs.joinmastodon.org/methods/notifications/#get-policy
- PATCH /api/v2/notifications/policy: https://docs.joinmastodon.org/methods/notifications/#update-the-filtering-policy-for-notifications
- GET /api/v1/notifications/requests: https://docs.joinmastodon.org/methods/notifications/#get-requests
- GET /api/v1/notifications/requests/:id: https://docs.joinmastodon.org/methods/notifications/#get-one-request
- POST /api/v1/notifications/requests/:id/accept: https://docs.joinmastodon.org/methods/notifications/#accept-request
- POST /api/v1/notifications/requests/:id/dismiss: https://docs.joinmastodon.org/methods/notifications/#dismiss-request
- POST /api/v1/notifications/requests/accept: https://docs.joinmastodon.org/methods/notifications/#accept-multiple-requests
- POST /api/v1/notifications/requests/dismiss: https://docs.joinmastodon.org/methods/notifications/#dismiss-multiple-requests
- GET /api/v1/notifications/requests/merged: https://docs.joinmastodon.org/methods/notifications/#requests-merged
In addition, accepting one or more notification requests generates a new streaming event:
- notifications_merged: an event of this type indicates accepted notification requests have finished merging, and the notifications list should be refreshed
Add notifications of severed relationships (#27511, #29665, #29668, #29670, #29700, #29714, #29712, and #29731 by @ClearlyClaire and @Gargron)
Notify local users when they lose relationships as a result of a local moderator blocking a remote account or server, allowing the affected user to retrieve the list of broken relationships.
Note that this does not notify remote users.
This adds the severed_relationships notification type to the REST API and streaming, with a new relationship_severance_event attribute.
Add hover cards in web UI (#30754, #30864, #30850, #30879, #30928, #30949, #30948, #30931, and #31300 by @ClearlyClaire, @Gargron, and @renchap)
Hovering over an avatar or username will now display a hover card with the first two lines of the user's description and their first two profile fields.
This can be disabled in the “Animations and accessibility” section of the preferences.
Add "system" theme setting (light/dark theme depending on user system preference) (#29748, #29553, #29795, #29918, #30839, and #30861 by @nshki, @ErikUden, @mjankowski, @renchap, and @vmstan)
Add a “system” theme that automatically switch between default dark and light themes depending on the user's system preferences.
Also changes the default server theme to this new “system” theme so that automatic theme selection happens even when logged out.
Add timeline of public posts about a trending link (#30381 and #30840 by @Gargron)
You can now see public posts mentioning currently-trending articles from people who have opted into discovery features.
This adds a new REST API endpoint: https://docs.joinmastodon.org/methods/timelines/#link
Add author highlight for news articles whose authors are on the fediverse (#30398, #30670, #30521, #30846, #31819, #31900 and #32188 by @Gargron, @mjankowski and @oneiros)
This adds a mechanism to highlight the author of news articles shared on Mastodon.
Articles hosted outside the fediverse can indicate a fediverse author with a meta tag:
```
<meta name="fediverse:creator" content="username@domain" />
```
On the API side, this is represented by a new authors attribute to the PreviewCard entity: https://docs.joinmastodon.org/entities/PreviewCard/#authors\
Users can allow arbitrary domains to use fediverse:creator to credit them by visiting /settings/verification.
This is federated as a new attributionDomains property in the http://joinmastodon.org/ns namespace, containing an array of domain names: https://docs.joinmastodon.org/spec/activitypub/#properties-used-1
Add in-app notifications for moderation actions and warnings (#30065, #30082, and #30081 ...