Release v3.3.0 · mastodon/mastodon

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires streaming API restart
ℹ️ Requires review of Sidekiq queues in multi-process setups
ℹ️ Requires two-step database migration process for zero-downtime deployment

For more information, scroll down to the upgrade instructions section.

Changelog

Added

Add hotkeys for audio/video control in web UI (Gargron, Gargron)
- Space and k to toggle playback
- m to toggle mute
- f to toggle fullscreen
- j and l to go back and forward by 10 seconds
- . and , to go back and forward by a frame (video only)
Add expand/compress button on media modal in web UI (mashirozx, mashirozx, mashirozx)
Add border around 🕺 emoji in web UI (ThibG)
Add border around 🐞 emoji in web UI (ThibG)
Add home link to the getting started column when home isn't mounted (ThibG)
Add option to disable swiping motions across the web UI (ThibG)
Add pop-out player for audio/video in web UI (Gargron, Gargron, Gargron, noellabo)
- Continue watching/listening when you scroll away
- Action bar to interact with/open toot from the pop-out player
Add unread notification markers in web UI (ThibG, ThibG, ThibG, noellabo, noellabo)
Add paragraph about browser add-ons when encountering errors in web UI (ThibG)
Add import and export for bookmarks (ThibG)
Add cache buster feature for media files (Gargron)
- If you have a proxy cache in front of object storage, deleted files will persist until the cache expires
- If enabled, cache buster will make a special request to the proxy to signal a cache reset
Add duration option to the mute function (aquarla)
Add replies policy option to the list function (ThibG, trwnh)
Add og:published_time OpenGraph tags on toots (nornagon)
Add option to be notified when a followed user posts (Gargron, ThibG, Gargron)
- If you don't want to miss a toot, click the bell button!
Add client-side validation in password change forms (ThibG)
Add client-side validation in the registration form (ThibG, ThibG)
Add support for Gemini URLs (joshleeb)
Add app shortcuts to web app manifest (mkljczk)
Add WebAuthn as an alternative 2FA method (santiagorodriguez96, jiikko)
Add honeypot fields and minimum fill-out time for sign-up form (ThibG)
Add icon for mutual relationships in relationship manager (noellabo)
Add follow selected followers button in relationship manager (noellabo)
Add subresource integrity for JS and CSS assets (Gargron)
- If you use a CDN for static assets (JavaScript, CSS, and so on), you have to trust that the CDN does not modify the assets maliciously
- Subresource integrity compares server-generated asset digests with what's actually served from the CDN and prevents such attacks
Add ku, sa, sc, zgh to available locales (ykzts)
Add ability to force an account to mark media as sensitive (noellabo)
Add ability to block access or limit sign-ups from chosen IPs (Gargron, ThibG)
- Add rules for IPs or CIDR ranges that automatically expire after a configurable amount of time
- Choose the severity of the rule, either blocking all access or merely limiting sign-ups
Add support for reversible suspensions through ActivityPub (Gargron)
- Servers can signal that one of their accounts has been suspended
- During suspension, the account can only delete its own content
- A reversal of the suspension can be signalled the same way
- A local suspension always overrides a remote one
Add indication to admin UI of whether a report has been forwarded (ThibG)
Add display of reasons for joining of an account in admin UI (mashirozx)
Add option to obfuscate domain name in public list of domain blocks (Gargron)
Add option to make reasons for joining required on sign-up (ThibG, ThibG, ThibG, ThibG)
Add ActivityPub follower synchronization mechanism (ThibG, ThibG)
Add outbox attribute to instance actor (ThibG)
Add featured hashtags as an ActivityPub collection (Gargron, noellabo)
Add support for dereferencing objects through bearcaps (Gargron, noellabo)
Add S3_READ_TIMEOUT environment variable (tateisu)
Add ALLOWED_PRIVATE_ADDRESSES environment variable (ThibG)
Add --fix-permissions option to tootctl media remove-orphans (Gargron, uist1idrju3i)
Add tootctl accounts merge (Gargron, ThibG, ThibG)
- Has someone changed their domain or subdomain thereby creating two accounts where there should be one?
- This command will fix it on your end
Add tootctl maintenance fix-duplicates (ThibG, Gargron, ThibG)
- Index corruption in the database?
- This command is for you
Add support for managing multiple stream subscriptions in a single connection (Gargron, Gargron, mfmfuyu, zunda)
- Previously, getting live updates for multiple timelines required opening a HTTP or WebSocket connection for each
- More connections means more resource consumption on both ends, not to mention the (ever so slight) delay when establishing a new connection
- Now, with just a single WebSocket connection you can subscribe and unsubscribe to and from multiple streams
Add support for limiting results by both min_id and max_id at the same time in REST API (tateisu)
Add GET /api/v1/accounts/:id/featured_tags to REST API (noellabo, noellabo)
Add stoplight for object storage failures, return HTTP 503 in REST API (Gargron)
Add optional tootctl remove media cronjob in Helm chart (dunn)
Add clean error message when RAILS_ENV is unset (ThibG)

Changed

Change media modals look in web UI (Gargron, Gargron, Gargron, Gargron, Kjwon15, noellabo, ThibG)
- Background of the overlay matches the color of the image
- Action bar to interact with or open the toot from the modal
Change order of announcements in admin UI to be newest-first (ThibG)
Change account suspensions to be reversible by default (Gargron, ThibG, ThibG, ThibG, ThibG, noellabo, ThibG, Gargron, Gargron)
- Suspensions no longer equal deletions
- A suspended account can be unsuspended with minimal consequences for 30 days
- Immediate deletion of data is still available as an explicit option
- Suspended accounts can request an archive of their data through the UI
Change REST API to return empty data for suspended accounts (14765)
Change web UI to show empty profile for suspended accounts (Gargron, Gargron)
Change featured hashtag suggestions to be recently used instead of most used (abcang)
Change direct toots to appear in the home feed again (Gargron, ThibG, noellabo)
- Return to treating all toots the same instead of trying to retrofit direct visibility into an instant messaging model
Change email address validation to return more specific errors (ThibG)
Change HTTP signature requirements to include Digest header on POST requests (ThibG)
Change click area of video/audio player buttons to be bigger in web UI (ariasuni)
Change order of filters by alphabetic by "keyword or phrase" (ariasuni)
Change suspension of remote accounts to also undo outgoing follows (ThibG)
Change string "Home" to "Home and lists" in the filter creation screen (ariasuni)
Change string "Boost to original audience" to "Boost with original visibility" in web UI (3n-k1)
Change string "Show more" to "Show newer" and "Show older" on public pages (ariasuni)
Change order of announcements to be reverse chronological in web UI (dariusk, dariusk)
Change RTL detection to rely on unicode-bidi paragraph by paragraph in web UI (Gargron)
Change visibility icon next to timestamp to be clickable in web UI (ariasuni, mayaeh)
Change public thread view to hide "Show thread" link (ThibG)
Change number format on about page from full to shortened (Gargron)
Change how scheduled tasks run in multi-process environments (noellabo)
- New dedicated queue scheduler
- Runs by default when Sidekiq is executed with no options
- Has to be added manually in a multi-process environment

Removed

Remove fade-in animation from modals in web UI (Gargron)
Remove auto-redirect to direct messages in web UI (Gargron)
Remove obsolete IndexedDB operations from web UI (Gargron)
Remove dependency on unused and unmaintained http_parser.rb gem (ThibG)

Fixed

Fix layout on about page when contact account has a long username (ThibG)
Fix follow limit preventing re-following of a moved account (Gargron, ThibG)
Fix deletes not reaching every server that interacted with toot (Gargron)
- Previously, delete of a toot would be primarily sent to the followers of its author, people mentioned in the toot, and people who reblogged the toot
- Now, additionally, it is ensured that it is sent to people who replied to it, favourited it, and to the person it replies to even if that person is not mentioned
Fix resolving an account through its non-canonical form (i.e. alternate domain) (ThibG)
Fix sending redundant ActivityPub events when processing remote account deletion (ThibG)
Fix Move handler not being triggered when failing to fetch target account (ThibG)
Fix downloading remote media files when server returns empty filename (ThibG)
Fix account processing failing because of large collections (ThibG)
Fix not being able to unfavorite toots one has lost access to (ThibG)
Fix not being able to unbookmark toots one has lost access to (ThibG)
Fix possible casing inconsistencies in hashtag search (ThibG)
Fix updating account counters when association is not yet created (Gargron)
Fix cookies not having a SameSite attribute (Gargron)
Fix poll ending notifications being created for each vote (ThibG)
Fix multiple boosts of a same toot erroneously appearing in TL (ThibG)
Fix asset builds not picking up CDN_HOST change (ThibG)
Fix desktop notifications permission prompt in web UI (Gargron, Gargron, ThibG, ThibG)
- Some time ago, browsers added a requirement that desktop notification prompts could only be displayed in response to a user-generated event (such as a click)
- This means that for some time, users who haven't already given the permission before were not getting a prompt and as such were not receiving desktop notifications
Fix "Mark media as sensitive" string not supporting pluralizations in other languages in web UI (ariasuni)
Fix glitched image uploads when canvas read access is blocked in web UI (ThibG)
Fix some account gallery items having empty labels in web UI (ThibG)
Fix alt-key hotkeys activating while typing in a text field in web UI (ThibG)
Fix wrong seek bar width on media player in web UI (mfmfuyu)
Fix logging out on mobile in web UI (ThibG)
Fix wrong click area for GIFVs in media modal in web UI (noellabo)
Fix unreadable placeholder text color in high contrast theme in web UI (Gargron)
Fix scrolling issues when closing some dropdown menus in web UI (ThibG)
Fix notification filter bar incorrectly filtering gaps in web UI (ThibG)
Fix disabled boost icon being replaced by private boost icon on hover in web UI (ThibG)
Fix hashtag detection in compose form being different to server-side in web UI (kedamaDQ, ThibG)
Fix home last read marker mishandling gaps in web UI (ThibG)
Fix unnecessary re-rendering of various components when typing in web UI (Gargron)
Fix notifications being unnecessarily re-rendered in web UI (ThibG)
Fix column swiping animation logic in web UI (ThibG)
Fix inefficiency when fetching hashtag timeline (noellabo, akihikodaki)
Fix inefficiency when fetching bookmarks (akihikodaki)
Fix inefficiency when fetching favourites (akihikodaki)
Fix inefficiency when fetching media-only account timeline (akihikodaki)
Fix inefficieny when deleting accounts (Gargron, ThibG, ThibG, ThibG, ThibG, ThibG, Gargron)
Fix redundant query when processing batch actions on custom emojis (niwatori24)
Fix slow distinct queries where grouped queries are faster (Gargron)
Fix performance on instances list in admin UI (Gargron)
Fix server actor appearing in list of accounts in admin UI (ThibG)
Fix "bootstrap timeline accounts" toggle in site settings in admin UI (ThibG)
Fix PostgreSQL secret name for cronjob in Helm chart (metal3d)
Fix Procfile not being compatible with herokuish (acuteaura)
Fix installation of tini being split into multiple steps in Dockerfile (ryncsn)

Security

Fix streaming API allowing connections to persist after access token invalidation (Gargron)
Fix 2FA/sign-in token sessions being valid after password change (Gargron)
Fix resolving accounts sometimes creating duplicate records for a given ActivityPub identifier (ThibG)

Upgrade notes

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Non-Docker only:

The recommended Ruby version has been bumped to 2.7.2. You can upgrade, or you can continue using the old version by overwriting the .ruby-version file with e.g. 2.6.6 which was recommended previously
Install dependencies: bundle install and yarn install

Both Docker and non-Docker:

⚠️ Scheduled tasks have been moved to a dedicated scheduler queue in Sidekiq. If you only run a single Sidekiq process with no custom queue selection, you don't need to change anything. If you customize Sidekiq processes/queues, ensure that there is exactly one Sidekiq process that runs the scheduler queue.

Run the pre-deployment database migrations by specifying the SKIP_POST_DEPLOYMENT_MIGRATIONS=true environment variable:
- Non-Docker: SKIP_POST_DEPLOYMENT_MIGRATIONS=true RAILS_ENV=production bundle exec rails db:migrate
- Docker: docker-compose run --rm -e SKIP_POST_DEPLOYMENT_MIGRATIONS=true web rails db:migrate
Precompile the assets:
- Non-Docker: RAILS_ENV=production bundle exec rails assets:precompile
- Docker: The assets are already precompiled during the build step
Restart all Mastodon processes
Clear cache:
- Non-Docker: RAILS_ENV=production bin/tootctl cache clear
- Docker: docker-compose run --rm web bin/tootctl cache clear
Now that the new code is running, we can finish the database migrations. This will run the post-deployment ones:
- Non-Docker: RAILS_ENV=production bundle exec rails db:migrate
- Docker: docker-compose run --rm web rails db:migrate
Restart all Mastodon processes

Translators

qezwan (Persian, Sorani (Kurdish))
adrmzz (Sardinian)
yeft (Chinese Traditional, Chinese Traditional, Hong Kong)
Koala Yeung (yookoala) (Chinese Traditional, Hong Kong)
tzium (Sardinian)
kamee (Armenian)
Ali Demirtaş (alidemirtas) (Turkish)
Jurica (ahjk) (Croatian)
Ramdziana F Y (rafeyu) (Indonesian)
Alix Rossi (palindromordnilap) (Corsican)
gagik_ (Armenian)
Hồ Nhất Duy (kantcer) (Vietnamese)
ᏦᏁᎢᎵᏫ 😷 (KNTRO) (Spanish, Argentina)
Xosé M. (XoseM) (Galician)
xatier (Chinese Traditional)
otrapersona (Spanish, Spanish, Mexico)
Sveinn í Felli (sveinki) (Icelandic)
Zoltán Gera (gerazo) (Hungarian)
Rafael H L Moretti (Moretti) (Portuguese, Brazilian)
Floxu (fredrikdim1) (Norwegian Nynorsk)
spla (Catalan)
Besnik_b (Albanian)
Emanuel Pina (emanuelpina) (Portuguese)
Saederup92 (Danish)
Jeroen (jeroenpraat) (Dutch)
Jeong Arm (Kjwon15) (Korean, Esperanto)
Alessandro Levati (Oct326) (Italian)
Thai Localization (thl10n) (Thai)
Marcin Mikołajczak (mkljczkk) (Czech, Polish, Russian)
tolstoevsky (Russian)
vishnuvaratharajan (Tamil)
Maya Minatsuki (mayaeh) (Japanese)
dkdarshan760 (Sanskrit)
Roboron (Spanish)
Danial Behzadi (danialbehzadi) (Persian)
Imre Kristoffer Eilertsen (DandelionSprout) (Norwegian)
Coelacanthus (Chinese Simplified)
syncopams (Chinese Simplified, Chinese Traditional, Chinese Traditional, Hong Kong)
FédiQuébec (manuelviens) (French)
koyu (German)
Diluns (Occitan)
ariasuni (French, Arabic, Czech, German, Greek, Hungarian, Slovenian, Ukrainian, Chinese Simplified, Portuguese, Brazilian, Persian, Norwegian Nynorsk, Esperanto, Breton, Corsican, Sardinian, Kabyle)
Hakim Oubouali (zenata1) (Standard Moroccan Tamazight)
Hayk Khachatryan (brutusromanus123) (Armenian)
v4vachan (Malayalam)
Denys (dector) (Ukrainian)
Akarshan Biswas (biswasab) (Bengali, Sanskrit)
奈卜拉 (nebula_moe) (Chinese Simplified)
Liboide (Spanish)
cybergene (cyber-gene) (Japanese)
strubbl (German)
StanleyFrew (French)
Ryo (DrRyo) (Korean)
Sokratis Alichanidis (alichani) (Greek)
Rachida S. (ZiriSut) (Kabyle)
lamnatos (Greek)
Tigran (tigransimonyan) (Armenian)
atriix (Swedish)
antonyho (Chinese Traditional, Hong Kong)
Em St Cenydd (cancennau) (Welsh)
Pukima (pukimaaa) (German)
Aryamik Sharma (Aryamik) (Swedish, Hindi)
phena109 (Chinese Traditional, Hong Kong)
ahangarha (Persian)
Isaac Huang (caasih) (Chinese Traditional)
igordrozniak (Polish)
Allen Zhong (AstroProfundis) (Chinese Simplified)
coxde (Chinese Simplified)
Rasmus Lindroth (RasmusLindroth) (Swedish)
liffon (Swedish)
fragola (Italian)
Sasha Sorokin (Sasha-Sorokin) (Russian)
bobchao (Chinese Traditional)
twpenguin (Chinese Traditional)
ThonyVezbe (Breton)
Esther (esthermations) (Portuguese)
Tagomago (tagomago) (Spanish)
Balázs Meskó (mesko.balazs) (Hungarian)
Gopal Sharma (gopalvirat) (Hindi)
Tofiq Abdula (Xwla) (Sorani (Kurdish))
subram (Turkish)
Ptrcmd (ptrcmd) (Chinese Traditional)
arshat (Kazakh)
Scvoet (scvoet) (Chinese Simplified)
hiroTS (Chinese Traditional)
johne32rus23 (Russian)
Hexandcube (hexandcube) (Polish)
Neo_Chen (NeoChen1024) (Chinese Traditional)
Aswin C (officialcjunior) (Malayalam)
Ryan Ho (koungho) (Chinese Traditional)
GiorgioHerbie (Italian)
William(ѕ)ⁿ (wmlgr) (Spanish)
clarmin b8 (clarminb8) (Sorani (Kurdish))
Hernik (hernik27) (Czech)
Rikard Linde (rikardlinde) (Swedish)
Wrya ali (John12) (Sorani (Kurdish))
Goudarz Jafari (Goudarz) (Persian)
Pukima (Pukimaa) (German)
Jeff Huang (s8321414) (Chinese Traditional)
Timo Tijhof (Krinkle) (Dutch)
Yamagishi Kazutoshi (ykzts) (Japanese, Icelandic, Sorani (Kurdish))
AlexKoala (alexkoala) (Korean)
Rekan Adl (rekan-adl1) (Sorani (Kurdish))
ButterflyOfFire (BoFFire) (Arabic)
Sherwan Othman (sherwanothman11) (Sorani (Kurdish))
Yassine Aït-El-Mouden (yaitelmouden) (Standard Moroccan Tamazight)
Fei Yang (Fei1Yang) (Chinese Traditional)
Hougo (hougo) (French)
Vanege (Esperanto)
TracyJacks (Chinese Simplified)
mecqor labi (mecqorlabi) (Persian)
Selyan Slimane AMIRI (slimane_AMIRI) (Kabyle)
norayr (Armenian)
Marek Ľach (mareklach) (Slovak)
mkljczk (Polish)
marzuquccen (Kabyle)
Yi-Jyun Pan (pan93412) (Chinese Traditional)
Gargron (Icelandic, Kabyle)
dadosch (German)
Orlando Murcio (Atos20) (Spanish, Mexico)
Ильзира Рахматуллина (rahmatullinailzira53) (Tatar)
shdy (German)
Yogesh K S (yogi) (Kannada)
Antara2Cinta (Se7enTime) (Indonesian)
Pixelcode (realpixelcode) (German)
Hinaloe (hinaloe) (Japanese)
alnd hezh (alndhezh) (Sorani (Kurdish))
Clash Clans (KURD12345) (Sorani (Kurdish))
Sébastien Feugère (smonff) (French)
k_taka (peaceroad) (Japanese)
enolp (Asturian)
jmontane (Catalan)
Hallo Abdullah (hallo_hamza12) (Sorani (Kurdish))
Kahina Mess (K_hina) (Kabyle)
Reg3xp (Persian)
さっかりんにーさん (saccharin23) (Japanese)
Rhys Harrison (rhedders) (Esperanto)
GatoOscuro (Spanish)
pullopen (Chinese Simplified)
CyberAmoeba (pseudoobscura) (Chinese Simplified)
夜楓Yoka (Yoka2627) (Chinese Simplified)
Xurxo Guerra (xguerrap) (Galician)
Apple (blackteaovo) (Chinese Simplified)
mashirozx (Chinese Simplified)
ÀŘǾŚ PÀŚĦÀÍ (arospashai) (Sorani (Kurdish))
filippodb (Italian)
abidin toumi (Zet24) (Arabic)
tykayn (French)
xpac1985 (xpac) (German)
Ozai (German)
diorama (Italian)
dashty (Sorani (Kurdish))
Salh_haji6 (Sorani (Kurdish))
Ranj A Abdulqadir (RanjAhmed) (Sorani (Kurdish))
Amir Kurdo (kuraking202) (Sorani (Kurdish))
Baban Abdulrahman (baban.abdulrehman) (Sorani (Kurdish))
dobrado (Portuguese, Brazilian)
于晚霞 (xissshawww) (Chinese Simplified)
Hannah (Aniqueper1) (Chinese Simplified)
Savarín Electrográfico Marmota Intergalactica (herrero.maty) (Spanish)
Jari Ronkainen (ronchaine) (Finnish)
SamOak (Portuguese, Brazilian)
dcapillae (Spanish)
umonaca (Chinese Simplified)
ThibG (French)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v3.3.0