Pleroma security release: 2.4.3

Pleroma 2.4.3 is a security release. Notably fixing a cache issue which can leak private Activities and Objects.

Pleroma patch release: 2.4.2

Pleroma 2.4.2 is a patch release. It fixes potential federation issues, makes Pleroma compatible with Elixir 1.13 and features reworked mention display in Pleroma-FE, among other changes.

Erlang 24.2-1 is broken on Arch Linux

Version 24.2-1 (latest at time of writing) of erlang and erlang-nox packages on Arch Linux ships empty libraries, resulting in inability to compile native code and therefore run Pleroma from source.

Pleroma patch release: 2.4.1

Pleroma 2.4.1 has been released, featuring many fixes.

MastoFE deprecation, removal in 2021-09

With the Mastodon Frontend distribution (“MastoFE”) having lost collaboration when the glitch-soc maintainer went from “friendly/welcoming to pleroma” to a “fuck pleroma” almost a year ago, it became out of support.
Currently, MastoFE’s last release was made on 2020-05-14, the last commit activity was in 2020-09 and at around 2021-04 it became obvious that MasotFE wasn’t going to get any better and would sadly become technical debt.

Pleroma major release: 2.4.0

Pleroma 2.4.0 has been released, featuring many fixes, additions and improvements.

Move from Freenode to Libera.Chat

The Pleroma project is moving it’s chatrooms together with the former freenode staff to Libera.Chat and now considers the chatrooms on Freenode to be unofficial.

This also means a move of the matrix chatrooms to and

Our TheLounge instance at has already been updated to point to Libera.Chat.

See you on Libera.Chat!

Pleroma major release: 2.3.0

Pleroma 2.3.0 has been released, featuring many fixes, additions and improvements.

Pleroma patch release: 2.2.2

Pleroma 2.2.2 is a patch release. It fixes minor annoyances on the backend side, like EmojiStealPolicy not creating a directory by itself and mix deps.get warning about a retired package.

On the frontend side it adds a report button to the status menu, fixes issues with displaying Follows/Followers and more.

Pleroma patch release: 2.2.1

Pleroma 2.2.1 is patch release that fixes a few backend bugs.

On the frontend side we’ve got a long list of improvements in this release.

Most noticeable changes are moving the “external source” under the ellipsis button. Speaking of buttons, many of them have much more generous hitboxes for better mobile use and they should be much more accessible for keyboard navigation plugins.

One cool new feature is enabling use of flat colors for the background. For users you can use it by removing your own personal background and making sure in general settings that you’re not using instance default background. For instance admins that want to use the flat color by default, you can just remove the background image on your instance.

The emoji reactions have major improvements as you can now input emoji directly into the field, the ordering of the emoji is better and it includes some emoji that were previously missing.

Pleroma major release: 2.2.0

Pleroma 2.2.0 released, featuring many fixes, additions and improvements. Among the most significant changes are: optimized timeline rendering for Pleroma-FE, switch to libmagic for guessing file types (requires a new system-level dependency!) and the addition of an optional media-optimizing proxy for thumbnail generation.

Pleroma security release: 2.1.2

Pleroma 2.1.2 is a security release, fixing some object types (most notably polls) bypassing MRF and fixing bugs found after 2.1.1 release.

Pleroma security release: 2.1.1

Pleroma 2.1.1 is a security release, fixing 2 DoS vulnerabilities, metadata leak on private instances, a possible OOM with the default HTTP client and bugs found after 2.1.0 release.

Pleroma Release: 2.1.0

Pleroma 2.1.0 is a feature release that also contains many bugfixes and general improvements.

Pleroma security release: 2.0.7

Pleroma 2.0.7 is a security release, fixing 2 potential DoSes and CSP regressions introduced in 2.0.6 release.

Pleroma patch release: 2.0.6

Pleroma 2.0.6 is a patch release, bringing some database performance improvements, security hardening and fixing bugs found after the 2.0.5 release.

Pleroma security release: 2.0.5

Pleroma 2.0.5 is a security release, fixing a potential private status leak in Streaming API, removes the hard dependency on erlang-eldap introduced in 2.0.4 and other bugs found since 2.0.4 release.

Pleroma security release: 2.0.4

Pleroma 2.0.4 is a security release, fixing a potentially breaky migration introduced in 2.0.3, a potential DoS using AP C2S and other bugs found since 2.0.3 release.

Pleroma security release: 2.0.3

Pleroma 2.0.3 is a security release, fixing: possibility of re-registration of previously deleted users, ability to force a follow from a local user, and bugs found after 2.0.2 release.

Pleroma patch release: 2.0.2

Pleroma 2.0.2 is a patch release, fixing bugs found after 2.0.1 release.

Pleroma security release: 2.0.1

Pleroma 2.0.1 is a security release, fixing improper HTML sanitization in Static-FE and bugs found after 2.0.0 release.

Pleroma major release: 2.0.0

Pleroma 2.0.0 released with emoji reactions, OStatus removal, configuration from Admin-FE and much more! You can read a blog post about it here.

Pleroma patch release: 1.1.9

Pleroma 1.1.9 is a patch release, fixing bugs found after 1.1.8 release.

Rate limiter and Remote IP plug soon to be enabled by default again

Rate limiter was disabled by default in !1601 since the majority of Pleroma instances were behind reverse proxies and it didn’t take X-Forwarded-For headers into account, rate limiting the reverse proxy IP instead.