Pleroma major release: 2.4.0
Pleroma 2.4.0 has been released, featuring many fixes, additions and improvements.
Upgrade notes
- Run database migrations (inside Pleroma directory):
- OTP:
./bin/pleroma_ctl migrate
- From Source:
mix ecto.migrate
- OTP:
- Restart Pleroma
Frontend changes
Added
- Added a quick settings to timeline header for easier access
- Added option to mark posts as sensitive by default
- Added quick filters for notifications
- Implemented user option to change sidebar position to the right side
- Implemented user option to hide floating shout panel
- Implemented “edit profile” button if viewing own profile which opens profile settings
Fixed
- Fixed follow request count showing in the wrong location in mobile view
Admin Frontend changes
Added
- Evicting and banning objects from the MediaProxy cache is disabled if MediaProxy is disabled on the Settings tab. Add ability to enable MediaProxy and Invalidation from MediaProxy tab.
- Allow to upload the custom Terms of Service and Instance Panel HTML pages via Admin API
- Add Report show page and link Moderation log references to the respective reports
- Add Unconfimed filter for Users table
- Filter users by actor type: Person, Bot or Application
- Add ability to configure Media Preview Proxy, User Backup, Websocket based federation and Pleroma.Web.Endpoint.MetricsExporter settings
- Mobile and Tablet UI for Single Report show page
- Ability to set rules and conditions for rendering settings (e.g.
:proxy_remote
setting is hidden if:uploader
setting is set toPleroma.Uploaders.Local
) - Ability to install new frontends from the Frontend tab in the Settings section
Changed
- Breaking: AdminAPI changed User field
confirmation_pending
tois_confirmed
- Breaking: AdminAPI changed User field
approval_pending
tois_approved
- Breaking: AdminAPI changed User field
deactivated
tois_active
- Hide Tag actions on Users tab if MRF TagPolicy is disabled. Add ability to enable TagPolicy from Moderation menu
- Move
:restrict_unauthenticated
settings from Authentication tab to Instance tab - Replace regular inputs with textareas for setting welcome messages in the Settings section
- Remove Websocket based federation settings
- Move Settings tab navigation from the tabbed menu to the main sidebar menu. A separate route is created for each tab.
- Move Emoji packs configuration to the Emoji tab in the Settings section
- 401 and 404 error pages updated
- Remove unused components
Fixed
- Fix depricatied action names in Reports, move actions that manage users from Reports to reports module
- Allow using underscores and hyphens in new account’s usernames
- Fix wrapping
:icons
setting and parsing tuples in settings with key:headers
- Update keys for Pleroma.Web.Plugs.RemoteIp and PurgeExpiredActivity settings
- Update switching between local and remote emoji packs panels: the panel with the pack’s metadata will be closed when another panel is opened
- Fix displaying messages for multiple errors
Backend changes
Security
- Fixed client user agent leaking through MediaProxy
Removed
:auth, :enforce_oauth_admin_scope_usage
configuration option.
Changed
Breaking: Changed
mix pleroma.user toggle_confirmed
tomix pleroma.user confirm
Breaking: Changed
mix pleroma.user toggle_activated
tomix pleroma.user activate/deactivate
Polls now always return a
voters_count
, even if they are single-choice.Admin Emails: The ap id is used as the user link in emails now.
Improved registration workflow for email confirmation and account approval modes.
Search: When using Postgres 11+, Pleroma will use the
websearch_to_tsvector
function to parse search queries.Emoji: Support the full Unicode 13.1 set of Emoji for reactions, plus regional indicators.
Deprecated
Pleroma.Uploaders.S3, :public_endpoint
. NowPleroma.Upload, :base_url
is the standard configuration key for all uploaders.Improved Apache webserver support: updated sample configuration, MediaProxy cache invalidation verified with the included sample script
Improve OAuth 2.0 provider support. A missing
fqn
field was added to the response, but does not expose the user’s email address.Provide redirect of external posts from
/notice/:id
to their original URLAdmins no longer receive notifications for reports if they are the actor making the report.
Improved Mailer configuration setting descriptions for AdminFE.
Updated default avatar to look nicer.
API Changes
- Breaking: AdminAPI changed User field
confirmation_pending
tois_confirmed
- Breaking: AdminAPI changed User field
approval_pending
tois_approved
- Breaking: AdminAPI changed User field
deactivated
tois_active
- Breaking: AdminAPI
GET /api/pleroma/admin/users/:nickname_or_id/statuses
changed response format and added the number of total users posts. - Breaking: AdminAPI
GET /api/pleroma/admin/instances/:instance/statuses
changed response format and added the number of total users posts. - Admin API: Reports now ordered by newest
- Pleroma API:
GET /api/v1/pleroma/chats
is deprecated in favor ofGET /api/v2/pleroma/chats
. - Pleroma API: Reroute
/api/pleroma/*
to/api/v1/pleroma/*
- Breaking: AdminAPI changed User field
Added
Reports now generate notifications for admins and mods.
Support for local-only statuses.
Support pagination of blocks and mutes.
Account backup.
Configuration: Add
:instance, autofollowing_nicknames
setting to provide a way to make accounts automatically follow new users that register on the local Pleroma instance.Ability to view remote timelines, with ex.
/api/v1/timelines/public?instance=lain.com
and streamspublic:remote
andpublic:remote:media
.The site title is now injected as a
title
tag like preloads or metadata.Password reset tokens now are not accepted after a certain age.
Mix tasks to help with displaying and removing ConfigDB entries. See
mix pleroma.config
.OAuth form improvements: users are remembered by their cookie, the CSS is overridable by the admin, and the style has been improved.
OAuth improvements and fixes: more secure session-based authentication (by token that could be revoked anytime), ability to revoke belonging OAuth token from any client etc.
Ability to set ActivityPub aliases for follower migration.
Configurable background job limits for RichMedia (link previews) and MediaProxyWarmingPolicy
Ability to define custom HTTP headers per each frontend
MRF (
NoEmptyPolicy
): New MRF Policy which will deny empty statuses or statuses of only mentions from being created by local usersNew users will receive a simple email confirming their registration if no other emails will be dispatched. (e.g., Welcome, Confirmation, or Approval Required)
API Changes
- Admin API: (
GET /api/pleroma/admin/users
) filter users byunconfirmed
status andactor_type
. - Pleroma API:
GET /api/v2/pleroma/chats
added. It is exactly likeGET /api/v1/pleroma/chats
except supports pagination. - Pleroma API: Add
idempotency_key
to the chat message entity that can be used for optimistic message sending. - Pleroma API: (
GET /api/v1/pleroma/federation_status
) Add a way to get a list of unreachable instances. - Mastodon API: User and conversation mutes can now auto-expire if
expires_in
parameter was given while adding the mute. - Admin API: An endpoint to manage frontends.
- Streaming API: Add follow relationships updates.
- WebPush: Introduce
pleroma:chat_mention
andpleroma:emoji_reaction
notification types. - Mastodon API: Add monthly active users to
/api/v1/instance
(pleroma.stats.mau
). - Mastodon API: Home, public, hashtag & list timelines accept
only_media
,remote
&local
parameters for filtration. - Mastodon API:
/api/v1/accounts/:id
&/api/v1/mutes
endpoints acceptwith_relationships
parameter and return filledpleroma.relationship
field. - Mastodon API: Endpoint to remove a conversation (
DELETE /api/v1/conversations/:id
). - Mastodon API:
expires_in
in the scheduled postparams
field on/api/v1/statuses
and/api/v1/scheduled_statuses/:id
endpoints.
- Admin API: (
Fixed
- Users with
is_discoverable
field set to false (default value) will appear in in-service search results but be hidden from external services (search bots etc.). - Streaming API: Posts and notifications are not dropped, when CLI task is executing.
- Creating incorrect IPv4 address-style HTTP links when encountering certain numbers.
- Reblog API Endpoint: Do not set visibility parameter to public by default and let CommonAPI to infer it from status, so a user can reblog their private status without explicitly setting reblog visibility to private.
- Tag URLs in statuses are now absolute
- Removed duplicate jobs to purge expired activities
- File extensions of some attachments were incorrectly changed. This feature has been disabled for now.
- Mix task pleroma.instance creates missing parent directories if the configuration or SQL output paths are changed.
-
API Changes
- Mastodon API: Current user is now included in conversation if it’s the only participant.
- Mastodon API: Fixed last_status.account being not filled with account data.
- Mastodon API: Fix not being able to add or remove multiple users at once in lists.
- Mastodon API: Fixed own_votes being not returned with poll data.
- Mastodon API: Fixed creation of scheduled posts with polls.
- Mastodon API: Support for expiresin/expiresat in the Filters.