X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=CHANGELOG.md;h=86c90da0b609f53faf99a1bd5100afe46b0952cb;hb=ffb4eb9779ddd28ecee84c06e8dc58f4a4daaa38;hp=846d0102cfeb870b63529937300c54782b848c11;hpb=a0c65bbd6c708b555f457bf24ec07d2d41c3fe4a;p=akkoma diff --git a/CHANGELOG.md b/CHANGELOG.md index 846d0102c..86c90da0b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,9 +3,56 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). -## [unreleased] +## [Unreleased] +### Changed +- **Breaking:** Configuration: A setting to explicitly disable the mailer was added, defaulting to true, if you are using a mailer add `config :pleroma, Pleroma.Emails.Mailer, enabled: true` to your config +- Configuration: OpenGraph and TwitterCard providers enabled by default +- Configuration: Filter.AnonymizeFilename added ability to retain file extension with custom text +- Federation: Return 403 errors when trying to request pages from a user's follower/following collections if they have `hide_followers`/`hide_follows` set +- NodeInfo: Return `skipThreadContainment` in `metadata` for the `skip_thread_containment` option +- Mastodon API: Unsubscribe followers when they unfollow a user + +### Fixed +- Not being able to pin unlisted posts +- Metadata rendering errors resulting in the entire page being inaccessible +- Federation/MediaProxy not working with instances that have wrong certificate order +- Mastodon API: Handling of search timeouts (`/api/v1/search` and `/api/v2/search`) +- Mastodon API: Embedded relationships not being properly rendered in the Account entity of Status entity +- Mastodon API: Add `account_id`, `type`, `offset`, and `limit` to search API (`/api/v1/search` and `/api/v2/search`) +- ActivityPub C2S: follower/following collection pages being inaccessible even when authentifucated if `hide_followers`/ `hide_follows` was set + +### Added +- MRF: Support for priming the mediaproxy cache (`Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`) +- MRF: Support for excluding specific domains from Transparency. +- Configuration: `federation_incoming_replies_max_depth` option +- Mastodon API: Support for the [`tagged` filter](https://github.com/tootsuite/mastodon/pull/9755) in [`GET /api/v1/accounts/:id/statuses`](https://docs.joinmastodon.org/api/rest/accounts/#get-api-v1-accounts-id-statuses) +- Mastodon API, streaming: Add support for passing the token in the `Sec-WebSocket-Protocol` header +- Mastodon API, extension: Ability to reset avatar, profile banner, and background +- Mastodon API: Add support for categories for custom emojis by reusing the group feature. +- Mastodon API: Add support for muting/unmuting notifications +- Admin API: Return users' tags when querying reports +- Admin API: Return avatar and display name when querying users +- Admin API: Allow querying user by ID +- Admin API: Added support for `tuples`. +- Added synchronization of following/followers counters for external users +- Configuration: `enabled` option for `Pleroma.Emails.Mailer`, defaulting to `false`. +- Configuration: Pleroma.Plugs.RateLimiter `bucket_name`, `params` options. +- Addressable lists + +### Changed +- Configuration: Filter.AnonymizeFilename added ability to retain file extension with custom text +- Admin API: changed json structure for saving config settings. +- RichMedia: parsers and their order are configured in `rich_media` config. + +## [1.0.1] - 2019-07-14 +### Security +- OStatus: fix an object spoofing vulnerability. + +## [1.0.0] - 2019-06-29 ### Security - Mastodon API: Fix display names not being sanitized +- Rich media: Do not crawl private IP ranges + ### Added - Add a generic settings store for frontends / clients to use. - Explicit addressing option for posting. @@ -26,6 +73,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Federation: Support for `Question` and `Answer` objects - Federation: Support for reports - Configuration: `poll_limits` option +- Configuration: `pack_extensions` option - Configuration: `safe_dm_mentions` option - Configuration: `link_name` option - Configuration: `fetch_initial_posts` option @@ -59,13 +107,16 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - OAuth: added job to clean expired access tokens - MRF: Support for rejecting reports from specific instances (`mrf_simple`) - MRF: Support for stripping avatars and banner images from specific instances (`mrf_simple`) -- Ability to reset avatar, profile banner and backgroud - MRF: Support for running subchains. - Configuration: `skip_thread_containment` option - Configuration: `rate_limit` option. See `Pleroma.Plugs.RateLimiter` documentation for details. - MRF: Support for filtering out likely spam messages by rejecting posts from new users that contain links. +- Configuration: `ignore_hosts` option +- Configuration: `ignore_tld` option +- Configuration: default syslog tag "Pleroma" is now lowercased to "pleroma" ### Changed +- **Breaking:** bind to 127.0.0.1 instead of 0.0.0.0 by default - **Breaking:** Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer - Thread containment / test for complete visibility will be skipped by default. - Enforcement of OAuth scopes @@ -102,6 +153,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Posts which are marked sensitive or tagged nsfw no longer have link previews. - HTTP connection timeout is now set to 10 seconds. - Respond with a 404 Not implemented JSON error message when requested API is not implemented +- Rich Media: crawl only https URLs. ### Fixed - Follow requests don't get 'stuck' anymore.