X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=CHANGELOG.md;h=c3e88f071628d18a8d7fb41dfee6ceed30523a97;hb=f3c118ca233169daa6fac92356ef7e76785cbf21;hp=ea6a25e4bd326950c6c45e6cf7b538d9796b0ddd;hpb=a5e98083f253c268bb1468bfaf358038e0e60147;p=akkoma

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ea6a25e4b..c3e88f071 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,20 +10,27 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Prometheus metrics exporting from `/api/v1/akkoma/metrics`
 - Ability to alter http pool size
 - Translation of statuses via ArgosTranslate
+- Argon2 password hashing
 - Ability to "verify" links in profile fields via rel=me
 - Mix tasks to dump/load config to/from json for bulk editing
+- Followed hashtag list at /api/v1/followed\_tags, API parity with mastodon
 
 ### Removed
 - Non-finch HTTP adapters
 - Legacy redirect from /api/pleroma/admin to /api/v1/pleroma/admin
 - Legacy redirects from /api/pleroma to /api/v1/pleroma
+- :crypt dependency
 
 ### Changed
 - Return HTTP error 413 when uploading an avatar or banner that's above the configured upload limit instead of a 500.
 - Non-admin users now cannot register `admin` scope tokens (not security-critical, they didn't work before, but you _could_ create them)
   - Admin scopes will be dropped on create
 - Rich media will now backoff for 20 minutes after a failure
+- Quote posts are now considered as part of the same thread as the post they are quoting
+- Extend the mix task `prune_objects` with options to keep more relevant posts
 - Simplified HTTP signature processing
+- Rich media will now hard-exit after 5 seconds, to prevent timeline hangs
+- HTTP Content Security Policy is now far more strict to prevent any potential XSS/CSS leakages
 
 ### Fixed 
 - /api/v1/accounts/lookup will now respect restrict\_unauthenticated