v0.13.2 Spideriest Sloth

Release highlights

Fixes some issues where remote accounts could potentially imitate other accounts in order to deliver a subset of activities to a GtS inbox as those accounts. See post https://gts.superseriousbusiness.org/@gotosocial/statuses/01HNZ5GF2EM5M899B7RKXYNMH9 for more details.

This is a recommended security update over anything 0.13.1 and below. You should update your instance when time permits.

Migration notes

Upgrading

See the release notes for 0.13.0 but replace 0.13.0 with 0.13.2 throughout.

config.yaml

No changes since 0.13.1, see 0.13.0 for migration notes from versions < 0.13.0.

Database Migrations

No changes since 0.13.1, see 0.13.0 for migration notes from versions < 0.13.0.

Detailed Changelog

• f5314c0 [bugfix] Ensure activities sender always = activities actor (#2608)

v0.13.1 Spiderier Sloth

Release highlights

Fixes a couple small issues with poll vote counts and poll expiry, and an issue where domain blocks were sometimes not being properly enforced when deeper- and higher-level domain blocks were used in combination (eg., when combining blocks for say example.org, bad.example.org, also-bad.example.org).

Migration notes

Upgrading

See the release notes for 0.13.0 but replace 0.13.0 with 0.13.1 throughout. Easy peasy!

config.yaml

No changes since 0.13.0, see 0.13.0 for migration notes from versions < 0.13.0.

Database Migrations

No changes since 0.13.0, see 0.13.0 for migration notes from versions < 0.13.0.

Detailed Changelog

• ccecf5a [bugfix] fix higher-level explicit domain rules causing issues with lower-level domain blocking (#2513)
• d5c305d [bugfix] misc dereferencer fixes (#2475)
• 1c56192 [feature] Log pubKeyID for http-signed requests (#2501)
• f33d05c [bugfix] fix check for closed poll to account for non-zero closed time but in the future (#2486)
• b141500 [bugfix] fix poll total vote double count (#2464)

v0.13.0 Spider Sloth 🕷️

Spider Sloth, Spider Sloth, does whatever a .... sloth does?

Release highlights

• Create, view, and vote in polls. It's been a while in the making but GoToSocial now has support for polls, aka Question activity types. You can create, view, and vote in polls using your client of choice.
• Show unsupported media placeholders in incoming posts, where media could not be downloaded (temporarily or otherwise). No more dropped media on posts! You'll instead now get a link to the media on the originating instance, that you can click through in your (mobile) browser.
• Mute threads that you're being overwhelmed by. Notifications for replies, likes, and boosts in that thread will no longer be generated.
• Media cleanup scheduling. Previously media scheduling took place every night at 12am. With the new media scheduling settings in the config, you can customize the schedule to run it at different times and frequencies. https://docs.gotosocial.org/en/latest/admin/media_caching/#cleanup
• Support for setting instance language . You can use the new instance-languages setting to indicate one or more primary languages for your instance. https://docs.gotosocial.org/en/latest/configuration/instance/
• Support for language tags on posts. Language of posts is now correctly federated in and out of your instance. The language of posts is also shown on the web view of statuses and threads.
• Gather and expose prometheus format metrics. You can now expose a /metrics endpoint to allow a Prometheus instance to scrape metrics about Go runtime memory usage, http request and database metrics, and more. https://docs.gotosocial.org/en/latest/advanced/metrics/

Migration notes

Error #01: authentication NOT PASSED for public key

You will see lots of errors in your logs now that look like this. This is normal, and not a new bug! Previously, we were not surfacing these authentication errors, and now we are. They are caused by #894, which we will fix some time in the new year. Again, not a new bug. This will not effect normal running of your instance.

Upgrading

To upgrade to 0.13.0 from a previous release:

Binary/tar

1. Stop GoToSocial
2. Untar the new release, including the web assets and html templates.
3. Edit your config.yaml file as necessary (see below).
4. Start GoToSocial

Docker

1. Stop GoToSocial.
2. Pull the new docker container (superseriousbusiness/gotosocial:0.13.0 or superseriousbusiness/gotosocial:latest)
3. Start GoToSocial.

config.yaml

The configuration file has changed since the previous release. You can see a diff of the config file here: v0.12.2...v0.13.0#diff-c071e03510b2c57e193a44503fd9528a785f0f411497cc75841a9f8d0b1ac622

Database Migrations

This release contains several database migrations which will run the first time you start up this new version. Be sure not to interrupt this migration process. This will take anywhere between a couple seconds and ten minutes (on slower hardware). Please be patient!

Detailed Changelog

Features + performance

• [feature] Status thread mute/unmute functionality by @tsmethurst in #2278
• [feature] attach any request errors if found, only set level=ERROR if code >= 500 by @NyaaaWhatsUpDoc in #2300
• [feature] Customizable media cleaner schedule by @tsmethurst in #2304
• [feature] add per-uri dereferencer locks by @NyaaaWhatsUpDoc in #2291
• [feature] support canceling scheduled tasks, some federation API performance improvements by @NyaaaWhatsUpDoc in #2329
• [feature] add support for polls + receiving federated status edits by @NyaaaWhatsUpDoc in #2330
• [feature] Media attachment placeholders by @tsmethurst in #2331
• [feature/performance] Wrap incoming HTTP requests in timeout handler by @tsmethurst in #2353
• [feature] Set/show instance language(s); show post language on frontend by @tsmethurst in #2362
• [feature] Initial metrics by @Tsuribori in #2334
• [feature] Federate status language in and out by @tsmethurst in #2366
• [feature] Poll web view by @tsmethurst in #2377
• [performance] http response encoding / writing improvements by @NyaaaWhatsUpDoc in #2374
• [feature] Add /api/v1/admin/debug/apurl endpoint by @tsmethurst in #2359
• [performance/postgres] Rename constraints, remove duplicate indexes by @tsmethurst in #2392

Bugfixes

• [bugfix] serialize instance terms via API by @tsmethurst in #2293
• [bugfix/frontend] Export/import CSV correctly by @tsmethurst in #2294
• [bugfix] allow store smaller PNG image than 261 bytes (#2263) by @KEINOS in #2298
• [bugfix/frontend] Add nosubmit option to form fields; use it when instance custom CSS disabled by @tsmethurst in #2290
• [bugfix] Extract description as summary first, fall back to name by @tsmethurst in #2303
• [bugfix] Allow blocked accounts to show in precise search by @tsmethurst in #2321
• [bugfix] Relax Mention parsing, allowing either href or name by @tsmethurst in #2320
• Remove account_suspended_at_idx to resolve slow query issues by @Sentynel in #2310
• [bugfix] fix poll vote count responses on client and fedi API vote creation by @NyaaaWhatsUpDoc in #2343
• [bugfix] actually decrement votes during poll vote delete ... by @NyaaaWhatsUpDoc in #2344
• [bugfix/docs] Poll api fixups + swagger docs by @tsmethurst in #2345
• [bugfix] Don't try to update suspended accounts by @tsmethurst in #2348
• [chore/bugfix/horror] Allow expires_in and poll choices to be parsed from strings by @tsmethurst in #2346
• [bugfix] support endless polls, and misskey's' method of inferring expiry in closed polls by @NyaaaWhatsUpDoc in #2349
• [bugfix] Update poll delete/update db queries by @tsmethurst in #2361
• [bugfix] process account delete side effects in serial, not in parallel by @tsmethurst in #2360
• [bugfix] self-referencing collection pages for status replies by @NyaaaWhatsUpDoc in #2364
• [bugfix] Add Actor to outgoing poll vote Create; other fixes by @tsmethurst in #2384
• [bugfix] Don't copy ptr fields in caches by @tsmethurst in #2386
• [bugfix] Correctly handle range > content-length by @Jadeiin in #2395
• [bugfix] Update exif-terminator (fix png issue) by @tsmethurst in #2391
• [bugfix] always go through status parent dereferencing on isNew, even on data-race by @NyaaaWhatsUpDoc in #2402
• [bugfix] return 400 Bad Request on more cases of malformed AS data by @NyaaaWhatsUpDoc in #2399
• [bugfix] in fedi API CreateStatus(), handle case of data-race and return early by @NyaaaWhatsUpDoc in #2403
• [bugfix/chore] Announce reliability updates by @tsmethurst in #2405
• [bug] Fix an import statement in the gen template by @daenney in #2426
• [bugfix] Fix wrong notification type sent for poll end by @tsmethurst in #2429
• [bugfix] Fix web media not showing as sensitive by @tsmethurst in #2433
• [bugfix] Ensure pre renders as expected, fix orderedCollectionPage by @tsmethurst in #2434
• [bugfix] Narrow search scope for accounts starting with '@'; don't LOWER SQLite text searches by @tsmethurst in #2435
• [bugfix] Make screenreaders read out Language of posts properly by @tsmethurst in #2436
• [bugfix] ensure the 'Closing' flag doesn't get cached by @NyaaaWhatsUpDoc in #2443
• [bugfix] pol...

v0.13.0-rc2

Hiya! Here's the second release candidate for 0.13.0!

For installation / migration instructions, please see the release notes for the RC1, but replace rc1 with rc2 throughout:

https://github.com/superseriousbusiness/gotosocial/releases/tag/v0.13.0-rc1

Happy bug hunting!

Detailed Changelog

Bugfixes

• d0bb8f0 [bugfix] Let templates deref pointers, as a treat (#2448)
• ac48192 [bugfix] poll vote count fixes (#2444)
• 2191c7d [bugfix] ensure the 'Closing' flag doesn't get cached (#2443)
• bca9b2c [bugfix] Make screenreaders read out Language of posts properly (#2436)
• 3f070a4 [bugfix] Narrow search scope for accounts starting with '@'; don't LOWER SQLite text searches (#2435)
• d60edf7 [bugfix] Ensure pre renders as expected, fix orderedCollectionPage (#2434)
• cc91ea0 [bugfix] Fix web media not showing as sensitive (#2433)
• c6d6fec [bugfix] Fix wrong notification type sent for poll end (#2429)
• 455064f [bug] Fix an import statement in the gen template (#2426)

Chores / version bumps

• cd16113 [chore]: Bump github.com/KimMachineGun/automemlimit from 0.3.0 to 0.4.0 (#2440)
• 9b03840 [chore]: Bump github.com/miekg/dns from 1.1.56 to 1.1.57 (#2439)
• cdeba94 [chore]: Bump golang.org/x/oauth2 from 0.13.0 to 0.15.0 (#2438)
• a968a03 [chore]: Bump github.com/coreos/go-oidc/v3 from 3.7.0 to 3.9.0 (#2442)
• 4779aec [chore] Run ANALYZE for SQLite after latest migrations (#2427)
• dacfd41 [chore/frontend] Refactor status templates slightly, put polls behind CWs if present (#2419)
• 18d850e [chore]: Bump go.opentelemetry.io/otel/exporters/prometheus (#2412)
• ca1a581 [chore]: Bump github.com/tdewolff/minify/v2 from 2.20.7 to 2.20.9 (#2416)
• bdc43a9 [chore]: Bump github.com/minio/minio-go/v7 from 7.0.63 to 7.0.65 (#2415)
• b576fbb [chore]: Bump golang.org/x/crypto from 0.15.0 to 0.16.0 (#2413)
• bffc67d [chore]: Bump github.com/gorilla/feeds from 1.1.1 to 1.1.2 (#2414)

Docs

• 5556767 [docs] Change configuration creation instructions (#2408)

v0.13.0-rc1

Well well well, look what the sloth dragged in... the first release candidate for v0.13.0, Spider Sloth.

Release highlights

• Create, view, and vote in polls. It's been a while in the making but GoToSocial now has support for polls, aka Question activity types. You can create, view, and vote in polls using your client of choice.
• Show unsupported media placeholders in incoming posts, where media could not be downloaded (temporarily or otherwise). No more dropped media on posts! You'll instead now get a link to the media on the originating instance, that you can click through in your (mobile) browser.
• Mute threads that you're being overwhelmed by. Notifications for replies, likes, and boosts in that thread will no longer be generated.
• Media cleanup scheduling. Previously media scheduling took place every night at 12am. With the new media scheduling settings in the config, you can customize the schedule to run it at different times and frequencies. https://docs.gotosocial.org/en/latest/admin/media_caching/#cleanup
• Support for setting instance language . You can use the new instance-languages setting to indicate one or more primary languages for your instance. https://docs.gotosocial.org/en/latest/configuration/instance/
• Support for language tags on posts. Language of posts is now correctly federated in and out of your instance. The language of posts is also shown on the web view of statuses and threads.
• Gather and expose prometheus format metrics. You can now expose a /metrics endpoint to allow a Prometheus instance to scrape metrics about Go runtime memory usage, http request and database metrics, and more. https://docs.gotosocial.org/en/latest/advanced/metrics/

Migration notes

Upgrading

To upgrade to 0.13.0-rc1 from a previous release:

Binary/tar

1. Stop GoToSocial
2. Untar the new release, including the web assets and html templates.
3. Edit your config.yaml file as necessary (see below).
4. Start GoToSocial

Docker

1. Stop GoToSocial.
2. Pull the new docker container (superseriousbusiness/gotosocial:0.13.0-rc1 or superseriousbusiness/gotosocial:latest)
3. Start GoToSocial.

config.yaml

The configuration file has changed since the previous release. You can see a diff of the config file here: v0.12.2...v0.13.0-rc1#diff-c071e03510b2c57e193a44503fd9528a785f0f411497cc75841a9f8d0b1ac622

Database Migrations

This release contains several database migrations which will run the first time you start up this new version. Be sure not to interrupt this migration process. This will take anywhere between a couple seconds and ten minutes (on slower hardware). Please be patient!

Detailed Changelog

Feature / performance

• [feature] Status thread mute/unmute functionality by @tsmethurst in #2278
• [feature] attach any request errors if found, only set level=ERROR if code >= 500 by @NyaaaWhatsUpDoc in #2300
• [feature] Customizable media cleaner schedule by @tsmethurst in #2304
• [feature] add per-uri dereferencer locks by @NyaaaWhatsUpDoc in #2291
• [performance] Remove account_suspended_at_idx to resolve slow query issues by @Sentynel in #2310
• [feature] support canceling scheduled tasks, some federation API performance improvements by @NyaaaWhatsUpDoc in #2329
• [feature] add support for polls + receiving federated status edits by @NyaaaWhatsUpDoc in #2330
• [feature] Media attachment placeholders by @tsmethurst in #2331
• [feature/performance] Wrap incoming HTTP requests in timeout handler by @tsmethurst in #2353
• [feature] Set/show instance language(s); show post language on frontend by @tsmethurst in #2362
• [feature] Initial metrics by @Tsuribori in #2334
• [feature] Federate status language in and out by @tsmethurst in #2366
• [feature] Poll web view by @tsmethurst in #2377
• [performance] http response encoding / writing improvements by @NyaaaWhatsUpDoc in #2374
• [feature] Add /api/v1/admin/debug/apurl endpoint by @tsmethurst in #2359
• [performance/postgres] Rename constraints, remove duplicate indexes by @tsmethurst in #2392

Bugfixes

• [bugfix/frontend] Add nosubmit option to form fields; use it when instance custom CSS disabled by @tsmethurst in #2290
• [bugfix] serialize instance terms via API by @tsmethurst in #2293
• [bugfix/frontend] Export/import CSV correctly by @tsmethurst in #2294
• [bugfix] allow store smaller PNG image than 261 bytes (#2263) by @KEINOS in #2298
• [bugfix] Extract description as summary first, fall back to name by @tsmethurst in #2303
• [bugfix] Allow blocked accounts to show in precise search by @tsmethurst in #2321
• [bugfix] Relax Mention parsing, allowing either href or name by @tsmethurst in #2320
• [bugfix] fix poll vote count responses on client and fedi API vote creation by @NyaaaWhatsUpDoc in #2343
• [bugfix] actually decrement votes during poll vote delete ... by @NyaaaWhatsUpDoc in #2344
• [bugfix/docs] Poll api fixups + swagger docs by @tsmethurst in #2345
• [bugfix] Don't try to update suspended accounts by @tsmethurst in #2348
• [chore/bugfix/horror] Allow expires_in and poll choices to be parsed from strings by @tsmethurst in #2346
• [bugfix] support incoming endless polls, and misskey's' method of inferring expiry in closed polls by @NyaaaWhatsUpDoc in #2349
• [bugfix] Update poll delete/update db queries by @tsmethurst in #2361
• [bugfix] process account delete side effects in serial, not in parallel by @tsmethurst in #2360
• [bugfix] self-referencing collection pages for status replies by @NyaaaWhatsUpDoc in #2364
• [bugfix] Add Actor to outgoing poll vote Create; other fixes by @tsmethurst in #2384
• [bugfix] Don't copy ptr fields in caches by @tsmethurst in #2386
• [bugfix] Correctly handle range > content-length by @Jadeiin in #2395
• [bugfix] Update exif-terminator (fix png issue) by @tsmethurst in #2391
• [bugfix] always go through status parent dereferencing on isNew, even on data-race by @NyaaaWhatsUpDoc in #2402
• [bugfix] return 400 Bad Request on more cases of malformed AS data by @NyaaaWhatsUpDoc in #2399
• [bugfix] in fedi API CreateStatus(), handle case of data-race and return early by @NyaaaWhatsUpDoc in #2403
• [bugfix/chore] Announce reliability updates by @tsmethurst in #2405

Chores and version bumps

• [chore]: Bump github.com/coreos/go-oidc/v3 from 3.6.0 to 3.7.0 by @dependabot in #2284
• [chore] de-interface{} the federator and dereferencer structs by @NyaaaWhatsUpDoc in #2285
• [chore] bump go version -> 1.21.x by @tsmethurst in #2287
• Bump @babel/traverse from 7.23.0 to 7.23.2 in /web/source by @dependabot in #2269
• [chore] update minify library by @NyaaaWhatsUpDoc in #2286
• [chore] bump go swagger version in Docker build by @tsmethurst in #2292
• [chore]: Bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @dependabot in #2301
• [chore]: Bump github.com/tdewolff/minify/v2 from 2.19.10 to 2.20.0 by @dependabot in #2316
• [chore]: Bump github.com/yuin/goldmark from 1.5.6 to 1.6.0 by @dependabot in #2318
• Bump browserify-sign from 4.2.1 to 4.2.2 in /web/source by @dependabot in #2...

v0.12.2 Spaghettiest Sloth

'Ey up! Another 0.12 series bugfix release!

We fixed an issue where remote accounts that were suspended via targeted suspensions in the admin API could be later marked as unsuspended. This means that the suspended account had all their relationships / media / statuses etc deleted, as normal, but these might end up being repopulated later on if you interacted with the account again.

If you suspended any remote accounts from your instance via a targeted suspension in the admin settings panel, since 0.12.0, you may need to suspend these accounts again after updating to this release.

Note: This issue only affects remote accounts that were suspended in that particular way (targeted via the admin API). Domain blocks (and accounts suspended as part of a domain block) are not affected by the bug, nor are local accounts suspended via the admin API.

So there you go!

For detailed release notes, instructions, and warnings, please follow the 0.12.0 release notes and just replace 0.12.0 with 0.12.2 throughout. Thanks! Enjoy!

Changelog

• 096c517 [bugfix] Don't try to update suspended accounts (#2348)

v0.12.1 Spaghettier Sloth

Hiya! This here is a bugfix release for 0.12.0 Spaghetti Sloth!

We fixed csv block/allowlist import/export in the settings panel, instance terms and conditions updating, and also a silly issue where you couldn't use the settings panel to update your profile if you didn't have custom CSS enabled on your instance (blame me, tobi, for all these shiny new frontend bugs).

For detailed release notes, instructions, and warnings, please follow the 0.12.0 release notes and just replace 0.12.0 with 0.12.1 throughout. Thanks! Enjoy!

Changelog

• 5fdc005 [bugfix/frontend] Export/import CSV correctly (#2294)
• 1e632dc [bugfix] serialize instance terms via API (#2293)
• 8a23ce2 [bugfix/frontend] Add nosubmit option to form fields + use it when instance custom CSS disabled (#2290)

v0.12.0 Spaghetti Sloth 🍝

Hello! Here's version 0.12.0 of GoToSocial, codename SPAGHETTI SLOTH 🍝

Release highlights

This release brings initial support for different federation modes, starting with allowlist federation mode. You can now set your federation mode to allowlist, and then add and remove domain allows via the admin settings panel. You can read documentation on this feature here: https://docs.gotosocial.org/en/latest/admin/federation_modes/.

We revamped some other bits of the settings panel too, including adding a setting for the discoverable flag, which is documented here: https://docs.gotosocial.org/en/latest/user_guide/settings/#mark-account-as-discoverable-by-search-engines-and-directories

We also added settings for instance rules: you can now add and remove rules for your instance, and users on your instance can select rules that have been broken when creating reports. Rules are shown on the /about page for your instance.

And as usual we did a whole bunch of bug fixing, performance tweaks, and that sort of thing! It's a bit of a cliche to put that in release notes, but there you go.

We also started implementing some background functionality for poll support, but we didn't quite finish that in time for this release, so polls are not yet enabled. Next time!

Migration notes

Settings panel

You may get an error when using the new settings panel code for the first time, since we moved some stuff around. To resolve this, please try clearing cookies for the page using your browser settings, refreshing the page, and then logging in again.

Building frontend from source

If you build the frontend assets (settings panel, css, etc) yourself from source, please be aware that the instructions for building have changed slightly: https://github.com/superseriousbusiness/gotosocial/blob/main/CONTRIBUTING.md#stylesheet--web-dev

Upgrading

To upgrade to 0.12.0 from a previous release:

Binary/tar

1. Stop GoToSocial
2. Untar the new release, including the web assets and html templates.
3. Edit your config.yaml file as necessary (see below).
4. Start GoToSocial

Docker

1. Stop GoToSocial.
2. Pull the new docker container (superseriousbusiness/gotosocial:0.12.0 or superseriousbusiness/gotosocial:latest)
3. Start GoToSocial.

config.yaml

The configuration file has changed since the previous release. You can see a diff of the config file here: v0.11.1...v0.12.0#diff-c071e03510b2c57e193a44503fd9528a785f0f411497cc75841a9f8d0b1ac622

Database Migrations

This release contains several database migrations which will run the first time you start up this new version. Be sure not to interrupt this migration process. This will take anywhere between a couple seconds and ten minutes (on slower hardware). Please be patient!

Detailed Changelog

Features and performance

• [feature] Add snapshot binary builds + uploads by @tsmethurst in #2119
• [feature] Instance rules by @f0x52 in #2125
• [feature/bugfix] Probe S3 storage for CSP uri, add config flag for extra URIs by @tsmethurst in #2134
• [performance] Tweak media attachment cleanup; replace stale index by @tsmethurst in #2143
• [feature] Make log format configurable by @daenney in #2130
• [performance] Rework home timeline query to use cache more by @tsmethurst in #2148
• [feature] Add rate limit exceptions option, use ISO8601 for rate limit reset by @tsmethurst in #2151
• [feature] list commands for both attachment and emojis by @rdelaage in #2121
• [feature] Store admin actions in the db, prevent conflicting actions by @tsmethurst in #2167
• [feature] Don't trace non-existing routes by @daenney in #2172
• [feature] Support OTLP HTTP, drop Jaeger by @daenney in #2184
• [feature] Support Actor URIs for webfinger queries by @daenney in #2187
• [feature] Allow admins to expire remote public keys; refetch expired keys on demand by @tsmethurst in #2183
• [feature] add paging to account follows, followers and follow requests endpoints by @NyaaaWhatsUpDoc in #2186
• [feature] add paging to AP following / followers endpoints by @NyaaaWhatsUpDoc in #2198
• [feature] Implement explicit domain allows + allowlist federation mode by @tsmethurst in #2200
• [frontend] Add discoverable flag to settings panel by @tsmethurst in #2235
• [feature] Block a bunch of "AI" crawlers by @daenney in #2239
• [feature] tentatively start adding polls support by @NyaaaWhatsUpDoc in #2249
• [performance] updates markdown parsing to reduce allocations by @NyaaaWhatsUpDoc in #2252
• [feature] Allow import/export/creation of domain allows via admin panel by @tsmethurst in #2264

Bugfixes

• [bugfix] fix double firing bun.DB query hooks by @NyaaaWhatsUpDoc in #2124
• [bugfix/frontend] Normalize header sizes by @tsmethurst in #2152
• [bugfix] wrap bun.Tx to add our own error processing by @NyaaaWhatsUpDoc in #2169
• [bugfix] move SQLite pragmas into connection string by @NyaaaWhatsUpDoc in #2171
• [bugfix] fix checks for deref the same status descendants / ascendants by @NyaaaWhatsUpDoc in #2181
• [bugfix] fix flakey paging test by @NyaaaWhatsUpDoc in #2210
• [bugfix] support both CollectionPage AND OrderedCollectionPage in status replies by @NyaaaWhatsUpDoc in #2220
• [bugfix] Move follow.show_reblogs check further up to avoid showing unwanted reblogs in home timeline by @tsmethurst in #2234
• [bugfix] Fix paging for empty items by @tsmethurst in #2236
• [bugfix/frontend] Fix 'steal this look' emoji promise mapping by @tsmethurst in #2270
• [frontend/bugfix] Fix bulk import export link by @tsmethurst in #2275
• [bugfix] Postgres error wrapping fix by @tsmethurst in #2276
• [bugfix] Add missing "local" param in public timeline link headers by @tsmethurst in #2277
• [bugfix/frontend] fix typo and other oddness in patchRemoteEmojis by @tsmethurst in #2281

Chores and version bumps

• [chore] ensure worker contexts have request ID by @NyaaaWhatsUpDoc in #2120
• [chore]: Bump modernc.org/sqlite from 1.24.0 to 1.25.0 by @dependabot in #2114
• [chore]: Bump github.com/abema/go-mp4 from 0.12.0 to 0.13.0 by @dependabot in #2113
• [chore]: Bump github.com/jackc/pgx/v5 from 5.4.2 to 5.4.3 by @dependabot in #2112
• [chore]: Bump github.com/yuin/goldmark from 1.5.5 to 1.5.6 by @dependabot in #2140
• [chore]: Bump github.com/minio/minio-go/v7 from 7.0.61 to 7.0.62 by @dependabot in #2141
• [chore]: Bump codeberg.org/gruf/go-kv from 1.6.3 to 1.6.4 by @dependabot in #2142
• [chore/frontend] Make line-height a wee little bit bigger by @tsmethurst in #2159
• [chore]: Bump github.com/KimMachineGun/automemlimit from 0.2.6 to 0.3.0 by @dependabot in #2165
• [chore]: Bump github.com/google/uuid from 1.3.0 to 1.3.1 by @dependabot in #2166
• [chore]: Bump golang.org/x/text from 0.12.0 to 0.13.0 by @dependabot in #2177
• [chore]: Bump github.com/minio/minio-go/v7 from 7.0.62 to 7.0.63 by @dependabot in #2180
• [chore]: Bump golang.org/x/image from 0.11.0 to 0.12.0 by @dependabot in #2178
• [chore] Add script for downloading latest snapshot tar.gz by @tsmethurst in #2157
• [chore] much improved paging package by @NyaaaWhatsUpDoc in https://github.com/superseriousbusin...

v0.12.0-rc2

Hello hello! Another day another release candidate. We fixed a couple bugs that showed up in the first RC. Thank you for reporting those!

For full installation instructions and changes etc, please follow the rc1 release notes linked below, but replace rc1 with rc2 throughout.

https://github.com/superseriousbusiness/gotosocial/releases/tag/v0.12.0-rc1

Changelog

• 805c67b [bugfix] add missing "local" param in public timeline link headers (#2277)
• 77c5d74 [bugfix] Postgres error wrapping fix (#2276)
• 5250b57 [frontend/bugfix] bulk import export link (#2275)
• 0dfb260 [bugfix/frontend] Fix 'steal this look' emoji promise mapping (#2270)

v0.12.0-rc1

Hello!

Here's the first release candidate for version 0.12.0 of GoToSocial, codename SPAGHETTI SLOTH 🍝

Release highlights

This release brings initial support for different federation modes, starting with allowlist federation mode. You can now set your federation mode to allowlist, and then add and remove domain allows via the admin settings panel. You can read documentation on this feature here: https://docs.gotosocial.org/en/latest/admin/federation_modes/.

We revamped some other bits of the settings panel too, including adding a setting for the 'discoverable' flag, which is documented here: https://docs.gotosocial.org/en/latest/user_guide/settings/#mark-account-as-discoverable-by-search-engines-and-directories

And as usual we did a whole bunch of bug fixing, performance tweaks, and that sort of thing! It's a bit of a cliche to put that in release notes, but there you go.

We also started implementing some background functionality for poll support, but we didn't quite finish that in time for this release, so polls are not yet enabled. Next time!

Migration notes

Settings panel

You may get an error when using the new settings panel code for the first time, since we moved some stuff around. To resolve this, please try clearing cookies for the page using your browser settings, refreshing the page, and then logging in again.

Building frontend from source

If you build the frontend assets (settings panel, css, etc) yourself from source, please be aware that the instructions for building have changed slightly: https://github.com/superseriousbusiness/gotosocial/blob/main/CONTRIBUTING.md#stylesheet--web-dev

Upgrading

To upgrade to 0.12.0 from a previous release:

Binary/tar

1. Stop GoToSocial
2. Untar the new release, including the web assets and html templates.
3. Edit your config.yaml file as necessary (see below).
4. Start GoToSocial

Docker

1. Stop GoToSocial.
2. Pull the new docker container (superseriousbusiness/gotosocial:0.12.0-rc1 or superseriousbusiness/gotosocial:latest)
3. Start GoToSocial.

config.yaml

The configuration file has changed since the previous release. You can see a diff of the config file here: v0.11.1...v0.12.0-rc1#diff-c071e03510b2c57e193a44503fd9528a785f0f411497cc75841a9f8d0b1ac622

Database Migrations

This release contains several database migrations which will run the first time you start up this new version. Be sure not to interrupt this migration process. This will take anywhere between a couple seconds and ten minutes (on slower hardware). Please be patient!

Detailed Changelog

Features + Performance

• 637f188 [feature] Allow import/export/creation of domain allows via admin panel (#2264)
• 6e50883 [performance] updates markdown parsing to reduce allocations in the same way as the plain text formatter (#2252)
• c6e00af [feature] tentatively start adding polls support (#2249)
• 736cd37 [frontend] Add discoverable flag to settings panel (#2235)
• 0cce2c0 [feature] Block a bunch of "AI" crawlers (#2239)
• 183eaa5 [feature] Implement explicit domain allows + allowlist federation mode (#2200)
• fc11dee [feature] add paging to AP following / followers endpoints (#2198)
• 7293d60 [feature] add paging to account follows, followers and follow requests endpoints (#2186)
• 4b59451 [feature] Allow admins to expire remote public keys; refetch expired keys on demand (#2183)
• 2cac5a4 [feature] Support Actor URIs for webfinger queries (#2187)
• 14ef098 [feature] Support OTLP HTTP, drop Jaeger (#2184)
• 5f10885 [feature] Don't trace non-existing routes (#2172)
• 3ed1ca6 [feature] Store admin actions in the db, prevent conflicting actions (#2167)
• 7b48437 [feature] list commands for both attachment and emojis (#2121)
• 8f38dc2 [feature] Add rate limit exceptions option, use ISO8601 for rate limit reset (#2151)
• 94d1663 [performance] Rework home timeline query to use cache more (#2148)
• 4ae16bc [feature] Make log format configurable (#2130)
• 638f023 [performance] Tweak media attachment cleanup; replace stale index (#2143)
• 1e2db7a [feature/bugfix] Probe S3 storage for CSP uri, add config flag for extra URIs (#2134)
• 92de8fb [feature] Instance rules (#2125)
• 42bb352 [feature] Add snapshot binary builds + uploads (#2119)

Bugfixes

• 2b6b9cd [bugfix] Fix paging for empty items (#2236)
• b6b8f82 [bugfix] Move follow.show_reblogs check further up to avoid showing unwanted reblogs in home timeline (#2234)
• 9f9fcf7 [bugfix] support both CollectionPage AND OrderedCollectionPage in status replies (#2220)
• ba0a31d [bugfix] fix flakey paging test (#2210)
• 916c6d0 [bugfix] fix checks for deref the same status descendants / ascendants (#2181)
• 4eb77ff [bugfix] move SQLite pragmas into connection string (#2171)
• 1ee99fc [bugfix] wrap bun.Tx to add our own error processing (#2169)
• 083e8f3 [bugfix/frontend] Normalize header sizes (#2152)
• d5d6ad4 [bugfix] fix double firing bun.DB query hooks (#2124)

Chores + version bumps

• 48725f7 [chore]: Bump github.com/microcosm-cc/bluemonday from 1.0.25 to 1.0.26 (#2266)
• 39e22a9 [chore]: Bump golang.org/x/net from 0.16.0 to 0.17.0 (#2262)
• 37fe8ae [chore]: Bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 (#2258)
• 274dfb5 [chore]: Bump golang.org/x/image from 0.12.0 to 0.13.0 (#2256)
• abd598e [chore]: Bump github.com/abema/go-mp4 from 1.0.0 to 1.1.1 (#2257)
• 5aeceb5 [chore]: Bump golang.org/x/net from 0.15.0 to 0.16.0 (#2260)
• d173fcd [chore] Convert some settings / admin panel JS to TypeScript (#2247)
• 297b6ee [chore] internal/ap: add pollable AS types, code reformatting, general niceties (#2248)
• a1ab2c2 [chore]: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.18.0 to 1.19.0 (#2246)
• 118b546 [chore]: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#2244)
• 21f0517 [chore]: Bump modernc.org/sqlite from 1.25.0 to 1.26.0 (#2243)
• 088daef [chore]: Bump go.opentelemetry.io/otel/sdk from 1.18.0 to 1.19.0 (#2242)
• 536d9e4 [chore/bugfix] Deinterface text.Formatter, allow underscores in hashtags (#2233)
• 2a9927d [chore] Enable S256 code challenge (#2224)
• e93cc7a [chore]: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#2221)
• d45a75e [chore]: Bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 (#2223)
• 380d83f [chore]: Bump github.com/abema/go-mp4 from 0.13.0 to 1.0.0 (#2222)
• 8f67dd5 [chore] deinterface the typeutils.Converter and update to use state structure (#2217)
• 1b848aa [chore] fix typo in slice.go (#2219)
• c6fdcd5 [chore]: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.17.0 to 1.18.0 (#2207)
• f302ebb [chore]: Bump github.com/miekg/dns from 1.1.55 to 1.1.56 (#2204)
• 50b713e [chore] bump bun (and related libraries) versions to v1.1.16 (#2209)
• 7011f57 [chore] bump bun v1.1.14 -> v1.1.15 (#2195)
• 23dd6f6 [chore]: Bump golang.org/x/net from 0.14.0 to 0.15.0 (#2193)
• ecbce17 [chore]: Bump github.com/tdewolff/minify/v2 from 2.12.8 to 2.12.9 (#2194)
• f0a3fca [chore]: Bump golang.org/x/crypto from 0.12.0 to 0.13.0 (#2190)
• b093947 [chore] much improved paging package (#2182)
• 9f2199f [chore] Add script for downloading latest snapshot tar.gz (#2157)
• 4f3daee [chore]: Bump golang.org/x/image from 0.11.0 to 0.12.0 (#2178)
• c0bddd2 [chore]: Bump github.com/minio/minio-go/v7 from 7.0.62 to 7.0.63 (#2180)
• ddd3c2e [chore]: Bump golang.org/x/text from 0.12.0 to 0.13.0 (#2177)
• 2ec313a [chore]: Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#2166)
• e6407ec [chore]: Bump github.com/KimMachineGun/automemlimit from 0.2.6 to 0.3.0 (#2165)
• 13f1c85 [chore/frontend] Make line-height a wee little bit bigger (#2159)
• 70d87f0 [chore]: Bump codeberg.org/gruf/go-kv from 1.6.3 to 1.6.4 (#2142)
• 59b5ed6 [chore]: Bump github.com/minio/minio-go/v7 from 7.0.61 to 7.0.62 (#2141)
• 36dceac [chore]: Bump github.com/yuin/goldmark from 1.5.5 to 1.5.6 (#2140)
• e70629e [chore]: Bump github.com/jackc/pgx/v5 from 5.4.2 to 5.4.3 (#2112)
• 5a4ceeb [chore]: Bump github.com/abema/go-mp4 from 0.12.0 to 0.13.0 (#2113)
• 8f4b779 [chore]: Bump modernc.org/sqlite from 1.24.0 to 1.25.0 (#2114)
• e9c3663 [chore] ensure worker contexts have request ID (#2120)

Docs

• e0f0d32 [docs] statuses-query-pinned #2250 (#2251)
• b987653 [docs] ahs article milestone a (#2218)
• d6add4e [docs] Add a note on cluster support (#2214)
• 79906f9 [docs] add fail2ban regex in the doc (#2189)
• 5416ad9 [docs] Update backup docs (#2153)