v0.3.6 Slimy Sloth

This is a minor bugfix release of GoToSocial.

The main reason for doing this release was an issue where accounts could sometimes end up webfingering themselves, which would cause all sorts of annoying problems. There's also a few other small fixes in this one :)

No migration notes this time, should just be a standard upgrade!

❤️ 🦥

Detailed Changelog

Bug fixes

• 8c7945f [bugfix] Account self finger fix (#658)
• c48266c [bugfix] for the second accounts.note_raw migration (#653)
• 0e12ee0 postgres locale: fix accounts.note_raw migration (#651)

Packaging

• f42d5d8 [packaging] Packaging updates (#655)

Frontend

• ec81d28 [frontend] add Accept header to oauthed api requests (#657)

Chores

• 610395d [chore] make tests more cacheable by avoiding time.Now() (#656)

v0.3.5 Speedy Sloth

Hullo sloth enthusiasts! This here is the eleventh ALPHA release of GoToSocial, release codename Speedy Sloth 😎

This update includes a migration which may take a while to run, please see the migration notes below!

Highlights

• In this release, we've updated the way we package our frontend stuff. A nice bonus of this is that the admin panel is now bundled in with all the static frontend changes. If you didn't have the admin panel installed yet on your instance, you will now after updating. Just go to /admin at your instance URL to use it!
• We now webfinger accounts properly at a set duration to display account domains properly. So if you have your GoToSocial host set to gts.example.org but your account domain set to (and properly forwarded from) example.org, now other GtS users will see @your_username@example.org instead of @your_username@gts.example.org. You'll see other accounts at their proper domains as well.
• Better compatibility with Tusky: you can now page nicely through your notifications, and through an account's posts.
• Lots of bug fixes, see below.

Migration Notes

This release contains a migration which cleans up duplicated media caused by a previous bug (#587). This will save some disk space by cleaning up obsolete images that are still hanging around in your storage. However, it may take a while to run when you first migrate to 0.3.5, which will cause some downtime for your instance.

We estimate that the migration will take anywhere between 0 and 30 minutes depending on the specs of your server, and the age of your instance and how active it's been. You can follow the progress of the migration in the logs, please don't interrupt it!

Detailed Changelog

Features

• 694a490 [feature] Add created_at and error_description to /oauth/token endpoint (#645)
• 1ede54d [feature] More consistent API error handling (#637)
• 4e6625e [feature] add vscode workspace config for linting + debugging (#588)
• 6f6e89e [feature] Add paging via Link header for notifications and account statuses (#629)
• 327d3f0 [feature] Start adding advanced configuration options, starting with samesite (#628)

Frontend

• b43f9ce [frontend] Restructure Frontend Sources (#634)
• 99fab9c [frontend] linkify header mascot+title (#633)
• 323dbca [frontend] Reduce width of profile img with screen width (#615)
• 8de9b7a [frontend] Add padding to the bottom of main (#616)

Bugfixes

• 2385b51 [bugfix] Make accounts media_only query also work with pg (#643)
• 5864954 [bugfix] Fix domain blocks get regression (#642)
• 91c0ed8 [bugfix] #621: add weak type handing to mapstructure decode (#625)
• f3b4442 [bugfix] Update time marshalling format to provide 3 digits of ms (#630)
• 2b11d4b [bugfix] Add accept: application/activity+json to dereferencer (#611)

Chores

• 13e4bbd [chore] Duplicated media cleanup (#649)
• da2386b [chore] Fix testrig emoji bug (#646)
• 7f9925a [chore] Refactor thread dereference a bit for clarity (#647)
• cf5c6d7 [chore] Validate/set account domain (#619)
• dfdc473 [chore] Webfinger rework (#627)
• f30a581 [chore] gitignore shell.nix (#639)
• 265b680 [chore] Adds Issue templates to Github (#626)
• 43ac0cd [chore] Global server configuration overhaul (#575)
• ae5402a [chore] Mastodon api fixups (#617)
• 73d5766 [chore] Debug failed account get (#612)
• dc8cc7e [chore] Add test for dereferencing Owncast service account (#613)

v0.3.4 Salacious Sloth

Hello earthlings!

Here's the v0.3.4 Salacious Sloth release of GoToSocial that all the cool kids have been talking about!

This is the tenth ALPHA release of GoToSocial 🎆

Highlights

• Unused avatars and headers are cleaned up now, in addition to old media attachments. This will lead to some disk space savings :)
• We did a lot of performance improvements in this release! Things will feel nippier in general thanks to improved database indexes.
• We tightened up some of the block checking logic, so you should see fewer posts mentioning or replying to domains or accounts that you have blocked.
• We have a new endpoint for manually triggering media cleanup, check the swagger docs :)
• Custom emojis endpoint is now implemented. We don't yet federate custom emojis, but this brings us a step closer to that functionality.

Migration notes

This release adds a couple of indexes to the database during a migration step. You don't need to do anything special for this, just let it run (it will likely take less than a minute), and don't interrupt it.

Detailed Changelog

Features

• caa0cde [feature] implement custom_emojis endpoint (#563)
• b915a41 [feature] Basic config validation (#562)
• b143877 [feature] Unused avatar and header cleanup (#574)
• 6e947ff [feature] Media cleanup endpoint (#560)

Performance

• 1cdc163 [performance] Don't retry/backoff invalid http requests that will never succeed (#609)
• 0f01f72 [performance] Bump default workers to CPUs * 2 (#608)
• f4b0d76 [performance] Add further indexes to mitigate laggy queries (#586)

Bug fixes

• 5668ce1 [bugfix] Fix HTML escaping in instance title (#607)
• 196d542 [bugfix] Don't serialize instance account if not set (#603)
• 2d748a6 [bugfix] Only search remote if protocol is http(s) (#601)
• 21557c9 [bugfix] Set refetch to true in iterateDescendants (#600)
• f0c9f41 [bugfix] Fix multiple dereferences of boosted status causing media duplication (#589)
• f5a4f43 [bugfix] Fix error extracting status content: no content found (#598)
• a09e101 [bugfix] If status URL is empty, use URI instead and don't log unnecessary error (#597)
• 62d4d75 [bugfix] Stop some statuses from being home timelined when they shouldn't be (#585)
• b2810fe [bugfix] Clean up boosts of status when the status itself is deleted (#579)

Security

• f848aaa [security] Set SameSite to strict instead of browser default (#606)
• 469da93 [security] Check all involved IRIs during block checking (#593)
• 223025f [security] transport.Controller{} and transport.Transport{} security and performance improvements (#564)

Chores

• a54efa0 [chore] Serialize times as UTC ISO8601 instead of RFC3339 (#602)
• 5ef41ba [chore] Timeline test updates (#578)
• 27a3c1d testrig: override bind address from environment variable (#577)
• 4ac508f [chore] Update LE server to use copy of main http.Server{} to maintain server timeouts etc (#571)
• 9f2a2ab [bugfix] update syslog tests to listen/connect specifically to ipv4 loopback (#561)

Documentation

• 1461adf [docs] document a checklist for how to go about a release (#592)
• d6abe10 [docs] Add Caddy instructions to the documentation (#594)
• 6838b32 [docs] Mention AmbientCapabilities=CAP_NET_BIND_SERVICE in example systemd service (#576)
• 545b16a [documentation] Nlnet application (#572)

Accessibility

• 8085310 [accessibility] Add description for the pinafore logo (#568)

v0.3.3 Definitely Not Cursed Sloth

Bad news everyone, version 0.3.2 was cursed. The good news is, this version is definitely not cursed (see the title).

Changes between 0.3.2 and 0.3.3:

• 898d256 [bugfix] Fix server trying to listen twice on same address when l.e. enabled (#557)

The change notes from 0.3.2 are reproduced below for posterity. But beware, they are haunted.

Hubris

You there, boy, what day is it?

Why, it's May 11 sir!

May 11, then it's not too late! To release v0.3.2 Suspicious Sloth!

Highlights

This release brings some serious database performance improvements thanks to some new indexes and other optimizations we made to queries. If your GtS instance was feeling sluggish this will likely make it feel new and fresh again.

We've also introduced worker pools and queuing to media processing, which should ensure that your instance doesn't get overwhelmed when doing lots of remote dereferencing.

Another neat thing: you can properly edit your profile now without getting spammed with html, phew.

We've also added a project roadmap, so you can get an idea of which features will arrive when. This can be read right here.

Oh yes, and self-boosting!

Migration

After updating to this version, the first time you go to edit your profile, the text will appear to be blank. This is normal. Make sure you copy your existing bio/profile text (just ctrl-c it) before editing, and paste it back in to the now-empty field. This is only needed for the first time you edit your profile after upgrading. After that, it will work as normal.

This release also includes a database migration to add the new indexes and fields to the database. You don't need to do anything in particular for this, just update and let it run.

Acknowledgements

Thanks to all contributors, donators, and people who've been using the software and raising issues/requests! <3

Detailed Changelog

Features

• b24b71c [feature] Include password strength in error message when password strength is too low (#550)
• a561ef3 [feature] Update media manager to use internal/worker package (#543)
• e09958e [feature] Run initial cache cleanup on gotosocial start in case max-age changed (#533)
• f9b3514 [feature] allow absolute path to templates (#507)
• 420e2fb replace async client API / federator msg processing with worker pools (#497)
• 69011d4 Add support for running profiling when debug build-tags provided (#491)
• faae250 Add logging to the new generic worker package (#516)

Bugfixes

• 5004e0a [bugfix] Fix remote media pruning failing if media already gone (#548)
• 26b74ae [bugfix] Fix existing bio text showing as HTML (#531)
• 3112949 [bugfix] Fix panic when relative tmpl path given to router (#528)
• 9265a09 [bugfix] Allow self-boosting for any visibility but direct (#510)
• cc5f2e9 [bugfix] Fix possible race condition in federatingdb (#490)
• 8e80f98 [bugfix] use Exec to rename media_attachments (#498)

Documentation

• 0011166 [documentation] Admin Panel installation + usage (#552)
• 8124dcf [Documentation] tidy docker-compose docs, add note about uid/gid (#551)
• 807a8e1 [Documentation] Update glossary, expand entry for dereferencing (#542)
• d2b7c89 [documentation] Add known issues + project links in readme and docs (#541)
• f040ad8 [documentation] put single-quotes around passwords in install docs (#534)
• 141107b [documentation] Corrects the Helm-Chart URL by 0hlov3 (#530)
• c3b6ddd [documentation] Adds a Kubernetes Helm Chart to README.md (#496)
• f5e0068 [documentation] Add project roadmap (#514)
• 4851ffe [documentation] Recommend users take latest stable release in installation guides (#512)
• c36fbab [documentaton] Fix port number in Reverse proxy section (#506)

Performance

• 08eb271 [performance] improved logrus output switching performance (#544)
• a5852fd [performance] Speed up some of the slower db queries (#523)
• e06bf9c add extra indexes as a migration (#527)

Other / chores

• d7b46a4 [chore] Move initial MediaRemotePrune to cmd.server function (#536)
• b28fd74 [chore] Fix inbox iris test to use 'contains' instead of index (#529)
• b56dae8 [chore] Update all but bun libraries (#526)
• d93e8dd [chore] Add Federatingactor.Send() tests and log call (#509)
• 63f84da [chore] Inboxes for iri test (#508)

v0.3.1 Sleepy Sloth

Another day another alpha release of GoToSocial! This is alpha release number eight.

Highlights: many bugfixes, some performance improvements, documentation refinement, and some big speed improvements for outgoing messages (from ~30 seconds to federate to ~1 second).

All in all, this is a better and more stable release than v0.3.0 was!

Migration

If you're migrating from 0.3.0 to this release you don't need to do anything special.

If you're migrating from 0.2.x, see the migration notes for 0.3.0.

Detailed Changelog

Features

• 9813a04 [feature] Implement media v2 endpoint to accommodate Tusky 17 (#480)
• 094f032 [feature] Add log-db-queries config option (#465)

Bugfixes

• 728c4a5 [bugfix] Trim log entries to 1700 chars before they enter syslog (#493)
• 2259838 [bugfix] Fix CWs not showing sometimes (#488)
• eeb78bd [bugfix] Allow processing of .png files where checksum is not correct (#487)
• 0d05bf4 [bugfix] Fix status API / status web API being case sensitive (#481)
• 1e3b385 [bugfix] Fix infinite domain block database loop (#467)
• c365863 [bugfix] Use our own (Batch)Deliver implementation for federated messages (#466)

Documentation

• 0e2f31f [Documentation] Simplify docker-compose documentation + example (#468)
• 4bace80 [documentation] NGINX docs updates (#471)
• 03bcd8a [documentation] Update index.md (#475)
• 61e6013 [documentation] Add WebSocket protocol documentation (#470)
• 721061b [docs] unify nginx explainers and add apache httpd (#455)

Chores

• 9cf66bf [chore] Return more useful errors from auth failure (#494)
• d5fe729 [chore] Add two new test images for media processing (#424)
• 88979b3 [chore] Update bun and sqlite dependencies (#478)

v0.3.0 Stimky Sloth

This is the seventh alpha release of GoToSocial!

Highlights

This release finally brings public profile pages to GoToSocial! 🎆 Your public profile page will be available at https://example.org/@your_username. Currently, it shows your header and avatar, your bio, some stats about your account, and a list of your most recent 10 completely public posts.

Migration Notes

If you're running with Docker, just upgrade as normal.

If you're using a binary release, you'll need to make sure you untar the whole release again instead of just replacing the binary, since the release includes new templates and changes to the css files that you'll need to include to have the profile pages render correctly.

Known Issues

We're aware of a couple issues with profile pages initially loading slightly zoomed in on mobile. We'll patch this up in another release :)

Detailed Changelog

• e74ec70 [documentation] add screenshots to docs (#459)
• 7883dd5 [bugfix] Convert IDNs to punycode before using as session name (#458)
• af97d6b [bugfix] Use background ctx for domain block side effects (#457)
• 26683b3 [feature] Web profile pages for accounts (#449)

v0.2.3

This is the sixth alpha release of GoToSocial.

Highlights

• We've switched to Go version 1.18 for building the GoToSocial binary. This should bring some speed improvements on ARM64 architectures. Apart from that, you probably won't notice a big difference. See here for the Go 1.18 release notes if you're into that kind of thing.
• Federation of outgoing messages is HUGELY faster thanks to some changes in the GoToSocial fork of the go-fed activity library (which we've PRed upstream). Previously, federating to all one's followers could take up to 30 seconds or so. Now it takes about a second or less!

Acknowledgements

Thanks everyone! Thanks for trying the software and for all your feedback weeee

Detailed Changelog

• a7e9dee [bugfix] Fix broken only_media and only_public flags on /api/v1/accounts/:id/statuses (#448)
• 707de09 [dependency] Update superseriousbusiness/activity dependency (#446)
• 03d7c75 [chore] Update Go version to 1.18 (#444)
• 906981a [documentation] Add third-party packaging to documentation (#443)

v0.2.2

This is the fifth alpha release of GoToSocial.

Highlights

• A lot of fixes have been done in the media processing logic to ensure it's more reliable and less prone to locking up, which resolved a couple of show-stopping bugs.
• We added an admin endpoint at /api/v1/admin/accounts/{account_id}/action that allows admins to delete/suspend single accounts.
• When a local account is deleted, it's now federated out to the wider fediverse, so you can properly delete unused/unwanted accounts.

Acknowledgements

As usual, thank you to all bug reporters, contributors, donators, and people using the software already! <3 <3

Detailed Changelog

• 37d310f [feature] Dereference remote mentions when the account is not already known (#442)
• 983e696 [feature/security] Add systemd sandboxing options to harden security (#440)
• 8cc70a1 [bugfix] Fix media uploads blocking after a failed upload #438
• 25cab0e [bugfix] Fix images not being processed correctly sometimes (#437)
• 36b2f2b don't error if content property is nil (#436)
• 73e9cca [bugfix] Close ReadClosers properly in the media package (#434)
• 55ad6de [feature] Admin account actions (#432)
• 532c4cc [feature] Federate local account deletion (#431)
• e63b653 [performance] Add dereference shortcuts to avoid making http calls to self (#430)
• 4b4c935 [bugfix] Fix bug where admin panel could not be accessed at /admin (#427)
• e306233 [bugfix] Fix html-escaped characters in content warnings (#426)
• b8879ac [dependencies] update go-store, go-mutexes (#422)

v0.2.1

This is the fourth alpha release of GoToSocial.

Highlights

• Remote media is now uncached after 30 days (by default). It will be recached again when a user requests it. This will save a significant amount of disk space! The cleanup job is run every night at 12am instance time. See the example config for more details and options.
• Database queries have been seriously optimized, which fixes an issue where requests became painfully slow after a while (especially loading notifications and the federated timeline). It should now be speedy and smooth.
• We have multi-architecture Docker builds now! Just pull superseriousbusiness/gotosocial:0.2.1 and the appropriate image for your architecture will be selected. We have containers for armv6, armv7, arm64, and of course amd64. Big thanks to @0hlov3.

Migrations

A database migration will be run on startup to bring in the new changes. Do not interrupt this migration! It will take somewhere between a few seconds or a minute depending on your system specs and the size of your database. Patience!

Acknowledgements

Thank you to all contributors, testers, bug reporters, and well-wishers! We're getting there step by step :)

Detailed Changelog

• 8de928b [performance] Database optimizations (#419)
• 0772775 [feature] Clean up/uncache remote media (#407)
• 100f128 [documentation] Creates Docker documentation and docker-compose.yaml (#416)
• 1d5e763 [packaging] bump to builder 0.0.3 (#418)
• 3bc87f2 bump versions (#417)
• 6b634de [packaging] Use buildx for multi-arch Docker builds (#413)
• 64d9a34 Updates Docker Images (#415)
• 69d70aa [feature] Add Docker multi architecture Build and make goreleaser push the images and manifests (#410)
• 55b83be [feature] Add postDataCallbackFunc to allow cleanup (#408)
• 15d1e6b [bugfix] Fix thumbnail image type (#406)
• a089a98 [feature] Gin enable gzip encoding (#405)
• 23034ec [feature] Stream files via reader (#404)
• e55382a Use type=email for email input (#400)
• 09d6478 [bugfix] Only mark cookies as Secure on https (#398)
• dc24217 [chore] fix mirror + clean up (#396)

v0.2.0

This is the THIRD ALPHA RELEASE of GoToSocial.

Documentation for this release can be found right here.

Highlights:

• We use Viper and Cobra now for CLI tooling. This means an easier-to-use command line interface, and simplified configuration.
• The media processing functionality has been completely refactored with an eye towards performance. This should make GtS much more viable on very small devices like Raspberry Pi Zero.
• Syslog logging is now supported.

Thank you to all contributors and testers! <3 <3 <3

Migration

The format of configuration files has changed a lot, along with some of the names of command-line flags. Many redundant settings have been removed, and naming conventions have changed for the sake of clarity and structure. The new config example is here: https://github.com/superseriousbusiness/gotosocial/blob/v0.2.0/example/config.yaml.

This means if you were using a configuration file from v0.1.1 or earlier, you will need to update or replace your config file to reflect the new changes.

The recommended approach to this is to rename your config.yaml file to something else (config.yaml.old or similar), drop the new config file in its place, and translate values as appropriate from the old config to the new config. This is likely to be less error prone than going through your existing config.yaml and changing key names by hand.

Known Issues

A bug was introduced in Mastodon verion 3.4.6 that affects federation. It has since been fixed, but is not yet in a release version: mastodon/mastodon#17457. Since GoToSocial enforces Secure Mode, this bug will break federation between new GoToSocial instances, and Mastodon version 3.4.6 instances.

Changelog

Features

• 0884f89 Implement Cobra CLI tooling, Viper config tooling (#336)
• 31935ee Refactor media processor for speedier media processing.
• e2daf0f Add Accept header negotiation to relevant API endpoints (#337)
• c111b23 Add optional syslog logrus hook (#343)
• 6ed368c [feature] add authorization to the already-existing authentication (#365)
• e137181 [feature] Make Let's Encrypt integration an opt-in feature (#368)
• 1b36e85 [feature] Rework timeline code to make it useful for more than just statuses (#373)
• c6912f5 add example systemd service (#341)
• 909f801 add systemd service example to packaging (#342)

Bugfixes

• ce22e03 Require confirmed email when checking oauth token (#332)
• 5c9d20c don't bother negotiating Accept for webfinger (#381)
• 85b4f96 if accountDomain isn't set, use Host value instead (#380)
• 18e7537 [bug] Fix OIDC users requiring second approval (#371)
• 5be8a7a [bug] Send plaintext emails to fix "message refused: Message is not RFC 2822 compliant" (#366)
• 959e38a [bug] Fix sqlite empty address issue (#370)
• 66175c8 [bug] Fix minimum description length check (#369)
• ed9158f [fix] Make postgres connections magically work in common setups (#352)
• 2582515 return first offer when no accept header set (#351)
• aa34ff1 Fix start command invocation (#372)

Other

• 80ec714 document post settings (#346)
• ec43574 [documentation] add ipv6 config for nginx (#367)
• 14c472c [documentation] Add section for systemd service and nginx to installation guide (#353)
• a01b178 [documentation] update database docs (#355)
• 98341a1 [docs] Fix documentation to show --config-path in the right position. (#375)
• 037e8ef [chore] Add nightly mirror to Codeberg.org (#392)
• 40be88e [chore] Drone config update (#383)
• 664927e Bump nanoid from 3.1.25 to 3.2.0 in /web/gotosocial-styling (#364)
• ef5a925 Extend license notices to 2022 (#354)
• cb8688f Remove unnecessary storage config variables (#344)
• 635ad2a Update codeberg.org/gruf libraries and fix go-store issue (#347)
• 86e8e7f Log when listening (#350)
• 67ac8db Upstep Go dependencies (#340)
• 5506a5e upstep dependencies (#339)
• 182b4ee Update dependencies (#333)
• 5ed0348 run sqlite tests in parallel (#331)

Docker images

• docker pull superseriousbusiness/gotosocial:0.2.0