diff --git a/CHANGELOG.md b/CHANGELOG.md index efdd3adf12..59a8a92682 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ All notable changes to this project will be documented in this file. -## [4.4.0] - UNRELEASED +## [4.4.0] - 2025-07-08 ### Added @@ -38,7 +38,7 @@ All notable changes to this project will be documented in this file. Server administrators can now chose to opt in to transmit referrer information when following an external link. Only the domain name is transmitted, not the referrer path. - Add double tap to zoom and swipe to dismiss to media modal in web UI (#34210 by @Gargron) - Add link from Web UI for Hashtags to the Moderation UI (#31448 by @ThisIsMissEm) -- **Add terms of service** (#33055, #33233, #33230, #33703, #33699, #33994, #33993, #34105, #34122, #34200, #34527, #35053, #35115, #35126 and #35127 by @ClearlyClaire, @Gargron, @mjankowski, and @oneiros)\ +- **Add terms of service** (#33055, #33233, #33230, #33703, #33699, #33994, #33993, #34105, #34122, #34200, #34527, #35053, #35115, #35126, #35127 and #35233 by @ClearlyClaire, @Gargron, @mjankowski, and @oneiros)\ Server administrators can now fill in Terms of Service and notify their users of upcoming changes. - Add optional bulk mailer settings (#35191 and #35203 by @oneiros)\ This adds the optional environment variables `BULK_SMTP_PORT`, `BULK_SMTP_SERVER`, `BULK_SMTP_LOGIN` and so on analogous to `SMTP_PORT`, `SMTP_SERVER`, `SMTP_LOGIN` and related SMTP configuration environment variables.\ @@ -51,7 +51,7 @@ All notable changes to this project will be documented in this file. - Add ability to dismiss alt text badge by tapping it in web UI (#33737 by @Gargron) - Add loading indicator to timeline gap indicators in web UI (#33762 by @Gargron) - Add interaction modal when trying to interact with a poll while logged out (#32609 by @ThisIsMissEm) -- **Add experimental FASP support** (#34031, #34415, #34765, #34965, #34964, #34033 and #35218 by @oneiros)\ +- **Add experimental FASP support** (#34031, #34415, #34765, #34965, #34964, #34033, #35218, #35262 and #35263 by @oneiros)\ This is a first step towards supporting “Fediverse Auxiliary Service Providers” (https://github.com/mastodon/fediverse_auxiliary_service_provider_specifications). This is mostly interesting to developers who would like to implement their own FASP, but also includes the capability to share data with a discovery provider (see https://www.fediscovery.org). - Add ability for admins to send announcements to all users via email (#33928 and #34411 by @ClearlyClaire)\ This is meant for critical announcements only, as this will potentially send a lot of emails and cannot be opted out of by users. @@ -64,7 +64,7 @@ All notable changes to this project will be documented in this file. - Add dropdown menu with quick actions to lists of accounts in web UI (#34391, #34709, and #34767 by @Gargron, @diondiondion, and @mkljczk) - Add support for displaying “year in review” notification in web UI (#32710, #32765, #32709, #32807, #32914, #33148, and #33882 by @Gargron and @mjankowski)\ Note that the notification is currently not generated automatically, and at the moment requires a manual undocumented administrator action. -- Add experimental support for receiving HTTP Message Signatures (RFC9421) (#34814, #35033 and #35109 by @oneiros)\ +- Add experimental support for receiving HTTP Message Signatures (RFC9421) (#34814, #35033, #35109 and #35278 by @oneiros)\ For now, this needs to be explicitly enabled through the `http_message_signatures` feature flag (`EXPERIMENTAL_FEATURES=http_message_signatures`). This currently only covers verifying such signatures (inbound HTTP requests), not issuing them (outbound HTTP requests). - Add experimental Async Refreshes API (#34918 by @oneiros) - Add experimental server-side feature to fetch remote replies (#32615, #34147, #34149, #34151, #34615, #34682, and #34702 by @ClearlyClaire and @sneakers-the-rat)\ @@ -218,6 +218,7 @@ All notable changes to this project will be documented in this file. - Fix admin dashboard crash on specific Elasticsearch connection errors (#34683 by @ClearlyClaire) - Fix OIDC account creation failing for long display names (#34639 by @defnull) - Fix use of the deprecated `/api/v1/instance` endpoint in the moderation interface (#34613 by @renchap) +- Fix inaccessible “Clear search” button (#35152 and #35281 by @diondiondion) - Fix search operators sometimes getting lost (#35190 by @ClearlyClaire) - Fix directory scroll position reset (#34560 by @przucidlo) - Fix needlessly complex SVG paths for oEmbed and logo (#34538 by @edent) @@ -232,7 +233,7 @@ All notable changes to this project will be documented in this file. - Fix extra space under left-indented vertical videos (#34313 by @ClearlyClaire) - Fix glitchy iOS media attachment drag interactions (#35057 by @diondiondion) - Fix zoomed images being blurry in Safari (#35052 by @diondiondion) -- Fix redundant focus stop within status component in Web UI and make focus style more noticeable (#35037, #35051, #35096 and #35150 by @diondiondion) +- Fix redundant focus stop within status component in Web UI and make focus style more noticeable (#35037, #35051, #35096, #35150 and #35251 by @diondiondion) - Fix digits in media player time readout not having a consistent width (#35038 by @diondiondion) - Fix wrong text color for “Open in advanced web interface” banner in high-contrast theme (#35032 by @diondiondion) - Fix hover card for limited accounts not hiding information as expected (#35024 by @diondiondion) diff --git a/Gemfile b/Gemfile index ffd5371b06..ce775fc57b 100644 --- a/Gemfile +++ b/Gemfile @@ -62,7 +62,7 @@ gem 'inline_svg' gem 'irb', '~> 1.8' gem 'kaminari', '~> 1.2' gem 'link_header', '~> 0.0' -gem 'linzer', '~> 0.7.2' +gem 'linzer', '~> 0.7.7' gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock' gem 'mime-types', '~> 3.7.0', require: 'mime/types/columnar' gem 'mutex_m' diff --git a/Gemfile.lock b/Gemfile.lock index c59f26c44d..f306eb8619 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -403,7 +403,7 @@ GEM rexml link_header (0.0.8) lint_roller (1.1.0) - linzer (0.7.3) + linzer (0.7.7) cgi (~> 0.4.2) forwardable (~> 1.3, >= 1.3.3) logger (~> 1.7, >= 1.7.0) @@ -1008,7 +1008,7 @@ DEPENDENCIES letter_opener (~> 1.8) letter_opener_web (~> 3.0) link_header (~> 0.0) - linzer (~> 0.7.2) + linzer (~> 0.7.7) lograge (~> 0.12) mail (~> 2.8) mario-redis-lock (~> 1.2) diff --git a/SECURITY.md b/SECURITY.md index 26c06e67f8..19f431fac5 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -13,8 +13,9 @@ A "vulnerability in Mastodon" is a vulnerability in the code distributed through ## Supported Versions -| Version | Supported | -| ------- | --------- | -| 4.3.x | Yes | -| 4.2.x | Yes | -| < 4.2 | No | +| Version | Supported | +| ------- | ---------------- | +| 4.4.x | Yes | +| 4.3.x | Yes | +| 4.2.x | Until 2026-01-08 | +| < 4.2 | No | diff --git a/app/models/user_settings.rb b/app/models/user_settings.rb index 4ee017a437..682f0cb14e 100644 --- a/app/models/user_settings.rb +++ b/app/models/user_settings.rb @@ -41,6 +41,7 @@ class UserSettings setting :display_media, default: 'default', in: %w(default show_all hide_all) setting :auto_play, default: false setting :use_system_emoji_font, default: false + setting :emoji_style, default: 'auto', in: %w(auto native twemoji) end namespace :notification_emails do diff --git a/app/views/settings/preferences/appearance/show.html.haml b/app/views/settings/preferences/appearance/show.html.haml index 5484fe33be..17d0173b6b 100644 --- a/app/views/settings/preferences/appearance/show.html.haml +++ b/app/views/settings/preferences/appearance/show.html.haml @@ -21,6 +21,17 @@ selected: current_user.time_zone || Time.zone.tzinfo.name, wrapper: :with_label + - if Mastodon::Feature.modern_emojis_enabled? + .fields-group + = f.simple_fields_for :settings, current_user.settings do |ff| + = ff.input :'web.emoji_style', + collection: %w(auto twemoji native), + include_blank: false, + hint: I18n.t('simple_form.hints.defaults.setting_emoji_style'), + label: I18n.t('simple_form.labels.defaults.setting_emoji_style'), + label_method: ->(emoji_style) { I18n.t("emoji_styles.#{emoji_style}", default: emoji_style) }, + wrapper: :with_label + - unless I18n.locale == :en .flash-message.translation-prompt #{t 'appearance.localization.body'} #{content_tag(:a, t('appearance.localization.guide_link_text'), href: t('appearance.localization.guide_link'), target: '_blank', rel: 'noopener')} diff --git a/config/initializers/linzer.rb b/config/initializers/linzer.rb index 119f65af17..b21d405cd1 100644 --- a/config/initializers/linzer.rb +++ b/config/initializers/linzer.rb @@ -5,24 +5,14 @@ require 'linzer/message/adapter/http_gem/response' module Linzer::Message::Adapter module ActionDispatch - class Response < Linzer::Message::Adapter::Abstract - def initialize(operation, **_options) # rubocop:disable Lint/MissingSuper - @operation = operation - end - - def header(name) - @operation.headers[name] - end - - def attach!(signature) - signature.to_h.each { |h, v| @operation.headers[h] = v } - end + class Response < Linzer::Message::Adapter::Generic::Response + private # Incomplete, but sufficient for FASP - def [](field_name) - return @operation.status if field_name == '@status' - - @operation.headers[field_name] + def derived(name) + case name.value + when '@status' then @operation.status + end end end end diff --git a/config/locales/en.yml b/config/locales/en.yml index 6633ffa4a9..4df63f4c73 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -1349,6 +1349,10 @@ en: basic_information: Basic information hint_html: "Customize what people see on your public profile and next to your posts. Other people are more likely to follow you back and interact with you when you have a filled out profile and a profile picture." other: Other + emoji_styles: + auto: Auto + native: Native + twemoji: Twemoji errors: '400': The request you submitted was invalid or malformed. '403': You don't have permission to view this page. diff --git a/config/locales/simple_form.en.yml b/config/locales/simple_form.en.yml index bb48cddff5..74614d1af6 100644 --- a/config/locales/simple_form.en.yml +++ b/config/locales/simple_form.en.yml @@ -61,6 +61,7 @@ en: setting_display_media_default: Hide media marked as sensitive setting_display_media_hide_all: Always hide media setting_display_media_show_all: Always show media + setting_emoji_style: How to display emojis. "Auto" will try using native emoji, but falls back to Twemoji for legacy browsers. setting_system_scrollbars_ui: Applies only to desktop browsers based on Safari and Chrome setting_use_blurhash: Gradients are based on the colors of the hidden visuals but obfuscate any details setting_use_pending_items: Hide timeline updates behind a click instead of automatically scrolling the feed @@ -241,6 +242,7 @@ en: setting_display_media_default: Default setting_display_media_hide_all: Hide all setting_display_media_show_all: Show all + setting_emoji_style: Emoji style setting_expand_spoilers: Always expand posts marked with content warnings setting_hide_network: Hide your social graph setting_missing_alt_text_modal: Show confirmation dialog before posting media without alt text diff --git a/docker-compose.yml b/docker-compose.yml index 0aec85fcf4..2e0c3c16d2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -59,7 +59,7 @@ services: web: # You can uncomment the following line if you want to not use the prebuilt image, for example if you have local code changes # build: . - image: ghcr.io/glitch-soc/mastodon:v4.3.8 + image: ghcr.io/glitch-soc/mastodon:v4.4.0 restart: always env_file: .env.production command: bundle exec puma -C config/puma.rb @@ -83,7 +83,7 @@ services: # build: # dockerfile: ./streaming/Dockerfile # context: . - image: ghcr.io/glitch-soc/mastodon-streaming:v4.3.8 + image: ghcr.io/glitch-soc/mastodon-streaming:v4.4.0 restart: always env_file: .env.production command: node ./streaming/index.js @@ -102,7 +102,7 @@ services: sidekiq: # You can uncomment the following line if you want to not use the prebuilt image, for example if you have local code changes # build: . - image: ghcr.io/glitch-soc/mastodon:v4.3.8 + image: ghcr.io/glitch-soc/mastodon:v4.4.0 restart: always env_file: .env.production command: bundle exec sidekiq