Pleroma 2.1.0 is a feature release that also contains many bugfixes and general improvements.

Upgrade notes

From-source only

  1. Install cmake

Everyone

  1. Run database migrations (inside Pleroma directory):
  • OTP: ./bin/pleroma_ctl migrate
  • From Source: mix ecto.migrate
  1. Restart Pleroma

Frontend changes

Added

  • Added private notifications option for push notifications
  • 'Copy link' button for statuses (in the ellipsis menu)
  • Autocomplete domains from list of known instances
  • 'Bot' settings option and badge
  • Added profile meta data fields that can be set in profile settings
  • Added option to reset avatar/banner in profile settings
  • Descriptions can be set on uploaded files before posting
  • Added status preview option to preview your statuses before posting
  • When a post is a reply to an unavailable post, the 'Reply to'-text has a strike-through style
  • Added ability to see all favoriting or repeating users when hovering the number on highlighted statuses

Changed

  • Registration page no longer requires email if the server is configured not to require it
  • Change heart to thumbs up in reaction picker
  • Close the media modal on navigation events
  • Add colons to the emoji alt text, to make them copyable
  • Add better visual indication for drag-and-drop for files
  • When disabling attachments, the placeholder links now show an icon and the description instead of just IMAGE or VIDEO etc
  • Remove unnecessary options for 'automatic loading when loading older' and 'reply previews'
  • Greentext now has separate color slot for it
  • Removed the use of with_move parameters when fetching notifications
  • Push notifications now are the same as normal notfication, and are localized.
  • Updated Notification Settings to match new BE API

Fixed

  • Custom Emoji will display in poll options now.
  • Status ellipsis menu closes properly when selecting certain options
  • Cropped images look correct in Chrome
  • Newlines in the muted words settings work again
  • Clicking on non-latin hashtags won't open a new window
  • Uploading and drag-dropping multiple files works correctly now.
  • Subject field now appears disabled when posting
  • Fix status ellipsis menu being cut off in notifications column
  • Fixed autocomplete sometimes not returning the right user when there's already some results
  • Videos and audio and misc files show description as alt/title properly now
  • Clicking on non-image/video files no longer opens an empty modal
  • Audio files can now be played back in the frontend with hidden attachments
  • Videos are not cropped awkwardly in the uploads section anymore
  • Reply filtering options in Settings -> Filtering now work again using filtering on server
  • Don't show just blank-screen when cookies are disabled
  • Add status idempotency to prevent accidental double posting when posting returns an error
  • Weird bug related to post being sent seemingly after pasting with keyboard (hopefully)
  • Multiple issues with muted statuses/notifications

Backend changes

Changed

  • Breaking: The default descriptions on uploads are now empty. The old behavior (filename as default) can be configured, see the cheat sheet.
  • Breaking: Added the ObjectAgePolicy to the default set of MRFs. This will delist and strip the follower collection of any message received that is older than 7 days. This will stop users from seeing very old messages in the timelines. The messages can still be viewed on the user's page and in conversations. They also still trigger notifications.
  • Breaking: Elixir >=1.9 is now required (was >= 1.8)
  • Breaking: Configuration: :auto_linker, :opts moved to :pleroma, Pleroma.Formatter. Old config namespace is deprecated.
  • Breaking: Configuration: :instance, welcome_user_nickname moved to :welcome, :direct_message, :sender_nickname, :instance, :welcome_message moved to :welcome, :direct_message, :message. Old config namespace is deprecated.
  • Breaking: LDAP: Fallback to local database authentication has been removed for security reasons and lack of a mechanism to ensure the passwords are synchronized when LDAP passwords are updated.
  • Breaking Changed defaults for :restrict_unauthenticated so that when :instance, :public is set to false then all :restrict_unauthenticated items be effectively set to true. If you'd like to allow unauthenticated access to specific API endpoints on a private instance, please explicitly set :restrict_unauthenticated to non-default value in config/prod.secret.exs.
  • In Conversations, return only direct messages as last_status
  • Using the only_media filter on timelines will now exclude reblog media
  • MFR policy to set global expiration for all local Create activities
  • OGP rich media parser merged with TwitterCard
  • Configuration: :instance, rewrite_policy moved to :mrf, policies, :instance, :mrf_transparency moved to :mrf, :transparency, :instance, :mrf_transparency_exclusions moved to :mrf, :transparency_exclusions. Old config namespace is deprecated.
  • Configuration: :media_proxy, whitelist format changed to host with scheme (e.g. http://example.com instead of example.com). Domain format is deprecated.
API Changes
  • Breaking: Pleroma API: The routes to update avatar, banner and background have been removed.
  • Breaking: Image description length is limited now.
  • Breaking: Emoji API: changed methods and renamed routes.
  • Breaking: Notification Settings API for suppressing notifications has been simplified down to block_from_strangers.
  • Breaking: Notification Settings API option for hiding push notification contents has been renamed to hide_notification_contents.
  • MastodonAPI: Allow removal of avatar, banner and background.
  • Streaming: Repeats of a user's posts will no longer be pushed to the user's stream.
  • Mastodon API: Added pleroma.metadata.fields_limits to /api/v1/instance
  • Mastodon API: On deletion, returns the original post text.
  • Mastodon API: Add pleroma.unread_count to the Marker entity.
  • Mastodon API: Added pleroma.metadata.post_formats to /api/v1/instance
  • Mastodon API (legacy): Allow query parameters for /api/v1/domain_blocks, e.g. /api/v1/domain_blocks?domain=badposters.zone
  • Mastodon API: Make notifications about statuses from muted users and threads read automatically
  • Pleroma API: /api/pleroma/captcha responses now include seconds_valid with an integer value.
Admin API Changes
  • Breaking Changed relay /api/pleroma/admin/relay endpoints response format.
  • Status visibility stats: now can return stats per instance.
  • Mix task to refresh counter cache (mix pleroma.refresh_counter_cache)

Removed

  • Breaking: removed with_move parameter from notifications timeline.

Added

  • Frontends: Add mix task to install frontends.
  • Frontends: Add configurable frontends for primary and admin fe.
  • Configuration: Added a blacklist for email servers.
  • Chats: Added accepts_chat_messages field to user, exposed in APIs and federation.
  • Chats: Added support for federated chats. For details, see the docs.
  • ActivityPub: Added support for existing AP ids for instances migrated from Mastodon.
  • Instance: Add background_image to configuration and /api/v1/instance
  • Instance: Extend /api/v1/instance with Pleroma-specific information.
  • NodeInfo: pleroma:api/v1/notifications:include_types_filter to the features list.
  • NodeInfo: pleroma_emoji_reactions to the features list.
  • Configuration: :restrict_unauthenticated setting, restrict access for unauthenticated users to timelines (public and federate), user profiles and statuses.
  • Configuration: Add :database_config_whitelist setting to whitelist settings which can be configured from AdminFE.
  • Configuration: filename_display_max_length option to set filename truncate limit, if filename display enabled (0 = no limit).
  • New HTTP adapter gun. Gun adapter requires minimum OTP version of 22.2 otherwise Pleroma won’t start. For hackney OTP update is not required.
  • Mix task to create trusted OAuth App.
  • Mix task to reset MFA for user accounts
  • Notifications: Added follow_request notification type.
  • Added :reject_deletes group to SimplePolicy
  • MRF (EmojiStealPolicy): New MRF Policy which allows to automatically download emojis from remote instances
  • Support pagination in emoji packs API (for packs and for files in pack)
  • Support for viewing instances favicons next to posts and accounts
  • Added Pleroma.Upload.Filter.Exiftool as an alternate EXIF stripping mechanism targeting GPS/location metadata.
  • "By approval" registrations mode.
  • Configuration: Added :welcome settings for the welcome message to newly registered users. You can send a welcome message as a direct message, chat or email.
  • Ability to hide favourites and emoji reactions in the API with [:instance, :show_reactions] config.
API Changes
  • Mastodon API: Add pleroma.parent_visible field to statuses.
  • Mastodon API: Extended /api/v1/instance.
  • Mastodon API: Support for include_types in /api/v1/notifications.
  • Mastodon API: Added /api/v1/notifications/:id/dismiss endpoint.
  • Mastodon API: Add support for filtering replies in public and home timelines.
  • Mastodon API: Support for bot field in /api/v1/accounts/update_credentials.
  • Mastodon API: Support irreversible property for filters.
  • Mastodon API: Add pleroma.favicon field to accounts.
  • Admin API: endpoints for create/update/delete OAuth Apps.
  • Admin API: endpoint for status view.
  • OTP: Add command to reload emoji packs

Fixed

  • Support pagination in conversations API
  • Breaking: SimplePolicy :reject and :accept allow deletions again
  • Fix follower/blocks import when nicknames starts with @
  • Filtering of push notifications on activities from blocked domains
  • Resolving Peertube accounts with Webfinger
  • blob: urls not being allowed by connect-src CSP
  • Mastodon API: fix GET /api/v1/notifications not returning the full result set
  • Rich Media Previews for Twitter links
  • Admin API: fix GET /api/pleroma/admin/users/:nickname/credentials returning 404 when getting the credentials of a remote user while :instance, :limit_to_local_content is set to :unauthenticated
  • Fix CSP policy generation to include remote Captcha services
  • Fix edge case where MediaProxy truncates media, usually caused when Caddy is serving content for the other Federated instance.
  • Emoji Packs could not be listed when instance was set to public: false
  • Fix whole_word always returning false on filter get requests
  • Migrations not working on OTP releases if the database was connected over ssl
  • Fix relay following

AdminFE changes

Added

  • Create /statuses/:id route that shows single status
  • Add link to the user's account in Pleroma on the user's profile page
  • On Reports page add links to reported account and the author of the report
  • In Notes add link to the note author's profile page
  • In Moderation log add link to the actor's profile page
  • Support pagination of local emoji packs and files
  • Add MRF Activity Expiration setting
  • Add ability to disable multi-factor authentication for a user
  • Add ability to configure Invalidation settings on MediaProxy tab
  • Ability to configure S3 settings on Upload tab, Pleroma.Web.ApiSpec.CastAndValidate and :modules settings on Other tab, :pools, :connections_pool and :hackney_pools settings on Job Queue tab, :restrict_unauthenticated settings on Authentication tab, :favicons and :welcome settings on Instance tab, :frontends and Pleroma.Web.Preload settings on Frontend tab
  • Show number of open reports in Sidebar Menu
  • Add confirmation message when deleting a user
  • Add new MediaProxy Cache Tab with ability to manually evict and ban objects from the Pleroma MediaProxy cache
  • Allow managing user's actor_type field via Admin API

Changed

  • Statuses count changes when an instance is selected and shows the amount of statuses from an originating instance
  • Add a confirmation dialog window when Remove button is clicked on the Settings page
  • Disable tab on the Settings page if there are no settings on this tab that can be changed in Admin FE
  • Settings that can't be altered in Admin FE are removed: HTTP Signatures settings, Federation publisher modules and Oban Repo
  • When rendering user's profile, statuses, reports and notes check if required properties exist
  • Remove ability to moderate users that don't have valid nicknames
  • Displays both labels and description in the header of group of settiings
  • Ability to add custom values in Pleroma.Upload.Filter.Mogrify setting in the following format: '{"implode", "1"}'
  • Change types of the following settings: ':groups', ':replace', ':federated_timeline_removal', ':reject', ':match_actor'. Update functions that parses and wraps settings data according to this change.
  • Move rendering Crontab setting from a separate component to EditableKeyword component
  • Show only those MRF settings that have been enabled in MRF Policies setting
  • Move Auto Linker settings to Link Formatter Tab as its configuration was moved to :pleroma, Pleroma.Formatter
  • Active and Local filters are applied by default on the Users tab

Fixed

  • Send true and false as booleans if they are values of single selects on the Settings page
  • Fix sorting users on Users page if there is an acount with missing nickname or ID
  • Add new type of settings: ['string', 'image']. Render Image upload Input depending on the type of setting, not its key
  • Fix displaying Pending tag and filtering by Pending Approval status
  • Fix following and unfollowing relays from Admin-FE, update mobile UI