diff options
Diffstat (limited to 'CHANGELOG.md')
| -rw-r--r-- | CHANGELOG.md | 60 |
1 files changed, 55 insertions, 5 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 7d0243e36..42a1bbb8f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,12 +6,65 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## Unreleased +### Changed + +### Added +- Support for Image activities, namely from Hubzilla + +### Fixed + +- rel="me" was missing its cache + +### Removed +- BREAKING: Support for passwords generated with `crypt(3)` (Gnu Social migration artifact) + +## 2.5.2 + +### Security +- `/proxy` endpoint now sets a Content-Security-Policy (sandbox) +- WebSocket endpoint now respects unauthenticated restrictions for streams of public posts +- OEmbed HTML tags are now filtered + +### Changed +- docs: Be more explicit about the level of compatibility of OTP releases +- Set default background worker timeout to 15 minutes + +### Fixed +- Atom/RSS formatting (HTML truncation, published, missing summary) +- Remove `static_fe` pipeline for `/users/:nickname/feed` +- Stop oban from retrying if validating errors occur when processing incoming data +- Make sure object refetching as used by already received polls follows MRF rules + +### Removed +- BREAKING: Support for passwords generated with `crypt(3)` (Gnu Social migration artifact) + +## 2.5.1 + +### Added +- Allow customizing instance languages + +### Fixed +- Security: uploading HTTP endpoint can no longer create directories in the upload dir (internal APIs, like backup, still can do it.) +- ~ character in urls in Markdown posts are handled properly +- Exiftool upload filter will now ignore SVG files +- Fix `block_from_stranger` setting +- Fix rel="me" +- Docker images will now run properly +- Fix inproper content being cached in report content +- Notification filter on object content will not operate on the ones that inherently have no content +- ZWNJ and double dots in links are parsed properly for Plain-text posts +- OTP releases will work on systems with a newer libcrypt +- Errors when running Exiftool.ReadDescription filter will not be filled into the image description + +## 2.5.0 - 2022-12-23 + ### Removed - MastoFE +- Quack, the logging backend that pushes to Slack channels ### Changed -- **Breaking:** Elixir >=1.10 is now required (was >= 1.9) +- **Breaking:** Elixir >=1.11 is now required (was >= 1.9) - Allow users to remove their emails if instance does not need email to register - Uploadfilter `Pleroma.Upload.Filter.Exiftool` has been renamed to `Pleroma.Upload.Filter.Exiftool.StripLocation` - **Breaking**: `/api/v1/pleroma/backups` endpoints now requires `read:backups` scope instead of `read:accounts` @@ -61,10 +114,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - RSS and Atom feeds for users work again - TwitterCard meta tags conformance -### Removed -- Quack, the logging backend that pushes to Slack channels - -## 2.4.5 - 2022-08-27 +## 2.4.5 - 2022-11-27 ## Fixed - Image `class` attributes not being scrubbed, allowing to exploit frontend special classes [!3792](https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3792) |