v0.17.0 Selective Sloth

⚠️ This release contains several database migrations which will run the first time you start up this new version. Be sure not to interrupt this migration process. This will take anywhere between a few seconds and an hour or even longer (on slower hardware / big databases). Please be patient! Back up your database file before updating! We had to rejig the entire statuses table to introduce interaction policies (see below). ⚠️

Hello everyone! This is the first ever BETA release of GoToSocial. Say hello to v0.17.0 Selective Sloth.

We've absolutely jam-packed this release with goodies!

Please read the migration notes carefully for instructions on how to upgrade to this version.

Release highlights

• Interaction policies: This release gives you the ability to set interaction policies on your statuses using the settings panel. Interaction policies let you determine who can reply to, like, or boost your statuses. You can accept or reject interactions as you wish; accepted replies will be added to your replies collection, and unwanted replies will be dropped. This feature is still a work-in-progress as we will almost certainly have some kinks to work out in terms of implementation etc, but we wanted to get it into people's hands as quickly as possible.
  User docs here: https://docs.gotosocial.org/en/latest/user_guide/settings/#default-interaction-policies
  Federation docs here: https://docs.gotosocial.org/en/latest/federation/posts/#interaction-policy
• Much wider range of support for different media types: In this release we've embedded a webassembly build of ffmpeg into the GoToSocial binary, so that users can post many different types of media than previously, including mp3, flac, and other audio types, and many more video types. Admins: you don't need to have ffmpeg installed on your server for this to work.
• Audio player: to complement the new media types, we adapted our current video player to also play audio, so people visiting your profile can play MP3s and FLACs. Album art is supported when embedded in the audio file!
• Header/avatar alt text: You can now set alt-text for your avatar + header images, so that screenreader users visiting your profile can read a description of your beautiful face.
• Better threading model for statuses: On the web view of a thread, conversations are now indented at different levels, to make it easier to see who's replying to whom.
• Prefers-reduced-motion is now supported, so that folks with animations turned off in their operating system or browser aren't confronted with lots of animation when they open your profile.
• Conversations view: You can now view a list of your direct message conversations, making it much easier to keep track of who you're talking to.
• Import/export csv files: It's now possible to import Mastodon-compatible CSV files for accounts you follow and accounts you block, making it much easier to migrate across instances. Export of these files is supported too.
• Exclusive lists: You can now mark lists as "exclusive", which means that posts from accounts in an exclusive list will show up only in that list and not in your home timeline.
• Show/hide posts on your profile: Previously only Public posts were shown on your web profile. This is still the default, but you can now choose to show unlisted posts on your web profile too (the Mastodon default), or to show no posts at all.
• Lots of new themes: solarized, brutalist, ecks pee, and more.
• Store worker queue on restart: when you stop the instance, pending tasks are stored into the database, and loaded again when you start up the instance, so that no tasks get lost between restarts.

Migration notes

Upgrading

To upgrade to v0.17.0 from a previous release:

Binary/tar

1. Stop GoToSocial.
2. Back up your database! If you're running on SQLite, this is as simple as copying your sqlite.db file, eg., cp sqlite.db sqlite.db.backup.
3. Download and untar the new release, including the web assets and html templates.
4. Edit your config.yaml file if necessary (see below).
5. Start GoToSocial.
6. Wait patiently for any migrations to run, do not interrupt migrations or you could leave your db in a broken state and will have to restore from backup!
7. Enjoy your updated instance.

Docker

1. Stop GoToSocial.
2. Back up your database! If you're running on SQLite, this is as simple as copying your sqlite.db file, eg., cp sqlite.db sqlite.db.backup.
3. Pull the new docker container (superseriousbusiness/gotosocial:0.17.0 or superseriousbusiness/gotosocial:latest)
4. Edit your config.yaml file or environment variables if necessary (see below).
5. Start GoToSocial.
6. Wait patiently for any migrations to run, do not interrupt migrations or you could leave your db in a broken state and will have to restore from backup!
7. Enjoy your updated instance.

config.yaml

The configuration file has changed since the previous release.

• Add db-postgres-connection-string.
• Remove media-image-max-size and media-video-max-size.
• Add media-local-max-size and media-remote-max-size.
• Add media-ffmpeg-pool-size.
• Add storage-s3-redirect-url.
• Change http-client.timeout default from 10s to 30s to reduce occurrence of "could not download media" message.

You can see a diff of the config file here: v0.16.0...v0.17.0#diff-c071e03510b2c57e193a44503fd9528a785f0f411497cc75841a9f8d0b1ac622

Database Migrations

⚠️⚠️⚠️

This release contains several VERY LONG database migrations which will run the first time you start up this new version.

Be sure not to interrupt this migration process.

This will take anywhere between a couple seconds and an hour or maybe even more (on slower hardware).

Please be patient!

⚠️⚠️⚠️

Which release archive/container should I use?

Tl;dr: Regardless of whether you're using SQLite or Postgres as your DB driver, you most likely you want the regular version without moderncsqlite in the name.

However, if you're on FreeBSD, 32-bit Linux or 32-bit ARM, we recommend using the moderncsqlite version instead.

You may need to change some configuration options too. See the table below:

OS	Architecture	Support level	Binary archive	Docker
Linux	x86-64/AMD64 (64-bit)	🟢 Full	linux_amd64.tar.gz	superseriousbusiness/gotosocial:0.17.0
Linux	Armv8/ARM64 (64-bit)	🟢 Full	linux_arm64.tar.gz	superseriousbusiness/gotosocial:0.17.0
FreeBSD	x86-64/AMD64 (64-bit)	🟢 Full1	freebsd_amd64_moderncsqlite.tar.gz	None provided
Linux	x86-32/i386 (32-bit)	🟡 Partial2	linux_386_moderncsqlite.tar.gz	superseriousbusiness/gotosocial:0.17.0-moderncsqlite
Linux	Armv7/ARM32 (32-bit)	🟡 Partial2	linux_armv7_moderncsqlite.tar.gz	superseriousbusiness/gotosocial:0.17.0-moderncsqlite
Linux	Armv6/ARM32 (32-bit)	🟡 Partial2	linux_armv6_moderncsqlite.tar.gz	superseriousbusiness/gotosocial:0.17.0-moderncsqlite

FreeBSD

moderncsqlite version currently recommended, though you might have success with the regular WASM SQLite version.

If running with regular WASM SQLite and having instability or memory issues, the following settings may help:

db-max-open-conns-multiplier: 0
db-sqlite-journal-mode: "TRUNCATE"
db-sqlite-synchronous: "FULL"

32-bit

moderncsqlite version is needed, as performance with regular WASM SQLite is not guaranteed when running on 32-bit.

Remote media processing will likely not work with reasonable performance, so you should set the following config variables to prevent download of remote media onto your instance:

media-remote-max-size: 0
media-emoji-remote-max-size: 0

Changelog

Features and performance

• b08c1bd: [feature] Implement types[] param for notifications (#3009) (@VyrCossont)
• d2b3d37: [feature/frontend] Reports frontend v2 (#3022) (@tsmethurst)
• 7b1ccbd: [feature] add worker task serialization logic (#2989) (@NyaaaWhatsUpDoc)
• 14fda0d: [feature/frontend] Rain Forest Theme (#3021) (@xmgz)
• 137ef5a: [feature] Default to WASM-based SQLite driver (#3053) (@daenney)
• 02d6e2e: [feature] Set some security related headers (#3065) (@daenney)
• d70f4e1: [feature/frontend] Allow setting alt-text for avatar + header (#3086) (@tsmethurst)
• cde2fb6: [feature] support processing of (many) more media types (#3090) (@NyaaaWhatsUpDoc)
• aeb65bc: [feature/frontend] Better visual separation between "main" thread and "replies" (#3093) (@tsmethurst)
• 9efb11d: [feature/frontend] Add player for audio files; use thumbnail for poster (#3099) (@tsmethurst)
• de45c0b: [feature] more filetype support! (#3107) (@NyaaaWhatsUpDoc)
• 0aadc2d: [feature] Allow users to set default interaction policies per status visibility (#3108) (@tsmethurst)
• 50c9b54: [feature] use webp for thumbnails (#3116) (@NyaaaWhatsUpDoc)
• 027a93f: [feature/frontend] Respect prefers-reduced-motion for avatars, headers, and emojis (#3118) (@tsmethurst)
• c635080: [feature] add flac support (#3121) (@NyaaaWhatsUpDoc)
• 8fdd358: [feature] Conversations API (#3013) (@VyrCossont)
• 325b4a2: [feature] Allow user to set "bot" flag; show bot icon on profile (#3135) (@tsmethurst)
• 8ab2b19: [feature] Federate interaction policies + Accepts; enforce policies (#3138) (@tsmethurst)
• a237e2b: [feature] Implement following hashtags (#3141) (@VyrCossont)
• 87cff71: [feature] persist worker queues to db (#3042) (@NyaaaWhatsUpDoc)
• 0b4a951: [performance] limit ffprobe read time to at most 1s after start of file (#3155) (@NyaaaWhatsUpDoc)
• 4351932: [feature] Object store custom URL (S3) (#3046) (@CDN18)
• 38f041c: [feature] Allow users to export data via the settings panel (#3140) (@tsmethurst)
• fd83777: [feature] Implement Mastodon-compatible roles (#3136) (@VyrCossont)
• 7b5917d: [feature] Allow import of following and blocks via CSV (#3150) (@tsmethurst)
• 9b50151: [feature] Beef up our AI opt-outs (#3165) (@daenney)
• b19cfee: [feature] Use gifv type for short soundless mp4 videos (#3182) (@tsmethurst)
• 94c615d: [feature] Add db-postgres-connection-string option (#3178) (@winston0410)
• f770051: [performance] move thumbnail generation to go code where possible (#3183) (@NyaaaWhatsUpDoc)
• 889d475: [performance] use native Go code to probe JPEGs (#3206) (@NyaaaWhatsUpDoc)
• 53fccb8: [feature] Use local_only field, deprecate federated field (#3222) (@tsmethurst)
• 8e5a72a: [performance] ffmpeg ffprobe wrapper improvements (#3225) (@NyaaaWhatsUpDoc)
• f23f04e: [feature] Interaction requests client api + settings panel (#3215) (@tsmethurst)
• 0a15555: [performance] use single-threaded image transforms (#3252) (@NyaaaWhatsUpDoc)
• 40dffb8: [feature/frontend] ecks pee theme (#3274) (@tsmethurst)
• 3d0d048: [feature/frontend] Add brutalist b&w theme (#3275) (@tsmethurst)
• 5543fd5: [feature/frontend] Add options to include Unlisted posts or hide all posts (#3272) (@tsmethurst)
• 540edef: [feature] Implement exclusive lists (#3280) (@VyrCossont)
• 307d98e: [feature] Process Reject of interaction via fedi API, put rejected statuses in the "sin bin" 😈 (#3271) (@tsmethurst)
• 486852f: [feature/frontend] Add dark version of brutalist theme (#3294) (@tsmethurst)
• 84279f6: [performance] cache more database calls, reduce required database calls overall (#3290) (@NyaaaWhatsUpDoc)
• c378ad2: [feature] Allow users to submit interaction_policy on new statuses (#3314) (@tsmethurst)
• 3edfc7e: [feature/frontend] Add solarized light + dark themes (#3325) (@tsmethurst)
• 1ce8543: [feature] Show info for pending replies, allow implicit accept of pending replies (#3322) (@tsmethurst)
• f550f59: [performance] remove the pragma optimize analysis limit on connection close (#3386) (@NyaaaWhatsUpDoc)
• 5c055af: [feature/frontend] Add Moonlight hunt theme (#3393) (@tsmethurst)
• 1e421cb: [feature] Distribute + ingest Accepts to followers (#3404) (@tsmethurst)
• 2076f7d: [feature] for an sqlite database with journal mode != WAL, use maximum of 1 open conn (#3428) (@NyaaaWhatsUpDoc)
• 6a76b9d: [feature/OFFICIALLY UNSUPPORTED] add nowasm build tag to disable building with WebAssembly (#3429) (@NyaaaWhatsUpDoc)

Bug fixes

• 4ce5c37: [bugfix] rename include_types[] to types[] (#3023) (@tsmethurst)
• c273847: [bugfix] add Date and Message-ID headers for email (#3031) (@jugendhacker)
• 86786ae: [bugfix] Fix typo in instance cache copyF (#3052) (@tsmethurst)
• a76670a: [bugfix] use instance configured emoji maxsize on emoji update validation (#3056) (@f0x52)
• 235bea0: [bugfix] update SignupURL routing in email template. (#3055) (@CDN18)
• be5e532: [bugfix] Handle ErrHideStatus when preparing timeline statuses (#3071) (@VyrCossont)
• 8f8093a: [bugfix] Don't throw error when parent statuses are missing (#2011) (#3088) (@snowkat)
• bbbdf01: [bugfix] Fix panic in isStatusHomeTimelineable (#3096) (@tsmethurst)
• b415337: [bugfix] update common get target account / status doing refresh async (#3124) (@NyaaaWhatsUpDoc)
• 31294f7: [bugfix] media.Processor{}.GetFile() returning 404s on first call, correctly loading on 2nd (#3129) (@NyaaaWhatsUpDoc)
• db0a471: [bugfix] Serialize empty conversation account list as empty list, not null (#3137) (@VyrCossont)
• ecfea10: [bugfix] Use punycode for host part of resource query param when doing webfinger requests (#3133) (@tsmethurst)
• 58f8082: [bugfix] moves file rename to earlier in media pipeline so ffmpeg calls ALWAYS have extension (#3146) (@NyaaaWhatsUpDoc)
• 368c97f: [bugfix] take into account rotation when generating thumbnail (#3147) (@NyaaaWhatsUpDoc)
• e5e996b: [bugfix] close files before error return (#3163) (@NyaaaWhatsUpDoc)
• b85a998: [bugfix] fix emoji recaching operations (#3167) (@NyaaaWhatsUpDoc)
• 4697271: [bugfix] send back Sec-Websocket-Protocol header for streaming WebSocket (#3169) (@leahneukirchen)
• 4a3ece0: [bugfix] ensure testrig package only compiled-in when debug enabled (#3185) (@NyaaaWhatsUpDoc)
• 865b3ae: [bugfix] updated pinned counts on status delete (#3188) (@NyaaaWhatsUpDoc)
• 4cb3e4d: [bugfix] incorrect AP serialize function used serializing worker data (#3196) (@NyaaaWhatsUpDoc)
• 5212a10: [bugfix] relax missing preferred_username, instead using webfingered username (#3189) (@NyaaaWhatsUpDoc)
• ae14aa0: [bugfix] permit unspecified orientation data (#3205) (@NyaaaWhatsUpDoc)
• 9b2f14b: [bugfix/frontend] Fix error on submitting domain perm with enter key (#3218) (@tsmethurst)
• ffcf6e7: [bugfix/frontend] Small safari + gnome web fixes (#3219) (@tsmethurst)
• bef0dfc: [bugfix] Carry-over ApprovedByURI to avoid marking already-approved remote statuses as pending approval (#3231) (@tsmethurst)
• d3887bf: [bugfix] Let prometheus client do its own compression handling (#3232) (@tsmethurst)
• 8a34e4c: [bugfix] Fix incorrect json-ld @context serialization (#3243) (@tsmethurst)
• 1f3dfbf: [bugfix/frontend] Fix TypeError: gtsError is undefined (#3245) (@tsmethurst)
• b17010c: [bugfix] Fix temp table deletion causing runaway allocations (#3278) (@tsmethurst)
• 100d660: [bugfix] Swagger: add missing filter_action param for v2 filter PUT (#3281) (@VyrCossont)
• 20fe430: [bugfix] Update home timeline query to ignore exclusive list entries (#3289) (@tsmethurst)
• f3311d6: [bugfix] Hoist filterable text field extraction out of loop (#3297) (@VyrCossont)
• 6dd936f: [bugfix/chore] Always set the status sensitive if media + content-warning present (#3308) (@NyaaaWhatsUpDoc)
• efd1a4f: [bugfix] Use better plaintext representation of status for filtering (#3301) (@tsmethurst)
• d4d6631: [bugfix] Be more lenient when parsing mastodown following.csv (#3311) (@tsmethurst)
• 4bd5e68: [bugfix] Ensure id set on outgoing Reject + Accept (#3312) (@tsmethurst)
• 95614fb: [bugfix] Fix incorrect policy value parsing (#3315) (@tsmethurst)
• e337aa8: [bugfix] Fix pending approval check (#3316) (@tsmethurst)
• 5bd6ad6: [bugfix/email] Don't use plainAuth when no smtp username/password provided (#3332) (@tsmethurst)
• dc4059e: [bugfix] add support for media with rotation contained in stream side data (#3335) (@NyaaaWhatsUpDoc)
• 713e733: [bugfix] Fix incorrect reply shown in interaction request (#3344) (@tsmethurst)
• 53ee6ae: [bugfix] s3 media uploaded without content-type (#3353) (@NyaaaWhatsUpDoc)
• 497ebd8: [bugfix] fix media limit reader check (#3363) (@NyaaaWhatsUpDoc)
• 6f35835: [bugfix] better handle ogg container format (#3365) (@NyaaaWhatsUpDoc)
• 095663f: [bugfix] visibility after implicit approval not getting invalidated (#3370) (@NyaaaWhatsUpDoc)
• 43e443f: [bugfix] Carry-over "PinnedAt" when refreshing status (#3373) (@tsmethurst)
• 8bd8c6f: [bugfix] Include own account in conversation when no other accounts involved (#3387) (@tsmethurst)
• d3d6e3f: [bugfix] Don't try to add nil filtered statuses to context (#3388) (@tsmethurst)
• 37a3d22: [bugfix] Account for nil reply when serializing int req (#3389) (@tsmethurst)
• c33b1e8: [bugfix] Update select of pending interaction requests to account for potential nil URI (#3392) (@tsmethurst)
• 18e2f69: [bugfix] Return 501 (not implemented) if user tries to schedule post (#3395) (@tsmethurst)
• c023bd3: [bugfix] Only allow boosting post from non-interaction-policy-aware instance if public or unlisted (#3396) (@tsmethurst)
• e8fd40f: [bugfix] Fix replies not being stored pending approval (#3409) (@tsmethurst)
• 1bc59a0: [bugfix] Add missing </a> on about page (#3410) (@tsmethurst)
• a69142a: [bugfix/frontend] Don't show replies to hidden parents; return 404 if no "main" thread (#3411) (@tsmethurst)
• cb9008f: [bugfix] Ensure pending_approval set on statuses + status faves (#3415) (@tsmethurst)
• 1c895f3: [bugfix] Check interaction policies properly on incoming Likes (#3416) (@tsmethurst)
• 95a3162: [bugfix] Account.last_status_at is a date, not datetime (#3419) (@untitaker)

Chores & version bumps

• 76d695d: [chore]: Bump github.com/yuin/goldmark from 1.7.1 to 1.7.2 (#3018) (@dependabot[bot])
• b7dede2: [chore]: Bump github.com/tdewolff/minify/v2 from 2.20.33 to 2.20.34 (#3017) (@dependabot[bot])
• 3a01377: [chore]: Bump github.com/miekg/dns from 1.1.59 to 1.1.61 (#3014) (@dependabot[bot])
• cc64de4: [chore]: Bump golang.org/x/oauth2 from 0.20.0 to 0.21.0 (#3015) (@dependabot[bot])
• 7ab404d: [chore]: Bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#3016) (@dependabot[bot])
• b93087c: [chore] update go-structr and go-mangler to no longer rely on modern-go/reflect2 (#3026) (@NyaaaWhatsUpDoc)
• 15e0bf6: [chore] update github.com/ncruces/go-sqlite3 -> v0.16.3 (#3029) (@NyaaaWhatsUpDoc)
• 4604224: [chore] Update our robots.txt (#3033) (@daenney)
• ddef307: [chore]: Bump github.com/yuin/goldmark from 1.7.2 to 1.7.3 (#3034) (@dependabot[bot])
• b9864e8: [chore]: Bump github.com/minio/minio-go/v7 from 7.0.71 to 7.0.72 (#3037) (@dependabot[bot])
• 03c5d01: [chore]: Bump github.com/gorilla/feeds from 1.1.2 to 1.2.0 (#3035) (@dependabot[bot])
• 21bb324: [chore] media and emoji refactoring (#3000) (@NyaaaWhatsUpDoc)
• 0baab75: [chore]: Bump golang.org/x/image from 0.17.0 to 0.18.0 (#3044) (@dependabot[bot])
• 2ddeb9b: [chore] Add envparsing test for advanced-header-filter-mode (#3051) (@tsmethurst)
• 9c44d6a: [chore]: Bump github.com/yuin/goldmark from 1.7.3 to 1.7.4 (#3059) (@dependabot[bot])
• fde0c6b: [chore] Allow gtsmodel to depend on util (#3068) (@VyrCossont)
• 49009fb: [chore] Update ncruces/go-sqlite3 to 0.17 (#3072) (@daenney)
• 1a66ea8: [chore] upstep activity to v1.7.0-gts (#3074) (@tsmethurst)
• a81455e: [chore]: Bump golang.org/x/crypto from 0.24.0 to 0.25.0 (#3080) (@dependabot[bot])
• 5769722: [chore]: Bump github.com/microcosm-cc/bluemonday from 1.0.26 to 1.0.27 (#3081) (@dependabot[bot])
• ae349dd: [chore]: Bump golang.org/x/net from 0.26.0 to 0.27.0 (#3082) (@dependabot[bot])
• 43c480a: [chore]: Bump github.com/minio/minio-go/v7 from 7.0.72 to 7.0.73 (#3083) (@dependabot[bot])
• 9a7c892: [chore/frontend] Put ActivityPub logo on index page (#3087) (@tsmethurst)
• 1de41f6: [chore] Bump ncruces/go-sqlite3 to 0.17.1 (#3085) (@daenney)
• 5bc5671: [chore] Add interaction policy gtsmodels (#3075) (@tsmethurst)
• c83e96b: [chore/frontend] Tweak threading a bit, inform about hidden replies (#3097) (@tsmethurst)
• e2ed6ef: [chore] Go mod tidy / vendor (#3100) (@tsmethurst)
• 9adcce9: [chore] add step-by-step logging to long migration (#3102) (@tsmethurst)
• b8a291c: [chore]: Bump github.com/coreos/go-oidc/v3 from 3.10.0 to 3.11.0 (#3104) (@dependabot[bot])
• 16421f7: [chore]: Bump github.com/tdewolff/minify/v2 from 2.20.34 to 2.20.37 (#3106) (@dependabot[bot])
• 72ba566: [chore] media pipeline improvements (#3110) (@NyaaaWhatsUpDoc)
• 2b895f8: [chore] Fix typo (#3113) (@tsmethurst)
• ad700c5: [chore/frontend] Use smaller webp images for logo and default avatars (#3119) (@tsmethurst)
• 8a2fb48: [chore] Remove duplicate <hr> (#3123) (@tsmethurst)
• 5338825: [chore]: Bump github.com/minio/minio-go/v7 from 7.0.73 to 7.0.74 (#3125) (@dependabot[bot])
• 6533531: [chore] Add some log lines to recent migrations warning not to interrupt (#3134) (@tsmethurst)
• 63fc9b6: [chore] renames the GTS caches to DB caches (#3127) (@NyaaaWhatsUpDoc)
• c9b6220: [chore] Add interaction filter to complement existing visibility filter (#3111) (@tsmethurst)
• ecc114f: [chore] replaces nested ifs with switch cases, removes defer 'onFail()' being passed to funcs (#3143) (@NyaaaWhatsUpDoc)
• 87ee64a: [chore] log delivery worker stop/start at debug level (#3145) (@tsmethurst)
• 47c2681: [chore] add some more slice related utility functions + remove duplicated functions (#3149) (@NyaaaWhatsUpDoc)
• 42932f9: [chore] replace UniqueStrings with Deduplicate (#3154) (@tsmethurst)
• 697261d: [chore] Take account of rotation data when calculating full size image dimensions (#3159) (@tsmethurst)
• 94e8761: [chore] add back exif-terminator and use only for jpeg,png,webp (#3161) (@NyaaaWhatsUpDoc)
• 0f734a2: [chore] move PopulateAccountStats() nil check often performed into function itself (#3158) (@NyaaaWhatsUpDoc)
• 09f239d: [chore/frontend] Update namerole rendering on skinny devices (#3166) (@tsmethurst)
• fa59c37: [chore] Add media-ffmpeg-pool-size config var (#3164) (@tsmethurst)
• b78be9f: [chore]: Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 (#3171) (@dependabot[bot])
• 745b802: [chore]: Bump golang.org/x/net from 0.27.0 to 0.28.0 (#3194) (@dependabot[bot])
• 871d062: [chore]: Bump golang.org/x/image from 0.18.0 to 0.19.0 (#3191) (@dependabot[bot])
• 6ff8376: [chore]: Bump github.com/prometheus/client_golang from 1.19.1 to 1.20.0 (#3210) (@dependabot[bot])
• c28a18b: [chore]: Bump github.com/minio/minio-go/v7 from 7.0.74 to 7.0.75 (#3208) (@dependabot[bot])
• c78c3d5: [chore]: Bump github.com/miekg/dns from 1.1.61 to 1.1.62 (#3209) (@dependabot[bot])
• e115445: [chore] update default http client timeout to 30s (#3214) (@NyaaaWhatsUpDoc)
• da3fa2d: [chore/bugfix] Fix missing insertion of preapproved interaction requests (#3228) (@tsmethurst)
• 2bd31ab: [chore] Tiny tweak to ApprovedByURI (#3234) (@tsmethurst)
• db59ca3: [chore] Remove unused "env" module (#3235) (@tsmethurst)
• 291bb68: [chore]: Bump github.com/prometheus/client_golang from 1.20.0 to 1.20.2 (#3239) (@dependabot[bot])
• 28d57d1: [chore] Bump all otel deps (#3241) (@tsmethurst)
• 2db5a51: [chore/frontend] Present themes as dropdown instead of radio (#3244) (@tsmethurst)
• 277b043: [chore] Update robots.txt with more AI scrapers (#3248) (@daenney)
• e10aa76: [chore] Only call imaging.Resize when necessary, use even tinier blurhashes (#3247) (@tsmethurst)
• 1e0c858: [chore] Upgrade ncruces/go-sqlite3 to v0.18.1 (#3253) (@daenney)
• 88a81fb: [chore] Close copied request body in SignDelivery (#3254) (@tsmethurst)
• f924297: [chore]: Bump github.com/minio/minio-go/v7 from 7.0.75 to 7.0.76 (#3262) (@dependabot[bot])
• 25a815a: [chore/performance] Avoid unnecessary "uncached" queries (#3265) (@tsmethurst)
• 0560c5c: [chore] Don't try to select zero uncached filters (#3266) (@tsmethurst)
• 7b7659f: [chore/performance] Further reduce nil uncached queries (#3267) (@tsmethurst)
• 0e2ee85: [chore] More AI blocking (#3273) (@daenney)
• edbcf0f: [chore] Change ecks pee font size to large (#3276) (@tsmethurst)
• 1649bfb: [chore]: Bump github.com/prometheus/client_golang from 1.20.2 to 1.20.3 (#3282) (@dependabot[bot])
• 6c0db21: [chore]: Bump golang.org/x/text from 0.17.0 to 0.18.0 (#3286) (@dependabot[bot])
• 0595c83: [chore]: Bump golang.org/x/image from 0.19.0 to 0.20.0 (#3285) (@dependabot[bot])
• f3eebfc: [chore]: Bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 (#3284) (@dependabot[bot])
• 7785fa5: [chore]: Bump golang.org/x/crypto from 0.26.0 to 0.27.0 (#3283) (@dependabot[bot])
• 3254ef1: [chore] status dereferencing improvements (#3255) (@NyaaaWhatsUpDoc)
• 0c374d9: [chore] Fix import/export links on settings panel (#3292) (@tsmethurst)
• 4fa0d41: [chore] Update go-sqlite3 to 0.18.3 (#3295) (@daenney)
• ca729aa: [chore]: Bump github.com/jackc/pgx/v5 from 5.6.0 to 5.7.1 (#3302) (@dependabot[bot])
• 9046220: [chore]: Bump golang.org/x/net from 0.28.0 to 0.29.0 (#3303) (@dependabot[bot])
• b2572b9: [chore] Bump otel deps -> v1.30.0/v0.52.0 (#3307) (@tsmethurst)
• 71261c6: [chore] Reject replies to rejected replies (#3291) (@tsmethurst)
• 0567b31: [chore] Refactor federatingDB.Undo, avoid 500 errors on Undo Like (#3310) (@tsmethurst)
• 8effc77: [chore] improved federatingdb logging in cases of unknown iri / types (#3313) (@NyaaaWhatsUpDoc)
• 2f56455: [chore/frontend] Tweak status styling a little (#3317) (@tsmethurst)
• f819229: [chore] make csv export ordering determinate (#3318) (@tsmethurst)
• 747c251: [chore/frontend] Make ecks pee theme even more ecks pee er (#3324) (@tsmethurst)
• 77b095a: [chore] ensure consistent caller name fetching regardless of compiler inlining (#3323) (@NyaaaWhatsUpDoc)
• 4f8f6d9: [chore/frontend] Tweak blockquote formatting (#3326) (@tsmethurst)
• 862cc9e: [chore]: Bump github.com/prometheus/client_golang from 1.20.3 to 1.20.4 (#3327) (@dependabot[bot])
• 964262b: [chore] header filter improvements (#3329) (@NyaaaWhatsUpDoc)
• 4592e29: [chore] local instance count query caching, improved status context endpoint logging, don't log ErrHideStatus when timelining (#3330) (@NyaaaWhatsUpDoc)
• 2f13b72: [chore] add nometrics build tagging to metrics API endpoint (#3331) (@NyaaaWhatsUpDoc)
• e59d238: [chore/docs] More little tweaks (#3336) (@tsmethurst)
• de72855: [chore] Roll otel deps back to v1.29.0 / v0.51.0 (#3337) (@tsmethurst)
• b0fbc32: [chore] reduce number admin process workers (#3354) (@NyaaaWhatsUpDoc)
• 82b9515: [chore] Fix some contrast issues in themes; performance tweaks (#3358) (@tsmethurst)
• f3e2d36: [chore] update go-sched pkg (#3357) (@NyaaaWhatsUpDoc)
• 58af95a: [chore] bump go-byteutil v1.2.0 -> v1.3.0 (#3356) (@NyaaaWhatsUpDoc)
• c1c8849: [chore] final bits of fiddling with solarized (#3364) (@tsmethurst)
• 7978d88: [chore] Update apparmor example file (#3368) (@tsmethurst)
• 18b7e00: [chore] use string formatting package agnostic way of printing request attempts ptr (#3371) (@NyaaaWhatsUpDoc)
• 188d28f: [chore]: Bump github.com/ncruces/go-sqlite3 from 0.18.3 to 0.18.4 (#3375) (@dependabot[bot])
• e3019ea: [chore]: Bump go.uber.org/automaxprocs from 1.5.3 to 1.6.0 (#3376) (@dependabot[bot])
• f037663: [chore] Change order of error checking after PostInbox (#3394) (@tsmethurst)
• 02470db: [chore/themes] Tweak colors on new themes (#3397) (@tsmethurst)
• 33bd97a: [chore]: Bump golang.org/x/net from 0.29.0 to 0.30.0 (#3402) (@dependabot[bot])
• 99f535f: [chore]: Bump golang.org/x/image from 0.20.0 to 0.21.0 (#3399) (@dependabot[bot])
• 2c3f1f4: [chore] update go-sqlite3 to v0.19.0 (#3406) (@NyaaaWhatsUpDoc)
• a504d8a: [chore] Create modernc sqlite builds alongside default wasm; add openbsd builds (#3413) (@tsmethurst)
• 77d755e: [chore] Don't cc Accept of likes to followers (#3417) (@tsmethurst)
• c77faee: [chore] Update goreleaser, add release notes template (#3421) (@tsmethurst)
• 4716840: [chore] goreleaser - use custom previous tag (#3422) (@tsmethurst)
• ab1cb12: [chore/bugfix] goreleaser make previous_tag cmd busybox-compatible (#3423) (@tsmethurst)
• 86fb00d: [chore] Ensure current tag not set as GORELEASER_PREVIOUS_TAG (#3424) (@tsmethurst)
• 096767b: [chore/docs] Add /gotosocial/.cache to Docker container, document GTS_WAZERO_COMPILATION_CACHE (#3425) (@tsmethurst)
• 020da28: [chore] Clarify supported platforms, add notes + docs (#3427) (@tsmethurst)
• be3b807: [chore]: Bump github.com/yuin/goldmark from 1.7.4 to 1.7.6 (#3430) (@dependabot[bot])
• 157ee31: [chore]: Bump github.com/minio/minio-go/v7 from 7.0.77 to 7.0.78 (#3431) (@dependabot[bot])
• 4fcea3d: [chore] Hopefully final tweak to changelog generation (#3437) (@tsmethurst)

Documentation

• 863c67c: [docs] fix: traefik redirect regex (#3032) (@coxde)
• fa71005: [docs] restructure federation section (#3038) (@tsmethurst)
• a650f30: [docs] Tidy up API auth docs a little bit (#3050) (@tsmethurst)
• 27bcc1f: [docs] Update how to enable http2 on nginx (#3066) (@daenney)
• f5a44cc: [docs] update README with our corporate sponsorship policy (#3112) (@NyaaaWhatsUpDoc)
• f8d399c: [docs] Add separate migration section + instructions for moving to GtS and not just away (#3139) (@tsmethurst)
• 2f7d654: [docs] Update system requirements, move things around a bit (#3157) (@tsmethurst)
• d842069: [docs/chore] update list of library deps on readme (#3288) (@NyaaaWhatsUpDoc)
• 459f925: [docs] Update readme alpha -> beta, add more feature examples (#3333) (@tsmethurst)
• 9c1dfd0: [docs] Add rainforest theme to readme.md (#3334) (@tsmethurst)
• 504b3a9: [docs] Don't run SQLite on networked storage (#3369) (@daenney)
• 3f7dc10: [docs] Update smtp docs to mention starttls + port 587 (#3378) (@tsmethurst)
• 36abd56: [docs] Make protocol config option really explicit (#3391) (@tsmethurst)
• 3f68e13: [docs] fix httpsig repo typo (#3426) (@cy7sh)
• 400fd8c: [docs] Document experimental, unsupported nowasm tag (#3436) (@tsmethurst)

Other

• 9143ac6: updates go-mutexes to no longer rely on unsafe linkname (#3027) (@NyaaaWhatsUpDoc)
• e543fbc: update remaining gruf libraries relying on linkname (#3028) (@NyaaaWhatsUpDoc)
• bbbf6eb: [frontend] Better autocapitalize/spellcheck settings on forms (#3077) (@tsmethurst)
• ad93e57: [choore] Update robots.txt (#3092) (@daenney)
• 4010981: give read-only access to /dev for ffmpeg to access /dev/urandom (#3109) (@NyaaaWhatsUpDoc)
• 409b398: update go-ffmpreg to v0.2.3 (#3120) (@NyaaaWhatsUpDoc)
• 2d921d9: Explicitly propagate filter results from statuses to their boosts in API responses (#3130) (@VyrCossont)
• 86a59db: Remove content and related fields from boosts (#3131) (@VyrCossont)
• d9e70b9: ensure ffmpeg muxer gets set correctly by setting input file extension before clean (#3142) (@NyaaaWhatsUpDoc)
• 26022c2: Fix no rows in result set error in emoji list command (#3152) (@rdelaage)
• 3045782: updates our ffmpreg version, heh (#3181) (@NyaaaWhatsUpDoc)
• 9cd27b4: [security] harden account update logic (#3198) (@NyaaaWhatsUpDoc)
• f8d5b9f: update go-structr to v0.8.8 (#3199) (@NyaaaWhatsUpDoc)
• 6fe96a5: update go-fastcopy to v1.1.3 (#3200) (@NyaaaWhatsUpDoc)
• 09f24e0: update go-ffmpreg to v0.2.5 (pulls in latest tetratelabs/wazero) (#3203) (@NyaaaWhatsUpDoc)
• 586639c: update go-sqlite3 to v0.18.0 (#3204) (@NyaaaWhatsUpDoc)
• a4c0a59: Bump micromatch from 4.0.5 to 4.0.8 in /web/source (#3227) (@dependabot[bot])
• f35c124: Bump elliptic from 6.5.4 to 6.5.7 in /web/source (#3212) (@dependabot[bot])
• f4d69db: move WASM compilation stage much later in server init to reduce memory usage during db migrations (#3242) (@NyaaaWhatsUpDoc)
• cd93a5b: [security] Implement allowFiles fs for better isolation of ffmpeg / ffprobe (#3251) (@tsmethurst)
• 6ee540a: fix new processing media / emoji not being added to dereferencer maps (#3269) (@NyaaaWhatsUpDoc)
• 6c0bd0e: update go-ffmpreg v0.2.5 -> v0.2.6 (#3287) (@NyaaaWhatsUpDoc)
• 2f582e2: update gruf / {go-cache, go-maps, go-kv} (#3361) (@NyaaaWhatsUpDoc)
• 3f9a1db: update modernc/sqlite to v1.33.1 (with our concurrency workaround) (#3367) (@NyaaaWhatsUpDoc)
• c17abea: update go-structr to v0.8.11 (#3380) (@NyaaaWhatsUpDoc)
• 23b6d2c: fix: fix slice init length (#3382) (@cuishuang)
• bd1866a: update go-ffmpreg to v0.3.1 (pulls in latest wazero too) (#3398) (@NyaaaWhatsUpDoc)
• 3ad49f7: updates exported interface types to match ncruces/go-sqlite3/driver methods (#3440) (@NyaaaWhatsUpDoc)