v4.6.0-beta.1

Warning

This is a pre-release! This has not been as widely tested as regular releases, although it is still tested on some servers. If you update to this release, you will not be able to safely downgrade to the existing stable releases. You will, however, be able to upgrade to later nightly releases or pre-releases, as well as the upcoming 4.6.0 stable release.

Upgrade overview

This release contains upgrade notes that deviate from the norm:

⚠️ The minimum supported version for Ruby has been bumped to 3.3
⚠️ The minimum supported version for Node.JS has been bumped to 22
⚠️ The minimum supported version for FFMpeg has been bumped to 5.1
⚠️ ImageMagick support has been dropped, libvips is required
⚠️ Custom themes need to be updated
ℹ️ Requires assets recompilation
ℹ️ Requires streaming server restart
ℹ️ Requires database migrations

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Added

• Add collections (mastodon#37992, mastodon#37005, mastodon#37049, mastodon#37020, mastodon#37053, mastodon#37110, mastodon#37117, mastodon#37122, mastodon#37154, mastodon#37157, mastodon#37176, mastodon#37192, mastodon#37222, mastodon#37225, mastodon#37254, mastodon#37277, mastodon#37298, mastodon#37322, mastodon#37434, mastodon#37468, mastodon#37514, mastodon#37512, mastodon#37549, mastodon#37556, mastodon#37560, mastodon#37580, mastodon#37591, mastodon#37552, mastodon#37618, mastodon#37643, mastodon#37658, mastodon#37731, mastodon#37678, mastodon#37741, mastodon#37762, mastodon#37790, mastodon#37805, mastodon#37823, mastodon#37837, mastodon#37842, mastodon#37850, mastodon#37848, mastodon#37812, mastodon#37950, mastodon#37898, mastodon#37916, mastodon#37920, mastodon#37927, mastodon#37928, mastodon#37961, mastodon#37967, mastodon#37974, mastodon#37989, mastodon#37986, mastodon#38004, mastodon#38026, mastodon#38027, mastodon#38030, mastodon#38038, mastodon#38065, mastodon#38081, mastodon#38082, mastodon#38096, mastodon#38106, mastodon#38113, mastodon#38124, mastodon#38133, mastodon#38144, mastodon#38153, mastodon#38166, mastodon#38167, mastodon#38169, mastodon#38170, mastodon#38177, mastodon#38193, mastodon#38213, mastodon#38251, mastodon#38255, mastodon#38256, mastodon#38282, mastodon#38298, mastodon#38292, mastodon#38307, mastodon#38306, mastodon#38316, mastodon#38115, mastodon#38329, mastodon#38334, mastodon#38337, mastodon#38351, mastodon#38368, mastodon#38370, mastodon#38356, mastodon#38383, mastodon#38386, mastodon#38385, mastodon#38394, mastodon#38393, mastodon#38399, mastodon#38402, mastodon#38409, mastodon#38414, mastodon#38413, mastodon#38424, mastodon#38425, mastodon#38450, mastodon#38508, mastodon#38528, mastodon#38534, mastodon#38536, mastodon#38540, mastodon#38543, mastodon#38491, mastodon#38586, mastodon#38611, mastodon#38588, mastodon#38612, mastodon#38628, mastodon#38626, mastodon#38630, mastodon#38633, mastodon#38629, mastodon#38638, mastodon#38645, mastodon#38644, mastodon#38636, mastodon#38660, mastodon#38657, mastodon#38688, mastodon#38690, mastodon#38672, mastodon#38698, mastodon#38697, mastodon#38708, mastodon#38712, mastodon#38713, mastodon#38709, mastodon#38719, mastodon#38728, mastodon#38730, mastodon#38732, mastodon#38739, mastodon#38749, mastodon#38751, mastodon#38750, mastodon#38767, mastodon#38769, mastodon#38783, mastodon#38785, mastodon#38959, mastodon#38786, mastodon#38794, mastodon#38776, mastodon#38817, mastodon#38792, mastodon#38822, mastodon#38827, mastodon#38831, mastodon#38830, mastodon#38844, mastodon#38843, mastodon#38852, mastodon#38850, mastodon#38847, mastodon#38865, mastodon#38897, mastodon#38900, mastodon#38919, mastodon#38933, mastodon#38934, mastodon#38935, mastodon#38942, mastodon#38941, mastodon#38954, mastodon#38961, mastodon#38957, mastodon#38962, mastodon#38991, mastodon#39009, mastodon#39062, mastodon#39029, mastodon#39069, mastodon#39020, mastodon#39073, mastodon#39082, mastodon#39096, mastodon#39080, mastodon#39182, mastodon#39143, mastodon#39127, mastodon#37929, mastodon#38029, mastodon#39194, mastodon#39198, mastodon#39210, mastodon#39211, mastodon#39202, mastodon#39214, mastodon#39215, mastodon#39220, mastodon#39234, mastodon#39260, and mastodon#39251 by @ChaosExAnima, @ClearlyClaire, @Gargron, @arte7, @diondiondion, @mjankowski, @oneiros, and @shleeable)
  • Create collections with up to 25 accounts each, then share them with others. You can read more about this feature on our blog. This is based on FEP-7aa9 (Featured Collections) to be interoperable with the wider Fediverse. All the new API methods are documented here.
• Add email subscriptions (mastodon#38163, mastodon#38507, mastodon#38502, mastodon#38487, mastodon#38527, mastodon#38582, mastodon#38741, mastodon#38907, and mastodon#39162 by @ClearlyClaire and @Gargron)
  • Admins can allow specific roles to enable email subscriptions on their profile, allowing anonymous visitors to subscribe to their posts via email.
• Add new overview landing page setting (mastodon#39074, mastodon#39170, mastodon#39163, and mastodon#39138 by @Gargron, @diondiondion, and @zunda)
  • Admins can choose a new frontpage for anonymous visitors, which combines the about page and most recent posts from local profiles.
• Add ability to require 2FA for specific roles (including Everybody) (mastodon#37701, mastodon#37846, and mastodon#38906 by @ClearlyClaire and @mjankowski)
• Add export for custom filters (mastodon#39085 by @arte7)
• Add ability to search email blocks by domain in admin UI (mastodon#38923 by @arte7)
• Add new endpoints for profile editing in REST API (mastodon#37912, mastodon#37934, mastodon#37932, mastodon#38221, and mastodon#38339 by @ClearlyClaire)
  • Add GET /api/v1/profile and PATCH /api/v1/profile to replace the existing update_credentials endpoint. See the documentation for more information.
• Add missing_attribution boolean to preview cards in REST API (mastodon#38043 by @ClearlyClaire)
  • Documentation: https://docs.joinmastodon.org/entities/PreviewCard/#missing_attribution
• Add exclude_direct flag to /api/v1/accounts/:id/statuses to exclude direct messages (mastodon#37763 by @ClearlyClaire)
• Add max_note_length and max_display_name_length attributes to configuration.accounts in Instance entity (mastodon#37991 by @ClearlyClaire)
• Add profile field limits to instance entity in REST API (mastodon#37535 by @mkljczk)
  • This adds attributes configuration.accounts.max_profile_fields, configuration.accounts.profile_field_name_limit and configuration.accounts.profile_field_value_limit to the Instance entity.
• Add unresolved flag to /api/v1/admin/reports to query both resolved and unresolved reports (mastodon#38323 by @mkljczk)
• Add fallback attributes to notifications for new and infrequent notifications in REST API (mastodon#38832 and mastodon#38860 by @ClearlyClaire)
  • This adds a supported_types parameter to GET /api/v1/notifications, GET /api/v1/notifications/:id, GET /api/v2/notifications, and GET /api/v2/notifications/:group_key along with a new fallback attribute for notifications and notification groups.
• Add support for posts in vertical languages in web UI (mastodon#37204, mastodon#38205, and mastodon#38797 by @shimon1024)
• Add PageUp and PageDown hotkeys for list navigation (mastodon#39252 by @diondiondion)
• Add g+e keyboard shortcut to access the trending page in web UI (mastodon#38014 by @antoinecellerier)
• Add Cmd/Ctrl+Enter for form submissions in more text areas in web UI (mastodon#37821 by @diondiondion)
• Add support for quoting by dragging a link into the compose form in web UI (mastodon#36859 and mastodon#36896 by @ClearlyClaire and @tribela)
• Add text-autospace to posts to improve rendering of mixed script posts in web UI (mastodon#37694 by @ahxxm)
• Add nan-TW to supported locales (mastodon#37650, mastodon#34923, mastodon#37822, and mastodon#37721 by @ClearlyClaire and @Yoxem)
• Add support for hosts resolver in request socket DNS lookup (mastodon#38699, mastodon#38866, and mastodon#39030 by @ClearlyClaire and @mjankowski)
• Add support for FEP-2c59 (Webfinger Backlink) (mastodon#38239, mastodon#38538, and mastodon#38639 by @ClearlyClaire and @shleeable)
• Add support for FEP-3b86 (Activity Intents) (mastodon#38120 and mastodon#38130 by @ClearlyClaire and @Gargron)
• Add support for alt text for profile pictures and headers (mastodon#37634, mastodon#37641, and mastodon#38000 by @ClearlyClaire and @Doxterpepper)
• Add support for multiple keypairs for remote accounts (mastodon#38279, mastodon#38407, mastodon#38419, mastodon#38511, mastodon#38516, mastodon#38515, mastodon#38555 and mastodon#39235 by @ClearlyClaire)
• Add support for the “require approval” feature for email domain blocks to tootctl email_domain_blocks (mastodon#34579 and mastodon#38107 by @ClearlyClaire and @e-nomem)
• Add --keep-interacted flag to tootctl media remove to preserve cached media on cleanup (mastodon#36200 by @northerner)
• Add systemd service file for prometheus exporter (mastodon#35130 by @ThisIsMissEm)

Changed

• Change design of profiles in web UI (mastodon#37472, mastodon#37490, mastodon#37479, mastodon#37513, mastodon#37527, mastodon#37550, mastodon#37538, mastodon#37632, mastodon#37627, mastodon#37593, mastodon#37638, mastodon#37626, mastodon#37645, mastodon#37653, mastodon#37683, mastodon#37707, mastodon#37682, mastodon#37742, mastodon#37747, mastodon#37760, mastodon#37761, mastodon#37831, mastodon#37766, mastodon#37811, mastodon#37813, mastodon#37825, mastodon#37854, mastodon#37851, mastodon#37876, mastodon#37885, mastodon#37892, mastodon#37890, mastodon#37907, mastodon#37922, mastodon#37952, mastodon#37958, mastodon#37996, mastodon#37990, mastodon#37994, mastodon#38005, mastodon#38012, mastodon#38040, mastodon#38052, mastodon#38066, mastodon#38083, mastodon#38147, mastodon#38148, mastodon#38152, mastodon#38168, mastodon#38156, mastodon#38175, mastodon#38191, mastodon#38189, mastodon#38235, mastodon#38283, mastodon#38310, mastodon#38309, mastodon#38315, mastodon#38314, mastodon#38365, mastodon#38366, mastodon#38363, mastodon#38346, mastodon#38382, mastodon#38384, mastodon#38400, mastodon#38404, mastodon#38417, mastodon#38426, mastodon#38440, mastodon#38442, mastodon#38443, mastodon#38445, mastodon#38446, mastodon#38451, mastodon#38456, mastodon#38509, mastodon#38510, mastodon#38512, mastodon#38513, mastodon#38517, mastodon#38529, mastodon#38531, mastodon#38535, mastodon#38532, mastodon#38544, mastodon#38549, mastodon#38575, mastodon#38579, mastodon#38580, mastodon#38581, mastodon#38585, mastodon#38584, mastodon#38604, mastodon#38605, mastodon#38606, mastodon#38607, mastodon#38622, mastodon#38616, mastodon#38625, mastodon#38632, mastodon#38640, mastodon#38663, mastodon#38667, mastodon#38646, mastodon#38691, mastodon#38692, mastodon#38766, mastodon#38791, mastodon#38687, mastodon#38826, mastodon#38828, mastodon#38863, mastodon#38845, mastodon#38870, mastodon#38872, mastodon#38932, mastodon#38945, mastodon#38963, mastodon#38964, mastodon#39055, mastodon#39042, mastodon#38893, mastodon#39079, mastodon#39084, mastodon#39160, mastodon#39070, and mastodon#39217 by @ChaosExAnima, @ClearlyClaire, @Coro365, @diondiondion, and @shleeable)
  • The profile screen has been entirely redesigned, has new features, and allows you to update your own profile directly without going into the preferences panel. You can read more about it on our blog.
• Change how #Wrapstodon reports are generated and displayed (mastodon#37033, mastodon#37045, mastodon#37093, mastodon#37055, mastodon#37096, mastodon#37047, mastodon#37103, mastodon#37104, mastodon#37106, mastodon#37109, mastodon#37121, mastodon#37138, mastodon#37134, mastodon#37177, mastodon#37182, mastodon#37169, mastodon#37186, mastodon#37187, mastodon#37188, mastodon#37189, mastodon#37190, mastodon#37193, mastodon#37198, mastodon#37201, mastodon#37203, mastodon#37205, mastodon#37206, mastodon#37207, mastodon#37209, mastodon#37202, mastodon#37216, mastodon#37219, mastodon#37224, mastodon#37226, mastodon#37229, mastodon#37249, mastodon#37251, mastodon#37256, mastodon#37261, mastodon#37269, mastodon#37270, mastodon#37273, and mastodon#37289 by @ChaosExAnima, @ClearlyClaire, @channyeintun, and @diondiondion)
  • This finishes up work started in 2024 by completely revamping how Wrapstodon reports are generated and displayed, reducing the amount of data collected and generating reports when active users ask for them.
  • Instead of requiring manual generation from a server administrator, this is now offered between the 10th of December and the end of each year if enabled in the server settings.
  • The design of the Wrapstodon report has also been fully reworked to be more delightful and easier to share!
  • The relevant API endpoints are documented at https://docs.joinmastodon.org/methods/annual_reports/
• Change pending user notification email to link directly to the pending acco...

v4.5.11

Changelog

Security

• Fix allowed attribution domains spoofing (GHSA-rwcw-vq68-g34p)
• Fix uncaught exception in message sanitization causing Denial of Service (GHSA-qrgq-9fx2-vf2r)
• Update dependencies

Fixed

• Fix remote statuses with large media descriptions being rejected (mastodon#39135 by @ClearlyClaire)

Upgrade notes

To get the code for v4.5.11, use git fetch && git checkout v4.5.11.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.5.0.

• Ruby: 3.2 or newer
• PostgreSQL: 14 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 7.0 or newer
• Node: 20.19 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.5.10.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.5.0 release notes.

Non-Docker

Tip

The charlock_holmes gem may fail to build on some systems with recent versions of gcc.
If you run into this issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install.

1. Install dependencies with bundle install
2. Restart all Mastodon processes.

When using Docker

1. Restart all Mastodon processes.

v4.4.18

Note

While we continue to support Mastodon 4.4 and release patches for it, please note that Mastodon 4.5 is available with new features, changes and fixes. We encourage administrators to update to the latest 4.5 version when they can.

Changelog

Security

• Fix allowed attribution domains spoofing (GHSA-rwcw-vq68-g34p)
• Fix uncaught exception in message sanitization causing Denial of Service (GHSA-qrgq-9fx2-vf2r)
• Update dependencies

Fixed

• Fix remote statuses with large media descriptions being rejected (mastodon#39135 by @ClearlyClaire)

Upgrade notes

To get the code for v4.4.18, use git fetch && git checkout v4.4.18.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.4.1:

• Ruby: 3.2 or newer
• PostgreSQL: 13 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 6.2 or newer
• Node: 20 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.4.17.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.4.0 release notes.

Non-Docker

1. Install dependencies with bundle install
2. Restart all Mastodon processes.

When using Docker

1. Restart all Mastodon processes.

v4.5.10

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Security

• Fix SSRF protection bypass (GHSA-crr4-7rm4-8gpw, GHSA-xx55-4rrg-8xg6)
• Fix Linked-Data Signature bypass through JSON-LD graph restructuring features (GHSA-53m7-2wrh-q839, GHSA-chgx-jx3p-rf73)
• Updated dependencies

Fixed

• Fix type of interactingObject, interactionTarget and add missing QuoteAuthorization (mastodon#38940 by @ClearlyClaire)

Removed

• Remove unused devise strategies (mastodon#38795 by @ClearlyClaire)

Upgrade notes

To get the code for v4.5.10, use git fetch && git checkout v4.5.10.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.5.0.

• Ruby: 3.2 or newer
• PostgreSQL: 14 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 7.0 or newer
• Node: 20.19 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.5.9.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.5.0 release notes.

Non-Docker

Tip

The charlock_holmes gem may fail to build on some systems with recent versions of gcc.
If you run into this issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install.

1. Install dependencies with bundle install and yarn install --immutable
2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
3. Restart all Mastodon processes.

When using Docker

1. Restart all Mastodon processes.

v4.4.17

Note

While we continue to support Mastodon 4.4 and release patches for it, please note that Mastodon 4.5 is available with new features, changes and fixes. We encourage administrators to update to the latest 4.5 version when they can.

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Security

• Fix SSRF protection bypass (GHSA-crr4-7rm4-8gpw, GHSA-xx55-4rrg-8xg6)
• Fix Linked-Data Signature bypass through JSON-LD graph restructuring features (GHSA-53m7-2wrh-q839, GHSA-chgx-jx3p-rf73)
• Updated dependencies

Removed

• Remove unused devise strategies (mastodon#38795 by @ClearlyClaire)

Upgrade notes

To get the code for v4.4.17, use git fetch && git checkout v4.4.17.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.4.1:

• Ruby: 3.2 or newer
• PostgreSQL: 13 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 6.2 or newer
• Node: 20 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.4.16.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.4.0 release notes.

Non-Docker

1. Install dependencies with bundle install and yarn install --immutable
2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
3. Restart all Mastodon processes.

When using Docker

1. Restart all Mastodon processes.

v4.3.23

Caution

Mastodon 4.3 is unsupported and contains known security issues. Please update to a newer Mastodon version as soon as possible.
This version is only provided as a stop-gap, as patches were ready before the end-of-support date, but no further update will be made on this branch.

Changelog

Security

• Fix SSRF protection bypass (GHSA-crr4-7rm4-8gpw, GHSA-xx55-4rrg-8xg6)
• Fix Linked-Data Signature bypass through JSON-LD graph restructuring features (GHSA-53m7-2wrh-q839, GHSA-chgx-jx3p-rf73)
• Updated dependencies

Upgrade notes

To get the code for v4.3.23, use git fetch && git checkout v4.3.23.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.3.0, the compatible Ruby, PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:

• Ruby: 3.1 or newer
• PostgreSQL: 12 or newer. PostgreSQL versions 14.0 to 14.3 are not supported as they contain a critical data-corruption bug (see v4.3.0 release notes)
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 4 or newer
• Node: 18 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer

Update steps

The following instructions are for updating from 4.3.22.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, please read the v4.3.0 release notes, as there have been multiple important changes.

Non-docker

Tip

The charlock_holmes gem may fail to build on some systems with recent versions of gcc.
If you run into such an issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install.

1. Install dependencies with bundle install and yarn install --immutable
2. Restart all Mastodon processes.

When using docker

1. Restart all Mastodon processes.

v4.5.9

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Security

• Insufficient verification of email addresses (GHSA-5r37-qpwq-2jhh)
• Updated dependencies

Added

• Add trademark warning to mastodon:setup task (mastodon#38548 by @ClearlyClaire)

Fixed

• Fix definition for quote in JSON-LD context (mastodon#38686 by @ClearlyClaire)
• Fix being unable to disable sound for quote update notification (mastodon#38537 by @ClearlyClaire)
• Fix being able to quote someone you blocked (mastodon#38608 by @ClearlyClaire)

Upgrade notes

To get the code for v4.5.9, use git fetch && git checkout v4.5.9.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.5.0.

• Ruby: 3.2 or newer
• PostgreSQL: 14 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 7.0 or newer
• Node: 20.19 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.5.8.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.5.0 release notes.

Non-Docker

Tip

The charlock_holmes gem may fail to build on some systems with recent versions of gcc.
If you run into this issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install.

1. Install dependencies with bundle install and yarn install --immutable
2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
3. Restart all Mastodon processes.

When using Docker

1. Restart all Mastodon processes.

v4.4.16

Note

While we continue to support Mastodon 4.4 and release patches for it, please note that Mastodon 4.5 is available with new features, changes and fixes. We encourage administrators to update to the latest 4.5 version when they can.

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Security

• Insufficient verification of email addresses (GHSA-5r37-qpwq-2jhh)
• Updated dependencies

Added

• Add trademark warning to mastodon:setup task (mastodon#38548 by @ClearlyClaire)

Fixed

• Fix definition for quote in JSON-LD context (mastodon#38686 by @ClearlyClaire)

Upgrade notes

To get the code for v4.4.16, use git fetch && git checkout v4.4.16.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.4.1:

• Ruby: 3.2 or newer
• PostgreSQL: 13 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 6.2 or newer
• Node: 20 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.4.15.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.4.0 release notes.

Non-Docker

1. Install dependencies with bundle install and yarn install --immutable
2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
3. Restart all Mastodon processes.

When using Docker

1. Restart all Mastodon processes.

v4.3.22

Warning

While we do our best to support Mastodon 4.3 until 2026-05-06, there are known security issues in some of the dependencies we use.
We recommend administrators to update to a newer Mastodon version when they can.

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Security

• Insufficient verification of email addresses (GHSA-5r37-qpwq-2jhh)
• Updated dependencies

Added

• Add trademark warning to mastodon:setup task (mastodon#38548 by @ClearlyClaire)

Upgrade notes

To get the code for v4.3.22, use git fetch && git checkout v4.3.22.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.3.0, the compatible Ruby, PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:

• Ruby: 3.1 or newer
• PostgreSQL: 12 or newer. PostgreSQL versions 14.0 to 14.3 are not supported as they contain a critical data-corruption bug (see v4.3.0 release notes)
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 4 or newer
• Node: 18 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer

Update steps

The following instructions are for updating from 4.3.21.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, please read the v4.3.0 release notes, as there have been multiple important changes.

Non-docker

Tip

The charlock_holmes gem may fail to build on some systems with recent versions of gcc.
If you run into such an issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install.

1. Install dependencies with bundle install and yarn install --immutable
2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
3. Restart all Mastodon processes.

When using docker

1. Restart all Mastodon processes.

v4.5.8

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Security

• Fix insufficient checks on quote authorizations (GHSA-q4g8-82c5-9h33)
• Fix open redirect in legacy path handler (GHSA-xqw8-4j56-5hj6)
• Updated dependencies

Added

• Add for searching already-known private GtS posts (mastodon#38057 by @ClearlyClaire)

Changed

• Change media description length limit for remote media attachments from 1500 to 10000 characters (mastodon#37921 by @ClearlyClaire)
• Change HTTP signatures to skip the Accept header (mastodon#38132 by @ClearlyClaire)
• Change numeric AP endpoints to redirect to short account URLs when HTML is requested (mastodon#38056 by @ClearlyClaire)

Fixed

• Fix some model definitions in tootctl maintenance fix-duplicates (mastodon#38214 by @ClearlyClaire)
• Fix overly strict checks for current username on account migration page (mastodon#38183 by @mjankowski)
• Fix OpenStack Swift Keystone token rate limiting (mastodon#38145 by @hugogameiro)
• Fix poll expiration notification being re-triggered on implicit updates (mastodon#38078 by @ClearlyClaire)
• Fix incorrect translation string in webauthn mailers (mastodon#38062 by @mjankowski)
• Fix “Unblock” and “Unmute” actions being disabled when blocked (mastodon#38075 by @ClearlyClaire)
• Fix username availability check being wrongly applied on race conditions (mastodon#37975 by @ClearlyClaire)
• Fix hover card unintentionally being shown in some cases (mastodon#38039 and mastodon#38112 by @diondiondion)
• Fix existing posts not being removed from lists when a list member is unfollowed (mastodon#38048 by @ClearlyClaire)

Upgrade notes

To get the code for v4.5.8, use git fetch && git checkout v4.5.8.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.5.0.

• Ruby: 3.2 or newer
• PostgreSQL: 14 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 7.0 or newer
• Node: 20.19 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.5.7.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.5.0 release notes.

Non-Docker

Tip

The charlock_holmes gem may fail to build on some systems with recent versions of gcc.
If you run into this issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install.

1. Install dependencies with bundle install
2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
3. Restart all Mastodon processes.

When using Docker

1. Restart all Mastodon processes.