Skip to content

Releases: glitch-soc/mastodon

v4.6.3

Choose a tag to compare

@ClearlyClaire ClearlyClaire released this 03 Jul 18:11
a37afb7

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Security

  • Update dependencies

Added

Fixed

Upgrade notes

To get the code for v4.6.3, use git fetch && git checkout v4.6.3.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.6.0.

  • Ruby: 3.3 or newer
  • PostgreSQL: 14 or newer
  • Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
  • LibreTranslate (optional, for translations): 1.3.3 or newer
  • Redis: 7.0 or newer
  • Node: 22 or newer
  • libvips: 8.13 or newer
  • FFMpeg: 5.1 or newer

Update steps

The following instructions are for updating from 4.6.2.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.6.0 release notes.

Non-Docker

Tip

The charlock_holmes gem may fail to build on some systems with recent versions of gcc.
If you run into this issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install.

  1. Install dependencies with bundle install and yarn install --immutable
  2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
  3. Restart all Mastodon processes.

When using Docker

  1. Restart all Mastodon processes.

v4.6.2

Choose a tag to compare

@ClearlyClaire ClearlyClaire released this 25 Jun 09:46
7f2fd68

This release is made solely to update FFmpeg in our docker container images to fix CVE-2026-8461 (critical severity). It is critical to update if you use our docker container images.

If you are not using our docker container images, please make sure your system FFmpeg is updated to a fixed version, that is, 8.1.2, 7.1.5, 6.1.6, or 5.1.10.

For the recently released v4.6.1, see 4.6.1 release notes for information.

Changelog

Security

  • Update FFMpeg version used in the container image to fix CVE-2026-8461 (critical severity)

Upgrade notes

To get the code for v4.6.2, use git fetch && git checkout v4.6.2.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.6.0.

  • Ruby: 3.3 or newer
  • PostgreSQL: 14 or newer
  • Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
  • LibreTranslate (optional, for translations): 1.3.3 or newer
  • Redis: 7.0 or newer
  • Node: 22 or newer
  • libvips: 8.13 or newer
  • FFMpeg: 5.1 or newer

Update steps

The following instructions are for updating from 4.6.1.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.6.0 release notes.

  1. Restart all Mastodon processes.

v4.5.13

Choose a tag to compare

@ClearlyClaire ClearlyClaire released this 25 Jun 09:47
c55a777

This release is made solely to update FFmpeg in our docker container images to fix CVE-2026-8461 (critical severity). It is critical to update if you use our docker container images.

If you are not using our docker container images, please make sure your system FFmpeg is updated to a fixed version, that is, 8.1.2, 7.1.5, 6.1.6, or 5.1.10.

For the recently released v4.5.12, see 4.5.12 release notes for information.

Changelog

Security

  • Update FFMpeg version used in the container image to fix CVE-2026-8461 (critical severity)

Upgrade notes

To get the code for v4.5.13, use git fetch && git checkout v4.5.13.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.5.0.

  • Ruby: 3.2 or newer
  • PostgreSQL: 14 or newer
  • Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
  • LibreTranslate (optional, for translations): 1.3.3 or newer
  • Redis: 7.0 or newer
  • Node: 20.19 or newer
  • libvips (optional, instead of ImageMagick): 8.13 or newer
  • ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.5.12.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.5.0 release notes.

  1. Restart all Mastodon processes.

v4.4.20

Choose a tag to compare

@ClearlyClaire ClearlyClaire released this 25 Jun 09:48
564bb05

Note

While we continue to support Mastodon 4.4 and release patches for it, please note that Mastodon 4.5 is available with new features, changes and fixes. We encourage administrators to update to the latest 4.5 version when they can.

This release is made solely to update FFmpeg in our docker container images to fix CVE-2026-8461 (critical severity). It is critical to update if you use our docker container images.

If you are not using our docker container images, please make sure your system FFmpeg is updated to a fixed version, that is, 8.1.2, 7.1.5, 6.1.6, or 5.1.10.

For the recently released v4.4.19, see 4.4.19 release notes for information.

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Security

  • Update FFMpeg version used in the container image to fix CVE-2026-8461 (critical severity)

Upgrade notes

To get the code for v4.4.20, use git fetch && git checkout v4.4.20.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.4.1:

  • Ruby: 3.2 or newer
  • PostgreSQL: 13 or newer
  • Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
  • LibreTranslate (optional, for translations): 1.3.3 or newer
  • Redis: 6.2 or newer
  • Node: 20 or newer
  • libvips (optional, instead of ImageMagick): 8.13 or newer
  • ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.4.19.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.4.0 release notes.

  1. Restart all Mastodon processes.

v4.6.1

Choose a tag to compare

@ClearlyClaire ClearlyClaire released this 24 Jun 15:57
311e648

This is a patch release for 4.6.

Check out the 4.6.0 release notes for information.

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Security

  • Update dependencies

Added

  • Add avatar_description and header_description to /api/v1/accounts/update_credentials (mastodon#39547 and mastodon#39574 by @ClearlyClaire and @mkljczk)
    • This is available starting from Mastodon API version 11 and intended to provide an easier implementation path for clients implementing a similar feature in forks.
    • The new /api/v1/profile API remains the recommended API for setting avatar and header description as well as other profile values.

Fixed

Upgrade notes

To get the code for v4.6.1, use git fetch && git checkout v4.6.1.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.6.0.

  • Ruby: 3.3 or newer
  • PostgreSQL: 14 or newer
  • Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
  • LibreTranslate (optional, for translations): 1.3.3 or newer
  • Redis: 7.0 or newer
  • Node: 22 or newer
  • libvips: 8.13 or newer
  • FFMpeg: 5.1 or newer

ImageMagick removal and libvips replacement

ImageMagick has been deprecated since Mastodon 4.4.0 and is now unsupported. If you used MASTODON_USE_LIBVIPS=false, this will be ignored and you will need to install libvips.

Theming system changes

The theming system has changed substantially, changing how light and dark themes work, as well as high-contrast. We also overhauled the whole theme to use design tokens and CSS variables.

Custom themes will most likely require significant changes to work with Mastodon 4.6.0.

If you are a theme author, please see our documentation at https://docs.joinmastodon.org/dev/frontend/theming/ and https://docs.joinmastodon.org/dev/frontend/design-tokens/

Email subscription feature and additional costs

Mastodon 4.6 introduces a new feature that lets users turn their public posts into mailing lists. This can result in an increased amount of sent emails and thus increased costs.

This feature needs to be enabled by a Mastodon user with administrator privileges, then opted-in by individual users.

In situations where the Mastodon administrators and the people hosting the server are not the same people, such as providers that offer Mastodon as a service, the system administrators may want to disable this feature. This can be done by setting the DISABLE_EMAIL_SUBSCRIPTIONS environment variable to true.

Update steps

The following instructions are for updating from 4.6.0.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.6.0 release notes.

Non-Docker

Tip

The charlock_holmes gem may fail to build on some systems with recent versions of gcc.
If you run into this issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install.

  1. Install dependencies with bundle install and yarn install --immutable
  2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
  3. Restart all Mastodon processes.

When using Docker

  1. Restart all Mastodon processes.

v4.5.12

Choose a tag to compare

@ClearlyClaire ClearlyClaire released this 24 Jun 16:27
48c5dca

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Security

  • Fix TLS certificate verification being disabled on setups with LDAP_TLS_NO_VERIFY=true (GHSA-3rhr-8phh-jm86)
  • Update dependencies

Fixed

  • Fix being unable to unmark media as sensitive when "always mark media as sensitive" is enabled in web UI (mastodon#39339 by @matrix07012)

Upgrade notes

To get the code for v4.5.12, use git fetch && git checkout v4.5.12.

Note

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Dependencies

External dependencies have not changed since v4.5.0.

  • Ruby: 3.2 or newer
  • PostgreSQL: 14 or newer
  • Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
  • LibreTranslate (optional, for translations): 1.3.3 or newer
  • Redis: 7.0 or newer
  • Node: 20.19 or newer
  • libvips (optional, instead of ImageMagick): 8.13 or newer
  • ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.5.11.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.5.0 release notes.

Non-Docker

Tip

The charlock_holmes gem may fail to build on some systems with recent versions of gcc.
If you run into this issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install.

  1. Install dependencies with bundle install and yarn install --immutable
  2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
  3. Restart all Mastodon processes.

When using Docker

  1. Restart all Mastodon processes.

v4.6.0

Choose a tag to compare

@ClearlyClaire ClearlyClaire released this 17 Jun 13:32
0c4bf90

For a user-focused highlight of these changes, see https://blog.joinmastodon.org/2026/06/mastodon-4.6/
For changes of particular interest to application developers, see https://blog.joinmastodon.org/2026/06/mastodon-4-6-for-devs/
For a more detailed run-down on the changes, see the Changelog section below!

Upgrade overview

This release contains upgrade notes that deviate from the norm:

⚠️ The minimum supported version for Ruby has been bumped to 3.3
⚠️ The minimum supported version for Node.JS has been bumped to 22
⚠️ The minimum supported version for FFMpeg has been bumped to 5.1
⚠️ ImageMagick support has been dropped, libvips is required
⚠️ Custom themes need to be updated
ℹ️ Requires assets recompilation
ℹ️ Requires streaming server restart
ℹ️ Requires database migrations

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Added

Changed

Read more

v4.6.0-rc.2

v4.6.0-rc.2 Pre-release
Pre-release

Choose a tag to compare

@ClearlyClaire ClearlyClaire released this 16 Jun 20:24
1f927a8

Warning

This is a pre-release! This has not been as widely tested as regular releases, although it is still tested on mastodon.social and some other servers. If you update to this release, you will not be able to safely downgrade to the existing stable releases. You will, however, be able to upgrade to later nightly releases or pre-releases, as well as the upcoming 4.6.0 stable release.

Upgrade overview

This release contains upgrade notes that deviate from the norm:

⚠️ The minimum supported version for Ruby has been bumped to 3.3
⚠️ The minimum supported version for Node.JS has been bumped to 22
⚠️ The minimum supported version for FFMpeg has been bumped to 5.1
⚠️ ImageMagick support has been dropped, libvips is required
⚠️ Custom themes need to be updated
ℹ️ Requires assets recompilation
ℹ️ Requires streaming server restart
ℹ️ Requires database migrations

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog (v4.6.0-rc.2)

Added

Changed

Fixed

Changelog (v4.6.0-rc.1)

Added

Changed

Removed

Fixed

Changelog (v4.6.0-beta.1)

Added

Read more

v4.6.0-rc.1

v4.6.0-rc.1 Pre-release
Pre-release

Choose a tag to compare

@ClearlyClaire ClearlyClaire released this 12 Jun 17:17
61c56d4

Warning

This is a pre-release! This has not been as widely tested as regular releases, although it is still tested on mastodon.social and some other servers. If you update to this release, you will not be able to safely downgrade to the existing stable releases. You will, however, be able to upgrade to later nightly releases or pre-releases, as well as the upcoming 4.6.0 stable release.

Upgrade overview

This release contains upgrade notes that deviate from the norm:

⚠️ The minimum supported version for Ruby has been bumped to 3.3
⚠️ The minimum supported version for Node.JS has been bumped to 22
⚠️ The minimum supported version for FFMpeg has been bumped to 5.1
⚠️ ImageMagick support has been dropped, libvips is required
⚠️ Custom themes need to be updated
ℹ️ Requires assets recompilation
ℹ️ Requires streaming server restart
ℹ️ Requires database migrations

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog (v4.6.0-rc.1)

Added

Changed

Removed

Fixed

Changelog (v4.6.0-beta.1)

Added

Read more

v4.6.0-beta.1

v4.6.0-beta.1 Pre-release
Pre-release

Choose a tag to compare

@ClearlyClaire ClearlyClaire released this 03 Jun 21:07
1c9b662

Warning

This is a pre-release! This has not been as widely tested as regular releases, although it is still tested on some servers. If you update to this release, you will not be able to safely downgrade to the existing stable releases. You will, however, be able to upgrade to later nightly releases or pre-releases, as well as the upcoming 4.6.0 stable release.

Upgrade overview

This release contains upgrade notes that deviate from the norm:

⚠️ The minimum supported version for Ruby has been bumped to 3.3
⚠️ The minimum supported version for Node.JS has been bumped to 22
⚠️ The minimum supported version for FFMpeg has been bumped to 5.1
⚠️ ImageMagick support has been dropped, libvips is required
⚠️ Custom themes need to be updated
ℹ️ Requires assets recompilation
ℹ️ Requires streaming server restart
ℹ️ Requires database migrations

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Added

Changed

Read more