Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Security

• Update dependencies
• Fix incorrect rate-limit handling GHSA-84ch-6436-c7mg

Fixed

• Fix race condition caused by ActiveRecord query cache in Create critical path (#35662 by @ClearlyClaire)
• Fix race condition caused by quote post processing (#35657 by @ClearlyClaire)
• Fix WebUI crashing for accounts with null URL (#35651 by @ClearlyClaire)
• Fix friends-of-friends recommendations suggesting already-requested accounts (#35604 by @ClearlyClaire)
• Fix synchronous recursive fetching of deeply-nested quoted posts (#35600 by @ClearlyClaire)
• Fix “Expand this post” link including user @undefined (#35478 by @ClearlyClaire)

Changed

• Change StatusReachFinder to consider quotes as well as reblogs (#35601 by @ClearlyClaire)
• Add restrictions on which quote posts can trend (#35507 by @ClearlyClaire)
• Change quote verification to not bypass authorization flow for mentions (#35528 by @ClearlyClaire)

Upgrade notes

To get the code for v4.4.3, use git fetch && git checkout v4.4.3.

Dependencies

External dependencies have not changed since v4.4.1:

• Ruby: 3.2 or newer
• PostgreSQL: 13 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 6.2 or newer
• Node: 20 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.4.2.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.4.0 release notes.

Non-Docker

1. Install dependencies with bundle install
2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
3. Restart all Mastodon processes.

When using Docker

1. Restart all Mastodon processes.

Changelog

Security

• Update dependencies
• Fix incorrect rate-limit handling GHSA-84ch-6436-c7mg

Fixed

• Fix race condition caused by ActiveRecord query cache in Create critical path (#35662 by @ClearlyClaire)
• Fix WebUI crashing for accounts with null URL (#35651 by @ClearlyClaire)
• Fix friends-of-friends recommendations suggesting already-requested accounts (#35604 by @ClearlyClaire)

Upgrade notes

To get the code for v4.3.11, use git fetch && git checkout v4.3.11.

Dependencies

External dependencies have not changed since v4.3.0, the compatible Ruby, PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:

• Ruby: 3.1 or newer
• PostgreSQL: 12 or newer. PostgreSQL versions 14.0 to 14.3 are not supported as they contain a critical data-corruption bug (see v4.3.0 release notes)
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 4 or newer
• Node: 18 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer

Update steps

The following instructions are for updating from 4.3.10.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, please read the v4.3.0 release notes, as there have been multiple important changes.

Non-docker

1. Install dependencies with bundle install
2. Restart all Mastodon processes.

When using docker

1. Restart all Mastodon processes.

Changelog

Security

• Update dependencies
• Fix incorrect rate-limit handling GHSA-84ch-6436-c7mg

Fixed

• Fix race condition caused by ActiveRecord query cache in Create critical path (#35662 by @ClearlyClaire)
• Fix WebUI crashing for accounts with null URL (#35651 by @ClearlyClaire)

Upgrade notes

To get the code for v4.2.24, use git fetch && git checkout v4.2.24.

Dependencies

The minimum supported Ruby version has been bumped from 3.0 to 3.1 in Mastodon v4.2.17. Otherwise, external dependencies have not changed since v4.2.4, the compatible PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:

• Ruby: 3.1 to 3.3
• PostgreSQL: 10 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 4 or newer
• Node: 16 or newer
• ImageMagick: 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.2.23.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations.

Non-Docker only:

1. Install dependencies: bundle install
2. Restart all Mastodon processes

Using Docker:

1. Restart all Mastodon processes

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Security

• update dependencies

Fixed

• Fix menu not clickable in Firefox (#35390 and #35414 by @diondiondion)
• Add lang attribute to current composer language in alt text modal (#35412 by @diondiondion)
• Fix quote posts styling on notifications page (#35411 by @diondiondion)
• Improve a11y of custom select menus in notifications settings (#35403 by @diondiondion)
• Fix selected item in poll select menus is unreadable in Firefox (#35402 by @diondiondion)
• Update age limit wording (#35387 by @diondiondion)
• Fix support for quote verification in implicit status updates (#35384 by @ClearlyClaire)
• Improve Dropdown component accessibility (#35373 by @diondiondion)
• Fix processing some incoming quotes failing because of missing JSON-LD context (#35354 and #35380 by @ClearlyClaire)
• Make bio hashtags open the local page instead of the remote instance (#35349 by @ChaosExAnima)
• Fix styling of external log-in button (#35320 by @ClearlyClaire)

Upgrade notes

To get the code for v4.4.2, use git fetch && git checkout v4.4.2.

Dependencies

External dependencies have not changed since v4.4.1:

• Ruby: 3.2 or newer
• PostgreSQL: 13 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 6.2 or newer
• Node: 20 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.4.1.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.4.0 release notes.

Non-Docker

1. Install dependencies with bundle install
2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
3. Restart all Mastodon processes.

When using Docker

1. Restart all Mastodon processes.

Changelog

Security

• Updated dependencies

Upgrade notes

To get the code for v4.3.10, use git fetch && git checkout v4.3.10.

Dependencies

External dependencies have not changed since v4.3.0, the compatible Ruby, PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:

• Ruby: 3.1 or newer
• PostgreSQL: 12 or newer. PostgreSQL versions 14.0 to 14.3 are not supported as they contain a critical data-corruption bug (see v4.3.0 release notes)
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 4 or newer
• Node: 18 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer

Update steps

The following instructions are for updating from 4.3.9.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, please read the v4.3.0 release notes, as there have been multiple important changes.

Non-docker

1. Install dependencies with bundle install
2. Restart all Mastodon processes.

When using docker

1. Restart all Mastodon processes.

Changelog

Security

• Updated dependencies

Upgrade notes

To get the code for v4.2.23, use git fetch && git checkout v4.2.23.

Dependencies

The minimum supported Ruby version has been bumped from 3.0 to 3.1 in Mastodon v4.2.17. Otherwise, external dependencies have not changed since v4.2.4, the compatible PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:

• Ruby: 3.1 to 3.3
• PostgreSQL: 10 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 4 or newer
• Node: 16 or newer
• ImageMagick: 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.2.22.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations.

Non-Docker only:

1. Install dependencies: bundle install
2. Restart all Mastodon processes

Using Docker:

1. Restart all Mastodon processes

This is a hotfix for 4.4, mostly addressing build and deployment issues with 4.4.0.

Check out the 4.4.0 release notes for information.

Upgrade overview

This release contains upgrade notes that deviate from the norm:

ℹ️ Requires assets recompilation

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Fixed

• Fix nearly every sub-directory being crawled as part of Vite build (#35323 by @ClearlyClaire)
• Fix assets not building when Redis is unavailable (#35321 by @oneiros)
• Fix replying from media modal or pop-in-player tagging user @undefined (#35317 by @ClearlyClaire)
• Fix support for special characters in various environment variables (#35314 by @mjankowski and @ClearlyClaire)
• Fix some database migrations failing for indexes manually removed by admins (#35309 by @mjankowski)

Upgrade notes

To get the code for v4.4.1, use git fetch && git checkout v4.4.1.

Dependencies

External dependencies have not changed since v4.4.0:

• Ruby: 3.2 or newer
• PostgreSQL: 13 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 6.2 or newer
• Node: 20 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.4.0.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.4.0 release notes.

Non-Docker

1. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
2. Restart all Mastodon processes.

When using Docker

1. Restart all Mastodon processes.

For a user-focused highlight of these changes, see https://blog.joinmastodon.org/2025/07/mastodon-4.4/
For changes of particular interest to application developers, see https://blog.joinmastodon.org/2025/07/mastodon-4-4-for-devs/
For a more detailed run-down on the changes, see the Changelog section below!

Upgrade overview

This release contains upgrade notes that deviate from the norm:

⚠️ The minimum supported version for Redis has been bumped to 6.2
⚠️ The minimum supported version for PostgreSQL has been bumped to 13
⚠️ The minimum supported version for Ruby has been bumped to 3.2
⚠️ The minimum supported version for Node.js has been bumped to 20
⚠️ Support for Redis namespaces has been dropped
⚠️ Requires updating the metadata for the Elasticsearch accounts index
⚠️ Rolling updates from versions earlier than Mastodon 4.3 are not supported
⚠️ Import jobs from Mastodon versions earlier than Mastodon 4.2 are not supported
⚠️ ImageMagick is being deprecated and may be removed in a future version
ℹ️ The new experimental Fediverse Auxiliary Service Providers feature requires a new fasp sidekiq queue
ℹ️ Requires streaming server restart
ℹ️ Requires database migrations

For more information, view the complete release notes and scroll down to the upgrade instructions section.

Changelog

Added

• Add “Followers you know” widget to user profiles and hover cards (#34652, #34678, #34681, #34697, #34699, #34769, #34774 and #34914 by @diondiondion)
• Add featured tab to profiles on web UI and rework pinned posts (#34405, #34483, #34491, #34754, #34855, #34858, #34868, #34869, #34927, #34995, #35056 and #34931 by @ChaosExAnima, @ClearlyClaire, @Gargron, and @diondiondion)
• Add endorsed accounts to featured tab in web UI (#34421 and #34568 by @Gargron)
  This also includes the following new REST API endpoints:
  • GET /api/v1/accounts/:id/endorsements: https://docs.joinmastodon.org/methods/accounts/#endorsements
  • POST /api/v1/accounts/:id/endorse: https://docs.joinmastodon.org/methods/accounts/#endorse
  • POST /api/v1/accounts/:id/unendorse: https://docs.joinmastodon.org/methods/accounts/#unendorse
• Add ability to add and remove hashtags from featured tags in web UI (#34489, #34887, and #34490 by @ClearlyClaire and @Gargron)
  This is achieved through the new REST API endpoints:
  • POST /api/v1/tags/:id/feature: https://docs.joinmastodon.org/methods/tags/#feature
  • POST /api/v1/tags/:id/unfeature: https://docs.joinmastodon.org/methods/tags/#unfeature
• Add reminder when about to post without alt text in web UI (#33760 and #33784 by @Gargron)
• Add a warning in Web UI when composing a post when the selected and detected language are different (#33042, #33683, #33700, #33724, #33770, and #34193 by @ClearlyClaire and @Gargron)
• Add support for verifying and displaying remote quote posts (#34370, #34481, #34510, #34551, #34480, #34479, #34553, #34584, #34623, #34738, #34766, #34770, #34772, #34773, #34786, #34790, #34864, #34957, #34961, #35016, #35022, #35036, #34946, #34945 and #34958 by @ClearlyClaire and @diondiondion)
  Support for verifying remote quotes according to FEP-044f and displaying them in the Web UI has been implemented.
  Quoting other people is not implemented yet, and it is currently not possible to mark your own posts as allowing quotes. However, a new “Who can quote” setting has been added to the “Posting defaults” section of the user settings. This setting allows you to set a default that will be used for new posts made on Mastodon 4.5 and newer, when quote posts will be fully implemented.
  In the REST API, quote posts are represented by a new quote attribute on Status and StatusEdit entities: https://docs.joinmastodon.org/entities/StatusEdit/#quote https://docs.joinmastodon.org/entities/Status/#quote
• Add ability to reorder and translate server rules (#34637, #34737, #34494, #34756, #34820, #34997, #35170, #35174 and #35174 by @ChaosExAnima and @ClearlyClaire)
  Rules are now shown in the user’s language, if a translation has been set.
  In the REST API, Rule entities now have a new translations attribute: https://docs.joinmastodon.org/entities/Rule/#translations
• Add emoji from Twemoji 15.1.0, including in the emoji picker/completion (#33395, #34321, #34620, and #34677 by @ChaosExAnima, @ClearlyClaire, @TheEssem, and @eramdam)
• Add option to remove account from followers in web UI (#34488 by @Gargron)
• Add relationship tags to profiles and hover cards in web UI (#34467 and #34792 by @Gargron and @diondiondion)
• Add ability to open posts in a new tab by middle-clicking in web UI (#32988, #33106, #33419, and #34700 by @ClearlyClaire, @Gargron, and @tribela)
• Add new filter action to blur media (#34256 by @ClearlyClaire)
  In the REST API, this adds a new possible value of blur to the filter_action attribute: https://docs.joinmastodon.org/entities/Filter/#filter_action
• Add dropdown menu to hashtag links in web UI (#34393 by @Gargron)
• Add server setting to allow referrer (#33214, #33239, #33903, and #34731 by @ChaosExAnima, @ClearlyClaire, @Gargron, and @renchap)
  In order to protect the privacy of users of small or thematic servers, Mastodon previously avoided transmitting referrer information when clicking outside links, which unfortunately made Mastodon completely invisible to other websites, even though the privacy implications on large generic servers are very limited.
  Server administrators can now chose to opt in to transmit referrer information when following an external link. Only the domain name is transmitted, not the referrer path.
• Add double tap to zoom and swipe to dismiss to media modal in web UI (#34210 by @Gargron)
• Add link from Web UI for Hashtags to the Moderation UI (#31448 by @ThisIsMissEm)
• Add terms of service (#33055, #33233, #33230, #33703, #33699, #33994, #33993, #34105, #34122, #34200, #34527, #35053, #35115, #35126, #35127 and #35233 by @ClearlyClaire, @Gargron, @mjankowski, and @oneiros)
  Server administrators can now fill in Terms of Service and notify their users of upcoming changes.
• Add optional bulk mailer settings (#35191 and #35203 by @oneiros)
  This adds the optional environment variables BULK_SMTP_PORT, BULK_SMTP_SERVER, BULK_SMTP_LOGIN and so on analogous to SMTP_PORT, SMTP_SERVER, SMTP_LOGIN and related SMTP configuration environment variables.
  When BULK_SMTP_SERVER is set, this group of variables is used instead of the regular ones for sending announcement notification emails and Terms of Service notification emails.
• Add age verification on sign-up (#34150, #34663, and #34636 by @ClearlyClaire and @Gargron)
  Server administrators now have a setting to set a minimum age requirement for creating a new server, asking users for their date of birth. The date of birth is checked against the minimum age requirement server-side but not stored.
  The following REST API changes have been made to accommodate this:
  • registrations.min_age has been added to the Instance entity: https://docs.joinmastodon.org/entities/Instance/#registrations-min_age
  • the date_of_birth parameter has been added to the account creation API: https://docs.joinmastodon.org/methods/accounts/#create
• Add ability to dismiss alt text badge by tapping it in web UI (#33737 by @Gargron)
• Add loading indicator to timeline gap indicators in web UI (#33762 by @Gargron)
• Add interaction modal when trying to interact with a poll while logged out (#32609 by @ThisIsMissEm)
• Add experimental FASP support (#34031, #34415, #34765, #34965, #34964, #34033, #35218, #35262 and #35263 by @oneiros)
  This is a first step towards supporting “Fediverse Auxiliary Service Providers” (https://github.com/mastodon/fediverse_auxiliary_service_provider_specifications). This is mostly interesting to developers who would like to implement their own FASP, but also includes the capability to share data with a discovery provider (see https://www.fediscovery.org).
• Add ability for admins to send announcements to all users via email (#33928 and #34411 by @ClearlyClaire)
  This is meant for critical announcements only, as this will potentially send a lot of emails and cannot be opted out of by users.
• Add Server Moderation Notes (#31529 by @ThisIsMissEm)
• Add loading spinner to “Post” button when sending a post (#35153 by @diondiondion)
• Add option to use system scrollbar styling (#32117 by @vmstan)
• Add hover cards to follow suggestions (#33749 by @ClearlyClaire)
• Add t hotkey for post translations (#33441 by @ClearlyClaire)
• Add timestamp to all announcements in Web UI (#18329 by @ClearlyClaire)
• Add dropdown menu with quick actions to lists of accounts in web UI (#34391, #34709, and #34767 by @Gargron, @diondiondion, and @mkljczk)
• Add support for displaying “year in review” notification in web UI (#32710, #32765, #32709, #32807, #32914, #33148, and #33882 by @Gargron and @mjankowski)
  Note that the notification is currently not generated automatically, and at the moment requires a manual undocumented administrator action.
• Add experimental support for receiving HTTP Message Signatures (RFC9421) (#34814, #35033, #35109 and #35278 by @oneiros)
  For now, this needs to be explicitly enabled th...

Changelog

Changed

• Change passthrough video processing to emit moov atom at start of video (#34726 by @ClearlyClaire)

Fixed

• Fix NoMethodError in edge case of emoji cache handling (#34749 by @dariusk)
• Fix error when viewing statuses to deleted replies in moderation view (#32986 by @ClearlyClaire)
• Fix search operators sometimes getting lost (#35190 by @ClearlyClaire)
• Fix “Alt text” button submitting form in moderation interface (#35147 by @ClearlyClaire)
• Fix handling of remote attachments with multiple media types (#34996 by @ClearlyClaire)
• Fix blocked accounts not being automatically removed from trending statuses (#34891 by @ClearlyClaire)
• Fix inconsistent filtering of silenced accounts for other silenced accounts (#34863 by @ClearlyClaire)
• Fix handling of inlined featured collections in ActivityPub actor objects (#34789 and #34811 by @ClearlyClaire)
• Fix admin dashboard crash on specific Elasticsearch connection errors (#34683 by @ClearlyClaire)
• Fix OIDC account creation failing for long display names (#34639 by @defnull)
• Fix /share not using server-set characters limit (#33459 by @kescherCode)
• Fix wrong video dimensions for some rotated videos (#33008 and #33261 by @Gargron and @tribela)
• Fix missing autofocus on boost modal (#32953 by @tribela)

Upgrade notes

To get the code for v4.3.9, use git fetch && git checkout v4.3.9.

Dependencies

External dependencies have not changed since v4.3.0, the compatible Ruby, PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:

• Ruby: 3.1 or newer
• PostgreSQL: 12 or newer. PostgreSQL versions 14.0 to 14.3 are not supported as they contain a critical data-corruption bug (see v4.3.0 release notes)
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 4 or newer
• Node: 18 or newer
• ImageMagick (optional if using libvips): 6.9.7-7 or newer
• libvips (optional, instead of ImageMagick): 8.13 or newer

Update steps

The following instructions are for updating from 4.3.8.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, please read the v4.3.0 release notes, as there have been multiple important changes.

Non-docker

1. Install dependencies with bundle install
2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
3. Restart all Mastodon processes.

When using docker

1. Restart all Mastodon processes.

Changelog

Changed

• Change passthrough video processing to emit moov atom at start of video (#34726 by @ClearlyClaire)

Fixed

• Fix NoMethodError in edge case of emoji cache handling (#34749 by @dariusk)
• Fix error when viewing statuses to deleted replies in moderation view (#32986 by @ClearlyClaire)
• Fix search operators sometimes getting lost (#35190 by @ClearlyClaire)
• Fix handling of remote attachments with multiple media types (#34996 by @ClearlyClaire)
• Fix inconsistent filtering of silenced accounts for other silenced accounts (#34863 by @ClearlyClaire)
• Fix handling of inlined featured collections in ActivityPub actor objects (#34789 and #34811 by @ClearlyClaire)
• Fix admin dashboard crash on specific Elasticsearch connection errors (#34683 by @ClearlyClaire)
• Fix OIDC account creation failing for long display names (#34639 by @defnull)
• Fix /share not using server-set characters limit (#33459 by @kescherCode)
• Fix wrong video dimensions for some rotated videos (#33008 and #33261 by @Gargron and @tribela)

Upgrade notes

To get the code for v4.2.22, use git fetch && git checkout v4.2.22.

Dependencies

The minimum supported Ruby version has been bumped from 3.0 to 3.1 in Mastodon v4.2.17. Otherwise, external dependencies have not changed since v4.2.4, the compatible PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:

• Ruby: 3.1 to 3.3
• PostgreSQL: 10 or newer
• Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
• LibreTranslate (optional, for translations): 1.3.3 or newer
• Redis: 4 or newer
• Node: 16 or newer
• ImageMagick: 6.9.7-7 or newer

Update steps

The following instructions are for updating from 4.2.21.

If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations.

Non-Docker only:

1. Install dependencies: bundle install
2. Precompile the assets: RAILS_ENV=production bundle exec rails assets:precompile
3. Restart all Mastodon processes

Using Docker:

1. Restart all Mastodon processes