Warning
This includes important security fixes for everyone using SAML single-sign-on.
Corresponding releases are available for the 4.2.x branch and the 4.1.x branch.
Changelog
Security
- Update dependencies
Fixed
- Fix Stoplight errors when using
REDIS_NAMESPACE(#34126 by @ClearlyClaire)
Upgrade notes
To get the code for v4.3.6, use git fetch && git checkout v4.3.6.
Note
As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump
Dependencies
External dependencies have not changed since v4.3.0, the compatible Ruby, PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:
- Ruby: 3.1 or newer
- PostgreSQL: 12 or newer. PostgreSQL versions 14.0 to 14.3 are not supported as they contain a critical data-corruption bug (see v4.3.0 release notes)
- Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
- LibreTranslate (optional, for translations): 1.3.3 or newer
- Redis: 4 or newer
- Node: 18 or newer
- ImageMagick (optional if using libvips): 6.9.7-7 or newer
- libvips (optional, instead of ImageMagick): 8.13 or newer
Update steps
The following instructions are for updating from 4.3.5.
If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, please read the v4.3.0 release notes, as there have been multiple important changes.
Non-docker
Tip
The charlock_holmes gem may fail to build on some systems with recent versions of gcc.
If you run into such an issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install.
- Install dependencies with
bundle install - Restart all Mastodon processes.
When using docker
- Restart all Mastodon processes.