From 34ffab2707e7f80406e31078f2fdce5b754a5657 Mon Sep 17 00:00:00 2001
From: Eliot Berriot <contact@eliotberriot.com>
Date: Fri, 4 Oct 2019 10:42:33 +0200
Subject: [PATCH] Version bump and changelog for 0.20
---
CHANGELOG | 325 ++++++++++++++++++
api/funkwhale_api/__init__.py | 2 +-
changes/changelog.d/261.feature | 1 -
changes/changelog.d/432.feature | 1 -
changes/changelog.d/548.enhancement | 1 -
changes/changelog.d/661.enhancement | 1 -
changes/changelog.d/710.add-track-dropdown | 1 -
.../710.make-album-cards-independent | 1 -
changes/changelog.d/756.feature | 1 -
changes/changelog.d/761.enhancement | 1 -
changes/changelog.d/834.enhancement | 1 -
changes/changelog.d/839.feature | 1 -
changes/changelog.d/844.enhancement | 1 -
changes/changelog.d/845.enhancement | 1 -
changes/changelog.d/846.bugfix | 1 -
changes/changelog.d/852.feature | 1 -
changes/changelog.d/853.feature | 1 -
changes/changelog.d/854.enhancement | 1 -
changes/changelog.d/862.enhancement | 1 -
changes/changelog.d/865.bugfix | 1 -
changes/changelog.d/866.enhancement | 1 -
changes/changelog.d/867.bugfix | 1 -
changes/changelog.d/871.bugfix | 1 -
changes/changelog.d/872.feature | 1 -
changes/changelog.d/873.enhancement | 1 -
changes/changelog.d/875.bugfix | 1 -
changes/changelog.d/877.enhancement | 1 -
changes/changelog.d/878.enhancement | 1 -
changes/changelog.d/879.feature | 1 -
changes/changelog.d/880.enhancement | 1 -
changes/changelog.d/883.enhancement | 1 -
changes/changelog.d/890.feature | 1 -
.../changelog.d/892.add.placeholder.widget | 1 -
changes/changelog.d/893.bugfix | 1 -
changes/changelog.d/895.enhancement | 1 -
changes/changelog.d/897.bugfix | 1 -
changes/changelog.d/898.enhancement | 1 -
changes/changelog.d/902.bugfix | 1 -
changes/changelog.d/903.enhancement | 1 -
changes/changelog.d/904.bugfix | 1 -
changes/changelog.d/912.bugfix | 1 -
changes/changelog.d/913.bugfix | 1 -
changes/changelog.d/924.bugfix | 1 -
changes/changelog.d/932.bugfix | 1 -
changes/changelog.d/fomentic.enhancement | 1 -
changes/changelog.d/imports-small.bugfix | 1 -
changes/changelog.d/jwt.enhancement | 1 -
changes/changelog.d/locale.bugfix | 1 -
changes/changelog.d/opus-cover.bugfix | 1 -
.../changelog.d/playlist-embed.enhancement | 1 -
changes/changelog.d/purgecss.enhancement | 1 -
changes/changelog.d/refetch.enhancement | 1 -
.../changelog.d/search-results.enhancement | 1 -
changes/changelog.d/ssl.bugfix | 1 -
changes/notes.rst | 223 ------------
55 files changed, 326 insertions(+), 276 deletions(-)
delete mode 100644 changes/changelog.d/261.feature
delete mode 100644 changes/changelog.d/432.feature
delete mode 100644 changes/changelog.d/548.enhancement
delete mode 100644 changes/changelog.d/661.enhancement
delete mode 100644 changes/changelog.d/710.add-track-dropdown
delete mode 100644 changes/changelog.d/710.make-album-cards-independent
delete mode 100644 changes/changelog.d/756.feature
delete mode 100644 changes/changelog.d/761.enhancement
delete mode 100644 changes/changelog.d/834.enhancement
delete mode 100644 changes/changelog.d/839.feature
delete mode 100644 changes/changelog.d/844.enhancement
delete mode 100644 changes/changelog.d/845.enhancement
delete mode 100644 changes/changelog.d/846.bugfix
delete mode 100644 changes/changelog.d/852.feature
delete mode 100644 changes/changelog.d/853.feature
delete mode 100644 changes/changelog.d/854.enhancement
delete mode 100644 changes/changelog.d/862.enhancement
delete mode 100644 changes/changelog.d/865.bugfix
delete mode 100644 changes/changelog.d/866.enhancement
delete mode 100644 changes/changelog.d/867.bugfix
delete mode 100644 changes/changelog.d/871.bugfix
delete mode 100644 changes/changelog.d/872.feature
delete mode 100644 changes/changelog.d/873.enhancement
delete mode 100644 changes/changelog.d/875.bugfix
delete mode 100644 changes/changelog.d/877.enhancement
delete mode 100644 changes/changelog.d/878.enhancement
delete mode 100644 changes/changelog.d/879.feature
delete mode 100644 changes/changelog.d/880.enhancement
delete mode 100644 changes/changelog.d/883.enhancement
delete mode 100644 changes/changelog.d/890.feature
delete mode 100644 changes/changelog.d/892.add.placeholder.widget
delete mode 100644 changes/changelog.d/893.bugfix
delete mode 100644 changes/changelog.d/895.enhancement
delete mode 100644 changes/changelog.d/897.bugfix
delete mode 100644 changes/changelog.d/898.enhancement
delete mode 100644 changes/changelog.d/902.bugfix
delete mode 100644 changes/changelog.d/903.enhancement
delete mode 100644 changes/changelog.d/904.bugfix
delete mode 100644 changes/changelog.d/912.bugfix
delete mode 100644 changes/changelog.d/913.bugfix
delete mode 100644 changes/changelog.d/924.bugfix
delete mode 100644 changes/changelog.d/932.bugfix
delete mode 100644 changes/changelog.d/fomentic.enhancement
delete mode 100644 changes/changelog.d/imports-small.bugfix
delete mode 100644 changes/changelog.d/jwt.enhancement
delete mode 100644 changes/changelog.d/locale.bugfix
delete mode 100644 changes/changelog.d/opus-cover.bugfix
delete mode 100644 changes/changelog.d/playlist-embed.enhancement
delete mode 100644 changes/changelog.d/purgecss.enhancement
delete mode 100644 changes/changelog.d/refetch.enhancement
delete mode 100644 changes/changelog.d/search-results.enhancement
delete mode 100644 changes/changelog.d/ssl.bugfix
diff --git a/CHANGELOG b/CHANGELOG
index 731f0745ce..afa49472da 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -10,6 +10,331 @@ This changelog is viewable on the web at https://docs.funkwhale.audio/changelog.
.. towncrier
+0.20 (2019-10-04)
+-----------------
+
+Upgrade instructions are available at
+https://docs.funkwhale.audio/index.html
+
+
+Support for genres via tags
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+One of our most requested missing features is now available!
+
+Starting with Funkwhale 0.20,
+Funkwhale will automatically extract genre information from uploaded files and associate it
+with the corresponding tracks in the form of tags (similar to Mastodon or Twitter hashtags).
+Please refer to `our tagging documentation <https://docs.funkwhale.audio/users/upload.html#tagging-files>`_
+for more information regarding the tagging process.
+
+Tags can also be associated with artists and albums, and updated after upload through the UI using
+the edit system released in Funkwhale 0.19. Tags are also fetched when retrieving content
+via federation.
+
+Tags are used in various places to enhance user experience:
+
+- Tags are listed on tracks, albums and artist profiles
+- Each tag has a dedicated page were you can browse corresponding content and quickly start a radio
+- The custom radio builder now supports using tags
+- Subsonic apps that support genres - such as DSub or Ultrasonic - should display this information as well
+
+If you are a pod admin and want to extract tags from already uploaded content, you run `this snippet <https://dev.funkwhale.audio/funkwhale/funkwhale/snippets/43>`_
+and `this snippet <https://dev.funkwhale.audio/funkwhale/funkwhale/snippets/44>`_ in a ``python manage.py shell``.
+
+Content and account reports
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+It is now possible to report content, such as artists, tracks or libraries, as well as user accounts. Such reports are forwarded to the pod moderators,
+who can review it and delete reported content, block accounts or take any other action they deem necessary.
+
+By default, both anonymous and authenticated users can submit these reports. This makes sure moderators can receive and handle
+takedown requests and other reports for illegal content that may be sent by third-parties without an account on the pod. However,
+you can disable anonymous reports completely via your pod settings.
+
+Federation of the reports will be supported in a future release.
+
+For more information about this feature, please check out our documentation:
+
+- `User documentation <https://docs.funkwhale.audio/moderator/reports.html>`_
+- `Moderator documentation <https://docs.funkwhale.audio/users/reports.html>`_
+
+Account deletion
+^^^^^^^^^^^^^^^^
+
+Users can now delete their account themselves, without involving an administrator.
+
+The deletion process will remove any local data and objects associated with the account,
+but the username won't be able to new users to avoid impersonation. Deletion is also broadcasted
+to other known servers on the federation.
+
+For more information about this feature, please check out our documentation:
+
+- `User documentation <https://docs.funkwhale.audio/users/account.html>`_
+
+Landing and about page redesign [Manual action suggested]
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+In this release, we've completely redesigned the landing and about page, by making it more useful and adapted to your pod
+configuration. Among other things, the landing page will now include:
+
+- your pod and an excerpt from your pod's description
+- your pod banner image, if any
+- your contact email, if any
+- the login form
+- the signup form (if registrations are open on your pod)
+- some basic statistics about your pod
+- a widget including recently uploaded albums, if anonymous access is enabled
+
+The landing page will still include some information about Funkwhale, but in a less intrusive and proeminent way than before.
+
+Additionally, the about page now includes:
+
+- your pod name, description, rules and terms
+- your pod banner image, if any
+- your contact email, if any
+- comprehensive statistics about your pod
+- some info about your pod configuration, such as registration and federation status or the default upload quota for new users
+
+With this redesign, we've added a handful of additional pod settings:
+
+- Pod banner image
+- Contact email
+- Rules
+- Terms of service
+
+We recommend taking a few moments to fill these accordingly to your needs, by visiting ``/manage/settings``.
+
+Allow-list to restrict federation to trusted domains
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The Allow-Listing feature grants pod moderators
+and administrators greater control over federation
+by allowing you to create a pod-wide allow-list.
+
+When allow-listing is enabled, your pod's users will only
+be able to interact with pods included in the allow-list.
+Any messages, activity, uploads, or modifications to
+libraries and playlists will only be shared with pods
+on the allow-list. Pods which are not included in the
+allow-list will not have access to your pod's content
+or messages and will not be able to send anything to
+your pod.
+
+If you want to enable this feature on your pod, or learn more, please refer to `our documentation <https://docs.funkwhale.audio/moderator/listing.html>`_!
+
+Periodic message to incite people to support their pod and Funkwhale
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Users will now be reminded on a regular basis that they can help Funkwhale by donating or contributing.
+
+If specified by the pod admin, a separate and custom message will also be displayed in a similar way to provide instructions and links to support the pod.
+
+Both messages will appear for the first time 15 days after signup, in the notifications tab. For each message, users can schedule a reminder for a later time, or disable the messages entirely.
+
+
+Replaced Daphne by Gunicorn/Uvicorn [manual action required, non-docker only]
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+To improve the performance, stability and reliability of Funkwhale's web processes,
+we now recommend using Gunicorn and Uvicorn instead of Daphne. This combination unlock new use cases such as:
+
+- zero-downtime upgrades
+- configurable number of web worker processes
+
+Based on our benchmarks, Gunicorn/Unicorn is also faster and more stable under higher workloads compared to Daphne.
+
+To benefit from this enhancement on existing instances, you need to add ``FUNKWHALE_WEB_WORKERS=1`` in your ``.env`` file
+(use a higher number if you want to have more web worker processes).
+
+Then, edit your ``/etc/systemd/system/funkwhale-server.service`` and replace the ``ExecStart=`` line with
+``ExecStart=/srv/funkwhale/virtualenv/bin/gunicorn config.asgi:application -w ${FUNKWHALE_WEB_WORKERS} -k uvicorn.workers.UvicornWorker -b ${FUNKWHALE_API_IP}:${FUNKWHALE_API_PORT}``
+
+Then reload the configuration change with ``sudo systemctl daemon-reload`` and ``sudo systemctl restart funkwhale-server``.
+
+
+Content-Security-Policy and additional security headers [manual action suggested]
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+To improve the security and reduce the attack surface in case of a successfull exploit, we suggest
+you add the following Content-Security-Policy to your nginx configuration.
+
+..note::
+
+ If you are using an S3-compatible store to serve music, you will need to specify the URL of your S3 store in the ``media-src`` and ``img-src`` headers
+
+ .. code-block::
+
+ add_header Content-Security-Policy "...img-src 'self' https://<your-s3-URL> data:;...media-src https://<your-s3-URL> 'self' data:";
+
+**On non-docker setups**, in ``/etc/nginx/sites-available/funkwhale.conf``::
+
+ server {
+
+ add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
+ add_header Referrer-Policy "strict-origin-when-cross-origin";
+
+ location /front/ {
+ add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
+ add_header Referrer-Policy "strict-origin-when-cross-origin";
+ add_header X-Frame-Options "SAMEORIGIN";
+ # … existing content here
+ }
+
+ # Also create a new location for the embeds to ensure external iframes work
+ # Simply copy-paste the /front/ location, but replace the following lines:
+ location /front/embed.html {
+ add_header X-Frame-Options "ALLOW";
+ alias ${FUNKWHALE_FRONTEND_PATH}/embed.html;
+ }
+ }
+
+Then reload nginx with ``systemctl reload nginx``.
+
+**On docker setups**, in ``/srv/funkwhalenginx/funkwhale.template``::
+
+ server {
+
+ add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
+ add_header Referrer-Policy "strict-origin-when-cross-origin";
+
+ location /front/ {
+ add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
+ add_header Referrer-Policy "strict-origin-when-cross-origin";
+ add_header X-Frame-Options "SAMEORIGIN";
+ # … existing content here
+ }
+
+ # Also create a new location for the embeds to ensure external iframes work
+ # Simply copy-paste the /front/ location, but replace the following lines:
+ location /front/embed.html {
+ add_header X-Frame-Options "ALLOW";
+ alias /frontent/embed.html;
+ }
+ }
+
+Then reload nginx with ``docker-compose restart nginx``.
+
+Rate limiting
+^^^^^^^^^^^^^
+
+With this release, rate-limiting on the API is enabled by default, with high enough limits to ensure
+regular users of the app aren't affected. Requests beyond allowed limits are answered with a 429 HTTP error.
+
+For anonymous requests, the limit is applied to the IP adress of the client, and for authenticated requests, the limit
+is applied to the corresponding user account. By default, anonymous requests get a lower limit than authenticated requests.
+
+You can disable the rate-limiting feature by adding `THROTTLING_ENABLED=false` to your ``.env`` file and restarting the
+services. If you are using the Funkwhale API in your project or app and want to know more about the limits, please consult https://docs.funkwhale.audio/swagger/.
+
+Broken audio streaming when using S3/Minio and DSub [manual action required]
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Some Subsonic clients, such as DSub, are sending an Authorization headers which was forwarded
+to the S3 storage when streaming, causing some issues. If you are using S3 or a compatible storage
+such as Minio, please add the following in your nginx ``~ /_protected/media/(.+)`` location::
+
+ # Needed to ensure DSub auth isn't forwarded to S3/Minio, see #932
+ proxy_set_header Authorization "";
+
+And reload your nginx process.
+
+Detail
+^^^^^^
+
+Features:
+
+- Added periodical message to incite people to support their pod and Funkwhale (#839)
+- Admins can now add custom CSS from their pod settings (#879)
+- Allow-list to restrict federation to trusted domains (#853)
+- Content and account reports (#890)
+- Dark theme (#756)
+- Enforce a configurable rate limit on the API to mitigate abuse (#261)
+- Redesign of the landing and about pages (#872)
+- Support for genres, via tags (#432)
+- Users can now delete their account without admin intervention (#852)
+
+
+Enhancements:
+
+- Added a info message on embed wizard when anonymous access to content is disabled (#878)
+- Added Catalan translation files
+- Added Czech translation (#844)
+- Added field to manage user upload quota in Django backend (#903)
+- Added the option to replace the queue's current contents with a selected album or track (#761)
+- Artists with no albums will now show track count on artist card (#895)
+- Ensure API urls answer with and without a trailing slash (#877)
+- Hardcoded list of supported browsers to avoid unexpected regressions (#854)
+- Hardened security thanks to CSP and additional HTTP headers (#880)
+- Improve display of search results by including artist and album data
+- Increase the security of JWT token generation by using DJANGO_SECRET_KEY as well as user-specific salt for the signature
+- Mods can now change a library visibility through the admin UI (#548)
+- New keyboard shortcuts added for enhanced control over audio player (#866)
+- Now refetch remote ActivityPub artists, albums and tracks to avoid local stale data
+- Numbers on the stats page will now be formatted in a human readable way and will update with the locale (#873)
+- Pickup folder.png and folder.jpg files for cover art when importing from CLI (#898)
+- Prevent usage of too weak passwords (#883)
+- Reduced CSS size by 30% using purgecss
+- Replaced Daphne by Gunicorn/Uvicorn to improve stability, flexibility and performance (#862)
+- Simplified embedded docker reverse proxy IP configuration (#834)
+- Support embeds on public playlists
+- Support for M4A/AAC files (#661)
+- Switched from Semantic-UI to Fomentic-UI
+- Add dropdown menu to track table (#531)
+- Display placeholder on homepage when there are no playlists (#892)
+- Make album cards height independent (#710)
+
+
+Bugfixes:
+
+- Added context strings to en_GB translations so that picking the language changes the interface as expected
+- Ensure selected locale is not reset to browser default when refreshing app
+- Fix missing license information on track details page (#913)
+- Fix regression to quota bar color (#897)
+- Fixed a responsive display issues on 1024px wide screens (#904)
+- Fixed album art not being retrieved from Ogg/Opus files
+- Fixed broken embedded player layout after dependency update (#875)
+- Fixed broken external HTTPS request under some scenarios, because of missing PyOpenSSL
+- Fixed broken less listened radio (#912)
+- Fixed broken URL to artist and album on album and track pages (#871)
+- Fixed empty contentType causing client crash in some Subsonic payloads (#893)
+- Fixed import crashing with empty cover file or too long values on some fields
+- Fixed in-place imported files not playing under nginx when filename contains ? or % (#924)
+- Fixed remaining transcoding issue with Subsonic API (#867)
+- Fixed search usability issue when browsing artists, albums, radios and playlists (#902)
+- Improved performance of /artists, /albums and /tracks API endpoints by a factor 2 (#865)
+- Updated docs to ensure streaming works when using Minio/S3 and DSub (#932)
+
+Contributors to this release (translation, development, documentation, reviews, design):
+
+- Amaranthe
+- ButterflyOfFire
+- Ciarán Ainsworth
+- Eliot Berriot
+- Esteban
+- Francesc GalÃ
+- Freyja Wildes
+- hellekin
+- IISergII
+- jiri-novacek
+- Johannes H.
+- Keunes
+- Koen
+- Manuel Cortez
+- Mehdi
+- Mélanie Chauvel
+- nouts
+- QuentÃ
+- Reg
+- Rodrigo Leite
+- Romain Failliot
+- SpcCw
+- Sylke Vicious
+- Tobias Reisinger
+- Xaloc
+- Xosé M
+
+
0.19.1 (2019-06-28)
-------------------
diff --git a/api/funkwhale_api/__init__.py b/api/funkwhale_api/__init__.py
index 655fc99052..8f0e0937d8 100644
--- a/api/funkwhale_api/__init__.py
+++ b/api/funkwhale_api/__init__.py
@@ -1,5 +1,5 @@
# -*- coding: utf-8 -*-
-__version__ = "0.20.0-rc1"
+__version__ = "0.20.0"
__version_info__ = tuple(
[
int(num) if num.isdigit() else num
diff --git a/changes/changelog.d/261.feature b/changes/changelog.d/261.feature
deleted file mode 100644
index 8d5e7139b8..0000000000
--- a/changes/changelog.d/261.feature
+++ /dev/null
@@ -1 +0,0 @@
-Enforce a configurable rate limit on the API to mitigate abuse (#261)
diff --git a/changes/changelog.d/432.feature b/changes/changelog.d/432.feature
deleted file mode 100644
index 75017106a3..0000000000
--- a/changes/changelog.d/432.feature
+++ /dev/null
@@ -1 +0,0 @@
-Support for genres, via tags (#432)
diff --git a/changes/changelog.d/548.enhancement b/changes/changelog.d/548.enhancement
deleted file mode 100644
index 99cd04941f..0000000000
--- a/changes/changelog.d/548.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Mods can now change a library visibility through the admin UI (#548)
diff --git a/changes/changelog.d/661.enhancement b/changes/changelog.d/661.enhancement
deleted file mode 100644
index 38553fbfa2..0000000000
--- a/changes/changelog.d/661.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Support for M4A/AAC files (#661)
diff --git a/changes/changelog.d/710.add-track-dropdown b/changes/changelog.d/710.add-track-dropdown
deleted file mode 100644
index b82cf92ea8..0000000000
--- a/changes/changelog.d/710.add-track-dropdown
+++ /dev/null
@@ -1 +0,0 @@
-Add dropdown menu to track table (#531)
diff --git a/changes/changelog.d/710.make-album-cards-independent b/changes/changelog.d/710.make-album-cards-independent
deleted file mode 100644
index 49cfd42484..0000000000
--- a/changes/changelog.d/710.make-album-cards-independent
+++ /dev/null
@@ -1 +0,0 @@
-Make album cards height independent (#710)
diff --git a/changes/changelog.d/756.feature b/changes/changelog.d/756.feature
deleted file mode 100644
index 402b0e589f..0000000000
--- a/changes/changelog.d/756.feature
+++ /dev/null
@@ -1 +0,0 @@
-Dark theme (#756)
diff --git a/changes/changelog.d/761.enhancement b/changes/changelog.d/761.enhancement
deleted file mode 100644
index 005e9156dc..0000000000
--- a/changes/changelog.d/761.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Added the option to replace the queue's current contents with a selected album or track (#761)
\ No newline at end of file
diff --git a/changes/changelog.d/834.enhancement b/changes/changelog.d/834.enhancement
deleted file mode 100644
index 58ab1161e5..0000000000
--- a/changes/changelog.d/834.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Simplified embedded docker reverse proxy IP configuration (#834)
diff --git a/changes/changelog.d/839.feature b/changes/changelog.d/839.feature
deleted file mode 100644
index 7f72f000c1..0000000000
--- a/changes/changelog.d/839.feature
+++ /dev/null
@@ -1 +0,0 @@
-Added periodical message to incite people to support their pod and Funkwhale (#839)
diff --git a/changes/changelog.d/844.enhancement b/changes/changelog.d/844.enhancement
deleted file mode 100644
index cf036b8736..0000000000
--- a/changes/changelog.d/844.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Added Czech translation (#844)
diff --git a/changes/changelog.d/845.enhancement b/changes/changelog.d/845.enhancement
deleted file mode 100644
index 021e937feb..0000000000
--- a/changes/changelog.d/845.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Added Catalan translation files
diff --git a/changes/changelog.d/846.bugfix b/changes/changelog.d/846.bugfix
deleted file mode 100644
index a279c90e4c..0000000000
--- a/changes/changelog.d/846.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Added context strings to en_GB translations so that picking the language changes the interface as expected
diff --git a/changes/changelog.d/852.feature b/changes/changelog.d/852.feature
deleted file mode 100644
index 3ce6f96bec..0000000000
--- a/changes/changelog.d/852.feature
+++ /dev/null
@@ -1 +0,0 @@
-Users can now delete their account without admin intervention (#852)
diff --git a/changes/changelog.d/853.feature b/changes/changelog.d/853.feature
deleted file mode 100644
index 60b8ec2bc2..0000000000
--- a/changes/changelog.d/853.feature
+++ /dev/null
@@ -1 +0,0 @@
-Allow-list to restrict federation to trusted domains (#853)
diff --git a/changes/changelog.d/854.enhancement b/changes/changelog.d/854.enhancement
deleted file mode 100644
index f5e7807169..0000000000
--- a/changes/changelog.d/854.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Hardcoded list of supported browsers to avoid unexpected regressions (#854)
diff --git a/changes/changelog.d/862.enhancement b/changes/changelog.d/862.enhancement
deleted file mode 100644
index 1020083dbc..0000000000
--- a/changes/changelog.d/862.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Replaced Daphne by Gunicorn/Uvicorn to improve stability, flexibility and performance (#862)
diff --git a/changes/changelog.d/865.bugfix b/changes/changelog.d/865.bugfix
deleted file mode 100644
index 183530e0dc..0000000000
--- a/changes/changelog.d/865.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Improved performance of /artists, /albums and /tracks API endpoints by a factor 2 (#865)
diff --git a/changes/changelog.d/866.enhancement b/changes/changelog.d/866.enhancement
deleted file mode 100644
index 9ebbd52ddd..0000000000
--- a/changes/changelog.d/866.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-New keyboard shortcuts added for enhanced control over audio player (#866)
\ No newline at end of file
diff --git a/changes/changelog.d/867.bugfix b/changes/changelog.d/867.bugfix
deleted file mode 100644
index ab690cc167..0000000000
--- a/changes/changelog.d/867.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fixed remaining transcoding issue with Subsonic API (#867)
diff --git a/changes/changelog.d/871.bugfix b/changes/changelog.d/871.bugfix
deleted file mode 100644
index 153b45bfcc..0000000000
--- a/changes/changelog.d/871.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fixed broken URL to artist and album on album and track pages (#871)
diff --git a/changes/changelog.d/872.feature b/changes/changelog.d/872.feature
deleted file mode 100644
index 083601ecfb..0000000000
--- a/changes/changelog.d/872.feature
+++ /dev/null
@@ -1 +0,0 @@
-Redesign of the landing and about pages (#872)
diff --git a/changes/changelog.d/873.enhancement b/changes/changelog.d/873.enhancement
deleted file mode 100644
index fd8e3c3a10..0000000000
--- a/changes/changelog.d/873.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Numbers on the stats page will now be formatted in a human readable way and will update with the locale (#873)
diff --git a/changes/changelog.d/875.bugfix b/changes/changelog.d/875.bugfix
deleted file mode 100644
index 609d83f6c5..0000000000
--- a/changes/changelog.d/875.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fixed broken embedded player layout after dependency update (#875)
diff --git a/changes/changelog.d/877.enhancement b/changes/changelog.d/877.enhancement
deleted file mode 100644
index 8f65920c88..0000000000
--- a/changes/changelog.d/877.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Ensure API urls answer with and without a trailing slash (#877)
diff --git a/changes/changelog.d/878.enhancement b/changes/changelog.d/878.enhancement
deleted file mode 100644
index 9cad7bd5db..0000000000
--- a/changes/changelog.d/878.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Added a info message on embed wizard when anonymous access to content is disabled (#878)
diff --git a/changes/changelog.d/879.feature b/changes/changelog.d/879.feature
deleted file mode 100644
index 3763b1b585..0000000000
--- a/changes/changelog.d/879.feature
+++ /dev/null
@@ -1 +0,0 @@
-Admins can now add custom CSS from their pod settings (#879)
diff --git a/changes/changelog.d/880.enhancement b/changes/changelog.d/880.enhancement
deleted file mode 100644
index 58d308afab..0000000000
--- a/changes/changelog.d/880.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Hardened security thanks to CSP and additional HTTP headers (#880)
diff --git a/changes/changelog.d/883.enhancement b/changes/changelog.d/883.enhancement
deleted file mode 100644
index 00284a3093..0000000000
--- a/changes/changelog.d/883.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Prevent usage of too weak passwords (#883)
diff --git a/changes/changelog.d/890.feature b/changes/changelog.d/890.feature
deleted file mode 100644
index a72ae9363a..0000000000
--- a/changes/changelog.d/890.feature
+++ /dev/null
@@ -1 +0,0 @@
-Content and account reports (#890)
diff --git a/changes/changelog.d/892.add.placeholder.widget b/changes/changelog.d/892.add.placeholder.widget
deleted file mode 100644
index 31cf6e5b05..0000000000
--- a/changes/changelog.d/892.add.placeholder.widget
+++ /dev/null
@@ -1 +0,0 @@
-Display placeholder on homepage when there are no playlists (#892)
diff --git a/changes/changelog.d/893.bugfix b/changes/changelog.d/893.bugfix
deleted file mode 100644
index f37ae2a9b5..0000000000
--- a/changes/changelog.d/893.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fixed empty contentType causing client crash in some Subsonic payloads (#893)
diff --git a/changes/changelog.d/895.enhancement b/changes/changelog.d/895.enhancement
deleted file mode 100644
index d79abc598d..0000000000
--- a/changes/changelog.d/895.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Artists with no albums will now show track count on artist card (#895)
\ No newline at end of file
diff --git a/changes/changelog.d/897.bugfix b/changes/changelog.d/897.bugfix
deleted file mode 100644
index 8101cda4cf..0000000000
--- a/changes/changelog.d/897.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fix regression to quota bar color (#897)
\ No newline at end of file
diff --git a/changes/changelog.d/898.enhancement b/changes/changelog.d/898.enhancement
deleted file mode 100644
index 80476e4a3d..0000000000
--- a/changes/changelog.d/898.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Pickup folder.png and folder.jpg files for cover art when importing from CLI (#898)
diff --git a/changes/changelog.d/902.bugfix b/changes/changelog.d/902.bugfix
deleted file mode 100644
index afe2ade816..0000000000
--- a/changes/changelog.d/902.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fixed search usability issue when browsing artists, albums, radios and playlists (#902)
diff --git a/changes/changelog.d/903.enhancement b/changes/changelog.d/903.enhancement
deleted file mode 100644
index de170b2720..0000000000
--- a/changes/changelog.d/903.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Added field to manage user upload quota in Django backend (#903)
\ No newline at end of file
diff --git a/changes/changelog.d/904.bugfix b/changes/changelog.d/904.bugfix
deleted file mode 100644
index f4df441c73..0000000000
--- a/changes/changelog.d/904.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fixed a responsive display issues on 1024px wide screens (#904)
diff --git a/changes/changelog.d/912.bugfix b/changes/changelog.d/912.bugfix
deleted file mode 100644
index 67e2d01ad8..0000000000
--- a/changes/changelog.d/912.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fixed broken less listened radio (#912)
diff --git a/changes/changelog.d/913.bugfix b/changes/changelog.d/913.bugfix
deleted file mode 100644
index 83b24b52b0..0000000000
--- a/changes/changelog.d/913.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fix missing license information on track details page (#913)
\ No newline at end of file
diff --git a/changes/changelog.d/924.bugfix b/changes/changelog.d/924.bugfix
deleted file mode 100644
index c5986581a8..0000000000
--- a/changes/changelog.d/924.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fixed in-place imported files not playing under nginx when filename contains ? or % (#924)
diff --git a/changes/changelog.d/932.bugfix b/changes/changelog.d/932.bugfix
deleted file mode 100644
index 76b7c40f45..0000000000
--- a/changes/changelog.d/932.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Updated docs to ensure streaming works when using Minio/S3 and DSub (#932)
diff --git a/changes/changelog.d/fomentic.enhancement b/changes/changelog.d/fomentic.enhancement
deleted file mode 100644
index 0f6c4ad955..0000000000
--- a/changes/changelog.d/fomentic.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Switched from Semantic-UI to Fomentic-UI
diff --git a/changes/changelog.d/imports-small.bugfix b/changes/changelog.d/imports-small.bugfix
deleted file mode 100644
index aed6bb9024..0000000000
--- a/changes/changelog.d/imports-small.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fixed import crashing with empty cover file or too long values on some fields
diff --git a/changes/changelog.d/jwt.enhancement b/changes/changelog.d/jwt.enhancement
deleted file mode 100644
index 0ce222251e..0000000000
--- a/changes/changelog.d/jwt.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Increase the security of JWT token generation by using DJANGO_SECRET_KEY as well as user-specific salt for the signature
diff --git a/changes/changelog.d/locale.bugfix b/changes/changelog.d/locale.bugfix
deleted file mode 100644
index 5feeaa4c1a..0000000000
--- a/changes/changelog.d/locale.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Ensure selected locale is not reset to browser default when refreshing app
diff --git a/changes/changelog.d/opus-cover.bugfix b/changes/changelog.d/opus-cover.bugfix
deleted file mode 100644
index 648e280935..0000000000
--- a/changes/changelog.d/opus-cover.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fixed album art not being retrieved from Ogg/Opus files
diff --git a/changes/changelog.d/playlist-embed.enhancement b/changes/changelog.d/playlist-embed.enhancement
deleted file mode 100644
index 06c7477708..0000000000
--- a/changes/changelog.d/playlist-embed.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Support embeds on public playlists
diff --git a/changes/changelog.d/purgecss.enhancement b/changes/changelog.d/purgecss.enhancement
deleted file mode 100644
index f1c43b8e4f..0000000000
--- a/changes/changelog.d/purgecss.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Reduced CSS size by 30% using purgecss
diff --git a/changes/changelog.d/refetch.enhancement b/changes/changelog.d/refetch.enhancement
deleted file mode 100644
index f55facec8e..0000000000
--- a/changes/changelog.d/refetch.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Now refetch remote ActivityPub artists, albums and tracks to avoid local stale data
diff --git a/changes/changelog.d/search-results.enhancement b/changes/changelog.d/search-results.enhancement
deleted file mode 100644
index 7effe4c893..0000000000
--- a/changes/changelog.d/search-results.enhancement
+++ /dev/null
@@ -1 +0,0 @@
-Improve display of search results by including artist and album data
diff --git a/changes/changelog.d/ssl.bugfix b/changes/changelog.d/ssl.bugfix
deleted file mode 100644
index ab5d5a7d32..0000000000
--- a/changes/changelog.d/ssl.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fixed broken external HTTPS request under some scenarios, because of missing PyOpenSSL
diff --git a/changes/notes.rst b/changes/notes.rst
index 8477649411..96ac3d7651 100644
--- a/changes/notes.rst
+++ b/changes/notes.rst
@@ -5,226 +5,3 @@ Next release notes
Those release notes refer to the current development branch and are reset
after each release.
-
-
-Support for genres via tags
-^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-One of our most requested missing features is now available!
-
-Starting with Funkwhale 0.20,
-Funkwhale will automatically extract genre information from uploaded files and associate it
-with the corresponding tracks in the form of tags (similar to Mastodon or Twitter hashtags).
-Please refer to `our tagging documentation <https://docs.funkwhale.audio/users/upload.html#tagging-files>`_
-for more information regarding the tagging process.
-
-Tags can also be associated with artists and albums, and updated after upload through the UI using
-the edit system released in Funkwhale 0.19. Tags are also fetched when retrieving content
-via federation.
-
-Tags are used in various places to enhance user experience:
-
-- Tags are listed on tracks, albums and artist profiles
-- Each tag has a dedicated page were you can browse corresponding content and quickly start a radio
-- The custom radio builder now supports using tags
-- Subsonic apps that support genres - such as DSub or Ultrasonic - should display this information as well
-
-If you are a pod admin and want to extract tags from already uploaded content, you run `this snippet <https://dev.funkwhale.audio/funkwhale/funkwhale/snippets/43>`_
-and `this snippet <https://dev.funkwhale.audio/funkwhale/funkwhale/snippets/44>`_ in a ``python manage.py shell``.
-
-Content and account reports
-^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-It is now possible to report content, such as artists, tracks or libraries, as well as user accounts. Such reports are forwarded to the pod moderators,
-who can review it and delete reported content, block accounts or take any other action they deem necessary.
-
-By default, both anonymous and authenticated users can submit these reports. This makes sure moderators can receive and handle
-takedown requests and other reports for illegal content that may be sent by third-parties without an account on the pod. However,
-you can disable anonymous reports completely via your pod settings.
-
-Federation of the reports will be supported in a future release.
-
-For more information about this feature, please check out our documentation:
-
-- `User documentation <https://docs.funkwhale.audio/moderator/reports.html>`_
-- `Moderator documentation <https://docs.funkwhale.audio/users/reports.html>`_
-
-Account deletion
-^^^^^^^^^^^^^^^^
-
-Users can now delete their account themselves, without involving an administrator.
-
-The deletion process will remove any local data and objects associated with the account,
-but the username won't be able to new users to avoid impersonation. Deletion is also broadcasted
-to other known servers on the federation.
-
-For more information about this feature, please check out our documentation:
-
-- `User documentation <https://docs.funkwhale.audio/users/account.html>`_
-
-Landing and about page redesign [Manual action suggested]
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-In this release, we've completely redesigned the landing and about page, by making it more useful and adapted to your pod
-configuration. Among other things, the landing page will now include:
-
-- your pod and an excerpt from your pod's description
-- your pod banner image, if any
-- your contact email, if any
-- the login form
-- the signup form (if registrations are open on your pod)
-- some basic statistics about your pod
-- a widget including recently uploaded albums, if anonymous access is enabled
-
-The landing page will still include some information about Funkwhale, but in a less intrusive and proeminent way than before.
-
-Additionally, the about page now includes:
-
-- your pod name, description, rules and terms
-- your pod banner image, if any
-- your contact email, if any
-- comprehensive statistics about your pod
-- some info about your pod configuration, such as registration and federation status or the default upload quota for new users
-
-With this redesign, we've added a handful of additional pod settings:
-
-- Pod banner image
-- Contact email
-- Rules
-- Terms of service
-
-We recommend taking a few moments to fill these accordingly to your needs, by visiting ``/manage/settings``.
-
-Allow-list to restrict federation to trusted domains
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-The Allow-Listing feature grants pod moderators
-and administrators greater control over federation
-by allowing you to create a pod-wide allow-list.
-
-When allow-listing is enabled, your pod's users will only
-be able to interact with pods included in the allow-list.
-Any messages, activity, uploads, or modifications to
-libraries and playlists will only be shared with pods
-on the allow-list. Pods which are not included in the
-allow-list will not have access to your pod's content
-or messages and will not be able to send anything to
-your pod.
-
-If you want to enable this feature on your pod, or learn more, please refer to `our documentation <https://docs.funkwhale.audio/moderator/listing.html>`_!
-
-Periodic message to incite people to support their pod and Funkwhale
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Users will now be reminded on a regular basis that they can help Funkwhale by donating or contributing.
-
-If specified by the pod admin, a separate and custom message will also be displayed in a similar way to provide instructions and links to support the pod.
-
-Both messages will appear for the first time 15 days after signup, in the notifications tab. For each message, users can schedule a reminder for a later time, or disable the messages entirely.
-
-
-Replaced Daphne by Gunicorn/Uvicorn [manual action required, non-docker only]
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-To improve the performance, stability and reliability of Funkwhale's web processes,
-we now recommend using Gunicorn and Uvicorn instead of Daphne. This combination unlock new use cases such as:
-
-- zero-downtime upgrades
-- configurable number of web worker processes
-
-Based on our benchmarks, Gunicorn/Unicorn is also faster and more stable under higher workloads compared to Daphne.
-
-To benefit from this enhancement on existing instances, you need to add ``FUNKWHALE_WEB_WORKERS=1`` in your ``.env`` file
-(use a higher number if you want to have more web worker processes).
-
-Then, edit your ``/etc/systemd/system/funkwhale-server.service`` and replace the ``ExecStart=`` line with
-``ExecStart=/srv/funkwhale/virtualenv/bin/gunicorn config.asgi:application -w ${FUNKWHALE_WEB_WORKERS} -k uvicorn.workers.UvicornWorker -b ${FUNKWHALE_API_IP}:${FUNKWHALE_API_PORT}``
-
-Then reload the configuration change with ``sudo systemctl daemon-reload`` and ``sudo systemctl restart funkwhale-server``.
-
-
-Content-Security-Policy and additional security headers [manual action suggested]
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-To improve the security and reduce the attack surface in case of a successfull exploit, we suggest
-you add the following Content-Security-Policy to your nginx configuration.
-
-..note::
-
- If you are using an S3-compatible store to serve music, you will need to specify the URL of your S3 store in the ``media-src`` and ``img-src`` headers
-
- .. code-block::
-
- add_header Content-Security-Policy "...img-src 'self' https://<your-s3-URL> data:;...media-src https://<your-s3-URL> 'self' data:";
-
-**On non-docker setups**, in ``/etc/nginx/sites-available/funkwhale.conf``::
-
- server {
-
- add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
- add_header Referrer-Policy "strict-origin-when-cross-origin";
-
- location /front/ {
- add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
- add_header Referrer-Policy "strict-origin-when-cross-origin";
- add_header X-Frame-Options "SAMEORIGIN";
- # … existing content here
- }
-
- # Also create a new location for the embeds to ensure external iframes work
- # Simply copy-paste the /front/ location, but replace the following lines:
- location /front/embed.html {
- add_header X-Frame-Options "ALLOW";
- alias ${FUNKWHALE_FRONTEND_PATH}/embed.html;
- }
- }
-
-Then reload nginx with ``systemctl reload nginx``.
-
-**On docker setups**, in ``/srv/funkwhalenginx/funkwhale.template``::
-
- server {
-
- add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
- add_header Referrer-Policy "strict-origin-when-cross-origin";
-
- location /front/ {
- add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
- add_header Referrer-Policy "strict-origin-when-cross-origin";
- add_header X-Frame-Options "SAMEORIGIN";
- # … existing content here
- }
-
- # Also create a new location for the embeds to ensure external iframes work
- # Simply copy-paste the /front/ location, but replace the following lines:
- location /front/embed.html {
- add_header X-Frame-Options "ALLOW";
- alias /frontent/embed.html;
- }
- }
-
-Then reload nginx with ``docker-compose restart nginx``.
-
-Rate limiting
-^^^^^^^^^^^^^
-
-With this release, rate-limiting on the API is enabled by default, with high enough limits to ensure
-regular users of the app aren't affected. Requests beyond allowed limits are answered with a 429 HTTP error.
-
-For anonymous requests, the limit is applied to the IP adress of the client, and for authenticated requests, the limit
-is applied to the corresponding user account. By default, anonymous requests get a lower limit than authenticated requests.
-
-You can disable the rate-limiting feature by adding `THROTTLING_ENABLED=false` to your ``.env`` file and restarting the
-services. If you are using the Funkwhale API in your project or app and want to know more about the limits, please consult https://docs.funkwhale.audio/swagger/.
-
-Broken audio streaming when using S3/Minio and DSub [manual action required]
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Some Subsonic clients, such as DSub, are sending an Authorization headers which was forwarded
-to the S3 storage when streaming, causing some issues. If you are using S3 or a compatible storage
-such as Minio, please add the following in your nginx ``~ /_protected/media/(.+)`` location::
-
- # Needed to ensure DSub auth isn't forwarded to S3/Minio, see #932
- proxy_set_header Authorization "";
-
-And reload your nginx process.
--
GitLab