Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update ghcr.io/mastodon/mastodon Docker tag to v4.2.7 (#44)
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/mastodon/mastodon](https://github.com/mastodon/mastodon) | patch | `v4.2.6` -> `v4.2.7` | --- ### Release Notes <details> <summary>mastodon/mastodon (ghcr.io/mastodon/mastodon)</summary> ### [`v4.2.7`](https://github.com/mastodon/mastodon/releases/tag/v4.2.7) [Compare Source](https://github.com/mastodon/mastodon/compare/v4.2.6...v4.2.7) <h1><picture> <source media="(prefers-color-scheme: dark)" srcset="./lib/assets/wordmark.dark.png?raw=true"> <source media="(prefers-color-scheme: light)" srcset="./lib/assets/wordmark.light.png?raw=true"> <img alt="Mastodon" src="./lib/assets/wordmark.light.png?raw=true" height="34"> </picture></h1> > \[!WARNING] > **This release is an important security release fixing a major security issue.** > > Corresponding security releases are available for the [4.1.x branch](https://github.com/mastodon/mastodon/releases/tag/v4.1.15), the [4.0.x branch](https://github.com/mastodon/mastodon/releases/tag/v4.0.15) and the [3.5.x branch](https://github.com/mastodon/mastodon/releases/tag/v3.5.19). > \[!NOTE] > If you are using nightly builds, **do not use this release** but update to `nightly.2024-02-17-security` or newer instead. If you are on the `main` branch, update to the latest commit. ##### Changelog ##### Fixed - Fix OmniAuth tests and edge cases in error handling ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29201), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/29207)) - Fix new installs by upgrading to the latest release of the `nsa` gem, instead of a no longer existing commit ([mjankowski](https://github.com/mastodon/mastodon/pull/29065)) ##### Security - Fix insufficient checking of remote posts ([GHSA-jhrq-qvrm-qr36](https://github.com/mastodon/mastodon/security/advisories/GHSA-jhrq-qvrm-qr36)) ##### Upgrade notes To get the code for v4.2.7, use `git fetch && git checkout v4.2.7`. > \[!NOTE] > As always, **make sure you have backups of the database before performing any upgrades**. If you are using docker-compose, this is how a backup command might look: `docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump` ##### Dependencies With the exception of Ruby's recommended version, external dependencies have not changed since v4.2.0, the compatible Ruby, PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is: - Ruby: 3.0 to 3.2 - PostgreSQL: 10 or newer - Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work) - LibreTranslate (optional, for translations): 1.3.3 or newer - Redis: 4 or newer - Node: 16 or newer - ImageMagick: 6.9.7-7 or newer > \[!TIP] > If your uploaded images are broken after the upgrade, it means your installed ImageMagick version is older than the new minimum version (6.9.7-7), for example if you are running Ubuntu 18.04. If this happens, you can find more information and ways to fix it [on this page](https://github.com/mastodon/mastodon/issues/25776). ##### Update steps The following instructions are for updating from 4.2.6. If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. **Non-Docker only:** 1. Install dependencies: `bundle install` and `yarn install --frozen-lockfile` 2. Restart all Mastodon processes **Using Docker:** 1. Restart all Mastodon processes </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/enoki-coop/helm-charts). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNzMuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE3My4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
- Loading branch information