Releases: matrix-org/mjolnir
Releases · matrix-org/mjolnir
v1.11.0
What's Changed
- Quarantine redacted media by @Half-Shot in #593
- Introduce a labs section for MSC4284 and similar commands by @turt2live in #605
- Don't redact literally everything when NSFW sensitivity is low by @turt2live in #606
- Add a "first message is link" protection by @H-Shay in #603
- Parse matrix.to links when banning by @H-Shay in #609
- Set MSC4293 flag when autoredacting users by @turt2live in #612
- Log & expose device ID and identity at startup for visibility by @Half-Shot in #613
- Misc fixes - better error handling + store access token when fetched by @H-Shay in #619
- Use admin redaction endpoint if possible by @H-Shay in #621
- Support synapse-http-antispam by @turt2live in #610
- Fix references to node 18 in docs/comments by @H-Shay in #623
- Prepare for room v12 by @H-Shay in #620
Full Changelog: v1.10.0...v1.11.0
Contributors
turt2live, Half-Shot, and H-Shay
Assets 2
v1.10.0
What's Changed
- Unflake tests by @H-Shay in #570
- Fix call to admin redaction api by @H-Shay in #568
- Add some debug logging for mention spam protection by @H-Shay in #569
- Revert "Add displayname mention spam protection (#537)" by @H-Shay in #571
- Refer to CONTRIBUTING from README by @andybalaam in #572
- Fallback to old-style redactions for now by @H-Shay in #578
- Support deployments using Matrix Authentication Service by @H-Shay in #577
- Support scanning stickers for NSFW content, and don't error so loudly when a MXC is missing by @Half-Shot in #585
- Logging improvements by @H-Shay in #589
- Skip NSFW classification if treshold is 0.0 by @TheArcaneBrony in #583
- Bump cross-spawn from 7.0.3 to 7.0.6 by @dependabot in #561
- Add MessageIsVideo protection by @H-Shay in #582
- Bump axios from 1.7.7 to 1.8.2 by @dependabot in #590
- Bump parse-duration from 1.0.2 to 2.1.3 by @H-Shay in #592
- Create funding-manifest-urls by @HarHarLinks in #596
- Demote "Applying ACL" to debug by @turt2live in #597
- Fix alignment in help menu by @turt2live in #599
- Fix function return by @H-Shay in #598
- Soften the default shutdown message/room name by @turt2live in #600
- Don't include historical members in mod cache by @H-Shay in #601
New Contributors
- @andybalaam made their first contribution in #572
- @TheArcaneBrony made their first contribution in #583
- @HarHarLinks made their first contribution in #596
Full Changelog: v1.9.2...v1.10.0
Contributors
andybalaam, turt2live, and 5 other contributors
Assets 2
v1.9.2
What's Changed
Security
- This release reintroduces the mention forwarding feature removed in 1.9.1. See GHSA-3jq6-xc85-m394 / CVE-2025-24024 for details.
Full Changelog: v1.9.1...v1.9.2
Contributors
H-Shay
Assets 2
v1.9.1
Security Advisory
A security issue was discovered in the mention forwarding feature. We've backed it out in v1.9.1 (this release) and encourage admins to immediately upgrade to this version while we take a closer look.
Update January 21, 2025: This is GHSA-3jq6-xc85-m394 / CVE-2025-24024
What's Changed
- Revert "forward mentions to management room" feature by @turt2live in #565
Full Changelog: v1.9.0...v1.9.1
Contributors
turt2live
Assets 2
v1.9.0
Security Advisory
Please upgrade immediately to v1.9.1 instead of v1.9.0
Update January 21, 2025: This is GHSA-3jq6-xc85-m394 / CVE-2025-24024
What's Changed
- A few small fixes by @H-Shay in #536
- Add displayname mention spam protection by @H-Shay in #537
- Add users who activate mention spam protection to auto-redact list by @H-Shay in #541
- Remove notes from the default config.yaml that suggest mjolnir's wordlist feature supports regex, it does not. by @PC-Admin in #543
- Use Prettier to format code by @H-Shay in #542
- Use admin api for redactions if possible by @H-Shay in #538
- Add a test verifying messageIsMediaProtection by @H-Shay in #545
- Trim leading whitespace from !mjolnir command by @Half-Shot in #549
- Create CODEOWNERS by @turt2live in #550
- Don't ban users in moderator room by @H-Shay in #544
- Filter out rooms where user was never a member when redacting rooms by @H-Shay in #551
- Don't shut down protected rooms by @H-Shay in #554
- Notify moderation room when users in protected rooms mention the bot (configurable) by @Half-Shot in #553
- Add a test verifying
unbancommand by @H-Shay in #557 - Stop printing help menu on unknown command by @H-Shay in #558
- Don't allow mods to demote bot or members of management room in protected rooms by @H-Shay in #555
- Use spoilers when mentioning targets of a rule by @H-Shay in #559
- v1.9.0 by @H-Shay in #563
New Contributors
Full Changelog: v1.8.3...v1.9.0
Contributors
turt2live, Half-Shot, and 2 other contributors
Assets 2
v1.8.3
What's Changed
- Fix default config to maintain backwards compatibility by @turt2live in #535
Full Changelog: v1.8.2...v1.8.3
Contributors
turt2live
Assets 2
v1.8.2
Contributors
H-Shay
Assets 2
v1.8.1
What's Changed
Full Changelog: v1.8.0...v1.8.1
Contributors
H-Shay
Assets 2
v1.8.0
What's Changed
- Resolve aliases and get via servers before storing watch list by @H-Shay in #518
- Support authenticated media (by updating bot-sdk / matrix-appservice-bridge) by @Half-Shot in #523
- Fix NSFW protection not awaiting redaction by @Half-Shot in #526
- Log the name of the failed protection to the moderation room when it fails. by @Half-Shot in #525
- Add protection for mention spam by @Half-Shot in #524
- Improve messaging and checks in NSFW protection by @H-Shay in #529
- Add native encryption support to Mjolnir by @H-Shay in #528
Note that configuration options related to Pantalaimon are now deprecated (as native encryption is now supported in mjolnir) and will be removed at a later date.
Full Changelog: v1.7.0...v1.8.0
Contributors
Half-Shot and H-Shay
Assets 2
v1.7.0
What's Changed
- Add some releasing instructions by @H-Shay in #500
- Update releasing instructions to use script by @H-Shay in #502
- Bump postcss from 8.4.16 to 8.4.39 by @dependabot in #507
- Bump crypto-js from 4.1.1 to 4.2.0 by @dependabot in #492
- Bump express from 4.18.1 to 4.19.2 by @dependabot in #512
- Bump braces from 3.0.2 to 3.0.3 by @dependabot in #511
- Bump sanitize-html from 2.7.1 to 2.13.0 by @dependabot in #510
- Bump ws from 7.5.5 to 7.5.10 by @dependabot in #509
- Bump follow-redirects from 1.15.1 to 1.15.6 by @dependabot in #508
- Add commands to suspend/unsuspend user by @H-Shay in #506
- Check for via servers before trying to join room in policy list manager by @H-Shay in #514
- Use modern language by @H-Shay in #513
- Do not interrupt redact sequences because of exceptions on backfilling by @maranda in #479
- remove real name requirement from DCO by @joshsimmons in #515
- Enhance media protections by @H-Shay in #516
- Add a NSFW protection by @H-Shay in #520
- Bump express from 4.19.2 to 4.20.0 by @dependabot in #521
- Bump micromatch from 4.0.4 to 4.0.8 by @dependabot in #519
New Contributors
- @joshsimmons made their first contribution in #515
Special Thanks
- Thanks to @Gnuxie for inspiration/groundwork on the NSFW protection
Full Changelog: v1.6.5...v1.7.0
Contributors
maranda, bluesomewhere, and 3 other contributors