Friendica 2023.01 released

Christian Pöschl from usd AG has found another XSS vulnerability in Friendica which is closed with this hotfix release of Friendica.

In addition some other bugfixes for the distribution of forum postings and improvements to the update process of node information are included in this release.

For details, please the CHANGELOG file in the repository.

What is Friendica

Friendica is a decentralized communications platform, you can use to host your own social media server that integrates with independent social networking platforms (like the Fediverse or Diaspora*) but also some commercial ones like Twitter.

How to Update

Updating from old Friendica versions

If you are updating from an older version than the 2022.06 release, please first update your Friendica instance to that version as it contained some breaking changes.

Pre-Update Procedures

Ensure that the last backup of your Friendica installation was done recently.

Using Git

Updating from the git repositories should only involve a pull from the Friendica core repository and addons repository, regardless of the branch (stable or develop) you are using. Remember to update the dependencies with composer as well. So, assuming that you are on the stable branch, the commands to update your installation to the 2023.01 release would be

cd friendica
git pull
bin/composer.phar install --no-dev
cd addon
git pull

If you want to use a different branch than the stable one, you need to fetch and checkout the branch before your perform the git pull.

Pulling in the dependencies with composer will show some deprecation warning, we will be working on that in the upcoming release.

Using the Archive Files

If you had downloaded the source files in an archive file (tar.gz) please download the current version of the archive from friendica-full-2023.01.tar.gz (sha256) and friendica-addons 2023.01.tar.gz (sha256)) and unpack it on your local computer.

As many files got deleted or moved around, please upload the unpacked files to a new directory on your server (say friendica_new) and copy over your existing configuration (config/local.config.php and config/addon.config.php) and .htaccess files. Afterwards rename your current Friendica directory (e.g. friendica) to friendica_old and friendica_new to friendica.

The files of the dependencies are included in the archive (make sure you are using the friendica-full-2023.01 archive), so you don’t have to worry about them.

Post Update Tasks

The database update should be applied automatically, but sometimes it gets stuck. If you encounter this, please initiate the DB update manually from the command line by running the script

bin/console dbstructure update

from the base of your Friendica installation. If the output contains any error message, please let us know using the channels mentioned below.

Please note, that some of the changes to the database structure will take some time to be applied, depending on the size of your Friendica database.

Known Issues

Regarding the update process none as of writing.

How to Contribute

If you want to contribute to the project, you don’t need to have coding experience. There are a number of tasks listed in the issue tracker with the label “Junior Jobs” we think are good for new contributors. But you are by no means limited to these – if you find a solution to a problem (even a new one) please make a pull request at github or let us know in the development forum.

Contribution to Friendica is also not limited to coding. Any contribution to the documentation, the translation or advertisement materials is welcome or reporting a problem. You don’t need to deal with Git(Hub) or Transifex if you don’t like to. Just get in touch with us and we will get the materials to the appropriate places.

Thanks everyone who helped making this release possible and have fun!


Leave a Reply

Your email address will not be published. Required fields are marked *