Changelog.md 139 KB
Newer Older
Benjamin Neff's avatar
Benjamin Neff committed
1 2 3
# 0.7.1.0

## Refactor
Batyr Nuryyev's avatar
Batyr Nuryyev committed
4
* Remove title from profile photo upload button [#7551](https://github.com/diaspora/diaspora/pull/7551)
5
* Remove Internet Explorer workarounds [#7557](https://github.com/diaspora/diaspora/pull/7557)
Benjamin Neff's avatar
Benjamin Neff committed
6 7 8 9

## Bug fixes

## Features
10
* Ask for confirmation when leaving a submittable comment field [#7530](https://github.com/diaspora/diaspora/pull/7530)
Benjamin Neff's avatar
Benjamin Neff committed
11

Dennis Schubert's avatar
Dennis Schubert committed
12 13
# 0.7.0.0

flaburgan's avatar
flaburgan committed
14 15 16 17 18
## Supported Ruby versions

This release recommends using Ruby 2.4, while retaining Ruby 2.3 as an officially supported version.
Ruby 2.1 is no longer officially supported.

19 20 21 22 23
## Delete public/.well-known/

Before upgrading, please check if your `public/` folder contains a hidden `.well-known/` folder.
If so, please delete it since it will prevent the federation from working properly.

Dennis Schubert's avatar
Dennis Schubert committed
24 25
## Refactor

26
* Make the mention syntax more flexible [#7305](https://github.com/diaspora/diaspora/pull/7305)
27
* Display @ before mentions [#7324](https://github.com/diaspora/diaspora/pull/7324)
28
* Simplify mentions in the publisher [#7302](https://github.com/diaspora/diaspora/pull/7302)
29
* Remove chartbeat and mixpanel support [#7280](https://github.com/diaspora/diaspora/pull/7280)
30
* Upgrade to jQuery 3 [#7303](https://github.com/diaspora/diaspora/pull/7303)
31
* Add i18n for color themes [#7369](https://github.com/diaspora/diaspora/pull/7369)
32
* Remove deprecated statistics.json [#7399](https://github.com/diaspora/diaspora/pull/7399)
Benjamin Neff's avatar
Benjamin Neff committed
33 34
* Always link comment count text on mobile [#7483](https://github.com/diaspora/diaspora/pull/7483)
* Switch to new federation protocol [#7436](https://github.com/diaspora/diaspora/pull/7436)
35
* Send public profiles publicly [#7501](https://github.com/diaspora/diaspora/pull/7501)
36
* Change sender for mails [#7495](https://github.com/diaspora/diaspora/pull/7495)
37
* Move back to top to the right to avoid misclicks [#7516](https://github.com/diaspora/diaspora/pull/7516)
38
* Include count in mobile post action link [#7520](https://github.com/diaspora/diaspora/pull/7520)
39
* Update the user data export archive format [#6726](https://github.com/diaspora/diaspora/pull/6726)
40 41
* Use id as fallback when sorting posts [#7523](https://github.com/diaspora/diaspora/pull/7523)
* Remove no-posts-info when adding posts to the stream [#7523](https://github.com/diaspora/diaspora/pull/7523)
42
* Upgrade to rails 5.1 [#7514](https://github.com/diaspora/diaspora/pull/7514)
43
* Refactoring single post view interactions [#7182](https://github.com/diaspora/diaspora/pull/7182)
44
* Update help pages [#7528](https://github.com/diaspora/diaspora/pull/7528)
45
* Disable rendering logging in production [#7529](https://github.com/diaspora/diaspora/pull/7529)
46
* Add some missing indexes and cleanup the database if needed [#7533](https://github.com/diaspora/diaspora/pull/7533)
47
* Remove avatar, name, timestamp and interactions from publisher preview [#7536](https://github.com/diaspora/diaspora/pull/7536)
48

Dennis Schubert's avatar
Dennis Schubert committed
49 50
## Bug fixes

Benjamin Neff's avatar
Benjamin Neff committed
51
* Fix height too high on mobile SPV [#7480](https://github.com/diaspora/diaspora/pull/7480)
52
* Improve stream when ignoring a person who posts a lot of tagged posts [#7503](https://github.com/diaspora/diaspora/pull/7503)
53
* Fix order of comments across pods [#7436](https://github.com/diaspora/diaspora/pull/7436)
54
* Prevent publisher from closing in preview mode [#7518](https://github.com/diaspora/diaspora/pull/7518)
55
* Increase reshare counter after reshare on mobile [#7520](https://github.com/diaspora/diaspora/pull/7520)
56
* Reset stuck exports and handle errors [#7535](https://github.com/diaspora/diaspora/pull/7535)
Benjamin Neff's avatar
Benjamin Neff committed
57

Dennis Schubert's avatar
Dennis Schubert committed
58
## Features
59
* Add support for mentions in comments to the backend [#6818](https://github.com/diaspora/diaspora/pull/6818)
60
* Add support for new mention syntax [#7300](https://github.com/diaspora/diaspora/pull/7300) [#7394](https://github.com/diaspora/diaspora/pull/7394)
61
* Render mentions as links in comments [#7327](https://github.com/diaspora/diaspora/pull/7327)
62
* Add support for mentions in comments to the front-end [#7386](https://github.com/diaspora/diaspora/pull/7386)
63
* Support direct links to comments on mobile [#7508](https://github.com/diaspora/diaspora/pull/7508)
flaburgan's avatar
flaburgan committed
64
* Add inviter first and last name in the invitation e-mail [#7484](https://github.com/diaspora/diaspora/pull/7484)
65
* Add markdown editor for comments and conversations [#7482](https://github.com/diaspora/diaspora/pull/7482)
flaburgan's avatar
flaburgan committed
66
* Improve responsive header in desktop version [#7509](https://github.com/diaspora/diaspora/pull/7509)
67
* Support cmd+enter to submit posts, comments and conversations [#7524](https://github.com/diaspora/diaspora/pull/7524)
68
* Add markdown editor for posts, comments and conversations on mobile [#7235](https://github.com/diaspora/diaspora/pull/7235)
69
* Mark as "Mobile Web App Capable" on Android [#7534](https://github.com/diaspora/diaspora/pull/7534)
70
* Add support for receiving account migrations [#6750](https://github.com/diaspora/diaspora/pull/6750)
Dennis Schubert's avatar
Dennis Schubert committed
71

Benjamin Neff's avatar
Benjamin Neff committed
72 73 74
# 0.6.7.0

## Refactor
Benjamin Neff's avatar
Benjamin Neff committed
75
* Cleanup some translations [#7465](https://github.com/diaspora/diaspora/pull/7465)
Benjamin Neff's avatar
Benjamin Neff committed
76 77

## Features
78
* Change email without confirmation when mail is disabled [#7455](https://github.com/diaspora/diaspora/pull/7455)
79
* Warn users if they leave the profile editing page with unsaved changes [#7473](https://github.com/diaspora/diaspora/pull/7473)
flaburgan's avatar
flaburgan committed
80
* Add admin pages to the mobile interface [#7295](https://github.com/diaspora/diaspora/pull/7295)
flaburgan's avatar
flaburgan committed
81
* Add links to discourse to footer and sidebar [#7446](https://github.com/diaspora/diaspora/pull/7446)
Benjamin Neff's avatar
Benjamin Neff committed
82

Dennis Schubert's avatar
Dennis Schubert committed
83 84 85
# 0.6.6.0

## Refactor
Benjamin Neff's avatar
Benjamin Neff committed
86
* Remove rails\_admin [#7440](https://github.com/diaspora/diaspora/pull/7440)
87
* Use guid instead of id at permalink and in SPV [#7453](https://github.com/diaspora/diaspora/pull/7453)
Dennis Schubert's avatar
Dennis Schubert committed
88 89

## Bug fixes
90
* Make photo upload button hover text translatable [#7429](https://github.com/diaspora/diaspora/pull/7429)
91
* Fix first comment in mobile view with french locale [#7441](https://github.com/diaspora/diaspora/pull/7441)
92
* Use post page title and post author in atom feed [#7420](https://github.com/diaspora/diaspora/pull/7420)
93
* Handle broken public keys when receiving posts [#7448](https://github.com/diaspora/diaspora/pull/7448)
94
* Fix welcome message when podmin is set to an invalid username [#7452](https://github.com/diaspora/diaspora/pull/7452)
Dennis Schubert's avatar
Dennis Schubert committed
95 96

## Features
97 98
* Add support for Nodeinfo 2.0 [#7447](https://github.com/diaspora/diaspora/pull/7447)

Benjamin Neff's avatar
Benjamin Neff committed
99 100 101
# 0.6.5.0

## Refactor
Senya's avatar
Senya committed
102
* Remove unused setPreload function [#7354](https://github.com/diaspora/diaspora/pull/7354)
103
* Remove jQuery deprecations [#7356](https://github.com/diaspora/diaspora/pull/7356)
104
* Use empty selector where "#" was used as a selector before (prepare jQuery 3 upgrade) [#7372](https://github.com/diaspora/diaspora/pull/7372)
105
* Increase maximal height of large thumbnail on mobile [#7383](https://github.com/diaspora/diaspora/pull/7383)
106
* Reduce conversation recipient size [#7376](https://github.com/diaspora/diaspora/pull/7376)
107
* Cleanup rtl css [#7374](https://github.com/diaspora/diaspora/pull/7374)
108
* Increase visual spacing between list items [#7401](https://github.com/diaspora/diaspora/pull/7401)
cmrd Senya's avatar
cmrd Senya committed
109
* Remove unused gem and cucumber step [#7410](https://github.com/diaspora/diaspora/pull/7410)
110
* Disable CSP header when `report_only` and no `report_uri` is set [#7367](https://github.com/diaspora/diaspora/pull/7367)
Benjamin Neff's avatar
Benjamin Neff committed
111 112

## Bug fixes
flaburgan's avatar
flaburgan committed
113
* Don't hide posts when blocking someone from the profile [#7379](https://github.com/diaspora/diaspora/pull/7379)
114
* Disable autocomplete for the conversation form recipient input [#7375](https://github.com/diaspora/diaspora/pull/7375)
115
* Fix sharing indicator on profile page for blocked users [#7382](https://github.com/diaspora/diaspora/pull/7382)
116
* Remove post only after a successful deletion on the server [#7385](https://github.com/diaspora/diaspora/pull/7385)
117
* Fix an issue where pod admins could get logged out when using sidekiq-web [#7395](https://github.com/diaspora/diaspora/pull/7395)
118
* Add avatar fallback for typeahead and conversations [#7414](https://github.com/diaspora/diaspora/pull/7414)
Benjamin Neff's avatar
Benjamin Neff committed
119 120

## Features
121
* Add links to liked and commented pages [#5502](https://github.com/diaspora/diaspora/pull/5502)
Benjamin Neff's avatar
Benjamin Neff committed
122

123 124 125 126
# 0.6.4.1

Fixes a possible Remote Code Execution ([CVE-2016-4658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658)) and a possible DoS ([CVE-2016-5131](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131)) by updating Nokogiri, which in turn updates libxml2.

Benjamin Neff's avatar
Benjamin Neff committed
127 128 129
# 0.6.4.0

## Refactor
130
* Unify link colors [#7318](https://github.com/diaspora/diaspora/pull/7318)
131
* Increase time to wait before showing the hovercard [#7319](https://github.com/diaspora/diaspora/pull/7319)
132
* Remove some unused color-theme overrides [#7325](https://github.com/diaspora/diaspora/pull/7325)
133
* Change color of author-name on hover [#7326](https://github.com/diaspora/diaspora/pull/7326)
134
* Add like and reshare services [#7337](https://github.com/diaspora/diaspora/pull/7337)
Benjamin Neff's avatar
Benjamin Neff committed
135 136

## Bug fixes
137
* Fix path to `bundle` in `script/server` [#7281](https://github.com/diaspora/diaspora/pull/7281)
138
* Update comment in database example config [#7282](https://github.com/diaspora/diaspora/pull/7282)
139
* Make the \#newhere post public again [#7311](https://github.com/diaspora/diaspora/pull/7311)
140
* Remove whitespace from author link [#7330](https://github.com/diaspora/diaspora/pull/7330)
Steffen van Bergerem's avatar
Steffen van Bergerem committed
141
* Fix autosize in modals [#7339](https://github.com/diaspora/diaspora/pull/7339)
142
* Only display invite link on contacts page if invitations are enabled [#7342](https://github.com/diaspora/diaspora/pull/7342)
143
* Fix regex for hashtags for some languages [#7350](https://github.com/diaspora/diaspora/pull/7350)
144
* Create asterisk.png without digest after precompile [#7322](https://github.com/diaspora/diaspora/pull/7322)
Benjamin Neff's avatar
Benjamin Neff committed
145 146

## Features
147
* Add support for [Liberapay](https://liberapay.com) donations [#7290](https://github.com/diaspora/diaspora/pull/7290)
148
* Added a link to the community guidelines :) [#7298](https://github.com/diaspora/diaspora/pull/7298)
Benjamin Neff's avatar
Benjamin Neff committed
149

Dennis Schubert's avatar
Dennis Schubert committed
150 151 152
# 0.6.3.0

## Refactor
153
* Increase the spacing above and below post contents [#7267](https://github.com/diaspora/diaspora/pull/7267)
154
* Replace fileuploader-custom with FineUploader [#7083](https://github.com/diaspora/diaspora/pull/7083)
155
* Always show mobile reaction counts [#7207](https://github.com/diaspora/diaspora/pull/7207)
156
* Refactor mobile alerts for error responses [#7227](https://github.com/diaspora/diaspora/pull/7227)
SansPseudoFix's avatar
SansPseudoFix committed
157
* Switch content and given reason in the reports overview [#7180](https://github.com/diaspora/diaspora/pull/7180)
Dennis Schubert's avatar
Dennis Schubert committed
158 159

## Bug fixes
160
* Fix background color of year on notifications page with dark theme [#7263](https://github.com/diaspora/diaspora/pull/7263)
161
* Fix jasmine tests in firefox [#7246](https://github.com/diaspora/diaspora/pull/7246)
162
* Prevent scroll to top when clicking 'mark all as read' in the notification dropdown [#7253](https://github.com/diaspora/diaspora/pull/7253)
163
* Update existing notifications in dropdown on fetch [#7270](https://github.com/diaspora/diaspora/pull/7270)
164
* Fix link to post on mobile photo page [#7274](https://github.com/diaspora/diaspora/pull/7274)
165
* Fix some background issues on dark mobile themes [#7278](https://github.com/diaspora/diaspora/pull/7278)
Dennis Schubert's avatar
Dennis Schubert committed
166 167

## Features
168
* Add links to the aspects and followed tags pages on mobile [#7265](https://github.com/diaspora/diaspora/pull/7265)
169
* diaspora\* is now available in Gàidhlig, Occitan, and Schwiizerdütsch
Dennis Schubert's avatar
Dennis Schubert committed
170

Dennis Schubert's avatar
Dennis Schubert committed
171 172 173
# 0.6.2.0

## Refactor
174
* Use string-direction gem for rtl detection [#7181](https://github.com/diaspora/diaspora/pull/7181)
175
* Reduce i18n.load side effects [#7184](https://github.com/diaspora/diaspora/pull/7184)
176
* Force jasmine fails on syntax errors [#7185](https://github.com/diaspora/diaspora/pull/7185)
177
* Don't display mail-related view content if it is disabled in the pod's config [#7190](https://github.com/diaspora/diaspora/pull/7190)
178
* Use typeahead.js from rails-assets.org [#7192](https://github.com/diaspora/diaspora/pull/7192)
179
* Refactor ShareVisibilitesController to use PostService [#7196](https://github.com/diaspora/diaspora/pull/7196)
Justin Ramos's avatar
Justin Ramos committed
180
* Unify desktop and mobile head elements [#7194](https://github.com/diaspora/diaspora/pull/7194) [#7209](https://github.com/diaspora/diaspora/pull/7209)
181
* Refactor flash messages on ajax errors for comments, likes, reshares and aspect memberships [#7202](https://github.com/diaspora/diaspora/pull/7202)
Justin Ramos's avatar
Justin Ramos committed
182
* Only require AWS-module for fog [#7201](https://github.com/diaspora/diaspora/pull/7201)
183
* Only show community spotlight links on the contacts page if community spotlight is enabled [#7213](https://github.com/diaspora/diaspora/pull/7213)
Justin Ramos's avatar
Justin Ramos committed
184
* Require spec\_helper in .rspec [#7223](https://github.com/diaspora/diaspora/pull/7223)
Flaburgan's avatar
Flaburgan committed
185
* Make the CSRF mail a bit more friendly [#7238](https://github.com/diaspora/diaspora/pull/7238) [#7241](https://github.com/diaspora/diaspora/pull/7241)
Dennis Schubert's avatar
Dennis Schubert committed
186 187

## Bug fixes
188
* Fix fetching comments after fetching likes [#7167](https://github.com/diaspora/diaspora/pull/7167)
189
* Hide 'reshare' button on already reshared posts [#7169](https://github.com/diaspora/diaspora/pull/7169)
190
* Only reload profile header when changing aspect memberships [#7183](https://github.com/diaspora/diaspora/pull/7183)
191
* Fix visiblity on invitation modal when opening it from the stream [#7191](https://github.com/diaspora/diaspora/pull/7191)
192
* Add avatar fallback on tags page [#7198](https://github.com/diaspora/diaspora/pull/7198)
193
* Update notifications when changing the stream [#7199](https://github.com/diaspora/diaspora/pull/7199)
194
* Fix 500 on mobile commented and liked streams [#7219](https://github.com/diaspora/diaspora/pull/7219)
Dennis Schubert's avatar
Dennis Schubert committed
195 196

## Features
197
* Show spinner when loading comments in the stream [#7170](https://github.com/diaspora/diaspora/pull/7170)
Benjamin Neff's avatar
Benjamin Neff committed
198
* Add a dark color theme [#7152](https://github.com/diaspora/diaspora/pull/7152)
199
* Added setting for custom changelog URL [#7166](https://github.com/diaspora/diaspora/pull/7166)
200
* Show more information of recipients on conversation creation [#7129](https://github.com/diaspora/diaspora/pull/7129)
201 202
* Update notifications every 5 minutes and when opening the notification dropdown [#6952](https://github.com/diaspora/diaspora/pull/6952)
* Show browser notifications when receiving new unread notifications [#6952](https://github.com/diaspora/diaspora/pull/6952)
203
* Only clear comment textarea when comment submission was successful [#7186](https://github.com/diaspora/diaspora/pull/7186)
204
* Add support for graceful unicorn restarts [#7217](https://github.com/diaspora/diaspora/pull/7217)
Dennis Schubert's avatar
Dennis Schubert committed
205

Dennis Schubert's avatar
Dennis Schubert committed
206 207
# 0.6.1.0

Benjamin Neff's avatar
Benjamin Neff committed
208 209
Note: Although this is a minor release, the configuration file changed because the old Mapbox implementation is no longer valid, and the current implementation requires additional fields. Chances are high that if you're using the old integration, it will be broken anyway. If you do use Mapbox, please check out the `diaspora.yml.example` for new parameters.

Dennis Schubert's avatar
Dennis Schubert committed
210
## Refactor
211
* Indicate proper way to report bugs in the sidebar [#7039](https://github.com/diaspora/diaspora/pull/7039)
212
* Remove text color from notification mails and fix sender avatar [#7054](https://github.com/diaspora/diaspora/pull/7054)
Benjamin Neff's avatar
Benjamin Neff committed
213
* Make the session cookies HttpOnly again [#7041](https://github.com/diaspora/diaspora/pull/7041)
214
* Invalidate sessions with invalid CSRF tokens [#7050](https://github.com/diaspora/diaspora/pull/7050)
215
* Liking a post will no longer update its interacted timestamp [#7030](https://github.com/diaspora/diaspora/pull/7030)
216
* Improve W3C compliance [#7068](https://github.com/diaspora/diaspora/pull/7068) [#7082](https://github.com/diaspora/diaspora/pull/7082) [#7091](https://github.com/diaspora/diaspora/pull/7091) [#7092](https://github.com/diaspora/diaspora/pull/7092)
217
* Load jQuery in the head on mobile [#7086](https://github.com/diaspora/diaspora/pull/7086)
218
* Use translation for NodeInfo services [#7102](https://github.com/diaspora/diaspora/pull/7102)
Benjamin Neff's avatar
Benjamin Neff committed
219
* Adopt new Mapbox tile URIs [#7066](https://github.com/diaspora/diaspora/pull/7066)
220
* Refactored post interactions on the single post view [#7089](https://github.com/diaspora/diaspora/pull/7089)
221
* Extract inline JavaScript [#7113](https://github.com/diaspora/diaspora/pull/7113)
222
* Port conversations inbox to backbone.js [#7108](https://github.com/diaspora/diaspora/pull/7108)
223
* Refactored stream shortcuts for more flexibility [#7127](https://github.com/diaspora/diaspora/pull/7127)
224
* Link to admin dashboard instead of admin panel from the podmin landing page [#7130](https://github.com/diaspora/diaspora/pull/7130)
Dennis Schubert's avatar
Dennis Schubert committed
225 226

## Bug fixes
227
* Post comments no longer get collapsed when interacting with a post [#7040](https://github.com/diaspora/diaspora/pull/7040)
228
* Closed accounts will no longer show up in the account search [#7042](https://github.com/diaspora/diaspora/pull/7042)
229
* Code blocks in conversations no longer overflow the content [#7055](https://github.com/diaspora/diaspora/pull/7055)
230
* More buttons in mobile streams are fixed [#7036](https://github.com/diaspora/diaspora/pull/7036)
cmrd Senya's avatar
cmrd Senya committed
231 232
* Fixed missing sidebar background in the contacts tab [#7064](https://github.com/diaspora/diaspora/pull/7064)
* Fix tags URLs in hovercards [#7075](https://github.com/diaspora/diaspora/pull/7075)
233
* Fix 500 in html requests for post interactions [#7085](https://github.com/diaspora/diaspora/pull/7085)
234
* Remove whitespaces next to like link in stream [#7088](https://github.com/diaspora/diaspora/pull/7088)
235
* Prevent overflow of interaction avatars in the single post view [#7070](https://github.com/diaspora/diaspora/pull/7070)
236
* Fix moving publisher on first click after page load [#7094](https://github.com/diaspora/diaspora/pull/7094)
237
* Fix link to comment on report page [#7105](https://github.com/diaspora/diaspora/pull/7105)
238
* Fix duplicate flash message on mobile profile edit [#7107](https://github.com/diaspora/diaspora/pull/7107)
239
* Clicking photos on mobile should no longer cause 404s [#7071](https://github.com/diaspora/diaspora/pull/7071)
240
* Fix avatar size on mobile privacy page for ignored people [#7148](https://github.com/diaspora/diaspora/pull/7148)
241
* Don't display tag following button when logged out [#7155](https://github.com/diaspora/diaspora/pull/7155)
242 243
* Fix message modal on profile page [#7137](https://github.com/diaspora/diaspora/pull/7137)
* Display error message when aspect membership changes fail [#7132](https://github.com/diaspora/diaspora/pull/7132)
Benjamin Neff's avatar
Benjamin Neff committed
244
* Avoid the creation of pod that are none [#7145](https://github.com/diaspora/diaspora/pull/7145)
245
* Fixed tag pages with alternate default aspect settings [#7262](https://github.com/diaspora/diaspora/pull/7162)
246
* Suppressed CSP related deprecation warnings [#7263](https://github.com/diaspora/diaspora/pull/7163)
Dennis Schubert's avatar
Dennis Schubert committed
247 248

## Features
249 250
* Deleted comments will be removed when loading more comments [#7045](https://github.com/diaspora/diaspora/pull/7045)
* The "subscribe" indicator on a post now gets toggled when you like or rehsare a post [#7040](https://github.com/diaspora/diaspora/pull/7040)
251
* Add OpenGraph video support [#7043](https://github.com/diaspora/diaspora/pull/7043)
252
* You'll now get redirected to the invites page if you follow an invitation but you're already logged in [#7061](https://github.com/diaspora/diaspora/pull/7061)
253
* Add support for setting BOSH access protocol via chat configuration [#7100](https://github.com/diaspora/diaspora/pull/7100)
254
* Add number of unreviewed reports to admin dashboard and admin sidebar [#7109](https://github.com/diaspora/diaspora/pull/7109)
255
* Don't federate to pods that have been offline for an extended period of time [#7120](https://github.com/diaspora/diaspora/pull/7120)
256
* Add In-Reply-To and References headers to notification mails [#7122](https://github.com/diaspora/diaspora/pull/7122)
257
* Directly link to a comment in commented notification mails [#7124](https://github.com/diaspora/diaspora/pull/7124)
258
* Add optional `Content-Security-Policy` header [#7128](https://github.com/diaspora/diaspora/pull/7128)
Muhannes's avatar
Muhannes committed
259
* Add links to main stream and public stream to the mobile drawer [#7144](https://github.com/diaspora/diaspora/pull/7144)
260
* Allow opening search results from the dropdown in a new tab [#7021](https://github.com/diaspora/diaspora/issues/7021)
261
* Add user setting for default post visibility [#7118](https://github.com/diaspora/diaspora/issues/7118)
Dennis Schubert's avatar
Dennis Schubert committed
262

263 264 265 266
# 0.6.0.1

Fixes an issue with installing an running diaspora\*, caused by a recent bundler update that fixes a bundler bug on which we depended on.

267 268
# 0.6.0.0

269 270 271 272
## Warning: This release contains long migrations

This diaspora\* releases comes with a few database cleanup migrations and they could possible take a while. While you should always do that, it is especially important this time to make sure you run the migrations inside a detachable environment like `screen` or `tmux`. A interrupted SSH session could possibly harm your database. Also, please make a backup.

273 274 275 276 277 278 279 280 281 282 283 284 285 286
## The DB environment variable is gone

With Bundler 1.10 supporting optional groups, we removed the DB environment variable. When updating to this release, please update
bundler and select the database support you want:

```sh
gem install bundler
bundle install --with mysql # For MySQL and MariaDB
bundle install --with postgresql # For PostgreSQL
```

For production setups we now additionally recommend adding the `--deployment` flag.
If you set the DB environment variable anywhere, that's no longer necessary.

287 288
## Supported Ruby versions

289
This release recommends using Ruby 2.3, while retaining Ruby 2.1 as an officially supported version.
290 291
Ruby 2.0 is no longer officially supported.

292 293 294 295 296 297 298
## Configuration changes

Please note that the default listen parameter for production setups got
changed. diaspora\* will no longer listen on `0.0.0.0:3000` as it will now
bind to an UNIX socket at `unix:tmp/diaspora.sock`. Please change your local
`diaspora.yml` if necessary.

Dennis Schubert's avatar
Dennis Schubert committed
299 300 301 302 303 304 305 306
## Redis namespace support dropped

We dropped support for Redis namespaces in this release. If you previously set
a custom namespace, please note that diaspora\* will no longer use the
configured value. By default, Redis supports up to 8 databases which can be
selected via the Redis URL in `diaspora.yml`. Please check the examples
provided in our configuration example file.

307 308
## Terms of Use design changes

309
With the port to Bootstrap 3, app/views/terms/default.haml has a new structure. If you have created a customised app/views/terms/terms.haml or app/views/terms/terms.erb file, you will need to edit those files to base your customisations on the new default.haml file.
310

311 312 313
## API authentication

This release makes diaspora\* a OpenID Connect provider. This means you can authenticate to third parties with your diaspora\* account and let
314
them act as your diaspora\* account on your behalf. This feature is still considered in early development, we still expect edge cases and advanced
315 316 317 318 319
features of the specificiation to not be handled correctly or be missing. But we expect a basic OpenID Connect compliant client to work. Please submit issues!
We will also most likely still change the authorization scopes we offer and started with a very minimal set.
Most work still required is on documentation as well as designing and implementing the data API for all of Diaspora's functionality.
Contributions are very welcome, the hard work is done!

320 321 322 323 324 325 326 327
## Vines got replaced by Prosody

Due to many issues with Vines, we decided to remove Vines and offer a Prosody
example configuration instead. [Check the
wiki](https://wiki.diasporafoundation.org/Integration/Chat#Vines_to_Prosody)
for more information on how to migrate to Prosody if you've been using Vines
before.

328 329 330 331 332 333 334 335 336 337
## Sidekiq queue changes

We've decreased the amount of sidekiq queues from 13 to 5 in PR [#6950](https://github.com/diaspora/diaspora/pull/6950).
The new queues are organized according to priority for the jobs they will process. When upgrading please make sure to
empty the sidekiq queues before shutting down the server for an update.

If you run your sidekiq with a custom queue configuration, please make sure to update that for the new queues.

The new queues are: `urgent, high, medium, low, default`.

338 339 340
When you upgrade to the new version, some jobs may persist in the old queues. To move them to the default queue,
so they're processed, run:

341
```
342
bin/rake migrations:legacy_queues
343 344
```

345 346
Note that this will retry all dead jobs, if you want to prevent that empty the dead queue first.

347 348
The command will report queues that still have jobs and launch sidekiq process for that queues.

349
## Refactor
350
* Improve bookmarklet [#5904](https://github.com/diaspora/diaspora/pull/5904)
351
* Update listen configuration to listen on unix sockets by default [#5974](https://github.com/diaspora/diaspora/pull/5974)
352
* Port to Bootstrap 3 [#6015](https://github.com/diaspora/diaspora/pull/6015)
353
* Use a fixed width for the mobile drawer [#6057](https://github.com/diaspora/diaspora/pull/6057)
354
* Replace jquery.autoresize with autosize [#6104](https://github.com/diaspora/diaspora/pull/6104)
355
* Improve mobile conversation design [#6087](https://github.com/diaspora/diaspora/pull/6087)
356
* Replace remaining faceboxes with Bootstrap modals [#6106](https://github.com/diaspora/diaspora/pull/6106) [#6161](https://github.com/diaspora/diaspora/pull/6161)
357
* Rewrite header using Bootstrap 3 [#6109](https://github.com/diaspora/diaspora/pull/6109) [#6130](https://github.com/diaspora/diaspora/pull/6130) [#6132](https://github.com/diaspora/diaspora/pull/6132)
358
* Use upstream CSS mappings for Entypo [#6158](https://github.com/diaspora/diaspora/pull/6158)
359
* Replace some mobile icons with Entypo [#6218](https://github.com/diaspora/diaspora/pull/6218)
360
* Refactor publisher backbone view [#6228](https://github.com/diaspora/diaspora/pull/6228)
361
* Replace MBP.autogrow with autosize on mobile [#6261](https://github.com/diaspora/diaspora/pull/6261)
362
* Improve mobile drawer transition [#6233](https://github.com/diaspora/diaspora/pull/6233)
363
* Remove unused header icons and an unused favicon  [#6283](https://github.com/diaspora/diaspora/pull/6283)
364
* Replace mobile icons for post interactions with Entypo icons [#6291](https://github.com/diaspora/diaspora/pull/6291)
365
* Replace jquery.autocomplete with typeahead.js [#6293](https://github.com/diaspora/diaspora/pull/6293)
366
* Redesign sidebars on stream pages [#6309](https://github.com/diaspora/diaspora/pull/6309)
367
* Improve ignored users styling [#6349](https://github.com/diaspora/diaspora/pull/6349)
368 369 370 371 372
* Use Blueimp image gallery instead of lightbox [#6301](https://github.com/diaspora/diaspora/pull/6301)
* Unify mobile and desktop header design [#6285](https://github.com/diaspora/diaspora/pull/6285)
* Add white background and box-shadow to stream elements [#6324](https://github.com/diaspora/diaspora/pull/6324)
* Override Bootstrap list group design [#6345](https://github.com/diaspora/diaspora/pull/6345)
* Clean up publisher code [#6336](https://github.com/diaspora/diaspora/pull/6336)
373
* Port conversations to new design [#6431](https://github.com/diaspora/diaspora/pull/6431)
374
* Hide cancel button in publisher on small screens [#6435](https://github.com/diaspora/diaspora/pull/6435)
375
* Replace mobile background with color [#6415](https://github.com/diaspora/diaspora/pull/6415)
376
* Port flash messages to backbone [#6395](https://github.com/diaspora/diaspora/pull/6395)
377
* Change login/registration/forgot password button color [#6504](https://github.com/diaspora/diaspora/pull/6504)
378
* A note regarding ignoring users was added to the failure messages on commenting/liking [#6646](https://github.com/diaspora/diaspora/pull/6646)
cmrd Senya's avatar
cmrd Senya committed
379
* Replace sidetiq with sidekiq-cron [#6616](https://github.com/diaspora/diaspora/pull/6616)
380
* Refactor mobile comment section [#6509](https://github.com/diaspora/diaspora/pull/6509)
381
* Set vertical resize as default for all textareas [#6654](https://github.com/diaspora/diaspora/pull/6654)
382
* Unifiy max-widths and page layouts [#6675](https://github.com/diaspora/diaspora/pull/6675)
383
* Enable autosizing for all textareas [#6674](https://github.com/diaspora/diaspora/pull/6674)
384
* Stream faces are gone [#6686](https://github.com/diaspora/diaspora/pull/6686)
385
* Refactor mobile javascript and add tests [#6394](https://github.com/diaspora/diaspora/pull/6394)
386
* Dropped `parent_author_signature` from relayables [#6586](https://github.com/diaspora/diaspora/pull/6586)
387
* Attached ShareVisibilities to the User, not the Contact [#6723](https://github.com/diaspora/diaspora/pull/6723)
388
* Refactor mentions input, now based on typeahead.js [#6728](https://github.com/diaspora/diaspora/pull/6728)
389
* Optimized the pod up checks [#6727](https://github.com/diaspora/diaspora/pull/6727)
390
* Prune and do not create aspect visibilities for public posts [#6732](https://github.com/diaspora/diaspora/pull/6732)
391
* Optimized mobile login and registration forms [#6764](https://github.com/diaspora/diaspora/pull/6764)
392
* Redesign stream pages [#6535](https://github.com/diaspora/diaspora/pull/6535)
393
* Improve search and mentions suggestions [#6788](https://github.com/diaspora/diaspora/pull/6788)
394
* Redesign back to top button [#6782](https://github.com/diaspora/diaspora/pull/6782)
395
* Adjusted Facebook integration for a successful review [#6778](https://github.com/diaspora/diaspora/pull/6778)
396
* Redirect to the sign-in page instead of the stream on account deletion [#6784](https://github.com/diaspora/diaspora/pull/6784)
397
* Removed own unicorn killer by a maintained third-party gem [#6792](https://github.com/diaspora/diaspora/pull/6792)
398
* Removed deprecated `REDISTOGO_URL` environment variable [#6863](https://github.com/diaspora/diaspora/pull/6863)
399
* Use Poltergeist instead of Selenium [#6768](https://github.com/diaspora/diaspora/pull/6768)
400
* Redesigned the landing page and added dedicated notes for podmins [#6268](https://github.com/diaspora/diaspora/pull/6268)
401
* Moved the entire federation implementation into its own gem. 🎉 [#6873](https://github.com/diaspora/diaspora/pull/6873)
402
* Remove `StatusMessage#raw_message` [#6921](https://github.com/diaspora/diaspora/pull/6921)
403
* Extract photo export into a service class [#6922](https://github.com/diaspora/diaspora/pull/6922)
404
* Use handlebars template for aspect membership dropdown [#6864](https://github.com/diaspora/diaspora/pull/6864)
405
* Extract relayable signatures into their own tables [#6932](https://github.com/diaspora/diaspora/pull/6932)
406
* Remove outdated columns from posts table [#6940](https://github.com/diaspora/diaspora/pull/6940)
Denys Kurets's avatar
Denys Kurets committed
407
* Remove some unused routes [#6781](https://github.com/diaspora/diaspora/pull/6781)
408
* Consolidate sidekiq queues [#6950](https://github.com/diaspora/diaspora/pull/6950)
409
* Don't re-render the whole comment stream when adding comments [#6406](https://github.com/diaspora/diaspora/pull/6406)
410
* Drop legacy invitation system [#6976](https://github.com/diaspora/diaspora/pull/6976)
411
* More consistent and updated meta tags throughout [#6998](https://github.com/diaspora/diaspora/pull/6998)
412 413 414

## Bug fixes
* Destroy Participation when removing interactions with a post [#5852](https://github.com/diaspora/diaspora/pull/5852)
415
* Improve accessibility of a couple pages [#6227](https://github.com/diaspora/diaspora/pull/6227)
416
* Capitalize "Powered by diaspora" [#6254](https://github.com/diaspora/diaspora/pull/6254)
417
* Display username and avatar for NSFW posts in mobile view [#6245](https://github.com/diaspora/diaspora/pull/6245)
418
* Prevent multiple comment boxes on mobile [#6363](https://github.com/diaspora/diaspora/pull/6363)
419
* Correctly display location in post preview [#6429](https://github.com/diaspora/diaspora/pull/6429)
420
* Do not fail when submitting an empty comment in the mobile view [#6543](https://github.com/diaspora/diaspora/pull/6543)
421
* Limit flash message width on small devices [#6529](https://github.com/diaspora/diaspora/pull/6529)
422
* Add navbar on mobile when not logged in [#6483](https://github.com/diaspora/diaspora/pull/6483)
423
* Fix timeago tooltips for reshares [#6648](https://github.com/diaspora/diaspora/pull/6648)
424
* "Getting started" is now turned off after first visit on mobile [#6681](https://github.com/diaspora/diaspora/pull/6681)
425
* Fixed a 500 when liking on mobile without JS enabled [#6683](https://github.com/diaspora/diaspora/pull/6683)
426
* Fixed profile image upload in the mobile UI [#6684](https://github.com/diaspora/diaspora/pull/6684)
427
* Fixed eye not stopping all processes when trying to exit `script/server` [#6693](https://github.com/diaspora/diaspora/pull/6693)
428
* Do not change contacts count when marking notifications on the contacts page as read [#6718](https://github.com/diaspora/diaspora/pull/6718)
429
* Fix typeahead for non-latin characters [#6741](https://github.com/diaspora/diaspora/pull/6741)
430
* Fix upload size error on mobile [#6803](https://github.com/diaspora/diaspora/pull/6803)
Jonne Haß's avatar
Jonne Haß committed
431
* Connection tester handles invalid NodeInfo implementations [#6890](https://github.com/diaspora/diaspora/pull/6890)
432
* Do not allow to change email to an already used one [#6905](https://github.com/diaspora/diaspora/pull/6905)
433
* Correctly filter mentions on the server side [#6902](https://github.com/diaspora/diaspora/pull/6902)
434
* Add aspects to the aspect membership dropdown when creating them on the getting started page [#6864](https://github.com/diaspora/diaspora/pull/6864)
435
* Strip markdown from message preview in conversations list [#6923](https://github.com/diaspora/diaspora/pull/6923)
436
* Improve tag stream performance [#6903](https://github.com/diaspora/diaspora/pull/6903)
437
* Only show mutual contacts in conversations auto suggestions [#7001](https://github.com/diaspora/diaspora/pull/7001)
438 439

## Features
440
* Support color themes [#6033](https://github.com/diaspora/diaspora/pull/6033)
441
* Add mobile services and privacy settings pages [#6086](https://github.com/diaspora/diaspora/pull/6086)
442
* Optionally make your extended profile details public [#6162](https://github.com/diaspora/diaspora/pull/6162)
443
* Add admin dashboard showing latest diaspora\* version [#6216](https://github.com/diaspora/diaspora/pull/6216)
444
* Display poll & location on mobile [#6238](https://github.com/diaspora/diaspora/pull/6238)
445
* Update counts on contacts page dynamically [#6240](https://github.com/diaspora/diaspora/pull/6240)
446
* Add support for relay based public post federation [#6207](https://github.com/diaspora/diaspora/pull/6207)
447
* Bigger mobile publisher [#6261](https://github.com/diaspora/diaspora/pull/6261)
448
* Backend information panel & health checks for known pods [#6290](https://github.com/diaspora/diaspora/pull/6290)
449
* Allow users to view a posts locations on an OpenStreetMap [#6256](https://github.com/diaspora/diaspora/pull/6256)
450
* Redesign and unify error pages [#6428](https://github.com/diaspora/diaspora/pull/6428)
451
* Redesign and refactor report admin interface [#6378](https://github.com/diaspora/diaspora/pull/6378)
452
* Add permalink icon to stream elements [#6457](https://github.com/diaspora/diaspora/pull/6457)
453
* Move reshare count to interactions for stream elements [#6487](https://github.com/diaspora/diaspora/pull/6487)
454
* Posts of ignored users are now visible on that profile page [#6617](https://github.com/diaspora/diaspora/pull/6617)
455
* Add white color theme [#6631](https://github.com/diaspora/diaspora/pull/6631)
456
* Add answer counts to poll [#6641](https://github.com/diaspora/diaspora/pull/6641)
457
* Check for collapsible posts after images in posts have loaded [#6671](https://github.com/diaspora/diaspora/pull/6671)
458
* Add reason for post report to email sent to admins [#6679](https://github.com/diaspora/diaspora/pull/6679)
459
* Add links to the single post view of the related post to photos in the photo stream [#6621](https://github.com/diaspora/diaspora/pull/6621)
460
* Add a note for people with disabled JavaScript [#6777](https://github.com/diaspora/diaspora/pull/6777)
461
* Do not include conversation subject in notification mail [#6910](https://github.com/diaspora/diaspora/pull/6910)
462
* Add 'Be excellent to each other!' to the sidebar [#6914](https://github.com/diaspora/diaspora/pull/6914)
463
* Expose Sidekiq dead queue configuration options
464
* Properly support pluralization in timeago strings [#6926](https://github.com/diaspora/diaspora/pull/6926)
465
* Return all contacts in people search [#6951](https://github.com/diaspora/diaspora/pull/6951)
466
* Make screenreaders read alerts [#6973](https://github.com/diaspora/diaspora/pull/6973)
467
* Display message when there are no posts in a stream [#6974](https://github.com/diaspora/diaspora/pull/6974)
468
* Add bootstrap-markdown editor to the publisher [#6551](https://github.com/diaspora/diaspora/pull/6551)
469
* Don't create notifications for ignored users [#6984](https://github.com/diaspora/diaspora/pull/6984)
470
* Fetch missing persons when receiving a mention for them [#6992](https://github.com/diaspora/diaspora/pull/6992)
471

Jonne Haß's avatar
Jonne Haß committed
472
# 0.5.10.2
Dennis Schubert's avatar
Dennis Schubert committed
473

Jonne Haß's avatar
Jonne Haß committed
474
Update to Rails 4.2.7.1 which fixes [CVE-2016-6316](https://groups.google.com/forum/#!topic/ruby-security-ann/8B2iV2tPRSE) and [CVE-2016-6317](https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA).
Dennis Schubert's avatar
Dennis Schubert committed
475

476 477 478 479
# 0.5.10.1

We made a mistake and removed `mysql2` from the `Gemfile.lock` in a recent gem update. Since this could cause some issues for some installations, we decided to release a hotfix.

Dennis Schubert's avatar
Dennis Schubert committed
480 481 482 483
# 0.5.10.0

## Refactor

484
* Removed the publisher from a user's photo stream due to various issues [#6851](https://github.com/diaspora/diaspora/pull/6851)
485
* Don't implicitly ignore missing templateName in app.views.Base [#6877](https://github.com/diaspora/diaspora/pull/6877)
486

Jonne Haß's avatar
Jonne Haß committed
487 488 489 490 491 492
# 0.5.9.1

Update Nokogiri to 1.6.8, which in turn updates libxml2 to 2.9.4 and libxslt to 1.1.29,
addressing a range of security issues. See https://groups.google.com/forum/#!topic/ruby-security-ann/RCHyF5K9Lbc
for more details.

Dennis Schubert's avatar
Dennis Schubert committed
493 494 495
# 0.5.9.0

## Refactor
Senya's avatar
Senya committed
496
* Remove unused mentions regex [#6810](https://github.com/diaspora/diaspora/pull/6810)
Dennis Schubert's avatar
Dennis Schubert committed
497 498

## Bug fixes
499
* Fix back to top button not appearing on Webkit browsers [#6782](https://github.com/diaspora/diaspora/pull/6782)
500
* Don't reset the notification timestamp when marking them as read [#6821](https://github.com/diaspora/diaspora/pull/6821)
Dennis Schubert's avatar
Dennis Schubert committed
501 502 503

## Features

504 505
* The sender's diaspora-ID is now shown in invitation mails [#6817](https://github.com/diaspora/diaspora/pull/6817)

506 507 508
# 0.5.8.0

## Refactor
509
* Sort tag autocompletion by tag name [#6734](https://github.com/diaspora/diaspora/pull/6734)
510
* Make account deletions faster by adding an index [#6771](https://github.com/diaspora/diaspora/pull/6771)
511 512

## Bug fixes
513 514
* Fix empty name field when editing aspect names [#6706](https://github.com/diaspora/diaspora/pull/6706)
* Fix internal server error when trying to log out of an expired session [#6707](https://github.com/diaspora/diaspora/pull/6707)
515
* Only mark unread notifications as read [#6711](https://github.com/diaspora/diaspora/pull/6711)
516
* Use https for OEmbeds [#6748](https://github.com/diaspora/diaspora/pull/6748)
517
* Fix birthday issues on leap days [#6738](https://github.com/diaspora/diaspora/pull/6738)
518 519

## Features
520
* Added the footer to conversation pages [#6710](https://github.com/diaspora/diaspora/pull/6710)
Benjamin Neff's avatar
Benjamin Neff committed
521
* Drop ChromeFrame and display an error page on old IE versions instead [#6751](https://github.com/diaspora/diaspora/pull/6751)
522

Dennis Schubert's avatar
Dennis Schubert committed
523 524
# 0.5.7.1

525 526 527 528
This security release disables post fetching for relayables. Due to an insecure implementation, fetching of root posts for relayables could allow an attacker to distribute malicious/spoofed/modified posts for any person.

Disabling the fetching will make the current federation a bit less reliable, but for a hotfix, this is the best solution. We will re-enable the fetching in 0.6.0.0 when we moved out the federation into its own library and are able to implement further validation during fetches.

529 530
# 0.5.7.0

531 532
## Refactor
* Internationalize controller rescue\_from text [#6554](https://github.com/diaspora/diaspora/pull/6554)
533
* Make mention parsing a bit more robust [#6658](https://github.com/diaspora/diaspora/pull/6658)
Dennis Schubert's avatar
Dennis Schubert committed
534
* Remove unlicensed images [#6673](https://github.com/diaspora/diaspora/pull/6673)
535
* Removed unused contacts\_title [#6687](https://github.com/diaspora/diaspora/pull/6687)
536

Steffen van Bergerem's avatar
Steffen van Bergerem committed
537
## Bug fixes
538
* Fix plural rules handling more than wanted as "one" [#6630](https://github.com/diaspora/diaspora/pull/6630)
Benjamin Neff's avatar
Benjamin Neff committed
539
* Fix `suppress_annoying_errors` eating too much errors [#6653](https://github.com/diaspora/diaspora/pull/6653)
540
* Ensure the rubyzip gem is properly loaded [#6659](https://github.com/diaspora/diaspora/pull/6659)
541
* Fix mobile registration layout after failed registration [#6677](https://github.com/diaspora/diaspora/pull/6677)
542
* Fix mirrored names when using a RTL language [#6680](https://github.com/diaspora/diaspora/pull/6680)
543
* Disable submitting a post multiple times in the mobile UI [#6682](https://github.com/diaspora/diaspora/pull/6682)
544

Steffen van Bergerem's avatar
Steffen van Bergerem committed
545
## Features
546
* Keyboard shortcuts now do work on profile pages as well [#6647](https://github.com/diaspora/diaspora/pull/6647/files)
547
* Add the podmin email address to 500 errors [#6652](https://github.com/diaspora/diaspora/pull/6652)
548

549 550
# 0.5.6.3

551 552 553
Fix evil regression caused by Active Model no longer exposing
`include_root_in_json` in instances.

Dennis Schubert's avatar
Dennis Schubert committed
554 555
# 0.5.6.2

Dennis Schubert's avatar
Dennis Schubert committed
556 557 558 559 560 561 562 563 564
* Fix [CVE-2016-0751](https://groups.google.com/forum/#!topic/rubyonrails-security/9oLY_FCzvoc) - Possible Object Leak and Denial of Service attack in Action Pack
* Fix [CVE-2015-7581](https://groups.google.com/forum/#!topic/rubyonrails-security/dthJ5wL69JE) - Object leak vulnerability for wildcard controller routes in Action Pack
* Fix [CVE-2015-7576](https://groups.google.com/forum/#!topic/rubyonrails-security/ANv0HDHEC3k) - Timing attack vulnerability in basic authentication in Action Controller
* Fix [CVE-2016-0752](https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00) - Possible Information Leak Vulnerability in Action View
* Fix [CVE-2016-0753](https://groups.google.com/forum/#!topic/rubyonrails-security/6jQVC1geukQ) - Possible Input Validation Circumvention in Active Model
* Fix [CVE-2015-7577](https://groups.google.com/forum/#!topic/rubyonrails-security/cawsWcQ6c8g) - Nested attributes rejection proc bypass in Active Record
* Fix [CVE-2015-7579](https://groups.google.com/forum/#!topic/rubyonrails-security/OU9ugTZcbjc) - XSS vulnerability in rails-html-sanitizer
* Fix [CVE-2015-7578](https://groups.google.com/forum/#!topic/rubyonrails-security/uh--W4TDwmI) - Possible XSS vulnerability in rails-html-sanitizer

Dennis Schubert's avatar
Dennis Schubert committed
565 566
# 0.5.6.1

Dennis Schubert's avatar
Dennis Schubert committed
567
* Fix Nokogiri CVE-2015-7499
Dennis Schubert's avatar
Dennis Schubert committed
568
* Fix unsafe "Remember me" cookies in Devise
Dennis Schubert's avatar
Dennis Schubert committed
569

Jonne Haß's avatar
Jonne Haß committed
570
# 0.5.6.0
Dennis Schubert's avatar
Dennis Schubert committed
571 572

## Refactor
573
* Add more integration tests with the help of the new diaspora-federation gem [#6539](https://github.com/diaspora/diaspora/pull/6539)
Dennis Schubert's avatar
Dennis Schubert committed
574

Jonne Haß's avatar
Jonne Haß committed
575
## Bug fixes
576
* Fix mention autocomplete when pasting the username [#6510](https://github.com/diaspora/diaspora/pull/6510)
577
* Use and update updated\_at for notifications [#6573](https://github.com/diaspora/diaspora/pull/6573)
578 579
* Ensure the author signature is checked when receiving a relayable [#6539](https://github.com/diaspora/diaspora/pull/6539)
* Do not try to display hovercards when logged out [#6587](https://github.com/diaspora/diaspora/pull/6587)
Jonne Haß's avatar
Jonne Haß committed
580 581 582

## Features

583 584
* Display hovercards without aspect dropdown when logged out [#6603](https://github.com/diaspora/diaspora/pull/6603)
* Add media.ccc.de as a trusted oEmbed endpoint
585

586 587 588
# 0.5.5.1

* Fix XSS on profile pages
Dennis Schubert's avatar
Dennis Schubert committed
589
* Bump nokogiri to fix several libxml2 CVEs, see http://www.ubuntu.com/usn/usn-2834-1/
590

Dennis Schubert's avatar
Dennis Schubert committed
591 592 593
# 0.5.5.0

## Bug fixes
594
* Redirect to sign in page when a background request fails with 401 [#6496](https://github.com/diaspora/diaspora/pull/6496)
595
* Correctly skip setting sidekiq logfile on Heroku [#6500](https://github.com/diaspora/diaspora/pull/6500)
596
* Fix notifications for interactions by non-contacts [#6498](https://github.com/diaspora/diaspora/pull/6498)
597
* Fix issue where the publisher was broken on profile pages [#6503](https://github.com/diaspora/diaspora/pull/6503)
598
* Prevent participations being created for invalid interactions [#6552](https://github.com/diaspora/diaspora/pull/6552)
599
* Improve federation for reshare related interactions [#6481](https://github.com/diaspora/diaspora/pull/6481)
Dennis Schubert's avatar
Dennis Schubert committed
600

601 602 603
# 0.5.4.0

## Refactor
604
*  Improve infinite scroll triggering [#6451](https://github.com/diaspora/diaspora/pull/6451)
605 606

## Bug fixes
607
* Skip first getting started step if it looks done already [#6456](https://github.com/diaspora/diaspora/pull/6456)
608
* Normalize new followed tags and insert them alphabetically [#6454](https://github.com/diaspora/diaspora/pull/6454)
609
* Add avatar fallback for notification dropdown [#6463](https://github.com/diaspora/diaspora/pull/6463)
610
* Improve handling of j/k hotkeys [#6462](https://github.com/diaspora/diaspora/pull/6462)
611
* Fix JS error caused by hovercards [6480](https://github.com/diaspora/diaspora/pull/6480)
612 613 614

## Features
* Show spinner on initial stream load [#6384](https://github.com/diaspora/diaspora/pull/6384)
615
* Add new moderator role. Moderators can view and act on reported posts [#6351](https://github.com/diaspora/diaspora/pull/6351)
Jonne Haß's avatar
Jonne Haß committed
616
* Only post to the primary tumblr blog [#6386](https://github.com/diaspora/diaspora/pull/6386)
617
* Always show public photos on profile page [#6398](https://github.com/diaspora/diaspora/pull/6398)
618
* Expose Unicorn's pid option to our configuration system [#6411](https://github.com/diaspora/diaspora/pull/6411)
Steffen van Bergerem's avatar
Steffen van Bergerem committed
619
* Add stream of all public posts [#6465](https://github.com/diaspora/diaspora/pull/6465)
620
* Reload stream when clicking on already active one [#6466](https://github.com/diaspora/diaspora/pull/6466)
621
* Sign in user before evaluating post visibility [#6490](https://github.com/diaspora/diaspora/pull/6490)
622

Jonne Haß's avatar
Jonne Haß committed
623 624 625 626 627
# 0.5.3.1

Fix a leak of potentially private profile data to unauthorized users who were sharing with the person
and on a pod that received that data.

Jonne Haß's avatar
Jonne Haß committed
628 629 630
# 0.5.3.0

## Refactor
Steffen van Bergerem's avatar
Steffen van Bergerem committed
631
* Drop broken correlations from the admin pages [#6223](https://github.com/diaspora/diaspora/pull/6223)
632
* Extract PostService from PostsController [#6208](https://github.com/diaspora/diaspora/pull/6208)
633
* Drop outdated/unused mbp-respond.min.js and mbp-modernizr-custom.js [#6257](https://github.com/diaspora/diaspora/pull/6257)
Mikica Ivosevic's avatar
Mikica Ivosevic committed
634
* Refactor ApplicationController#after\_sign\_out\_path\_for [#6258](https://github.com/diaspora/diaspora/pull/6258)
635
* Extract StatusMessageService from StatusMessagesController [#6280](https://github.com/diaspora/diaspora/pull/6280)
636
* Refactor HomeController#toggle\_mobile [#6260](https://github.com/diaspora/diaspora/pull/6260)
637
* Extract CommentService from CommentsController [#6307](https://github.com/diaspora/diaspora/pull/6307)
638
* Extract user/profile discovery into the diaspora\_federation-rails gem [#6310](https://github.com/diaspora/diaspora/pull/6310)
639
* Refactor PostPresenter [#6315](https://github.com/diaspora/diaspora/pull/6315)
640
* Convert BackToTop to a backbone view [#6279](https://github.com/diaspora/diaspora/pull/6279) and [#6360](https://github.com/diaspora/diaspora/pull/6360)
641
* Automatically follow the new HQ-Account [#6369](https://github.com/diaspora/diaspora/pull/6369)
Jonne Haß's avatar
Jonne Haß committed
642 643

## Bug fixes
644
* Fix indentation and a link title on the default home page [#6212](https://github.com/diaspora/diaspora/pull/6212)
645
* Bring peeping Tom on the 404 page back [#6226](https://github.com/diaspora/diaspora/pull/6226)
646
* Fix mobile photos index page [#6243](https://github.com/diaspora/diaspora/pull/6243)
647
* Fix conversations view with no contacts [#6266](https://github.com/diaspora/diaspora/pull/6266)
648
* Links in the left sidebar are now clickable on full width [#6267](https://github.com/diaspora/diaspora/pull/6267)
649
* Guard against passing nil into person\_image\_tag [#6286](https://github.com/diaspora/diaspora/pull/6286)
650
* Prevent Handlebars from messing up indentation of pre tags [#6339](https://github.com/diaspora/diaspora/pull/6339)
651
* Fix pagination design on notifications page [#6364](https://github.com/diaspora/diaspora/pull/6364)
Jonne Haß's avatar
Jonne Haß committed
652 653 654

## Features

655
* Implement NodeInfo [#6239](https://github.com/diaspora/diaspora/pull/6239)
656
* Display original author on reshares of NSFW posts [#6270](https://github.com/diaspora/diaspora/pull/6270)
657
* Use avatars in hovercards as links to the profile [#6297](https://github.com/diaspora/diaspora/pull/6297)
658
* Remove avatars of ignored users from stream faces [#6320](https://github.com/diaspora/diaspora/pull/6320)
augier's avatar
augier committed
659
* New /m route to force the mobile view [#6354](https://github.com/diaspora/diaspora/pull/6354)
660

661 662
# 0.5.2.0

663
## Refactor
664
* Update perfect-scrollbar [#6085](<