X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=CHANGELOG.md;h=33feac2096c173645b5c3a400e7d191e16a0edaf;hb=b6b53143fcbc5834d8c06399630fa86a2586a030;hp=c63337ffbe1f1654ccfbd962198e788bd52fff28;hpb=22ff7414e9f4e0ae2f71fa753df0a1499f598012;p=github%2Fshaarli%2FShaarli.git diff --git a/CHANGELOG.md b/CHANGELOG.md index c63337ff..33feac20 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,13 +4,102 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/). +## [v0.9.2](https://github.com/shaarli/Shaarli/releases/tag/v0.9.2) - 2017-10-07 + +**Major security issue fixed. Please update.** + +### Added +- Tag search now supports wildcards `*` +- New setting `privacy.force_login` which can be used with `privacy.hide_public_links` to redirect anonymous users to the login page. +- New setting `general.default_note_title` used to override default `Note:` title prefix for notes. +- Add a version hash for asset loading to prevent browser's cache issue + +### Changed +- The "Remember me" checkbox is unchecked by default +- The default value of the "Remember me" checkbox can be configured under `data/config.json.php` + +### Removed +- Remove obsolete PHP magic quote support + +### Fixed +- Generates a permalink URL if the URL is set to blank +- Replace links to the old GitHub wiki with ReadTheDocs URIs +- Use single quotes in the note bookmarklet +- Daily page if there is no link +- Bulk link deletion with a single link +- HTTPS detection behind a reverse proxy +- Travis tests environment and localization +- Improve template paths robustness (trailing slash) +- Robustness: safer gzinflate/zlib usage +- Description links parsing with parenthesis (without Markdown) +- Templates: + - Sort the tag cloud alphabetically + - Firefox social title + - Improved visited link color + - Fix jumpy textarea with long content in post edit + +### Security + +- Fixed reflected XSS vulnerability introduced in v0.9.1, discovered by @chb9 ([CVE-2017-15215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15215)). + +## [v0.9.1](https://github.com/shaarli/Shaarli/releases/tag/v0.9.1) - 2017-08-23 + +The documentation has been migrated to ReadTheDocs: +- https://shaarli.readthedocs.io/ +- edits are submitted as pull requests + +### Added +- Allow bulk link deletion +- Display subtags in the tag cloud +- Add an endpoint to refresh the token +- Add a token on every page +- Add a tag list view for management +- Add Note bookmarklet +- Add creation date when editing a link + +### Changed +- Documentation: + - Generate static HTML documentation with [mkdocs](http://www.mkdocs.org/) + - Host documentation on [ReadTheDocs](http://www.mkdocs.org/) + - Update documentation structure + - Update Makefile targets to: + - Build the docs locally + - Include the generated docs in the release archives +- Theme: + - Use the new theme as the default + - Rename the tag cloud template to `tag.cloud.html` + - Display visited links in grey + - Use only one search form in `linklist.html` + - Hide the "search links with these tags" option when an empty `searchtags` is passed to `tag.list.html` +- Improve HTTP header handling when hosting Shaarli with Docker behind a reverse proxy +- Searching for tags with an empty value returns untagged links only +- Set Travis environment to `precise` until the new `trusty` environment is ready + +### Removed +- Remove dead Pubsubhubbub code +- Disable the GitHub wiki (see changed/documentation) +- Remove Docker `dev` image and resources +- Theme: + - Remove the bottom "Sort by" menu in `tag.list.html` + +### Fixed +- Fix file existence check for `user.css` +- Limit selection to 2k characters when using the bookmarklet +- Fix JS error `uncaught type error` +- Fix Firefox Social button +- Use pinned PHP dependencies when generating release archives +- Make sure that the tag exists before altering/removing it + +### Security +- Add a whitelist for protocols for URLs + ## [v0.9.0](https://github.com/shaarli/Shaarli/releases/tag/v0.9.0) - 2017-05-07 This release introduces the REST API, and requires updating HTTP server configuration to enable URL rewriting, see: - https://shaarli.github.io/api-documentation/ -- https://github.com/shaarli/Shaarli/wiki/Server-configuration +- https://shaarli.readthedocs.io/en/master/Server-configuration/ **WARNING**: Shaarli now requires PHP 5.5+.