diff options
author | ArthurHoaro <arthur@hoa.ro> | 2018-07-28 11:07:55 +0200 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2018-07-28 11:07:55 +0200 |
commit | 83faedadff76c5bdca036f39f13943f63b27e164 (patch) | |
tree | 6f44cede16ec6a60f10b9699e211e0818f06d2c8 /CHANGELOG.md | |
parent | 1d9eb22a3df85b67fe6652c0876cd7382c2fb525 (diff) | |
parent | 658988f3aeba7a5a938783249ccf2765251e5597 (diff) | |
download | Shaarli-83faedadff76c5bdca036f39f13943f63b27e164.tar.gz Shaarli-83faedadff76c5bdca036f39f13943f63b27e164.tar.zst Shaarli-83faedadff76c5bdca036f39f13943f63b27e164.zip |
Merge tag 'v0.9.7' into stable
Release v0.9.7
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r-- | CHANGELOG.md | 259 |
1 files changed, 251 insertions, 8 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index a945715d..9c1581d4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md | |||
@@ -4,6 +4,179 @@ All notable changes to this project will be documented in this file. | |||
4 | The format is based on [Keep a Changelog](http://keepachangelog.com/) | 4 | The format is based on [Keep a Changelog](http://keepachangelog.com/) |
5 | and this project adheres to [Semantic Versioning](http://semver.org/). | 5 | and this project adheres to [Semantic Versioning](http://semver.org/). |
6 | 6 | ||
7 | ## [v0.9.7](https://github.com/shaarli/Shaarli/releases/tag/v0.9.7) - 2018-06-20 | ||
8 | ### Changed | ||
9 | - Build the Docker images from the local Git sources | ||
10 | |||
11 | |||
12 | ## [v0.9.6](https://github.com/shaarli/Shaarli/releases/tag/v0.9.6) - 2018-03-25 | ||
13 | ### Changed | ||
14 | - htaccess: prevent accessing resources not managed by SCM | ||
15 | - htaccess: always forward the 'Authorization' HTTP header | ||
16 | |||
17 | |||
18 | ## [v0.9.5](https://github.com/shaarli/Shaarli/releases/tag/v0.9.5) - 2018-02-02 | ||
19 | ### Fixed | ||
20 | - Fix a warning happening when `php-intl` is not installed on the system | ||
21 | - Fix warnings happening when updating from legacy SebSauvage version | ||
22 | |||
23 | ## [v0.9.4](https://github.com/shaarli/Shaarli/releases/tag/v0.9.4) - 2018-01-30 | ||
24 | ### Added | ||
25 | - Enable translations: Shaarli is now also available in French. Other language translations are welcome! | ||
26 | - Add EditorConfig configuration | ||
27 | - Add favicons for mobile devices | ||
28 | - Add Alpine Linux arm32v7 Dockerfiles (master, latest) | ||
29 | |||
30 | ### Changed | ||
31 | - Do not write bookmark edition history during file imports (performance) | ||
32 | - Migrate Docker images (master, latest) to Alpine Linux | ||
33 | - Improve unitary tests and code coverage | ||
34 | - Improve thumbnail display | ||
35 | - Improve theme ergonomics | ||
36 | - Improve messages if there is no plugin or parameter available in the admin page | ||
37 | - Increase buffer size for cURL download | ||
38 | - Force HTTPS if the original port is 443 behind a reverse proxy (workaround) | ||
39 | - Improve page title retrieval performances | ||
40 | |||
41 | ### Removed | ||
42 | - Remove redirector setting from Configure page | ||
43 | |||
44 | ### Fixed | ||
45 | - Fix broken links in the documentation | ||
46 | - Enable access to `data/user.css` (Apache 2.2 & 2.4) | ||
47 | - Don't URL encode description links if parameter `redirector.encode_url` is set to false | ||
48 | - Fix an issue preventing the Save button to appear for plugin parameters | ||
49 | |||
50 | |||
51 | ## [v0.9.3](https://github.com/shaarli/Shaarli/releases/tag/v0.9.3) - 2018-01-04 | ||
52 | **XSS vulnerability fixed. Please update.** | ||
53 | |||
54 | ## Security | ||
55 | - Fix an XSS (cross-site-scripting) vulnerability in `index.php` - | ||
56 | [CVE-2018-5249](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5249) | ||
57 | |||
58 | |||
59 | ## [v0.9.2](https://github.com/shaarli/Shaarli/releases/tag/v0.9.2) - 2017-10-07 | ||
60 | |||
61 | **Major security issue fixed. Please update.** | ||
62 | |||
63 | ### Added | ||
64 | - Tag search now supports wildcards `*` | ||
65 | - New setting `privacy.force_login` which can be used with `privacy.hide_public_links` to redirect anonymous users to the login page. | ||
66 | - New setting `general.default_note_title` used to override default `Note:` title prefix for notes. | ||
67 | - Add a version hash for asset loading to prevent browser's cache issue | ||
68 | |||
69 | ### Changed | ||
70 | - The "Remember me" checkbox is unchecked by default | ||
71 | - The default value of the "Remember me" checkbox can be configured under `data/config.json.php` | ||
72 | |||
73 | ### Removed | ||
74 | - Remove obsolete PHP magic quote support | ||
75 | |||
76 | ### Fixed | ||
77 | - Generates a permalink URL if the URL is set to blank | ||
78 | - Replace links to the old GitHub wiki with ReadTheDocs URIs | ||
79 | - Use single quotes in the note bookmarklet | ||
80 | - Daily page if there is no link | ||
81 | - Bulk link deletion with a single link | ||
82 | - HTTPS detection behind a reverse proxy | ||
83 | - Travis tests environment and localization | ||
84 | - Improve template paths robustness (trailing slash) | ||
85 | - Robustness: safer gzinflate/zlib usage | ||
86 | - Description links parsing with parenthesis (without Markdown) | ||
87 | - Templates: | ||
88 | - Sort the tag cloud alphabetically | ||
89 | - Firefox social title | ||
90 | - Improved visited link color | ||
91 | - Fix jumpy textarea with long content in post edit | ||
92 | |||
93 | ### Security | ||
94 | |||
95 | - Fixed reflected XSS vulnerability introduced in v0.9.1, discovered by @chb9 ([CVE-2017-15215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15215)). | ||
96 | |||
97 | |||
98 | ## [v0.9.1](https://github.com/shaarli/Shaarli/releases/tag/v0.9.1) - 2017-08-23 | ||
99 | |||
100 | The documentation has been migrated to ReadTheDocs: | ||
101 | - https://shaarli.readthedocs.io/ | ||
102 | - edits are submitted as pull requests | ||
103 | |||
104 | ### Added | ||
105 | - Allow bulk link deletion | ||
106 | - Display subtags in the tag cloud | ||
107 | - Add an endpoint to refresh the token | ||
108 | - Add a token on every page | ||
109 | - Add a tag list view for management | ||
110 | - Add Note bookmarklet | ||
111 | - Add creation date when editing a link | ||
112 | |||
113 | ### Changed | ||
114 | - Documentation: | ||
115 | - Generate static HTML documentation with [mkdocs](http://www.mkdocs.org/) | ||
116 | - Host documentation on [ReadTheDocs](http://www.mkdocs.org/) | ||
117 | - Update documentation structure | ||
118 | - Update Makefile targets to: | ||
119 | - Build the docs locally | ||
120 | - Include the generated docs in the release archives | ||
121 | - Theme: | ||
122 | - Use the new theme as the default | ||
123 | - Rename the tag cloud template to `tag.cloud.html` | ||
124 | - Display visited links in grey | ||
125 | - Use only one search form in `linklist.html` | ||
126 | - Hide the "search links with these tags" option when an empty `searchtags` is passed to `tag.list.html` | ||
127 | - Improve HTTP header handling when hosting Shaarli with Docker behind a reverse proxy | ||
128 | - Searching for tags with an empty value returns untagged links only | ||
129 | - Set Travis environment to `precise` until the new `trusty` environment is ready | ||
130 | |||
131 | ### Removed | ||
132 | - Remove dead Pubsubhubbub code | ||
133 | - Disable the GitHub wiki (see changed/documentation) | ||
134 | - Remove Docker `dev` image and resources | ||
135 | - Theme: | ||
136 | - Remove the bottom "Sort by" menu in `tag.list.html` | ||
137 | |||
138 | ### Fixed | ||
139 | - Fix file existence check for `user.css` | ||
140 | - Limit selection to 2k characters when using the bookmarklet | ||
141 | - Fix JS error `uncaught type error` | ||
142 | - Fix Firefox Social button | ||
143 | - Use pinned PHP dependencies when generating release archives | ||
144 | - Make sure that the tag exists before altering/removing it | ||
145 | |||
146 | ### Security | ||
147 | - Add a whitelist for protocols for URLs | ||
148 | |||
149 | |||
150 | ## [v0.9.0](https://github.com/shaarli/Shaarli/releases/tag/v0.9.0) - 2017-05-07 | ||
151 | |||
152 | This release introduces the REST API, and requires updating HTTP server | ||
153 | configuration to enable URL rewriting, see: | ||
154 | - https://shaarli.github.io/api-documentation/ | ||
155 | - https://shaarli.readthedocs.io/en/master/Server-configuration/ | ||
156 | |||
157 | **WARNING**: Shaarli now requires PHP 5.5+. | ||
158 | |||
159 | ### Added | ||
160 | - REST API v1 | ||
161 | - [Slim](https://www.slimframework.com/) framework | ||
162 | - [JSON Web Token](https://jwt.io/introduction/) (JWT) authentication | ||
163 | - versioned API endpoints: | ||
164 | - `/api/v1/info`: get general information on the Shaarli instance | ||
165 | - `/api/v1/links`: get a list of shaared links | ||
166 | - `/api/v1/history`: get a list of latest actions | ||
167 | Theming: | ||
168 | - Introduce a new theme | ||
169 | - Allow selecting themes/templates from the configuration page | ||
170 | - New/Edit link form can be submitted using CTRL+Enter in the textarea | ||
171 | - Shaarli version is displayed in the footer when logged in | ||
172 | - Add plugin placeholders to Atom/RSS feed templates | ||
173 | - Add OpenSearch to feed templates | ||
174 | - Add `campaign_` to the URL cleanup pattern list | ||
175 | - Add an AUTHORS file and Makefile target to list authors from Git commit data | ||
176 | - Link imports are now logged in `data/` folder, and can be debug using `dev.debug=true` setting. | ||
177 | - `composer.lock` is now included in git file to allow proper `composer install` | ||
178 | - History mechanism which logs link addition/modification/deletion | ||
179 | |||
7 | ## [v0.8.7](https://github.com/shaarli/Shaarli/releases/tag/v0.8.7) - 2018-06-20 | 180 | ## [v0.8.7](https://github.com/shaarli/Shaarli/releases/tag/v0.8.7) - 2018-06-20 |
8 | ### Changed | 181 | ### Changed |
9 | - Build the Docker image from the local Git sources | 182 | - Build the Docker image from the local Git sources |
@@ -11,9 +184,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/). | |||
11 | ### Removed | 184 | ### Removed |
12 | - Disable PHP 5.3 Travis build (unsupported) | 185 | - Disable PHP 5.3 Travis build (unsupported) |
13 | 186 | ||
14 | |||
15 | ## [v0.8.6](https://github.com/shaarli/Shaarli/releases/tag/v0.8.6) - 2018-02-19 | 187 | ## [v0.8.6](https://github.com/shaarli/Shaarli/releases/tag/v0.8.6) - 2018-02-19 |
16 | ### Changed | 188 | ### Changed |
189 | <<<<<<< HEAD | ||
17 | - Run version check tests against the 'stable' branch | 190 | - Run version check tests against the 'stable' branch |
18 | 191 | ||
19 | 192 | ||
@@ -37,14 +210,80 @@ and this project adheres to [Semantic Versioning](http://semver.org/). | |||
37 | - PHP 7.1 compatibility: add ConfigManager parameter to anti-bruteforce function call in login template. | 210 | - PHP 7.1 compatibility: add ConfigManager parameter to anti-bruteforce function call in login template. |
38 | 211 | ||
39 | ## [v0.8.2](https://github.com/shaarli/Shaarli/releases/tag/v0.8.2) - 2016-12-15 | 212 | ## [v0.8.2](https://github.com/shaarli/Shaarli/releases/tag/v0.8.2) - 2016-12-15 |
213 | ======= | ||
214 | - Docker: enable nginx URL rewriting for the REST API | ||
215 | - Theming: | ||
216 | - Move `user.css` to the `data` folder | ||
217 | - Move default template files to a subfolder (`default`) | ||
218 | - Rename the legacy theme to `vintage` | ||
219 | - Private only filter is now displayed as a search parameter | ||
220 | - Autocomplete: pre-select the first element | ||
221 | - Display daily date in the page title (browser title) | ||
222 | - Timezone lists are now passed as an array instead of raw HTML | ||
223 | - Move PubSubHub to a dedicated plugin | ||
224 | - Coding style: | ||
225 | - explicit method visibility | ||
226 | - safe boolean comparisons | ||
227 | - remove unused variables | ||
228 | - The updater now keeps custom theme preferences | ||
229 | - Simplify the COPYING information | ||
230 | - Improved client locale detection | ||
231 | - Improved date time display depending on the locale | ||
232 | - Partial namespace support for Shaarli classes | ||
233 | - Shaarli version is now only present in `shaarli_version.php` | ||
234 | - Human readable maximum file size upload | ||
235 | >>>>>>> v0.9.7 | ||
236 | |||
237 | |||
238 | ### Removed | ||
239 | - PHP < 5.5 compatibility | ||
240 | - ReadItYourself plugin | ||
241 | |||
242 | ### Fixed | ||
243 | - Ignore generated release tarballs | ||
244 | - Hide default port when behind a reverse proxy | ||
245 | - Fix a typo in the Markdown plugin description | ||
246 | - Fix the presence of empty tags for private tags and in search results | ||
247 | - Fix a fatal error during the install | ||
248 | - Fix permalink image alignment in daily page | ||
249 | - Fix the delete button in `editlink` | ||
250 | - Fix redirection after link deletion | ||
251 | - Do not access LinkDB links by ID before the Updater applies migrations | ||
252 | - Remove extra spaces in the bookmarklet's name | ||
253 | - Piwik plugin: Piwik URL protocol can now be set (http or https) | ||
254 | - All inline JS has been moved to dedicated JS files | ||
255 | - Keep tags after login redirection | ||
40 | 256 | ||
257 | ### Security | ||
258 | - Markdown plugin: escape HTML entities by default | ||
259 | |||
260 | |||
261 | ## [v0.8.5](https://github.com/shaarli/Shaarli/releases/tag/v0.8.5) - 2018-01-04 | ||
262 | **XSS vulnerability fixed. Please update.** | ||
263 | |||
264 | ## Security | ||
265 | - Fix an XSS (cross-site-scripting) vulnerability in `index.php` - | ||
266 | [CVE-2018-5249](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5249) | ||
267 | |||
268 | ## [v0.8.4](https://github.com/shaarli/Shaarli/releases/tag/v0.8.4) - 2017-03-04 | ||
269 | ### Security | ||
270 | - Markdown plugin: escape HTML entities by default | ||
271 | |||
272 | ## [v0.8.3](https://github.com/shaarli/Shaarli/releases/tag/v0.8.3) - 2017-01-20 | ||
41 | ### Fixed | 273 | ### Fixed |
274 | - PHP 7.1 compatibility: add ConfigManager parameter to anti-bruteforce function call in login template. | ||
42 | 275 | ||
276 | <<<<<<< HEAD | ||
277 | ======= | ||
278 | ## [v0.8.2](https://github.com/shaarli/Shaarli/releases/tag/v0.8.2) - 2016-12-15 | ||
279 | ### Fixed | ||
280 | |||
281 | >>>>>>> v0.9.7 | ||
43 | - Editing a link created before the new ID system would change its permalink. | 282 | - Editing a link created before the new ID system would change its permalink. |
44 | 283 | ||
45 | ## [v0.8.1](https://github.com/shaarli/Shaarli/releases/tag/v0.8.1) - 2016-12-12 | 284 | ## [v0.8.1](https://github.com/shaarli/Shaarli/releases/tag/v0.8.1) - 2016-12-12 |
46 | 285 | ||
47 | > Note: this version will create an automatic backup of your database if anything goes wrong. | 286 | > Note: this version will create an automatic backup of your database if anything goes wrong. |
48 | 287 | ||
49 | ### Added | 288 | ### Added |
50 | - Add CHANGELOG.md to track the whole project's history | 289 | - Add CHANGELOG.md to track the whole project's history |
@@ -61,7 +300,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/). | |||
61 | - Link ID complete refactoring: | 300 | - Link ID complete refactoring: |
62 | - Links now have a numeric ID instead of dates | 301 | - Links now have a numeric ID instead of dates |
63 | - Short URLs are now created once and can't change over time (previous URL are kept) | 302 | - Short URLs are now created once and can't change over time (previous URL are kept) |
64 | - Templates: | 303 | - Templates: |
65 | - Changed placeholder behaviour for: `buttons_toolbar`, `fields_toolbar` and `action_plugin` | 304 | - Changed placeholder behaviour for: `buttons_toolbar`, `fields_toolbar` and `action_plugin` |
66 | - Cleanup `{loop}` declarations in templates | 305 | - Cleanup `{loop}` declarations in templates |
67 | - Tools: hide Firefox Social button when not in HTTPS | 306 | - Tools: hide Firefox Social button when not in HTTPS |
@@ -79,7 +318,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/). | |||
79 | - Plugins: | 318 | - Plugins: |
80 | - Tools: only display parameter description when it exists | 319 | - Tools: only display parameter description when it exists |
81 | - archive.org: do not propose archival of private notes | 320 | - archive.org: do not propose archival of private notes |
82 | - Markdown: | 321 | - Markdown: |
83 | - render links properly in code blocks | 322 | - render links properly in code blocks |
84 | - bug regarding the `nomarkdown` tag | 323 | - bug regarding the `nomarkdown` tag |
85 | - W3C compliance | 324 | - W3C compliance |
@@ -127,6 +366,10 @@ Please use our release archives, or follow the | |||
127 | - XSRF token now generated each time a page is rendered | 366 | - XSRF token now generated each time a page is rendered |
128 | 367 | ||
129 | 368 | ||
369 | ## [v0.7.1](https://github.com/shaarli/Shaarli/releases/tag/v0.7.1) - 2017-03-08 | ||
370 | ### Security | ||
371 | - Markdown plugin: escape HTML entities by default | ||
372 | |||
130 | ## [v0.7.0](https://github.com/shaarli/Shaarli/releases/tag/v0.7.0) - 2016-05-14 | 373 | ## [v0.7.0](https://github.com/shaarli/Shaarli/releases/tag/v0.7.0) - 2016-05-14 |
131 | ### Added | 374 | ### Added |
132 | - Adds an option to encode redirector URL parameter | 375 | - Adds an option to encode redirector URL parameter |
@@ -214,7 +457,7 @@ Please use our release archives, or follow the | |||
214 | ### Fixed | 457 | ### Fixed |
215 | - Fix a bug where renaming a tag was causing a 404 | 458 | - Fix a bug where renaming a tag was causing a 404 |
216 | - Fix a bug allowing to search blank terms | 459 | - Fix a bug allowing to search blank terms |
217 | - Fix a bug preventing to remove a tag with special chars when searching | 460 | - Fix a bug preventing to remove a tag with special chars when searching |
218 | 461 | ||
219 | 462 | ||
220 | ## [v0.6.2](https://github.com/shaarli/Shaarli/releases/tag/v0.6.2) - 2015-12-23 | 463 | ## [v0.6.2](https://github.com/shaarli/Shaarli/releases/tag/v0.6.2) - 2015-12-23 |
@@ -520,7 +763,7 @@ Initial release on GitHub. | |||
520 | - When you click the key to see only private links, it turns yellow | 763 | - When you click the key to see only private links, it turns yellow |
521 | 764 | ||
522 | ### Changed | 765 | ### Changed |
523 | - The "Daily" page now automatically skips empty days. | 766 | - The "Daily" page now automatically skips empty days. |
524 | 767 | ||
525 | ### Fixed | 768 | ### Fixed |
526 | - Corrected the tag encoding (there was a bug when selecting a second tag which contains accented characters) | 769 | - Corrected the tag encoding (there was a bug when selecting a second tag which contains accented characters) |
@@ -818,7 +1061,7 @@ Initial release on GitHub. | |||
818 | - Nicer timezone selection patch by killruana | 1061 | - Nicer timezone selection patch by killruana |
819 | 1062 | ||
820 | ### Fixed | 1063 | ### Fixed |
821 | - New lines now appear correctly in the RSS feed descriptions. | 1064 | - New lines now appear correctly in the RSS feed descriptions. |
822 | 1065 | ||
823 | 1066 | ||
824 | ## [v0.0.17beta](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history) | 1067 | ## [v0.0.17beta](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history) |
@@ -872,7 +1115,7 @@ Initial release on GitHub. | |||
872 | ## [v0.0.14beta](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history) | 1115 | ## [v0.0.14beta](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history) |
873 | ### Added | 1116 | ### Added |
874 | - You no longer need to disable `magic_quotes` on your host. | 1117 | - You no longer need to disable `magic_quotes` on your host. |
875 | Shaarli will cope with this option beeing activated. | 1118 | Shaarli will cope with this option beeing activated. |
876 | 1119 | ||
877 | 1120 | ||
878 | ## [v0.0.13beta](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history) | 1121 | ## [v0.0.13beta](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history) |