aboutsummaryrefslogtreecommitdiffstats
path: root/CHANGELOG
diff options
context:
space:
mode:
Diffstat (limited to 'CHANGELOG')
-rw-r--r--CHANGELOG397
1 files changed, 397 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 642506016..e547e1fbe 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,400 @@
+Hubzilla 2.8 (????-??-??)
+ - Redirect to be moderated items to /moderate
+ - Update notifications if notifications area remains open
+ - Create an actual logout module instead of relying on internal variables
+ - Add local_channel as a comanche condition variable
+ - Implement possibility to pin app-tray apps in the navbar via app category navbar_default
+ - Introduce custom navbars
+ - Re-implement single delivery
+ - Pdledit usability improvements
+ - Implement next generation notifications in right aside
+ - Implement single post view for /pubstream
+ - Make anonymous comments work in mod display
+ - Introduce notifications for unseen public stream posts (off by default)
+ - Preperatory work on Zot VI
+ - Add app for site admin
+ - Introduce experimental alternate channel_menu navigation (off by default)
+ - Introduce notifications for shared files
+ - Bring back notifications for account approvals
+ - Urlencode hashes from mod_acl
+ - Don't use chanlink_url() for feed mentions
+ - Design common friends widget to fit better in the app and move it to left aside
+ - Allow navbar to be used when cover photo is displayed in mod channel
+ - Implement admin setting to use imagick converter for large photos
+ - Process activity deletes from OStatus which for whatever reason do not use the industry standard tombstone mechanism
+ - Implement new css based spinner
+ - Move the link header initialisation from Router to Webserver
+ ⁻ Extend activity_match() to work with arrays
+ - Updated the trusted CA cert database
+ - Ostatus - support likes of comments
+ - Provide ability to mention a forum by using !forumname as well as the traditional red style (@forumname+)
+ - Encrypt delivery reports (not backward compatible)
+ - Provide a space between link header params (draft-cavage-http-signatures-08)
+ - Turn common_friends into a widget
+ - Update to jquery-3.2.1
+ - Wiki pages sorted by name
+ - Create new hooks for permissions_accept and permissions_reject
+ - Provide rel=alternate link if no reshare content in post
+ - Add remote login button to login page
+ - DB update to add index to item.resource_id
+ - Implement wiki editing (name and acl)
+ - Provide a hook for importing a channel photo at channel creation time
+ - Implement wiki mimetype lock
+ - Bring back wiki downloads
+ - Add text/plain mimetype to wiki
+ - Implement per page mimetype selection for wikis
+ - Added english context help for apps and appman
+ - Implement owa (open web auth)
+ - Ignore diaspora_meta column on item import
+ - Check code permissions on cloud files
+ - Remove period from characters allowed in username
+ - Make comment highlighting more reliable
+ - Sign zot-info packets with httpsignatures
+ - Implement server to server magic auth
+ - Provide support for json-ld signatures
+ - Rewrite comment form open/close handling to be more reliable
+ - Radically reduce code duplication in updateConvItems()
+ - Remove discover tab in favour of the public stream app
+ - Apply autotime to all autotime classed elements when static loading a page
+ - Implement cards feature
+ - Extended support for help page translations including table of contents files at the top level
+ - Introduce util/dmkdir - a mkdir tool for DAV
+ - Various doco improvements
+ - Introduce util/dcp (DAV-copy) - copy file or directory from local system to Hubzilla
+ - Provide support for HTTPsig
+ - Implement mechanism for selective network following in protocol connectors (diaspora, ostatus, activitypub, zot, rss)
+
+ Bugfixes
+ - Fix w2w posts not removed in contact_remove() - github issue #837
+ - Fix guests not having a unique (non-existent) url
+ - Fix mod register re-using the password
+ - Fix write_storage permission not checked in /display
+ - Fix discovery of moderated items in enotify
+ - Fix profile thing image not deleted when thing deleted - github issue #868
+ - Fix deletions to comments not synced on wall posts
+ - Fix community tags not preserved on post edit - github issue #865
+ - Fix profile photo propagation issue if the local xchan_photo_[l|m|s] fields were changed from the /photo/profile/l/n form to photo/[hash] form by a clone operation
+ - Fix lockstate and current permissions not handed over to editor in mod card_edit
+ - Fix profile edit dropdown for multiple profiles
+ - Fix affinity slider spinner
+ - Fix mod pubsites broken
+ - Fix directory server admin selection includes known dead sites
+ - Fix sticky-kit issue where the bottom of left aside was not visible when section content was short
+ - Fix possibility to set bogus my_address
+ - Fix deleting of wiki pages
+ - Fix selected theme not appearing selected after change - github issue #855
+ - Fix an issue where some encoded mids were not found in /display
+ - Fix issue with mentions and xchans with @ or /
+ - Fix webfinger returns invalid XML - github issue #851
+ - Fix last remaining task in tasklist was not removed from view when completed
+
+ Plugins/Addon
+ Hubwall: Remove errant $1 string in sender name
+ Map federation protocols for zotinfo
+ Gnusoc: force ostatus profile photos to get refreshed monthly
+ Gnusoc: fix ostatus mention notifications
+ Gnusoc: unsubscribe to gnusoc feeds if connector is disabled
+ Phpmailer: not using load/unload
+ Gnusoc: don't provide some information if gnusoc is disabled by the channel
+ Diaspora: add a predelivery interval
+ Diaspora: support for likes on comments
+ Introduce the pubcrawl plugin - an unapologetically non-compliant ActivityPub Protocol implemention
+ Introduce gravatar plugin
+ Pubsubhubbub: produce much more compact PuSH feeds
+ Diaspora: support text comments on reshare posts
+ Diaspora: changes to delivery scenarios for the special handling of profile messages
+ Diaspora: put diaspora seed_location in json webfinger
+ Gnusoc: fix mis-attributed comments from mastodon
+ Gnusoc: allow discovery by url (not just reddress) and permit upgrade from 'unknown' network to gnusoc
+ Implement mechanism for selective network following in protocol connectors
+
+
+Hubzilla 2.6.3 (2017-09-18)
+ - Fix anonymous comments/likes on photos - this is not yet implemented
+ - Fix favicon not displayed on certain pages
+ - Fix hubzilla logo icon for favicon and email notifications
+ - Fix an issue with displaying selected theme in settings/display
+ - [SECURITY] Restrict the input characters we accept in token verification strings to hex digits
+ - Remove hubzilla.nl from fallback directory servers
+
+Hubzilla 2.6.2 (2017-08-31)
+ - Fix webfinger returns invalid XML (github issue #851)
+
+
+Hubzilla 2.6.1 (2017-08-18)
+ - Fix a regression with dav clients
+ - Raise install requirements
+
+ Plugins/Addon
+ - Diaspora: fix PHP warning
+ - GNU-Social: fix PHP warning
+
+
+Hubzilla 2.6 (2017-08-16)
+ - Upgrade to bootstrap-4 beta
+ - Consolidate disable_discover_tab config
+ - Fix some bbcode to markdown conversion issues
+ - Improved finding of recursive attachment permissions
+ - Smaller line-height for notification badges
+ - Bluegrid schema removed - will be added again if someone is willing to maintain it
+ - Improved file_activity()
+ - DB - add index for item.obj_type
+ - Add options flag to bb_to_markdown() so we can distinguish between diaspora use and other use and therefore filter and adjust content selectively
+ - Close the apps-menu if the notifications-menu is open and vice versa
+ - Remove redundant call to jquery ready function in photo albums view
+ - Remove borders from navbar toggler in mobile view
+ - Improve the formatting of shares when converting from bbcode to markdown
+ - Suppress fopen errors from dav
+ - Make local channel (not our own) nav menus appear similar to what we are used from remote channels
+ - Indicate the selected channel in the dropdown menu if the feature is enabled
+ - Provide a mechanism to mark apps active in the app tray
+ - Allow wildcard tag and category searches
+ - Improved installer
+ - Update some addon docs and ensure we only generate statistics once a day
+ - Turn url requests where argv[0] is something.xyz into module='something' and $_REQUEST['module_format'] = 'xyz'; But leave modules beginning with . (like .well_known) alone (convert the initial . to _ and then strip it)
+ - Turn platform name and std_version into config variables
+ - Implement chunked uploads on the wall
+ - Prevent expiration of conversations you are involved with
+ - Update htmlpurifier to version 4.9.3
+ - Update sabre/http to version 4.2.3
+ - Add optimize-autoloader to composer config
+ - Missing abook_{my,their}_perms in pg schema and missing keys in mysql schema
+ - Provide a gender icon on the profile sidebar within reason
+ - Provide more comprehensible information on the admin summary page
+ - Upgrade blueimp from 9.8 to 9.18
+ - Chanview - if already connected, bypass the chanview intermediary page and go straight to the remote profile.
+ - Allow poke by xchan_hash
+ - guess_image_type() - ignore scheme when checking for urls
+ - Remove unused page_widgets.php include and provide a general function for loading sql from file
+ - Migrate cdav from addons to core
+ - Address several mail issues
+ - Add files and photos to featured apps by default
+ - import_author_zot() fixes
+ - Remove deprecated app parameter from conversation()
+ - Implement anonymous comments (like wordpress)
+ - Add rel=noopener to all external target _blank links
+ - Add 'can_comment_on_post' hook so we can better deal with the complications of Diaspora policy
+ - Added Portfolio widget (requires foundation)
+ - Convert schema_mysql engine to InnoDB and charset utf8mb4
+ - Put unreachable federated connections in the archived tab of the connections list page
+ - Indicate on connections page if a federated connection from another network is unavailable from the current location
+ - Make authenticated oembeds optional, default to false.
+ - Remove text_highlight css load from core
+ - Numerous ostatus feed improvements (mastodon, gnu-social)
+ - Provide hook when deleting a connection - we need this to clean up dangling PuSH subscriptions
+ - Move code syntax highlighting to plugin
+ - Oembed: ensure that width and height are returned as type int and not float
+ - Rewrite wiki pages widget - no need for ajax on pageload, show the pages to not authenticated people.
+ - Convert randprof to use chanlink_hash() instead of chanlink_url() and filter sys channels by xchan.xchan_system instead of xchan_addr != sys@%
+ - Update Sabre libraries
+ - Only provide "connected apps" on the settings menu if techlevel > 0.
+ - Provide ability to search webpage
+ - Move disapora xrd stuff to plugin
+ - Deprecate server_role
+ - Introduce automatic language selection for help, webpages, and wiki content
+ - Provide ability to order apps in app-tray
+ - Replace Markdownify library with html-to-markdown library
+
+ Bugfixes
+ - Fix channel manager and nav channel select visible if in a delegate session
+ - Fix wrong wiki pages in the sidebar github issue #841
+ - Fix a bug where if multiple channels uploaded the same file to the same folder, the uploaded file would end up with an incremental number added to the filename for each upload even if the file did not exist yet in the channels folder
+ - Fix privacy groups not syncing across clones properly (github issue #832)
+ - Fix an issue where the ability to use a portion of the message-id to display a message wasn't honoured in all cases
+ - Fix minor issues in the bs-default schema
+ - Fix backward compatibility for album links generated in earlier times before the ambiguity of photo album names was solved (github issue #827)
+ - Fix photo item comments not ported to bs4
+ - Fix incorrect album link
+ - Fix incorrect follow url in webfinger
+ - Fix regression - allow position attributes in oembedable zcards
+ - Fix affinitiy slider settings were being updated on any submit of of settings/featured
+ - Fix minor weirdness in zot finger results after deleting a clone from a channel that was on a site which was previously migrated from http to https and still had the old hubloc
+ - Fix cloud headers already sent issue
+ - Partial fix for failure to sync photos - appears to be memory exhaustion and dependent on filesize although an unrelated issue was found with directory creation during file sync (we didn't check ownership when looking for duplicates)
+ - Fix github issue #810
+ - Don't allow negative age in directory listings
+ - Fix allow setting a default schema for the hub (github issue #797) and allow selecting of focus (hubzilla default) schema if a default is set
+ - Fix update_r1189() for mysql and postgres
+
+ Plugins/Addon
+ Diaspora: Rewrite the addon to implemented Diaspora Version 2 federation protocol
+ GNU-Social: GNU-Social and Mastodon compatibility was greatly increased and a "fetch conversations" feature added to try and locate missing contextual references and maintain conversations in posts from those networks
+ Rename statistics_json to statistics and implement nodeinfo v2
+ New authchoose addon to restrict what sites you authenticate to by default
+ Cdav addon moved to core
+ head_add_css() needs a preceding '/' to find files in the addons dir
+ New addon code syntax highlighting (moved from core to addon)
+ Pubsubhubbub: specify a minimum number of records - otherwise it defaults to zero
+
+
+Hubzilla 2.4 (2017-05-31)
+ - Silence php warning during install
+ - Implemented switch statement logic in Comanche layout parser
+ - Don't allow html in plugin comment blocks
+ - Handle Mastodon urls in markdown/bbcode conversion
+ - Get rid of edit activities
+ - Collapse sysapps if viewing a remote channel
+ - Various Doxygen fixes
+ - Update SimplePie library to version 1.5
+ - Add check for PHP zip extension during install
+ - Add unit tests for AccessList class
+ - Authenticate onepoll so we can receive private posts/comments in zotfeed
+ - Various postgres fixes
+ - Some work on preparing clientside e2ee
+ - Allow to set a default channel for the rare case where a default channel is not selected but channels actually exist
+ - Support reverse magic-auth in oembed requests
+ - Improved handling of Mastodon feeds
+ - When template "none" is used in a webpage layout, then the contents of the page should be the sole output, with no other code before or after the page element content
+ - If there is no site record, site_dead won't be 0, in a left join it will in fact be null. As long as it isn't 1, we should attempt delivery
+ - Order wiki pages by creation date
+ - Backend infrastructure for channel protection password; which will be used to optionally encrypt export files and resolve channel/identity ownership/hijacking disputes
+ - Don't allow any null fields in notify creation
+ - Webfinger cleanup
+ - Envelope privacy
+ - We do not parse the body in discover_by_url(), so no need to preserve iframes in SimplePie
+ - Correct the mastodon "boost" (aka 'share') author attribution by checking for share activities and pulling the original author info from the activity:object
+ - Only log zot_refresh content if json decode was successful
+ - Revisit the import_author_zot algorithm yet again. There was one bug that we weren't returning necessary information in the first SQL query - and performance/loading problem if one tries to refresh a dead site
+ - Import_author_xchan - since we rarely refresh zot-info for non-connections, force a cache reload once a week to catch things like profile photo updates and location changes
+ - Create site_store_lowlevel() to initialise data structures for the site table
+ - Change hook for perm_is_allowed while retaining backwards compatibility
+ - import_author_zot() - check for both hubloc and xchan entries. This should catch and repair entries which were subject to transient storage failures
+ - Import authors from any unrecognised network as network 'unknown'
+ - Crypto update - default is now aes-256-ctr
+ - Get rid of get_app()
+ - Add 'author_is_pmable()' function with plugin hooks to control whether or not to display a 'send mail' link in the thread author menu
+ - Provide platform specific install script
+ - Allow for project specific DB updates
+ - Get rid of davguest
+ - Move db_upgrade to zlib
+ - Add CSRF protection for import and import_items
+ - Add some documentation for import functions
+ - Do not allow creating two wikis with the same name
+ - Update textcomplete library to version 1.8.0
+ - Create channel_store_lowlevel()
+ - Allow setting the system email name/address/reply
+ - Use the same host macro for sender address as for reply_to address
+ - Use the relevant attach directory/path for photo albums instead of an album basename which may not be unique. Created an 'ellipsify()' function to shorten long names and keep the beginning and end intact
+ - Simplify the message signing spaghetti
+ - Class MarkdownSoap to safely store markdown by purifying and preserving (escaped) what may be unsafe code in codeblocks. The stored item needs to be unescaped just prior to calling the markdown-to-html processor
+ - Remove the unimplemented upload limit site settings from UI
+ - Cleanup code_allowed
+ - Move widgets to standalone classes
+ - Upgrade redbasic to bootstrap 4
+ - Updated HTML Purifier from 4.6.0 to 4.9.2 with better PHP7 compatibility
+ - Remove redundant and non-functional/broken check for successfully cloned channel record which was left over from an earlier method of creating the table; which was deprecated a few months back
+ - Update bshaffer/oauth2-server-php library
+ - Add unit test for purify_html()
+
+ Bugfixes
+ - Fix website export tool creating invalid zip file - issue #790
+ - Fix files not synced correctly - issue #769
+ - Fix empty ACL should not result in no ACL when uploading a file
+ - Fix cover photo was unintentionally disabled when block_public in effect
+ - Fix markdown autolinks - issue 752
+ - Fix connectDefaultShare generated js function, though it isn't obvious if we still use it
+ - Fix a couple more instances where we were still calling mail() directly for site critical messages
+ - Fix when clicking a notification to view a private mail message, actually view that message instead of the most recent
+ - Fix group by item query
+
+ Plugins/Addon
+ - smileybutton: do not load emojis
+ - pubsubhubbub: fixes associated with recent compatibility feed mods
+ - gnusoc: mastodon follow_activity compatibility issues
+ - gnusoc: add profile photo to feed meta
+ - gnusoc: add salmon link information to the public feed when GNU-Social is enabled
+ - chess: fix bugs when deleting games
+
+Hubzilla 2.2 (2017-03-08)
+ - Provide version compatibility check for themes (minversion, maxversion)
+ - Use chanlink_hash() instead of chanlink_url() where appropriate
+ - Use head_add_link() for feed discovery
+ - Provide HTTP header parser which honours continuation lines
+ - Numerous doco improvements
+ - Implement virtual privacy groups from restricted profile access list
+ - Implement permission roles
+ - Implement app-tray
+ - Default to manual conversation updates
+ - Implement channel move for all server roles
+ - Implement nav login modal
+ - Rename bb2diaspora.php to markdown.php
+ - Remove obsolete module 'match'
+ - Move firefox social api configuration to plugin
+ - Move rsd service to twitter_api plugin
+ - Add build_pagehead hook
+ - Move opensearch to plugins
+ - Move dreamhost hack to plugin
+ - Add wiki permissions
+ - Introduce hubloc_store_lowlevel() and xchan_store_lowlevel()
+ - Move diaspora account import to the diaspora plugin
+ - Allow export of single data sets instead of always exporting everything we know about in channel export
+ - Queue optimisations for sites that have lingered in the queue for more than a couple of days
+ - Add affinity slider tool settings for min and max defaults in settings/featured
+ - Provide lowlevel xchan storage function to ensure that all non-null rows are initialised
+ - Implement native wiki
+ - Block well-known from oembed
+ - Implement observer.language bbcode and observer.language comanche conditional
+ - Implement daemon_addon hook to let plugins create custom background processes
+ - Implement profile vcards
+ - Implement connection vcards
+ - Implement 'click to call' in address book
+ - Default cover photo
+ - Remove fullscreen functionality in photo album view
+ - Update fontawesome lib to version 4.7.0
+ - Implement a menu to select a section to be open by default in connedit
+ - Improve comanche conditionals
+ - Add enclosures and categories to atom feed parsing
+ - Allow the atom_entry hook to change the results
+ - Set 'adjust for viewer timezone' as the default for new events
+ - Allow event creation in other timezones than your own
+ - Update fullcalendar lib to version 3.1
+ - Move api version call back to core
+ - Create first webpage as 'home' if none exist
+ - Show webpages link to visitors if a 'home' page exists
+
+ Bugfixes
+ - Fix schema not saved if session theme != selected theme and schema select display issue
+ - Fix no acl not detected in post_activity_item()
+ - Fix find_folder_hash_by_path() was not safe against multiple attach structures with the same filename but in different directories
+ - Fix don't search on empty filename - we shouldn't find it. The reason why this change is being made is because we actually did find it due to a development glitch
+ - Fix several places where head_add_(css|js) functions have been used incorrectly.
+ - Fix webpage import tool
+ - Fix numerous bugs with the addon repo management GUI
+ - Fix attach_delete() to remove photo resources even if the attach table row wasn't found
+ - Fix choking if photo_factory() returns null
+ - Fix embedimage if an albumname contains quotes
+ - Fix chat member list when one or more members are connected via access tokens
+ - Fix issue #636 - some localised (e.g. Italian) strings have single quotes which throw JS errors when used in single quoted template constructs
+ - Fix issues #629 and #635 - edited post arriving from downstream source was not being rejected
+ - Fix peoplefind widget not honouring directory option settings
+ - Fix issue with HTML in code blocks in markdown in wiki
+ - Fix issue with post signatures if posted from api and logged in locally with a different identity
+
+ Plugins/Addon
+ - Add experimental webmention plugin
+ - NSFW: Use button instead of text link
+ - Diaspora: gracefully handle multiple photos per post
+ - Diaspora: change profile photo permission call
+ - Logrotate: don't throw an error if another server process renamed the logfile before we got to it
+ - Chess: the channel owner must be one of the players, so only require selecting one connection for an opponent
+ - Move firefox social api configuration to plugin from core
+ - Move rsd service to twitter_api plugin from core
+ - Move opensearch to plugins from core
+ - Move dreamhost hack to plugin from
+ - Move diaspora account import to addon from core
+ - Reflect hubloc store changes in plugins
+ - Reflect xchan store changes in plugins
+ - Rendezvous: Fixed marker creation bug
+ - Rendezvous: Center on marker if specified in URL, and update browser address bar with shareable link when selecting markers on the map
+ - Rendezvous: Set default value of 0 for priximity alert when making new markers
+ - Move gitwiki to plugins from core which has been replaced by native wiki
+ - Openclipatar: reflect changes to files and photos which were unified in core some time ago
+ - Reintroduce gnusocial plugin after security/functionality review
+ - Twitter_api: hubzilla core issue 638 - unsupported message-id field not available in all twitter api functions
+ - Superblock: update to reflect core changes
+ - Rendezvous: implement static marker proximity alert
+ - Phpmailer: security update
+
Hubzilla 2.0 (2016-12-23)
- Deprecate bb_iframe
- Note widget: resize the textarea to reveal full content