Hubzilla 1.3 Admin Security configuration page created which consolidates several previously hidden settings: Communication white/black lists Channel white/black lists OEmbed white/black lists Admin Profile Fields page created which manages the availability and order of standard profile fields and allows new fields to be created/managed "Poke" module reworked - page UI updated and "poke basic" setting introduced which limits the available poke "verbs". "Mood" module UI reworked "profile_photo" module UI reworked "cover_photo" module UI reworked "new_channel" module UI reworked "register" module UI reworked "pubsites" module UI reworked item-meta ("iconfig") created which implements arbitrary storage for item metadata for plugins abook-meta ("abconfig") created which implements arbitrary storage for connection metadata for plugins "Strict transport security header" made optional as it conflicts with some existing Apache/nginx configurations "Hubzilla UNO" (Hubzilla with radically simplified and locked site settings) implemented as an install configuration. .well-known directory conflict worked out to support LetsEncrypt cert ownership checks without disrupting webfinger and other internal uses of .well-known Lots of work on 'zcards' which are self-contained HTML representations of a channel including cover photos, profile photos, and some text information Long standing bug uncovered which failed to properly restrict the lower time limit for public feed requests A number of fixes to "readmore" to fix page jumping Bugfix: persons other than the channel owner who have permission to upload photos to a channel could not do so if the js_upload plugin/addon was enabled Siteinfo incorrectly identifying secondary directory servers Allow admin to set and lock features when UNO is configured Atom feeds: alter how events are formatted to be compatible with GNU-social Allow guest/visitor access to view personal calendar Moved several more classes to "composer format" and provided an autoloader. Bugfix: require existing password to change password Bugfix: allow relative_date() to be translated to Polish which has more than two plural forms. Plugin API: add "requires" keyword to module header to indicate dependent addons ActivityStreams improvements and cleanup: photo and file activities UI cleanup for editing profile when multiple profiles enabled Removed the "markdown" feature as there are numerous issues and no maintainer. Provide "footer" bbcode to ease theming of post footer content Bugfix: install issues caused by composer code refactor and typo in postgres load file Plugins: keepout - "block public on steroids" pubsubhubbub - provides PuSH support to Atom feeds, required for GNU-social federation GNUsocial protocol - under development Diaspora protocol - some work to ease migration to the new signing format Diaspost - disabled; numerous issues and no maintainer smileybutton - theme work and fixed compatibility with other jot-tools plugins Hubzilla 1.2 Provide extra HTTP security headers (several of them). Allow a site to disable delivery reports if disk space is limited Regression: Wrong theme when viewing single post as non-member Some Diaspora profile photos use relative URLs - force absolute Add locked features to siteinfo report to aid remote debugging Provide version compatibility checking to plugins (minversion, maxversion, and minphpversion) Account config storage Provide optional integrated registration and channel create form cli utility for managing addons issue with sharing photo "items" cover photo manager: upload, crop, and store cover photo widget created rework the connections list page and provide a few management features there fixed issue with Comanche layout definitions loaded by plugins provide ability to separate delivery functions from item_store() and item_store_update() - some forum messages were being redelivered when cloned. call build_sync_packet() on pdledit changes Abstract the project name and version so these can be customised or removed Allow hiding the ratings links on a per-site basis db_type not present in international setup templates - was unable to choose postgres. item_photo_menu logically divided into a) actions on the post, b) actions related to the author bug: default channel not reset to 0 when last channel removed create widget containing only the contact block regression: public forums granted send stream permissions to connections workaround Firefox's refusal to honour disabling autocomplete of passwords regression: photo's uploaded to a channel by a guest (with file write permissions) not saved correctly. provide mechanisms for custom .well-known handlers (needed for LetsEncrypt ownership verification) proc_run modified to use exec() instead of proc_open() - causing issues on some PHP installations remote delegation failure under a specific set of circumstances which we were finally able to duplicate Delegation section of Channel Manager was missing names and contained useless notification icons. Change "expire" channel setting to show system limit if there is one. Regression: provide a one-click ignore of pending connection Config to control directory keyword generation on client and server. "Collections" renamed to "Privacy Groups", documentation improved widget_item - allow use of page title instead of message id Add site black/white list checking to all .well-known services reduce incidents of screen jumping when "showmore" is activated add oembed provider for photos Addons: CSS theming of pageheader plugin xmpp addon ported from Friendica Diaspora private mail issues after the third reply Occasional issue with Diaspora connection requests Add notification email to Diaspora PMs Allow anonymising platform and version for statistics msgfooter addon created removed embedly plugin sync clones after superblock addition "keepout" plugin created Hubzilla 1.1 Rewrote and simplified the Queue manager and delivery system Rewrote and simplified the outer layers of the Zot protocol Use a standard version numbering scheme in addition to the snapshot tags Provide a channel blacklist for blocking channels with abusive or illegal content at the hub level Make the black/white lists pluggable Update template library Support for letsencrypt certs in various places Cleanup of login and register pages Better error responses for permission denied on channel file repositories Disabled the public stream by default for new installs (can be enabled if desired) Cleanup of API authentication and rework the old OAuth1 stuff Add API "status with media" support compatible with Twitter and conflicting method for GNU-social Rework photo ActivityStreams objects to align better with ActivityStreams producers/consumers Several minor API fixes to work better with AndStatus client Invitation only site - experimental support added, needs more work Fix delivery loop condition due to corrupted data which resulted in recursive upstream delivery Provide more support for external (git) widget collections. Extend the Queue API to 3rd-party network addons which have experienced downtime recently. Regression: Inherited permissions were not explicitly set Regression: "Xyz posted on your wall" notification sent when creating webpages at another channel Regression: Custom permissions not pre-populated on channel creation with named role. Provide "Public" string when a post can be made public, instead of "visible to default audience" Allow hub admin to specify a default role type for the first channel created, reducing complexity Ability for a hub admin to set feature defaults and lock them, reducing complexity Change default expiration of delivery reports to 10 days to accomodate sites with reduced resources Addons/Plugins: Pageheader addon ported from Friendica Hubwall (allow admin to send email to all accounts on this hub) created GNU-social - queueing added Diaspora - fixes for various failures to update profile photos, updates to queue API Cross Domain Authenticated Chess (Andrew Manning's repository) And... the normal "lots of bugs fixed, translations updated, and documentation improved"