- Update requirements
- Execute database migrations
- Wiki: Update metadata and content of related pages after a edit
*.potfiles are no longer in git- Enable timezon-aware datetimes from Django
- Fix deprecation warnings related to UTC methods
- Remove private messages after specific duration. This will not affect messages in the 'archive' folder and team members.
- Replace javascript based datetime picker with native HTML one
- Planet: Fix export
- Planet: Fix suggestion for a new blog
- Login: Allow to enter long email adress
- Events: Fix discrepancy between times displayed in forms and rendered on page
- Update requirements (at least the dependencies
Djangoandjinja2includes known security fixes)
- Update requirements
- Migrate from bump2version to bump-my-version
- Rework to use more of Django's logic for templates
- Build requirement files for all supported Python versions (for the time being: Python 3.9, 3.10, 3.11, 3.12)
- Added more tests for portal view
- Wiki sidebar: Link to a seperate wiki page to incorrect articles (before the backlink-page of templates was used)
- Calendar: Localize some missed strings in the HTML
- Documentation: Update installation requirements
- Page 'About Inyoka': Update after OSS release, fix old URLs and localize the page
- Update requirements (at least the dependency
lxml-html-cleanincludes known security fixes)
- Add contribution guideline
- Fix domain for download-link to not point to inyokaproject.org
- Update requirements
- Add default theme based on ubuntuusers theme to the inyoka repository
- Migrate from
setup.pytopyproject.toml - Introduce ruff for code formatting
- Render
<mark>for highlighted text - Control characters are stripped from all HTTP-POST parameters
- Documentation: Now possible to use Markdown
- Documentation is now published at https://doc.inyokaproject.org/
- Use Django's view and form for change password
- Restrict user defineable font faces: Only
[font=Arial],[font=serif],[font=sans-serif]and[font=Courier]are allowed - Disallow
<color>and<font>in signatures - InyokaMarkup: Extend filtering of control characters
- InyokaMarkup: Remove empty paragraphs in generated HTML
- InyokaMarkup: Dont split up long links in HTML-markup (instead rely on CSS)
- Table of contents: Dont strip long heading text
- Remove unused javascript on register and for escaping
- Splittopic form: Fix maximum length for title of new topic
- Forum posts & Ikhaya comments can now start with a list (space is preserved)
- Add
SECURITY.md - Update requirements (at least the dependency
Djangoincludes known security fixes) - Markup, Edited-/Mod boxes: Escape parameters to prevent HTML injection
- Templates: Escape more user-controllable variables to prevent HTML injections
- Update requirements
- Update
Djangodue to a security vulnerability → <https://www.djangoproject.com/weblog/2024/aug/06/security-releases/>
- Update requirements
- Run migrations
- Fix CVE-2024-4317 in existing postgresql instances (see https://www.postgresql.org/about/news/postgresql-163-157-1412-1315-and-1219-released-2858/)
$ docker exec -it inyoka_postgres.<Tab> bash
root@a789607c1d5c:/# psql -U inyoka
\i /usr/share/postgresql/14/fix-CVE-2024-4317.sql
\c template1
\i /usr/share/postgresql/14/fix-CVE-2024-4317.sql
ALTER DATABASE template0 WITH ALLOW_CONNECTIONS true;
\c template0
\i /usr/share/postgresql/14/fix-CVE-2024-4317.sql
\c template1
ALTER DATABASE template0 WITH ALLOW_CONNECTIONS false;
exit;- new management commands
- Portal: Add management command that outputs some statistics
- Wiki: Add management command to regenerate MetaData
- Generate requirements for Python 3.12 as default
- The Docker container now use Python 3.12 which replaces Python 3.9
- Update requirements (at least the dependencies
certifi,Django,Jinja2,requests,urllib3include known security fixes) - Remove deprecated Django password hashers
- Update requirements
- Use argon2 as default password hasher
- Use Django gzip middleware, so HTML gets compressed (mitigation for the BREACH attack is included in Django)
- Update to Django 4.2
- Replace pytz with zoneinfo
- Basic BDD tests for the planet
- Update requirements
- Update
gunicornto fix a known security issue
- Update requirements
- Add documentation for release procedure
- Update requirements (at least the dependency
Pillowincludes known security fixes)
- Events: Link to openstreetmap, as geohack seems to be not reachable
- Update requirements
- Execute database migration
- Wiki: Refactor queries for wiki page to be more efficient
- Update requirements (at least the dependency
Djangoincludes known security fixes)
- Update requirements
- Execute database migration
- Add index for username in uppercase. This should speed-up the case-insensitive queries (at least on postgreSQL).
- in the Wiki the
Includemacro was removed
- Display message instead of server-error, if username was not taken during form-validation at registration, but at DB-insertion
- Strip control characters in Inyoka's markup lexer. This will fix server errors for feeds.
- Update requirements (at least the dependencies
Djangoinclude known security fixes)
- Update requirements
- Execute database migration
- pyupgrade to modernize the code base a bit
- Refactor feeds to use Django's builtin syndication framework instead of the out-of-support Werkzeug module
- Remove XMPP: XMPP was not used anymore, since it was made an optional dependency.
The associated database migration will
- remove not needed user settings
- remove hidden jabber-ids for privacy, as there is no reason to save them anymore (previously, they could be used for notifications)
- Fix wiki revision rendering
- Reject NUL byte in URLs
- Fix TypeError in Service Middleware
- Return more HTTP status codes in ikhaya service instead of raising an unhandeled error
- Fix UnboundLocalError in Service Middleware, if there are not exactly two parts given via GET
- LoginForm: Always require a password
- Update requirements (at least the dependencies
Django,Pillowandjinja2include known security fixes)
- Update requirements
- Execute database migration
- Added babel extractor for django templates
- Update requirements (at least the dependencies
certifi,django,urllib3,Pillowinclude known security fixes)
- Update requirements
- Run
python manage.py migrate
- Require python 3.9
- Use default django classes for templates
- Update celery to version 5
- Ubuntu Distro Select: Add Ubuntu Unity, Do not allow Ubuntu GNOME for new threads
- Update requirements (at least the dependencies
Pillow,requests,sqlparseinclude known security fixes)
- Update requirements
- Update requirements (dependency-packages
lxmlandPillowinclude known security fixes)
- Update requirements
- Adapt sentry-settings in local configuration
- For development setups: Migrate changes from
example_development_settings.pyto local configuration - Run
python manage.py migrate
- Require python 3.8
- Replace jenkins with github actions as CI
- Use django's PasswordResetView and PasswordResetConfirmView
- Add ircs as an supported protocol for InterWiki links
- Markup: Use unicode for rendering an anchor
- Forum: Raise 404, if forum-slug for markread is not found
- Planet, Sync: Continue with next blog on SSLError, Fix unicode error