- Safely link target URLs for Redirects in admin (#148 by mvz)
- Upgrade jquery-ui-rails to version 7.0 (#149 by mvz)
- Use native datetime inputs in the Admin (#121 by mvz)
- Display Theme description nicely in the admin (#151 by mvz)
- Stop using and depending on REXML (#123 by mvz)
- Remove inline javascript (#124 by mvz)
- Switch to no-trailing-comma style (#127 by mvz)
- Remove inline styles assigned in ERB templates (#128 by mvz)
- Make Content.searchstring scope code more transparent (#150 by mvz)
- Add erb-lint and fix initial warnings (#125 by mvz)
- Update CarrierWave dependency to version 3.0 (#102 by mvz)
- Move String monkey-patches into a module under PublifyCore (#115 by mvz)
- Remove text filter plugin naming requirements (#109, #110, #117 by mvz)
- Fix name and description of Twitterfilter (#118 by mvz)
- Fix link to pull request in CHANGELOG (#116 by mvz)
- Provide proper validation feedback during setup (#119 by mvz)
- Upgrade to Rails 6.1 and Ruby 2.7 to 3.2 publify#987, publify#1014, publify_core#71, and publify_core#78
- Update various other dependencies (various pull requests)
- Remove support for Textile as a text format publify#1001
- Improve feedback listings publify#1005
- Link to article from article feedback admin page publify#1007
- Link to blog from admin menu publify#1008
- Handle markdown links in notes correctly publify#1009
- Make notes twitterfilter robust publify#1010
- Miscellaneous admin fixes publify#1012
- Add arabic language to the project publify#1060 by ahmedhamid13
- Remove use of 'notextile' publify#1002
- Remove
TextFilter.filter_text
in favor of#filter_text
publify#1003 - Replace BlueCloth with CommonMarker for Markdown processing publify#810
- Rename Admin::ContentController to Admin::ArticlesController publify#1004
- Remove unneeded wrapping elements from admin layout publify#1006
- Split the factories into individual files publify#1031 by VictorPS
- Ensure
auto_link
helper is loaded on time publify#1040 - Remove
sitealizer
table publify#1089 by SupriyaMedankar - Remove itunes fields from resources publify#1092 by SupriyaMedankar
- Remove
page_caches
table publify#1090 by SupriyaMedankar - Remove obsolete Sidebar code publify_core#58
- Bump Rails version to 5.2.8.1 publify#1070
- Limit length of settings values publify#1072
- Require login to stay unique when updating a User publify#1073
- Validate lengths of string attributes publify#1077
- Strip EXIF data from resource uploads publify#1078
- Require user passwords to be strong publify#1086
- Fix admin article access control publify#1065
- Refuse html files as resources even if declared to be plain text publify#1066
- Fix password protected article reveal publify#1049
- Disallow comments on draft articles publify#1048
- Clean up Feedback validation publify#1051
- Disallow images in comments publify#1054
- Fix password reset process publify#1055
- Hide bodies of password-protected articles in search results publify#1057
- Provide correct
article_id
input in bulkops form publify#1058 - Do not create article meta description for password-protected articles publify#1061
- Fix setting the article password from the Admin publify#1044
- Add documentation about use of the media library
This release fixes several security issues:
- Block ability to switch themes using a GET request; use a POST instead
- Disallow user self-registration rather than hiding it
- Let the browser not cache admin pages
- Limit the set of allowed mime types for uploaded media
- Limit allowed HTML in articles, pages and notes
Additionally, it includes the following changes:
- Fix resource size display in admin resource list
- Trigger download of media in the Media Library in admin instead of displaying them directly
- Explicitly require at least version 1.12.5 of nokogiri to avoid a security issue
- Drop support for Ruby 2.4 since it is incompatible with nokogiri 1.12.5
- Bump Rails dependency to 5.2.6
- Replace mimemagic with marcel publify#996
- No changes
- No changes
- Upgrade to Rails 5.2 (mvz)
- Fix logic for rendering excerpts or whole posts (mvz)
- Drop support for Ruby 2.2 and 2.3 (mvz)
- Provide FactoryBot factories for general use (mvz)
- Fix comment preview (mvz)
- Drop support for humans.txt (mvz)
- Remove unused ability to view macro help text (mvz)
- Simplify the article editor: remove widearea and button fade-out (mvz)
- Remove unused
title_prefix
setting (mvz) - Remove text filter definitions from the database. Text filters are now specified in code only (mvz)
- Remove broken inbound links feature from Admin dashboard (mvz)
- Always include a canonical URL in the header and remove
use_canonical_url
option (mvz) - Update various dependencies (mvz)
- Use new way to render Devise error messages in view override (mvz)
- Fix broken page creation (cfis)
- Improve calculation of canonical URL (mvz)
- Replace use of deprecated URI.escape and URI.encode (mvz)
- Add support for Ruby 2.7 (mvz)
- Deprecate Textile text filter (mvz)
- Remove icons from Admin and replace them with text (mvz)
- Show text filter in content lists in Admin, plus various other Admin improvements (mvz)
- Warn about need to run task to convert textile to markdown (mvz)
- Update mimimum dependencies of Rails and Puma to avoid security issues (mvz)
- Upgrade to Rails 5.1 (mvz)
- Update Danish translations (xy2z)
- Extend Polish translations (gergu)
- Remove outdated import tools (mvz)
- Fix a bunch of issues (e-tobi)
- Fix google analytics tag rendering (mvz)
- Remove
link_to_author
setting: author email is no longer shown. Whoever really wants to have it shown should create a new theme (mvz) - Update dependencies (mvz)
- Make Devise use the correct layout (mvz)
- Ensure email parameter is processed correctly on sign up (mvz)
- Correctly serve js files from themes (cantin)
-
Replace page caching with fragment caching (mvz)
-
Replace home-grown state machine with aasm (mvz)
-
Remove automigration. Users should run db:migrate themselves (mvz)
-
Let first-run users pick their own password instead of generating one (mvz)
-
Dependencies
- Update dependencies (mvz)
- Drop support for Ruby 2.1 (mvz)
-
Removing of old/outdated functionality
- Remove support for feedburner (mvz)
- Drop old redirects (mvz)
- Remove RSD end point (mvz)
-
Feedback
- Stop sending trackbacks and pingbacks (mvz)
- Stop accepting trackbacks (mvz)
-
Improve Atom/RSS feeds
- Fix URLs used for resources (mvz)
- Fix URL/alternate links to not just point to the site root (mvz)
- Unify comment and trackback feeds into feedback feed (mvz)
- Add caching for feeds (mvz)
- Fix atom entry publication date (mvz)
- Fix ordering of feedback feed by using created_at (mvz)
-
Bug fixes
- Fix user resource image display when using Fog (mvz)
- Fix sending of welcome email (mvz)
- Fix Tag page description (mvz)
- Handle setting published_at to blank (mvz)
- Handle preview of articles without publication date (mvz)
- Include CSRF meta tag so remote forms work (mvz)
- Fix sidebar field rendering in admin (mvz)
- Fix formatting of settings forms in admin (mvz)
-
Code improvements
- Performance improvements (mvz)
- Improve tags controller (mvz)
- Clean up archives and authors page code (mvz)
- Unify content models more to improve performance when mixing models (mvz)
- Remove now-broken caching of theme assets (mvz)
- Remove cache invalidation support code from content (mvz)
- Update dependencies (mvz)
- Remove activerecord-session_store. The main application should decide on the store to use (mvz)
- Remove unused translations (mvz)
- Ensure theme files are part of the gem (mvz)
- Update to Rails 5.0 (mvz)
- Remove page caching since the released version of actionpack-page_caching is incompatible with Rails 5 (mvz)
- Ensure PublifyCore::VERSION is available (mvz)
- Initial pre-release of Publify Core as a separate gem.