mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-20 21:35:13 +00:00
359 lines
21 KiB
Text
359 lines
21 KiB
Text
Hubzilla 1.12
|
|
- extensible permissions so you can create a new permission rule such as "can write to my wiki" or "can see me naked".
|
|
- guest access tokens can do anything you let them, including create posts and administer your channel
|
|
- ACLs can be set on files and directories prior to creation.
|
|
- ACL tool can now be used in multiple forms within a page
|
|
- a myriad of new drag/drop features (drop files or photos into /cloud or a post, or drop link into a post or comment, etc.)
|
|
- multiple file uploads
|
|
- improvements to website import
|
|
- UNO replaced with extensible server roles
|
|
- select bbcode elements (such as baseurl) supported in wiki pages
|
|
- addons:
|
|
Diaspora Protocol - additional updates to maintain compatibility with 0.6.0.0 and stop showing likes as wall-to-wall comments (except when the liker does not have any Diaspora protocol ability)
|
|
Cdav - continued improvements to the web UI
|
|
Pong - the classic pong game
|
|
Dfedfix - removed, no longer needed
|
|
Openid - moved from core to addon
|
|
- bugfixes
|
|
unable to delete privacy groups
|
|
weird display interaction with code blocks and escaped base64 content containing 8 - O
|
|
workaround WordPress oembeds which are almost completely javascript and therefore filtered
|
|
restrict oembed cache url to 254 chars to avoid spurious failures caching google map urls
|
|
"Page not found" appeared twice
|
|
birthdays weren't being automatically added to event calendar
|
|
some iCal entries had malformed descriptions
|
|
|
|
Hubzilla 1.10
|
|
Wiki:
|
|
Lots of enhanced functionality, usability improvements, and bugfixes from v1.8
|
|
Turned into an optional feature (default on) but disabled in UNO
|
|
Sync:
|
|
Items are now relocated (links patched) when syncing to clones
|
|
Access Tokens:
|
|
New feature - allows members to create access controlled guest logins and create/share 'dropbox' style links to protected resources.
|
|
UI:
|
|
Use icons instead of iconic text constructs
|
|
Only request geolocation permission when creating a post, not on page load
|
|
provide 'redeliver' option on Delivery Report page for when things really stuff up
|
|
CalDAV/CardDAV management pages with heaps of functionality
|
|
Lib:
|
|
z_fetch_url() updated to accept different request methods and request bodies
|
|
item_store(), item_store_update() now return the stored items
|
|
vcard microformat changes to remain spec compliant
|
|
microformat meta tags added to post/comments
|
|
AbConfig API changed to use channel_id rather than channel_hash, which was overly complicated to use
|
|
SuperCurl class added to provide a framework for re-use of obscure CURL options
|
|
Allow absolute links to CSS/JS files on CDN
|
|
Add Let'sEncrypt intermediate cert to lib in case you forget to install it on the server
|
|
Update fullcalendar and jquery (3.1) libs
|
|
Update sabre/dav to 3.2.0
|
|
Change content export from a month/year system to begin/end
|
|
Use streaming I/O for delivering large photos
|
|
Allow multiple App description files in a single plugin directory
|
|
optimise a couple of troublesome/inefficient SQL queries
|
|
avoid sending clone sync packets to dead sites
|
|
Resolved Issues:
|
|
channel home page not providing content to clients with javascript disabled
|
|
Replace '@' obfuscation with html entity rather than the unicode look-alike
|
|
xchan_query() failing to detect duplicates, resulting in inefficient queries
|
|
issues with 'use existing photo' for profile photo
|
|
layout editor "list all layouts" returned empty
|
|
oembed - better detect video file URLs so they aren't loaded into memory.
|
|
handcrafted bbcode tables could end up with way too much whitespace due to CRLF translation
|
|
refresh permissions whitescreen in 1.8
|
|
force immediate profile photo update on local site
|
|
regression: 'save bookmarks' post action missing
|
|
|
|
Hubzilla 1.8
|
|
Administration:
|
|
Cleanup and resolve some edge cases with addon repository manager
|
|
Provide sort field and direction on all fields of account and channel administration tables
|
|
Rename 'user' administration to account administration to reflect its true purpose
|
|
'safemode' tool to quickly disable and re-enable addons during a hypothetical upgrade crisis
|
|
Security:
|
|
Edited comments to private posts could lose their privacy settings under some circumstances
|
|
Provide zot-finger signatures to prevent a possible but rare exploit involving DNS spoofing and phishing
|
|
ACL selections:
|
|
Various improvements to the ACL editor to further simplify the concepts and make it more intuitive
|
|
Chat:
|
|
Notifications of chatroom activity using standard browser notification interfaces.
|
|
Themes:
|
|
Allow a theme:schema string to represent a valid theme name. This fixes issues with setting schemas on site themes.
|
|
Pubsites:
|
|
Show server role (identify UNO or basic sites as opposed to hubzilla pro) and link to statistics
|
|
Documentation:
|
|
Clarify privacy rights of commenters w/r/t conversation owners, as this policy is network dependent.
|
|
Wiki (Git backed):
|
|
Brand new feature. We'll call it experimental until it has undergone a bit more testing.
|
|
Account Cloning:
|
|
Regression on clone channel creation created a new channel name each time.
|
|
New issue (fixed) with directory creation on cloned file content
|
|
Content Rendering:
|
|
Add inline code (in addition to the existing code blocks) to BBcode
|
|
Add emoji reactions
|
|
Add emojis as extended smilies with auto-complete support
|
|
Emoji added as feature so it can be enabled/disabled and locked
|
|
Ability to configure the standard reactions available on a site basis
|
|
Disable 'convenience' ajax autoload on pgdn key, as it could lead to premature memory exhaustion
|
|
Photos:
|
|
Change album sort ordering, allow widgets and plugins to define other orderings
|
|
Apps:
|
|
Synchronise app list with changes to system apps
|
|
Preserve existing app categories on app updates/edits
|
|
Regression: fixed translated system app names
|
|
Architecture:
|
|
Provide autoloaded class files and libraries for plugins.
|
|
Further refactoring of session driver to sort out some cookie anomolies
|
|
Experimental PDO database driver
|
|
Creation of Daemon Master class and port all daemon (background task) interfaces to use it
|
|
Create separate class for each of 'Cron', 'Cron daily', and 'Cron weekly'.
|
|
Always run a Cron maintenance task if not run in the last four hours
|
|
Refactor the template classes
|
|
Refactor the ConversationItem mess into ThreadItem and ThreadStream
|
|
Refactor Apps, Enotify, and Chat library code
|
|
Refactor the various Config libraries (Config, PConfig, XConfig, AConfig, AbConfig, and IConfig)
|
|
Created WebServer class for top level
|
|
Remove mcrypt dependencies (deprecated in PHP 7.1)
|
|
Remove all reserved (including merely 'not recommended') words as DB table column names
|
|
Provide mutex lock on DB logging to prevent recursion under rare failure modes.
|
|
Bugfixes:
|
|
Remove db_close function on page end - not needed and will not work with persistent DB connections.
|
|
Undefined ref_session_write
|
|
Some session functions needed to be static to work with CalDAV/CardDAV
|
|
CLI interface: argc and argv were reversed
|
|
HTML entities double encoded in edited titles
|
|
Prevent delivering to empty recipients
|
|
Sabre library setting some security headers for SAML after we've emitted HTML content
|
|
Always initialise miniApp (caused obscure warning message if not set)
|
|
Block 'sys' channels from being 'random profile' candidates
|
|
DB update failed email could be sent in the wrong language under rare circumstances
|
|
Openid remote authentication used incorrect namespace
|
|
URL attached to profile "things" was not linked, always showing the "thing" manage page
|
|
New connection wasn't added to default privacy group when "auto-accept" was enabled
|
|
Regression: iconfig sharing wasn't working properly
|
|
Plugins:
|
|
CalDAV/CardDAV plugin provided
|
|
Issue sending Diaspora 'like' activities from sources that did not propagate the DCV
|
|
Allow 'superblock' to work across API calls from third party clients
|
|
statistics.json: use 'zot' as protocol
|
|
Issues fixed during testing of ability to follow Diaspora tags
|
|
Parse issue with Diaspora reshare content
|
|
Chess: moved to main repo, ported to 1.8
|
|
|
|
Hubzilla 1.6
|
|
Cleanup and standardise the interfaces to the "jot" editor
|
|
Router re-written to support calling class object methods as controllers
|
|
All existing modules (160+) re-written as object classes
|
|
Plugin hook interface adapted to call static class methods
|
|
Context help improved dramatically with content for the most accessed pages.
|
|
Reverted a compatibility change to support GNU-social events. We copied their feed format and their feed format is wrong (XML namespace collisions).
|
|
Provide a querystring attribute to CSS/JS resources to avoid caching issues when our code changes (which is often).
|
|
Fix javascript detection and allow either positive or negative detection.
|
|
Refactor the plugin hook registration procedure, provide 'unregister all' ability.
|
|
Fix RSD (Real Simple Discovery) which has been broken for some time.
|
|
Update smarty library to 3.1.29
|
|
Update jquery.textcomplete to 1.3.4
|
|
Update font-awesome to 4.6.1
|
|
Update SabreDAV to 3.0 (PHP version requirements prevent us from pushing it further at this time)
|
|
Help text added to cmdline utilities config and pconfig
|
|
Reworking of the database logging facility to avoid the rare but troublesome recursion when the log facility needed to query the DB internally to obtain config parameters.
|
|
Implement singleton delivery (emulate nomadic identity to singleton networks and services)
|
|
Fix empty album name in photo activities when photo is stored in top level folder.
|
|
Allow engineering units to be used in service class data size restrictions (400M, 1G, etc.)
|
|
Lots of work on bbcode auto-completion
|
|
Admin interface provided to manage external resource repositories
|
|
Oembed security reworked. Now all sources are filtered by default unless blocked.
|
|
Remove the date-string version and use only STD_VERSION
|
|
Add categories and categorisation filtering and the ability to edit all apps (including system apps) for a given channel
|
|
Ensure the ability to translate names of all system apps (except those provided in addons)
|
|
Provide ability to add categories to content from channel sources
|
|
Lots of work on the presentation of the ACL widget to enhance usability and intuitiveness
|
|
Allow somebody to follow a channel from a pasted redress containing a Unicode lookalike of the @ sign.
|
|
Add conditional syntax to Comanche (if/then/else)
|
|
Convert Comanche to an object class
|
|
Removed IE6 compatibility code
|
|
Explicitly close DB on shutdown/exit instead of allowing it to close naturally
|
|
Allowed delayed publish of webpages
|
|
Show current repository versions of master and dev on admin page and warn if your installation has fallen behind master
|
|
Provide some extra security checks to import data and files to prevent mischief
|
|
Block CalDAV/CardDAV namespace reserved words from being used as a channel nickname/redress since Sabre is somewhat inflexible in this regard
|
|
Plugins:
|
|
Diaspora
|
|
markdown translator work needed to eradicate the Diaspora Comment Virus.
|
|
upgrade all inbound paths with the most recent protocol changes (several of these)
|
|
convert 'diaspora_meta' (Diaspora Comment Virus) to iconfig and eradicate from sites with Diaspora disabled
|
|
implement social relay and allow following tags
|
|
upgrade statistics.json to NodeInfo. Currently hubzilla sites are tagged as 'redmatrix' because the NodeInfo schema lacks extensibility and project names are used to designate protocol compatibility rather than protocol names.
|
|
Std-embeds
|
|
New addon to allow a handful of corporate providers to run unfiltered embed code (youtube, vimeo, soundcloud)
|
|
Various:
|
|
upgrade font-awesome icons and adapt a few addons to Objects and the new hook interface and new controller interface
|
|
|
|
Hubzilla 1.4
|
|
[This list may appear brief, but encompasses a huge amount of re-writing and re-factoring
|
|
of the internal code structure to gain long-term performance and stability and provide a standard
|
|
interface to alternate protocol federation plugins which were made possible by the UNO configuration.
|
|
UNO is a configuration of hubzilla introduced in 1.3 with reduced complexity and which provides
|
|
improved protocol federation potential to other networks by virtue of removing nomadic identity
|
|
(which is not possible to model or work around using other network protocols).]
|
|
|
|
Implement channel move operation for UNO configuration
|
|
Remove bookmark references in UNO (which has no bookmarks by default)
|
|
UI cleanup profiles/chat/manage
|
|
Refactor webfinger probes and salmon backend for GNU-social federation
|
|
SECURITY: DAV authentication exploit
|
|
Context help added
|
|
More help pages
|
|
Provide 'posts only' feed
|
|
Refactor App to remove globals
|
|
Refactor Session to remove globals
|
|
provide a fullscreen mode for selected modules and functions
|
|
Regression: some addon routes broken
|
|
fix "remember me"
|
|
Autocomplete tool extended to bbcode/comanche
|
|
Clone sync of file/photo updates
|
|
system rename (e.g. http to https or DNS name change) missing some connection photos
|
|
calendar module not blocked to public whhen block_public enabled
|
|
Use timeago.js in reshare content so that timestamps will be correct on federated reshares
|
|
Rework detection of JavaScript to avoid reload penalty under normal operation
|
|
Changed primary directory server to a hubzilla server
|
|
Plugins:
|
|
Diaspora - switch to alternate XML parser to avoid storing compound objects
|
|
GNU-Social - Huge amounts of work, federation somewhat working now, several issues remain
|
|
Friendica - Initial federation work (not yet published)
|
|
|
|
Hubzilla 1.3
|
|
Admin Security configuration page created which consolidates several previously hidden settings:
|
|
Communication white/black lists
|
|
Channel white/black lists
|
|
OEmbed white/black lists
|
|
Admin Profile Fields page created which manages the availability and order of standard profile fields and allows new fields to be created/managed
|
|
"Poke" module reworked - page UI updated and "poke basic" setting introduced which limits the available poke "verbs".
|
|
"Mood" module UI reworked
|
|
"profile_photo" module UI reworked
|
|
"cover_photo" module UI reworked
|
|
"new_channel" module UI reworked
|
|
"register" module UI reworked
|
|
"pubsites" module UI reworked
|
|
item-meta ("iconfig") created which implements arbitrary storage for item metadata for plugins
|
|
abook-meta ("abconfig") created which implements arbitrary storage for connection metadata for plugins
|
|
"Strict transport security header" made optional as it conflicts with some existing Apache/nginx configurations
|
|
"Hubzilla UNO" (Hubzilla with radically simplified and locked site settings) implemented as an install configuration.
|
|
.well-known directory conflict worked out to support LetsEncrypt cert ownership checks without disrupting webfinger and other internal uses of .well-known
|
|
Lots of work on 'zcards' which are self-contained HTML representations of a channel including cover photos, profile photos, and some text information
|
|
Long standing bug uncovered which failed to properly restrict the lower time limit for public feed requests
|
|
A number of fixes to "readmore" to fix page jumping
|
|
Bugfix: persons other than the channel owner who have permission to upload photos to a channel could not do so if the js_upload plugin/addon was enabled
|
|
Siteinfo incorrectly identifying secondary directory servers
|
|
Allow admin to set and lock features when UNO is configured
|
|
Atom feeds: alter how events are formatted to be compatible with GNU-social
|
|
Allow guest/visitor access to view personal calendar
|
|
Moved several more classes to "composer format" and provided an autoloader.
|
|
Bugfix: require existing password to change password
|
|
Bugfix: allow relative_date() to be translated to Polish which has more than two plural forms.
|
|
Plugin API: add "requires" keyword to module header to indicate dependent addons
|
|
ActivityStreams improvements and cleanup: photo and file activities
|
|
UI cleanup for editing profile when multiple profiles enabled
|
|
Removed the "markdown" feature as there are numerous issues and no maintainer.
|
|
Provide "footer" bbcode to ease theming of post footer content
|
|
Bugfix: install issues caused by composer code refactor and typo in postgres load file
|
|
Plugins:
|
|
keepout - "block public on steroids"
|
|
pubsubhubbub - provides PuSH support to Atom feeds, required for GNU-social federation
|
|
GNUsocial protocol - under development
|
|
Diaspora protocol - some work to ease migration to the new signing format
|
|
Diaspost - disabled; numerous issues and no maintainer
|
|
smileybutton - theme work and fixed compatibility with other jot-tools plugins
|
|
|
|
|
|
Hubzilla 1.2
|
|
Provide extra HTTP security headers (several of them).
|
|
Allow a site to disable delivery reports if disk space is limited
|
|
Regression: Wrong theme when viewing single post as non-member
|
|
Some Diaspora profile photos use relative URLs - force absolute
|
|
Add locked features to siteinfo report to aid remote debugging
|
|
Provide version compatibility checking to plugins (minversion, maxversion, and minphpversion)
|
|
Account config storage
|
|
Provide optional integrated registration and channel create form
|
|
cli utility for managing addons
|
|
issue with sharing photo "items"
|
|
cover photo manager: upload, crop, and store
|
|
cover photo widget created
|
|
rework the connections list page and provide a few management features there
|
|
fixed issue with Comanche layout definitions loaded by plugins
|
|
provide ability to separate delivery functions from item_store() and item_store_update() - some forum messages were being redelivered when cloned.
|
|
call build_sync_packet() on pdledit changes
|
|
Abstract the project name and version so these can be customised or removed
|
|
Allow hiding the ratings links on a per-site basis
|
|
db_type not present in international setup templates - was unable to choose postgres.
|
|
item_photo_menu logically divided into a) actions on the post, b) actions related to the author
|
|
bug: default channel not reset to 0 when last channel removed
|
|
create widget containing only the contact block
|
|
regression: public forums granted send stream permissions to connections
|
|
workaround Firefox's refusal to honour disabling autocomplete of passwords
|
|
regression: photo's uploaded to a channel by a guest (with file write permissions) not saved correctly.
|
|
provide mechanisms for custom .well-known handlers (needed for LetsEncrypt ownership verification)
|
|
proc_run modified to use exec() instead of proc_open() - causing issues on some PHP installations
|
|
remote delegation failure under a specific set of circumstances which we were finally able to duplicate
|
|
Delegation section of Channel Manager was missing names and contained useless notification icons.
|
|
Change "expire" channel setting to show system limit if there is one.
|
|
Regression: provide a one-click ignore of pending connection
|
|
Config to control directory keyword generation on client and server.
|
|
"Collections" renamed to "Privacy Groups", documentation improved
|
|
widget_item - allow use of page title instead of message id
|
|
Add site black/white list checking to all .well-known services
|
|
reduce incidents of screen jumping when "showmore" is activated
|
|
add oembed provider for photos
|
|
|
|
Addons:
|
|
|
|
CSS theming of pageheader plugin
|
|
xmpp addon ported from Friendica
|
|
Diaspora private mail issues after the third reply
|
|
Occasional issue with Diaspora connection requests
|
|
Add notification email to Diaspora PMs
|
|
Allow anonymising platform and version for statistics
|
|
msgfooter addon created
|
|
removed embedly plugin
|
|
sync clones after superblock addition
|
|
"keepout" plugin created
|
|
|
|
|
|
Hubzilla 1.1
|
|
|
|
Rewrote and simplified the Queue manager and delivery system
|
|
Rewrote and simplified the outer layers of the Zot protocol
|
|
Use a standard version numbering scheme in addition to the snapshot tags
|
|
Provide a channel blacklist for blocking channels with abusive or illegal content at the hub level
|
|
Make the black/white lists pluggable
|
|
Update template library
|
|
Support for letsencrypt certs in various places
|
|
Cleanup of login and register pages
|
|
Better error responses for permission denied on channel file repositories
|
|
Disabled the public stream by default for new installs (can be enabled if desired)
|
|
Cleanup of API authentication and rework the old OAuth1 stuff
|
|
Add API "status with media" support compatible with Twitter and conflicting method for GNU-social
|
|
Rework photo ActivityStreams objects to align better with ActivityStreams producers/consumers
|
|
Several minor API fixes to work better with AndStatus client
|
|
Invitation only site - experimental support added, needs more work
|
|
Fix delivery loop condition due to corrupted data which resulted in recursive upstream delivery
|
|
Provide more support for external (git) widget collections.
|
|
Extend the Queue API to 3rd-party network addons which have experienced downtime recently.
|
|
Regression: Inherited permissions were not explicitly set
|
|
Regression: "Xyz posted on your wall" notification sent when creating webpages at another channel
|
|
Regression: Custom permissions not pre-populated on channel creation with named role.
|
|
Provide "Public" string when a post can be made public, instead of "visible to default audience"
|
|
Allow hub admin to specify a default role type for the first channel created, reducing complexity
|
|
Ability for a hub admin to set feature defaults and lock them, reducing complexity
|
|
Change default expiration of delivery reports to 10 days to accomodate sites with reduced resources
|
|
Addons/Plugins:
|
|
Pageheader addon ported from Friendica
|
|
Hubwall (allow admin to send email to all accounts on this hub) created
|
|
GNU-social - queueing added
|
|
Diaspora - fixes for various failures to update profile photos, updates to queue API
|
|
Cross Domain Authenticated Chess (Andrew Manning's repository)
|
|
|
|
And... the normal "lots of bugs fixed, translations updated, and documentation improved"
|
|
|
|
|
|
|