Changelog.md 121 KB
Newer Older
Dennis Schubert's avatar
Dennis Schubert committed
1 2 3
# 0.6.1.0

## Refactor
4
* Indicate proper way to report bugs in the sidebar [#7039](https://github.com/diaspora/diaspora/pull/7039)
5
* Remove text color from notification mails and fix sender avatar [#7054](https://github.com/diaspora/diaspora/pull/7054)
Benjamin Neff's avatar
Benjamin Neff committed
6
* Make the session cookies HttpOnly again [#7041](https://github.com/diaspora/diaspora/pull/7041)
7
* Invalidate sessions with invalid CSRF tokens [#7050](https://github.com/diaspora/diaspora/pull/7050)
8
* Liking a post will no longer update its interacted timestamp [#7030](https://github.com/diaspora/diaspora/pull/7030)
Flaburgan's avatar
Flaburgan committed
9
* Improve W3C compliance [#7068](https://github.com/diaspora/diaspora/pull/7068)
Dennis Schubert's avatar
Dennis Schubert committed
10 11

## Bug fixes
12
* Post comments no longer get collapsed when interacting with a post [#7040](https://github.com/diaspora/diaspora/pull/7040)
13
* Closed accounts will no longer show up in the account search [#7042](https://github.com/diaspora/diaspora/pull/7042)
14
* Code blocks in conversations no longer overflow the content [#7055](https://github.com/diaspora/diaspora/pull/7055)
15
* More buttons in mobile streams are fixed [#7036](https://github.com/diaspora/diaspora/pull/7036)
cmrd Senya's avatar
cmrd Senya committed
16 17
* Fixed missing sidebar background in the contacts tab [#7064](https://github.com/diaspora/diaspora/pull/7064)
* Fix tags URLs in hovercards [#7075](https://github.com/diaspora/diaspora/pull/7075)
18
* Fix 500 in html requests for post interactions [#7085](https://github.com/diaspora/diaspora/pull/7085)
Dennis Schubert's avatar
Dennis Schubert committed
19 20

## Features
21 22
* Deleted comments will be removed when loading more comments [#7045](https://github.com/diaspora/diaspora/pull/7045)
* The "subscribe" indicator on a post now gets toggled when you like or rehsare a post [#7040](https://github.com/diaspora/diaspora/pull/7040)
23
* Add OpenGraph video support [#7043](https://github.com/diaspora/diaspora/pull/7043)
24
* You'll now get redirected to the invites page if you follow an invitation but you're already logged in [#7061](https://github.com/diaspora/diaspora/pull/7061)
Dennis Schubert's avatar
Dennis Schubert committed
25

26 27
# 0.6.0.0

28 29 30 31
## Warning: This release contains long migrations

This diaspora\* releases comes with a few database cleanup migrations and they could possible take a while. While you should always do that, it is especially important this time to make sure you run the migrations inside a detachable environment like `screen` or `tmux`. A interrupted SSH session could possibly harm your database. Also, please make a backup.

32 33 34 35 36 37 38 39 40 41 42 43 44 45
## The DB environment variable is gone

With Bundler 1.10 supporting optional groups, we removed the DB environment variable. When updating to this release, please update
bundler and select the database support you want:

```sh
gem install bundler
bundle install --with mysql # For MySQL and MariaDB
bundle install --with postgresql # For PostgreSQL
```

For production setups we now additionally recommend adding the `--deployment` flag.
If you set the DB environment variable anywhere, that's no longer necessary.

46 47
## Supported Ruby versions

48
This release recommends using Ruby 2.3, while retaining Ruby 2.1 as an officially supported version.
49 50
Ruby 2.0 is no longer officially supported.

51 52 53 54 55 56 57
## Configuration changes

Please note that the default listen parameter for production setups got
changed. diaspora\* will no longer listen on `0.0.0.0:3000` as it will now
bind to an UNIX socket at `unix:tmp/diaspora.sock`. Please change your local
`diaspora.yml` if necessary.

58 59 60 61 62 63 64 65
## Redis namespace support dropped

We dropped support for Redis namespaces in this release. If you previously set
a custom namespace, please note that diaspora\* will no longer use the
configured value. By default, Redis supports up to 8 databases which can be
selected via the Redis URL in `diaspora.yml`. Please check the examples
provided in our configuration example file.

66 67
## Terms of Use design changes

68
With the port to Bootstrap 3, app/views/terms/default.haml has a new structure. If you have created a customised app/views/terms/terms.haml or app/views/terms/terms.erb file, you will need to edit those files to base your customisations on the new default.haml file.
69

70 71 72
## API authentication

This release makes diaspora\* a OpenID Connect provider. This means you can authenticate to third parties with your diaspora\* account and let
73
them act as your diaspora\* account on your behalf. This feature is still considered in early development, we still expect edge cases and advanced
74 75 76 77 78
features of the specificiation to not be handled correctly or be missing. But we expect a basic OpenID Connect compliant client to work. Please submit issues!
We will also most likely still change the authorization scopes we offer and started with a very minimal set.
Most work still required is on documentation as well as designing and implementing the data API for all of Diaspora's functionality.
Contributions are very welcome, the hard work is done!

79 80 81 82 83 84 85 86
## Vines got replaced by Prosody

Due to many issues with Vines, we decided to remove Vines and offer a Prosody
example configuration instead. [Check the
wiki](https://wiki.diasporafoundation.org/Integration/Chat#Vines_to_Prosody)
for more information on how to migrate to Prosody if you've been using Vines
before.

87 88 89 90 91 92 93 94 95 96
## Sidekiq queue changes

We've decreased the amount of sidekiq queues from 13 to 5 in PR [#6950](https://github.com/diaspora/diaspora/pull/6950).
The new queues are organized according to priority for the jobs they will process. When upgrading please make sure to
empty the sidekiq queues before shutting down the server for an update.

If you run your sidekiq with a custom queue configuration, please make sure to update that for the new queues.

The new queues are: `urgent, high, medium, low, default`.

97 98 99
When you upgrade to the new version, some jobs may persist in the old queues. To move them to the default queue,
so they're processed, run:

100
```
101
bin/rake migrations:legacy_queues
102 103
```

104 105
Note that this will retry all dead jobs, if you want to prevent that empty the dead queue first.

106 107
The command will report queues that still have jobs and launch sidekiq process for that queues.

108
## Refactor
109
* Improve bookmarklet [#5904](https://github.com/diaspora/diaspora/pull/5904)
110
* Update listen configuration to listen on unix sockets by default [#5974](https://github.com/diaspora/diaspora/pull/5974)
111
* Port to Bootstrap 3 [#6015](https://github.com/diaspora/diaspora/pull/6015)
112
* Use a fixed width for the mobile drawer [#6057](https://github.com/diaspora/diaspora/pull/6057)
113
* Replace jquery.autoresize with autosize [#6104](https://github.com/diaspora/diaspora/pull/6104)
114
* Improve mobile conversation design [#6087](https://github.com/diaspora/diaspora/pull/6087)
115
* Replace remaining faceboxes with Bootstrap modals [#6106](https://github.com/diaspora/diaspora/pull/6106) [#6161](https://github.com/diaspora/diaspora/pull/6161)
116
* Rewrite header using Bootstrap 3 [#6109](https://github.com/diaspora/diaspora/pull/6109) [#6130](https://github.com/diaspora/diaspora/pull/6130) [#6132](https://github.com/diaspora/diaspora/pull/6132)
117
* Use upstream CSS mappings for Entypo [#6158](https://github.com/diaspora/diaspora/pull/6158)
118
* Replace some mobile icons with Entypo [#6218](https://github.com/diaspora/diaspora/pull/6218)
119
* Refactor publisher backbone view [#6228](https://github.com/diaspora/diaspora/pull/6228)
120
* Replace MBP.autogrow with autosize on mobile [#6261](https://github.com/diaspora/diaspora/pull/6261)
121
* Improve mobile drawer transition [#6233](https://github.com/diaspora/diaspora/pull/6233)
122
* Remove unused header icons and an unused favicon  [#6283](https://github.com/diaspora/diaspora/pull/6283)
123
* Replace mobile icons for post interactions with Entypo icons [#6291](https://github.com/diaspora/diaspora/pull/6291)
124
* Replace jquery.autocomplete with typeahead.js [#6293](https://github.com/diaspora/diaspora/pull/6293)
125
* Redesign sidebars on stream pages [#6309](https://github.com/diaspora/diaspora/pull/6309)
126
* Improve ignored users styling [#6349](https://github.com/diaspora/diaspora/pull/6349)
127 128 129 130 131
* Use Blueimp image gallery instead of lightbox [#6301](https://github.com/diaspora/diaspora/pull/6301)
* Unify mobile and desktop header design [#6285](https://github.com/diaspora/diaspora/pull/6285)
* Add white background and box-shadow to stream elements [#6324](https://github.com/diaspora/diaspora/pull/6324)
* Override Bootstrap list group design [#6345](https://github.com/diaspora/diaspora/pull/6345)
* Clean up publisher code [#6336](https://github.com/diaspora/diaspora/pull/6336)
132
* Port conversations to new design [#6431](https://github.com/diaspora/diaspora/pull/6431)
133
* Hide cancel button in publisher on small screens [#6435](https://github.com/diaspora/diaspora/pull/6435)
134
* Replace mobile background with color [#6415](https://github.com/diaspora/diaspora/pull/6415)
135
* Port flash messages to backbone [#6395](https://github.com/diaspora/diaspora/pull/6395)
136
* Change login/registration/forgot password button color [#6504](https://github.com/diaspora/diaspora/pull/6504)
137
* A note regarding ignoring users was added to the failure messages on commenting/liking [#6646](https://github.com/diaspora/diaspora/pull/6646)
138
* Replace sidetiq with sidekiq-cron [#6616](https://github.com/diaspora/diaspora/pull/6616)
139
* Refactor mobile comment section [#6509](https://github.com/diaspora/diaspora/pull/6509)
140
* Set vertical resize as default for all textareas [#6654](https://github.com/diaspora/diaspora/pull/6654)
141
* Unifiy max-widths and page layouts [#6675](https://github.com/diaspora/diaspora/pull/6675)
142
* Enable autosizing for all textareas [#6674](https://github.com/diaspora/diaspora/pull/6674)
143
* Stream faces are gone [#6686](https://github.com/diaspora/diaspora/pull/6686)
144
* Refactor mobile javascript and add tests [#6394](https://github.com/diaspora/diaspora/pull/6394)
145
* Dropped `parent_author_signature` from relayables [#6586](https://github.com/diaspora/diaspora/pull/6586)
146
* Attached ShareVisibilities to the User, not the Contact [#6723](https://github.com/diaspora/diaspora/pull/6723)
147
* Refactor mentions input, now based on typeahead.js [#6728](https://github.com/diaspora/diaspora/pull/6728)
148
* Optimized the pod up checks [#6727](https://github.com/diaspora/diaspora/pull/6727)
149
* Prune and do not create aspect visibilities for public posts [#6732](https://github.com/diaspora/diaspora/pull/6732)
150
* Optimized mobile login and registration forms [#6764](https://github.com/diaspora/diaspora/pull/6764)
151
* Redesign stream pages [#6535](https://github.com/diaspora/diaspora/pull/6535)
152
* Improve search and mentions suggestions [#6788](https://github.com/diaspora/diaspora/pull/6788)
153
* Redesign back to top button [#6782](https://github.com/diaspora/diaspora/pull/6782)
154
* Adjusted Facebook integration for a successful review [#6778](https://github.com/diaspora/diaspora/pull/6778)
155
* Redirect to the sign-in page instead of the stream on account deletion [#6784](https://github.com/diaspora/diaspora/pull/6784)
156
* Removed own unicorn killer by a maintained third-party gem [#6792](https://github.com/diaspora/diaspora/pull/6792)
157
* Removed deprecated `REDISTOGO_URL` environment variable [#6863](https://github.com/diaspora/diaspora/pull/6863)
158
* Use Poltergeist instead of Selenium [#6768](https://github.com/diaspora/diaspora/pull/6768)
159
* Redesigned the landing page and added dedicated notes for podmins [#6268](https://github.com/diaspora/diaspora/pull/6268)
160
* Moved the entire federation implementation into its own gem. 🎉 [#6873](https://github.com/diaspora/diaspora/pull/6873)
161
* Remove `StatusMessage#raw_message` [#6921](https://github.com/diaspora/diaspora/pull/6921)
162
* Extract photo export into a service class [#6922](https://github.com/diaspora/diaspora/pull/6922)
163
* Use handlebars template for aspect membership dropdown [#6864](https://github.com/diaspora/diaspora/pull/6864)
164
* Extract relayable signatures into their own tables [#6932](https://github.com/diaspora/diaspora/pull/6932)
165
* Remove outdated columns from posts table [#6940](https://github.com/diaspora/diaspora/pull/6940)
Denys Kurets's avatar
Denys Kurets committed
166
* Remove some unused routes [#6781](https://github.com/diaspora/diaspora/pull/6781)
167
* Consolidate sidekiq queues [#6950](https://github.com/diaspora/diaspora/pull/6950)
168
* Don't re-render the whole comment stream when adding comments [#6406](https://github.com/diaspora/diaspora/pull/6406)
169
* Drop legacy invitation system [#6976](https://github.com/diaspora/diaspora/pull/6976)
170
* More consistent and updated meta tags throughout [#6998](https://github.com/diaspora/diaspora/pull/6998)
171 172 173

## Bug fixes
* Destroy Participation when removing interactions with a post [#5852](https://github.com/diaspora/diaspora/pull/5852)
174
* Improve accessibility of a couple pages [#6227](https://github.com/diaspora/diaspora/pull/6227)
175
* Capitalize "Powered by diaspora" [#6254](https://github.com/diaspora/diaspora/pull/6254)
176
* Display username and avatar for NSFW posts in mobile view [#6245](https://github.com/diaspora/diaspora/pull/6245)
177
* Prevent multiple comment boxes on mobile [#6363](https://github.com/diaspora/diaspora/pull/6363)
178
* Correctly display location in post preview [#6429](https://github.com/diaspora/diaspora/pull/6429)
179
* Do not fail when submitting an empty comment in the mobile view [#6543](https://github.com/diaspora/diaspora/pull/6543)
180
* Limit flash message width on small devices [#6529](https://github.com/diaspora/diaspora/pull/6529)
181
* Add navbar on mobile when not logged in [#6483](https://github.com/diaspora/diaspora/pull/6483)
182
* Fix timeago tooltips for reshares [#6648](https://github.com/diaspora/diaspora/pull/6648)
183
* "Getting started" is now turned off after first visit on mobile [#6681](https://github.com/diaspora/diaspora/pull/6681)
184
* Fixed a 500 when liking on mobile without JS enabled [#6683](https://github.com/diaspora/diaspora/pull/6683)
185
* Fixed profile image upload in the mobile UI [#6684](https://github.com/diaspora/diaspora/pull/6684)
186
* Fixed eye not stopping all processes when trying to exit `script/server` [#6693](https://github.com/diaspora/diaspora/pull/6693)
187
* Do not change contacts count when marking notifications on the contacts page as read [#6718](https://github.com/diaspora/diaspora/pull/6718)
188
* Fix typeahead for non-latin characters [#6741](https://github.com/diaspora/diaspora/pull/6741)
189
* Fix upload size error on mobile [#6803](https://github.com/diaspora/diaspora/pull/6803)
Jonne Haß's avatar
Jonne Haß committed
190
* Connection tester handles invalid NodeInfo implementations [#6890](https://github.com/diaspora/diaspora/pull/6890)
191
* Do not allow to change email to an already used one [#6905](https://github.com/diaspora/diaspora/pull/6905)
192
* Correctly filter mentions on the server side [#6902](https://github.com/diaspora/diaspora/pull/6902)
193
* Add aspects to the aspect membership dropdown when creating them on the getting started page [#6864](https://github.com/diaspora/diaspora/pull/6864)
194
* Strip markdown from message preview in conversations list [#6923](https://github.com/diaspora/diaspora/pull/6923)
195
* Improve tag stream performance [#6903](https://github.com/diaspora/diaspora/pull/6903)
196
* Only show mutual contacts in conversations auto suggestions [#7001](https://github.com/diaspora/diaspora/pull/7001)
197 198

## Features
199
* Support color themes [#6033](https://github.com/diaspora/diaspora/pull/6033)
200
* Add mobile services and privacy settings pages [#6086](https://github.com/diaspora/diaspora/pull/6086)
201
* Optionally make your extended profile details public [#6162](https://github.com/diaspora/diaspora/pull/6162)
202
* Add admin dashboard showing latest diaspora\* version [#6216](https://github.com/diaspora/diaspora/pull/6216)
203
* Display poll & location on mobile [#6238](https://github.com/diaspora/diaspora/pull/6238)
204
* Update counts on contacts page dynamically [#6240](https://github.com/diaspora/diaspora/pull/6240)
205
* Add support for relay based public post federation [#6207](https://github.com/diaspora/diaspora/pull/6207)
206
* Bigger mobile publisher [#6261](https://github.com/diaspora/diaspora/pull/6261)
207
* Backend information panel & health checks for known pods [#6290](https://github.com/diaspora/diaspora/pull/6290)
208
* Allow users to view a posts locations on an OpenStreetMap [#6256](https://github.com/diaspora/diaspora/pull/6256)
209
* Redesign and unify error pages [#6428](https://github.com/diaspora/diaspora/pull/6428)
210
* Redesign and refactor report admin interface [#6378](https://github.com/diaspora/diaspora/pull/6378)
211
* Add permalink icon to stream elements [#6457](https://github.com/diaspora/diaspora/pull/6457)
212
* Move reshare count to interactions for stream elements [#6487](https://github.com/diaspora/diaspora/pull/6487)
213
* Posts of ignored users are now visible on that profile page [#6617](https://github.com/diaspora/diaspora/pull/6617)
214
* Add white color theme [#6631](https://github.com/diaspora/diaspora/pull/6631)
215
* Add answer counts to poll [#6641](https://github.com/diaspora/diaspora/pull/6641)
216
* Check for collapsible posts after images in posts have loaded [#6671](https://github.com/diaspora/diaspora/pull/6671)
217
* Add reason for post report to email sent to admins [#6679](https://github.com/diaspora/diaspora/pull/6679)
218
* Add links to the single post view of the related post to photos in the photo stream [#6621](https://github.com/diaspora/diaspora/pull/6621)
219
* Add a note for people with disabled JavaScript [#6777](https://github.com/diaspora/diaspora/pull/6777)
220
* Do not include conversation subject in notification mail [#6910](https://github.com/diaspora/diaspora/pull/6910)
221
* Add 'Be excellent to each other!' to the sidebar [#6914](https://github.com/diaspora/diaspora/pull/6914)
222
* Expose Sidekiq dead queue configuration options
223
* Properly support pluralization in timeago strings [#6926](https://github.com/diaspora/diaspora/pull/6926)
224
* Return all contacts in people search [#6951](https://github.com/diaspora/diaspora/pull/6951)
225
* Make screenreaders read alerts [#6973](https://github.com/diaspora/diaspora/pull/6973)
226
* Display message when there are no posts in a stream [#6974](https://github.com/diaspora/diaspora/pull/6974)
227
* Add bootstrap-markdown editor to the publisher [#6551](https://github.com/diaspora/diaspora/pull/6551)
228
* Don't create notifications for ignored users [#6984](https://github.com/diaspora/diaspora/pull/6984)
229
* Fetch missing persons when receiving a mention for them [#6992](https://github.com/diaspora/diaspora/pull/6992)
230

Jonne Haß's avatar
Jonne Haß committed
231
# 0.5.10.2
Dennis Schubert's avatar
Dennis Schubert committed
232

Jonne Haß's avatar
Jonne Haß committed
233
Update to Rails 4.2.7.1 which fixes [CVE-2016-6316](https://groups.google.com/forum/#!topic/ruby-security-ann/8B2iV2tPRSE) and [CVE-2016-6317](https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA).
Dennis Schubert's avatar
Dennis Schubert committed
234

235 236 237 238
# 0.5.10.1

We made a mistake and removed `mysql2` from the `Gemfile.lock` in a recent gem update. Since this could cause some issues for some installations, we decided to release a hotfix.

Dennis Schubert's avatar
Dennis Schubert committed
239 240 241 242
# 0.5.10.0

## Refactor

243
* Removed the publisher from a user's photo stream due to various issues [#6851](https://github.com/diaspora/diaspora/pull/6851)
244
* Don't implicitly ignore missing templateName in app.views.Base [#6877](https://github.com/diaspora/diaspora/pull/6877)
245

Jonne Haß's avatar
Jonne Haß committed
246 247 248 249 250 251
# 0.5.9.1

Update Nokogiri to 1.6.8, which in turn updates libxml2 to 2.9.4 and libxslt to 1.1.29,
addressing a range of security issues. See https://groups.google.com/forum/#!topic/ruby-security-ann/RCHyF5K9Lbc
for more details.

Dennis Schubert's avatar
Dennis Schubert committed
252 253 254
# 0.5.9.0

## Refactor
Senya's avatar
Senya committed
255
* Remove unused mentions regex [#6810](https://github.com/diaspora/diaspora/pull/6810)
Dennis Schubert's avatar
Dennis Schubert committed
256 257

## Bug fixes
258
* Fix back to top button not appearing on Webkit browsers [#6782](https://github.com/diaspora/diaspora/pull/6782)
259
* Don't reset the notification timestamp when marking them as read [#6821](https://github.com/diaspora/diaspora/pull/6821)
Dennis Schubert's avatar
Dennis Schubert committed
260 261 262

## Features

263 264
* The sender's diaspora-ID is now shown in invitation mails [#6817](https://github.com/diaspora/diaspora/pull/6817)

265 266 267
# 0.5.8.0

## Refactor
268
* Sort tag autocompletion by tag name [#6734](https://github.com/diaspora/diaspora/pull/6734)
269
* Make account deletions faster by adding an index [#6771](https://github.com/diaspora/diaspora/pull/6771)
270 271

## Bug fixes
272 273
* Fix empty name field when editing aspect names [#6706](https://github.com/diaspora/diaspora/pull/6706)
* Fix internal server error when trying to log out of an expired session [#6707](https://github.com/diaspora/diaspora/pull/6707)
274
* Only mark unread notifications as read [#6711](https://github.com/diaspora/diaspora/pull/6711)
275
* Use https for OEmbeds [#6748](https://github.com/diaspora/diaspora/pull/6748)
276
* Fix birthday issues on leap days [#6738](https://github.com/diaspora/diaspora/pull/6738)
277 278

## Features
279
* Added the footer to conversation pages [#6710](https://github.com/diaspora/diaspora/pull/6710)
Benjamin Neff's avatar
Benjamin Neff committed
280
* Drop ChromeFrame and display an error page on old IE versions instead [#6751](https://github.com/diaspora/diaspora/pull/6751)
281

Dennis Schubert's avatar
Dennis Schubert committed
282 283
# 0.5.7.1

284 285 286 287
This security release disables post fetching for relayables. Due to an insecure implementation, fetching of root posts for relayables could allow an attacker to distribute malicious/spoofed/modified posts for any person.

Disabling the fetching will make the current federation a bit less reliable, but for a hotfix, this is the best solution. We will re-enable the fetching in 0.6.0.0 when we moved out the federation into its own library and are able to implement further validation during fetches.

288 289
# 0.5.7.0

290 291
## Refactor
* Internationalize controller rescue\_from text [#6554](https://github.com/diaspora/diaspora/pull/6554)
292
* Make mention parsing a bit more robust [#6658](https://github.com/diaspora/diaspora/pull/6658)
293
* Remove unlicensed images [#6673](https://github.com/diaspora/diaspora/pull/6673)
294
* Removed unused contacts\_title [#6687](https://github.com/diaspora/diaspora/pull/6687)
295

296
## Bug fixes
297
* Fix plural rules handling more than wanted as "one" [#6630](https://github.com/diaspora/diaspora/pull/6630)
Benjamin Neff's avatar
Benjamin Neff committed
298
* Fix `suppress_annoying_errors` eating too much errors [#6653](https://github.com/diaspora/diaspora/pull/6653)
299
* Ensure the rubyzip gem is properly loaded [#6659](https://github.com/diaspora/diaspora/pull/6659)
300
* Fix mobile registration layout after failed registration [#6677](https://github.com/diaspora/diaspora/pull/6677)
301
* Fix mirrored names when using a RTL language [#6680](https://github.com/diaspora/diaspora/pull/6680)
302
* Disable submitting a post multiple times in the mobile UI [#6682](https://github.com/diaspora/diaspora/pull/6682)
303

304
## Features
305
* Keyboard shortcuts now do work on profile pages as well [#6647](https://github.com/diaspora/diaspora/pull/6647/files)
306
* Add the podmin email address to 500 errors [#6652](https://github.com/diaspora/diaspora/pull/6652)
307

308 309
# 0.5.6.3

310 311 312
Fix evil regression caused by Active Model no longer exposing
`include_root_in_json` in instances.

Dennis Schubert's avatar
Dennis Schubert committed
313 314
# 0.5.6.2

Dennis Schubert's avatar
Dennis Schubert committed
315 316 317 318 319 320 321 322 323
* Fix [CVE-2016-0751](https://groups.google.com/forum/#!topic/rubyonrails-security/9oLY_FCzvoc) - Possible Object Leak and Denial of Service attack in Action Pack
* Fix [CVE-2015-7581](https://groups.google.com/forum/#!topic/rubyonrails-security/dthJ5wL69JE) - Object leak vulnerability for wildcard controller routes in Action Pack
* Fix [CVE-2015-7576](https://groups.google.com/forum/#!topic/rubyonrails-security/ANv0HDHEC3k) - Timing attack vulnerability in basic authentication in Action Controller
* Fix [CVE-2016-0752](https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00) - Possible Information Leak Vulnerability in Action View
* Fix [CVE-2016-0753](https://groups.google.com/forum/#!topic/rubyonrails-security/6jQVC1geukQ) - Possible Input Validation Circumvention in Active Model
* Fix [CVE-2015-7577](https://groups.google.com/forum/#!topic/rubyonrails-security/cawsWcQ6c8g) - Nested attributes rejection proc bypass in Active Record
* Fix [CVE-2015-7579](https://groups.google.com/forum/#!topic/rubyonrails-security/OU9ugTZcbjc) - XSS vulnerability in rails-html-sanitizer
* Fix [CVE-2015-7578](https://groups.google.com/forum/#!topic/rubyonrails-security/uh--W4TDwmI) - Possible XSS vulnerability in rails-html-sanitizer

Dennis Schubert's avatar
Dennis Schubert committed
324 325
# 0.5.6.1

Dennis Schubert's avatar
Dennis Schubert committed
326
* Fix Nokogiri CVE-2015-7499
Dennis Schubert's avatar
Dennis Schubert committed
327
* Fix unsafe "Remember me" cookies in Devise
Dennis Schubert's avatar
Dennis Schubert committed
328

Jonne Haß's avatar
Jonne Haß committed
329
# 0.5.6.0
Dennis Schubert's avatar
Dennis Schubert committed
330 331

## Refactor
332
* Add more integration tests with the help of the new diaspora-federation gem [#6539](https://github.com/diaspora/diaspora/pull/6539)
Dennis Schubert's avatar
Dennis Schubert committed
333

Jonne Haß's avatar
Jonne Haß committed
334
## Bug fixes
335
* Fix mention autocomplete when pasting the username [#6510](https://github.com/diaspora/diaspora/pull/6510)
336
* Use and update updated\_at for notifications [#6573](https://github.com/diaspora/diaspora/pull/6573)
337 338
* Ensure the author signature is checked when receiving a relayable [#6539](https://github.com/diaspora/diaspora/pull/6539)
* Do not try to display hovercards when logged out [#6587](https://github.com/diaspora/diaspora/pull/6587)
Jonne Haß's avatar
Jonne Haß committed
339 340 341

## Features

342 343
* Display hovercards without aspect dropdown when logged out [#6603](https://github.com/diaspora/diaspora/pull/6603)
* Add media.ccc.de as a trusted oEmbed endpoint
344

345 346 347
# 0.5.5.1

* Fix XSS on profile pages
Dennis Schubert's avatar
Dennis Schubert committed
348
* Bump nokogiri to fix several libxml2 CVEs, see http://www.ubuntu.com/usn/usn-2834-1/
349

Dennis Schubert's avatar
Dennis Schubert committed
350 351 352
# 0.5.5.0

## Bug fixes
353
* Redirect to sign in page when a background request fails with 401 [#6496](https://github.com/diaspora/diaspora/pull/6496)
354
* Correctly skip setting sidekiq logfile on Heroku [#6500](https://github.com/diaspora/diaspora/pull/6500)
355
* Fix notifications for interactions by non-contacts [#6498](https://github.com/diaspora/diaspora/pull/6498)
356
* Fix issue where the publisher was broken on profile pages [#6503](https://github.com/diaspora/diaspora/pull/6503)
357
* Prevent participations being created for invalid interactions [#6552](https://github.com/diaspora/diaspora/pull/6552)
358
* Improve federation for reshare related interactions [#6481](https://github.com/diaspora/diaspora/pull/6481)
Dennis Schubert's avatar
Dennis Schubert committed
359

360 361 362
# 0.5.4.0

## Refactor
363
*  Improve infinite scroll triggering [#6451](https://github.com/diaspora/diaspora/pull/6451)
364 365

## Bug fixes
366
* Skip first getting started step if it looks done already [#6456](https://github.com/diaspora/diaspora/pull/6456)
367
* Normalize new followed tags and insert them alphabetically [#6454](https://github.com/diaspora/diaspora/pull/6454)
368
* Add avatar fallback for notification dropdown [#6463](https://github.com/diaspora/diaspora/pull/6463)
369
* Improve handling of j/k hotkeys [#6462](https://github.com/diaspora/diaspora/pull/6462)
370
* Fix JS error caused by hovercards [6480](https://github.com/diaspora/diaspora/pull/6480)
371 372 373

## Features
* Show spinner on initial stream load [#6384](https://github.com/diaspora/diaspora/pull/6384)
374
* Add new moderator role. Moderators can view and act on reported posts [#6351](https://github.com/diaspora/diaspora/pull/6351)
Jonne Haß's avatar
Jonne Haß committed
375
* Only post to the primary tumblr blog [#6386](https://github.com/diaspora/diaspora/pull/6386)
376
* Always show public photos on profile page [#6398](https://github.com/diaspora/diaspora/pull/6398)
377
* Expose Unicorn's pid option to our configuration system [#6411](https://github.com/diaspora/diaspora/pull/6411)
Steffen van Bergerem's avatar
Steffen van Bergerem committed
378
* Add stream of all public posts [#6465](https://github.com/diaspora/diaspora/pull/6465)
379
* Reload stream when clicking on already active one [#6466](https://github.com/diaspora/diaspora/pull/6466)
380
* Sign in user before evaluating post visibility [#6490](https://github.com/diaspora/diaspora/pull/6490)
381

Jonne Haß's avatar
Jonne Haß committed
382 383 384 385 386
# 0.5.3.1

Fix a leak of potentially private profile data to unauthorized users who were sharing with the person
and on a pod that received that data.

Jonne Haß's avatar
Jonne Haß committed
387 388 389
# 0.5.3.0

## Refactor
Steffen van Bergerem's avatar
Steffen van Bergerem committed
390
* Drop broken correlations from the admin pages [#6223](https://github.com/diaspora/diaspora/pull/6223)
391
* Extract PostService from PostsController [#6208](https://github.com/diaspora/diaspora/pull/6208)
392
* Drop outdated/unused mbp-respond.min.js and mbp-modernizr-custom.js [#6257](https://github.com/diaspora/diaspora/pull/6257)
Mikica Ivosevic's avatar
Mikica Ivosevic committed
393
* Refactor ApplicationController#after\_sign\_out\_path\_for [#6258](https://github.com/diaspora/diaspora/pull/6258)
394
* Extract StatusMessageService from StatusMessagesController [#6280](https://github.com/diaspora/diaspora/pull/6280)
395
* Refactor HomeController#toggle\_mobile [#6260](https://github.com/diaspora/diaspora/pull/6260)
396
* Extract CommentService from CommentsController [#6307](https://github.com/diaspora/diaspora/pull/6307)
397
* Extract user/profile discovery into the diaspora\_federation-rails gem [#6310](https://github.com/diaspora/diaspora/pull/6310)
398
* Refactor PostPresenter [#6315](https://github.com/diaspora/diaspora/pull/6315)
399
* Convert BackToTop to a backbone view [#6279](https://github.com/diaspora/diaspora/pull/6279) and [#6360](https://github.com/diaspora/diaspora/pull/6360)
400
* Automatically follow the new HQ-Account [#6369](https://github.com/diaspora/diaspora/pull/6369)
Jonne Haß's avatar
Jonne Haß committed
401 402

## Bug fixes
403
* Fix indentation and a link title on the default home page [#6212](https://github.com/diaspora/diaspora/pull/6212)
404
* Bring peeping Tom on the 404 page back [#6226](https://github.com/diaspora/diaspora/pull/6226)
405
* Fix mobile photos index page [#6243](https://github.com/diaspora/diaspora/pull/6243)
406
* Fix conversations view with no contacts [#6266](https://github.com/diaspora/diaspora/pull/6266)
407
* Links in the left sidebar are now clickable on full width [#6267](https://github.com/diaspora/diaspora/pull/6267)
408
* Guard against passing nil into person\_image\_tag [#6286](https://github.com/diaspora/diaspora/pull/6286)
409
* Prevent Handlebars from messing up indentation of pre tags [#6339](https://github.com/diaspora/diaspora/pull/6339)
410
* Fix pagination design on notifications page [#6364](https://github.com/diaspora/diaspora/pull/6364)
Jonne Haß's avatar
Jonne Haß committed
411 412 413

## Features

414
* Implement NodeInfo [#6239](https://github.com/diaspora/diaspora/pull/6239)
415
* Display original author on reshares of NSFW posts [#6270](https://github.com/diaspora/diaspora/pull/6270)
416
* Use avatars in hovercards as links to the profile [#6297](https://github.com/diaspora/diaspora/pull/6297)
417
* Remove avatars of ignored users from stream faces [#6320](https://github.com/diaspora/diaspora/pull/6320)
augier's avatar
augier committed
418
* New /m route to force the mobile view [#6354](https://github.com/diaspora/diaspora/pull/6354)
419

420 421
# 0.5.2.0

422
## Refactor
423
* Update perfect-scrollbar [#6085](https://github.com/diaspora/diaspora/pull/6085)
424
* Remove top margin for first heading in a post [#6110](https://github.com/diaspora/diaspora/pull/6110)
425
* Add link to pod statistics in right navigation [#6117](https://github.com/diaspora/diaspora/pull/6117)
Jonne Haß's avatar
Jonne Haß committed
426
* Update to Rails 4.2.3 [#6140](https://github.com/diaspora/diaspora/pull/6140)
Benjamin Neff's avatar
Benjamin Neff committed
427
* Refactor person related URL generation [#6168](https://github.com/diaspora/diaspora/pull/6168)
428
* Move webfinger and HCard generation out of the core and embed the `diaspora_federation-rails` gem [#6151](https://github.com/diaspora/diaspora/pull/6151/)
429
* Refactor rspec tests to to use `let` instead of before blocks [#6199](https://github.com/diaspora/diaspora/pull/6199)
430
* Refactor tests for EXIF stripping [#6183](https://github.com/diaspora/diaspora/pull/6183)
431

432 433
## Bug fixes
* Precompile facebox images [#6105](https://github.com/diaspora/diaspora/pull/6105)
434
* Fix wrong closing a-tag [#6111](https://github.com/diaspora/diaspora/pull/6111)
435
* Fix mobile more-button wording when there are less than 15 posts [#6118](https://github.com/diaspora/diaspora/pull/6118)
436
* Fix reappearing flash boxes during sign-in [#6146](https://github.com/diaspora/diaspora/pull/6146)
437
* Capitalize Wiki link [#6193](https://github.com/diaspora/diaspora/pull/6193)
438

439 440
## Features
* Add configuration options for some debug logs [#6090](https://github.com/diaspora/diaspora/pull/6090)
441
* Send new users a welcome message from the podmin [#6128](https://github.com/diaspora/diaspora/pull/6128)
442
* Cleanup temporary upload files daily [#6147](https://github.com/diaspora/diaspora/pull/6147)
443
* Add guid to posts and comments in the user export [#6185](https://github.com/diaspora/diaspora/pull/6185)
444

Jonne Haß's avatar
Jonne Haß committed
445 446 447 448 449 450
# 0.5.1.2

diaspora\* versions prior 0.5.1.2 leaked potentially private profile data (namely the bio, birthday, gender and location fields) to
unauthorized users. While the frontend properly hid them, the backend missed a check to not include them in responses.
Thanks to @cmrd-senya for finding and reporting the issue.

451 452 453 454 455 456 457 458 459
# 0.5.1.1

Update rails to 4.2.2, rack to 1.6.2 and jquery-rails to 4.0.4. This fixes

* [CVE-2015-3226](https://groups.google.com/d/msg/rubyonrails-security/7VlB_pck3hU/3QZrGIaQW6cJ)
* [CVE-2015-3227](https://groups.google.com/d/msg/rubyonrails-security/bahr2JLnxvk/x4EocXnHPp8J)
* [CVE-2015-1840](https://groups.google.com/d/msg/rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J)
* [CVE-2015-3225](https://groups.google.com/d/msg/rubyonrails-security/gcUbICUmKMc/qiCotVZwXrMJ)

460
# 0.5.1.0
461 462

## Refactor
463
* Use Bootstrap modal for new aspect pane [#5850](https://github.com/diaspora/diaspora/pull/5850)
464
* Use asset helper instead of .css.erb [#5886](https://github.com/diaspora/diaspora/pull/5886)
465
* Dropped db/seeds.rb [#5896](https://github.com/diaspora/diaspora/pull/5896)
466
* Drop broken install scripts [#5907](https://github.com/diaspora/diaspora/pull/5907)
467
* Improve invoking mobile site in the testsuite [#5915](https://github.com/diaspora/diaspora/pull/5915)
468
* Do not retry a couple of unrecoverable job failures [#5938](https://github.com/diaspora/diaspora/pull/5938) [#5942](https://github.com/diaspora/diaspora/pull/5943)
469
* Remove some old temporary workarounds [#5964](https://github.com/diaspora/diaspora/pull/5964)
470
* Remove unused `hasPhotos` and `hasText` functions [#5969](https://github.com/diaspora/diaspora/pull/5969)
Jonne Haß's avatar
Jonne Haß committed
471
* Replace foreman with eye [#5966](https://github.com/diaspora/diaspora/pull/5966)
472
* Improved handling of reshares with deleted roots [#5968](https://github.com/diaspora/diaspora/pull/5968)
473
* Remove two unused methods [#5970](https://github.com/diaspora/diaspora/pull/5970)
474
* Refactored the Logger to add basic logrotating and more useful timestamps [#5975](https://github.com/diaspora/diaspora/pull/5975)
475
* Gracefully handle mailer failures if a like is already deleted again [#5983](https://github.com/diaspora/diaspora/pull/5983)
476
* Ensure posts have an author [#5986](https://github.com/diaspora/diaspora/pull/5986)
477
* Improve the logging messages of Sidekiq messages [#5988](https://github.com/diaspora/diaspora/pull/5988)
478
* Improve the logging of Eyes output [#5989](https://github.com/diaspora/diaspora/pull/5989)
479
* Gracefully handle XML parse errors within federation [#5991](https://github.com/diaspora/diaspora/pull/5991)
480
* Remove zip-zip workaround gem [#6001](https://github.com/diaspora/diaspora/pull/6001)
Benjamin Neff's avatar
Benjamin Neff committed
481
* Cleanup and reorganize image assets [#6004](https://github.com/diaspora/diaspora/pull/6004)
482
* Replace vendored assets for facebox by gem [#6005](https://github.com/diaspora/diaspora/pull/6005)
483
* Improve styling of horizontal ruler in posts [#6016](https://github.com/diaspora/diaspora/pull/6016)
484
* Increase post titles length to 50 and use configured pod name as title in the atom feed [#6020](https://github.com/diaspora/diaspora/pull/6020)
485
* Remove deprecated Facebook permissions [#6019](https://github.com/diaspora/diaspora/pull/6019)
486
* Make used post title lengths more consistent [#6022](https://github.com/diaspora/diaspora/pull/6022)
487
* Improved logging source [#6041](https://github.com/diaspora/diaspora/pull/6041)
488
* Gracefully handle duplicate entry while receiving share-visibility in parallel [#6068](https://github.com/diaspora/diaspora/pull/6068)
489
* Update twitter gem to get rid of deprecation warnings [#6083](https://github.com/diaspora/diaspora/pull/6083)
490
* Refactor photos federation to get rid of some hacks [#6082](https://github.com/diaspora/diaspora/pull/6082)
491 492 493

## Bug fixes
* Disable auto follow back on aspect deletion [#5846](https://github.com/diaspora/diaspora/pull/5846)
494
* Fix only sharing flag for contacts that are receiving [#5848](https://github.com/diaspora/diaspora/pull/5848)
495
* Return 406 when requesting a JSON representation of people/:guid/contacts [#5849](https://github.com/diaspora/diaspora/pull/5849)
496
* Hide manage services link in the publisher on certain pages [#5854](https://github.com/diaspora/diaspora/pull/5854)
497
* Fix notification mails for limited posts [#5877](https://github.com/diaspora/diaspora/pull/5877)
498
* Fix medium and small avatar URLs when using Camo [#5883](https://github.com/diaspora/diaspora/pull/5883)
499
* Improve output of script/server [#5885](https://github.com/diaspora/diaspora/pull/5885)
500
* Fix CSS for bold links [#5887](https://github.com/diaspora/diaspora/pull/5887)
501
* Correctly handle IE8 in the chrome frame middleware [#5878](https://github.com/diaspora/diaspora/pull/5878)
502
* Fix code reloading for PostPresenter [#5888](https://github.com/diaspora/diaspora/pull/5888)
503
* Fix closing account from mobile view [#5913](https://github.com/diaspora/diaspora/pull/5913)
504
* Allow using common custom template for desktop & mobile landing page [#5915](https://github.com/diaspora/diaspora/pull/5915)
505
* Use correct branding in Atom feed [#5929](https://github.com/diaspora/diaspora/pull/5929)
506
* Update the configurate gem to avoid issues by missed missing settings keys [#5934](https://github.com/diaspora/diaspora/pull/5934)
507
* ContactPresenter#full_hash_with_person did not contain relationship information [#5936](https://github.com/diaspora/diaspora/pull/5936)
508
* Fix inactive user removal not respecting configuration for daily limits [#5953](https://github.com/diaspora/diaspora/pull/5953)
509
* Fix missing localization of inactive user removal warning emails [#5950](https://github.com/diaspora/diaspora/issues/5950)
510
* Fix fetching for public post while Webfingering [#5958](https://github.com/diaspora/diaspora/pull/5958)
511
* Handle empty searchable in HCard gracefully [#5962](https://github.com/diaspora/diaspora/pull/5962)
512
* Fix a freeze in new post parsing [#5965](https://github.com/diaspora/diaspora/pull/5965)
513
* Add case insensitive unconfirmed email addresses as authentication key [#5967](https://github.com/diaspora/diaspora/pull/5967)
514
* Fix liking on single post views when accessed via GUID [#5978](https://github.com/diaspora/diaspora/pull/5978)
515
* Only return the current_users participation for post interactions [#6007](https://github.com/diaspora/diaspora/pull/6007)
516
* Fix tag rendering in emails [#6009](https://github.com/diaspora/diaspora/pull/6009)
517
* Fix the logo in emails [#6013](https://github.com/diaspora/diaspora/pull/6013)
518
* Disable autocorrect for username on mobile sign in [#6028](https://github.com/diaspora/diaspora/pull/6028)
519
* Fix broken default avatars in the database [#6014](https://github.com/diaspora/diaspora/pull/6014)
520
* Only strip text direction codepoints around hashtags [#6067](https://github.com/diaspora/diaspora/issues/6067)
521
* Fix selected week on admin weekly stats page [#6079](https://github.com/diaspora/diaspora/pull/6079)
522
* Fix that some unread conversations may be hidden [#6060](https://github.com/diaspora/diaspora/pull/6060)
523
* Fix photo links in the mobile interface [#6082](https://github.com/diaspora/diaspora/pull/6082)
524 525

## Features
526
* Hide post title of limited post in comment notification email [#5843](https://github.com/diaspora/diaspora/pull/5843)
527
* More and better environment checks in script/server [#5891](https://github.com/diaspora/diaspora/pull/5891)
528
* Enable aspect sorting again [#5559](https://github.com/diaspora/diaspora/pull/5559)
529
* Submit messages in conversations with Ctrl+Enter [#5910](https://github.com/diaspora/diaspora/pull/5910)
530
* Support syntax highlighting for fenced code blocks [#5908](https://github.com/diaspora/diaspora/pull/5908)
531
* Added link to diasporafoundation.org to invitation email [#5893](https://github.com/diaspora/diaspora/pull/5893)
Jonne Haß's avatar
Jonne Haß committed
532
* Gracefully handle missing `og:url`s [#5926](https://github.com/diaspora/diaspora/pull/5926)
533
* Remove private post content from "also commented" mails [#5931](https://github.com/diaspora/diaspora/pull/5931)
534
* Add a button to follow/unfollow tags to the mobile interface [#5941](https://github.com/diaspora/diaspora/pull/5941)
535
* Add a "Manage followed tags" page to mass unfollow tags in the mobile interface [#5945](https://github.com/diaspora/diaspora/pull/5945)
536
* Add popover/tooltip about email visibility to registration/settings page [#5956](https://github.com/diaspora/diaspora/pull/5956)
537
* Fetch person posts on sharing request [#5960](https://github.com/diaspora/diaspora/pull/5960)
538
* Introduce 'authorized' configuration option for services [#5985](https://github.com/diaspora/diaspora/pull/5985)
539
* Added configuration options for log rotating [#5994](https://github.com/diaspora/diaspora/pull/5994)
540

Jonne Haß's avatar
Jonne Haß committed
541 542 543 544
# 0.5.0.1

Use the correct setting for captcha length instead of defaulting to 1 always.

Jason Robinson's avatar
Jason Robinson committed
545
# 0.5.0.0
Jonne Haß's avatar
Jonne Haß committed
546

Jonne Haß's avatar
Jonne Haß committed
547 548 549 550 551 552 553 554
## Major Sidekiq update
This release includes a major upgrade of the background processing system Sidekiq. To upgrade cleanly:

1. Stop diaspora*
2. Run `RAILS_ENV=production bundle exec sidekiq` and wait 5-10 minutes, then stop it again (hit `CTRL+C`)
3. Do a normal upgrade of diaspora*
4. Start diaspora*

Jonne Haß's avatar
Jonne Haß committed
555 556 557 558 559 560 561 562 563 564 565 566
## Rails 4 - Manual action required
Please edit `config/initializers/secret_token.rb`, replacing `secret_token` with
`secret_key_base`.

```ruby
# Old
Rails.application.config.secret_token = '***********...'

# New
Diaspora::Application.config.secret_key_base = '*************...'
```

567
You also need to take care to set `RAILS_ENV` and to clear the cache while precompiling assets: `RAILS_ENV=production bundle exec rake tmp:cache:clear assets:precompile`
Jonne Haß's avatar
Jonne Haß committed
568

569 570 571 572 573
## Supported Ruby versions
This release drops official support for the Ruby 1.9 series. This means we will no longer test against this Ruby version or take care to choose libraries
that work with it. However that doesn't mean we won't accept patches that improve running diaspora* on it.

At the same time we adopt support for the Ruby 2.1 series and recommend running on the latest Ruby version of that branch. We continue to support the Ruby 2.0
574
series and run our comprehensive test suite against it.
575

576 577
## Change in defaults.yml
The default for including jQuery from a CDN has changed. If you want to continue to include it from a CDN, please explicitly set the `jquery_cdn` setting to `true` in diaspora.yml.
Jonne Haß's avatar
Jonne Haß committed
578

579
## Change in database.yml
goobertron's avatar
Ahem!  
goobertron committed
580
For MySQL databases, replace `charset: utf8` with `encoding: utf8mb4` and  change `collation` from `utf8_bin` to `utf8mb4_bin` in the file `config/database.yml`.
581 582
This is enables full UTF8 support (4bytes characters), including standard emoji characters.
See `database.yml.example` for reference.
583
Please make sure to stop Diaspora prior running this migration!
584

585
## Experimental chat feature
586
This release adds experimental integration with XMPP for real-time chat. Please see  [our wiki](https://wiki.diasporafoundation.org/Vines) for further informations.
587

Jason Robinson's avatar
Jason Robinson committed
588
## Change in statistics.json schema
589
The way services are shown in the `statistics.json` route is changing. The keys relating to showing whether services are enabled or not are moving to their own container as `"services": {....}`, instead of having them all in the root level of the JSON.
Jason Robinson's avatar
Jason Robinson committed
590 591 592

The keys will still be available in the root level within the 0.5 release. The old keys will be removed in the 0.6 release.

593 594 595 596 597
## New maintenance feature to automatically expire inactive accounts
Removing of old inactive users can now be done automatically by background processing. The amount of inactivity is set by `after_days`. A warning email will be sent to the user and after an additional `warn_days`, the account will be automatically closed.

This maintenance is not enabled by default. Podmins can enable it by for example copying over the new settings under `settings.maintenance` to their `diaspora.yml` file and setting it enabled. The default setting is to expire accounts that have been inactive for 2 years (no login).

598 599 600 601 602
## Camo integration to proxy external assets
It is now possible to enable an automatic proxying of external assets, for example images embedded via Markdown or OpenGraph thumbnails loaded from insecure third party servers through a [Camo proxy](https://github.com/atmos/camo).

This is disabled by default since it requires the installation of additional packages and might cause some traffic. Check the [wiki page](https://wiki.diasporafoundation.org/Installation/Camo) for more information and detailed installation instructions.

603 604 605 606 607
## Paypal unhosted button and currency
Podmins can now set the currency for donations, and use an unhosted button if they can't use
a hosted one. Note: you need to **copy the new settings from diaspora.yml.example to your
diaspora.yml file**. The existing settings from 0.4.x and before will not work any more.

608
## Custom splash page changes
609
diaspora* no longer adds a `div.container` to wrap custom splash pages. This adds the ability for podmins to write home pages using Bootstrap's fluid design. Podmins who added a custom splash page in `app/views/home/_show.{html,mobile}.haml` need to wrap the contents into a `div.container` to keep the old design. You will find updated examples [in our wiki](https://wiki.diasporafoundation.org/Custom_splash_page).
610

Jonne Haß's avatar
Jonne Haß committed
611
## Refactor
612
* Redesign contacts page [#5153](https://github.com/diaspora/diaspora/pull/5153)
613
* Improve profile page design on mobile [#5084](https://github.com/diaspora/diaspora/pull/5084)
614
* Port test suite to RSpec 3 [#5170](https://github.com/diaspora/diaspora/pull/5170)
615
* Port tag stream to Bootstrap [#5138](https://github.com/diaspora/diaspora/pull/5138)
616
* Consolidate migrations, if you need a migration prior 2013, checkout the latest release in the 0.4.x series first [#5173](https://github.com/diaspora/diaspora/pull/5173)
617
* Add tests for mobile sign up [#5185](https://github.com/diaspora/diaspora/pull/5185)
618
* Display new conversation form on conversations/index [#5178](https://github.com/diaspora/diaspora/pull/5178)
619
* Port profile page to Backbone [#5180](https://github.com/diaspora/diaspora/pull/5180)
620
* Pull punycode.js from rails-assets.org [#5263](https://github.com/diaspora/diaspora/pull/5263)
621
* Redesign profile page and port to Bootstrap [#4657](https://github.com/diaspora/diaspora/pull/4657)
622
* Unify stream selection links in the left sidebar [#5271](https://github.com/diaspora/diaspora/pull/5271)
Jason Robinson's avatar
Jason Robinson committed
623
* Refactor schema of statistics.json regarding services [#5296](https://github.com/diaspora/diaspora/pull/5296)
Jonne Haß's avatar
Jonne Haß committed
624 625 626
* Pull jquery.idle-timer.js from rails-assets.org [#5310](https://github.com/diaspora/diaspora/pull/5310)
* Pull jquery.placeholder.js from rails-assets.org [#5299](https://github.com/diaspora/diaspora/pull/5299)
* Pull jquery.textchange.js from rails-assets.org [#5297](https://github.com/diaspora/diaspora/pull/5297)
627
* Pull jquery.hotkeys.js from rails-assets.org [#5368](https://github.com/diaspora/diaspora/pull/5368)
628
* Reduce amount of useless background job retries and pull public posts when missing [#5209](https://github.com/diaspora/diaspora/pull/5209)
629
* Updated Weekly User Stats admin page to show data for the most recent week including reversing the order of the weeks in the drop down to show the most recent. [#5331](https://github.com/diaspora/diaspora/pull/5331)
630
* Convert some cukes to RSpec tests [#5289](https://github.com/diaspora/diaspora/pull/5289)
631
* Hidden overflow for long names on tag pages [#5279](https://github.com/diaspora/diaspora/pull/5279)
632
* Always reshare absolute root of a post [#5276](https://github.com/diaspora/diaspora/pull/5276)
633
* Convert remaining SASS stylesheets to SCSS [#5342](https://github.com/diaspora/diaspora/pull/5342)
634 635
* Update rack-protection [#5403](https://github.com/diaspora/diaspora/pull/5403)
* Cleanup diaspora.yml [#5426](https://github.com/diaspora/diaspora/pull/5426)
636
* Replace `opengraph_parser` with `open_graph_reader` [#5462](https://github.com/diaspora/diaspora/pull/5462)
637
* Make sure conversations without any visibilities left are deleted [#5478](https://github.com/diaspora/diaspora/pull/5478)
638
* Change tooltip for delete button in conversations view [#5477](https://github.com/diaspora/diaspora/pull/5477)
639
* Replace a modifier-rescue with a specific rescue [#5491](https://github.com/diaspora/diaspora/pull/5491)
640
* Port contacts page to backbone [#5473](https://github.com/diaspora/diaspora/pull/5473)
641
* Replace CSS vendor prefixes automatically [#5532](https://github.com/diaspora/diaspora/pull/5532)
642
* Use sentence case consistently throughout UI [#5588](https://github.com/diaspora/diaspora/pull/5588)
643
* Hide sign up button when registrations are disabled [#5612](https://github.com/diaspora/diaspora/pull/5612)
Jonne Haß's avatar
Jonne Haß committed
644
* Standardize capitalization throughout the UI [#5588](https://github.com/diaspora/diaspora/pull/5588)
645
* Display photos on the profile page as thumbnails [#5521](https://github.com/diaspora/diaspora/pull/5521)
flaburgan's avatar
flaburgan committed
646
* Unify not connected pages (sign in, sign up, forgot password) [#5391](https://github.com/diaspora/diaspora/pull/5391)
647
* Port remaining stream pages to Bootstrap [#5715](https://github.com/diaspora/diaspora/pull/5715)
648
* Port notification dropdown to Backbone [#5707](https://github.com/diaspora/diaspora/pull/5707) [#5761](https://github.com/diaspora/diaspora/pull/5761)
649
* Add rounded corners for avatars [#5733](https://github.com/diaspora/diaspora/pull/5733)
650
* Move registration form to a partial [#5764](https://github.com/diaspora/diaspora/pull/5764)
651
* Add tests for liking and unliking posts [#5741](https://github.com/diaspora/diaspora/pull/5741)
652
* Rewrite slide effect in conversations as css transition for better performance [#5776](https://github.com/diaspora/diaspora/pull/5776)
653
* Various cleanups and improvements in the frontend code [#5781](https://github.com/diaspora/diaspora/pull/5781) [#5769](https://github.com/diaspora/diaspora/pull/5769) [#5763](https://github.com/diaspora/diaspora/pull/5763) [#5762](https://github.com/diaspora/diaspora/pull/5762) [#5758](https://github.com/diaspora/diaspora/pull/5758) [#5755](https://github.com/diaspora/diaspora/pull/5755) [#5747](https://github.com/diaspora/diaspora/pull/5747) [#5734](https://github.com/diaspora/diaspora/pull/5734) [#5786](https://github.com/diaspora/diaspora/pull/5786) [#5768](https://github.com/diaspora/diaspora/pull/5798)
654
* Add specs and validations to the role model [#5792](https://github.com/diaspora/diaspora/pull/5792)
655
* Replace 'Make something' text by diaspora ball logo on registration page [#5743](https://github.com/diaspora/diaspora/pull/5743)
Jonne Haß's avatar
Jonne Haß committed
656 657

## Bug fixes
658
* orca cannot see 'Add Contact' button [#5158](https://github.com/diaspora/diaspora/pull/5158)
659
* Move submit button to the right in conversations view [#4960](https://github.com/diaspora/diaspora/pull/4960)
660
* Handle long URLs and titles in OpenGraph descriptions [#5208](https://github.com/diaspora/diaspora/pull/5208)
661
* Fix deformed getting started popover [#5227](https://github.com/diaspora/diaspora/pull/5227)
662
* Use correct locale for invitation subject [#5232](https://github.com/diaspora/diaspora/pull/5232)
Jonne Haß's avatar
Jonne Haß committed
663
* Initial support for IDN emails
664
* Fix services settings reported by statistics.json [#5256](https://github.com/diaspora/diaspora/pull/5256)
Jonne Haß's avatar
Jonne Haß committed
665 666
* Only collapse empty comment box [#5328](https://github.com/diaspora/diaspora/pull/5328)
* Fix pagination for people/guid/contacts [#5304](https://github.com/diaspora/diaspora/pull/5304)
667
* Fix poll creation on Bootstrap pages [#5334](https://github.com/diaspora/diaspora/pull/5334)
668
* Show error message on invalid reset password attempt [#5325](https://github.com/diaspora/diaspora/pull/5325)
669
* Fix translations on mobile password reset pages [#5318](https://github.com/diaspora/diaspora/pull/5318)
670
* Handle unset user agent when signing out [#5316](https://github.com/diaspora/diaspora/pull/5316)
671
* More robust URL parsing for oEmbed and OpenGraph [#5347](https://github.com/diaspora/diaspora/pull/5347)
672
* Fix Publisher doesn't expand while uploading images [#3098](https://github.com/diaspora/diaspora/issues/3098)
673
* Drop unneeded and too open crossdomain.xml
674
* Fix hidden aspect dropdown on getting started page [#5407](https://github.com/diaspora/diaspora/pulls/5407)
675
* Fix a few issues on Bootstrap pages [#5401](https://github.com/diaspora/diaspora/pull/5401)
676
* Improve handling of the `more` link on mobile stream pages [#5400](https://github.com/diaspora/diaspora/pull/5400)
677
* Fix prefilling publisher after getting started [#5442](https://github.com/diaspora/diaspora/pull/5442)
678
* Fix overflow in profile sidebar [#5450](https://github.com/diaspora/diaspora/pull/5450)
679
* Fix code overflow in SPV and improve styling for code tags [#5422](https://github.com/diaspora/diaspora/pull/5422)
680
* Correctly validate if local recipients actually want to receive a conversation [#5449](https://github.com/diaspora/diaspora/pull/5449)
681
* Improve consistency of poll answer ordering [#5471](https://github.com/diaspora/diaspora/pull/5471)
682
* Fix broken aspect selectbox on asynchronous search results [#5488](https://github.com/diaspora/diaspora/pull/5488)
683
* Replace %{third_party_tools} by the appropriate hyperlink in tags FAQ [#5509](https://github.com/diaspora/diaspora/pull/5509)
684
* Repair downloading the profile image from Facebook [#5493](https://github.com/diaspora/diaspora/pull/5493)
685
* Fix localization of post and comment timestamps on mobile [#5482](https://github.com/diaspora/diaspora/issues/5482)
686
* Fix mobile JS loading to quieten errors. Fixes also service buttons on mobile bookmarklet.
Jonne Haß's avatar
Jonne Haß committed
687
* Don't error out when adding a too long location to the profile [#5614](https://github.com/diaspora/diaspora/pull/5614)
688 689
* Correctly decrease unread count for conversations [#5646](https://github.com/diaspora/diaspora/pull/5646)
* Fix automatic scroll for conversations [#5646](https://github.com/diaspora/diaspora/pull/5646)
690
* Fix missing translation on privacy settings page [#5671](https://github.com/diaspora/diaspora/pull/5671)
691
* Fix code overflow for the mobile website [#5675](https://github.com/diaspora/diaspora/pull/5675)
692
* Strip Unicode format characters prior post processing [#5680](https://github.com/diaspora/diaspora/pull/5680)
693
* Disable email notifications for closed user accounts [#5640](https://github.com/diaspora/diaspora/pull/5640)
694
* Total user statistic no longer includes closed accounts [#5041](https://github.com/diaspora/diaspora/pull/5041)
695
* Don't add a space when rendering a mention [#5711](https://github.com/diaspora/diaspora/pull/5711)
696
* Fix flickering hovercards [#5714](https://github.com/diaspora/diaspora/pull/5714) [#5876](https://github.com/diaspora/diaspora/pull/5876)
697
* Improved stripping markdown in post titles [#5730](https://github.com/diaspora/diaspora/pull/5730)
698
* Remove border from reply form for conversations [#5744](https://github.com/diaspora/diaspora/pull/5744)
699
* Fix overflow for headings, blockquotes and other elements [#5731](https://github.com/diaspora/diaspora/pull/5731)
700
* Correct photo count on profile page [#5751](https://github.com/diaspora/diaspora/pull/5751)
701
* Fix mobile sign up from an invitation [#5754](https://github.com/diaspora/diaspora/pull/5754)
702
* Set max-width for tag following button on tag page [#5752](https://github.com/diaspora/diaspora/pull/5752)
703
* Display error messages for failed password change [#5580](https://github.com/diaspora/diaspora/pull/5580)
704
* Display correct error message for too long tags [#5783](https://github.com/diaspora/diaspora/pull/5783)
705
* Fix displaying reshares in the stream on mobile [#5790](https://github.com/diaspora/diaspora/pull/5790)
706
* Remove bottom margin from lists that are the last element of a post. [#5721](https://github.com/diaspora/diaspora/pull/5721)
707
* Fix pagination design on conversations page [#5791](https://github.com/diaspora/diaspora/pull/5791)
708
* Prevent inserting posts into the wrong stream [#5838](https://github.com/diaspora/diaspora/pull/5838)
709
* Update help section [#5857](https://github.com/diaspora/diaspora/pull/5857) [#5859](https://github.com/diaspora/diaspora/pull/5859)
710
* Fix asset precompilation check in script/server [#5863](https://github.com/diaspora/diaspora/pull/5863)
711
* Convert MySQL databases to utf8mb4 [#5530](https://github.com/diaspora/diaspora/pull/5530) [#5624](https://github.com/diaspora/diaspora/pull/5624) [#5865](https://github.com/diaspora/diaspora/pull/5865)
712
* Don't upcase labels on mobile sign up/sign in [#5872](https://github.com/diaspora/diaspora/pull/5872)
Jonne Haß's avatar
Jonne Haß committed
713 714

## Features
715
* Don't pull jQuery from a CDN by default [#5105](https://github.com/diaspora/diaspora/pull/5105)
716
* Better character limit message [#5151](https://github.com/diaspora/diaspora/pull/5151)
717
* Remember whether a AccountDeletion was performed [#5156](https://github.com/diaspora/diaspora/pull/5156)
718
* Increased the number of notifications shown in drop down bar to 15 [#5129](https://github.com/diaspora/diaspora/pull/5129)
719
* Increase possible captcha length [#5169](https://github.com/diaspora/diaspora/pull/5169)
720
* Display visibility icon in publisher aspects dropdown [#4982](https://github.com/diaspora/diaspora/pull/4982)