Changelog.md 140 KB
Newer Older
Benjamin Neff's avatar
Benjamin Neff committed
1 2 3
# 0.7.1.0

## Refactor
4
* Remove title from profile photo upload button [#7551](https://github.com/diaspora/diaspora/pull/7551)
5
* Remove Internet Explorer workarounds [#7557](https://github.com/diaspora/diaspora/pull/7557)
6
* Sort notifications by last interaction [#7568](https://github.com/diaspora/diaspora/pull/7568)
7
* Remove tiff support from photos [#7576](https://github.com/diaspora/diaspora/pull/7576)
8
* Remove reference from reshares when original post is deleted [#7578](https://github.com/diaspora/diaspora/pull/7578)
9
* Merge migrations from before 0.6.0.0 to CreateSchema [#7580](https://github.com/diaspora/diaspora/pull/7580)
Benjamin Neff's avatar
Benjamin Neff committed
10 11

## Bug fixes
12 13
* Fix displaying polls with long answers [#7579](https://github.com/diaspora/diaspora/pull/7579)
* Fix S3 support [#7566](https://github.com/diaspora/diaspora/pull/7566)
14
* Fix mixed username and timestamp with LTR/RTL scripts [#7575](https://github.com/diaspora/diaspora/pull/7575)
Benjamin Neff's avatar
Benjamin Neff committed
15 16

## Features
17
* Ask for confirmation when leaving a submittable comment field [#7530](https://github.com/diaspora/diaspora/pull/7530)
Benjamin Neff's avatar
Benjamin Neff committed
18

Dennis Schubert's avatar
Dennis Schubert committed
19 20
# 0.7.0.0

flaburgan's avatar
flaburgan committed
21 22 23 24 25
## Supported Ruby versions

This release recommends using Ruby 2.4, while retaining Ruby 2.3 as an officially supported version.
Ruby 2.1 is no longer officially supported.

26 27 28 29 30
## Delete public/.well-known/

Before upgrading, please check if your `public/` folder contains a hidden `.well-known/` folder.
If so, please delete it since it will prevent the federation from working properly.

Dennis Schubert's avatar
Dennis Schubert committed
31 32
## Refactor

33
* Make the mention syntax more flexible [#7305](https://github.com/diaspora/diaspora/pull/7305)
34
* Display @ before mentions [#7324](https://github.com/diaspora/diaspora/pull/7324)
35
* Simplify mentions in the publisher [#7302](https://github.com/diaspora/diaspora/pull/7302)
36
* Remove chartbeat and mixpanel support [#7280](https://github.com/diaspora/diaspora/pull/7280)
37
* Upgrade to jQuery 3 [#7303](https://github.com/diaspora/diaspora/pull/7303)
38
* Add i18n for color themes [#7369](https://github.com/diaspora/diaspora/pull/7369)
39
* Remove deprecated statistics.json [#7399](https://github.com/diaspora/diaspora/pull/7399)
Benjamin Neff's avatar
Benjamin Neff committed
40 41
* Always link comment count text on mobile [#7483](https://github.com/diaspora/diaspora/pull/7483)
* Switch to new federation protocol [#7436](https://github.com/diaspora/diaspora/pull/7436)
42
* Send public profiles publicly [#7501](https://github.com/diaspora/diaspora/pull/7501)
43
* Change sender for mails [#7495](https://github.com/diaspora/diaspora/pull/7495)
44
* Move back to top to the right to avoid misclicks [#7516](https://github.com/diaspora/diaspora/pull/7516)
45
* Include count in mobile post action link [#7520](https://github.com/diaspora/diaspora/pull/7520)
46
* Update the user data export archive format [#6726](https://github.com/diaspora/diaspora/pull/6726)
47 48
* Use id as fallback when sorting posts [#7523](https://github.com/diaspora/diaspora/pull/7523)
* Remove no-posts-info when adding posts to the stream [#7523](https://github.com/diaspora/diaspora/pull/7523)
49
* Upgrade to rails 5.1 [#7514](https://github.com/diaspora/diaspora/pull/7514)
50
* Refactoring single post view interactions [#7182](https://github.com/diaspora/diaspora/pull/7182)
51
* Update help pages [#7528](https://github.com/diaspora/diaspora/pull/7528)
52
* Disable rendering logging in production [#7529](https://github.com/diaspora/diaspora/pull/7529)
53
* Add some missing indexes and cleanup the database if needed [#7533](https://github.com/diaspora/diaspora/pull/7533)
54
* Remove avatar, name, timestamp and interactions from publisher preview [#7536](https://github.com/diaspora/diaspora/pull/7536)
55

Dennis Schubert's avatar
Dennis Schubert committed
56 57
## Bug fixes

Benjamin Neff's avatar
Benjamin Neff committed
58
* Fix height too high on mobile SPV [#7480](https://github.com/diaspora/diaspora/pull/7480)
59
* Improve stream when ignoring a person who posts a lot of tagged posts [#7503](https://github.com/diaspora/diaspora/pull/7503)
60
* Fix order of comments across pods [#7436](https://github.com/diaspora/diaspora/pull/7436)
61
* Prevent publisher from closing in preview mode [#7518](https://github.com/diaspora/diaspora/pull/7518)
62
* Increase reshare counter after reshare on mobile [#7520](https://github.com/diaspora/diaspora/pull/7520)
63
* Reset stuck exports and handle errors [#7535](https://github.com/diaspora/diaspora/pull/7535)
Benjamin Neff's avatar
Benjamin Neff committed
64

Dennis Schubert's avatar
Dennis Schubert committed
65
## Features
66
* Add support for mentions in comments to the backend [#6818](https://github.com/diaspora/diaspora/pull/6818)
67
* Add support for new mention syntax [#7300](https://github.com/diaspora/diaspora/pull/7300) [#7394](https://github.com/diaspora/diaspora/pull/7394)
68
* Render mentions as links in comments [#7327](https://github.com/diaspora/diaspora/pull/7327)
69
* Add support for mentions in comments to the front-end [#7386](https://github.com/diaspora/diaspora/pull/7386)
70
* Support direct links to comments on mobile [#7508](https://github.com/diaspora/diaspora/pull/7508)
flaburgan's avatar
flaburgan committed
71
* Add inviter first and last name in the invitation e-mail [#7484](https://github.com/diaspora/diaspora/pull/7484)
72
* Add markdown editor for comments and conversations [#7482](https://github.com/diaspora/diaspora/pull/7482)
flaburgan's avatar
flaburgan committed
73
* Improve responsive header in desktop version [#7509](https://github.com/diaspora/diaspora/pull/7509)
74
* Support cmd+enter to submit posts, comments and conversations [#7524](https://github.com/diaspora/diaspora/pull/7524)
75
* Add markdown editor for posts, comments and conversations on mobile [#7235](https://github.com/diaspora/diaspora/pull/7235)
76
* Mark as "Mobile Web App Capable" on Android [#7534](https://github.com/diaspora/diaspora/pull/7534)
77
* Add support for receiving account migrations [#6750](https://github.com/diaspora/diaspora/pull/6750)
Dennis Schubert's avatar
Dennis Schubert committed
78

Benjamin Neff's avatar
Benjamin Neff committed
79 80 81
# 0.6.7.0

## Refactor
Benjamin Neff's avatar
Benjamin Neff committed
82
* Cleanup some translations [#7465](https://github.com/diaspora/diaspora/pull/7465)
Benjamin Neff's avatar
Benjamin Neff committed
83 84

## Features
85
* Change email without confirmation when mail is disabled [#7455](https://github.com/diaspora/diaspora/pull/7455)
86
* Warn users if they leave the profile editing page with unsaved changes [#7473](https://github.com/diaspora/diaspora/pull/7473)
flaburgan's avatar
flaburgan committed
87
* Add admin pages to the mobile interface [#7295](https://github.com/diaspora/diaspora/pull/7295)
flaburgan's avatar
flaburgan committed
88
* Add links to discourse to footer and sidebar [#7446](https://github.com/diaspora/diaspora/pull/7446)
Benjamin Neff's avatar
Benjamin Neff committed
89

Dennis Schubert's avatar
Dennis Schubert committed
90 91 92
# 0.6.6.0

## Refactor
Benjamin Neff's avatar
Benjamin Neff committed
93
* Remove rails\_admin [#7440](https://github.com/diaspora/diaspora/pull/7440)
94
* Use guid instead of id at permalink and in SPV [#7453](https://github.com/diaspora/diaspora/pull/7453)
Dennis Schubert's avatar
Dennis Schubert committed
95 96

## Bug fixes
97
* Make photo upload button hover text translatable [#7429](https://github.com/diaspora/diaspora/pull/7429)
98
* Fix first comment in mobile view with french locale [#7441](https://github.com/diaspora/diaspora/pull/7441)
99
* Use post page title and post author in atom feed [#7420](https://github.com/diaspora/diaspora/pull/7420)
100
* Handle broken public keys when receiving posts [#7448](https://github.com/diaspora/diaspora/pull/7448)
101
* Fix welcome message when podmin is set to an invalid username [#7452](https://github.com/diaspora/diaspora/pull/7452)
Dennis Schubert's avatar
Dennis Schubert committed
102 103

## Features
104 105
* Add support for Nodeinfo 2.0 [#7447](https://github.com/diaspora/diaspora/pull/7447)

Benjamin Neff's avatar
Benjamin Neff committed
106 107 108
# 0.6.5.0

## Refactor
Senya's avatar
Senya committed
109
* Remove unused setPreload function [#7354](https://github.com/diaspora/diaspora/pull/7354)
110
* Remove jQuery deprecations [#7356](https://github.com/diaspora/diaspora/pull/7356)
111
* Use empty selector where "#" was used as a selector before (prepare jQuery 3 upgrade) [#7372](https://github.com/diaspora/diaspora/pull/7372)
112
* Increase maximal height of large thumbnail on mobile [#7383](https://github.com/diaspora/diaspora/pull/7383)
113
* Reduce conversation recipient size [#7376](https://github.com/diaspora/diaspora/pull/7376)
114
* Cleanup rtl css [#7374](https://github.com/diaspora/diaspora/pull/7374)
115
* Increase visual spacing between list items [#7401](https://github.com/diaspora/diaspora/pull/7401)
cmrd Senya's avatar
cmrd Senya committed
116
* Remove unused gem and cucumber step [#7410](https://github.com/diaspora/diaspora/pull/7410)
117
* Disable CSP header when `report_only` and no `report_uri` is set [#7367](https://github.com/diaspora/diaspora/pull/7367)
Benjamin Neff's avatar
Benjamin Neff committed
118 119

## Bug fixes
flaburgan's avatar
flaburgan committed
120
* Don't hide posts when blocking someone from the profile [#7379](https://github.com/diaspora/diaspora/pull/7379)
121
* Disable autocomplete for the conversation form recipient input [#7375](https://github.com/diaspora/diaspora/pull/7375)
122
* Fix sharing indicator on profile page for blocked users [#7382](https://github.com/diaspora/diaspora/pull/7382)
123
* Remove post only after a successful deletion on the server [#7385](https://github.com/diaspora/diaspora/pull/7385)
124
* Fix an issue where pod admins could get logged out when using sidekiq-web [#7395](https://github.com/diaspora/diaspora/pull/7395)
125
* Add avatar fallback for typeahead and conversations [#7414](https://github.com/diaspora/diaspora/pull/7414)
Benjamin Neff's avatar
Benjamin Neff committed
126 127

## Features
128
* Add links to liked and commented pages [#5502](https://github.com/diaspora/diaspora/pull/5502)
Benjamin Neff's avatar
Benjamin Neff committed
129

130 131 132 133
# 0.6.4.1

Fixes a possible Remote Code Execution ([CVE-2016-4658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658)) and a possible DoS ([CVE-2016-5131](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131)) by updating Nokogiri, which in turn updates libxml2.

Benjamin Neff's avatar
Benjamin Neff committed
134 135 136
# 0.6.4.0

## Refactor
137
* Unify link colors [#7318](https://github.com/diaspora/diaspora/pull/7318)
138
* Increase time to wait before showing the hovercard [#7319](https://github.com/diaspora/diaspora/pull/7319)
139
* Remove some unused color-theme overrides [#7325](https://github.com/diaspora/diaspora/pull/7325)
140
* Change color of author-name on hover [#7326](https://github.com/diaspora/diaspora/pull/7326)
141
* Add like and reshare services [#7337](https://github.com/diaspora/diaspora/pull/7337)
Benjamin Neff's avatar
Benjamin Neff committed
142 143

## Bug fixes
144
* Fix path to `bundle` in `script/server` [#7281](https://github.com/diaspora/diaspora/pull/7281)
145
* Update comment in database example config [#7282](https://github.com/diaspora/diaspora/pull/7282)
146
* Make the \#newhere post public again [#7311](https://github.com/diaspora/diaspora/pull/7311)
147
* Remove whitespace from author link [#7330](https://github.com/diaspora/diaspora/pull/7330)
148
* Fix autosize in modals [#7339](https://github.com/diaspora/diaspora/pull/7339)
149
* Only display invite link on contacts page if invitations are enabled [#7342](https://github.com/diaspora/diaspora/pull/7342)
150
* Fix regex for hashtags for some languages [#7350](https://github.com/diaspora/diaspora/pull/7350)
151
* Create asterisk.png without digest after precompile [#7322](https://github.com/diaspora/diaspora/pull/7322)
Benjamin Neff's avatar
Benjamin Neff committed
152 153

## Features
154
* Add support for [Liberapay](https://liberapay.com) donations [#7290](https://github.com/diaspora/diaspora/pull/7290)
155
* Added a link to the community guidelines :) [#7298](https://github.com/diaspora/diaspora/pull/7298)
Benjamin Neff's avatar
Benjamin Neff committed
156

Dennis Schubert's avatar
Dennis Schubert committed
157 158 159
# 0.6.3.0

## Refactor
160
* Increase the spacing above and below post contents [#7267](https://github.com/diaspora/diaspora/pull/7267)
161
* Replace fileuploader-custom with FineUploader [#7083](https://github.com/diaspora/diaspora/pull/7083)
162
* Always show mobile reaction counts [#7207](https://github.com/diaspora/diaspora/pull/7207)
163
* Refactor mobile alerts for error responses [#7227](https://github.com/diaspora/diaspora/pull/7227)
SansPseudoFix's avatar
SansPseudoFix committed
164
* Switch content and given reason in the reports overview [#7180](https://github.com/diaspora/diaspora/pull/7180)
Dennis Schubert's avatar
Dennis Schubert committed
165 166

## Bug fixes
167
* Fix background color of year on notifications page with dark theme [#7263](https://github.com/diaspora/diaspora/pull/7263)
168
* Fix jasmine tests in firefox [#7246](https://github.com/diaspora/diaspora/pull/7246)
169
* Prevent scroll to top when clicking 'mark all as read' in the notification dropdown [#7253](https://github.com/diaspora/diaspora/pull/7253)
170
* Update existing notifications in dropdown on fetch [#7270](https://github.com/diaspora/diaspora/pull/7270)
171
* Fix link to post on mobile photo page [#7274](https://github.com/diaspora/diaspora/pull/7274)
172
* Fix some background issues on dark mobile themes [#7278](https://github.com/diaspora/diaspora/pull/7278)
Dennis Schubert's avatar
Dennis Schubert committed
173 174

## Features
175
* Add links to the aspects and followed tags pages on mobile [#7265](https://github.com/diaspora/diaspora/pull/7265)
176
* diaspora\* is now available in Gàidhlig, Occitan, and Schwiizerdütsch
Dennis Schubert's avatar
Dennis Schubert committed
177

Dennis Schubert's avatar
Dennis Schubert committed
178 179 180
# 0.6.2.0

## Refactor
181
* Use string-direction gem for rtl detection [#7181](https://github.com/diaspora/diaspora/pull/7181)
182
* Reduce i18n.load side effects [#7184](https://github.com/diaspora/diaspora/pull/7184)
183
* Force jasmine fails on syntax errors [#7185](https://github.com/diaspora/diaspora/pull/7185)
184
* Don't display mail-related view content if it is disabled in the pod's config [#7190](https://github.com/diaspora/diaspora/pull/7190)
185
* Use typeahead.js from rails-assets.org [#7192](https://github.com/diaspora/diaspora/pull/7192)
186
* Refactor ShareVisibilitesController to use PostService [#7196](https://github.com/diaspora/diaspora/pull/7196)
187
* Unify desktop and mobile head elements [#7194](https://github.com/diaspora/diaspora/pull/7194) [#7209](https://github.com/diaspora/diaspora/pull/7209)
188
* Refactor flash messages on ajax errors for comments, likes, reshares and aspect memberships [#7202](https://github.com/diaspora/diaspora/pull/7202)
Justin Ramos's avatar
Justin Ramos committed
189
* Only require AWS-module for fog [#7201](https://github.com/diaspora/diaspora/pull/7201)
190
* Only show community spotlight links on the contacts page if community spotlight is enabled [#7213](https://github.com/diaspora/diaspora/pull/7213)
Justin Ramos's avatar
Justin Ramos committed
191
* Require spec\_helper in .rspec [#7223](https://github.com/diaspora/diaspora/pull/7223)
Flaburgan's avatar
Flaburgan committed
192
* Make the CSRF mail a bit more friendly [#7238](https://github.com/diaspora/diaspora/pull/7238) [#7241](https://github.com/diaspora/diaspora/pull/7241)
Dennis Schubert's avatar
Dennis Schubert committed
193 194

## Bug fixes
195
* Fix fetching comments after fetching likes [#7167](https://github.com/diaspora/diaspora/pull/7167)
196
* Hide 'reshare' button on already reshared posts [#7169](https://github.com/diaspora/diaspora/pull/7169)
197
* Only reload profile header when changing aspect memberships [#7183](https://github.com/diaspora/diaspora/pull/7183)
198
* Fix visiblity on invitation modal when opening it from the stream [#7191](https://github.com/diaspora/diaspora/pull/7191)
199
* Add avatar fallback on tags page [#7198](https://github.com/diaspora/diaspora/pull/7198)
200
* Update notifications when changing the stream [#7199](https://github.com/diaspora/diaspora/pull/7199)
201
* Fix 500 on mobile commented and liked streams [#7219](https://github.com/diaspora/diaspora/pull/7219)
Dennis Schubert's avatar
Dennis Schubert committed
202 203

## Features
204
* Show spinner when loading comments in the stream [#7170](https://github.com/diaspora/diaspora/pull/7170)
Benjamin Neff's avatar
Benjamin Neff committed
205
* Add a dark color theme [#7152](https://github.com/diaspora/diaspora/pull/7152)
206
* Added setting for custom changelog URL [#7166](https://github.com/diaspora/diaspora/pull/7166)
207
* Show more information of recipients on conversation creation [#7129](https://github.com/diaspora/diaspora/pull/7129)
208 209
* Update notifications every 5 minutes and when opening the notification dropdown [#6952](https://github.com/diaspora/diaspora/pull/6952)
* Show browser notifications when receiving new unread notifications [#6952](https://github.com/diaspora/diaspora/pull/6952)
210
* Only clear comment textarea when comment submission was successful [#7186](https://github.com/diaspora/diaspora/pull/7186)
211
* Add support for graceful unicorn restarts [#7217](https://github.com/diaspora/diaspora/pull/7217)
Dennis Schubert's avatar
Dennis Schubert committed
212

Dennis Schubert's avatar
Dennis Schubert committed
213 214
# 0.6.1.0

Benjamin Neff's avatar
Benjamin Neff committed
215 216
Note: Although this is a minor release, the configuration file changed because the old Mapbox implementation is no longer valid, and the current implementation requires additional fields. Chances are high that if you're using the old integration, it will be broken anyway. If you do use Mapbox, please check out the `diaspora.yml.example` for new parameters.

Dennis Schubert's avatar
Dennis Schubert committed
217
## Refactor
218
* Indicate proper way to report bugs in the sidebar [#7039](https://github.com/diaspora/diaspora/pull/7039)
219
* Remove text color from notification mails and fix sender avatar [#7054](https://github.com/diaspora/diaspora/pull/7054)
Benjamin Neff's avatar
Benjamin Neff committed
220
* Make the session cookies HttpOnly again [#7041](https://github.com/diaspora/diaspora/pull/7041)
221
* Invalidate sessions with invalid CSRF tokens [#7050](https://github.com/diaspora/diaspora/pull/7050)
222
* Liking a post will no longer update its interacted timestamp [#7030](https://github.com/diaspora/diaspora/pull/7030)
223
* Improve W3C compliance [#7068](https://github.com/diaspora/diaspora/pull/7068) [#7082](https://github.com/diaspora/diaspora/pull/7082) [#7091](https://github.com/diaspora/diaspora/pull/7091) [#7092](https://github.com/diaspora/diaspora/pull/7092)
224
* Load jQuery in the head on mobile [#7086](https://github.com/diaspora/diaspora/pull/7086)
225
* Use translation for NodeInfo services [#7102](https://github.com/diaspora/diaspora/pull/7102)
Benjamin Neff's avatar
Benjamin Neff committed
226
* Adopt new Mapbox tile URIs [#7066](https://github.com/diaspora/diaspora/pull/7066)
227
* Refactored post interactions on the single post view [#7089](https://github.com/diaspora/diaspora/pull/7089)
228
* Extract inline JavaScript [#7113](https://github.com/diaspora/diaspora/pull/7113)
229
* Port conversations inbox to backbone.js [#7108](https://github.com/diaspora/diaspora/pull/7108)
230
* Refactored stream shortcuts for more flexibility [#7127](https://github.com/diaspora/diaspora/pull/7127)
231
* Link to admin dashboard instead of admin panel from the podmin landing page [#7130](https://github.com/diaspora/diaspora/pull/7130)
Dennis Schubert's avatar
Dennis Schubert committed
232 233

## Bug fixes
234
* Post comments no longer get collapsed when interacting with a post [#7040](https://github.com/diaspora/diaspora/pull/7040)
235
* Closed accounts will no longer show up in the account search [#7042](https://github.com/diaspora/diaspora/pull/7042)
236
* Code blocks in conversations no longer overflow the content [#7055](https://github.com/diaspora/diaspora/pull/7055)
237
* More buttons in mobile streams are fixed [#7036](https://github.com/diaspora/diaspora/pull/7036)
cmrd Senya's avatar
cmrd Senya committed
238 239
* Fixed missing sidebar background in the contacts tab [#7064](https://github.com/diaspora/diaspora/pull/7064)
* Fix tags URLs in hovercards [#7075](https://github.com/diaspora/diaspora/pull/7075)
240
* Fix 500 in html requests for post interactions [#7085](https://github.com/diaspora/diaspora/pull/7085)
241
* Remove whitespaces next to like link in stream [#7088](https://github.com/diaspora/diaspora/pull/7088)
242
* Prevent overflow of interaction avatars in the single post view [#7070](https://github.com/diaspora/diaspora/pull/7070)
243
* Fix moving publisher on first click after page load [#7094](https://github.com/diaspora/diaspora/pull/7094)
244
* Fix link to comment on report page [#7105](https://github.com/diaspora/diaspora/pull/7105)
245
* Fix duplicate flash message on mobile profile edit [#7107](https://github.com/diaspora/diaspora/pull/7107)
246
* Clicking photos on mobile should no longer cause 404s [#7071](https://github.com/diaspora/diaspora/pull/7071)
247
* Fix avatar size on mobile privacy page for ignored people [#7148](https://github.com/diaspora/diaspora/pull/7148)
248
* Don't display tag following button when logged out [#7155](https://github.com/diaspora/diaspora/pull/7155)
249 250
* Fix message modal on profile page [#7137](https://github.com/diaspora/diaspora/pull/7137)
* Display error message when aspect membership changes fail [#7132](https://github.com/diaspora/diaspora/pull/7132)
Benjamin Neff's avatar
Benjamin Neff committed
251
* Avoid the creation of pod that are none [#7145](https://github.com/diaspora/diaspora/pull/7145)
252
* Fixed tag pages with alternate default aspect settings [#7262](https://github.com/diaspora/diaspora/pull/7162)
253
* Suppressed CSP related deprecation warnings [#7263](https://github.com/diaspora/diaspora/pull/7163)
Dennis Schubert's avatar
Dennis Schubert committed
254 255

## Features
256 257
* Deleted comments will be removed when loading more comments [#7045](https://github.com/diaspora/diaspora/pull/7045)
* The "subscribe" indicator on a post now gets toggled when you like or rehsare a post [#7040](https://github.com/diaspora/diaspora/pull/7040)
258
* Add OpenGraph video support [#7043](https://github.com/diaspora/diaspora/pull/7043)
259
* You'll now get redirected to the invites page if you follow an invitation but you're already logged in [#7061](https://github.com/diaspora/diaspora/pull/7061)
260
* Add support for setting BOSH access protocol via chat configuration [#7100](https://github.com/diaspora/diaspora/pull/7100)
261
* Add number of unreviewed reports to admin dashboard and admin sidebar [#7109](https://github.com/diaspora/diaspora/pull/7109)
262
* Don't federate to pods that have been offline for an extended period of time [#7120](https://github.com/diaspora/diaspora/pull/7120)
263
* Add In-Reply-To and References headers to notification mails [#7122](https://github.com/diaspora/diaspora/pull/7122)
264
* Directly link to a comment in commented notification mails [#7124](https://github.com/diaspora/diaspora/pull/7124)
265
* Add optional `Content-Security-Policy` header [#7128](https://github.com/diaspora/diaspora/pull/7128)
Muhannes's avatar
Muhannes committed
266
* Add links to main stream and public stream to the mobile drawer [#7144](https://github.com/diaspora/diaspora/pull/7144)
267
* Allow opening search results from the dropdown in a new tab [#7021](https://github.com/diaspora/diaspora/issues/7021)
268
* Add user setting for default post visibility [#7118](https://github.com/diaspora/diaspora/issues/7118)
Dennis Schubert's avatar
Dennis Schubert committed
269

270 271 272 273
# 0.6.0.1

Fixes an issue with installing an running diaspora\*, caused by a recent bundler update that fixes a bundler bug on which we depended on.

274 275
# 0.6.0.0

276 277 278 279
## Warning: This release contains long migrations

This diaspora\* releases comes with a few database cleanup migrations and they could possible take a while. While you should always do that, it is especially important this time to make sure you run the migrations inside a detachable environment like `screen` or `tmux`. A interrupted SSH session could possibly harm your database. Also, please make a backup.

280 281 282 283 284 285 286 287 288 289 290 291 292 293
## The DB environment variable is gone

With Bundler 1.10 supporting optional groups, we removed the DB environment variable. When updating to this release, please update
bundler and select the database support you want:

```sh
gem install bundler
bundle install --with mysql # For MySQL and MariaDB
bundle install --with postgresql # For PostgreSQL
```

For production setups we now additionally recommend adding the `--deployment` flag.
If you set the DB environment variable anywhere, that's no longer necessary.

294 295
## Supported Ruby versions

296
This release recommends using Ruby 2.3, while retaining Ruby 2.1 as an officially supported version.
297 298
Ruby 2.0 is no longer officially supported.

299 300 301 302 303 304 305
## Configuration changes

Please note that the default listen parameter for production setups got
changed. diaspora\* will no longer listen on `0.0.0.0:3000` as it will now
bind to an UNIX socket at `unix:tmp/diaspora.sock`. Please change your local
`diaspora.yml` if necessary.

306 307 308 309 310 311 312 313
## Redis namespace support dropped

We dropped support for Redis namespaces in this release. If you previously set
a custom namespace, please note that diaspora\* will no longer use the
configured value. By default, Redis supports up to 8 databases which can be
selected via the Redis URL in `diaspora.yml`. Please check the examples
provided in our configuration example file.

314 315
## Terms of Use design changes

316
With the port to Bootstrap 3, app/views/terms/default.haml has a new structure. If you have created a customised app/views/terms/terms.haml or app/views/terms/terms.erb file, you will need to edit those files to base your customisations on the new default.haml file.
317

318 319 320
## API authentication

This release makes diaspora\* a OpenID Connect provider. This means you can authenticate to third parties with your diaspora\* account and let
321
them act as your diaspora\* account on your behalf. This feature is still considered in early development, we still expect edge cases and advanced
322 323 324 325 326
features of the specificiation to not be handled correctly or be missing. But we expect a basic OpenID Connect compliant client to work. Please submit issues!
We will also most likely still change the authorization scopes we offer and started with a very minimal set.
Most work still required is on documentation as well as designing and implementing the data API for all of Diaspora's functionality.
Contributions are very welcome, the hard work is done!

327 328 329 330 331 332 333 334
## Vines got replaced by Prosody

Due to many issues with Vines, we decided to remove Vines and offer a Prosody
example configuration instead. [Check the
wiki](https://wiki.diasporafoundation.org/Integration/Chat#Vines_to_Prosody)
for more information on how to migrate to Prosody if you've been using Vines
before.

335 336 337 338 339 340 341 342 343 344
## Sidekiq queue changes

We've decreased the amount of sidekiq queues from 13 to 5 in PR [#6950](https://github.com/diaspora/diaspora/pull/6950).
The new queues are organized according to priority for the jobs they will process. When upgrading please make sure to
empty the sidekiq queues before shutting down the server for an update.

If you run your sidekiq with a custom queue configuration, please make sure to update that for the new queues.

The new queues are: `urgent, high, medium, low, default`.

345 346 347
When you upgrade to the new version, some jobs may persist in the old queues. To move them to the default queue,
so they're processed, run:

348
```
349
bin/rake migrations:legacy_queues
350 351
```

352 353
Note that this will retry all dead jobs, if you want to prevent that empty the dead queue first.

354 355
The command will report queues that still have jobs and launch sidekiq process for that queues.

356
## Refactor
357
* Improve bookmarklet [#5904](https://github.com/diaspora/diaspora/pull/5904)
358
* Update listen configuration to listen on unix sockets by default [#5974](https://github.com/diaspora/diaspora/pull/5974)
359
* Port to Bootstrap 3 [#6015](https://github.com/diaspora/diaspora/pull/6015)
360
* Use a fixed width for the mobile drawer [#6057](https://github.com/diaspora/diaspora/pull/6057)
361
* Replace jquery.autoresize with autosize [#6104](https://github.com/diaspora/diaspora/pull/6104)
362
* Improve mobile conversation design [#6087](https://github.com/diaspora/diaspora/pull/6087)
363
* Replace remaining faceboxes with Bootstrap modals [#6106](https://github.com/diaspora/diaspora/pull/6106) [#6161](https://github.com/diaspora/diaspora/pull/6161)
364
* Rewrite header using Bootstrap 3 [#6109](https://github.com/diaspora/diaspora/pull/6109) [#6130](https://github.com/diaspora/diaspora/pull/6130) [#6132](https://github.com/diaspora/diaspora/pull/6132)
365
* Use upstream CSS mappings for Entypo [#6158](https://github.com/diaspora/diaspora/pull/6158)
366
* Replace some mobile icons with Entypo [#6218](https://github.com/diaspora/diaspora/pull/6218)
367
* Refactor publisher backbone view [#6228](https://github.com/diaspora/diaspora/pull/6228)
368
* Replace MBP.autogrow with autosize on mobile [#6261](https://github.com/diaspora/diaspora/pull/6261)
369
* Improve mobile drawer transition [#6233](https://github.com/diaspora/diaspora/pull/6233)
370
* Remove unused header icons and an unused favicon  [#6283](https://github.com/diaspora/diaspora/pull/6283)
371
* Replace mobile icons for post interactions with Entypo icons [#6291](https://github.com/diaspora/diaspora/pull/6291)
372
* Replace jquery.autocomplete with typeahead.js [#6293](https://github.com/diaspora/diaspora/pull/6293)
373
* Redesign sidebars on stream pages [#6309](https://github.com/diaspora/diaspora/pull/6309)
374
* Improve ignored users styling [#6349](https://github.com/diaspora/diaspora/pull/6349)
375 376 377 378 379
* Use Blueimp image gallery instead of lightbox [#6301](https://github.com/diaspora/diaspora/pull/6301)
* Unify mobile and desktop header design [#6285](https://github.com/diaspora/diaspora/pull/6285)
* Add white background and box-shadow to stream elements [#6324](https://github.com/diaspora/diaspora/pull/6324)
* Override Bootstrap list group design [#6345](https://github.com/diaspora/diaspora/pull/6345)
* Clean up publisher code [#6336](https://github.com/diaspora/diaspora/pull/6336)
380
* Port conversations to new design [#6431](https://github.com/diaspora/diaspora/pull/6431)
381
* Hide cancel button in publisher on small screens [#6435](https://github.com/diaspora/diaspora/pull/6435)
382
* Replace mobile background with color [#6415](https://github.com/diaspora/diaspora/pull/6415)
383
* Port flash messages to backbone [#6395](https://github.com/diaspora/diaspora/pull/6395)
384
* Change login/registration/forgot password button color [#6504](https://github.com/diaspora/diaspora/pull/6504)
385
* A note regarding ignoring users was added to the failure messages on commenting/liking [#6646](https://github.com/diaspora/diaspora/pull/6646)
386
* Replace sidetiq with sidekiq-cron [#6616](https://github.com/diaspora/diaspora/pull/6616)
387
* Refactor mobile comment section [#6509](https://github.com/diaspora/diaspora/pull/6509)
388
* Set vertical resize as default for all textareas [#6654](https://github.com/diaspora/diaspora/pull/6654)
389
* Unifiy max-widths and page layouts [#6675](https://github.com/diaspora/diaspora/pull/6675)
390
* Enable autosizing for all textareas [#6674](https://github.com/diaspora/diaspora/pull/6674)
391
* Stream faces are gone [#6686](https://github.com/diaspora/diaspora/pull/6686)
392
* Refactor mobile javascript and add tests [#6394](https://github.com/diaspora/diaspora/pull/6394)
393
* Dropped `parent_author_signature` from relayables [#6586](https://github.com/diaspora/diaspora/pull/6586)
394
* Attached ShareVisibilities to the User, not the Contact [#6723](https://github.com/diaspora/diaspora/pull/6723)
395
* Refactor mentions input, now based on typeahead.js [#6728](https://github.com/diaspora/diaspora/pull/6728)
396
* Optimized the pod up checks [#6727](https://github.com/diaspora/diaspora/pull/6727)
397
* Prune and do not create aspect visibilities for public posts [#6732](https://github.com/diaspora/diaspora/pull/6732)
398
* Optimized mobile login and registration forms [#6764](https://github.com/diaspora/diaspora/pull/6764)
399
* Redesign stream pages [#6535](https://github.com/diaspora/diaspora/pull/6535)
400
* Improve search and mentions suggestions [#6788](https://github.com/diaspora/diaspora/pull/6788)
401
* Redesign back to top button [#6782](https://github.com/diaspora/diaspora/pull/6782)
402
* Adjusted Facebook integration for a successful review [#6778](https://github.com/diaspora/diaspora/pull/6778)
403
* Redirect to the sign-in page instead of the stream on account deletion [#6784](https://github.com/diaspora/diaspora/pull/6784)
404
* Removed own unicorn killer by a maintained third-party gem [#6792](https://github.com/diaspora/diaspora/pull/6792)
405
* Removed deprecated `REDISTOGO_URL` environment variable [#6863](https://github.com/diaspora/diaspora/pull/6863)
406
* Use Poltergeist instead of Selenium [#6768](https://github.com/diaspora/diaspora/pull/6768)
407
* Redesigned the landing page and added dedicated notes for podmins [#6268](https://github.com/diaspora/diaspora/pull/6268)
408
* Moved the entire federation implementation into its own gem. 🎉 [#6873](https://github.com/diaspora/diaspora/pull/6873)
409
* Remove `StatusMessage#raw_message` [#6921](https://github.com/diaspora/diaspora/pull/6921)
410
* Extract photo export into a service class [#6922](https://github.com/diaspora/diaspora/pull/6922)
411
* Use handlebars template for aspect membership dropdown [#6864](https://github.com/diaspora/diaspora/pull/6864)
412
* Extract relayable signatures into their own tables [#6932](https://github.com/diaspora/diaspora/pull/6932)
413
* Remove outdated columns from posts table [#6940](https://github.com/diaspora/diaspora/pull/6940)
Denys Kurets's avatar
Denys Kurets committed
414
* Remove some unused routes [#6781](https://github.com/diaspora/diaspora/pull/6781)
415
* Consolidate sidekiq queues [#6950](https://github.com/diaspora/diaspora/pull/6950)
416
* Don't re-render the whole comment stream when adding comments [#6406](https://github.com/diaspora/diaspora/pull/6406)
417
* Drop legacy invitation system [#6976](https://github.com/diaspora/diaspora/pull/6976)
418
* More consistent and updated meta tags throughout [#6998](https://github.com/diaspora/diaspora/pull/6998)
419 420 421

## Bug fixes
* Destroy Participation when removing interactions with a post [#5852](https://github.com/diaspora/diaspora/pull/5852)
422
* Improve accessibility of a couple pages [#6227](https://github.com/diaspora/diaspora/pull/6227)
423
* Capitalize "Powered by diaspora" [#6254](https://github.com/diaspora/diaspora/pull/6254)
424
* Display username and avatar for NSFW posts in mobile view [#6245](https://github.com/diaspora/diaspora/pull/6245)
425
* Prevent multiple comment boxes on mobile [#6363](https://github.com/diaspora/diaspora/pull/6363)
426
* Correctly display location in post preview [#6429](https://github.com/diaspora/diaspora/pull/6429)
427
* Do not fail when submitting an empty comment in the mobile view [#6543](https://github.com/diaspora/diaspora/pull/6543)
428
* Limit flash message width on small devices [#6529](https://github.com/diaspora/diaspora/pull/6529)
429
* Add navbar on mobile when not logged in [#6483](https://github.com/diaspora/diaspora/pull/6483)
430
* Fix timeago tooltips for reshares [#6648](https://github.com/diaspora/diaspora/pull/6648)
431
* "Getting started" is now turned off after first visit on mobile [#6681](https://github.com/diaspora/diaspora/pull/6681)
432
* Fixed a 500 when liking on mobile without JS enabled [#6683](https://github.com/diaspora/diaspora/pull/6683)
433
* Fixed profile image upload in the mobile UI [#6684](https://github.com/diaspora/diaspora/pull/6684)
434
* Fixed eye not stopping all processes when trying to exit `script/server` [#6693](https://github.com/diaspora/diaspora/pull/6693)
435
* Do not change contacts count when marking notifications on the contacts page as read [#6718](https://github.com/diaspora/diaspora/pull/6718)
436
* Fix typeahead for non-latin characters [#6741](https://github.com/diaspora/diaspora/pull/6741)
437
* Fix upload size error on mobile [#6803](https://github.com/diaspora/diaspora/pull/6803)
Jonne Haß's avatar
Jonne Haß committed
438
* Connection tester handles invalid NodeInfo implementations [#6890](https://github.com/diaspora/diaspora/pull/6890)
439
* Do not allow to change email to an already used one [#6905](https://github.com/diaspora/diaspora/pull/6905)
440
* Correctly filter mentions on the server side [#6902](https://github.com/diaspora/diaspora/pull/6902)
441
* Add aspects to the aspect membership dropdown when creating them on the getting started page [#6864](https://github.com/diaspora/diaspora/pull/6864)
442
* Strip markdown from message preview in conversations list [#6923](https://github.com/diaspora/diaspora/pull/6923)
443
* Improve tag stream performance [#6903](https://github.com/diaspora/diaspora/pull/6903)
444
* Only show mutual contacts in conversations auto suggestions [#7001](https://github.com/diaspora/diaspora/pull/7001)
445 446

## Features
447
* Support color themes [#6033](https://github.com/diaspora/diaspora/pull/6033)
448
* Add mobile services and privacy settings pages [#6086](https://github.com/diaspora/diaspora/pull/6086)
449
* Optionally make your extended profile details public [#6162](https://github.com/diaspora/diaspora/pull/6162)
450
* Add admin dashboard showing latest diaspora\* version [#6216](https://github.com/diaspora/diaspora/pull/6216)
451
* Display poll & location on mobile [#6238](https://github.com/diaspora/diaspora/pull/6238)
452
* Update counts on contacts page dynamically [#6240](https://github.com/diaspora/diaspora/pull/6240)
453
* Add support for relay based public post federation [#6207](https://github.com/diaspora/diaspora/pull/6207)
454
* Bigger mobile publisher [#6261](https://github.com/diaspora/diaspora/pull/6261)
455
* Backend information panel & health checks for known pods [#6290](https://github.com/diaspora/diaspora/pull/6290)
456
* Allow users to view a posts locations on an OpenStreetMap [#6256](https://github.com/diaspora/diaspora/pull/6256)
457
* Redesign and unify error pages [#6428](https://github.com/diaspora/diaspora/pull/6428)
458
* Redesign and refactor report admin interface [#6378](https://github.com/diaspora/diaspora/pull/6378)
459
* Add permalink icon to stream elements [#6457](https://github.com/diaspora/diaspora/pull/6457)
460
* Move reshare count to interactions for stream elements [#6487](https://github.com/diaspora/diaspora/pull/6487)
461
* Posts of ignored users are now visible on that profile page [#6617](https://github.com/diaspora/diaspora/pull/6617)
462
* Add white color theme [#6631](https://github.com/diaspora/diaspora/pull/6631)
463
* Add answer counts to poll [#6641](https://github.com/diaspora/diaspora/pull/6641)
464
* Check for collapsible posts after images in posts have loaded [#6671](https://github.com/diaspora/diaspora/pull/6671)
465
* Add reason for post report to email sent to admins [#6679](https://github.com/diaspora/diaspora/pull/6679)
466
* Add links to the single post view of the related post to photos in the photo stream [#6621](https://github.com/diaspora/diaspora/pull/6621)
467
* Add a note for people with disabled JavaScript [#6777](https://github.com/diaspora/diaspora/pull/6777)
468
* Do not include conversation subject in notification mail [#6910](https://github.com/diaspora/diaspora/pull/6910)
469
* Add 'Be excellent to each other!' to the sidebar [#6914](https://github.com/diaspora/diaspora/pull/6914)
470
* Expose Sidekiq dead queue configuration options
471
* Properly support pluralization in timeago strings [#6926](https://github.com/diaspora/diaspora/pull/6926)
472
* Return all contacts in people search [#6951](https://github.com/diaspora/diaspora/pull/6951)
473
* Make screenreaders read alerts [#6973](https://github.com/diaspora/diaspora/pull/6973)
474
* Display message when there are no posts in a stream [#6974](https://github.com/diaspora/diaspora/pull/6974)
475
* Add bootstrap-markdown editor to the publisher [#6551](https://github.com/diaspora/diaspora/pull/6551)
476
* Don't create notifications for ignored users [#6984](https://github.com/diaspora/diaspora/pull/6984)
477
* Fetch missing persons when receiving a mention for them [#6992](https://github.com/diaspora/diaspora/pull/6992)
478

Jonne Haß's avatar
Jonne Haß committed
479
# 0.5.10.2
Dennis Schubert's avatar
Dennis Schubert committed
480

Jonne Haß's avatar
Jonne Haß committed
481
Update to Rails 4.2.7.1 which fixes [CVE-2016-6316](https://groups.google.com/forum/#!topic/ruby-security-ann/8B2iV2tPRSE) and [CVE-2016-6317](https://groups.google.com/forum/#!topic/ruby-security-ann/WccgKSKiPZA).
Dennis Schubert's avatar
Dennis Schubert committed
482

483 484 485 486
# 0.5.10.1

We made a mistake and removed `mysql2` from the `Gemfile.lock` in a recent gem update. Since this could cause some issues for some installations, we decided to release a hotfix.

Dennis Schubert's avatar
Dennis Schubert committed
487 488 489 490
# 0.5.10.0

## Refactor

491
* Removed the publisher from a user's photo stream due to various issues [#6851](https://github.com/diaspora/diaspora/pull/6851)
492
* Don't implicitly ignore missing templateName in app.views.Base [#6877](https://github.com/diaspora/diaspora/pull/6877)
493

Jonne Haß's avatar
Jonne Haß committed
494 495 496 497 498 499
# 0.5.9.1

Update Nokogiri to 1.6.8, which in turn updates libxml2 to 2.9.4 and libxslt to 1.1.29,
addressing a range of security issues. See https://groups.google.com/forum/#!topic/ruby-security-ann/RCHyF5K9Lbc
for more details.

Dennis Schubert's avatar
Dennis Schubert committed
500 501 502
# 0.5.9.0

## Refactor
Senya's avatar
Senya committed
503
* Remove unused mentions regex [#6810](https://github.com/diaspora/diaspora/pull/6810)
Dennis Schubert's avatar
Dennis Schubert committed
504 505

## Bug fixes
506
* Fix back to top button not appearing on Webkit browsers [#6782](https://github.com/diaspora/diaspora/pull/6782)
507
* Don't reset the notification timestamp when marking them as read [#6821](https://github.com/diaspora/diaspora/pull/6821)
Dennis Schubert's avatar
Dennis Schubert committed
508 509 510

## Features

511 512
* The sender's diaspora-ID is now shown in invitation mails [#6817](https://github.com/diaspora/diaspora/pull/6817)

513 514 515
# 0.5.8.0

## Refactor
516
* Sort tag autocompletion by tag name [#6734](https://github.com/diaspora/diaspora/pull/6734)
517
* Make account deletions faster by adding an index [#6771](https://github.com/diaspora/diaspora/pull/6771)
518 519

## Bug fixes
520 521
* Fix empty name field when editing aspect names [#6706](https://github.com/diaspora/diaspora/pull/6706)
* Fix internal server error when trying to log out of an expired session [#6707](https://github.com/diaspora/diaspora/pull/6707)
522
* Only mark unread notifications as read [#6711](https://github.com/diaspora/diaspora/pull/6711)
523
* Use https for OEmbeds [#6748](https://github.com/diaspora/diaspora/pull/6748)
524
* Fix birthday issues on leap days [#6738](https://github.com/diaspora/diaspora/pull/6738)
525 526

## Features
527
* Added the footer to conversation pages [#6710](https://github.com/diaspora/diaspora/pull/6710)
Benjamin Neff's avatar
Benjamin Neff committed
528
* Drop ChromeFrame and display an error page on old IE versions instead [#6751](https://github.com/diaspora/diaspora/pull/6751)
529

Dennis Schubert's avatar
Dennis Schubert committed
530 531
# 0.5.7.1

532 533 534 535
This security release disables post fetching for relayables. Due to an insecure implementation, fetching of root posts for relayables could allow an attacker to distribute malicious/spoofed/modified posts for any person.

Disabling the fetching will make the current federation a bit less reliable, but for a hotfix, this is the best solution. We will re-enable the fetching in 0.6.0.0 when we moved out the federation into its own library and are able to implement further validation during fetches.

536 537
# 0.5.7.0

538 539
## Refactor
* Internationalize controller rescue\_from text [#6554](https://github.com/diaspora/diaspora/pull/6554)
540
* Make mention parsing a bit more robust [#6658](https://github.com/diaspora/diaspora/pull/6658)
541
* Remove unlicensed images [#6673](https://github.com/diaspora/diaspora/pull/6673)
542
* Removed unused contacts\_title [#6687](https://github.com/diaspora/diaspora/pull/6687)
543

544
## Bug fixes
545
* Fix plural rules handling more than wanted as "one" [#6630](https://github.com/diaspora/diaspora/pull/6630)
Benjamin Neff's avatar
Benjamin Neff committed
546
* Fix `suppress_annoying_errors` eating too much errors [#6653](https://github.com/diaspora/diaspora/pull/6653)
547
* Ensure the rubyzip gem is properly loaded [#6659](https://github.com/diaspora/diaspora/pull/6659)
548
* Fix mobile registration layout after failed registration [#6677](https://github.com/diaspora/diaspora/pull/6677)
549
* Fix mirrored names when using a RTL language [#6680](https://github.com/diaspora/diaspora/pull/6680)
550
* Disable submitting a post multiple times in the mobile UI [#6682](https://github.com/diaspora/diaspora/pull/6682)
551

552
## Features
553
* Keyboard shortcuts now do work on profile pages as well [#6647](https://github.com/diaspora/diaspora/pull/6647/files)
554
* Add the podmin email address to 500 errors [#6652](https://github.com/diaspora/diaspora/pull/6652)
555

556 557
# 0.5.6.3

558 559 560
Fix evil regression caused by Active Model no longer exposing
`include_root_in_json` in instances.

Dennis Schubert's avatar
Dennis Schubert committed
561 562
# 0.5.6.2

Dennis Schubert's avatar
Dennis Schubert committed
563 564 565 566 567 568 569 570 571
* Fix [CVE-2016-0751](https://groups.google.com/forum/#!topic/rubyonrails-security/9oLY_FCzvoc) - Possible Object Leak and Denial of Service attack in Action Pack
* Fix [CVE-2015-7581](https://groups.google.com/forum/#!topic/rubyonrails-security/dthJ5wL69JE) - Object leak vulnerability for wildcard controller routes in Action Pack
* Fix [CVE-2015-7576](https://groups.google.com/forum/#!topic/rubyonrails-security/ANv0HDHEC3k) - Timing attack vulnerability in basic authentication in Action Controller
* Fix [CVE-2016-0752](https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00) - Possible Information Leak Vulnerability in Action View
* Fix [CVE-2016-0753](https://groups.google.com/forum/#!topic/rubyonrails-security/6jQVC1geukQ) - Possible Input Validation Circumvention in Active Model
* Fix [CVE-2015-7577](https://groups.google.com/forum/#!topic/rubyonrails-security/cawsWcQ6c8g) - Nested attributes rejection proc bypass in Active Record
* Fix [CVE-2015-7579](https://groups.google.com/forum/#!topic/rubyonrails-security/OU9ugTZcbjc) - XSS vulnerability in rails-html-sanitizer
* Fix [CVE-2015-7578](https://groups.google.com/forum/#!topic/rubyonrails-security/uh--W4TDwmI) - Possible XSS vulnerability in rails-html-sanitizer

Dennis Schubert's avatar
Dennis Schubert committed
572 573
# 0.5.6.1

Dennis Schubert's avatar
Dennis Schubert committed
574
* Fix Nokogiri CVE-2015-7499
Dennis Schubert's avatar
Dennis Schubert committed
575
* Fix unsafe "Remember me" cookies in Devise
Dennis Schubert's avatar
Dennis Schubert committed
576

Jonne Haß's avatar
Jonne Haß committed
577
# 0.5.6.0
Dennis Schubert's avatar
Dennis Schubert committed
578 579

## Refactor
580
* Add more integration tests with the help of the new diaspora-federation gem [#6539](https://github.com/diaspora/diaspora/pull/6539)
Dennis Schubert's avatar
Dennis Schubert committed
581

Jonne Haß's avatar
Jonne Haß committed
582
## Bug fixes
583
* Fix mention autocomplete when pasting the username [#6510](https://github.com/diaspora/diaspora/pull/6510)
584
* Use and update updated\_at for notifications [#6573](https://github.com/diaspora/diaspora/pull/6573)
585 586
* Ensure the author signature is checked when receiving a relayable [#6539](https://github.com/diaspora/diaspora/pull/6539)
* Do not try to display hovercards when logged out [#6587](https://github.com/diaspora/diaspora/pull/6587)
Jonne Haß's avatar
Jonne Haß committed
587 588 589

## Features

590 591
* Display hovercards without aspect dropdown when logged out [#6603](https://github.com/diaspora/diaspora/pull/6603)
* Add media.ccc.de as a trusted oEmbed endpoint
592

593 594 595
# 0.5.5.1

* Fix XSS on profile pages
Dennis Schubert's avatar
Dennis Schubert committed
596
* Bump nokogiri to fix several libxml2 CVEs, see http://www.ubuntu.com/usn/usn-2834-1/
597

Dennis Schubert's avatar
Dennis Schubert committed
598 599 600
# 0.5.5.0

## Bug fixes
601
* Redirect to sign in page when a background request fails with 401 [#6496](https://github.com/diaspora/diaspora/pull/6496)
602
* Correctly skip setting sidekiq logfile on Heroku [#6500](https://github.com/diaspora/diaspora/pull/6500)
603
* Fix notifications for interactions by non-contacts [#6498](https://github.com/diaspora/diaspora/pull/6498)
604
* Fix issue where the publisher was broken on profile pages [#6503](https://github.com/diaspora/diaspora/pull/6503)
605
* Prevent participations being created for invalid interactions [#6552](https://github.com/diaspora/diaspora/pull/6552)
606
* Improve federation for reshare related interactions [#6481](https://github.com/diaspora/diaspora/pull/6481)
Dennis Schubert's avatar
Dennis Schubert committed
607

608 609 610
# 0.5.4.0

## Refactor
611
*  Improve infinite scroll triggering [#6451](https://github.com/diaspora/diaspora/pull/6451)
612 613

## Bug fixes
614
* Skip first getting started step if it looks done already [#6456](https://github.com/diaspora/diaspora/pull/6456)
615
* Normalize new followed tags and insert them alphabetically [#6454](https://github.com/diaspora/diaspora/pull/6454)
616
* Add avatar fallback for notification dropdown [#6463](https://github.com/diaspora/diaspora/pull/6463)
617
* Improve handling of j/k hotkeys [#6462](https://github.com/diaspora/diaspora/pull/6462)
618
* Fix JS error caused by hovercards [6480](https://github.com/diaspora/diaspora/pull/6480)
619 620 621

## Features
* Show spinner on initial stream load [#6384](https://github.com/diaspora/diaspora/pull/6384)
622
* Add new moderator role. Moderators can view and act on reported posts [#6351](https://github.com/diaspora/diaspora/pull/6351)
Jonne Haß's avatar
Jonne Haß committed
623
* Only post to the primary tumblr blog [#6386](https://github.com/diaspora/diaspora/pull/6386)
624
* Always show public photos on profile page [#6398](https://github.com/diaspora/diaspora/pull/6398)
625
* Expose Unicorn's pid option to our configuration system [#6411](https://github.com/diaspora/diaspora/pull/6411)
Steffen van Bergerem's avatar
Steffen van Bergerem committed
626
* Add stream of all public posts [#6465](https://github.com/diaspora/diaspora/pull/6465)
627
* Reload stream when clicking on already active one [#6466](https://github.com/diaspora/diaspora/pull/6466)
628
* Sign in user before evaluating post visibility [#6490](https://github.com/diaspora/diaspora/pull/6490)
629

Jonne Haß's avatar
Jonne Haß committed
630 631 632 633 634
# 0.5.3.1

Fix a leak of potentially private profile data to unauthorized users who were sharing with the person
and on a pod that received that data.

Jonne Haß's avatar
Jonne Haß committed
635 636 637
# 0.5.3.0

## Refactor
Steffen van Bergerem's avatar
Steffen van Bergerem committed
638
* Drop broken correlations from the admin pages [#6223](https://github.com/diaspora/diaspora/pull/6223)
639
* Extract PostService from PostsController [#6208](https://github.com/diaspora/diaspora/pull/6208)
640
* Drop outdated/unused mbp-respond.min.js and mbp-modernizr-custom.js [#6257](https://github.com/diaspora/diaspora/pull/6257)
Mikica Ivosevic's avatar
Mikica Ivosevic committed
641
* Refactor ApplicationController#after\_sign\_out\_path\_for [#6258](https://github.com/diaspora/diaspora/pull/6258)
642
* Extract StatusMessageService from StatusMessagesController [#6280](https://github.com/diaspora/diaspora/pull/6280)
643
* Refactor HomeController#toggle\_mobile [#6260](https://github.com/diaspora/diaspora/pull/6260)
644
* Extract CommentService from CommentsController [#6307](https://github.com/diaspora/diaspora/pull/6307)
645
* Extract user/profile discovery into the diaspora\_federation-rails gem [#6310](https://github.com/diaspora/diaspora/pull/6310)
646
* Refactor PostPresenter [#6315](https://github.com/diaspora/diaspora/pull/6315)
647
* Convert BackToTop to a backbone view [#6279](https://github.com/diaspora/diaspora/pull/6279) and [#6360](https://github.com/diaspora/diaspora/pull/6360)
648
* Automatically follow the new HQ-Account [#6369](https://github.com/diaspora/diaspora/pull/6369)
Jonne Haß's avatar
Jonne Haß committed
649 650

## Bug fixes
651
* Fix indentation and a link title on the default home page [#6212](https://github.com/diaspora/diaspora/pull/6212)
652
* Bring peeping Tom on the 404 page back [#6226](https://github.com/diaspora/diaspora/pull/6226)
653
* Fix mobile photos index page [#6243](https://github.com/diaspora/diaspora/pull/6243)
654
* Fix conversations view with no contacts [#6266](https://github.com/diaspora/diaspora/pull/6266)
655
* Links in the left sidebar are now clickable on full width [#6267](https://github.com/diaspora/diaspora/pull/6267)
656
* Guard against passing nil into person\_image\_tag [#6286](https://github.com/diaspora/diaspora/pull/6286)
657
* Prevent Handlebars from messing up indentation of pre tags [#6339](https://github.com/diaspora/diaspora/pull/6339)
658
* Fix pagination design on notifications page [#6364](https://github.com/diaspora/diaspora/pull/6364)
Jonne Haß's avatar
Jonne Haß committed
659 660 661

## Features

662
* Implement NodeInfo [#6239](https://github.com/diaspora/diaspora/pull/6239)
663
* Display original author on reshares of NSFW posts [#6270](https://github.com/diaspora/diaspora/pull/6270)
664
* Use avatars in hovercards as links to the profile [#6297](https://github.com/diaspora/diaspora/pull/6297)
665
* Remove avatars of ignored users from stream faces [#6320](https://github.com/diaspora/diaspora/pull/6320)
augier's avatar
augier committed
666
* New /m route to force the mobile view [#6354](https://github.com/diaspora/diaspora/pull/6354)
667

668 669
# 0.5.2.0

670
## Refactor
671
* Update perfect-scrollbar [#6085](https://github.com/diaspora/diaspora/pull/6085)
672
* Remove top margin for first heading in a post [#6110](https://github.com/diaspora/diaspora/pull/6110)
673
* Add link to pod statistics in right navigation [#6117](https://github.com/diaspora/diaspora/pull/6117)
Jonne Haß's avatar
Jonne Haß committed
674
* Update to Rails 4.2.3 [#6140](https://github.com/diaspora/diaspora/pull/6140)
Benjamin Neff's avatar
Benjamin Neff committed
675
* Refactor person related URL generation [#6168](https://github.com/diaspora/diaspora/pull/6168)
676
* Move webfinger and HCard generation out of the core and embed the `diaspora_federation-rails` gem [#6151](https://github.com/diaspora/diaspora/pull/6151/)
677
* Refactor rspec tests to to use `let` instead of before blocks [#6199](https://github.com/diaspora/diaspora/pull/6199)
678
* Refactor tests for EXIF stripping [#6183](https://github.com/diaspora/diaspora/pull/6183)
679

680 681
## Bug fixes
* Precompile facebox images [#6105](https://github.com/diaspora/diaspora/pull/6105)
682
* Fix wrong closing a-tag [#6111](https://github.com/diaspora/diaspora/pull/6111)
683
* Fix mobile more-button wording when there are less than 15 posts [#6118](https://github.com/diaspora/diaspora/pull/6118)
684
* Fix reappearing flash boxes during sign-in [#6146](https://github.com/diaspora/diaspora/pull/6146)
685
* Capitalize Wiki link [#6193](https://github.com/diaspora/diaspora/pull/6193)
686

687 688
## Features
* Add configuration options for some debug logs [#6090](https://github.com/diaspora/diaspora/pull/6090)
689
* Send new users a welcome message from the podmin [#6128](https://github.com/diaspora/diaspora/pull/6128)
690
* Cleanup temporary upload files daily [#6147](https://github.com/diaspora/diaspora/pull/6147)
691
* Add guid to posts and comments in the user export [#6185](https://github.com/diaspora/diaspora/pull/6185)
692

Jonne Haß's avatar
Jonne Haß committed
693 694 695 696 697 698
# 0.5.1.2

diaspora\* versions prior 0.5.1.2 leaked potentially private profile data (namely the bio, birthday, gender and location fields) to
unauthorized users. While the frontend properly hid them, the backend missed a check to not include them in responses.
Thanks to @cmrd-senya for finding and reporting the issue.

699 700 701 702 703 704 705 706 707
# 0.5.1.1

Update rails to 4.2.2, rack to 1.6.2 and jquery-rails to 4.0.4. This fixes

* [CVE-2015-3226](https://groups.google.com/d/msg/rubyonrails-security/7VlB_pck3hU/3QZrGIaQW6cJ)
* [CVE-2015-3227](https://groups.google.com/d/msg/rubyonrails-security/bahr2JLnxvk/x4EocXnHPp8J)
* [CVE-2015-1840](https://groups.google.com/d/msg/rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J)
* [CVE-2015-3225](https://groups.google.com/d/msg/rubyonrails-security/gcUbICUmKMc/qiCotVZwXrMJ)

708
# 0.5.1.0
709 710

## Refactor
711
* Use Bootstrap modal for new aspect pane [#5850](https://github.com/diaspora/diaspora/pull/5850)
712
* Use asset helper instead of .css.erb [#5886](https://github.com/diaspora/diaspora/pull/5886)
713
* Dropped db/seeds.rb [#5896](https://github.com/diaspora/diaspora/pull/5896)
714
* Drop broken install scripts [#5907](https://github.com/diaspora/diaspora/pull/5907)
715
* Improve invoking mobile site in the testsuite [#5915](https://github.com/diaspora/diaspora/pull/5915)
716
* Do not retry a couple of unrecoverable job failures [#5938](https://github.com/diaspora/diaspora/pull/5938) [#5942](https://github.com/diaspora/diaspora/pull/5943)
717
* Remove some old temporary workarounds [#5964](https://github.com/diaspora/diaspora/pull/5964)
718
* Remove unused `hasPhotos` and `hasText` functions [#5969](https://github.com/diaspora/diaspora/pull/5969)
Jonne Haß's avatar
Jonne Haß committed
719
* Replace foreman with eye [#5966](https://github.com/diaspora/diaspora/pull/5966)
720
* Improved handling of reshares with deleted roots [#5968](https://github.com/diaspora/diaspora/pull/5968)
721
* Remove two unused methods [#5970](https://github.com/diaspora/diaspora/pull/5970)
722
* Refactored the Logger to add basic logrotating and more useful timestamps [#5975](https://github.com/diaspora/diaspora/pull/5975)