All Versions
88
Latest Version
Avg Release Cycle
72 days
Latest Release
-

Changelog History
Page 5

  • v0.5.9.0 Changes

    ๐Ÿ”จ Refactor

    • โœ‚ Remove unused mentions regex #6810

    ๐Ÿ› Bug fixes

    • ๐Ÿ›  Fix back to top button not appearing on Webkit browsers #6782
    • Don't reset the notification timestamp when marking them as read #6821

    ๐Ÿ”‹ Features

    • The sender's diaspora-ID is now shown in invitation mails #6817
  • v0.5.8.0 Changes

    ๐Ÿ”จ Refactor

    • Sort tag autocompletion by tag name #6734
    • ๐Ÿ‘‰ Make account deletions faster by adding an index #6771

    ๐Ÿ› Bug fixes

    • ๐Ÿ›  Fix empty name field when editing aspect names #6706
    • ๐Ÿ›  Fix internal server error when trying to log out of an expired session #6707
    • Only mark unread notifications as read #6711
    • ๐Ÿ‘‰ Use https for OEmbeds #6748
    • ๐Ÿ›  Fix birthday issues on leap days #6738

    ๐Ÿ”‹ Features

    • โž• Added the footer to conversation pages #6710
    • โฌ‡๏ธ Drop ChromeFrame and display an error page on old IE versions instead #6751
  • v0.5.7.1 Changes

    ๐Ÿš€ This security release disables post fetching for relayables. Due to an insecure implementation, fetching of root posts for relayables could allow an attacker to distribute malicious/spoofed/modified posts for any person.

    ๐Ÿš‘ Disabling the fetching will make the current federation a bit less reliable, but for a hotfix, this is the best solution. We will re-enable the fetching in 0.6.0.0 when we moved out the federation into its own library and are able to implement further validation during fetches.

  • v0.5.7.0 Changes

    ๐Ÿ”จ Refactor

    • Internationalize controller rescue_from text #6554
    • ๐Ÿ“œ Make mention parsing a bit more robust #6658
    • โœ‚ Remove unlicensed images #6673
    • โœ‚ Removed unused contacts_title #6687

    ๐Ÿ› Bug fixes

    • ๐Ÿ›  Fix plural rules handling more than wanted as "one" #6630
    • Fix suppress_annoying_errors eating too much errors #6653
    • ๐Ÿ’Ž Ensure the rubyzip gem is properly loaded #6659
    • ๐Ÿ›  Fix mobile registration layout after failed registration #6677
    • ๐Ÿ›  Fix mirrored names when using a RTL language #6680
    • ๐Ÿ’ป Disable submitting a post multiple times in the mobile UI #6682

    ๐Ÿ”‹ Features

    • Keyboard shortcuts now do work on profile pages as well #6647
    • โž• Add the podmin email address to 500 errors #6652
  • v0.5.6.3 Changes

    ๐Ÿ›  Fix evil regression caused by Active Model no longer exposing include_root_in_json in instances.

  • v0.5.6.2 Changes

    • ๐Ÿ›  Fix CVE-2016-0751 - Possible Object Leak and Denial of Service attack in Action Pack
    • ๐Ÿ›  Fix CVE-2015-7581 - Object leak vulnerability for wildcard controller routes in Action Pack
    • ๐Ÿ›  Fix CVE-2015-7576 - Timing attack vulnerability in basic authentication in Action Controller
    • ๐Ÿ›  Fix CVE-2016-0752 - Possible Information Leak Vulnerability in Action View
    • ๐Ÿ›  Fix CVE-2016-0753 - Possible Input Validation Circumvention in Active Model
    • ๐Ÿ›  Fix CVE-2015-7577 - Nested attributes rejection proc bypass in Active Record
    • ๐Ÿ›  Fix CVE-2015-7579 - XSS vulnerability in rails-html-sanitizer
    • ๐Ÿ›  Fix CVE-2015-7578 - Possible XSS vulnerability in rails-html-sanitizer
  • v0.5.6.1 Changes

    • ๐Ÿ›  Fix Nokogiri CVE-2015-7499
    • ๐Ÿ›  Fix unsafe "Remember me" cookies in Devise
  • v0.5.6.0 Changes

    ๐Ÿ”จ Refactor

    • โž• Add more integration tests with the help of the new diaspora-federation gem #6539

    ๐Ÿ› Bug fixes

    • ๐Ÿ›  Fix mention autocomplete when pasting the username #6510
    • โšก๏ธ Use and update updated_at for notifications #6573
    • Ensure the author signature is checked when receiving a relayable #6539
    • Do not try to display hovercards when logged out #6587

    ๐Ÿ”‹ Features

    • Display hovercards without aspect dropdown when logged out #6603
    • โž• Add media.ccc.de as a trusted oEmbed endpoint
  • v0.5.5.1 Changes

  • v0.5.5.0 Changes

    ๐Ÿ› Bug fixes

    • Redirect to sign in page when a background request fails with 401 #6496
    • ๐ŸŒฒ Correctly skip setting sidekiq logfile on Heroku #6500
    • ๐Ÿ›  Fix notifications for interactions by non-contacts #6498
    • ๐Ÿ›  Fix issue where the publisher was broken on profile pages #6503
    • Prevent participations being created for invalid interactions #6552
    • ๐Ÿ‘Œ Improve federation for reshare related interactions #6481