X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/5dbf25127fb776cc52a3a142b805a0c7f3cef242..df81a2d208faef7d8fb59b0669e7018e099b6be6:/debian/changelog diff --git a/debian/changelog b/debian/changelog index f8dc04eca..ab69ba16a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,184 @@ +ikiwiki (3.20110329) UNRELEASED; urgency=low + + * meta: Allow adding javascript to pages. Only when htmlscrubber is + disabled, naturally. (Thanks, Giuseppe Bilotta) Closes: #623154 + * comments: Add avatar picture of comment author, using Libravatar::URL + when available. The avatar is looked up based on the user's openid, + or email address. (Thanks, Francois Marier) + * Recommend libgravatar-url-perl, which contains Libravatar::URL. + * monotone: Implement rcs_getmtime, and work around a problem with monotone + 0.48 that affects rcs_getctime. (Thanks, Richard Levitte) + * meta: Fix bug in loading of HTML::Entities that can break inline + archive=yes (mostly masked by other plugins that load the module). + + -- Joey Hess Mon, 28 Mar 2011 13:08:23 -0400 + +ikiwiki (3.20110328) unstable; urgency=low + + * Yaml formatted setup files are now produced by default. + (Perl formatted setup files can still be used.) + * Add timezone setting in setup file. This alows time zone to be configured + via the web. + * comment: Better fix to avoid showing comments of subpages, while + not breaking manual inlining of comments. + * meta: Security fix; don't allow alternative stylesheets to be added + on pages where the htmlscrubber is enabled. CVE-2011-1401 + + -- Joey Hess Mon, 28 Mar 2011 12:23:26 -0400 + +ikiwiki (3.20110321) unstable; urgency=low + + * comment: Don't show comments of subpages on parent pages. + (Fixes bug introduced in version 3.20100505.) + * darcs: Fix multiple issues preventing rcs_diff from working. + * aggregate: Read cookies from ~/.ikiwiki/cookies by default. + Also, the cookiejar configuration setting can be used by + other plugins to provide a custom `cookie_jar` object for LWP::UserAgent. + (Thanks, schmonz) + * Avoid escaping / characters in filenames when building the cgiurl, + as this confuses eg, cvsweb. + + -- Joey Hess Mon, 21 Mar 2011 14:45:05 -0400 + +ikiwiki (3.20110225) unstable; urgency=low + + * editpage: Avoid inheriting internal page types. + * htmltidy: Avoid breaking the sidebar when websetup is running. + * transient: New utility plugin that allows transient pages to + be stored in .ikiwiki/transient/ (smcv) + * aggregate: Aggregated content is stored in the transient underlay. + (Existing aggregated content is not moved, since it will eventually + expire and be removed) (smcv) + * autoindex, tag: Added autoindex_commit and tag_autocreate_commit that + can be unset to make index files and tags respectively not be committed, + and instead be stored in the transient underlay. + Closes: #544322 (smcv) + * autoindex: Adapted to use add_autofile. Slight behavior changes + in edge cases that are probably really bug fixes. (smcv) + * recentchanges: Use transient underlay (smcv) + * map: Avoid unnecessary ul's in maps with nested directories. + (Giuseppe Bilotta) + * Fix broken baseurl in cgi mode when usedirs is disabled. Bug introduced + in 3.20101231. + * inline: Fix link to nested inlined pages's feeds. (Giuseppe Bilotta) + * inline: Add 'id' parameter that can be used when styling individual + feedlinks and postforms. (Giuseppe Bilotta) + + -- Joey Hess Fri, 25 Feb 2011 17:31:08 -0400 + +ikiwiki (3.20110124) unstable; urgency=low + + * comments: Fix commenting, broken by security fix. + * blogspam: Don't check modifications from admins for spam, and also + allow the blogspam_pagespec to do other matches against who the user is. + * inline: Fix regression in feed titles. Closes: #610878 + (Thanks, Paul Wise) + + -- Joey Hess Mon, 24 Jan 2011 17:07:44 -0400 + +ikiwiki (3.20110123) unstable; urgency=low + + * Adapt autoindex test suite to work with old Test::More. + * Fix posting by blog form, broken by last release. + + -- Joey Hess Sun, 23 Jan 2011 10:12:33 -0400 + +ikiwiki (3.20110122) unstable; urgency=medium + + * inline: Pass feed titles to templates and add title and rel attributes + to feed links. (Giuseppe Bilotta) + * inline: Use class rather than id for feedlinks and blogform. + (Giuseppe Bilotta) + * comments: Fix XSS security hole due to missing validation of page name. + CVE-2011-0428 (Thanks, Dave B.) + * rename: Fix crash when renaming a page that is linked to by a page + in an underlay. + + -- Joey Hess Sat, 22 Jan 2011 10:22:25 -0400 + +ikiwiki (3.20110105) unstable; urgency=low + + * tag: Do not include tagbase in rss/atom category tags. (Giuseppe Bilotta) + * tag: Improve display of tags with a slash in their names. + (Giuseppe Bilotta) + * Fix redirect to use a full url. Was broken (in theory) by baseurl + changes in last release. + * Fix `` output by cgi to have a full url again, broken by last + release. + * Fix permalinks to recentchanges items and comments, broken by last + release. + * Export three cgi env vars needed for CGI->url to work. Fixed + openid breakage from last release. + * Removed `IkiWiki::misctemplate()` function. Any plugins using + it should use `IkiWiki::cgitemplate()` instead. + + -- Joey Hess Wed, 05 Jan 2011 17:33:05 -0400 + +ikiwiki (3.20101231) unstable; urgency=low + + * Better support for serving the same site on multiple urls. (Such as + a http and a https url, or a ipv4 and an ipv6 url.) + (Thanks, smcv) + * API: urlto without a defined second parameter now generates an url + that starts with "/" (when possible; eg when the site's url and cgiurl + are on the same domain). + * Now when users log in via https, ikiwiki sends a secure cookie, that can + only be used over https. If the user switches to using http, they will + need to re-login. (smcv) + * inline: Display feed buttons for nested inlines, linking to the inlined + page's feed. (Giuseppe Bilotta) + * goldtype: New theme, based on blueview, contributed by Lars Wirzenius. + * po: do not override homepage title when it was overridden. (intrigeri) + * Set HTML::Template's parent_global_vars option to allow using parameters + like title_overridden that do not appear on the template. (intrigeri) + (See https://rt.cpan.org/Public/Bug/Display.html?id=64158) + * inline: Force an absolute page location when the inline postform is used. + * editpage, comment: Clean up title when editing or creating a page or + comment. + * teximg: Use `\[` and `\]` instead of not recommended `$$`. (Paul Menzel) + Closes: #596084 + * monotone: Improve version parsing to support patch and development + versions of the monotone binary. (tommyd3mdi) + * highlight: Support highlight 3.2+svn19 (note that released version 3.2 + is not supported). Closes: #605779 (David Bremner) + * Add a second parameter to the rcs_diff hook, and avoid bloating memory + reading in enormous commits. + * git: Fix bug involving attempting to web revert a commit that included + changes to attachments. + + -- Joey Hess Fri, 31 Dec 2010 21:23:37 -0400 + +ikiwiki (3.20101201) unstable; urgency=low + + * meta: Fix calling of htmlscrubber to pass the page parameter. + The change of the htmlscrubber to look at page rather than destpage + caused htmlscrubber_skip to not work for meta directives. + + -- Joey Hess Wed, 01 Dec 2010 20:28:01 -0400 + +ikiwiki (3.20101129) unstable; urgency=low + + * websetup: Fix encoding problem when restoring old setup file. + * more: Add pages parameter to limit where the more is displayed. + (thanks, dark) + * Fix escaping of filenames in historyurl. (Thanks, aj) + * inline: Improve RSS url munging to use a proper html parser, + and support all elements that HTML::Tagset knows about. + (Which doesn't include html5 just yet, but then the old version + didn't either.) Bonus: 4 times faster than old regexp method. + * Optimise glob() pagespec. (Thanks, Kathryn and smcv) + * highlight: Support new format of filetypes.conf used by version 3.2 + of the highlight package. + * edittemplate: Fix crash if using a .tmpl file or other non-page file + as a template for a new page. + * git: Fix temp file location. + * rename: Fix to pass named parameters to rcs_commit. + * git: Avoid adding files when committing, so as not to implicitly add + files like recentchanges files that are not normally checked in, + when fixing links after rename. + + -- Joey Hess Mon, 29 Nov 2010 13:59:10 -0400 + ikiwiki (3.20101112) unstable; urgency=HIGH * txt: Fix display when used inside a format directive. @@ -10,11 +191,11 @@ ikiwiki (3.20101112) unstable; urgency=HIGH (Thanks, Tuomas Jormola) * Fix htmlscrubber_skip to be matched on the source page, not the page it is inlined into. Should allow setting to "* and !comment(*)" to scrub - comments, but leave your blog posts unscrubbed, etc. + comments, but leave your blog posts unscrubbed, etc. CVE-2010-1673 * comments: Make postcomment() pagespec work when previewing a comment, - including during moderation. + including during moderation. CVE-2010-1673 * comments: Make comment() pagespec also match comments that are being - posted. + posted. CVE-2010-1673 -- Joey Hess Fri, 12 Nov 2010 00:36:06 -0400