X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/937b24e0cf98d75dd353d80267efddcecab9e908..1640d12102c75d2214ab5117818e90182ba1a9ae:/debian/changelog diff --git a/debian/changelog b/debian/changelog index f74e9929f..ae2ff779e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,9 +1,389 @@ -ikiwiki (3.20100505) UNRELEASED; urgency=low +ikiwiki (3.20110124) UNRELEASED; urgency=low + + * comments: Fix commenting, broken by security fix. + * blogspam: Don't check modifications from admins for spam, and also + allow the blogspam_pagespec to do other matches against who the user is. + + -- Joey Hess Mon, 24 Jan 2011 16:56:05 -0400 + +ikiwiki (3.20110123) unstable; urgency=low + + * Adapt autoindex test suite to work with old Test::More. + * Fix posting by blog form, broken by last release. + + -- Joey Hess Sun, 23 Jan 2011 10:12:33 -0400 + +ikiwiki (3.20110122) unstable; urgency=medium + + * inline: Pass feed titles to templates and add title and rel attributes + to feed links. (Giuseppe Bilotta) + * inline: Use class rather than id for feedlinks and blogform. + (Giuseppe Bilotta) + * comments: Fix XSS security hole due to missing validation of page name. + CVE-2011-0428 (Thanks, Dave B.) + * rename: Fix crash when renaming a page that is linked to by a page + in an underlay. + + -- Joey Hess Sat, 22 Jan 2011 10:22:25 -0400 + +ikiwiki (3.20110105) unstable; urgency=low + + * tag: Do not include tagbase in rss/atom category tags. (Giuseppe Bilotta) + * tag: Improve display of tags with a slash in their names. + (Giuseppe Bilotta) + * Fix redirect to use a full url. Was broken (in theory) by baseurl + changes in last release. + * Fix `` output by cgi to have a full url again, broken by last + release. + * Fix permalinks to recentchanges items and comments, broken by last + release. + * Export three cgi env vars needed for CGI->url to work. Fixed + openid breakage from last release. + * Removed `IkiWiki::misctemplate()` function. Any plugins using + it should use `IkiWiki::cgitemplate()` instead. + + -- Joey Hess Wed, 05 Jan 2011 17:33:05 -0400 + +ikiwiki (3.20101231) unstable; urgency=low + + * Better support for serving the same site on multiple urls. (Such as + a http and a https url, or a ipv4 and an ipv6 url.) + (Thanks, smcv) + * API: urlto without a defined second parameter now generates an url + that starts with "/" (when possible; eg when the site's url and cgiurl + are on the same domain). + * Now when users log in via https, ikiwiki sends a secure cookie, that can + only be used over https. If the user switches to using http, they will + need to re-login. (smcv) + * inline: Display feed buttons for nested inlines, linking to the inlined + page's feed. (Giuseppe Bilotta) + * goldtype: New theme, based on blueview, contributed by Lars Wirzenius. + * po: do not override homepage title when it was overridden. (intrigeri) + * Set HTML::Template's parent_global_vars option to allow using parameters + like title_overridden that do not appear on the template. (intrigeri) + (See https://rt.cpan.org/Public/Bug/Display.html?id=64158) + * inline: Force an absolute page location when the inline postform is used. + * editpage, comment: Clean up title when editing or creating a page or + comment. + * teximg: Use `\[` and `\]` instead of not recommended `$$`. (Paul Menzel) + Closes: #596084 + * monotone: Improve version parsing to support patch and development + versions of the monotone binary. (tommyd3mdi) + * highlight: Support highlight 3.2+svn19 (note that released version 3.2 + is not supported). Closes: #605779 (David Bremner) + * Add a second parameter to the rcs_diff hook, and avoid bloating memory + reading in enormous commits. + * git: Fix bug involving attempting to web revert a commit that included + changes to attachments. + + -- Joey Hess Fri, 31 Dec 2010 21:23:37 -0400 + +ikiwiki (3.20101201) unstable; urgency=low + + * meta: Fix calling of htmlscrubber to pass the page parameter. + The change of the htmlscrubber to look at page rather than destpage + caused htmlscrubber_skip to not work for meta directives. + + -- Joey Hess Wed, 01 Dec 2010 20:28:01 -0400 + +ikiwiki (3.20101129) unstable; urgency=low + + * websetup: Fix encoding problem when restoring old setup file. + * more: Add pages parameter to limit where the more is displayed. + (thanks, dark) + * Fix escaping of filenames in historyurl. (Thanks, aj) + * inline: Improve RSS url munging to use a proper html parser, + and support all elements that HTML::Tagset knows about. + (Which doesn't include html5 just yet, but then the old version + didn't either.) Bonus: 4 times faster than old regexp method. + * Optimise glob() pagespec. (Thanks, Kathryn and smcv) + * highlight: Support new format of filetypes.conf used by version 3.2 + of the highlight package. + * edittemplate: Fix crash if using a .tmpl file or other non-page file + as a template for a new page. + * git: Fix temp file location. + * rename: Fix to pass named parameters to rcs_commit. + * git: Avoid adding files when committing, so as not to implicitly add + files like recentchanges files that are not normally checked in, + when fixing links after rename. + + -- Joey Hess Mon, 29 Nov 2010 13:59:10 -0400 + +ikiwiki (3.20101112) unstable; urgency=HIGH + + * txt: Fix display when used inside a format directive. + * highlight: Ensure that other, more-specific format plugins, + like txt are used in preference to this one in case of ties. + * htmltidy, sortnaturally: Add missing checkconfig hook + registration. Closes: #601912 + (Thanks, Craig Lennox and Tuomas Jormola) + * git: Use author date, not committer date. Closes: #602012 + (Thanks, Tuomas Jormola) + * Fix htmlscrubber_skip to be matched on the source page, not the page it is + inlined into. Should allow setting to "* and !comment(*)" to scrub + comments, but leave your blog posts unscrubbed, etc. CVE-2010-1673 + * comments: Make postcomment() pagespec work when previewing a comment, + including during moderation. CVE-2010-1673 + * comments: Make comment() pagespec also match comments that are being + posted. CVE-2010-1673 + + -- Joey Hess Fri, 12 Nov 2010 00:36:06 -0400 + +ikiwiki (3.20101023) unstable; urgency=low + + * Fix typo that broke anonymous git push. + * Fix web reversion when the srcdir is in a subdir of the git repo. + + -- Joey Hess Sat, 23 Oct 2010 16:36:50 -0400 + +ikiwiki (3.20101019) unstable; urgency=low + + * Fix test suite failure on other side of date line. + * htmltidy: Allow configuring tidy parameters in setup file. + (W. Trevor King) + * Updated French program translation. Closes: #598918 + * git: Added new rcs_revert and rcs_preprevert hooks. + * recentchanges: Add revert buttons to RecentChanges page, and + implement web-based reversion interface. + * Thanks to Peter Gammie for his assistance with the web-based reversion + feature. + * actiontabs: More consistent styling of Hn tags. + * websetup: Fix saving of advanced mode changes. + * websetup: Fix defaults of checkboxes in advanced mode. + * monotone: Fix recentchanges page when the srcdir is not at the top + of the monotone workspace. Thanks, tommyd. + * img: If a class is specified, don't also put the img in the img + class. + * auto-blog.setup: Don't enable opendiscussion by default; require users be + logged in to post comments. + + -- Joey Hess Tue, 19 Oct 2010 02:32:23 -0400 + +ikiwiki (3.20100926) unstable; urgency=low + + * meta: Ensure that the url specified by xrds-location is absolute. + * attachment: Fix attachment file size display. + * Propigate PATH into wrapper. + * htmlbalance: Fix compatibility with HTML::Tree 4.0. (smcv) + + -- Joey Hess Sun, 26 Sep 2010 23:02:54 -0400 + +ikiwiki (3.20100915) unstable; urgency=low + + * needsbuild hook interface changed; the hooks should now return + the modified array of things that need built. (Backwards compatibility + code keeps plugins using the old interface working.) + * Remove PATH overriding code in ikiwiki script that was present to make + perl taint checking happy, but taint checking is disabled. + * teximg: Use Unicode UTF-8 encoding by default. Closes: #596067 + Thanks, Paul Menzel. + * po: Make the po_master_language use a langpair like "en|English", + so it can be configured via the web. + * po: Allow enabling via web setup. + * po: Auto-upgrade old format settings to new formats when writing + setup file. + * Pass array of names of files that have been deleted to needsbuild hook + as second parameter, to allow for plugins that needs access to this + information earlier than the delete hook. + * actiontabs: Improve tab padding. + * blueview: Fix display of links to translated pages in the page header. + * Set isPermaLink="no" for guids in rss feeds. + * blogspam: Fix crash when content contained utf-8. + * external: Disable RPC::XML's "smart" encoding, which sent ints + for strings that contained only a number, fixing a longstanding crash + of the rst plugin. + * git: When updating from remote, use git pull --prune, to avoid possible + errors from conflicting obsolete remote branches. + * cutpaste: Fix bug that occured in some cases involving inlines when + text was pasted on a page before being cut. + + -- Joey Hess Wed, 15 Sep 2010 16:29:01 -0400 + +ikiwiki (3.20100831) unstable; urgency=low + + * filecheck: Fall back to using the file command if the freedesktop + magic file cannot identify a file. + * flattr: New plugin. (Thanks to jaywalk for the initial implementation + at a flattr plugin! This one is less configurable, but simpler.) + * smiley: warn instead of error for missing smileys (Giuseppe Bilotta) + * openid: Syntax tweak to the javascript code to make it work with MSIE 7 + (and MSIE 8 in compat mode). Thanks to Iain McLaren for reporting + the bug and providing access to debug it. + * style.css: Use relative, not absolute font sizes. Thanks, Giuseppe Bilotta. + * htmlscrubber: Do not scrub url anchors that contain colons. + * Danish translation update. Closes: #594673 + * highlight: Make location of highlight's files configurable in setup + file to allow for nonstandard installations. + * Allow "link(.)" and similar PageSpecs. Thanks, Giuseppe Bilotta. + * Run the preprocess hooks in scan mode *before* the scan hooks. + This allows the po plugin to register a scan hook that runs + last and rescans pages after all data from the first scan pass is + completed. This avoids the po plugin needing to rebuild some pages. + (intrigeri) + * po: Fix some bugs that affected l10n.ikiwiki.info's unusual + setup. (intrigeri) + * t/bazaar.t: Work around bzr 2.2.0's new requirement to configure + bzr whoami before committing. + * httpauth: Avoid redirecting the user to the cgiauthurl if + they already have a login session. + + -- Joey Hess Tue, 31 Aug 2010 14:22:47 -0400 + +ikiwiki (3.20100815) unstable; urgency=medium + + * Fix po test suite to not assume ikiwiki's underlay is already installed. + Closes: #593047 + + -- Joey Hess Sun, 15 Aug 2010 11:42:55 -0400 + +ikiwiki (3.20100804) unstable; urgency=low + + * template: Fix dependency tracking. Broken in version 3.20100427. + * po: The po_slave_languages setting is now a list, so the order of + translated languages can be controlled. (intrigeri) + * git: Fix gitweb historyurl examples so "diff to current" links work. + (Thanks jrayhawk) + * meta: Allow syntax closer to html meta to be used. + * Add new disable hook, allowing plugins to perform cleanup after they + have been disabled. + * Use Digest::SHA built into perl rather than external Digest::SHA1 + to simplify dependencies. Closes: #591040 + * Fixes a bug that prevented matching deleted pages when using the page() + PageSpec. + + -- Joey Hess Wed, 04 Aug 2010 09:20:52 -0400 + +ikiwiki (3.20100722) unstable; urgency=low + + * img: Add a margin around images displayed by this directive. + * comments: Added commentmoderation directive for easy linking to the + comment moderation queue. + * aggregate: Write timestamp next aggregation can happen to + .ikiwiki/aggregatetime, to allow for more sophisticated cron jobs. + * Add --changesetup mode that allows easily changing options in a + setup file. + * openid: Fix handling of utf-8 nicknames. + * Clarified what the filter hook should be passed: Only be the raw, + complete text of a page. Not a snippet, or data read in from an + unrelated file. + * template: Do not pass filled in template through filter hook. + Avoids causing breakage in po plugin. + * color, comments, conditional, cutpaste, more, sidebar, toggle: Also + avoid unnecessary calls to filter hook. + * po: needstranslation() pagespec can have a percent specified. + * Drop Cache-Control must-revalidate (Firefox 3.5.10 does not seem to have + the caching problem that was added to work around). Closes: #588623 + * Made much more robust in cases where multiple source files produce + conflicting files/directories in the destdir. + * Updated French translation from Philippe Batailler. Closes: #589423 + * po: Fix selflink display on tranlsated pages. (intrigeri) + * Avoid showing 'Add a comment' link at the bottom of the comment post form. + + -- Joey Hess Thu, 22 Jul 2010 16:49:05 -0400 + +ikiwiki (3.20100704) unstable; urgency=low + + * Changes to avoid display of ugly google openids, by displaying + a username taken from openid. + * API: Add new optional field nickname to rcs_recentchanges. + * API: rcs_commit and rcs_commit_staged are now passed named + parameters. + * openid: Store nickname based on username or email provided from + openid provider. + * git: Record the nickname from openid in the git author email. + * comment: Record the username from openid in the comment page. + * Fixed some confusion and bugginess about whether + rcs_getctime/rcs_getmtime were passed absolute or relative filenames. + (Make it relative like everything else.) + * hnb: Fixed broken use of mkstemp that had caused dangling temp files, + and prevented actually rendering hnb files. + * Use comment template on comments page of example blog. + * comment.tmpl: Fix up display when inline uses it to display a non-comment + page. (Such as a discussion page.) + * git: Added git_wrapper_background_command option. Can be used to eg, + make the git wrapper push to github in the background after ikiwiki + runs. + * po: Added needstranslation() pagespec. (intrigeri) + * po: Added support for .html source pages. (intrigeri) + * comment: Fix problem moderating comments of certian pages with utf-8 + in their name. + + -- Joey Hess Sun, 04 Jul 2010 16:19:43 -0400 + +ikiwiki (3.20100623) unstable; urgency=low + + * openid: Add openid_realm and openid_cgiurl configuration options, + useful in a few edge case setups. + * attachment: Show files from underlay in attachments list. + * img: Support hspace and vspace attributes. + * editpage: Rename "comments" field to avoid CSS conflict with the + comments div. + * edittemplate: Make silent mode not disable display when the template + page does not exist, so it can be easily created. + * edittemplate: Look for template pages under templates/ like everything + else (still looks in old location for backwards compatibility). + * attachment: When inserting links, insert img directives for images, + if that plugin is enabled. + * websetup: Allow enabling plugins listed in disable_plugins. + * editpage, comments: Fix broken links in sidebar (due to forcebaseurl). + (Thanks, privat) + * calendar: Tune archive_pagespec to only match pages, not other files. + * Fix issues with combining unicode srcdirs and source files. + (Workaround bug #586045) + * Make --gettime be honored after initial setup. + * git: Fix --gettime to properly support utf8 filenames. + * attachment: Support Windows paths when taking basename of client-supplied + file name. + * theme: New plugin, allows easily themeing a site via the underlay. + * Added actiontabs theme by Svend Sorensen. + * Added blueview theme by Bernd Zeimetz. + * mercurial: Fix buggy getctime code. Closes: #586279 + * link: Enhanced to handle URLs and email addresses. (Bernd Zeimetz) + + -- Joey Hess Wed, 23 Jun 2010 14:10:26 -0400 + +ikiwiki (3.20100610) unstable; urgency=low + + * creation_day() etc use local time, not gmtime. To match calendars, which + use local time. + * img: Fill in missing height or width when scaling image. + * Remove example blog tag pages; allow autotag creation to create them + when used. + * Fix support for globbing in tagged() pagespecs. + * Fix display of sidebar when previewing page edit. (Thanks, privat) + * relativedate: Fix problem with localised dates not working. + * editpage: Avoid storing accidental state changes when previewing pages. + * page.tmpl: Add a div around the page content, and comments, to aide in + sidebar styling. + * style.css: Improvements to make floating sidebar fit much better on + pages with inlines. + * calendar: Shorten day names, and improve styling of month calendar. + * style.css: Reduced sidebar width back to 20ex from 30; the month calendar + will now fit in the smaller width, and 30 was feeling too large. + + -- Joey Hess Thu, 10 Jun 2010 14:24:05 -0400 + +ikiwiki (3.20100518.2) unstable; urgency=low + + * Fix a typo in the last release. + + -- Joey Hess Tue, 18 May 2010 14:17:01 -0400 + +ikiwiki (3.20100518) unstable; urgency=low + + * page.tmpl: Accidentially broke po plugin's otherlanguages list styling + when modifying for html5; now fixed. + * Fix a bug that prevented matching deleted comments, and so did not update + pages that had contained them. + + -- Joey Hess Tue, 18 May 2010 13:37:39 -0400 + +ikiwiki (3.20100515) unstable; urgency=low * Removed misc.tmpl. Now to theme ikiwiki, you only need to customise a single template, page.tmpl. * If you have a locally customised page.tmpl, it needs to be updated - to set when BASEURL or FORCEBAREURL is set. + to set when BASEURL or FORCEBASEURL is set. * comments: Comments pending moderation are now stored in the srcdir alongside accepted comments, but with a `._comment_pending` extension. This allows easier byhand moderation, as the "_pending" need @@ -19,15 +399,20 @@ ikiwiki (3.20100505) UNRELEASED; urgency=low text can be indexed for searching. * Delete hooks are passed deleted internal pages. * openid: Incorporated a fancy openid-selector signin form. - (http://code.google.com/p/openid-selector/) + (Based on http://code.google.com/p/openid-selector/) * openid: Use "openid_identifier" as the form field, as required by OpenID Authentication v2.0 spec. * Removed the openidsignup option. Instead, my recommendation is to leave passwordauth enabled and let people who don't have an openid use it. The openid selector form avoids the UI annoyance of having both openid and passwordauth on one form. + * calendar: Allow negative month to be specified. -1 is last month, etc. + (And also negative years.) + * calendar: Display year in title of month calendar. + * Use xhtml friendly pubdate setting. + * remove, rename: Add guards against XSRF attacks. - -- Joey Hess Wed, 05 May 2010 18:07:29 -0400 + -- Joey Hess Sat, 15 May 2010 21:00:45 -0400 ikiwiki (3.20100504) unstable; urgency=low