ยซ Changelog History


IHateMoney v5.0.0 Release Notes

Release Date: 2021-10-19 // over 2 years ago

  • ๐Ÿ’ฅ Breaking changes

    • Include project code into project authentication token. This invalidates all existing API tokens and invitation links from previous versions (#802 #843)
    • ๐Ÿ‘ Drop support for Python 2 (#483)
    • ๐Ÿ‘ Drop support for Python 3.5 (#571)
    • ๐Ÿ‘ Drop support for MySQL (#743)
    • Require MariaDB version 10.3.2 or above (#632)
    • ๐Ÿ”’ Enable session cookie security by default (#845)
    • Change token path authentication to /{project}/join/{token} (#843)

    ๐Ÿ‘ The minimum supported version is now Python 3.6, and the project is โœ… tested with up to Python 3.9

    โฌ†๏ธ See upgrade instructions โฌ†๏ธ to make sure the upgrade goes smoothly.

    ๐Ÿ”’ Security

    • Add CSRF validation on destructive actions (#796)
    • Ask for private code to delete project or project history (#796)
    • Add headers to mitigate Clickjacking, XSS, and other attacks: [X-Frame-Options]{.title-ref}, [X-XSS-Protection]{.title-ref}, [X-Content-Type-Options]{.title-ref}, [Content-Security-Policy]{.title-ref}, [Referrer-Policy]{.title-ref} (#845)
    • Add URL validation to external link to prevent XSS (#846)

    โž• Added

    • Allow to import previously exported json data (#518)
    • Add new optional field "external link" in bill form (#429)
    • Add optional currencies to project and bills (#541, #864)
    • Add new statistics showing monthly expenses (#526)
    • Add pagination to the list of bills (#480)
    • Add sorting, pagination, and searching to the admin dashboard (#538)
    • Add Project History page that records all changes (#553)
    • Add token-based authentication to the API (#504)
    • Add illustrations as a showcase, currently only for French (#544)
    • Add a page for downloading mobile application (#688)
    • ๐Ÿ‘ Add optional support for a simple CAPTCHA (#844)
    • ๐ŸŒ Add translations for Greek, Esperanto, Italian, Japanese, Portuguese and Swedish
    • ๐Ÿณ Publish an official docker image

    ๐Ÿ†• New settings

    ๐Ÿ”„ Changed

    • Use the external debts lib to solve settlements (#476)
    • ๐Ÿšš Remove balance column in statistics view (#323)
    • Make language choice persistent (#547)
    • Localize date strings in the current language (#590)
    • Differenciate "flash alerts" notifications (#594)
    • Display "flash messages" persistently instead of making them disappear (#856)
    • Improve menu bar spacing, put history and settings in a submenu (#739)
    • ๐Ÿ— Change Dockerfile to install python dependencies at build time (#793)
    • โšก๏ธ Updating project settings doesn\'t require to enter or update project code (#774)
    • Bump dependencies: WTForms (#768) jinja2 (#753) itsdangerous (#756) flask (#755 #757 #764)
    • ๐Ÿšš Remove requirements files in favor of setup.cfg pinning (#558)
    • Make language choice persistent (#547)
    • Flash messages must be dimissed manually (#856)
    • Increased the font size of the logo (#828)

    ๐Ÿ›  Fixed

    • Improve input of email addresses when inviting people to join a project (#133)
    • Fix order of participants in the statistics page (#608)
    • Clarify project edition form: private code is not required (#774)
    • Fix Python dependency contraints to be less strict
    • ๐Ÿ“š Improve documentation (#781 #819 #821)
    • ๐Ÿ’ป Fix datepicker that was displayed twice on some browsers (#221)
    • Members weight are now rounded to 2 decimal (#838)

    ๐Ÿ“š Documentation

    • ๐Ÿ“š Reorganize "Contributing" documentation to be more accessible to new contributors
    • ๐Ÿ“š Improve documentation regarding database migrations (#569)
    • ๐Ÿ”’ Added a page about the security model (#858)