All Versions
42
Latest Version
Avg Release Cycle
157 days
Latest Release
612 days ago

Changelog History
Page 2

  • v5.0.1-beta.0 Changes

    October 01, 2017

    🚀 This release was a private beta due to the security fixes being slightly risky for stability.

    🔒 The relevant security bugs were publicly disclosed on October 1st, 2017.

    🔒 Security

    • 🛠 Fix multiple denial-of-service security vulnerabilities in indirect dependencies
  • v5.0.0 Changes

    September 01, 2017

    👌 Improved

    • 👍 Node 7 and 8 are now supported
    • Documented the bounce and logLevel config options
    • 💻 The web UI more clearly shows shares
    • ⚠ Worker process deaths are sent to the error log stream, not the warning stream

    🔄 Changed

    • ✂ Removed 0.10/0.12-specific hacks
    • 🔨 Internal refactoring to use newer ES6 features

    🛠 Fixed

    • 🛠 Fixed crash in an endpoint which prevented "login with remote account" from working (#1281)

    💥 Breaking

    • ⬇️ Dropped support for Node.js 0.10 and 0.12 (#1234)
    • ➕ Added a period and space after the footer text; if you use appendFooter please adjust accordingly (#1349)
    • 💻 Switched from Glyphicons to Font Awesome (affects web UI template modifications) (#1351)
    • ⬆️ Upgraded Backbone to 1.3.3 (ditto) (#1382)
    • Switched from Underscore to Lodash (ditto) (#1326)
    • 🔒 Enabled many systemd security restrictions in the systemd service file (#1346, #1257)
  • v4.1.3 Changes

    October 01, 2017

    🔒 Security

  • v4.1.2 Changes

    July 14, 2017

    👌 Improved

    • Backported some improved error messages to assist in debugging a bug
  • v4.1.1 Changes

    July 14, 2017

    🛠 Fixed

    • Backported fix for crash in an endpoint which prevented "login with remote account" from working (#1281)
  • v4.1.0 Changes

    July 01, 2017

    🚀 This will be the last release to support Node.js 0.10 and 0.12.

    👌 Improved

    • ➕ Added some basic styles to the LibreJS info page (#1353)
    • 💻 Minor UX improvements to the web UI (#1355, #1354)
    • 💻 Expanded the list of disallowed nicknames and warn about them in the web UI (#1345, #1347)
    • Pull our fork of connect-auth from npm instead of GitHub (#1360)
    • 💻 Use [Subresource Integrity][] for web UI resources pulled from CDNs (#1340)
    • 🔨 Internal test refactoring

    🔄 Changed

    • Switched bcrypt implementation from bcrypt to bcryptjs (#1233)

    🛠 Fixed

    • Return the correct Content-Type for OAuth endpoints (#822)
  • v4.0.3 Changes

    October 01, 2017

    🛠 Fixed

    • 🛠 Fix the package shipping with .jade.js files built from the 5.0.x releases
  • v4.0.2 Changes

    October 01, 2017

    🔒 Security

  • v4.0.1 Changes

    May 23, 2017

    🔒 Security

  • v4.0.0 Changes

    May 02, 2017

    👌 Improved

    • Frontend JavaScript runs in strict mode (#1221)
    • Frontend Javascript passes JSHint (#1176)
    • ✂ Remove direct Connect dependency (#1274)
    • ⬆️ Upgrade many minor dependencies
    • ➕ Add a robots.txt file (#1286)
    • Don't suggest or offer avatar uploads if uploads aren't available
    • ➕ Added the ability to specify configuration via environment variables
    • ➕ Added the ability to specify configuration via CLI flags
    • ➕ Added --help and --version CLI flags
    • 📇 Embed IndieWeb metadata in the web UI

    💥 Breaking

    • ⬆️ Upgrade to Express 4.x (affects plugins)
    • 📜 Switch to Yargs for config and CLI option parsing (should be identical but please double-check that your config is respected in case of subtle edge cases)