All Versions
42
Latest Version
Avg Release Cycle
157 days
Latest Release
870 days ago

Changelog History
Page 2

  • v5.0.1-beta.0 Changes

    October 01, 2017

    ๐Ÿš€ This release was a private beta due to the security fixes being slightly risky for stability.

    ๐Ÿ”’ The relevant security bugs were publicly disclosed on October 1st, 2017.

    ๐Ÿ”’ Security

    • ๐Ÿ›  Fix multiple denial-of-service security vulnerabilities in indirect dependencies

  • v5.0.0 Changes

    September 01, 2017

    ๐Ÿ‘Œ Improved

    • ๐Ÿ‘ Node 7 and 8 are now supported
    • Documented the bounce and logLevel config options
    • ๐Ÿ’ป The web UI more clearly shows shares
    • โš  Worker process deaths are sent to the error log stream, not the warning stream

    ๐Ÿ”„ Changed

    • โœ‚ Removed 0.10/0.12-specific hacks
    • ๐Ÿ”จ Internal refactoring to use newer ES6 features

    ๐Ÿ›  Fixed

    • ๐Ÿ›  Fixed crash in an endpoint which prevented "login with remote account" from working (#1281)

    ๐Ÿ’ฅ Breaking

    • โฌ‡๏ธ Dropped support for Node.js 0.10 and 0.12 (#1234)
    • โž• Added a period and space after the footer text; if you use appendFooter please adjust accordingly (#1349)
    • ๐Ÿ’ป Switched from Glyphicons to Font Awesome (affects web UI template modifications) (#1351)
    • โฌ†๏ธ Upgraded Backbone to 1.3.3 (ditto) (#1382)
    • Switched from Underscore to Lodash (ditto) (#1326)
    • ๐Ÿ”’ Enabled many systemd security restrictions in the systemd service file (#1346, #1257)

  • v4.1.3 Changes

    October 01, 2017

    ๐Ÿ”’ Security

  • v4.1.2 Changes

    July 14, 2017

    ๐Ÿ‘Œ Improved

    • Backported some improved error messages to assist in debugging a bug

  • v4.1.1 Changes

    July 14, 2017

    ๐Ÿ›  Fixed

    • Backported fix for crash in an endpoint which prevented "login with remote account" from working (#1281)

  • v4.1.0 Changes

    July 01, 2017

    ๐Ÿš€ This will be the last release to support Node.js 0.10 and 0.12.

    ๐Ÿ‘Œ Improved

    • โž• Added some basic styles to the LibreJS info page (#1353)
    • ๐Ÿ’ป Minor UX improvements to the web UI (#1355, #1354)
    • ๐Ÿ’ป Expanded the list of disallowed nicknames and warn about them in the web UI (#1345, #1347)
    • Pull our fork of connect-auth from npm instead of GitHub (#1360)
    • ๐Ÿ’ป Use [Subresource Integrity][] for web UI resources pulled from CDNs (#1340)
    • ๐Ÿ”จ Internal test refactoring

    ๐Ÿ”„ Changed

    • Switched bcrypt implementation from bcrypt to bcryptjs (#1233)

    ๐Ÿ›  Fixed

    • Return the correct Content-Type for OAuth endpoints (#822)

  • v4.0.3 Changes

    October 01, 2017

    ๐Ÿ›  Fixed

    • ๐Ÿ›  Fix the package shipping with .jade.js files built from the 5.0.x releases

  • v4.0.2 Changes

    October 01, 2017

    ๐Ÿ”’ Security

  • v4.0.1 Changes

    May 23, 2017

    ๐Ÿ”’ Security

  • v4.0.0 Changes

    May 02, 2017

    ๐Ÿ‘Œ Improved

    • Frontend JavaScript runs in strict mode (#1221)
    • Frontend Javascript passes JSHint (#1176)
    • โœ‚ Remove direct Connect dependency (#1274)
    • โฌ†๏ธ Upgrade many minor dependencies
    • โž• Add a robots.txt file (#1286)
    • Don't suggest or offer avatar uploads if uploads aren't available
    • โž• Added the ability to specify configuration via environment variables
    • โž• Added the ability to specify configuration via CLI flags
    • โž• Added --help and --version CLI flags
    • ๐Ÿ“‡ Embed IndieWeb metadata in the web UI

    ๐Ÿ’ฅ Breaking

    • โฌ†๏ธ Upgrade to Express 4.x (affects plugins)
    • ๐Ÿ“œ Switch to Yargs for config and CLI option parsing (should be identical but please double-check that your config is respected in case of subtle edge cases)