All Versions
309
Latest Version
Avg Release Cycle
12 days
Latest Release
1293 days ago

Changelog History
Page 7

  • v3.0.0-alpha.1 Changes

    ๐Ÿš€ First alpha release of 3.x.

  • v2.220.1 Changes

    June 09, 2021

    ๐Ÿ›  Fixes

    • Simply a version bump.

  • v2.220.0 Changes

    June 02, 2021

    โž• Added

    • โž• Adds autoCommitPageMoves flag in workflow to commit only pages moves automatically, manages error notification.

  • v2.119.1 Changes

    May 27, 2021

    ๐Ÿ”’ Security Fixes

    โšก๏ธ The nlbr and nlp Nunjucks filters marked their output as safe to preserve the tags that they added, without first escaping their input, creating a CSRF risk. These filters have been updated to escape their input unless it has already been marked safe. No code changes are required to templates whose input to the filter is intended as plaintext, however if you were intentionally leveraging this bug to output unescaped HTML markup you will need to make sure your input is free of CSRF risks and then use the | safe filter before the | nlbr or | nlp filter.

    ๐Ÿ›  Fixes

    • โšก๏ธ Updates uses of "whitelist" to "allowlist" to follow project practices.

  • v2.119.0 Changes

    May 20, 2021

    ๐Ÿ›  Fixes

    • Send the Referer header with oembed requests. This allows vimeo private videos locked down by domain name to be embedded.

    โž• Added

    • When enableAltField option is set to true, we now copy the alt field from apostrophe-images schema to the attachment piece when using apos.images.first or apos.attachments.first.

  • v2.118.0 Changes

    May 05, 2021

    ๐Ÿ”‹ Features

    • It's now possible to set the status code when redirecting using req.redirect by setting req.statusCode. When it it is not set, apostrophe-pages will fallback to 302 (Found) as previously. Thanks to Jonathan Garijo for contributing this feature.

  • v2.117.1 Changes

    April 07, 2021

    ๐Ÿ›  Fixes

    • โœ‚ Deleted unnecessary assignment of choices in the joinByArray field type definition. Thanks to Eduardo Correal for the contribution.
    • ๐Ÿ’ป Documents with locales and those without have always been considered to have different locales for purposes of the unique slug index, but the UI feature to detect slug conflicts and offer help regarded them as in the same namespace, preventing save operations in the UI.

  • v2.117.0 Changes

    March 24, 2021
    • ๐Ÿš€ The browser-pushed versions of jQuery and lodash have been updated to address security scanner reports. jQuery is now on its latest release, 3.6.0. lodash is now on version 3.10.4 as found in the maintained branch of lodash 3.x provided by the Sails team. Note that in "lean mode," we do not push these libraries at all except when a user is logged in. If you do not want the overhead we encourage you to learn about lean mode.
    • ๐Ÿ›  Fixes options.arrangeFields for apostrophe-html-widgets
    • โž• Address low-risk denial-of-service vulnerability. It was possible to cause a restart by attempting to get an advisory lock on a document for which a lock already existed, without logging in. This could occur only if an editor happened to be working with that document or had worked with it within the advisory lock timeout time.
    • โž• Adds suggestions list for pieces search bar, it uses autocomplete cursor and displays matching words from highSearchWords.

  • v2.116.1 Changes

    March 10, 2021
    • ๐Ÿ›  Fixes a user interface bug in the chooser modals where the footer pagination was hidden behind the left column.
    • ๐Ÿ›  Fixes page slug updated twice when committing a page move.
    • Eliminated potential race condition while inserting groups if Apostrophe is starting up for the very first time in two processes simultaneously.

  • v2.116.0 Changes

    February 25, 2021
    • ๐ŸŽ Eliminated 75% of database operations required to track attachments referenced in a document when inserted or updated. This yields a significant performance boost in very large databases.
    • โšก๏ธ skipAttachments option added for insert and update operations in those situations where this is not enough and you are absolutely certain there can never be an attachment in the schema or in a widget schema present in the document, not even via an area that is only defined in a template.

    ๐Ÿ‘ Thanks to Michelin for their support of this work.