Releases: publify/publify
Publify 10.0.0
This major release updates Publify to Rails 6.1 in preparation of the upgrade to Rails 7.0. It also updates the set of supported Rubies to 2.7 through 3.2.
Security-related changes
Updated dependencies
- Upgrade to Rails 6.1 #987, #1014,
- Support only Ruby 2.7 through 3.2 #1013, #1041, #1115, #1120
- Update various other dependencies (various pull requests)
Breaking changes
- Remove support for Textile as a text format #1001
- Require email uniqueness to be case-insensitive #1080
Other changes
- Add arabic language to the project #1060 by ahmedhamid13
- Fix article search rendering in bootstrap theme #1101
- Remove local copies of engines and use external ones instead #1099
- Require AWS configuration to be present when choosing AWS storage #1082
- Replace deprecated non-digest-assets configuration #1019
Internal changes
- Remove
sitealizertable #1089 by SupriyaMedankar - Remove itunes fields from resources #1092 by SupriyaMedankar
- Remove
page_cachestable #1090 by SupriyaMedankar - Remove
dynamic_formdependency #991
See also the changelogs for publify_core,publify_textfilter_code and publify_amazon_sidebar.
Publify 9.2.8
This release fixes several security issues:
- Disallow comments on draft articles #1048
- Disallow images in comments #1054
- Hide bodies of password-protected articles in search results #1057
- Do not create article meta description for password-protected articles #1061
Additionally, it includes the following changes:
Publify 9.2.7
This release fixes a security issue:
- Fix setting the article password from the Admin #1044
Publify 9.2.6
This release fixes a minor security issue:
- Rate-limit Devise logins and password resets
Additionally, it includes the following change:
- Add documentation about use of the media library
Publify 9.2.5
This release fixes several security issues. Please upgrade as soon as possible
- Force session cookie to be secure in production
- Block ability to switch themes using a GET request; use a POST instead
- Disallow user self-registration rather than hiding it
- Let the browser not cache admin pages
- Limit the set of allowed mime types for uploaded media
- Limit allowed HTML in articles, pages and notes
Additionally, it includes the following changes:
- Fix resource size display in admin resource list
- Trigger download of media in the Media Library in admin instead of displaying them directly
Publify 9.2.4
This release fixes a security issue and includes the following changes
- Explicitly require at least version 1.12.5 of nokogiri to avoid a security issue
- Drop support for Ruby 2.4 since it is incompatible with nokogiri 1.12.5
Publify 9.2.3
This is a bugfix release that includes the following changes
- Bump Rails dependency to 5.2.6
- Replace mimemagic with marcel
Publify 9.2.2
This is a bugfix release
- Fix the
publify:textile_to_markdowntask. This task failed on feedback and pages.
Publify 9.2.1
This is a small release that just updates some dependencies to fix security issues:
- Bump minimum Rails version to 5.2.4.5
- Update
activerecord-session_storedependency to 2.0.0
Publify 9.2.0
This release updates Publify to use Rails 5.2. It also introduces some breaking changes:
- Drop support for custom mail.yml configuration. Mail settings should now be configured in
config/environments/production.rb - Drop support for custom timezone.yml configuration. If relevant, the timezone can be set in
config/application.rb - Drop support for Ruby 2.2 and 2.3
- Drop support for
humans.txt - Deprecate use of Textile. The admin will warn about any content that uses Textile formatting. A task has been added to convert this content to Markdown. The next release of Publify will drop Textile support entirely