You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* New "secrets" feature in `apostrophe-users` makes it easy to hash other "secrets" similar in spirit to passwords.
* This feature is now used for password reset tokens, making them more secure.
* Additional joins can now be added to the schema of a widget that extends `apostrophe-pieces-widgets`.
* Brute force password attacks against an Apostrophe server are now more difficult. Thanks to Lars Houmark.
* Tolerant sanitization of array items while they are still in the editor. This avoids confusion caused by `required` fields in the array editor.
* Error messages now behave sensibly when multiple label elements appear in a field. Thanks to Lars Houmark.
* Fix background color on notification on uploads when file extension is not accepted. Thanks to Lars Houmark.
* If you can't move a widget out of an area, you can no longer move widgets into that area either (movable: false is fully enforced). Thanks to Fredrik Ekelund.
* New browser-side events are emitted during the attachment upload process, and the built-in facility that delays the saving of a form until attachment uploads are complete has been fixed. Thanks to Lars Houmark.
* Fixes to the active state display of array items. Thanks to Lars Houmark.
* [Contributor Guide](https://github.com/apostrophecms/apostrophe/blob/master/CONTRIBUTING.md) expanded with lots of new information about practical ways to contribute to Apostrophe.
* [Contributor Covenant Code of Conduct](https://github.com/apostrophecms/apostrophe/blob/master/CODE_OF_CONDUCT.md) added to the project. The Apostrophe community is a welcoming place, and now is a great time to lock that in for the future.