- A number of core settings can now be set via environment variables, to work better with container environments.
- Numerous security improvements to help prevent XSS, CSRF, and other input validation errors.
- Added support for sharingbuttons.io via social/sharingbuttons helper for fast loading social icons.
- Added file browser to the link dialog in the WYSIWYG editor.
- Added transition effects to slideshows, and other slideshow improvements.
- Improved blogger.com blog importer.
- Misc other fixes and improvements.
Improved default robots.txt rules for better SEO, updated Chinese and new Spanish translations, new
minimal default theme and updated admin theme using Elefant's built-in minimal responsive grid system, improved upgrade process reliability, and several other bug fixes.
There are 284 commits since 1.3.10, including updating most components (Redactor, jQuery, etc) to their latest releases, a new Site Settings page, revamped docs section for Helpers, Elefant's way of sharing route handlers between apps, improved import/export options, several new apps (a shopping cart, organization manager, member lists, Boris REPL integration) and improvements to many others, and many bug fixes.
Fixes an XSS vulnerability in user profiles. Also contains substantial improvements across the board, including a much-improved admin toolbar, blogging improvements, admin search on pages, members, blog posts, and a number of helpers and improvements for developers. This release also coincides with the relaunch of the Elefant website, and will likely be the last beta before a release candidate of Elefant 2. While this still says beta, it is highly recommended over the 1.2 series.