Changes:
2.34.5
======
- Improve VP8 codec selection when using GStreamer 1.20.
- Fix connecting to the accessiblity bus when using the Bubblewrap sandbox.
- Fix links being incorrectly activated when starting a pinch zoom gesture.
- Fix touch-based scrolling.
- Fix the build with recent toolchains based on GCC 12 and on older ones as
included e.g. in Ubuntu 18.04.
- Fix the build with ICU 60, version 61 is no longer required.
- Fix several crashes and rendering issues.
Arctic Fox aims to be a desktop oriented web browser. It started as a forked
and rebranded Pale Moon 27.9.4 and retains its classic interface. Many fixes
and enhancements have been imported from Firefox and TenFourFox.
The goal here is to implement specific security updates and bug fixes to
keep this browser as up to date as possible for aging systems.
0.17.4
Fixed
Replace create_server by create_unix_server
0.17.3
Fixed
Drop wsproto version checking.
0.17.2
Fixed
Revert 1332. While trying to solve the memory leak, it introduced an issue
Revert stream interface changes. This was introduced on 0.14.0, and caused an issue
Fix wsproto version check expression
0.14.7
- Requests which raise a PoolTimeout need to be removed from the pool queue.
- Fix AttributeError that happened when Socks5Connection were terminated.
6.4.8
Bugs fixed
- Fix to remove potential memory leak on Jupyter Notebooks ZMQChannelHandler code
6.4.7
Bugs fixed
- Fix Chinese punctuation
- Add date field to kernel message header
- Fix deprecation warning
Maintenance and upkeep improvements
- Enforce labels on PRs
- Fix: CI error for python 3.6 & macOS
Other merged PRs
- handle KeyError when get session
- Updated doc for passwd
6.4.6
Bugs fixed
- Fix `asyncio` error when opening notebooks
- Change to use a universal Chinese translation on certain words
- Fix Chinese translation typo
- Fix `send2trash` tests failing on Windows
Maintenance and upkeep improvements
- TST: don't look in user site for serverextensions
- Enable terminal tests as `pywinpty` is ported for python 3.9
6.4.5
Bug fixes
- Recover from failure to render mimetype
Maintenance and upkeep improvements
- Fix crypto handling
- Fix `jupyter_client` warning
Documentation improvements
- Fix nbsphinx settings
- Fully revert the pinning of `nbsphinx` to 0.8.6
- Pin `nbsphinx` to 0.8.6, clean up orphaned resources
- Fix typo in docstring
6.4.4
Documentation improvements
- Update Manual Release Instructions
Other merged PRs
- Use default JupyterLab CSS sanitizer options for Markdown
- Fix syntax highlight
6.4.3
Bugs fixed
- Add @babel/core dependency
- Switch webpack to production mode
Maintenance and upkeep improvements
- Clean up link checking
6.4.2
Bugs fixed
- Add missing file to manifest
- Fix issue 3218
- Fix version of jupyter-packaging in pyproject.toml
- "#element".tooltip is not a function on home page fixed.
Maintenance and upkeep improvements
- Enhancements to the desktop entry
- Add missing spaces to help messages in config file
6.4.0
Bugs fixed
- Fix Handling of Encoded Paths in Save As Dialog
- Fix: split_cell doesn't always split cell
- Correct 'Content-Type' headers
- Fix skipped tests & remove deprecation warnings
- [Gateway] Track only this server's kernels
- Bind the HTTPServer in start
Maintenance and upkeep improvements
- Revert "do not apply asyncio patch for tornado >=6.1"
- Use Jupyter Releaser
- Add Workflow Permissions for Lock Bot
- Fixes related to the recent changes in the documentation
- Add maths checks in CSS reference test
- Add Issue Lock and Answered Bots
Documentation improvements
- Spelling correction
- Minor typographical and comment changes
- Fixes related to the recent changes in the documentation
- Fix readthedocs environment
6.3.0
Merged PRs
* Add square logo and desktop entry files
* Modernize Changelog
* Add missing "import inspect"
* Add Codecov badge to README
* Remove configuration for nosetests from setup.cfg
* Update security.rst
* Docs-Translations: Updated Hindi and Chinese Readme.md
* Allow /metrics by default if auth is off
* Skip terminal tests on Windows 3.9+ (temporary)
* Update GatewayKernelManager to derive from AsyncMappingKernelManager
* Drop use of deprecated pyzmq.ioloop
* Drop support for Python 3.5
* Allow jupyter_server-based contents managers in notebook
* Russian translation fixes
* Increase culling test idle timeout
* Re-enable support for answer_yes flag
* Replace Travis and Appveyor with Github Actions
* DOC: Server extension, extra docs on configuration/authentication.
6.2.0
Merged PRs
- Increase minimum tornado version
- Adjust skip decorators to avoid remaining dependency on nose
- Ensure that cell ids persist after save
- Add reconnection to Gateway (form nb2kg)
- Fix some typos
- Handle TrashPermissionError, now that it exist
6.1.6
Merged PRs
- do not require nose for testing
- [docs] Update Chinese and Hindi readme.md
- Add support for creating terminals via GET
- Made doc translations in Hindi and Chinese
6.1.5 is a security release, fixing one vulnerability:
- Fix open redirect vulnerability GHSA-c7vm-f5p4-8fqh (CVE to be assigned)
6.1.4
- Fix broken links to jupyter documentation
- Add additional entries to troubleshooting section
- Revert change in page alignment
- Bug fix: remove double encoding in download files
- Fix typo for Check in zh_CN
- Require a file name in the "Save As" dialog
6.1.3
- Title new buttons with label if action undefined
6.1.2
- Fix russian message format for delete/duplicate actions
- Remove unnecessary import of bind_unix_socket
- Tooltip style scope fix
6.1.1
- Prevent inclusion of requests_unixsocket on Windows
6.1.0
Please note that this repository is currently maintained by a skeleton
crew of maintainers from the Jupyter community. For our approach moving
forward, please see this
[notice](https://github.com/jupyter/notebook#notice) from the README.
Thank you.
Here is an enumeration of changes made since the last release and
included in 6.1.0.
- Remove deprecated encoding parameter for Python 3.9 compatibility.
- Add support for async kernel management
- Fix typo in password_required help message
- Gateway only: Ensure launch and request timeouts are in sync
- Update Markdown Cells example to HTML5 video tag
- Integrated LoginWidget into edit to enable users to logout from the t...
- Update message about minimum Tornado version
- Logged notebook type
- Added nl language
- Add UNIX socket support to notebook server.
- Update CodeMirror dependency
- Tree added download multiple files
- Toolbar buttons tooltip: show help instead of label
- Remove unnecessary import of requests_unixsocket
- Add ability to cull terminals and track last activity
- Code refactoring notebook.js
- Install terminado for docs build
- Convert notifications JS test to selenium
- Add cell attachments to markdown example
- Add Japanese document
- Migrate Move multiselection test to selenium
- Use `cmdtrl-enter` to run a cell
- Fix broken "Raw cell MIME type" dialog
- Make a notebook writable after successful save-as
- Add actual watch script
- Added `--autoreload` flag to `NotebookApp`
- Enable check_origin on gateway websocket communication
- Restore detection of missing terminado package
- Culling: ensure `last_activity` attr exists before use
- Added functionality to allow filter kernels by Jupyter Enterprise Gat...
- 'Play' icon for run-cell toolbar button
- Bump minimum version of jQuery to 3.5.0
- Remove old JS markdown tests, add a new one in selenium
- Add support for more RTL languages
- Make markdown cells stay RTL in edit mode
- Unforce RTL output display
- Fixed multicursor backspacing
- Implemented Split Cell for multicursor
- Alignment issue \[FIXED\]
- MathJax: Support for `\gdef`
- Another (Minor) Duplicate Code Reduction
- Update readme regarding maintenance
- Document contents chunks
- Backspace deletes empty line
- The dropdown submenu at notebook page is not keyboard accessible
- Tooltips visible through keyboard navigation for specified buttons
- Fix for recursive symlink
- Fix for the terminal shutdown issue
- Add japanese translation files
- Workaround for socket permission errors on Cygwin
- Implement optional markdown header and footer files
- Remove double link when using `custom_display_url`
- Respect `cell.is_editable` during find-and-replace
- Fix exception causes all over the codebase
- Improve login shell heuristics
- Added support for `JUPYTER_TOKEN_FILE`
- Kill notebook itself when server cull idle kernel
- Implement password hashing with bcrypt
- Fix broken links
- Russian internationalization support
- Add a metadata tag to override notebook direction (ltr/rtl)
- Paste two images from clipboard in markdown cell
- Add keyboard shortcuts to menu dropdowns
- Update codemirror to `5.56.0+components1`
6.4.0
-----
* Allow passing extra args to code highlighter
* Prevent page breaks in outputs when printing
* Add collapsers to template
* Optionally speed up validation
6.3.0
-----
* Update state filter
* Add slide numbering
* Fix HTML templates mentioned in help docs
6.2.0
-----
* Add the ability to fully customize ``widget_renderer_url``
* Enable users to customize MathJax URLs
* Add CLI configuration for disable-chromium-sandbox
* Enables webpdf to be rendered with templates
* Adds dejavu
6.1.0
-----
This release is mostly a long list of bug fixes and capability
additions. Thanks to the many contributors for helping Improve
nbconvert!
Significant Changes
~~~~~~~~~~~~~~~~~~~
* Dropped Python 3.6 and added Python 3.9
* Convert execute preprocessor wrapper to resemble papermill
Comprehensive notes
~~~~~~~~~~~~~~~~~~~
* Feature: support static widgets in Reveal.js slides
* Feature: add speaker notes to Reveal.js template
* Add correct output mimetype to WebPDF exporter
* Set mimetype for webpdf correctly
* Fix docstring issue and a broken link
* Add CLI example for removing cell tag syntax
* Include output of stdin stream in lab template
* Don't use a shell to call inkscape
* JupyterLab export as HTML with widgets fails to load widgets
* Move note inside Reveal.js HTML slideshow
* fix issue 1507: broken command line option --CSSHTMLHeaderPreprocessor.style=
* Fix order of template paths
* Changed documentation of external_exporters
* Fix template precedence when using a custom template
* add pip to docs envt
* Fix CI By Adding PIP to conda envt for docs build
* Explicitly install pip in docs environment.yml
* small update to docs hide cell
* Allow child templates to override mathjax
* Allow get_export_names to skip configuration check
* Update docs: Tex Live package on Ubuntu
* Test jupyter_client
* Update jupyterlab css
* Webpdf: Use a temporary file instead of an URL
* Applied patch for marking network changes
* Change webpdf display name
* Allow disabling pyppeteer sandbox
* Make pagination configurable in webpdf
* Fix Reveal.js version in documentation
* Fix dangling reference to get_template_paths()
* Solved svg2pdf conversion error if Inkscape is installed into the default path on a windows machine
* fix typo
* Update version dependency of traitlets
* Update execute.py
* Fix code output indentation when running nbconvert --no-input
* fix issue (i'd call it a BUG)
* add docstring
* Update nbconvert_library.ipynb
* Supports isolated iframe when converting to HTML
6.0.7
-----
Primarly a release addressing template extensions issues reported since 6.0 launched.
Comprehensive notes
~~~~~~~~~~~~~~~~~~~
- Comment typo fix
- Documented updated to default conversion changes from 6.0
- Allow custom template files outside of the template system to set their base template name
- Restored basic template from 5.x
- Added proper support for backwards compatibility templates
6.0.6
-----
A range of bug fixes for webpdf exports
Comprehensive notes
~~~~~~~~~~~~~~~~~~~
- Removed CSS preprocessor from default proprocessor list (fixes classic rendering)
- Fixed error when pickling TemplateExporter
- Support for fractional height html / webpdf exports
- Added short wait time for fonts and rendering in webpdf
- Updated template documentation
- Minor fixes to the webpdf exporter
- Fixup use with a running event loop within webpdf
- Prevent overflow in input areas in lab template
6.0.5
-----
- Revert networkidle2 change which caused custom cdn-fetched widgets in webpdf
6.0.4
-----
Comprehensive notes
~~~~~~~~~~~~~~~~~~~
Fixing Problems
- The webpdf exporters does not add pagebreaks anymore before reaching the maximum height allowed by Adobe
- Fixes some timeout issues with the webpdf exporter
6.0.3
-----
Execute preprocessor no longer add illegal execution counts to markdown cells
6.0.2
-----
A patch for a few minor issues raised out of the 6.0 release.
Comprehensive notes
~~~~~~~~~~~~~~~~~~~
Fixing Problems
- Added windows work-around fix in CLI for async applications
- Fixed pathed template files to behave correctly for local relative paths without a dot
- ExecuteProcessor now properly has a ``preprocess_cell`` function to overwrite
Testing, Docs, and Builds
- Updated README and docs with guidance on how to get help with nbconvert
- Fixed documentation that was referencing ``template_path`` instead of ``template_paths``
6.0.1
-----
A quick patch to fix an issue with get_exporter
6.0
---
Significant Changes
~~~~~~~~~~~~~~~~~~~
Nbconvert 6.0 is a major release of nbconvert which includes many significant changes.
- Python 2 support was dropped. Currently Python 3.6-3.8 is supported and tested by nbconvert. However, nbconvert 6.0 provides limited support for Python 3.6. nbconvert 6.1 will drop support for Python 3.6. Limited support means we will test and run CI on Python 3.6.12 or higher. Issues that are found only affecting Python 3.6 are not guaranteed to be fixed. We recommend all users of nbconvert use Python 3.7 and higher.
- Unlike previous versions, nbconvert 6.0 relies on the `nbclient <https://github.com/jupyter/nbclient/>`__ package for the execute preprocessor, which allows for asynchronous kernel requests.
- ``template_path`` has become ``template_paths``. If referring to a 5.x style ``.tpl`` template use the full path with the ``template_file`` argument to the file. On the command line the pattern is ``--template-file=<path/to/file.tpl>``.
- Nbconvert 6.0 includes a new "webpdf" exporter, which renders notebooks in pdf format through a headless web browser, so that complex outputs such as HTML tables, or even widgets are rendered in the same way as with the HTML exporter and a web browser.
- The default template applied when exporting to HTML now produces the same DOM structure as JupyterLab, and is styled using JupyterLab's CSS. The pygments theme in use mimics JupyterLab's codemirror mode with the same CSS variables, so that custom JupyterLab themes could be applied. The classic notebook styling can still be enabled with
.. code-block:: bash
jupyter nbconvert --to html --template classic
- Nbconvert 6.0 includes a new system for creating custom templates, which can now be installed as packages. A custom "foobar" template is installed in Jupyter's data directory under ``nbconvert/templates`` and has the form of a directory containing all resources. Templates specify their base template as well as other configuration parameters in a ``conf.json`` at the root of the template directory.
- The "slideshow" template now makes use of RevealJS version 4. It can now be used with the HTML exporter with
.. code-block:: bash
jupyter nbconvert --to html --template reveal
The ``--to slides`` exporter is still supported for convenience.
- Inkscape 1.0 is now supported, which had some breaking changes that prevented 5.x versions of nbconvert from converting documents on some systems that updated.
Remaining changes
~~~~~~~~~~~~~~~~~
We merged 105 pull requests! Rather than enumerate all of them we'll link to the github page which contains the many smaller impact improvements.
NBClient, a client library for programmatic notebook execution, is a tool for
running Jupyter Notebooks in different execution contexts. NBClient was spun
out of nbconvert's former ExecutePreprocessor.
What’s new in Tornado 6.1.0
Oct 30, 2020
Deprecation notice
This is the last release of Tornado to support Python 3.5. Future versions will require Python 3.6 or newer.
General changes
Windows support has been improved. Tornado is now compatible with the proactor event loop (which became the default in Python 3.8) by automatically falling back to running a selector in a second thread. This means that it is no longer necessary to explicitly configure a selector event loop, although doing so may improve performance. This does not change the fact that Tornado is significantly less scalable on Windows than on other platforms.
Binary wheels are now provided for Windows, MacOS, and Linux (amd64 and arm64).
tornado.gen
coroutine now has better support for the Python 3.7+ contextvars module. In particular, the ContextVar.reset method is now supported.
tornado.http1connection
HEAD requests to handlers that used chunked encoding no longer produce malformed output.
Certain kinds of malformed gzip data no longer cause an infinite loop.
tornado.httpclient
Setting decompress_response=False now works correctly with curl_httpclient.
Mixing requests with and without proxies works correctly in curl_httpclient (assuming the version of pycurl is recent enough).
A default User-Agent of Tornado/$VERSION is now used if the user_agent parameter is not specified.
After a 303 redirect, tornado.simple_httpclient always uses GET. Previously this would use GET if the original request was a POST and would otherwise reuse the original request method. For curl_httpclient, the behavior depends on the version of libcurl (with the most recent versions using GET after 303 regardless of the original method).
Setting request_timeout and/or connect_timeout to zero is now supported to disable the timeout.
tornado.httputil
Header parsing is now faster.
parse_body_arguments now accepts incompletely-escaped non-ASCII inputs.
tornado.iostream
ssl.CertificateError during the SSL handshake is now handled correctly.
Reads that are resolved while the stream is closing are now handled correctly.
tornado.log
When colored logging is enabled, logging.CRITICAL messages are now recognized and colored magenta.
tornado.netutil
EADDRNOTAVAIL is now ignored when binding to localhost with IPv6. This error is common in docker.
tornado.platform.asyncio
AnyThreadEventLoopPolicy now also configures a selector event loop for these threads (the proactor event loop only works on the main thread)
tornado.platform.auto
The set_close_exec function has been removed.
tornado.testing
ExpectLog now has a level argument to ensure that the given log level is enabled.
tornado.web
RedirectHandler.get now accepts keyword arguments.
When sending 304 responses, more headers (including Allow) are now preserved.
reverse_url correctly handles escaped characters in the regex route.
Default Etag headers are now generated with SHA-512 instead of MD5.
tornado.websocket
The ping_interval timer is now stopped when the connection is closed.
websocket_connect now raises an error when it encounters a redirect instead of hanging.
For older versions look here: https://www.tornadoweb.org/en/stable/releases.html
ChangeLog:
This first release of 2022 introduces 3 new lexers: Fluent, Stan and Stata.
There are also numerous fixes and improvements across C, Console, CPP, Cypher,
Dart, HCL, JSX, Kotlin, Rust, SPARQL and TOML lexer. In addition, we have
added support to run the visual test app in Ruby 3.0.
Django 3.2.12 fixes two security issues with severity “medium” in 3.2.11.
CVE-2022-22818: Possible XSS via {% debug %} template tag
CVE-2022-23833: Denial-of-service possibility in file uploads
Django 2.2.27 fixes two security issues with severity “medium” in 2.2.26.
CVE-2022-22818: Possible XSS via {% debug %} template tag
CVE-2022-23833: Denial-of-service possibility in file uploads
2.0.12 January 30, 2022
Add bug tracker information to README, and add CONTRIBUTING.md. [Steve Hay]
Fix detection of APR's threading support on RHEL 8. [Petr Písař]
Fix build for perl >= 5.33.7. [Leon Timmermans]
Fix SIGSEGV crash due to wrong use of perl_parse(). [Charles Pigott]
Improve installation instructions for AIX. [Rainer Tammer]
0.17.1
Fixed
Move all data handling logic to protocol and ensure connection is closed.
Change spec_version field from "2.1" to "2.3", as Uvicorn is compliant with that version of the ASGI specifications.
Fixes configure (and build, and package) on at least Monterey. This
workaround will be unneeded in the next curl release. From MacPorts, via
Michael-John Turner on pkgsrc-users@.
Changes with nginx 1.21.6 25 Jan 2022
*) Bugfix: when using EPOLLEXCLUSIVE on Linux client connections were
unevenly distributed among worker processes.
*) Bugfix: nginx returned the "Connection: keep-alive" header line in
responses during graceful shutdown of old worker processes.
*) Bugfix: in the "ssl_session_ticket_key" when using TLSv1.3.
Drupal 7.86, 2022-01-18
-----------------------
- Fixed security issues:
- SA-CORE-2022-001
- SA-CORE-2022-002
Drupal 7.85, 2022-01-12
-----------------------
- Fix session cookies for sites with different base_urls but a shared domain
Drupal 7.84, 2021-12-13
-----------------------
- Hotfix for session cookie domain on www subdomains
Drupal 7.83, 2021-12-01
-----------------------
- Initial support for PHP 8.1
- The has_js cookie has been removed (but can be re-enabled)
- The leading www. is no longer stripped from cookie domain by default
- The user entity now has a "changed" property
- Introduced a skip_permissions_hardening setting
- Changes to the password reset process to avoid email and username enumeration
- Various bug fixes, optimizations and improvements
0.22.0
Added
* Support for [the SOCKS5 proxy protocol](https://www.python-httpx.org/advanced/#socks) via [the `socksio` package](https://github.com/sethmlarson/socksio).
* Support for custom headers in multipart/form-data requests
Fixed
* Don't perform unreliable close/warning on `__del__` with unclosed clients.
* Fix `Headers.update(...)` to correctly handle repeated headers
Changelog:
Security fixes:
#CVE-2022-22746: Calling into reportValidity could have lead to fullscreen
#CVE-2022-22743: Browser window spoof using fullscreen mode
#CVE-2022-22742: Out-of-bounds memory access when inserting text in edit mode
#CVE-2022-22741: Browser window spoof using fullscreen mode
#CVE-2022-22740: Use-after-free of ChannelEventQueue::mOwner
#CVE-2022-22738: Heap-buffer-overflow in blendGaussianBlur
#CVE-2022-22737: Race condition when playing audio files
#CVE-2021-4140: Iframe sandbox bypass with XSLT
#CVE-2022-22748: Spoofed origin on external protocol launch dialog
#CVE-2022-22745: Leaking cross-origin URLs through securitypolicyviolation
event
#CVE-2022-22744: The 'Copy as curl' feature in DevTools did not fully escape
website-controlled data, potentially leading to command injection
#CVE-2022-22747: Crash when handling empty pkcs7 sequence
#CVE-2022-22739: Missing throttling on external protocol launch dialog
#CVE-2022-22751: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
Changelog:
Fixed
* Fixed an issue that caused tab height to display inconsistently on Linux
when audio was played (bug 1714276)
* Fixed an issue that caused Lastpass dropdowns to appear blank in Private
Browsing mode (bug 1748158)
* Fixed a crash encountered when resizing a Facebook app (bug 1746084)
Changes
Switch default python for build to python3 (Riccardo Magliocchetti)
Add support for PHP 8 (Riccardo Magliocchetti)
Drop support for PHP < 7 as it is EOL since end of 2018 (Riccardo Magliocchetti)
Fix segfaults when using –wsgi-env-behavior=holy (Antonio Cuni)
Replace uwsgi.h system includes in core and proto dirs for Bazel (Serge Bazanski)
gevent: fix compilation with clang11 (László Károlyi)
Fix Python 3.9 deprecations warnings (Riccardo Magliocchetti)
Add trove classifier for Python 3.9 (Adrian)
Fix message in Log SIGINT/SIGTERM triggered kill_them_all (Delena Malan)
Support 7 in weekedays as an alias for sunday to match crontab behaviour (Riccardo Magliocchetti)
Document http-timeout default of 60 seconds (Etienne H)
Add option to override python sys.executable using py-executable config
Allow specifying an iteration to uwsgi::add_rb_timer (Luciano Rocha)
Allow to compile with Python versions with minor version with 2+ digits (Cyrille Pontvieux)
Take into account new naming for LIBPL since python 3.6 (ilrico)
Added missing HTTP status codes messages (James Brown)
Official support for Python 3.10
upstream changes:
-----------------
Dotclear 2.20.1 - 2021-11-19
===========================================================
* Fix: Lost of context in media popup (editor media insertion)
* Fix: Active menuitem in favorites menu
* Fix: Avoid notice on unknown namespace (dcSettings)
* Fix: New user button had disappeared since the previous version
Dotclear 2.20 - 2021-11-13
===========================================================
* 🐘 PHP 7.3+ is required, PHP 8 compliance
* Js: switch to ES2016+ syntax, up to ES2021 (was ES2015 in 2.19), will require a "modern" browser
* Template: Refine tpl:block for pagination and archive (dotty templateset)
* Template: Add ".updated" class to republished posts (dotty templateset)
* Template: The {{tpl:CommentIfMe}} template item take care of author's alternative emails and URLs
* Admin UI: Enforce visibility of last action « button » on update
* Admin UI: Remove box and text shadows from CKEditor dotclear CSS styles
* Admin UI: Slightly review the look of theme's screenshots (blog appearance page)
* Admin UI: Move drag'n'drop button to right side on dashboard
* Admin UX: Add screenshots for disabled themes
* Admin UX: Add a badge with number of updates available on dashboard icon
* Admin UX: Add password strength meter on auth page (if password change is required)
* Admin UX: Generic filter controls refactored
* Admin UX: Cope with local .mediadef file (JSON format wich superseeds insertion defaults)
* Admin UX: Add message about next required PHP version on update page
* Theme: Remove left border for (aside) sidebar of Berlin theme
* Core: Add third-party repository option for modules (plugins and themes)
* Core: Asynchronous check store update on dashboard
* Core: Add constant (DC_STORE_NOT_UPDATE) to disable DotAddict updates check
* Core: Add constant (DC_ALLOW_REPOSITORIES) to disable third party repo
* Core: Open admin search page to other type (WIP)
* Core: Remove currywurst template set (never used)
* Core: Add color, email, number types for widget settings
* Core: Fix determination of « republished » state of post
* Core: Cope with IPv6 addresses
* Core: Create DC_TPL_CACHE directory if necessary
* Core: Add IP v6 antispam filter (only enabled if GMP or BC Math library is available)
* Core: Add standard nethttp timeout constant (DC_QUERY_TIMEOUT)
* Core: Add alternatives Emails and URLs for users in My Preferences and User Profile (super-admin only)
* Core: Set repositories store cache TTL to 12 hours rather than 30 minutes
* Fix: Cope with DotAddict server not responding
* Fix: Cope with isolated figcaption for remove_html and strip_tags tpl attributes
* Fix: Allow modification of "official" themes if they are not in distributed folder (themes) of Dotclear
* Fix: RSS style, fix css responsive + fix input
* Fix: Ensure theme's settings namespace exists
* Fix: Ensure DC_VAR constant exists before using it
* Fix: Fix favicon path in auth page
* Fix: Allow https protocol for trackbacks
* Fix: Fix IPv4 antispam filter for subnet mask > 32
* Fix: Fix plugins privileges on config file
* Fix: Uses the same font in the CKEditor editor as the rest of the administration
* Fix: CKEditor sometimes add a t parameter to a request URL (background sprite image), ignore it
* Lib: Update CKEditor from 4.16.1 to 4.16.2 (with local additional fixes in CKEditor jQuery adapter)
* Lib: Update Codemirror 5.62.0 from to 5.63.3
* Lib: Update jQuery UI (custom) from 1.12.1 to 1.13.0
* ClearBricks: Allow legitimate .. in media filenames
* ClearBricks: Allow legacy forms (array of key => value) for select and optgroup components in form class
* Clearbricks: Add HTML details block support in wiki syntax
* Clearbricks: Use mysqli_get_server_version() rather than mysqli_get_server_info() to get server version
* 🛡 Security: Add SECURITY.md document
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
* 📣 Warning: Next major release (2.21) will require PHP 7.4+
Dotclear 2.19 - 2021-08-13
===========================================================
* 🐘 PHP 7.3+ is required, PHP 8 compliance
* jQuery: Remove old jQuery biscuit plugin and replace it by "modern JS"
* jQuery: Remove old jQuery pwstrength plugin and replace it by "modern JS"
* Js: Use dotclear global object rather than global constants, var and methods (AFAP)
* Js: No more need of global dotclear_init const as dotclear global object is initialized before (prepend.js)
* Js: Rewrite metaEditor script
* Template: Add {{tpl:CategoryID}} template
* Template: Refine granularity of tpl:Blocks in dotty template set, will simplify inheritance and overload of themes
* Template: Add dc-home-first class to body tag if it is the first page (standard mode)
* Template: {{tpl:FeedLanguage}} consider lang in post context
* Admin UI: Remove some PNG fallback image when SVG are available as every modern browsers support SVG format
* Admin UI: Bye bye responsive font size, thanks for all the fish!
* Admin UI: Blog appearance, use details HTML5 element rather than div and JS to display theme details
* Admin UI: Add system-ui (cross-platform default user interface font) in 1st position of font-family
* Admin UX: Load themes in some admin popups as some configurable theme may use a link/post/page selector
* Admin UX: Load themes in media/media-item admin pages as some configurable theme may use a media selector
* Admin UX: Disable deletion and modification of officially distributed themes
* Admin UX: Remove Google Blog Search from pings URIs (service stopped) and fix pings global settings management
* Admin UX: Check themes dependencies (with core, plugins)
* Admin UX: Management of attachments, allow using media->postmedia property
* Admin UX: Use details HTML5 element rather than div and JS for authentication additional options
* Admin UX: Add Ad-blocker detection (may be disabled) as it may interfere with CKEditor (may be other features).
* a11y: Cope with mediaquery prefers-reduced-data (experimental)
* Public UX: Fix navigation widget to cope with static mode
* Public UX: Add language information (if any) in breadcrumb
* Public UX: Use localStorage rather than cookie to store comment's author info ("remember me" checkbox)
* Public UX: Subscribe widget and feeds handling language context
* Theme: Use <link rel… rather than <style @import… for CustomCSS theme
* Theme: Align right field's labels (single line fields only) of Berlin theme
* Theme: No need to load again util.js in _public.php as it's already loaded by dotty/_head.html
* Core: Add .svg in allowed var/plugin loaded files
* Core: Add .webp in allowed var/plugin loaded files and ope with wepb thumbnails
* Core: Remove mysql driver support, obsolete in PHP 7+
* Core: Forget about URL type = lang as it cannot be set as this by the URL handler
* Core: Add publicBeforeCommentRedir behavior - useful to add parameters on redir URL
* Core: Globally disable (Google) FLoC tracking by default
* Fix: Cope with original size when storing current media insertion settings
* Lib: Update jQuery from 3.5.1 to 3.6.0
* Lib: Update Codemirror 5.58.2 from to 5.62.0
* Lib: Update CKEditor from 4.16.0 to 4.16.1 (and fix CKEditor jQuery adapter warnings)
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
