Accepted: ikiwiki 2.32.3 (source)
Ubuntu Installer
archive at ubuntu.com
Mon Feb 11 20:24:05 GMT 2008
Accepted:
OK: ikiwiki_2.32.3.tar.gz
OK: ikiwiki_2.32.3.dsc
-> Component: universe Section: web
Origin: Debian/unstable
Format: 1.7
Date: Mon, 11 Feb 2008 20:05:01 +0000
Source: ikiwiki
Binary: ikiwiki
Architecture: source
Version: 2.32.3
Distribution: hardy
Urgency: high
Maintainer: Joey Hess <joeyh at debian.org>
Changed-By: Ilmari Vacklin <ilmari.vacklin at cs.helsinki.fi>
Description:
ikiwiki - a wiki compiler
Closes: 454058 454181 457780 458387
Changes:
ikiwiki (2.32.3) unstable; urgency=high
.
[ Josh Triplett ]
* Do not allow the about: URI scheme; some browsers interpret about:
URIs like a limited version of data: URIs. In particular, some
versions of Internet Explorer interpret arbitrary HTML content in
about: URIs.
* Also filter the attributes cite, longdesc, and usemap, which can contain
URIs.
.
[ Joey Hess ]
* meta: Check that the urls provided for authorurl, permalink, and openid
are safe and can't contain javascript.
.
[ Josh Triplett ]
* Match literal '.' in URI schemas containing '.', rather than matching any
character.
* Do not allow the steam: URI scheme.
* Allow the snews: URI scheme.
* Allow the smb: URI scheme.
.
ikiwiki (2.31.2) unstable; urgency=high
.
* The security fix in the last release had buggy handling of data:image,
now fixed.
.
ikiwiki (2.31.1) unstable; urgency=low
.
* htmlscrubber security fix: Block javascript in uris.
* Add htmlscrubber test suite.
* Thanks to Josh Triplett for pointing out the holes and for his help
in implementing and checking fixes.
.
ikiwiki (2.31) unstable; urgency=low
.
[ Joey Hess ]
* Revert preservation of input file modification times in output files,
since this leads to too many problems with web caching, especially with
inlined pages. Properly solving this would involve tracking every page
that contributes to a page's content and using the youngest of them all,
as well as special cases for things like the version plugin, and it's just
too complex to do.
* aggregate: Forking a child broke the one state that mattered: Forcing
the aggregating page to be rebuilt. Fix this.
* cgi hooks are now run before ikiwiki state is loaded.
* This allows locking the wiki before loading state, which avoids some
tricky locking code when saving a web edit.
* poll: This plugin turns out to have edited pages w/o doing any locking.
Oops. Convert it from a cgi to a sessioncgi hook, which will work
much better.
* recentchanges: Improve handling of links on the very static changes pages
by thunking to the CGI, which can redirect to the page, or allow it to be
created if it doesn't exist.
* recentchanges: Exipre all *._change pages, even if the directory
they're in has changed.
* aggregate: Lots of changes; aggregation can now run without locking the
wiki, and there is a separate aggregatelock to prevent multiple concurrent
aggregation runs.
* monotone changes by Brian May:
- On commits, replace "mtn sync" bidirectional with "mtn push" single
direction. No need to pull changes when doing a commit. mtn sync
is still called in rcs_update.
- Support for viewing differences via patches using viewmtn.
* inline: When previewing, still call will_render on rss/atom files,
just avoid actually writing the files. This is necessary because ikiwiki
saves state after a preview (in case it actually *did* write files),
and if will_render isn't called its security checks will get upset
when the page is saved. Thanks to Edward Betts for his help tracking this
tricky bug down.
* inline: Add new `allowrss` and `allowatom` config options. These can be
used if you want a wiki that doesn't default to generating rss or atom
feeds, but that does allow them to be turned on for specific blogs.
* Don't die if running with --getctime and rcs_getctime throws an error.
There are several cases (recentchanges files, aggregated files)
where some source files are not in revision control.
* Page templates can now use CTIME to show when the page was created.
.
[ Josh Triplett ]
* README.Debian: Mention user wikilists.
.
ikiwiki (2.30) unstable; urgency=low
.
[ Joey Hess ]
* Old versions of git-init don't support --git-dir or GIT_DIR with
--bare. Change ikiwiki-makerepo to use a method that should work with
those older versions too.
* aggregate: Don't let feeds set creation times for pages in the future.
* Add full parser for git diff-tree output (Brian Downing)
* aggregate: Fork a child process to handle the aggregation. This simplifies
the code, since that process can change internal state as needed, and
it will automatically be cleaned up for the parent process, which proceeds
to render the changes.
.
[ Josh Triplett ]
* Add trailing comma to commented-out umask in sample ikiwiki.setup, so
that uncommenting it does not break the setup file.
.
[ Joey Hess ]
* inline: The template can check for FIRST and LAST, which will be
set for the first and last inlined page. Useful for templates that build
tables and the like.
* prettydate,ddate: Don't ignore time formats passed to displaytime
function.
* Pages with extensions starting with "_" are internal-use, and will
not be rendered or web-edited, or matched by normal pagespecs.
* Add "internal()" pagespec that matches internal-use pages.
* RecentChanges is now a static html page, that's updated whenever a commit
is made to the wiki. It's built as a blog using inline, so it can have
an rss feed that users can subscribe to.
* Removed support for sending commit notification mails. Along with it went
the svnrepo and notify settings, though both will be ignored if left in
setup files. Also gone with it is the "user()" pagespec.
* Add refresh hook.
* meta: Add pagespec functions to match against title, author, authorurl,
license, and copyright. This can be used to create custom RecentChanges.
* meta: To support the pagespec functions, metadata about pages has to be
retained as pagestate.
* Fix encoding bug when pagestate values contained spaces.
* Add support for bzr, written by Jelmer Vernooij. Thanks also to bma for
his independent work on bzr support.
* Copyright file updates.
.
ikiwiki (2.20) unstable; urgency=low
.
* inline: Add copyright/license info on a per-post basis to atom
feeds if available. (rss doesn't allow such info on a per-post basis)
* Also include overall copyright/license and author info in atom feeds if
available.
* meta: Allow copyright/license metadata to contain arbitrary markup.
* Call preprocessor hooks in void context during the scan pass. This allows
the hook to determine if it's just scanning, and avoid expensive
operations.
* img: Detect scan mode and avoid generating and writing the image file
during it, for a 2x speedup.
* meta: Run in scan mode again (more intelligently) and re-add support for
meta link.
* Fix support for the case where metadata appears after an inline directive
that needs to use it. This was broken in version 2.16.
* template: Remove bogus htmlize pass added in 2.16.
* template: Htmlize template variables, but also provide a raw version
via `<TMPL_VAR raw_variable>`.
* When htmlizing text, if the input is a single line with no newline,
and the htmlizer (such as markdown and textile) generates a html
paragraph, remove it. This allows removing several hacks from other
plugins that htmlize fragements of pages.
* In preferences, allow the subscriptions and email fields to be cleared.
* teximg: Fix to support the same formula on multiple pages.
.
ikiwiki (2.19) unstable; urgency=low
.
* Only try postsignin if no other action matched. Fixes a bug where the
user goes back from the signin screen and does something else.
* Improve behavior when trying to sign in with no cookies.
* Improved the canedit hook interface, allowing a callback function to be
returned (and not run in some cases) rather than the plugins directly
forcing a user to log in.
* opendiscussion: allow editing of the toplevel discussion page,
and, indirectly, allow creating new discussion pages.
* Add a prereq on Data::Dumper 2.11 or better, needed to dump q// objects.
* htmlscrubber: Further work around #365971 by adding tags for 'br/', 'hr/'
and 'p/'.
* aggregate: Include copyright statements from rss feed as meta copyright
directives.
* aggregate: Yet another state saving fix (sigh).
* aggregate: Add hack to support feeds with invalidly escaped html entities.
.
ikiwiki (2.18) unstable; urgency=low
.
* Split error messages for failures to drop real uid and gid.
* Retry dropping uid and gid, possibly this will help with the "Resource
temporarily unavailable" failures I've experienced under xen.
* Stop testing Encode::is_utf8 in decode_form_utf8: That doesn't work.
* decode_form_utf8 only fixed the utf-8 encoding for fields that were
registered at the time it was called, which was before the
formbuilder_setup hook. Fields added by the hook didn't get decoded.
But it can't be put after the hook either, since plugins using the hook
need to be able to use form values. To fix this dilemma, it's been changed
to a decode_cgi_utf8, which is called on the cgi query object, before the
form is set up, and decodes *all* cgi parameters.
* aggregate: Only save state if it was already loaded. This didn't used to
matter, but after recent changes, state is not always loaded, and saving
would kill it.
* table: Fix dependency tracking for external data files. Closes: #458387
.
ikiwiki (2.17) unstable; urgency=low
.
* Improved parentlinks special case for index pages.
* redir: Support for specifying anchors.
* img: Avoid nesting images when linking to another image. Closes: #457780
* img: Allow the link parameter to point to an exterior url.
* conditional: Improve regexp testing for simple uses of pagespecs
that match only the page using the directive, adding 'included()'
and supporting negated pagespecs and added whitespace.
* map: Fix handling of common prefix to handle the case where it's
in a subdirectory. Patch by Larry Clapp.
* aggregate: Fix stupid mistake introduced when converting it to use
the needsbuild hook. This resulted in feeds not being removed when pages
were updated, and feeds sometimes being forgotten about.
* aggregate: Avoid uninitialised value warning when removing a feed that
has an expired guid.
.
ikiwiki (2.16) unstable; urgency=low
.
* Major basewiki reorganisation. Most pages moved into ikiwiki/ subdirectory
to avoid polluting the main namespace, and some were further renamed.
* meta: Add redir support, based on a patch by Thomas Schwinge.
* Redirs added for moved basewiki pages. These will be removed in a future
release.
* Remove .otl file from sandbox to avoid build ugliness. Closes: #454181
* Finally implemented a simple per-page data storage mechanism for plugins,
via the %pagestate hash.
* Use pagestate in meta to detect potential redir loops.
* Added a version plugin that saves state about what's using it, to force
pages to rebuild when ikiwiki's version changes.
* The calendar plugin stores state about when it needs to be updated,
and forces rebuilds of the pages that contain calendars. So
running ikiwiki --refresh at midnight is now enough, no need for a full
wiki rebuild each midnight.
* calendar: Work around block html parsing bug in markdown 1.0.1 by
enclosing the calendar in an extra div.
* Fix file pruning code to work if ikiwiki is run with "." as the srcdir.
* Add an edittemplate plugin, allowing registering template pages, that
provide default content for new pages created using the web frontend.
* Change formbuilder hook to not be responsible for displaying a form,
so that more than one plugin can use this hook.
I believe this is a safe change, since only passwordauth uses this hook.
(If some other plugin already used it, it would have broken passwordauth!)
* Ensure that web edited pages always end in a newline.
* Avoid unnecessary stat calls to get mtime when rendering pages, use
cached value.
* Preserve input file modification times in output files.
* Allow dashes in preprocessor directive commands, and shortcuts.
* Htmlize parameters passed to the template preprocessor directive before
inserting them into the html template. This ensures that markdown
acts on them, even if the value is expanded inside a block-level html
element in the html template. Closes: #454058
* Use a div in the note template rather than a span.
* shortcut: Expand %S to the raw input text, not url-encoded.
* Don't increment feed numbers when an inline has no feeds. (Nis Martensen)
* Allow editing a page and deleting all content, while still disallowing
creating a new page that's entirely empty.
* meta: Drop support for "meta link", since supporting this for internal
links required meta to be run during scan, which complicated its data
storage, since it had to clear data stored during the scan pass to avoid
duplicating it during the normal preprocessing pass.
* If you used "meta link", you should switch to either "meta openid" (for
openid delegations), or tags (for internal, invisible links). I assume
that nobody really used "meta link" for external, non-openid links, since
the htmlscrubber ate those. (Tell me differently and I'll consider bringing
back that support.)
* meta: Improved data storage.
* meta: Drop the hackish filter hook that was used to clear
stored data before preprocessing, this hack was ugly, and broken (cf:
liw's disappearing openids).
* aggregate: Convert filter hook to a needsbuild hook.
* map: Don't inline images.
* brokenlinks: Don't list the same link multiple times. (%links might
contain multiple copies of the same link)
* git: Correct display of multiline commit messages in recentchanges.
* Re-organise dependencies and recommends now that recommends are installed
by default.
* Don't refuse to render files with ".." in their name. (Anchor the regexp.)
* Work around perl taint checking bug #411786, where perl sometimes randomly
sets the taint flag on untainted variables, by disabling taint checking
in the deb. This sucks.
Files:
7c1b0df6939ef05f3ed629a9514969e0 869 web optional ikiwiki_2.32.3.dsc
455c27111fd530584a2697b8caefe05b 638515 web optional ikiwiki_2.32.3.tar.gz
More information about the Hardy-changes
mailing list