Releases: getfider/fider
v0.34.0
Summary
There's a few important security updates in this release, so for that reason I'd recommend you update asap.
Some other pretty big changes - the "open core licensing" model that we started to move towards was aborted, and we moved back to making everything FULLY open source 🎉 See the discussion for more about that --> #1477
As well as that, we've got some minor fixes, and @JimKnoxx has been busy contributing some good stuff (thanks again!)
What's Changed
- Batch safe dependency updates by @mattwoberts in #1479
- Show voted indicator on homepage post list + complete Polish translations by @lol2x in #1482
- Fix authenticated arbitrary blob overwrite vulnerability by @mattwoberts in #1497
- fix: prevent XSS in markdown rendering and ATOM feed by @mattwoberts in #1495
- Fix SSRF vulnerability in webhook URLs by @mattwoberts in #1494
- Added import and export for tags by @JimKnoxx in #1480
- Bump Go to 1.25 and update dependencies by @mattwoberts in #1498
- Fix DoS via unbounded HTTP response body read by @mattwoberts in #1499
- Remove open core licensing model by @mattwoberts in #1483
- Added an optional OAUTH_ALLOWED_ROLES environment variable by @JimKnoxx in #1463
- Add Traditional Chinese (zh-TW) language support by @HansHans135 in #1488
- fix: use 'zh' MessageFormatCode for Chinese (Traditional) by @partylogo in #1511
- Fixed users tab in administrative view not being highlighted when active by @JimKnoxx in #1507
- Add Fider version to Powered by Fider by @JimKnoxx in #1505
- Fixing quote functionality, adding quote icon to the comment editor by @JimKnoxx in #1504
New Contributors
- @HansHans135 made their first contribution in #1488
- @partylogo made their first contribution in #1511
Full Changelog: v0.33.0...v0.34.0
Contributors
Assets 2
v0.33.0
Executive Summary
Hey all. This is a pretty big release, with lot's of new stuff. Let's get into it...
Content Moderation (Pro): Admins can now moderate posts and comments before they go public, trust or block individual users, and manage pending content from a dedicated admin page. Content moderation is available as a pro feature.
Revamped UI: The home page and post detail view have been refreshed with a cleaner design, better dark mode support, improved mobile layouts, and post details now open in a modal without a full page reload.
Open Core Licensing: Some features (content moderation, search indexing) are now gated as pro features, with a new commercial licensing system using separate private/public key environment variables.
Security: Sign-in email links now use a strong 64-character key (manual entry still uses a 6-digit code for convenience).
Bug Fixes & Improvements:
- Fixed search with hyphenated words
- Option to keep failing webhooks enabled rather than auto-disabling them
- Fixed issue adding links via the toolbar button
- Fixed filter/sort state persisting when navigating back from a post
- Fixed vote listing issues
- Post tags now update live in the listing without a page reload
- Migrated search columns to non-upgrade-breaking types
What's Changed
- Build tweaks by @mattwoberts in #1407
- Bump the all-actions group with 6 updates by @dependabot[bot] in #1410
- Update package-lock.json for js-yaml 3.14.2 bump by @Copilot in #1421
- Bump js-yaml from 3.14.1 to 3.14.2 by @dependabot[bot] in #1411
- Fix incomplete package-lock.json from Dependabot form-data bump by @Copilot in #1422
- Bump form-data by @dependabot[bot] in #1417
- Bump golang.org/x/oauth2 from 0.15.0 to 0.27.0 by @dependabot[bot] in #1412
- Bump golang.org/x/oauth2 from 0.27.0 to 0.34.0 by @dependabot[bot] in #1423
- Fix typo in the "Deprecated" comment by @alexandear in #1431
- Fixed issue with adding links from the button. by @mattwoberts in #1440
- FIx search with hyphenated words. by @mattwoberts in #1437
- Option to keep failing webhooks enabled. by @mattwoberts in #1438
- Content Moderation, revamped UI, and new "open core" licensing for some features. by @mattwoberts in #1388
- Billing improvements by @mattwoberts in #1445
- Indexing is a pro feature. by @mattwoberts in #1449
- Fix PostFilter keys to prevent My Posts toggle collisions by @michaeltyson in #1447
- Fix typo in donations section of README by @agahkarakuzu in #1451
- Fix: Use strong key for sign-in email link by @mattwoberts in #1468
- Migrate search columns to non-upgrade-breaking types. by @mattwoberts in #1441
New Contributors
- @michaeltyson made their first contribution in #1447
- @agahkarakuzu made their first contribution in #1451
Full Changelog: v0.32.0...v0.33.0
Contributors
Assets 2
v0.32.0
Executive Summary
There were some issues with the "raw markdown mode" editor where markdown formatting wasn't always persisting properly between HTML and raw view. Switching to use a textarea for the raw markdown mode fixed these issues, and meant that the code was simpler since we had less kludging to do. That fixes many little issues, including #1401
Also sorted #1402, and implemented some security improvements too (CWE-22 Path Traversal vulnerability).
Enjoy!
Full Changelog: v0.31.0...v0.32.0
v0.31.0
What's Changed
- Allow setting listen addr with HOST and METRICS_HOST by @dani in #1384
- Allow resending signup verification email for pending tenants by @Copilot in #1378
- [main] Auto-translate missing keys in locales by @github-actions[bot] in #1386
- Replace loose equality with strict equality in SignInControl by @Copilot in #1392
- Email sign-in changed to use sign-in codes. by @mattwoberts in #1389
- Better email formatting. by @mattwoberts in #1400
- [main] Auto-translate missing keys in locales by @github-actions[bot] in #1399
New Contributors
Full Changelog: v0.30.0...v0.31.0
Contributors
Assets 2
v0.30.0
Release v0.30.0
🚀 Features
• OAuth Provider Management: Tenant-level enable/disable controls for built-in OAuth providers (#1377)
• Enhanced Search: Improved full-text search with language detection support and better handling of non-Latin languages (#1375)
• Link Insertion in Editor: New insert link button and keyboard shortcut (Cmd/Ctrl+K) in comment editor (#1371)
🐛 Bug Fixes
• Fixed search functionality for queries with multiple words and special characters
• Fixed link rendering in comment editor (#1370)
• Proper i18n for post status labels (#1380)
• Fixed long post titles breaking layout with proper word wrapping (#1368)
🌍 Internationalization
• Auto-translation workflow for missing locale keys (#1383)
• Added i18n support for LinkInsertModal
• Updated Russian locale translations
📝 Documentation
• Revised README for locale translations for improved clarity and structure
• Fixed formatting of contributing link
v0.29.0
Release Summary
We've got enough here to warrant a release. Some filter improvements to the post listing, some issues with the new post modal, and better support for markdown images. Read on for more detailed release notes...
What's Changed
- A11Y and filter improvements by @JimKnoxx in #1346
- France translation error and improved idea title behaviour by @JimKnoxx in #1351
- Fixed stacking up of escape handlers. by @mattwoberts in #1349
- fix: encode email subject headers according to RFC 2047 by @lol2x in #1353
- Added support for URL based images. by @mattwoberts in #1362
New Contributors
Full Changelog: v0.28.1...v0.29.0
Contributors
Assets 2
v0.28.1
A few things that were stacked up for the previous big release didn't make it in, so they're here
What's Changed
- Persian translation by @AienTech in #1337
- Add
tenant.AllowedSchemesadvanced configuration item by @nabijaczleweli in #1332
New Contributors
- @AienTech made their first contribution in #1337
- @nabijaczleweli made their first contribution in #1332
Full Changelog: v0.28.0...v0.28.1
Contributors
Assets 2
v0.28.0
Summary of changes
There's a lot of changes in this release. The main change is a re-worked process for adding new posts, in an attempt to make fider feel more modern and to remove barriers to adding new suggestions and ideas. This includes a new full-screen modal for entering the new post. We've also changed the way that new posts are added for users who aren't logged in. You can enter your suggestion as though you are logged in, and just at the end you need to choose how to continue - with email or some other auth. Once you have confirmed your email you can then finalise and submit your post.
Another big change, there is no more "upload an image" button. Images are now handled inline in the editor, and the editor has been rolled out to adding / editing posts as well as comments now. So you can upload images and paste images into the editor now - behind the scenes they're still uploaded in the same way to the same locations you've configured (either db, s3, or file).
What's Changed - headliners
- ✍️ New idea UI re-worked, to make adding a new idea more pleasant
- 🖼️ No more "image upload" buttons - images are now handled inline in the editor
- 🎉 Ability for user to set the tags on post creation - (#1211) by @JimKnoxx in #1306
- ⚡ATOM feed implementation for posts and comments by @afeuerstein in #1287
What's changed - other bits
- Input search in the filter dropdown (wrapped into #1319)
- Better form error handling (wrapped into #1319)
- Moved away from crowdin for translations @mattwoberts in #1325
- Improved redirect handling on oauth signin page (#1321) by @JimKnoxx in #1322
- Improved handling of long strings in titles and code blocks (#1333) by @JimKnoxx in #1334
New Contributors 🎉
- @JimKnoxx made their first contribution in #1306
- @afeuerstein made their first contribution in #1287
Many thanks, and @JimKnoxx thanks for the all the translation help there and the big pile of things you spotted and sorted.
Full Changelog: v0.27.0...v0.28.0
Contributors
Assets 2
v0.27.0
Summary of changes
More translations, some support for Arabic that was missing from the last release (sorry), always showing a response if there is one, and support for composite display name in the oauth config.
What's Changed
• Add Arabic locale support to i18n configuration by @Bilker1422 in #1289
• Userlist fixuserupdate by @mattwoberts in #1301
• Show "Open" post response if there is one by @mattwoberts in #1305
• Oauth composite name by @mattwoberts in #1299
• Build version update by @mattwoberts in #1302
Full Changelog: v0.26.0...v0.27.0
v0.26.0
Ok - we've got dark mode support now, and lot's of other goodies..
High-level overview
- Dark / Light mode support
- Much improved UI to assign posts to tags
- Support for RTL languages (Arabic for now)
- Language translation fixes, and Arabic language support
- A new UI for the sign-in modal - making it more modern looking
What's Changed According to Github
- Making the TagsPanel a custom Multi-Select component by @npham49 in #1276
- Don't show the edit link if no permissions. by @mattwoberts in #1278
- Sourcing the fonts from the inter NPM package by @mattwoberts in #1293
- Dark mode! by @mattwoberts in #1292
- Changed notification to use link by @mattwoberts in #1274
- Refactor SCSS for RTL Support by @Bilker1422 in #1291
- Theming tweaks by @mattwoberts in #1294
- Signin modal update. by @mattwoberts in #1275
New Contributors
- @Bilker1422 made their first contribution in #1291
Full Changelog: v0.25.0...v0.26.0
