All Versions
45
Latest Version
3.2
Avg Release Cycle
44 days
Latest Release
-

Changelog History
Page 1

  • v3.2 Changes

    ๐Ÿš€ Unreleased

    Major Features ^

    • TODO write something about new regform
    • TODO write something about privacy features
    • TODO write something about conference receipts

    Internationalization

    • Nothing so far

    ๐Ÿ‘Œ Improvements ^

    • Nothing so far

    ๐Ÿ›  Bugfixes ^

    • Nothing so far

    Internal Changes ^

    • Nothing so far

  • v3.1 Changes

    ๐Ÿš€ Unreleased

    Major Features ^

    • ๐Ÿ‘€ Category managers now see a log of all changes made to their category in a category log (similar to the event log). This log includes information about all events being created, deleted or moved in the category (:issue:2809, :pr:5029)
    • Besides letting everyone create events in a category or restricting it to specific users, categories now also support a moderation workflow which allows event managers to request moving an event to a category. Only once a category manager approves this request, the event is actually moved (:issue:2057, :pr:5013)
    • Admins now have the option to enable "Unlisted events", which are events that are not (yet) assigned to a category. Such events are only accessible to its creator and other users who have been granted access explicitly, and do not show up in any category's event listing (:issue:4294, :issue:5055, :pr:5023, :pr:5095)

    Internationalization

    • Nothing so far

    ๐Ÿ‘Œ Improvements ^

    • Send event reminders as individual emails with the recipient in the To field instead of using BCC (:issue:2318, :pr:5088)
    • Let event managers assign custom tags to registrations and filter the list of registrations by the presence or absence of specific tags (:issue:4948, :pr:5091)
    • ๐Ÿ‘ Allow importing registration invitations from a CSV file (:issue:3673, :pr:5108)
    • ๐Ÿ‘‰ Show event label on category overviews and in iCal event titles (:issue:5140, :pr:5143)
    • Let event managers view the final timetable even while in draft mode (:issue:5141, :pr:5145)
    • โž• Add option to export role members as CSV (:issue:5147, :pr:5156)
    • Include attachment checksums in API responses (:issue:5084, :pr:5169, thanks :user:avivace)
    • iCalendar invites now render nicely in Outlook (:pr:5178)
    • Envelope senders for emails can now be restricted to specific addresses/domains using the :data:SMTP_ALLOWED_SENDERS and :data:SMTP_SENDER_FALLBACK config settings (:issue:4837, :issue:2224, :issue:1877, :pr:5179)

    ๐Ÿ›  Bugfixes ^

    • ๐Ÿ›  Fix :data:CUSTOM_COUNTRIES not overriding names of existing countries (:pr:5183)
    • ๐Ÿ›  Fix error dialog when submitting an invited abstract without being logger in (:pr:5200)

    Internal Changes ^

    • Nothing so far

  • v3.0.4 Changes

    ๐Ÿš€ Unreleased

    ๐Ÿ‘Œ Improvements ^

    • ๐Ÿ‘ Allow external users in event/category ACLs (:pr:5146)

    ๐Ÿ›  Bugfixes ^

    • ๐Ÿ›  Fix editing service API calls using the service token (:pr:5170)
    • ๐Ÿ›  Fix excessive retries for Celery tasks with a retry wait time longer than 1 hour (:pr:5172)
  • v3.0.3 Changes

    ๐Ÿš€ Released on October 28, 2021

    ๐Ÿ”’ Security fixes ^

    • Protect authentication endpoints against CSRF login attacks (:pr:5099, thanks :user:omegak)

    ๐Ÿ‘Œ Improvements ^

    • ๐Ÿ‘Œ Support TLS certificates for SMTP authentication (:pr:5100, thanks :user:dweinholz)
    • โž• Add CSV/Excel contribution list exports containing affiliations (:issue:5114, :pr:5118)
    • Include program codes in contribution PDFs and spreadsheets (:pr:5126)
    • โž• Add an API for bulk-assigning contribution program codes programmatically (:issue:5115, :pr:5120)
    • โž• Add layout setting to show videoconferences on the main conference page (:pr:5124)

    ๐Ÿ›  Bugfixes ^

    • ๐Ÿ›  Fix certain registration list filters (checkin status & state) being combined with OR instead of AND (:pr:5101)
    • ๐Ÿ›  Fix translations not being taken into account in some places (:issue:5073, :pr:5105)
    • ๐Ÿ‘‰ Use correct/consistent field order for personal data fields in newly created registration forms
    • โœ‚ Remove deleted registration forms from ACLs (:issue:5130, :pr:5131, thanks :user:jbtwist)

    Internal Changes ^

    • Truncate file names to 150 characters to avoid hitting file system path limits (:pr:5116, thanks :user:vasantvohra)
  • v3.0.2 Changes

    ๐Ÿš€ Released on September 09, 2021

    ๐Ÿ›  Bugfixes ^

    • ๐Ÿ›  Fix JavaScript errors on the login page which caused problems when using multiple form-based login methods (e.g. LDAP and local Indico accounts)
  • v3.0.1 Changes

    ๐Ÿš€ Released on September 08, 2021

    ๐Ÿ‘Œ Improvements ^

    • ๐Ÿ‘ Allow filtering abstracts by custom fields having no value (:issue:5033, :pr:5034)
    • โž• Add support for syncing email addresses when logging in using external accounts (:pr:5035)
    • ๐Ÿ‘‰ Use more space-efficient QR code version in registration tickets (:pr:5052)
    • ๐Ÿ‘Œ Improve user experience when accessing an event restricted to registered participants while not logged in (:pr:5053)
    • When searching external users, prefer results with a name in case of multiple matches with the same email address (:pr:5066)
    • ๐Ÿ‘‰ Show program codes in additional places (:pr:5075)
    • Display localized country names (:issue:5070, :pr:5076)

    ๐Ÿ›  Bugfixes ^

    • ๐Ÿ‘‰ Show correct placeholders in date picker fields (:pr:5022)
    • 0๏ธโƒฃ Correctly preselect the default currency when creating a registration form
    • Do not notify registrants when a payment transaction is created in "pending" state
    • Keep the order of multi-choice options in registration summary (:issue:5020, :pr:5032)
    • Correctly handle relative URLs in PDF generation (:issue:5042, :pr:5044)
    • Render markdown in track descriptions in PDF generation (:issue:5043, :pr:5044)
    • ๐Ÿ›  Fix error when importing chairpersons from an existing event (:pr:5047)
    • ๐Ÿ›  Fix broken timetable entry permalinks when query string args are present (:pr:5049)
    • Do not show "Payments" event management menu entry for registration managers (:issue:5072)
    • Replace some hardcoded date formats with locale-aware ones (:issue:5059, :pr:5071)
    • ๐Ÿ‘ฏ Clone the scientific program description together with tracks (:pr:5077)
    • ๐Ÿ›  Fix database error when importing registrations to an event that already contains a deleted registration form with registrations (:pr:5078)

    Internal Changes ^

    • Add event.before_check_registration_email signal (:pr:5021, thanks :user:omegak)
    • Do not strip image maps in places where HTML is allowed (:pr:5026, thanks :user:bpedersen2)
    • Add event.registration.after_registration_form_clone signal (:pr:5037, thanks :user:vasantvohra)
    • โž• Add registration-invite-options template hook (:pr:5045, thanks :user:vasantvohra)
    • ๐Ÿ›  Fix Typeahead widget not working with extra validators (:issue:5048, :pr:5050, thanks :user:jbtwist)
  • v3.0 Changes

    ๐Ÿš€ Unreleased

    Major Features ^

    • There is a new built-in search module which provides basic search functionality out of the box, and for more advanced needs (such as full text search in uploaded files) plugins can provide their own search functionality (e.g. using ElasticSearch). (:pr:4841)
    • The OAuth provider module has been re-implemented based on a more modern library (authlib). Support for the somewhat insecure implicit flow has been removed in favor of the code-with-PKCE flow. Tokens are now stored more securely as a hash instead of plaintext. For a given user/app/scope combination, only a certain amount of tokens are stored; once the limit has been reached older tokens will be discarded. The OAuth provider now exposes its metadata via a well-known URI (RFC 8414) and also has endpoints to introspect or revoke a token. (:issue:4685, :pr:4798)

    ๐Ÿ‘Œ Improvements ^

    • Categories may now contain both events and subcategories at the same time (:issue:4679, :pr:4725, :pr:4757)
    • ๐Ÿ‘‰ Show the user's profile picture in many more places (:issue:4625, :pr:4747)
    • ๐Ÿ‘‰ Use a more modern search dialog when searching for users (:issue:4674, :pr:4743)
    • โž• Add an option to refresh event person data from the underlying user when cloning an event (:issue:4750, :pr:4760)
    • โž• Add options for attaching iCal files to complete registration and event reminder emails (:issue:1158, :pr:4780)
    • ๐Ÿ‘‰ Use the new token-based URLs instead of API keys for persistent ical links and replace the calendar link widgets in category, event, session and contribution views with the more modern ones used in dashboard (:issue:4776, :pr:4801)
    • โž• Add an option to export editables to JSON (:issue:4767, :pr:4810)
    • โž• Add an option to export paper peer reviewing data to JSON (:issue:4767, :pr:4818)
    • Passwords are now checked against a list of breached passwords ("Have I Been Pwned") in a secure and anonymous way that does not disclose any data. If a user logs in with an insecure password, they are forced to change it before they can continue using Indico (:pr:4817)
    • Failed login attempts now trigger rate limiting to prevent brute-force attacks (:issue:1550, :pr:4817)
    • ๐Ÿ‘ Allow filtering the "Participant Roles" page by users who have not registered for the event (:issue:4763, :pr:4822)
    • iCalendar exports now include contact data, event logo URL and, when exporting sessions/contributions, the UID of the related event. Also, only non-empty fields are exported. (:issue:4785, :issue:4586, :issue:4587, :issue:4791, :pr:4820)
    • ๐Ÿ‘ Allow adding groups/roles as "authorized abstract submitters" (:pr:4834)
    • Direct links to (sub-)contributions in meetings using the URLs usually meant for conferences now redirect to the meeting view page (:pr:4847)
    • Use a more compact setup QR code for the mobile Indico check-in app; the latest version of the app is now required. (:pr:4844)
    • Contribution duration fields now use a widget similar to the time picker that makes selecting durations easier. (:issue:2462, :pr:4873)
    • โž• Add new meeting themes that show sequential numbers instead of start times for contributions (:pr:4899)
    • โœ‚ Remove the very outdated "Compact style" theme (it's still available via the themes_legacy plugin) (:issue:4900, :pr:4899)

    ๐Ÿ›  Bugfixes ^

    • Take registrations of users who are only members of a custom event role into account on the "Participant Roles" page (:pr:4822)
    • Fail gracefully during registration import when two rows have different emails that belong to the same user (:pr:4823)
    • ๐Ÿ‘€ Restore the ability to see who's inheriting access from a parent object (:pr:4833)
    • ๐Ÿ›  Fix misleading message when cancelling a booking that already started and has past occurrences that won't be cancelled (:issue:4719, :pr:4861)

    Internal Changes ^

    • ๐Ÿ‘ Require Python 3.9 - older Python versions (especially Python 2.7) are no longer supported
    • confId has been changed to event_id and the corresponding URL path segments now enforce numeric data (and thus pass the id as a number instead of string)
    • ๐Ÿšš CACHE_BACKEND has been removed; Indico now always uses Redis for caching
    • ๐Ÿšš The integration with flower (celery monitoring tool) has been removed as it was not widely used, did not provide much benefit, and it is no longer compatible with the latest Celery version
    • session.user now returns the user related to the current request, regardless of whether it's coming from OAuth, a signed url or the actual session (:pr:4803)
    • Add a new check_password_secure signal that can be used to implement additional password security checks (:pr:4817)
    • โž• Add an endpoint to let external applications stage the creation of an event with some data to be pre-filled when the user then opens the link returned by that endpoint (:pr:4628, thanks :user:adl1995)

  • v3.0.rc2 Changes

    ๐Ÿš€ Released on July 09, 2021

    Major Features ^

    • โž• Add support for personal tokens. These tokens act like OAuth tokens, but are associated with a specific user and generated manually without the need of doing the OAuth flow. They can be used like API keys but with better granularity using the same scopes OAuth applications have, and a single user can have multiple tokens using various scopes. By default any user can create such tokens, but admins can restrict their creation. (:issue:1934, :pr:4976)

    ๐Ÿ‘Œ Improvements ^

    • โž• Add abstract content to the abstract list customization options (:pr:4968)
    • โž• Add CLI option to create a series (:pr:4969)
    • ๐ŸŒฒ Users cannot submit multiple anonymous surveys anymore by logging out and in again (:issue:4693, :pr:4970)
    • ๐Ÿ‘Œ Improve reviewing state display for paper reviewers (:issue:4979, :pr:4984)
    • ๐Ÿ‘‰ Make it clearer if the contributions/timetable of a conference are still in draft mode (:issue:4977, :pr:4986)
    • โž• Add "send to speakers" option in event reminders (:issue:4958, :pr:4966, thanks :user:Naveenaidu)
    • ๐Ÿ‘ Allow displaying all events descending from a category (:issue:4982, :pr:4983, thanks :user:omegak and :user:openprojects).
    • โž• Add an option to allow non-judge conveners to update an abstract track (:pr:4989)

    ๐Ÿ›  Bugfixes ^

    • ๐Ÿ›  Fix errors when importing events containing abstracts or event roles from a YAML dump (:pr:4995)
    • ๐Ÿ›  Fix sorting abstract notification rules (:pr:4998)
    • No longer silently fall back to the first event contact email address when sending registration emails where no explicit sender address has been configured (:issue:4992, :pr:4996, thanks :user:vasantvohra)
    • Do not check for event access when using a registration link with a registration token (:issue:4991, :pr:4997, thanks :user:vasantvohra)
  • v3.0.rc1 Changes

    ๐Ÿš€ Released on June 25, 2021

    Major Features ^

    • There is a new built-in search module which provides basic search functionality out of the box, and for more advanced needs (such as full text search in uploaded files) plugins can provide their own search functionality (e.g. using ElasticSearch). (:pr:4841)
    • Categories may now contain both events and subcategories at the same time. During the upgrade to 3.0 event creation is automatically set to restricted in all categories containing subcategories in order to avoid any negative surprises which would suddenly allow random Indico users to create events in places where they couldn't do so previously. (:issue:4679, :pr:4725, :pr:4757)
    • The OAuth provider module has been re-implemented based on a more modern library (authlib). Support for the somewhat insecure implicit flow has been removed in favor of the code-with-PKCE flow. Tokens are now stored more securely as a hash instead of plaintext. For a given user/app/scope combination, only a certain amount of tokens are stored; once the limit has been reached older tokens will be discarded. The OAuth provider now exposes its metadata via a well-known URI (RFC 8414) and also has endpoints to introspect or revoke a token. (:issue:4685, :pr:4798)
    • ๐Ÿ‘‰ User profile pictures (avatars) are now shown in many more places throughout Indico, such as user search results, meeting participant lists and reviewing timelines. (:issue:4625, :pr:4747, :pr:4939)

    Internationalization

    • ๐Ÿ†• New locale: English (United States)
    • ๐Ÿ†• New translation: Turkish

    ๐Ÿ‘Œ Improvements ^

    • ๐Ÿ‘‰ Use a more modern search dialog when searching for users (:issue:4674, :pr:4743)
    • โž• Add an option to refresh event person data from the underlying user when cloning an event (:issue:4750, :pr:4760)
    • โž• Add options for attaching iCal files to complete registration and event reminder emails (:issue:1158, :pr:4780)
    • ๐Ÿ‘‰ Use the new token-based URLs instead of API keys for persistent ical links and replace the calendar link widgets in category, event, session and contribution views with the more modern ones used in dashboard (:issue:4776, :pr:4801)
    • โž• Add an option to export editables to JSON (:issue:4767, :pr:4810)
    • โž• Add an option to export paper peer reviewing data to JSON (:issue:4767, :pr:4818)
    • Passwords are now checked against a list of breached passwords ("Have I Been Pwned") in a secure and anonymous way that does not disclose any data. If a user logs in with an insecure password, they are forced to change it before they can continue using Indico (:pr:4817)
    • Failed login attempts now trigger rate limiting to prevent brute-force attacks (:issue:1550, :pr:4817)
    • ๐Ÿ‘ Allow filtering the "Participant Roles" page by users who have not registered for the event (:issue:4763, :pr:4822)
    • iCalendar exports now include contact data, event logo URL and, when exporting sessions/contributions, the UID of the related event. Also, only non-empty fields are exported. (:issue:4785, :issue:4586, :issue:4587, :issue:4791, :pr:4820)
    • ๐Ÿ‘ Allow adding groups/roles as "authorized abstract submitters" (:pr:4834)
    • Direct links to (sub-)contributions in meetings using the URLs usually meant for conferences now redirect to the meeting view page (:pr:4847)
    • Use a more compact setup QR code for the mobile Indico check-in app; the latest version of the app is now required. (:pr:4844)
    • Contribution duration fields now use a widget similar to the time picker that makes selecting durations easier. (:issue:2462, :pr:4873)
    • โž• Add new meeting themes that show sequential numbers instead of start times for contributions (:pr:4899)
    • โœ‚ Remove the very outdated "Compact style" theme (it's still available via the themes_legacy plugin) (:issue:4900, :pr:4899)
    • ๐Ÿ‘Œ Support cloning surveys when cloning events (:issue:2045, :pr:4910)
    • ๐Ÿ‘‰ Show external contribution references in conferences (:issue:4928, :pr:4933)
    • ๐Ÿ‘ Allow changing the rating scale in abstract/paper reviewing even after reviewing started (:pr:4942)
    • ๐Ÿ‘ Allow blacklisting email addresses for user registrations (:issue:4644, :pr:4946)

    ๐Ÿ›  Bugfixes ^

    • Take registrations of users who are only members of a custom event role into account on the "Participant Roles" page (:pr:4822)
    • Fail gracefully during registration import when two rows have different emails that belong to the same user (:pr:4823)
    • ๐Ÿ‘€ Restore the ability to see who's inheriting access from a parent object (:pr:4833)
    • ๐Ÿ›  Fix misleading message when cancelling a booking that already started and has past occurrences that won't be cancelled (:issue:4719, :pr:4861)
    • Correctly count line breaks in length-limited abstracts (:pr:4918)
    • ๐Ÿ›  Fix error when trying to access subcontributions while event is in draft mode
    • โšก๏ธ Update the user link in registrations when merging two users (:pr:4936)
    • ๐Ÿ›  Fix error when exporting a conference timetable PDF with the option "Print abstract content of all contributions" and one of the abstracts is too big to fit in a page (:issue:4881, :pr:4955)
    • ๐ŸŒฒ Emails sent via the Editing module are now logged to the event log (:pr:4960)
    • ๐Ÿ›  Fix error when importing event notes from another event while the target event already has a deleted note (:pr:4959)

    Internal Changes ^

    • ๐Ÿ‘ Require Python 3.9 - older Python versions (especially Python 2.7) are no longer supported
    • confId has been changed to event_id and the corresponding URL path segments now enforce numeric data (and thus pass the id as a number instead of string)
    • ๐Ÿšš CACHE_BACKEND has been removed; Indico now always uses Redis for caching
    • ๐Ÿšš The integration with flower (celery monitoring tool) has been removed as it was not widely used, did not provide much benefit, and it is no longer compatible with the latest Celery version
    • session.user now returns the user related to the current request, regardless of whether it's coming from OAuth, a signed url or the actual session (:pr:4803)
    • Add a new check_password_secure signal that can be used to implement additional password security checks (:pr:4817)
    • โž• Add an endpoint to let external applications stage the creation of an event with some data to be pre-filled when the user then opens the link returned by that endpoint (:pr:4628, thanks :user:adl1995)

  • v2.3.6 Changes

    ๐Ÿš€ Unreleased

    ๐Ÿ›  Bugfixes ^

    • None so far :)