New "flags" option in the [markdown] section to customize
Misaka's Markdown HTML rendering.
By default, no flags are set.
```
[markup]
flags = skip-html, escape, hard-wrap
```
Update CHANGES.rst and add the section to the sample
isso.conf and isso-dev.conf
Automatically approve comments by an email address if that address has
had a comment approved within the last 6 months. No ownership verification
is done on the entered email address. This means that if someone is able
to guess correctly the email address used by a previously approved author,
they will be able to have their new comment auto-approved.
Merging @pellenilsson reply notification PR
* Added reply notification for commenter
* Removed debug info
* Bugfix
* Add notification column to database if needed
* Make SMTP connections thread safe
* Include link to comment in email notifications
* Implement opt-out for email notifications
* Fix faulty check for parent comment
* Support notifications also for replies
* Don't send notification when someone responds to his/her own comment
* Make unsubscribe work with notifications for replies
* Correct hash in 'unsubscribe' API example
* Introduce public-endpoint setting
* Fix whitespace issue
* Postpone notifications to users until comment has been approved by moderator
* New setting general.reply-notifications
* Add client-side configuration setting reply-notifications
* Documentation for reply notifications
On server-side, this can be enabled by providing a base URL to use to
build the full URL. Limit also becomes configurable. On client-side,
we need to add a switch to know whatever or not the additional link
can be displayed.
Store a random session key used to sign and verify comment ownership
once the database is initialized, not on every application startup.
Currently fixed session keys in [general] session-key are migrated into
the database on startup. The configuration parser will notice you about
the change and suggest you to remove this option.
The previous approach using a custom X-Custom header did work for the
client-side, but not for activation and deletion links. Now, you need
to add a `name = foo` option to the general section. `isso.dispatch`
then binds this configuration to /foo and can distinguish all API
calls without a special HTTP header.
Jelmer Vernooij