Changelog for Isso ================== 0.10.5 (unreleased) ------------------- - Nothing changed yet. 0.10.4 (2016-04-12) ------------------- - fix wrapper attribute when using data-isso-require-mail="true", #238 - fix reponse for OPTIONS response on Python 3, #242 0.10.3 (2016-02-24) ------------------- - follow redirects, #193 0.10.2 (2016-02-21) ------------------- - fix getAttribute return value 0.10.1 (2016-02-06) ------------------- - fix empty author, email and website values when writing a comment 0.10 (2016-02-06) ----------------- - add new configuration section for hash handling. [hash] salt = Eech7co8Ohloopo9Ol6baimi algorithm = pbkdf2 You can customize the salt, choose different hash functions and tweak the parameters for PBKDF2. - Python 3.4+ validate TLS connections against the system's CA. Previously no validation was in place, see PEP-446__ for details. - add `fenced_code` and `no_intra_emphasis` to default configuration. Fenced code allows to write code without indentation using `~~~` delimiters (optionally with language identifier). Intra emphasis would compile `foo_bar_baz` to foobarbaz. This behavior is very confusing for users not knowing the Markdown spec in detail. - new configuration to require an email when submitting comments, #199. Set [guard] require-email = true and use `data-isso-require-email="true"` to enable this feature. Disabled by default. - new Bulgarian translation by sahwar, new Swedish translation by Gustav Näslund – #143, new Vietnamese translation by Đinh Xuân Sâm, new Croatian translation by streger, new Czech translation by Jan Chren - fix SMTP setup without credentials, #174 - version pin Misaka to 1.x, html5lib to 0.9999999 .. __: https://www.python.org/dev/peps/pep-0466/ 0.9.10 (2015-04-11) ------------------- - fix regression in SMTP authentication, #174 0.9.9 (2015-03-04) ------------------ - several Python 3.x related bugfixes - don't lose comment form if the server rejected the POST request, #144 - add localStorage fallback if QUOTA_EXCEEDED_ERR is thrown (e.g. Safari private browsing) - add '--empty-id' flag to Disqus import, because Disqus' export sucks - (re)gain compatibility with Werkzeug 0.8 and really old html5lib versions available in Debian Squeeze, #170 & #168 - add User-Agent when Isso requests the URL, an alternate way to #151 (add 'X-Isso' when requesting). 0.9.8 (2014-10-08) ------------------ - add compatibility with configparser==3.5.0b1, #128 0.9.7 (2014-09-25) ------------------ - fix SMTP authentication using CRAM-MD5 (incorrect usage of `smtplib`), #126 0.9.6 (2014-08-18) ------------------ - remember name, email and website in localStorage, #119 - add option to hide voting feature, #115 data-isso-vote="true|false" - remove email field from JSON responses This is a quite serious issue. For the identicon, an expensive hash is used to avoid the leakage of personal information like a real email address. A `git blame` reveals, the email has been unintenionally exposed since the very first release of Isso :-/ The testsuite now contains a dedicated test to prevent this error in the future. 0.9.5 (2014-08-10) ------------------ - prevent no-break space ( ) insertion to enable manual line breaks using two trailing spaces (as per Markdown convention), #112 - limit request size to 256 kb, #107 Previously unlimited or limited by proxy server). 256 kb is a rough approximation of the next database schema with comments limited to 65535 characters and additional fields. - add support for logging to file, #103 [general] log-file = - show timestamp when hovering