Announcements

Since the core Serendipity project is now maintained on github.com and every developer is quite happy about that, we decided to go the jquery-plugins route and delete all Serendipity plugins.

No, just kidding. We actually imported all data from the SourceForge.net CVS servers into the github infrastructure. The short version for normal end-users: Nothing should change for you!

https://github.com/s9y/additional_plugins

https://github.com/s9y/additional_themes

All current Serendipity developers also have access to those repositories to contribute code. Developers now no longer should commit code to CVS (actually, they can't, because I took all their committing karma *eg*).

The harder task for the Spartacus infrastructure service is the actual publishing of data. The Spartacus plugin operates on a PEAR-like XML format for each plugin, which luckily is automatically generated by a small shellscript which runs once daily on one of our webservers (emerge.sh). That script iterates on a checkout of all plugins and templates, creates the XML and uploads it to all mirror servers (currently netmirror.org, s9y.org and now also github.com).

Downloading the files also either works via the files that are uploaded daily to netmirror.org and s9y.org, or you always could use the SourceForge.net server, that published the file via a nasty ViewVC oddity. The spartacus plugin of the current github core code (version 2.25) now can also retrieve those files from the Github.com servers.

For all users that currently use the Spartacus plugin with the SourceForge.Net mirror, our daily script now pushes all changes in the GitHub tree also to CVS, so that both repositories *should* be kept in sync. This is done via the gitclone.sh and gitclone.php scripts in the additional_plugins repository, for anyone that's interested.

Most likely, something in this script won't work properly, so in the next days it might be that some glitches in the matrix can occur. In that case, please report issues and remain seated. Or buy christmas presents for your beloved. Or your beloved developers.

The Serendipity Team is proud to present the final release of Serendipity 1.6. We are steadily walking towards a Serendipity 2.0 release and would be happy about any developer who may want to join our cause. The list of things is available on http://www.s9y.org/238.html and open for discussion on the Serendipity Forums.

This new version mainly covers:

• Bundle jQuery by default to enable plugin and template authors to easier provide extended functionality to the frontend
• Support for templates, so that they can also use config-groups like plugins already have (added to bulletproof template)
• Templates can now enable core-provided options like a global navigation setup
• Fixed a bug in the automatic media database synchronization that did not properly add new files with the same basename but different file extensions
• Added a .htaccess parameter to prevent IE9 CSS-trouble
• API changes: Added "shortcuts" to commonly used constructs (language loading, hack protection)
• Several minor feature additions in plugins (Karma, Akismet, Mailer) and the core (comment subscriptions, multiple comment moderation)
• Fulltextsearch improvements with "*" expansion
• Added a "hidden" option for specific author groups, so that their members are not revealed on usual author listings by plugins etc.
• Fixes a backend XSS issue in the karma plugin and media database filtering, thanks to Stefan Schurtz!

The current release can be easily installed on any previous Serendipity installation. Just unpack, upload and visit your admin panel to perform possible database upgrades. Upon first login with an old password, Serendipity will store your old password in the new format - please be sure to make a backup of your Database prior to upgrading, and read the upgrade pointers on Upgrading Serendipity.

Also, this release marks our move from the closing BerliOS service (thanks for the great service during those years) on to our new GitHub repository. Contributions are welcome of course!

Have fun using Serendipity, and let us know on the Forums if you have any issues!

This is just a reference posting to indicate something important going on. Please read here on the process of the Serendipity source code repository being about to move to GitHub

Read the posting on the s9y forums

Serendipity's code repository is being hosted on BerliOS for several years. Their free service is now closing down, which means that Serendipity will move its versioning control to a new provider.

The current idea is to migrate SVN over to GitHub.com. This might even motivate some new contributors to get accustomed with the Serendipity core code and make contributing patches easier.

We are planning to move the code repository at the end of October and will keep you posted here. If there are people reading this who are well familiar with Git and especially SVN migration, please step up here or in the forums to help us in the process.

Asides from the SVN service, Serendipity is currently using this infrastructure:

• A self-hosted webserver providing a phpBB board on http://board.s9y.org. This is quite active and will stay in the future.
• A self-hosted wiki software on http://www.s9y.org/ that allows for a custom navigation and wiki documentation by users. We might switch this to another software, but are not happy with the way MediaWiki handles navigation. We'll see if GitHub is an option to power this.
• A self-hosted Serendipity installation on http://blog.s9y.org/
• The http://spartacus.s9y.org/ plugin and theme repository, hosted on SourceForge.Net
• The code repository for plugins and themes, also hosted on SourceForge.Net and maintained through CVS. Depending on the usage license of GitHub, we are looking into if we can merge plugins/templates and the Core code on GitHub.
• A issue tracker, hosted on SourceForge.net. We might utilize the GitHub-Tracker for this in the future.
• A mailinglist, that is not very active anymore, also hosted on SourceForge.Net. Since we favor the s9y forums, we might not further spend time on changing this mailinglist.

Christian Boltz notified us and provided a patch to fix the spartacus plugin properly being able to retrieve remote files. This became necessary when SourceForge.net changed their underlying structure.

If you are using Spartacus, you have several possibilities to fix this issue for you:

1: Manually download the updated plugin file plugins/ serendipity_event_spartacus/ serendipity_event_spartacus.php from here: serendipity_event_spartacus.php for Serendipity 1.6 / Development, serendipity_event_spartacus.php for Serendipity 1.5.

2: You can also simply configure your spartacus plugin and enable the use of Netmirror.org, or you can enter a custom mirror: http://php-blog.cvs.sourceforge.net/viewvc/php-blog/|http://netmirror.org/mirror/serendipity/

3: You can also simply edit your serendipity_event_spartacus.php file and replace all 2 occurences of the string *checkout* with viewvc.

Thanks to Christian for notifying us!

Thanks to Stefan Schurtz, who reported a XSS issue in the serendipity_event_freetag plugin (SSCHADV2011-004). The issue was fixed in version 3.22 of the plugin, you can fetch the update through Spartacus or download via Spartacus.s9y.org.

The bug was introduced in version 3.20 of the plugin. Users of the plugin should upgrade, as it allows malicious users to trick people into visiting a specially crafted link on your blog to steal cookie login information for example, if you click on such a link.