Announcing deprecated plugins

The s9y team has opted to deprecate a group of event and sidebar plugins and remove from the spartacus plugin repository. These plugins use services that no longer exist, are no longer required, no longer maintained etc. We may deprecate more plugins in the future in order to consolidate our plugin base further, but they need to be tested first.

Note that you can still use these plugins if you already have them installed or install them manually, but they will no longer be available through spartacus. You could also volunteer to “save” an umaintained plugin.

See the extended entry for a full list of plugins deprecated in this “wave”.

Continue reading "Announcing deprecated plugins"

Serendipity 2.1.1 released

Sadly a regression slipped into our Serendipity 2.1.0 release, which made it impossible to reset a plugin configuration variable to a FALSE/empty state and indicate the proper state in the plugin configuration. We have fixed this in 2.1.1 and changed the release announcement to point directly to 2.1.1.

Serendipity 2.1.0 released

We are happy to announce the availability of the final release for Serendipity 2.1.1.

Serendipity 2.1.1 focusses on:

  • Rewrites in some older legacy parts of the core (URL routing, template fallback chain, experimental internal caching) as well as PHP 7 compatibility.
  • New bundled responsive themes "Timeline" and "Clean-Blog"
  • Improved usability of plugin upgrades by combining sidebar and event plugins and upgrading multiple plugins at once
  • Permission checks for the dashboard output and comments
  • Usability improvements to the media library, bulk moving support
  • New API wrapper for URL downloads that plugins can use (serendipity_request_url)
  • New Theme "Skeleton" (responsive, mobile first)
  • Improved preview iframe handling
  • Changes (simplifications) in template file routing for backend/frontend views, new smarty {getFile} function for theme authors
  • (new for rc1) Ability to set a default posting category for an author
  • (new for rc1) Improved security checks against CSRF attacks (comment moderation, comment toggling
  • (new for rc1) Improved security for referrer redirection
  • (new for rc1) Improved security for local file hotlinking
  • (new for rc1) Fixed sorting media database by filename
  • (new for final release) Addressed some more PHP 7.1 issues, fixed bugs with missing token for installing plugins and deleting comments. We mainly tested PHP 7.0 compatibility, but PHP 7.1 should work too.
  • (2.1.1) Fixed displaying the proper plugin configuration value when set to false/empty.
  • Many thanks at this point (in no specific order) for Lee Sheldon Victor, cdxy, Edric Teo and Xu Yue for helping a lot in improving on security aspects of Serendipity.

    The next version of Serendipity will focus on supporting UTF8MB4 (for full emoji compatibiliy), responsive image insertion, consolidating our plugins. Our github issue tracker now also holds a new label "easyfix" which could be a great way of interested developers to get started with Serendipity and help us with development.

    You can download the release file and unzip it to your installation as usual.

    Serendipity 2.1 - First Release Candidate

    We are happy to announce the availibility of the first (and hopefully last) Release Candidate for Serendipity 2.1.

    We feel comfortable with suggesting you to try out this release in productive environments (of course always make a backup of your database and files first).

    Serendipity 2.1 focusses on:

    • Rewrites in some older legacy parts of the core (URL routing, template fallback chain, experimental internal caching) as well as PHP7 compatibility.
    • New bundled responsive themes "Timeline" and "Clean-Blog"
    • Improved usability of plugin upgrades by combining sidebar and event plugins and upgrading multiple plugins at once
    • Permission checks for the dashboard output and comments
    • Usability improvements to the media library, bulk moving support
    • New API wrapper for URL downloads that plugins can use (serendipity_request_url)
    • New Theme "Skeleton" (responsive, mobile first)
    • Improved preview iframe handling
    • Changes (simplifications) in template file routing for backend/frontend views, new smarty {getFile} function for theme authors
    • (new for rc1) Ability to set a default posting category for an author
    • (new for rc1) Improved security checks against CSRF attacks (comment moderation, comment toggling
    • (new for rc1) Improved security for referrer redirection
    • (new for rc1) Improved security for local file hotlinking
    • (new for rc1) Fixed sorting media database by filename

    Many thanks at this point (in no specific order) for Lee Sheldon Victor, cdxy, Edric Teo and Xu Yue for helping a lot in improving on security aspects of Serendipity.

    You can download the release file and unzip it to your installation as usual on our Github release tracker.

    A Serendipitous Birthday Present

    On March 29th in 2003, Jannis Hermanns officially renamed his jBlog to Serendipity. Now, 13 years later, we are still actively working on improving what was meant to be a simple and expansive blogging infrastructure.

    In April, we will have our second user/developer meetup in Germany (Essen) and hopefully decide on a couple of remaining issues for releasing version 2.1 of Serendipity and launching the currently "work in progress" version of docs.s9y.org. This new page will better present Serendipity and offer new and more streamlined documentation.

    A few years ago, a Serendipity Book was published in german language by Garvin Hicking, which was later open-sourced and put into our documentation repository. Out of this, our fellow core developer Ian (Timbalu) has put an awesome amount of time and effort into updating this german documentation for recent Serendipity versions.

    You can find this on docs.s9y.org/Book/ and you will see that it is still marked as "Draft" - which means, we would appreciate your feedback and input. We do hope to get this book translated to english at some point, any help on this is appreciated.

    On behalf of the team, many thanks to Ian (Timbalu) and we're excited to keep making Serendipity be a great blogging tool for your needs.

    Serendipity 2.0.3 released

    Happy new Year! Serendipity 2.0.3 has just been released to address a XSS security issue found and reported by Onur Yilmaz and Robert Abela from Netsparker.com. Thanks a lot for contacting us and working with us to address the issue.

    The issue only affects logged-in authors, where HTML can be inserted into the comment editing form when they click specially crafted links. Due to the required authentification we consider the issue of medium impact, but suggest everyone to perform the update.

    We are currently still working on an improved s9y.org presentation page and its documentation, as well as on the 2.1 branch of Serendipity - check out our current 2.1 changelog, if you are interested and willing to help testing!