IMPORTANT
- This update contains a Security Update which fix multiple XSS vulnerability and update the Content Security Policy.
- This update will drop the API key in favor to Authorization token.
As a result, once the migration is applied the old API token won't work anymore.
What's Changed
- Drop page support by @ildyria in #1489
- Add user and better structure to session json by @nagmat84 in #1443
- Move 'installation:complete' to web instead of per route by @ildyria in #1467
- Cleaning config table by @ildyria in #1491
- Update Exec.php by @corrilan in #1153
- Ensure that Admin rights are overloading others by @ildyria in #1508
- Improve config options by @qwerty287 in #1366
- Fixes #1514 by @nagmat84 in #1515
- Shared albums should not consider the
require_link
property. by @ildyria in #1480 - Improve API client usability by @qwerty287 in #1368
- Improve & fix CSP by @ildyria in #1528
- Fixes #1506 by @nagmat84 in #1516
- Remove use directive by @nagmat84 in #1537
- i18n(ES) by @joebordes in #1541
- i18n(EN) grammar and syntax detected by Grammarly by @joebordes in #1542
- Fix dead Installation/Build link in readme.md by @PeterDaveHello in #1543
- Typofixes by @nexxai in #1544
- Add an option to regenerate square thumbs by @kamil4 in #1545
- add exec check by @ildyria in #1540
- Add csp exceptions by @kamil4 in #1551
New Contributors
- @corrilan made their first contribution in #1153
- @joebordes made their first contribution in #1541
- @PeterDaveHello made their first contribution in #1543
- @nexxai made their first contribution in #1544
Full Changelog: v4.6.0...v4.6.1