Summary
There's a few important security updates in this release, so for that reason I'd recommend you update asap.
Some other pretty big changes - the "open core licensing" model that we started to move towards was aborted, and we moved back to making everything FULLY open source 🎉 See the discussion for more about that --> #1477
As well as that, we've got some minor fixes, and @JimKnoxx has been busy contributing some good stuff (thanks again!)
What's Changed
- Batch safe dependency updates by @mattwoberts in #1479
- Show voted indicator on homepage post list + complete Polish translations by @lol2x in #1482
- Fix authenticated arbitrary blob overwrite vulnerability by @mattwoberts in #1497
- fix: prevent XSS in markdown rendering and ATOM feed by @mattwoberts in #1495
- Fix SSRF vulnerability in webhook URLs by @mattwoberts in #1494
- Added import and export for tags by @JimKnoxx in #1480
- Bump Go to 1.25 and update dependencies by @mattwoberts in #1498
- Fix DoS via unbounded HTTP response body read by @mattwoberts in #1499
- Remove open core licensing model by @mattwoberts in #1483
- Added an optional OAUTH_ALLOWED_ROLES environment variable by @JimKnoxx in #1463
- Add Traditional Chinese (zh-TW) language support by @HansHans135 in #1488
- fix: use 'zh' MessageFormatCode for Chinese (Traditional) by @partylogo in #1511
- Fixed users tab in administrative view not being highlighted when active by @JimKnoxx in #1507
- Add Fider version to Powered by Fider by @JimKnoxx in #1505
- Fixing quote functionality, adding quote icon to the comment editor by @JimKnoxx in #1504
New Contributors
- @HansHans135 made their first contribution in #1488
- @partylogo made their first contribution in #1511
Full Changelog: v0.33.0...v0.34.0