github open-wanderer/wanderer v0.19.0
on GitHub

10 hours ago

v0.19.0

Breaking Changes

  • Bulk uploads no longer use UPLOAD_USER / UPLOAD_PASSWORD authentication. Uploads now require an API token; files must be placed in a subfolder of the upload directory named after the respective API token. For more information checkout the documentation (PR #886).
  • Bulk uploads now run via a file watcher rather than on a cron schedule. Files placed in the upload folder while the container is not running will not be processed automatically. (PR #886)
  • External service URLs have been moved from public frontend variables to server-side variables: VALHALLA_URL, NOMINATIM_URL, OVERPASS_API_URL. The old PUBLIC_* variables remain as a fallback but should be migrated. (PR #697)
  • The waypoint data model has been extended for federation: waypoints now have an iri and reference their author via an ActivityPub actor. This only affects clients that access PocketBase collections directly, not the standard UI. (PR #930)
  • ActivityPub actor counters have been renamed to follower_count and following_count. This only affects clients that access PocketBase collections directly. (PR #930)
  • OpenAPI documentation is now generated from annotations and served as JSON (the YAML endpoint has been removed). (PR #927)

Security

  • HTML content in descriptions, comments, summit logs, waypoints, and profile bios is now sanitised on the server to reduce the risk of cross-site scripting (XSS). Some custom HTML may be stripped on save. (PR #930)
  • Anonymous user API endpoints have been removed. This only affects third-party applications that accessed user data without authentication. Regular users and the standard UI are unaffected. (PR #927)
  • Additional CSRF/SSRF protections and rate limiting have been implemented for ActivityPub and outbound network calls. (PR #930)

Features

  • Hammerhead integration added, including synchronisation of planned and completed tours, and manual trail sending. (PR #628)
  • The federation has been significantly expanded and refactored to provide more robust remote content synchronisation and local caching for remote trails and lists. (PR #930)
  • Trails can now be explicitly marked as completed. (PR #920)
  • Geotagged waypoint photos are now automatically merged into existing or nearby waypoints within the configured merge radius of the category. (PR #457)
  • The trail overview now has narrow and wide view modes, as well as improved multi-select. (PR #666, #921)
  • Trails can be copied directly and their visibility can be changed more easily. (PR #571)
  • External geocoding, routing, and Overpass calls now run on the server. (PR #697)
  • New setting: optionally start drawing a new trail from the current location. (PR #592)
  • GPX exports now include additional metadata for waypoints. (PR #919)
  • FIT import now uses a more compatible parser. (PR #884)
  • Frontpage performance has been improved. (PR #929)
  • 3D terrain rendering has been improved. (PR #881)
  • Improved saving of public lists. (PR #554)
  • Multiple trails can now be merged into one trail with multiple summit logs. This feature is also available as an automatic option when importing trails via an integration (PR #627)
  • API tokens have been added so that external tools and automations can interact with Wanderer. (PR #848)

Bug Fixes

  • Fixed broken WebFinger requests. (PR #966)
  • Theme detection fixed via corrected color-scheme query selector. (PR #957, thanks @mfortini)
  • Hillshading visibility on the map has been fixed. (PR #942)
  • Komoot sync now runs to completion. (PR #917, thanks @StefanSchloegl)
  • Komoot integration now handles invalid photos more robustly. (PR #941)
  • Mentions now work correctly when username and preferred_username differ. (PR #885)
  • Fixed avatar updates. (PR #870)
  • List descriptions in the selection modal are now fixed. (PR #869)
  • Fixed double GPX upload when creating a trail. (PR #969)
  • Fixed authentication issues after email change (PR #973)
  • Fixed help links. (PR #938)
  • Fixed a MapLibre layer manager issue that could prevent existing map layers from being tracked correctly after data updates. (PR #960, thanks @palhaland)
  • Fixed search endpoints returning invalid errors in some failure cases. (PR #961, thanks @palhaland)

Translation

  • The Norwegian translations have been updated. (PR #931, thanks @palhaland)

Maintenance

  • Meilisearch, PocketBase, Go, web/docs dependencies, CI actions, and Docker build setup updated.
Check out latest releases or
releases around open-wanderer/wanderer v0.19.0

Don't miss a new wanderer release

NewReleases is sending notifications on new releases.

Get notifications