We are happy to announce the availibility of the first (and hopefully last) Release Candidate for Serendipity 2.1.
We feel comfortable with suggesting you to try out this release in productive environments (of course always make a backup of your database and files first).
Serendipity 2.1 focusses on:
- Rewrites in some older legacy parts of the core (URL routing, template fallback chain, experimental internal caching) as well as PHP7 compatibility.
- New bundled responsive themes "Timeline" and "Clean-Blog"
- Improved usability of plugin upgrades by combining sidebar and event plugins and upgrading multiple plugins at once
- Permission checks for the dashboard output and comments
- Usability improvements to the media library, bulk moving support
- New API wrapper for URL downloads that plugins can use (serendipity_request_url)
- New Theme "Skeleton" (responsive, mobile first)
- Improved preview iframe handling
- Changes (simplifications) in template file routing for backend/frontend views, new smarty {getFile} function for theme authors
- (new for rc1) Ability to set a default posting category for an author
- (new for rc1) Improved security checks against CSRF attacks (comment moderation, comment toggling
- (new for rc1) Improved security for referrer redirection
- (new for rc1) Improved security for local file hotlinking
- (new for rc1) Fixed sorting media database by filename
Many thanks at this point (in no specific order) for Lee Sheldon Victor, cdxy, Edric Teo and Xu Yue for helping a lot in improving on security aspects of Serendipity.
You can download the release file and unzip it to your installation as usual.
(MD5: c17ff26cf22a46c4c340410842bdf913)