github sbrl/Pepperminty-Wiki v0.17-beta1
on GitHub

latest releases: v0.24, v0.24-beta1, v0.23...
pre-release5 years ago

It's been a while, but we're back with the first beta release on v0.17! It's a big one, with several security-related fixes. Here's a summary of changes:

  • Overhauled the password hashing system. Unfortunately this means you'll have to manually rehash everyone's passwords I recommend using the hash action. Suggestions to make this more secure are welcome!
  • Seriously optimised the search system, making it ~6x faster - and in the process fixing all remaining issues with unicode characters (finally!) 🎆
  • Made the site secret generator (the one that runs on initial setup) cryptographically secure (if you're concerned, use random.org to generate a new one)
  • Added HTTP/2.0 Server Push support!
  • Improved the history system a bit (mainly a "restore this revision" button, but there's also a new setting to limit the stored revisions too)

With that, here's the full changelog:

Known Issues

  • The automatic password rehashing appears to grow over time when it really shouldn't - causing slow logins. Set password_cost_time_interval to -1 if you have trouble (I'm investigate the cause of this).

Added

  • [Module API] Added save_settings() convenience method
  • [Rest API] Add user-add and set-password moderator actions
  • Added random_page_exclude_redirects setting that prevents the random action from returning redirect pages.
  • Added link to user table on the credits page
  • Added history reversion via the history-revert action
  • Added history_max_revisions setting to allow control of the maximum number of revisions stored for a page
    • Takes effect every time a page revision is added
  • Added page restore system
    • A previous page revision can be restored with a single click from the page history page
    • Added a new history_revert_require_moderator setting to control whether moderator privileges are required to use the functionality (regardless of setting a user must be logged in)
  • HTTP/2.0 Server Push support!
    • You'll need to make sure your web server has support turned on
    • The CSS file specified in the css setting (url path must begin with a forward-slash) and the favicon (must not be a data: url) are automatically pushed when rendering pages
    • 2 new settings have been added: http2_server_push for turning it on and off (defaults to on), and http2_server_push_items for specifying custom resources to push (in case you design your own theme and want to push down the associated resources)
    • More information about http2_server_push_items in particular is available on the configuration info page (when this release is out, of course. Until then, check out the description in peppermint.guiconfig.json)
  • Added <meta name='generator' /> tag to all pages

Fixed

  • Updated the search system to transliterate characters to better support searching pages that are written in other languages.
    • You'll want to rebuild your search index via the button in the configuration panel, or the invindex-rebuild action.
  • [Security] Made the site secret generator cryptographically secure. If you created your wiki before this change, you might want to change your site secret in peppermint.json to something more secure with a site like random.org.
  • [Module API] Fix full_url() logic
  • [Module API] Make email_user() correctly return email sending failures
  • Squashed a warning in the search redirector
  • The search redirector will now check both the specified page name and the page name in Title Case
  • Improve help text description of image captions displayed alongside images
  • Fixed the page history page - it should now display all page revisions in valid HTML
  • Fixed another bug in the search context generator
  • Display an ellipsis at the beginning of a search context if it doesn't start at the beginning of a page
  • Semicolons are no longer automatically included in greedy internal links.
  • Pressing enter in the tag box now correctly previews instead of performing a smart restore

Changed

  • Password hashing has been overhauled! A totally new-and-different system is being used now, so you'll need to rehash all your passwords.
    • The hash action supports the new password hashing scheme.
    • Added password_cost, password_cost_time, and password_cost_time_interval settings
    • password_cost is recalculated automatically every week by default (it keeps track of this via the password_cost_time_lastcheck 'setting')
  • The css setting will now keep a value of auto, even when peppermint.json is automatically updated by Pepperminty Wiki.
  • Optimised the search system a lot (#157 - ~2800ms searches now take ~450ms O.o)
    • Tuned the default value for search_characters_context down to 75 (this won't be the case for existing wikis, so you'll need to adjust it manually)
    • Added new search_characters_context_total setting to control the maximum characters in a search context
  • The index action's output should now be formatted nicely.
  • Restyled "matching tags" in the search results in the default stylesheet
  • Added moar icons to the nav / more menus. Delete the appropriate entries in peppermint.json to get the updated ones!
Check out latest releases or
releases around sbrl/Pepperminty-Wiki v0.17-beta1

Don't miss a new Pepperminty-Wiki release

NewReleases is sending notifications on new releases.

Get notifications