Publify 8.1.1 – Rails 4 bug fix

Short after pushing 8.1.0, we’re releasing a quick bugfix one. We’re obviously too serious about “release early, release often”.

#497 Publishing breaks before adding tags and publishing time.

#498 Pages and articles editor appears on 2 lines only

#499 Autosave is broken on PostgreSQL

Download Publify 8.1.1

Published on 17/09/2014 at 20h37 by Frédéric de Villamil, tags

Publify 8.1.0

That was fast! Only 3 days after Publify 8.0.2 went live, we’re pushing a new 8.1.0 version.

This version does one thing: it migrates Publify from Rails 3.2 to 4.1.

It does not seem a lot, but there was actually a tremendous work from Matijs and Thomas to make it possible.

You may not be aware of it, but Publify is as old as open source Rails itself, and not only did they make our old code work under the latest version of our favorite framework, but they also modernized huge parts of our code.

It’s now time for them to take some rest, and for us to pick up the feature we want to see in the next version. Stay tuned!

Download Publify 8.1.0

Published on 17/09/2014 at 16h22 by Frédéric de Villamil, tags

Release of Publify 8.0.2

Hello world,

We’re thrilled to announce the release of Publify 8.0.2. This is the last release before we migrate to Rails 4, and mostly a bug fix one. It fixes a denial of service security breach, so we highly recommend updating.

As usual, we want to thank our contributors. For this release, they are Alexander Markov, Benoit C. Sirois, Hans de Graaff, Soon Van, Tor Helland and Nicolas Bianco.

CVE-2014-3211

Très Acton has discovered a risk of denial of service by memory exhaustion in the way Publify comments user input are parsed.

Other squashed bugs

#423 , #474: When using the more tag, articles content is displayed twice.

#428 The editor save bar jumps up and down when typing with inconsistent behavior.

#429: The help messages can’t be hidden.

#431: Avatars in the dashboard last comments block are not inline with the comment.

#432: Dashboard inbound links widget is broken.

#433: The admin / content search does not bring anything back.

#442,#453: The content and page editor layout are not consistent.

#443: When creating a post, tags are shown in white on white.

#444: The articles date picker does not allow to change the time the article is published.

#445: Using the articles date picker results in a 500 error.

#447: Marking content as spam using the thumb icon results in a 500 error.

#454: Media library: the JS refactoring removed the lightbox.

#455, #473: Admin / sidebar: trying to remove a sidebar item does not work.

#456: Admin / sidebar: the help box should be in a blue block.

#475: Lots of unused assets to clear.

#482: Cancel links are not displayed correctly.

#488: File upload is broken.

Link caching issue (All cached links are the same basically).

Use a relative image path for blogs installed outside of the site root.

Archive page is not cached.

Feature and improvement

Improved Russian, Norwegian and French translations.

Upgraded to Rails 3.2.18.

Added support for a human.txt.

Published on 15/09/2014 at 09h26 by Frédéric de Villamil, tags

Typo 6.1.4 (get your booty on the floor)

It’s been only 2 weeks since we released Typo 6.1.3 and Typo 6.1.4 is already here. 2 weeks ago, we were sure that Typo was stable enough to ensure a long term release while we would work on our new major release.

3 things prevented us to do so.

First, a new Rails version was released with another important security fix. Typo 6.1.4 comes with that fix so you should definitely upgrade.

Second, we had the opportunity to fix some bugs, and that was another very good reason to release.

Three, we have done a huge documentation effort lately, and we thought it would be a good idea to have it released as well. The doc is now used to automatically deploy our Web Site on typosphere.org. Oh, and we’ve also changed our Twitter account, you can now follow us on @gettypo.

Once again, we’d like to thank our contributors Marcel M. Cary, Nicolas Blanco and randomecho for their… contribution to Typo.

Fixed bugs

Moved #defaulttextfilter so Trackback can use it (Marcel M. Cary).

Fixed typo news and latest posts date format with distanceoftimeinwords (Marcel M. Cary)

Fixed Heroku deployment Gemfile (Nicolas Blanco)

Fixes a bug where already published articles publication date would be changed by autosave (issue 141).

Fixed secret token generation on existing blog (issue 142).

Fixed an issue where textfilter showed always as ‘none’, even if set before to markdown (issue 69).

Published on 12/02/2013 at 19h48 by Frédéric de Villamil, tags

History repeating : release of Typo 6.1.3

I love how History tricks you by repeating itself. There’s a lot of irony in the way insignificant events build the perfect running gag in real life. 9 years ago, Tobias Luetke started Typo in a Starbucks because of a typo in his calendar. Today, I was in a Starbucks releasing Typo 6.1.3 because of a glitch in my agenda. History repeating.

I love free software communities too, when it stops arguing about politics and trolling licences to focus on code and releasing software for the fun of it.

Open source world is wonderful. The more active a project, the more contributors it find. Exactly 2 years ago, I was writing (in French) about how Github would kill open source software communities. I still believe a single word of it, even though Github is amazing to make project activity more visible. Typo has 1180 forks and is followed by 858 people without advertising about it. Latest release happened 2 weeks ago, and we had more contribution that I would have expected from 4 great contributors : Nicolas Bianco, Soon Van, Mcary, and Diego Elio Pettenò, who’s been packaging Typo on Gentoo for years.

Typo 6.1.3 is probably the latest of the 6.1 series, and a bug fixing only release. We’re now going to work on Typo 6.2, a feature based release.

Changelog

For a comprehensive list of fixes, please refer to Typo 6.1.3 Changelog.

The biggest contribution was pushed by Nicolas Bianco. It fixes file upload on Amazon S3. His work andgreat ideas make Typo easier to use on Heroku than ever.

Soon Van has been doing a great work on i18n, documentation and interface consistency.

Diego Elio Pettenò fixed various plugins and text filters that make use of Flickr API.

Mcary fixed live search plugin and behavior consistency within the admin interface.

Closed tickets

Ticket nº86 : Media list did not reload after uploading a resource.

Ticket nº103 : Fixes a security issue by changing the scret token at setup time. Displays a warning message when default secret token is used.

Ticket nº123 : fixes the links available on the dashboard for both contributors and publishers.

Ticket nº124 : Fixes the html editor look and feel when the window gets too small.

Ticket nº129 : the default theme would not take all the blog options into account.

Published on 01/02/2013 at 08h06 by Frédéric de Villamil, tags

Typo 6.1.2 Remi Ochlik – CRITICAL SECURITY AND BUG FIXES

It’s been a while since you haven’t heard of us, and we first wanted to wish you a happy new year. As 2013 is starting, we’re happy to release Typo 6.1.2, the second of the Remi Ochlik series, nammed after a French photographer who was killed in Syria a few days after getting a World Press Photo, the most prestigious award for photojournalists.

This new Typo release comes with a major security bugfix that affects every Ruby on Rails version so far, and make your hosting vulnerable. If you’ve been using a prior Typo version, then it’s time for you to upgrade as soon as possible. This is mission critical, no kidding.

Download Typo 6.1.2.

New feature and improvements

Typo 6.1.2 is the first one to run out of the box on a Heroku instance. You just need to change the config/storage.yml file to switch to Amazon S3. This will make Typo deployment much more easier, and we plan to make it even more simple in the next few months.

Typo’s been translated in a few more language, we’re happy to welcome the Norvegian and Simple Chinese versions. Other translations have been improved as well.

The possibility of Typo sidebar plugins have been extended with the possibility to add new settings on existing plugins without reloading them.

Bug fixes

This version also provides the usual bug fixes:

A bug in the article list within the admin has been fixed. Selecting “all articles” would not display drafts.

Some usability issues regarding the menu highlight have also been fixed.

Solves an issue where the SEO titles would not be saved when submitting the form.

Autosave when using the visual editor has also been saved.

Published on 18/01/2013 at 22h42 by Frédéric de Villamil, tags

Release of Typo 6.1 Remi Ochlik

After a few months of musing, working and slacking, and a few commits too, we’re proud to announce the release of Typo 6.1 “Rémi Ochlik”. Rémi Ochlik was a French photographer who was killed in Syria a few days after getting a World Press Photo, the most prestigious award for photojournalists.

Typo 6.1.0 is the first release designed for Ruby 1.9 only, and the last one for Rails 3.0 series. Oh, and it’s still not running on Heroku even though some people managed to do it with some limitations.

As usual, you can download Typo 6.1 as a zip or tarball file, and give it a try on our demo site.

What’s new?

This release was meant to be dedicated to bug fixing and improving our base code. It also comes with a few nice feature.

Bootstraped, a new default theme

True Blue 3 is not our default theme anymore. It was replaced by Bootstraped, a new Twitter Bootstrap 2 based theme. Bootstraped is meant to be an easy to use framework for theme developers to create new templates. The choice of Bootstrap was an easy one, as none of us is a designed.

Bootstraped theme

A redesigned back office

The administration was also revamped with Twitter Bootstrap. It’s still running Bootstrap 1.4, as 2.0 was released after we finished the work. Swithcing would have delayed this release too much.

The new editor

The new editor, easier to use with more visibility.

The comments listing

The comments listing. The color pills make knowing what’s what easier.

Other feature

Initial database loading: users don’t have to run rake db:migrate when starting Typo for the first time. Trying to connect to the blog loads the database schema and data.

CKEditor was upgraded to 3.6.2. It now supports modern browsers and is a bit more stable.

User can now create categories within the editor.

Fully customizable 404 pages.

URL shortener can now be used to external links, always better to promote your brand.

Added a per state filtering on articles and draft listing: default (everything but draft), published articles, drafts, publication pending, withdrawn

Added custom permalinks for categories.

Gone feature

If you don’t use them, drop them! We’ve removed a few feature from Typo. Some of them will come back later, some not.

So long Typogarden and thank you for the fish

Typogarden is no more. We’ve lost the domain, which ended its long and painful agony. All these themes were a hastle to maintain, most of them were designed back in 2005, and no one had the time to care about them. This also means no more theme catalogue, which was removed from the admin.

Typogarden will come back under another form, maybe as a featured theme catalogue with the most up to date Typo themes.

No more complicated categories interfaces

We’ve removed the Javascript based category reorder interface. Categories are now be ordered by name, which looks like the most likely way to do it. This is a first step to sub categories as the order interface prevented from having them.

Bye bye theme editor

A theme editor is a great ad handy thing when it’s complete and actually working. This one was working but not complete and practical enough to be left as is. We had the choice between fixing it and removing it. It will probably come back later, under another form.

Squashed bugs

We’ve fixed a bunch of bugs, some of them being reported by you, some of them discovered by use.

Closed issues

Issue #46: Fixed comments management bulk operations.

Issues #48, #55: ActionView::Template::Error (settings was supposed to be a Hash, but was a String).

Issue #57: Fixed CKEditor file upload.

Issue #62: Fixed redirects not being correctly updated when updating a permalink.

Serendipity

Fixed the way permalinks are generated.

Fixed switching back and fort between simple and visual editor.

Now using publishedat, not createdat to determine when comments shall be closed.

Fixed a bug with controllers having empty indexes rendering errors.

Fixed a bug setting up a post as published everytime you edit it even for a draft.

Fixed comment moderation when using Akismet.

Fixed comments filtering when not running Typo in English.

Fixed autosave buttons display.

Now causes bundler to fail when database.yml does not exist.

Avoids accidentally loading old drafts.

Published on 17/03/2012 at 15h55 by Frédéric de Villamil, tags

Typo 6.0.9 for Rails 3.0.10 – security fixes

We’re releasing tonight Typo 6.0.9 as Rails 3.0.10 brought many critical security fixes that would affect Typo, which means you really should upgrade now. This version also brings a couple of improvement some bug squashing and Yannick’s usual refactoring and performances tweaking.

You can download Typo as a zip file or a tarball.

The security issues addressed by Rails 3.0.10 are:

  • Filter Skipping bugs
  • SQL Injection issues
  • Parse error in strip_tags
  • UTF-8 escaping vulnerability

Improvements:

It’s now possible to create a new category within the article editor. This quite useful feature brings Thomas back from the dead and this makes us very happy.

Squashed bugs:

Displaying a password protected article within a category would make Typo crash when using the default layouts.

Using Typo standard live search views in a theme would make the application crash.

Issue #42: creating a new user from the administration crashes the application.

Fixes an issue with Redcloth 4.2.7.

Issue #39: Time.parse apparently hiccups when the timestamp string contains “GMT+0000 (UTC)”

Fixes a bug where attachment thumbnails would not be created at upload from the editor and API.

Fixes a bug in the new sanitization module when running under Ruby 1.9.2.

Once again, we want to thank the growing Typo community for their help on improving their favourite blogging engine (at least we hope so), and, in particular Huy Dinh for fixing some too long existing bugs.

Published on 01/09/2011 at 16h53 by Frédéric de Villamil, tags

Release of Typo 6.0.8 - Bug Fixes

Being the eighth of the Irving Penn series, this new Typo release comes only 3 days after the latest one, but it fixes a bunch of serious bugs that were discovered while using Typo 6.0.7 in the wild.

As usual you can download Typo 6.0.8 at the usual place, and give it a try on our demo site.

Adding per tags and categories templates

Typo is now able to provide a different template according to the category and tag you visit. This is useful for some sites which need such a level of customization. To use them, just add a views/categories/category-permalink.html.erb or a views/categories/category-permalink.html.erb file in your theme. Typo will use that file when displaying this category.

Bug fixes

Fixes a bug in the meta title generation when displaying an article, a category or a tag.

Fixes the custom tracking field making the site crashing when used.

Fixes a bug on tags removal not working.

Moving our bug tracker to Github

We’ve decided to move our bug tracker from Lighthouse to Github. In the past years, Github ticketing system has gained in feature and maturity while Lighthouse has been stalling, not being really convenient to use. This move allows us to centralize our tools in a single place. The new bug reporting place is now https://github.com/fdv/typo/issues

It’s been the third release in 11 days, but thanks to all our beta testers, I hope it’s the latest bugfix one. We want to thank in alphabetical order Mitch Pirtle, Lars Tobias Skjong-Børsting, Mathieu Poussin and Rhaamo for their bug hunting operation.

Published on 13/08/2011 at 09h12 by Frédéric de Villamil, tags

Release of Typo 6.0.7 - Bug Fixes

After releasing Typo 6.0.6, we realized that we left a few critical bugs unfixed. It seems that none of us actually ran our tests against Ruby 1.9.2, and things that were working under certain circumstances were breaking against a different environment.

So this release provides nothing bug bug fixing, which is not so bad, after all.

File upload was completely broken due to a behavior change in ActionDispatch::Http::UploadedFile between Rails 3.0.2 and Rails 3.0.3. File upload in itself is pretty hard to test, and we failed at this point.

Image resize was completely broken too due to a version change of minimagick. Reverting back to minimagick 1.3.3 did the trick.

Under PostgreSQL, initial migration would set an empty post_type despite a default set to read. It seems that PostgreSQL won’t fill the field value when created with existing inserts.

Mathieu Poussin added Recaptcha support on all bundled themes.

Pages view was broken under Ruby 1.9.2 due to an encoding issue. There was also an encoding bug in post_type edition and creation.

Despite extensive testing, pagination was broken due to a buggy will_paginate 3.0.4 beta. Reverting to 3.0.2 did the job.

Last but not least, a change in the way Google handles RSS queries caused dashboard load to take ages.

That’s all (for now). We’ll try to to better this time.

Published on 10/08/2011 at 18h03 by Frédéric de Villamil, tags

Powered by Publify – Thème Frédéric de Villamil | Photo Starup stock photos