Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

ikiwiki-w3m-3.20200202.3-2.7 RPM for noarch

From OpenSuSE Tumbleweed for noarch

Name: ikiwiki-w3m Distribution: openSUSE Tumbleweed
Version: 3.20200202.3 Vendor: openSUSE
Release: 2.7 Build date: Sun Sep 26 12:16:45 2021
Group: Productivity/Networking/Web/Utilities Build host: old-cirrus2
Size: 464 Source RPM: ikiwiki-3.20200202.3-2.7.src.rpm
Summary: Ikiwiki w3m cgi meta-wrapper
Enable to use all of ikiwiki's web features (page editing, etc) in
the w3m web browser without using a web server. w3m supports local
CGI scripts, and ikiwiki can be set up to run that way.




GPL-2.0-or-later AND BSD-2-Clause


* Mon Sep 28 2020 Callum Farmer <>
  - Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
* Thu Jul 30 2020 Marketa Calabkova <>
  - update to 3.20200202.3
    * highlight: Adapt to API change in highlight >= 3.51
    * mdwn: Fix inverted footnote configuration when MultiMarkdown is
      enabled. Thanks, Giuseppe Bilotta
    * translation improvements
  - Switch to python3-docutils since we do not have Python 2 anymore
* Wed Apr 08 2020 Matej Cepl <>
  - Remove BR of bzr ... we don't support it anymore, and there isn't any
    need for it: the testsuite just skips the test, if bzr is not
* Tue Jul 16 2019 Marketa Calabkova <>
  - update to 3.20190228
    * aggregate: Use LWPx::ParanoidAgent if available.
      Previously blogspam, openid and pinger used this module if available,
      but aggregate did not. This prevents server-side request forgery or
      local file disclosure, and mitigates denial of service when slow
      "tarpit" URLs are accessed.
    * blogspam, openid, pinger: Use a HTTP proxy if configured, even if
      LWPx::ParanoidAgent is installed.
      Previously, only aggregate would obey proxy configuration. If a proxy
      is used, the proxy (not ikiwiki) is responsible for preventing attacks
      like CVE-2019-9187.
    * aggregate, blogspam, openid, pinger: Do not access non-http, non-https
      Previously, these plugins would have allowed non-HTTP-based requests if
      LWPx::ParanoidAgent was not installed. Preventing file URIs avoids local
      file disclosure, and preventing other rarely-used URI schemes like
      gopher mitigates request forgery attacks.
    * aggregate, openid, pinger: Document LWPx::ParanoidAgent as strongly
      These plugins can request attacker-controlled URLs in some site
    * blogspam: Document LWPx::ParanoidAgent as desirable.
      This plugin doesn't request attacker-controlled URLs, so it's
      non-critical here.
    * blogspam, openid, pinger: Consistently use cookiejar if configured.
      Previously, these plugins would only obey this configuration if
      LWPx::ParanoidAgent was not installed, but this appears to have been
    * po: Always filter .po files.
      The po plugin in previous ikiwiki releases made the second and
      subsequent filter call per (page, destpage) pair into a no-op,
      apparently in an attempt to prevent *recursive* filtering (which as
      far as we can tell can't happen anyway), with the undesired effect
      of interpreting the raw .po file as page content (e.g. Markdown)
      if it was inlined into the same page twice, which is apparently
      something that does. Simplify this by deleting the code
      that prevented repeated filtering. Thanks, intrigeri
      (Closes: #911356)
  - update to 3.20190207
    * graph: Add an optional "file" parameter
    * emailauth: When email can't be sent, show the error message
    * osm: Don't raise errors if tags don't have attached icons
    * cgi: Avoid C compiler warnings for waitpid() on NetBSD
    * Hide popup template content from documentation (Closes: #898836)
    * meta: Make [[!meta date]] show an error if dates are invalid or
      Date::Parse can't be loaded
    * inline: Cope with non-ASCII `rootpage` parameter.
      Thanks, Feng Shu
    * table: Cope with non-ASCII content in CSV format tables.
      Thanks, Feng Shu
    * trail: Allow unescaped punctuation in `pagenames` parameter
    * comments: Hide "add comment" link from print stylesheet.
      Thanks, Antoine Beaupré
    * recentchangesdiff, relativedate, toggle:
      Import JavaScript at the end of the page content, not the beginning,
      so that the browser can render content as soon as possible.
      Thanks, Antoine Beaupré
    * debian: Allow Breezy as an alternative to bzr
      Thanks, Jelmer Vernooij
    * inline: Add basic test coverage for [[!inline rootpage]]
    * table: Add basic test coverage
    * po: Add enough test coverage to reproduce Debian #911356
    * comments: Improve test coverage
    * tests: Exercise Unicode more
    * aggregate: Fix aggregation of posts without a title.
      Thanks, Alexandre Oliva
    * poll: Added postlink and posttrail options for better multi-page polls.
    * Fix permalink to comments.
* Fri Apr 06 2018
  - run spec-cleaner
  - update licence to GPL-2.0+ AND BSD-2-Clause as ikiwiki is
    licensed under GPL-2.0+ and the Python code in plugins directory
    is licensed under BSD-2-clause
  - update description
  - add w3m subpackage that holds w3mmode
  - remove shebang for ikiwiki/plugins/rst
  - update BuildRequires and Requires
  - get cvs plugin back because File/ is now available
  - don't remove syslog.t test
* Thu Apr 05 2018
  - update to 3.20180311
    * Avoid unexpected full paths from find(1)
    * rst test: Probe for docutils Python 3 module, not Python 2
    * mdwn: Automatically detect which Discount flags to use, fixing
      regressions in 3.20180228 when using Discount < 2.2
    * Add a test asserting that no plugin is an empty file, to confirm
      that the build fixes in 3.20180228 were successful
  - update to 3.20180228
    * core: Don't send relative redirect URLs when behind a reverse
    * core: Escape backticks etc. in directive error messages as HTML
      entities so that the error message is not subsequently parsed as
    * mdwn: Enable fenced code blocks, PHP Markdown Extra-style
      definition lists and GitHub-style extensions to HTML tag syntax
      when used with Discount >= 2.2.0 (Closes: #888055)
    * img: Fix auto-detection of image format (if enabled, which is
      strongly discouraged) with ImageMagick >= 6.9.8-3
    * rst: Use Python 3 instead of Python 2
    * build: `set -e` before each `for` loop, so that errors are
      reliably trapped
    * build: Use if/then instead of `||` so that the `-e` flag works
    * build: Ensure that pm_to_blib finishes before rewriting shebang
    * t: Make the img test pass with ImageMagick >= 6.9.8-3
      (Closes: #891647)
    * debian: Remove unused Lintian overrides for duplicate word false
    * debian: Declare compliance with Debian Policy 4.1.3
  - update to 3.20180105
    * emailauth: Fix cookie problem when user is on https and the cgiurl
      uses http, by making the emailed login link use https.
    * passwordauth: Use https for emailed password reset link when user
      is on https.
    * Remove openid provider icons from login selector, since openid
      providers are increasingly not working. Verisign retired theirs,
      and aol and yahoo/flickr are not commonly used for openid. Any
      users who still clicked those icons to login will need to instead
      enter their openid url.
    * Updated German basewiki and directives translation from
      Sebastian Kuhnert.
  - update to 3.20171001
    * htmlscrubber: Add support for the video tag's loop and muted
      attributes. Those were not in the original html5 spec, but have
      been added in the whatwg html living standard and have wide
      browser support.
    * emailauth, passwordauth: Avoid leaving cgisess_* files in the
      system temp directory.
    * core: Don't decode the result of strftime if it is already tagged
      as UTF-8, as it might be since Perl >= 5.21.1. (Closes: #869240)
    * img: Strip metadata from resized images when the deterministic
      config option is set. Thanks, intrigeri
    * receive: Avoid asprintf() in IkiWiki::Receive, to avoid implicit
      declaration, potential misbehaviour on 64-bit platforms, and lack
      of portability to non-GNU platforms
    * t: Add a regression test for untrusted git push
    * receive: Fix untrusted git push with git (>= 2.11) by passing
      through the necessary environment variables to make the
      quarantine area work
    * debian: Declare compliance with Debian Policy 4.1.1
    * l10n: Fix the build with po4a 0.52, by ensuring that msgstr ends
      with a newline if and only if msgid does
  - update to 3.20170622
    * t/git-cgi.t: Wait 1 second before doing a revert that should work.
      This hopefully fixes a race condition in which the test failed
      around 6% of the time. (Closes: 862494)
    * Guard against set-but-empty REMOTE_USER CGI variable on
      misconfigured nginx servers, and in general treat sessions with
      a set-but-empty name as if they were not signed in.
    * When the CGI fails, print the error to stderr, not "Died"
    * mdwn: Don't mangle <style> into <elyts> under some circumstances
    * mdwn: Enable footnotes by default when using the default Discount
      implementation. A new mdwn_footnotes option can be used to
      disable footnotes in MultiMarkdown and Discount.
    * mdwn: Don't enable alphabetically labelled ordered lists by
      default when using the default Discount implementation. A new
      mdwn_alpha_list option can be used to restore the old
    * osm: Convert savestate hook into a changes hook. savestate is not
      the right place to write wiki content, and in particular this
      breaks websetup if osm's dependencies are not installed, even
      if the osm plugin is not actually enabled. (Closes: #719913)
    * toc: if the heading is of the form <h1 id="...">, use that for
      the link in the table of contents (but continue to generate
      <a name="index42"></a> in case someone was relying on it).
      Thanks, Antoine Beaupré
    * color: Do not leak markup into contexts that take only the plain
      text, such as toc
    * meta: Document [[!meta name="foo" content="bar"]]
    * debian: Use preferred https URL for Format of debian/copyright
    * debian: Declare compliance with Debian Policy 4.0.0
* Sat May 06 2017
  - update to 3.20170111
    * passwordauth: prevent authentication bypass via multiple name
      parameters (CVE-2017-0356, OVE-20170111-0001)
    * passwordauth: avoid userinfo forgery via repeated email parameter
      (also in the scope of CVE-2017-0356)
    * CGI, attachment, passwordauth: harden against repeated parameters
      (not believed to have been a vulnerability)
    * remove: make it clearer that repeated page parameter is OK here
    * t/passwordauth.t: new automated test for passwordauth
  - update to 3.20170110
    * wrappers: Correctly escape quotes in git_wrapper_background_command
    * git: use an explicit function parameter for the directory to work
      in. Previously, we used global state that was not restored correctly
      on catching exceptions, causing an unintended log message
      "cannot chdir to .../ikiwiki-temp-working: No such file or directory"
      with versions >= 3.20161229 when an attempt to revert a change fails
      or is disallowed
    * git: don't run "git rev-list ... -- -- ..." which would select the
      wrong commits if a file named literally "--" is present in the
    * check_canchange: log "bad file name whatever", not literal string
      "bad file name %s"
    * t/git-cgi.t: fix a race condition that made the test fail
    * t/git-cgi.t: be more careful to provide a syntactically valid
      author/committer name and email, hopefully fixing this test on
    * templates, comments, passwordauth: use rel=nofollow microformat
      for dynamic URLs
    * templates: use rel=nofollow microformat for comment authors
    * news: use Debian security tracker instead of MITRE for security
      references. Thanks, anarcat
    * Set package format to 3.0 (native)
    * d/copyright: re-order to put more specific stanzas later, to get the
      intended interpretation
    * d/source/lintian-overrides: override obsolete-url-in-packaging for
      OpenID Selector, which does not seem to have any more current URL
      (and in any case our version is a fork)
    * docwiki.setup: exclude TourBusStop from offline documentation.
      It does not make much sense there.
    * d/ikiwiki.lintian-overrides: override script-not-executable warnings
    * d/ikiwiki.lintian-overrides: silence false positive spelling warning
      for Moin Moin
    * d/ikiwiki.doc-base: register the documentation with doc-base
    * d/control: set libmagickcore-6.q16-3-extra as preferred
      build-dependency, with virtual package libmagickcore-extra as an
      alternative, to help autopkgtest to do the right thing
  - update to 3.20161229.1
    * git: Attribute reverts to the user doing the revert, not the wiki
    * git: Do not disable the commit hook while preparing a revert.
  - update to 3.20161229
    * Security: force CGI::FormBuilder->field to scalar context where
      necessary, avoiding unintended function argument injection
      analogous to CVE-2014-1572. In ikiwiki this could be used to
      forge commit metadata, but thankfully nothing more serious.
    * Security: try revert operations in a temporary working tree before
      approving them. Previously, automatic rename detection could result in
      a revert writing outside the wiki srcdir or altering a file that the
      reverting user should not be able to alter, an authorization bypass.
      (CVE-2016-10026 represents the original vulnerability.)
      The incomplete fix released in 3.20161219 was not effective for git
      versions prior to 2.8.0rc0.
      (CVE-2016-9645 represents that incomplete solution.)
    * Add CVE references for CVE-2016-10026
    * Add automated test for using the CGI with git, including
    - Build-depend on libipc-run-perl for better build-time test coverage
    * Add missing ikiwiki.setup for the manual test for CVE-2016-10026
    * git: don't issue a warning if the rcsinfo CGI parameter is undefined
    * git: do not fail to commit changes with a recent git version
      and an anonymous committer
  - update to 3.20161219
    * inline: Prevent creating a file named ".mdwn" when the
      postform is submitted with an empty title.
    * Security: tell `git revert` not to follow renames. If it does, then
      renaming a file can result in a revert writing outside the wiki srcdir
      or altering a file that the reverting user should not be able to alter,
      an authorization bypass. Thanks, intrigeri. (CVE-2016-10026)
    * cgitemplate: remove some dead code. Thanks, blipvert
    * Restrict CSS matches against header class to not break
      Pandoc tables with header rows. Thanks, karsk
    * Make pagestats output more deterministic. Thanks, intrigeri
  - update to 3.20160905
    * Fix installation when prefix includes a string metacharacter.
      Thanks, Sam Hathaway.
    * Use git log --no-renames to generate recentchanges, fixing the git
      test-case with git 2.9 (Closes: #835612)
* Thu Aug 18 2016
  - removed patch (fixed upstream)
    * ikiwiki-skip-img-test.diff
  - update to 3.20160728
    * Explicitly remove current working directory from Perl's library
      search path, mitigating CVE-2016-1238 (see #588017)
    * wrappers: allocate new environment dynamically, so we won't overrun
      the array if third-party plugins add multiple environment variables.
    * Standards-Version: 3.9.8 (no changes required)
  - update to 3.20160509
    * img: ignore the case of the extension when detecting image format,
      fixing the regression that *.JPG etc. would not be displayed
      since 3.20160506
    * img: parse img_allowed_formats case-insensitively, as was done in
    * inline: restore backwards compat for show=-1 syntax, which
      worked before 3.20160121
    * Remove a spurious changelog entry from 3.20160506 (the relevant
      change was already in 3.20150614)
    * Add CVE-2016-4561 reference to 3.20160506 changelog
    * Set high urgency to get the CVE-2016-4561 fix and CVE-2016-3714
      mitigation into testing
  - update to 3.20160506
    * HTML-escape error messages, in one case avoiding potential cross-site
      scripting (CVE-2016-4561, OVE-20160505-0012)
    * Mitigate ImageMagick vulnerabilities such as CVE-2016-3714:
    - img: force common Web formats to be interpreted according to extension,
      so that "allowed_attachments: '*.jpg'" does what one might expect
    - img: restrict to JPEG, PNG and GIF images by default, again mitigating
      CVE-2016-3714 and similar vulnerabilities
    - img: check that the magic number matches what we would expect from
      the extension before giving common formats to ImageMagick
    * img: Add back support for SVG images, bypassing ImageMagick and
      simply passing the SVG through to the browser, which is supported by all
      commonly used browsers these days.
      SVG scaling by img directives has subtly changed; where before
      size=wxh would preserve aspect ratio, this cannot be done when passing
      them through and so specifying both a width and height can change
      the SVG's aspect ratio.
    * loginselector: When only openid and emailauth are enabled, but
      passwordauth is not, avoid showing a "Other" box which opens an
      empty form.
    * mdwn: Process .md like .mdwn, but disallow web creation.
    * git: Correctly handle filenames starting with a dash in add/rm/mv.
  - update to 3.20160121
    * meta: Fix [[!meta name=foo]] by closing the open quote.
    * Avoid unescaped "{" in regular expressions
    * meta test: Add tests for many behaviors of the directive.
    * img test: Bail gracefully when ImageMagick is not present.
    * emailauth: Added emailauth_sender config.
    * Modified page.tmpl to to set html lang= and dir= when
      values have been specified for them, which the po plugin does.
    * Specifically license the javascript underlay under the permissive
      basewiki license.
    * git: if no committer identity is known, set it to
      "IkiWiki <>" in .git/config. This resolves commit errors
      in versions of git that require a non-trivial committer identity.
    * inline, trail: rename show, feedshow parameters to limit, feedlimit
      (with backwards compatibility)
    * pagestats: add "show" option to show meta fields. Thanks, Louis
    * inline: force RSS <comments> to be a fully absolute URL as required
      by the W3C validator. Please use Atom feeds if relative URLs are
      desirable on your site.
    * inline: add <atom:link rel="self"> to RSS feeds as recommended by
      the W3C validator
    * inline: do not produce links containing /./ or /../
    * syslog: accept and encode UTF-8 messages
    * syslog: don't fail to log if the wiki name contains %s
    * Change dependencies from transitional package perlmagick
      to libimage-magick-perl (Closes: #789221)
    * debian/copyright: update for the rename of openid-selector to
    * d/control: remove leading article from Description
      (lintian: description-synopsis-starts-with-article)
    * d/control: Standards-Version: 3.9.6, no changes required
    * Wrap and sort control files (wrap-and-sort -abst)
    * Silence "used only once: possible typo" warnings for variables
      that are part of modules' APIs
    * Run autopkgtest tests using autodep8 and the pkg-perl team's
    * Add enough build-dependencies to run all tests, except for
      non-git VCSs
    * tests: consistently use done_testing instead of no_plan
    * t/img.t: do not spuriously skip
    * img test: skip testing PDFs if unsupported
    * img test: use the right filenames when testing that deletion occurs
  - update to 3.20150614
    * inline: change default sort order from age to "age title" for
      determinism, partially fixing deterministic build for git-annex,
      ikiwiki-hosting etc. (Closes: #785757)
    * img: avoid ImageMagick misinterpreting filenames containing a colon
    * img test: set old timestamp on source file that will change, so that
      the test will pass even if it takes less than 1 second
* Mon Jan 04 2016
  - update to 3.20150610
    * The new "emailauth" plugin allows users to authenticate using an email
      address, without otherwise creating an account.
    * The openid plugin now enables emailauth by default. Please include
      emailauth in the disable_plugins setting if this is not desired.
      Conversely, if emailauth is required on a wiki that does not enable
      openid, you can list it in the enable_plugins setting.
* Thu Apr 30 2015
  - skip syslog test for systems <= 13.2
* Thu Apr 30 2015
  - ran spec-cleaner and specfile cleanup
  - added patch for skipping the imagemagick test: ikiwiki-img-test.diff
  - update to 3.20150329
    * Fix NULL ptr deref on ENOMEM in wrapper. (Thanks, igli)
    * Really don't double-decode CGI submissions, even on Perl versions that
      bundle an old enough for that not to be a problem: the
      system might have a newer installed separately, like Fedora 20.
      (Closes: #776181; thanks, Anders Kaseorg)
    * If neither timezone nor TZ is set, set both to :/etc/localtime if
      we're on a GNU system and that file exists, or GMT otherwise
    * t/inline.t: accept translations of "Add a new post titled:"
      (Closes: #779365)
    * Consistently document command-line options as e.g. --refresh, not -refresh
    * In VCS-committed anonymous comments, link to url.
    * Fix XSS in openid selector. Thanks, Raghav Bisht. (Closes: #781483)
  - update to 3.20150107
    * Added ikiwiki-comment program.
    * Add missing build-depends on libcgi-formbuilder-perl, needed for
    * openid: Stop suppressing the email field on the Preferences page.
    * Set Debian package maintainer to Simon McVittie as I'm retiring from
    * calendar: add calendar_autocreate option, with which "ikiwiki --refresh"
      can mostly supersede the ikiwiki-calendar command.
      Thanks, Louis Paternault
    * search: add more classes as a hook for CSS. Thanks, sajolida
    * core: generate HTML5 by default, but keep avoiding new elements
      like <section> that require specific browser support unless html5 is
      set to 1.
    * Tell mobile browsers to draw our pages in a device-sized viewport,
      not an 800-1000px viewport designed to emulate a desktop/laptop browser.
    * Add new responsive_layout option which can be set to 0 if your custom
      CSS only works in a large viewport.
    * style.css, actiontabs, blueview, goldtype, monochrome: adjust layout
      below 600px ("responsive layout") so that horizontal scrolling is not
      needed on smartphone browsers or other small viewports.
    * core: new libdirs option alongside libdir. Thanks, Louis Paternault
    * core: log a debug message before waiting for the lock.
      Thanks, Mark Jason Dominus
    * build: in po/Makefile, use the same $(MAKE) as the rest of the build.
      Thanks, ttw
    * blogspam: use the 2.0 JSON API (the 1.0 XML-RPC API has been EOL'd).
      Closes: #774441
    * po: If msgmerge falls over on a problem po file, print a warning
      message, but don't let this problem crash ikiwiki entirely.
  - update to 3.20141016
    * Fix crash that can occur when only_committed_changes is set and a
      file is deleted from the underlay.
    * core: avoid dangerous use of CGI->param in list context, which led
      to a security flaw in Bugzilla; as far as we can tell, ikiwiki
      is not vulnerable to a similar attack, but it's best to be safe
    * core: new reverse_proxy option prevents ikiwiki from trying to detect
      how to make self-referential URLs by using the CGI environment variables,
      for instance when it's deployed behind a HTTP reverse proxy
      (Closes: #745759)
    * core: the default User-Agent is now "ikiwiki/$version" to work around
      ModSecurity rules assuming that only malware uses libwww-perl
    * core: use protocol-relative URLs (e.g. // so that
      https stays on https and http stays on http, particularly if the
      html5 option is enabled
    * core: avoid mixed content when a https cgiurl links to http static pages
      on the same server (the static pages are assumed to be accessible via
      https too)
    * core: force the correct top URL in w3mmode
    * google plugin: Use search form
    * docwiki: replace Paypal and Flattr buttons with text links
    * comments: don't record the IP address in the wiki if the user is
      logged in via passwordauth or httpauth
    * templates: add ARIA roles to some page elements, if html5 is enabled.
      Thanks, Patrick
    * debian: build-depend on libmagickcore-6.q16-2-extra | libmagickcore-extra
      so we can thumbnail SVGs in the docwiki
    * debian: explicitly depend and build-depend on libcgi-pm-perl
    * debian: drop unused python-support dependency
    * debian: rename debian/link to debian/links so the intended symlinks appear
    * debian: fix some wrong paths in the copyright file
  - update to 3.20140916
    * Don't double-decode CGI submissions with >= 2.53,
      fixing "Error: Cannot decode string with wide characters".
      Thanks, Antoine Beaupré
    * Avoid making trails depend on everything in the wiki by giving them
      a better way to sort the pages
    * Don't let users post comments that won't be displayed
    * Fix encoding of Unicode strings in Python plugins.
      Thanks, chrysn
    * Improve performance and correctness of the [[!if]] directive
    * Let [[!inline rootpage=foo postform=no]] disable the posting form
    * Switch default [[!man]] shortcut to Closes: #700322
    * Add UUID and TIME variables to edittemplate. Closes: #752827
      Thanks, Jonathon Anderson
    * Display pages in linkmaps as their pagetitle (no underscore escapes).
      Thanks, chrysn
    * Fix aspect ratio when scaling small images, and add support for
      converting SVG and PDF graphics to PNG.
      Thanks, chrysn
    - suggest ghostscript (required for PDF-to-PNG thumbnailing)
      and libmagickcore-extra (required for SVG-to-PNG thumbnailing)
    - build-depend on ghostscript so the test for scalable images can be run
    * In the CGI wrapper, incorporate $config{ENV} into the environment
      before executing Perl code, so that PERL5LIB can point to a
      non-system-wide installation of IkiWiki.
      Thanks, Lafayette Chamber Singers Webmaster
    * filecheck: accept MIME types not containing ';'
    * autoindex: index files in underlays if the resulting pages aren't
      going to be committed. Closes: #611068
    * Add [[!templatebody]] directive so template pages don't have to be
      simultaneously a valid template and valid HTML
    * Add myself to Uploaders and release to Debian
  - update to 3.20140831
    * Make --no-gettime work in initial build. Closes: #755075
  - update to 3.20140815
    * Add google back to openid selector. Apparently this has gotten a stay
      of execution until April 2015. (It may continue to work until 2017.)
    * highlight: Add compatibility with highlight 3.18, while still supporting
      3.9+. Closes: #757679
      Thanks, David Bremner
    * highlight: Add support for multiple language definition directories
      Closes: #757680
      Thanks, David Bremner
  - update to 3.20140613
    * only_committed_changes could fail in a git repository merged
      with git merge -s ours.
    * Remove google from openid selector, per
  - update to 3.20140227
    * Added useragent config setting. Closes: #737121
      Thanks, Tuomas Jormola
    * po: Add html_lang_code and html_lang_dir template variables
      for the language code and direction of text.
      Thanks, Mesar Hameed
    * Allow up to 8 levels of nested directives, rather than previous 3
      in directive infinite loop guard.
    * git diffurl: Do not escape / in paths to changed files, in order to
      interoperate with cgit (gitweb works either way)
      Thanks, intrigeri.
    * git: Explicity push master branch, as will be needed by git 2.0's
      change to push.default=matching by default.
      Thanks, smcv
    * Deal with nasty issue with gettext clobbering $@ while printing
      error message containing it.
      Thanks, smcv
    * Cleanup of the openid login widget, including replacing of hotlinked
      images from openid providers with embedded, freely licensed artwork.
      Thanks, smcv
    * Improve templates testing.
      Thanks, smcv
    * python proxy: Avoid utf-8 related crash.
      Thanks, Antoine Beaupré
    * Special thanks to Simon McVittie for being the patchmeister for this
  - update to 3.20140125
    * inline: Allow overriding the title of the feed. Closes: #735123
      Thanks, Christophe Rhodes
    * osm: Escape name parameter. Closes: #731797
  - update to 3.20140102
    * aggregate: Improve display of post author.
    * poll: Fix behavior of poll buttons when inlined.
    * Fixed unncessary tight loop hash copy in saveindex where a pointer
      can be used instead. Can speed up refreshes by nearly 50% in some
    * Optimized loadindex by caching the page name in the index.
    * Added only_committed_changes config setting, which speeds up wiki
      refresh by querying git to find the files that were changed, rather
      than looking at the work tree. Not enabled by default as it can
      break some setups where not all files get committed to git.
    * comments: Write pending moderation comments to the transient underlay
      to avoid conflict with only_committed_changes.
    * search: Added google_search option, which makes it search google
      rather than using the internal xapain database.
      (googlesearch plugin is too hard to turn on when xapain databases
      corrupt themselves, which happens all too frequently).
    * osm: Remove invalid use of charset on embedded javascript tags.
      Closes: #731197
    * style.css: Add compatibility definitions for more block-level
      html5 elements. Closes: #731199
    * aggregrate: Fix several bugs in handling of empty and colliding
      titles when generating filenames.
  - update to 3.20130904.1
    * Fix cookiejar default setting.
  - update to 3.20130904
    * calendar: Display the popup mouseover when there is only 1 page for a
      given day, for better UI consistency.
    * meta: Can now be used to add an enclosure to a page, which is a fancier
      way to do podcasting than just inlining the media files directly;
      this way you can write a post about the podcast episode with show notes,
      author information, etc.
    * aggregate: Show author in addition to feedname, if different.
    * Consistently configure LWP::UserAgent to allow use of http_proxy
      and no_proxy environment variables, as well as ~/.ikiwiki/cookies
    * Fix test suite to work with perl 5.18. Closes: #719969
  - update to 3.20130711
    * Deal with git behavior change in 1.7.2 and newer that broke support
      for commits with an empty commit message.
    * Pass --no-edit when used with git 1.7.8 and newer.
  - update to 3.20130710
    * blogspam: Fix encoding issue in RPC::XML call.
      Thanks, Changaco
    * comments: The formats allowed to be used in comments can be configured
      using comments_allowformats.
      Thanks, Michal Sojka
    * calendar: When there are multiple pages for a given day, they're
      displayed in a popup on mouseover.
      Thanks, Louis
    * osm: Remove trailing slash from KML maps icon.
    * page.tmpl: omit searchform, trails, sidebar and most metadata in CGI
    * openid: Automatically upgrade openid_realm to https when
      accessed via https.
    * The ip() pagespec can now contain glob characters to match eg, a subnet
      full of spammers.
    * Fix crash that could occur when a needsbuild hook returned a file
      that does not exist.
    * Fix python proxy to not crash when fed unicode data in getstate
      and setstate.
      Thanks, chrysn
    * Fix committing attachments when using svn.
* Fri Jun 07 2013
  - update to 3.20130518
    * Fix test suite to not fail when XML::Twig is not installed.
      Closes: #707436
    * theme: Now <TMPL_IF THEME_$NAME> can be used in all templates when
      a theme is enabled.
    * notifyemail: Fix bug that caused duplicate emails to be sent when
      site was rebuilt.
    * bzr: bzr rm no longer has a --force option, remove
    * Allow dots in directive parameter names. (tango)
    * Add missing plugin section, and deal with missing sections with a warning.
    * Detect plugins with a broken getsetup and warn.
    * map: Correct reversion introduced in version 3.20110225 that could
      generate invalid html. (smcv)
    * Makefile.PL: overwrite theme style.css instead of appending
      (Thanks, Mikko Rapeli)
    * meta: Fix anchors used to link to the page's license and copyright.
      Closes: #706437
    * htmlscrubber: Allow the bitcoin URI scheme.
    * htmlscrubber: Allow the URI schemes of major VCS's.
    * aggregate: When run with --aggregate, if an aggregation is already
      running, don't go on and --refresh.
    * trail: Avoid excess dependencies between pages in the trail
      and the page defining the trail. Thanks, smcv.
    * opendiscussion: Don't allow editing discussion pages if discussion pages
      are disabled. (smcv)
    * poll: Add expandable option to allow users to easily add new choices to
      a poll.
    * trail: Avoid massive slowdown caused by pagetemplate hook when displaying
      dynamic cgi pages, which cannot use trail anyway.
    * Deal with empty diffurl in configuration.
    * cvs: Various fixes. (schmonz)
    * highlight: Now adds a span with class highlight-<extension> around
      highlighted content, allowing for language-specific css styling.
* Mon Dec 17 2012
  - 3.20121212
    * lots of bugfixes and new features
    * fixes CVE-2012-0220 and CVE-2011-1408
    * support Text::Markdown::Discount for speedup
    * requires YAML::XS instead of YAML
* Wed Jun 08 2011
  - 3.20110431
    * Danish translation update. Closes: #625721
    * Danish underlay translation update. Closes: #625765 (Thanks, Jonas Smedegaard)
    * Support YAML::XS by not passing decoded unicode to Load. Closes: #625713
    * openid, aggregate, pinger: Use Net::INET6Glue if available to support making ipv6 connections. (Note that if LWPx::ParanoidAgent is installed, it defeats this for openid.)
    * Add additional directive quoting styles, to better support nested directives. Both triple-single-quote and heredoc quotes can be used. (Thanks, Timo Paulssen)
    * Changed license of madduck's python plugins from GPL-2 to BSD-2-clause.
    * po: support language codes in the form of 'es_AR', and 'arn'. (intrigeri) Closes: #627844
    * po: Make po4a warn, not error on a malformed document. (intrigeri)
    * Support the Hiawatha web server which sets HTTPS=off rather than not setting it. (There does not seem to be a standard here.)
* Wed May 11 2011
  - new version 3.20110430 (
    * don't allow alternative stylesheets to be added on pages where the
      htmlscrubber is enabled (CVE-2011-1401)
  - now requires perl-YAML
* Mon Feb 28 2011
  - new version 3.20110225
    - editpage: Avoid inheriting internal page types.
    - htmltidy: Avoid breaking the sidebar when websetup is running.
    - transient: New utility plugin that allows transient pages to be stored in
      .ikiwiki/transient/ (smcv)
    - aggregate: Aggregated content is stored in the transient underlay.
      (Existing aggregated content is not moved, since it will eventually expire
      and be removed) (smcv)
    - autoindex, tag: Added autoindex_commit and tag_autocreate_commit that can
      be unset to make index files and tags respectively not be committed, and
      instead be stored in the transient underlay. (smcv)
    - autoindex: Adapted to use add_autofile. Slight behavior changes in edge
      cases that are probably really bug fixes. (smcv)
    - recentchanges: Use transient underlay (smcv)
    - map: Avoid unnecessary ul's in maps with nested directories. (Giuseppe
    - Fix broken baseurl in cgi mode when usedirs is disabled. Bug introduced in
    - inline: Fix link to nested inlined pages's feeds. (Giuseppe Bilotta)
    - inline: Add 'id' parameter that can be used when styling individual
      feedlinks and postforms. (Giuseppe Bilotta)
* Wed Feb 16 2011
  - suggest perl(Net::OpenID::Consumer) and perl(LWPx::ParanoidAgent)
* Tue Jan 25 2011
  - new version 3.20110124
    - fix regression in previous version
* Mon Jan 24 2011
  - new version 3.20110123
    - fix XSS issue (CVE-2011-0428)
* Tue Aug 10 2010
  - new version 3.20100804
    - template: Fix dependency tracking. Broken in version 3.20100427.
    - po: The po_slave_languages setting is now a list, so the order of
      translated languages can be controlled. (intrigeri)
    - git: Fix gitweb historyurl examples so "diff to current" links work.
      (Thanks jrayhawk)
    - meta: Allow syntax closer to html meta to be used.
    - Add new disable hook, allowing plugins to perform cleanup after they have
      been disabled.
    - Use Digest::SHA built into perl rather than external Digest::SHA1 to
      simplify dependencies. Closes: #591040
    - Fixes a bug that prevented matching deleted pages when using the page()
* Thu Jun 17 2010
  - Recommends: perl(PerlMagick) -> perl(Image::Magick)
* Mon May 17 2010
  - new version 3.20100515
    Note that you need to update page.tmpl! See NEWS
    - Removed misc.tmpl. Now to theme ikiwiki, you only need to customise a
      single template, page.tmpl.
    - If you have a locally customised page.tmpl, it needs to be updated to set
      <base> when BASEURL or FORCEBASEURL is set.
    - comments: Comments pending moderation are now stored in the srcdir
      alongside accepted comments, but with a ._comment_pending extension. This
      allows easier byhand moderation, as the "_pending" need only be stripped
      off and the comment be committed to version control.
    - The comment_pending() pagespec can be used to match such unmoderated
      comments, which makes it easy to add a feed of them, or a counter
      indicating how many there are.
    - Belatedly added a comment() pagespec.
    - Gave comment and page editing forms some CSS and accessability love.
    - Renamed postscan hook to indexhtml, to reflect its changed position, and
      typical use.
    - inline: Call indexhtml when inlining internal pages, so their text can be
      indexed for searching.
    - Delete hooks are passed deleted internal pages.
    - openid: Incorporated a fancy openid-selector signin form. (Based on
    - openid: Use "openid_identifier" as the form field, as required by OpenID
      Authentication v2.0 spec.
    - Removed the openidsignup option. Instead, my recommendation is to leave
      passwordauth enabled and let people who don't have an openid use it. The
      openid selector form avoids the UI annoyance of having both openid and
      passwordauth on one form.
    - calendar: Allow negative month to be specified. -1 is last month, etc. (And
      also negative years.)
    - calendar: Display year in title of month calendar.
    - Use xhtml friendly pubdate setting.
    - remove, rename: Add guards against XSRF attacks.
* Wed May 05 2010
  - version 3.20100504
    * Add parameter to displaytime to specify that it is a pubdate,
      and in html5 mode, use time tag.
    * Add placeholder text in search form (in html5 mode only).
    * In html5 mode, use all the nice new semantic tags. Care was taken
      to not change the id/class named used in the CSS, so only CSS
      that refers to tag types needed to be changed.
    * Add ACTIONS variable to page.tmpl, which allows plugins to add arbitrary
      links to the action bar without modifying the template further.
      (COMMENTSLINK and DISCUSSIONLINK could be folded into this, but
      are kept separate for now to avoid breaking modified templates.)
    * websetup: Only display Setup button on admins' preferences page.
    * graphviz: Fix display of preexisting images in preview mode.
    * Fixes a bug in skipping of illegal source files introduced in
* Mon May 03 2010
  - version 3.20100501
    * TMPL_INCLUDE re-enabled for templates read from the templatedir.
      (But not in-wiki templates.)
    * Version dependency on liburi-perl to >= 1.36; previous versions
      did not support building urls from utf-8 strings. Closes: #579713
    * Ikiwiki can be configured to generate html5 instead of the default xhtml
      1.0. The html5 output mode is experimental, not yet fully standards
      compliant, and will be subject to rapid change.
    * htmlscrubber: Allow html5 semantic tags: section, nav, article, aside
      hgroup, header, footer, figure, figcaption, time, mark
    * htmlscrubber: Also allow some other html5 tags: canvas, progress, meter,
      ruby, rt, rp, details, summary, datalist.
    * htmlscrubber: Round out html5 video support with the preload
      attribute and the source tag.
    * htmlscrubber: Allow the html5 form attributes: placeholder, autofocus,
      min, max, step, required, autocomplete, novalidate, pattern, list,
      and form. (Also the form* override attributes for input and buttons.)
    * htmlscrubber: Allow additional misc html5 attributes: reversed,
      spellcheck, and hidden.
    * template: Fix typo.
  - version 3.20100427
    [ Joey Hess ]
    * tag: Automatic creation of tag pages can now be enabled using
      the tag_autocreate setting. (David Riebenbauer)
    * Customised templates can now be included in the source of wikis
      (and also in underlays), and dependencies on them are tracked.
    * TMPL_INCLUDE is no longer supported in any template.
    * underlay: Removed the add_templates option.
    * Add template_depends function to plugin API.
    * bzr: Fix bzr log parsing to work with bzr 2.0. (liw)
    * comments: Fix missing entity encoding in title.
    * txt: Add a special case for robots.txt.
    [ Simon McVittie ]
    * Add support for link types, and make the the tagged() pagespec only
      match tags, not regular links (a bugfix).
    * Rebuild wikis on upgrade to this version to get tag link types recorded
    * Revamp sorting system; allow new sort methods to be added by plugins,
      and add a "sortspec" syntax that can combine, reverse, etc sort methods.
    * meta: Add `meta(author)`, `meta(title)` etc sortspecs to allow sorting
      by metadata.
    * meta: Add optional sortas parameter to author and title meta directives.
      This can be used to get names sorted by last name without displaying
      them last name first.
    * sortnaturally: New plugin; the title_natural sort method has moved here.
    * meta: store fields consistently unescaped, and escape on use.
      (A wiki rebuild is also needed due to this change.)
    [ Joey Hess ]
    * Update dependency for git-core to git transition.
    * po: Check that translated underlay directories exist before using them
      for master language.
    * po: Configuring the same language as master and slave confuses processing;
      so filter out such a misconfiguration.
    * calendar: Add archive_pagespec, which is used by ikiwiki-calendar to
      specify which pages to include on the calendar archive pages.
      (The pagespec can still also be specified on the ikiwiki-calendar command
    * pagestats: Class parameter can be used to override default class for
      custom styling.
    * pagestats: Use style=list to get a list of tags, scaled by use like
      in a tag cloud. This is useful to put in a sidebar.
    * Rework example blog front page.
    * CSS and templates for sidebar changed to use a class, not an id.
    * sidebar: Now a sidebar directive can be used to override the sidebar
      shown on a page.
    * Enable calendar and sidebar in auto-blog.setup.
    * sidebar: Add global_sidebars setting.
    * conditional: Fix bug that forced "all" mode off by default.
    * calendarmonth.tmpl: The month calendar is now put in a sidebar.
    * calendar: Improved display of arrows.
    * Rename --getctime to --gettime. (The old name still works for
      backwards compatibility.)
    * --gettime now also looks up last modification time.
    * Automatically run --gettime the first time ikiwiki is run on
      a given srcdir. (Use --no-gettime to disable.)
    * Add rcs_getmtime to plugin API; currently only implemented
      for git and svn.
    * Optimise --gettime for git, so it's appropriately screamingly
      fast. (This could be done for most other backends too.)
    * However, --gettime for git no longer follows renames. That would
      be slow, and whether a renamed wiki page is the same page is really
      an iffy thing.
    * Use above to fix up timestamps on docwiki, as well as ensure that
      timestamps on basewiki files shipped in the deb are sane.
    * autoindex: Switch to using %wikistate instead of abusing
    * bzr: Support rcs_getmtime, and fix rcs_getctime implementation
      (Jelmer Vernooij)
    * Quite a lot of new optimisations, and one major fix to a recent
      performance regression.
    * Moved javascript files under the ikiwiki/ directory, to avoid cluttering
      the top of the web root. This is another things that requires a wiki
      rebuild on upgrade to this version.
    * Fix removal of rendered files in rebuild mode.
    * Add page() PageSpec, which is like glob() but matches only pages,
      not other files.
  - version 3.20100403
    * websetup: Add websetup_unsafe to allow marking other settings
      as unsafe.
    * Improve openid url munging; do not display anchors and cgi parameters,
      as used by yahoo and google urls.
    * Add complete German basewiki and directives translation done by
      Sebastian Kuhnert.
    * Add a include setting, which can be used to make ikiwiki process
      wiki source files, such as .htaccess, that would normally be skipped
      for security or other reasons. Closes: #447267
      (Thanks to Aaron Wilson for the original patch.)
    * Add support for setup files written in YAML.
    * Add --set-yaml switch for setting more complex config file options.
    * filecheck: Fix bugs that prevented the pagespecs from matching when
      not called by attachment plugin.
    * Fix incorrect influence info returned by a failing link() pagespec,
      that could lead to bad dependency handling in certian situations.
    * Add preprocessed 'use lib' line to ikiwiki-transition and ikiwiki-calendar
      if necessary for unusual install.
    * auto-blog.setup: Set tagbase by default, since most bloggers will want it.
    * Allow wrappers to be built using tcc. (Workaround #452876)
    * openid: Use Openid Simple Registration or OpenID Attribute Exchange
      to get the user's email address and username. (Neither is yet
      used, but they are available in the session object now.)
    * page.tmpl: Add Cache-Control must-revalidate to ensure that users
      (especially of Firefox) see fresh page content.
    * htmlscrubber: Allow colons in urls after '?'
    * template: Search for templates in the templatedir, if they are not
      found as pages in the wiki.
* Wed Mar 17 2010
  - new version 3.20100312:
    - Fix utf8 issues in calls to md5_hex.
    - moderatedcomments: Added moderate_pagespec that can be used to control which
      users or comment locations are moderated. This can be used, just for example,
      to moderate "user(*)" if you're getting a lot of spammers
      from one particular openid provider (who should perhaps answer your emails
      about them), while not moderating other users.
    - moderatedcomments: The moderate_users setting is deprecated. Instead, set
      moderate_pagespec to "!admin()" or "user(*)".
    - Fix missing span on recentchanges page template.
    - search: Avoid '$' in the wikiname appearing unescaped on omega's query
      template, where it might crash omega.
    - htmlscrubber: Security fix: In data:image/* uris, only allow a few
      whitelisted image types. No svg.
* Fri Feb 26 2010
  - add perl-CGI-Session as Recommends
* Mon Feb 22 2010
  - some fixes inspired by Fedora:
    - make package noarch
    - use Requires: perl(XXX) instead of perl-XXX
    - remove shebang from /etc/ikiwiki/*
    - package html docu
* Sun Feb 21 2010
  -  new version 3.20100212
    - template: Preprocess parameters before htmlizing.
    - img: Fix a bug that could taint @links with undef values.
    - setup automator: Configure Term::Readline to use bold for
      prompt, rather than default underline. Closes: #517656
    - Allow jumping directly into account registration process by
      going to ikiwiki.cgi?do=register
    - Improve display of openid in preferences page.
    - Add link to userpage (or creation link) to top of preferences
    - opendiscussion: This plugin will also now allow posting comments
      to otherwise locked-down sites.
    - auto-blog.setup: Lock all pages, so only admin can post to the
      blog by default, and enable opendiscussion so others can
    - Fix color and format plugins to appear in the websetup
    - amazon_s3: Fix to support the EU S3 datacenter, which is more
      picky about attempts to create already existing buckets.
    - httpauth: When cgiauthurl is configured, httpauth can now be
      used alongside other authentication methods (like openid or
      anonok). Rather than always redirect to the cgiauthurl for
      authentication, there is now a button on the login form to use
    - httpauth: Add httpauth_pagespec setting that can be used to
      limit pages to only being edited via users authed with httpauth.
    - Allow globs to be used in user() pagespecs.
    - Group related plugins into sections in the setup file, and drop
      unused rcs plugins from the setup file.
* Mon Jan 25 2010
  - new version 3.20100122
    - inline: Avoid showing edit links if page editing is disabled.
    - signinedit: Auto-disable the plugin when all authentication
      methods are disabled.
    - comments: Fix permalinks for comments using new conflict-free
    - img: Support alignment of images with captions. (Giuseppe
    - websetup: Fix utf-8 problems.
    - websetup: Fix bug in array change detection.
    - linkmap: Simplify and improve browser compatibility by using an
      img, not object tag.
    - git: The new git-notes feature in git 1.6.6 changes git log
      output in a way that broke ikiwiki's parser if notes are added
      to commits.
    - po: Avoid crash when a page is empty.
* Thu Oct 29 2009
  - new version 3.20091023
    * inline: Fix raw mode. Closes: debian#552114
    * edittemplate: Allow template page name to be specified using anything
      legal for a wikilink (including eg, leading slashes).
    * edittemplate: Work around bug debian#551499 in CGI::FormBuilder.
    * Fix a bug introduced in the last version that caused ikiwiki
      to skip all files if a sourcedir of "./" was specified.
    * Support CFLAGS when building wrapper.
    * meta: Gather permalink info on scan pass so it is available
      to inline when using a template that does not include page content.
    * Added support framework for multiple types of dependencies, including
      dependncies that are only affected by page precence or link changes.
    * Rebuild wikis on upgrade to this version to get improved dependency
    * pagecount, calendar, postsparkline, progress: Use a presence dependency,
      which makes these directives much less expensive to use, since page
      edits will no longer trigger an unnecessary update.
    * map: Use a presence dependency unless show= is specified.
      This makes maps efficient enough that they can be used on sidebars!
    * inline: Use a presence dependency in quick mode.
    * brokenlinks: Use a link dependency.
      This makes it much more efficient, only updating when really necessary.
    * orphans, pagestats: Use a combination of presence and link dependencies.
      This makes them more efficient. It also fixes a longstanding bug,
      where if only a small set of pages were considered by orphans/pagestats,
      changes to links on other pages failed to cause an update.
    * linkmap: Use a combination of presence and link dependencies.
      This makes the map be regenerated much less frequently in many cases,
      so larger maps are more practical to use now.
    * Plugins providing PageSpec `match_*` functions should pass additional
      influence information when creating result objects. This allows correctly
      handling many more complicated dependencies.
    * API change: `pagespec_match_list` has completly changed its interface.
      The old interface will be removed soon, and a warning will be printed
      if any plugins try to use it.
    * Transitive dependencies are now correctly supported.
    * ikiwiki-calendar: New command automates creation of archive pages
      using the calendar plugin.
    * calendar: Fix midnight rebuild trigger of calendars with explicit
    * calendar: Fix bug in next/previous year/month links, which sometimes
      linked to an archive page from the wrong year, or were missing.
    * git: --getctime will now follow renames back to the original creation
      of a file.
    * calendar: Fix CSS for year calendar to match the plugin documentation.
    * Added minimal default CSS for calendar plugin, just highlighting the
      current day.
    * inline: Optimize generation of archives, etc by not getting inlined page
      content if the template does not use it.
* Thu Oct 15 2009
  - new version 3.20091009
    * parentlinks: Add has_parentlinks template parameter to allow
      styling the toplevel index differently etc.
    * img: Correct bug in image size calculation code.
    * img: Fix dependency code for full size images.
    * toggle, relativedate: Support templates that add attributes to
      the body tag.
    * Support RPC::XML 0.69's incompatible object instantiation
    * mirrorlist: Display nothing if list is empty.
    * Fix a bug that could lead to duplicate links being recorded for
    * Optimize away most expensive file prune calls, when refreshing,
      by only checking new file
* Tue Sep 29 2009
  - remove cvs plugin, File/ not available
  - backport img size fix
* Mon Sep 28 2009
  - new version 3.14159265
    * Add complete French basewiki and underlays translation from the
      Debian French l10n team, including Philippe Batailler, Alexandre
      Dupas, and Steve Petruzzello.
    * Expand banned_users; it can now include PageSpecs, which allows
      banning by IP address.
    * underlay: Also allow configuring additional directories to
      search for template files in.
    * Fix parsing web commits from ipv6 addresses.
    * Add genwrapper hook, that can be used to add code into the C
    * cvs: Yeah, ikiwiki even supports CVS now. Plugin contributed by
      Amitai Schlair.
    * Updated Czech translation from Miroslav Kure.
    * rsync: New plugin that allows pushing the destdir to a remote
      host via rsync or similar. Thanks, Amitai Schlair.
    * auto.setup, auto-blog.setup: Fix sanitization of entered
* Tue Sep 01 2009
  - new version 3.1415926
    * fixes security bug CVE-2009-2944
    * Note: rebuild needed to fix performance problems!
* Wed May 27 2009
  - new version 3.13
* Mon Apr 06 2009
  - new version 3.09
* Mon Feb 23 2009
  - new version 3.04
    * 404: New plugin which lets you use the IkiWiki CGI script as
      an Apache 404 handler, to give the behaviour of various other wiki
      engines where visiting a nonexistent page provides you with a link
      to create it. (smcv)
    * Factor out redundant code into goto plugin. (smcv)
    * Work around XML::Atom strangeness that results in double-encoded posts.
    * Updated German translation (Kai Wasserb?ch). Closes: #514251
    * Fix unusual --setup --post-commit command line option combo.
    * Create any missing directory necessary to put the wrapper
      file into. Closes: #514384
    * shortcut: If default_pageext is set, first look for
    * Allow comments, rename, remove, and attachment plugins to be used
      even if the editpage plugin is disabled.
    from 3.03:
    * Avoid feeding decoded unicode to Term::ReadLine. Closes: 512169
    * blogspam: Log spam info on failure in debug mode.
    * Remove nonstandard css. Closes: #512378
    * blogspam: Fix use of blogspam_options and blogspam_server config settings.
    * comments: If comment content checks fail, store the comment
      (in .ikiwiki/comments_pending) for moderator review.
    * comments: Add a moderation web interface, which admins can
      access via their Preferences page.
    * git: Fix malformed utf8 received from git.
    * meta: New "updated" metadata specifies a fake modification time for a
      page, to be output into RSS and Atom feeds. (smcv)
    * underlay: New plugin, allows pulling in additional files not
      in version control. (smcv)
    from 3.01:
    * blogspam: New plugin, adding spam filtering for page editing / comment
      posting using the API.
    * Add auto-blog.setup, which will set up an ikiwiki instance tuned for use
      in blogging.
    * checkcontent: New hook, can be used to implement arbitrary content
      filters, including spam filters.
    * table: Fix misparsed links in external files.
    * table: Find links in external files in scan pass.
    * rename: Show full names of affected pages.
    * comments: Fix cache avoidance hack.
    * repolist: New plugin to support the rel=vcs-* microformat.
    * goodstuff: Include repolist by default. (But it does nothing until
      configured with the repository locations.)
    * comments: Add support for removing comments via web interface. (smcv)
    * Consistently allow use of relative paths in all PageSpecs
      that take a page name parameter. Previously, match_created_before(),
      match_created_after(), match_sourcepage(), and match_destpage()
      did not support that, and the docs were not clear.
    * pinger: Get whole url, don't just head, avoids problems on
      the nostromo web server.
    * Recommend libterm-readline-gnu-perl since that makes auto.setup
      behave better.
* Wed Jan 07 2009
  - new version 3.01:
    * ikiwiki-makerepo: Fix injecting of empty mercurial and bzr repositories. Closes: #510518
    * Fix documentation about git hook to use right name. Closes: #510393
    * yesno: Always accept English even when localised.
    * yesno: Also accept 1 and 0 as input.
    * A recent change to gitweb removed support for the form of
      diffurl that many ikiwiki setups use. Document how to use the
      new url form.
    from 3.0:
    * Support for uploading attachments.
    * Can rename and remove pages and files via the web.
    * Web based setup.
    * Blog-style comments as an alternative to Discussion pages.
    * Many other new plugins including htmlbalance, format, progress, color, autoindex, cutpaste, hnb, creole, txt, amazon s3, pinger, pingee, edittemplate
    * The RecentChanges page is compiled statically, not generated from the CGI.
    * Support for additional revision control systems: bzr, monotone
    * Support for untrusted git push.
    * A new version (3.00) of the plugin API, exporting additional commonly used functions from
    * Nearly everything in ikiwiki is now a plugin, from WikiLinks to page editing, to RecentChanges.
    * Far too many bug fixes, features, and enhancements to list here.
* Fri Nov 14 2008
  - new version 2.70
    * Avoid crash on malformed utf-8 discovered by intrigeri.
    from 2.69:
    * Avoid multiple ikiwiki cgi processes piling up, eating all memory,
      and thrashing, by making the cgi wrapper wait on a cgilock.
      If you had to set apache's MaxClients low to avoid ikiwiki thrashing your
      server, you can now turn it up to a high value.
    * Stop busy-waiting in lockwiki, as this could delay ikiwiki from waking up
      for up to one second. The bailout code is no longer needed after above
    * Remove support for unused optional wait parameter from lockwiki.
    * aggregate: Try to query XML::Feed for the base url when derelevatising
      links. Since this needs the just released XML::Feed 0.3, as well
      as a not yet released XML::RSS, it will fall back to the old method
      if no xml:base info is available.
    * meta: Plugin is now enabled by default since the basewiki uses it.
    * txt: Do not encode quotes when filtering the txt, as that broke
      later parsing of any directives on the page.
    * Fix the link() pagespec to match links that are internally recorded as
    * Add rel=nofollow to recentchanges_links for the same (weak) reasons it
      was earlier added to edit links.
    * tag: Normalize tagbase so leading/trailing slashes in it don't break
    * bzr: Fix dates for recentchanges.
    from 2.68:
    * Add support for checking pushes from untrusted git committers. This can be
      used to set up anonymous git pushes, and other similar things.
    * format: New plugin, allows embedding differently formatted text inside a
      page (ie, otl inside a mdwn page, or syntax highlighted code inside a
    * relativedate: New javascript-alicious plugin that makes all dates display
      relative, in a very nice way, if I say so myself.
    * Optimise the no-op post-commit hook, to speed up web edits by a fraction
      of a second.
    * git: Allow [[sha1_commit]] to be used in the diffurl, to support cgit.
    * shortcut: Fix display of shortcuts while previewing.
    * Plugins that used to override displaytime should instead override
      formattime. displaytime will call that, and may wrap markup around the
      formatted time.
    * Add an underlay for javascript, and add ikiwiki.js containing some utility
    * toggle: Stop embedding the full toggle code on each page using it, and
      move it to toggle.js in the javascript underlay.
    * recentchanges: Make feed links point back to anchors on the recentchanges
      page. (JasonBlevins)
    * Fix issue with utf-8 in wikiname breaking session cookies, by
      entity-encoding the wikiname in the session cookie.
    * Use the pure perl Data::Dumper when generating setup files to ensure that
      utf-8 characters are written out as such, and not as the encoded perl
      strings the C Data::Dumper produces.
    * inline: Only the last feed link was put on the page, fix this to include
      all feed links. So rss will be included along with atom, and pages with
      multiple feeds will get links added for all feeds.
    * tag: When tagbase is set, force the links created by tagging to point at
      the toplevel tagbase, and not closer subpages. The html links already went
      there, but internally the links were not recorded as absolute, which could
      cause confusing backlinks etc.
    * Add an inject function, that can be used by plugins that want to
      replace one of ikiwiki's functions with their own version.
      (This is a scary thing that grubs through the symbol table, and replaces
      all exported occurances of a function with the injected version.)
    * external: RPC functions can be injected to replace exported functions.
    * Updated French translation. Closes: #502694
    * Updated Spanish translation from the ever vigilant Victor Moral.
    * Updated Danish translation from Jonas Smedegaard. Closes: #503117
    * Preserve syslog setting when doing `ikiwiki -setup foo -dumpsetup bar`
    * Several fixes to --render mode.
    from 2.67:
    * remove: Avoid $_ breakage. (Stupid, stupid perl.)
    * Updated Spanish translation from Victor Moral.
    * lockedit: Support specifying which users (and IP addresses) a page
      is locked for. This supports most of the ACL type things users have been
      wanting to be done. Closes: #443346 (It does not control who can read a
      page, but that's out of scope for ikiwiki.)
    * orphans: Fix unquoted page name in regexp.
    * google: Plugin provides google site search, contributed by Peter Simons.
    * Pass HTTPS variable through the wrapper so that CGI->https can be used
      by plugins. Closes: #502047
    * inline: Allow MTIME to be used in inlinepage.tmpl.
    * inline: Use the feed's description in the rss and atom links.
      Closes: #502113
    * aggregate: Avoid bug that caused immediate expiration of items
      with a date in the future.
    from 2.66:
    * recentchanges: Fix redirects to non-page files.
    * aggregate: Avoid uninitialized value warnings for pages with no recorded
    * attachment: Add admin() pagespec to test if the uploading user is a wiki
    * git: Fix handling of utf-8 filenames in recentchanges.
    * tag: Make edit link for new tags ensure that the tags are created
      inside tagbase, when it's set.
    * template: Make edit link for new templates ensure the page is located
      under toplevel templates directory.
    * htmlscrubber: Add a config setting that can be used to disable the
      scrubber acting on a set of pages.
    * Expand usage message and add --help. Closes: #500344
    * Beautify urls used in various places. (smcv)
    * Export pagetitle, titlepage, linkpage.
    * htmltidy: Avoid returning undef if tidy fails. Also avoid returning the
      untidied content if tidy crashes. In either case, it seems best to tidy
      the content to nothing.
    * htmltidy: Avoid spewing tidy errors to stderr.
    * Reorganize index file, add a format version field. Upgrades to the new
      index format should be transparent.
    * Add %wikistate, which is like %pagestate except not specific to a given
      page, and is preserved across rebuilds.
    * editpage: Be more aggressive (and less buggy) about cleaning up
      temporary files rendered during page preview.
    * Add an indexpages option, which causes foo/index.mdwn to be the source
      for page foo when foo.mdwn doesn't exist. Also, when it's enabled,
      creating a new page will save it to foo/index.mdwn by default.
      Closes: #474611
      (Sponsored by The TOVA Company.)
    * httpauth: Document that ikiwiki.cgi has to be in a directory subject to
      authentication. Closes: #500524
    * inline: Fix handling of rootpage that doesn't exist.
    * attachment: Support adding attachments to pages even as they are being
    * remove, rename: Allow acting on attachments as a page is being created.
    * Updated French translation. Closes: #500929
    from 2.65:
    * aggregate: Expire excess or old items on the same pass that adds them,
      not only on subsequent passes.
    * editdiff: Broken since 2.62 due to wrong syntax, now fixed.
    * aggregate: Support atom feeds with only a summary element, and no content
    * progress: Display an error if the progress cannot be parsed, and allow
      the percent parameter to only optionally end with "%".
    * Fix reversion in use of ikiwiki -verbose -setup with a setup file that
      enables syslog. Setup output is once again output to stdout in this
    * edittemplate: Default new page file type to the same type as the template.
    * edittemplate: Add "silent" parameter. (Willu)
    * edittemplate: Link to template, to allow creating it. (Willu)
    * editpage: Add a missing check that the page name contains only legal
      characters, in addition to the existing check for pruned filenames.
    * Print a debug message if a page has multiple source files.
    * Add keepextension parameter to htmlize hook. (Willu)
    * rename, remove: Don't rely on a form parameter to tell whether the page
      should be treated as an attachment.
    * rename: Add support for moving SubPages of a page when renaming it.
      (Sponsored by The TOVA Company.)
    * rename: Hide type field from rename form when renaming attachments.
    from 2.64:
    * Avoid uninitialised value when --dumpsetup is used and no srcdir/destdir
    * ddate: Stop clobbering timeformat when not enabled.
    * progress: New plugin to generate progress bars (willu)
    * Add allow_symlinks_before_srcdir to config so websetup doesn't eat it.
    * img: Support sizes like 200x. Closes: #475149
    * goodstuff: Remove otl plugin from the bundle since it needs a significant
      external dependency and is not commonly used. If you use otl, make sure
      you explicitly enable it now.
    * goodstuff: Add more, progress, and table plugins to the bundle.
    * Improve error message if external plugin fails to load. Closes: #498458
    * Directive documentation broken out of the plugin documentation and into
      pages suitable to be used as an underlay. Thanks to Willu for doing most
      of the tedious work.
    * Move the directive documentation into its own underlay, separate from
      basewiki, since it's sorta large compared to the rest of basewiki.
    * listdirectives: Enable use of the directives underlay.
    * Removed the obsolete blog page from the basewiki. ikiwiki/blog still
      remains, but is now deprecated too.
    * Removed old redirecton pages from basewiki (helponformatting,
      markdown, openid, pagespec, preprocessordirective, subpage, wikilink).
    * inline: Treat rootpage as a link, so that it can refer to a subpage
      without hardcoding the path.
    from 2.63:
    * Set cookies HttpOnly.
    * Typo. Closes: #497003
    * Ignore failure to install files into /etc, in case install is running as
    * Work around perl $_ scoping nonsense that caused breakage when loading
      external plugins.
    * style.css: Add missing semicolon. Closes: #497176
    * filecheck: Fall back to testing for binary or plain text files
      if no mime type is detected.
    * table: Support header=column to make the table header be the first
      column of the data. (AlexandreDupas)
    * For fine control over what characters are allowed, unescaped in
      source filenames, the wiki_file_chars setting is added. For example,
      set to "-[:alnum:]+/._" to disable colons from being used in source files
      (which can cause troubl om Windows).
    * po/Makefile: update po files when the pot file has changed.
      Closes: #497951
    * editpage: New core plugin factoring out page editing to allow disabling it
      if desired.
    from 2.62.1:
    * filecheck: Fixed two bits broken in move from attachment.
    from 2.62:
    * Avoid using cp -a (again). (HenrikBrixAndersen)
    * Avoid using hostname -f for portability to eg, OS X, use Net::Domain
      instead, and prompt if it fails.
    * Fix bug in wikiname sanitisation in the setup automator.
    * ikiwiki-makerepo: Added support for monotone. (Thomas Keller)
    * map: The fix for #449285 was buggy and broke display of parents in certain
    * teximg: The prefix is configurable, and has changed to not include the
      nonstandard mhchem by default. (willu)
    * teximg: dvipng is used if available to render images. Its output is
      antialiased and better than dvips. If not available, the old dvips+convert
      chain will be used. (willu)
    * Drop suggests on texlive-science, add suggests on dvipng.
    * listdirectives: New plugin. (willu)
    * filecheck: New plugin factoring out the PageSpec additions that were
      originally part of the attachment plugin.
    * edittemplate: Don't wipe out edits on preview.
    * color: New plugin from ptecza.
    * autoindex: Avoid re-adding previously deleted (or renamed) pages.
    from 2.61:
    * poll: Fix typo that broke plugin.
    * graphviz: Fix breakage of the name of the preprocessor directive.
    from 2.60:
    [ Joey Hess ]
    * Starting with this version, "ikiwiki -setup /etc/ikiwiki/auto.setup"
      can be used create a new wiki in seconds.
    * websetup: New plugin providing a setup form on the web.
    * ikiwiki --dumpsetup can generate a nice setup file snapshotting ikiwiki's
      current configuration.
    * The way wrappers are defined in the setup file has changed. Old setup
      files will continue to work, for now.
    * ikiwiki-transition setupformat can be used to convert a setup file to the
      new format.
    * Version control backends promoted to first-class plugins.
    * ikiwiki-update-wikilist: Add -r switch to remove. Default behavior is now
      always to add.
    * Start moving admin preferences from the web interface to the setup file.
    * Add getsetup hook, all plugins should use it to record information about
      themselves and any fields they add to %config
    * Large amounts of internal config data reorg.
    * ikiwiki-makerepo: Bail if both srcdir and repository are not specified.
      Closes: #493628
    * Clarify some wording in the setup documentation that could maybe lead
      users to putting paths with "~/" in the setup file, which doesn't work.
      Closes: #493835
    * autoindex: Ignore internal pages, and take underlay directories into
      account. Also, avoid making index pages for directories that contain
      no files.
    * external: Fix support for hooks called in an array context.
    * Options set in the setup file are now immediatly loaded by ikiwiki -setup.
      This allows later switches to override them. Previously, setup file
      options overrode most command line options.
    * Added a small icon to the search input box.
    [ Josh Triplett ]
    * Add Suggests on texlive and texlive-science for the teximg plugin
    [ Joey Hess ]
    * inline: Ignore parent dirs when sorting pages by title.
    * rename: Support changing page extensions. (willu)
    * Danish update. Closes: #494632
    from 2.56:
    * autoindex: New plugin that generates missing index pages.
      (Sponsored by The TOVA Company.)
    * Escape HTML is rss and atom feeds instead of respectively using CDATA and
      treating it as XHTML. This avoids problems with escaping the end of the
      CDATA when the htmlscrubber is not used, and it avoids problems with atom
      XHTML using named entity references that are not in the atom DTD.
      (Simon McVittie)
    * Add test for old versions of git that don't support --cleanup=verbatim,
      and munge empty commit messages.
    from 2.55:
    * remove: New plugin that adds the ability to remove pages via the web.
      (Sponsored by The TOVA Company.)
    * rename: New plugin that adds the ability to rename pages via the web.
      (Sponsored by The TOVA Company.) (This one's for you, Kyle.)
    * All rcs backends need to implement rcs_remove, rcs_commitstaged,
      and rcs_rename. (Done for svn, git).
    * This version adds renamepage hooks, which can be used to modify page
      content, including links, during renames.
    * prefix_directives enabled in doc wiki, all preprocessor directives
      converted. (Simon McVittie)
    * editpage: Don't show attachments link when attachments are disabled.
    * tag: Allow tagbase to be overridden by starting a tag with "./" or "/".
      (Simon McVittie)
    * Really fix bug with links to pages with names containing colons.
      Previous fix mised a few cases.
    * Avoid troublesome abs_path calls in wrapper setup.
    * Add allow_symlinks_before_srcdir config setting that can be used to avoid
      a security check that is a good safe default, but problimatic overkill in
      some situations.
    * Don't allow uploading an attachment with the same name as an existing
      page, to avoid confusion.
    * Split out error messages from editpage.tmpl into several separate
    * attachment: Do not escape _ when determining attachment filenames.
    * Rebuild pages that change their type. (Gabriel McManus)
    * monotone: Add support for rename, delete, and also diff. (William Uther)
    * toggle: Fix incompatability between javascript and webkit.
    * bzr: Add support for rename and delete. (Jelmer Vernooij)
    * attachment: Use relative paths when inserting links.
    * toggle: Fix for when html got tidied. Closes: #492529 (Enrico Zini)
    * cutpaste: New plugin by Enrico Zini
* Tue Sep 23 2008
  - fix fileist directory ownership
* Tue Jul 22 2008
  - new version 2.54
* Fri Jun 20 2008
  - new version 2.50
    * img: Support captions.
    * img: Don't generate empty title attributes, etc.
    * img: Allow setting defaults for class and id too.
    * ikiwiki-mass-rebuild: Make group list comparison more robust.
    * search: Work around xapian bug #486138 by only stemming locales
      in a whitelist.
    from 2.49:
    * haiku: Generate valid xhtml.
    * ikiwiki-mass-rebuild: Don't trust $! when setting $)
    * inline: The optimisation in 2.41 broke nested inlines. Detect those
      and avoid overoptimising.
    * search: Converted to use xapian-omega.
    * Filter hooks are no longer called during the scan phase. This will
      prevent wikilinks added by filters from being scanned properly. But
      no known filter hook does that, so let's not waste time on it.
    * Pass a destpage parameter to the sanitize hook.
    * The search interface now allows searching for a page by title
      ("title:foo"), as well as for pages that contain a given link
* Mon Jun 02 2008
  new version ikiwiki 2.48
    * Fix security hole that occurred if openid and passwordauth were
      both enabled. passwordauth would allow logging in as a known
      openid, with an empty password. (CVE-2008-0169)
    * Add rel=nofollow to edit links. This may prevent some spiders from
      pounding on the cgi following edit links.
    * passwordauth: If Authen::Passphrase is installed, use it to store
      password hashes, crypted with Eksblowfish.
    * ikiwiki-transiition hashpassword /path/to/srcdir can be used to
      hash existing plaintext passwords.
    * Passwords will no longer be mailed, but instead a password reset
    * The password_cost config setting is provided as a "more security" knob.
* Mon May 26 2008
  - new version 2.47
    * mdwn: Add a multimarkdown setup file option.
    * If PERL5LIB is set to the libdir when building ikiwiki, calculate and
      hardcode a proper 'use lib' statement anyway. This fixes a gotcha,
      since PERL5LIB won't work once ikiwiki is running via a wrapper or as
      a cgi.
    * orphans: As a special case, the toplevel index page is never considered
      an orphaned page.
    * inline: Display a message if the 'pages' parameter is missing, before
      it just expanded to nothing.
    * git: Skip over signed-off-by and similar lines in commit messages
      when generating recentchanges.
    * ENV can be used in the setup file to override environment variable
      settings, such as TZ or PATH.
    * Perls older than 5.10 need to use the old method of decoding utf-8 in CGI
      values. Neither method will work for all versions of perl, so check
      version number at runtime.
    * Avoid unsightly warning message when evaling broken pagespecs.
    * Improve error message when a pagespec fails to parse.
* Tue May 13 2008
  - new version 2.46
    There were some significant template changes in ikiwiki 2.42 (and 1.33.5).
    If you have locally modified versions of the templates, they need to be
    updated. Most notably, the editpage.tmpl has a new FIELD-SID added to it,
* Tue May 13 2008
  - new version 2.45
    ikiwiki now has an new syntax for preprocessor directives, using the
    prefix '!':
    [[!directive ...]]
    This new syntax no longer relies on spaces to distinguish between
    wikilinks and preprocessor directives.  Thus, wikilinks can use spaces
    in their link text, and preprocessor directives without arguments (such
    as "toc") need not use a trailing space.
    To enable the new syntax, set prefix_directives to true in your ikiwiki
    config.  For backward compatibility with existing wikis,
    prefix_directives currently defaults to false.  In ikiwiki 3.0,
    prefix_directives will default to true, and wikis which have not yet
    converted to the new syntax will need to set prefix_directives to false
    in their setup files.
    To convert your wiki to the new syntax, ikiwiki provides a new script
    ikiwiki-transition.  It will convert preprocessor directives in
    all files given on the command line.  To convert an entire wiki:
    find wikidir/ -type f -name '*.mdwn' -print0 | xargs -0 ikiwiki-transition prefix_directives
    Even with prefix_directives disabled, ikiwiki now allows an optional '!'
    prefix on preprocessor directives (but still requires a space).  Thus, a
    directive which uses a '!' prefix and contains a space will work with
    ikiwiki 2.40 and newer, regardless of the value of prefix_directives.
    This allows the underlay to work with all ikiwikis.
* Wed Feb 20 2008
  - new version 2.32.2
* Thu Feb 07 2008
  - initial version 2.30



Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Oct 18 23:27:06 2021