## Changelog for gitit-0.9.0.1

Version 0.9.0.1 released 15 Feb 2012 * Fixed bug in fromEntities that caused text to be lost in the page source after semicolons. Thanks to Perry Wagle for reporting the bug. * Updated code to run on happstack 7. * Removed dependency on happstack-util; depend on base64-bytestring instead. * Updated gitit.cabal to include footnotes.js (Ben Sinclair). Version 0.9 released 29 Feb 2012 * Gitit now uses the latest pandoc (1.9.x) and happstack-server (6.6.x), and compiles on ghc 7.4.1. * Added Docx, AsciiDoc, and DZSlides as export formats. * HTML slide show exports are now "self-contained": they embed all required js, css, and images, so they can be used offline. * Allow spaces in usernames (Juraj Hercek). * Improve PDF/RTF exports containing images in the wiki. Wikidata paths are translated to absolute ones, so pandoc/pdflatex can find them (Juraj Hercek). * Protect against XSS in slide show exports. Previous versions of gitit sanitized wikipages, but not HTML slide shows. * Table of contents is now in a div with ID TOC, so it can be styled. * Removed letter and word spacing from print.css. * Added s5 directory to static. This is needed by pandoc 1.9. * Updated Interwiki plugin (gwern). * Added fromEntities to Types, since decodeCharacterReferences is no longer exported from Pandoc. Added dependency on tagsoup. * Provided FromReqURI instance for [String], since this is not automatic with recent happstack. Version 0.8.1 released 02 Sep 2011 * Support mathjax as a math option. Added MathJax as MathMethod, and mathjax as an option in the 'math' config field. Resolves GoogleCode 122. * Added xss-sanitize configuaration option. Setting it to 'no' turns off sanitization, enabling file:// URLs and other things that get filtered out by xss-sanitize. * Listen interface explanation on help file could be more clear (#266) (andyring) * Add the new configuration option 'absolute-urls'. When turned on, this makes wikilinks absolute w.r.t. the base-url. By default, they are relative. So, for example, in a wiki served at the path 'wiki', on a page Sub/Page, the wikilink '[Cactus]()' will produce a link to '/wiki/Cactus' if absolute-urls is on, and otherwise the relative link 'Cactus'. Patch due to lemmih. * Change default listen address to 0.0.0.0. * Serve svg file as image, not source code! * Page history: use 'limit' instead of restricting to past year. limit defaults to 100. If 100 are displayed, you'll get a "Show more..." link that will increase the limit. Also fixed bug that caused a 404 when no history was returned. * Require pandoc >= 1.8.2. * Allow build with happstack-server 6.2. * Updated for use with xss-sanitize 0.3, which uses Text. New dependency on text. Version 0.8.0.1 released 07 Jun 2011 * Fixed file upload problem with recent versions of directory package. (Thanks to Oliver Braun.) * Relaxed some version upper bounds. Version 0.8 released 13 May 2011 * Uses happstack 6. * Added textile and org export formats, textile page format. * Added support for RPXNow authentication, based on a patch from Pasqualino Titto Assini. * Added authentication-required field in config. * If set to 'modify', authentication is required to modify the wiki. * If set to 'read', atuhentication is required to view the wiki. * If set to 'none', authentication is never required, and pages can be edited anonymously. API changes: * currentUser moved to Authentication module * requireAuthentication added to Config * Added AuthenticationLevel type * requireUser renamed authenticate, parameter for AuthenticationLevel added; requireUserThat renamed authenticateUserThat * MathML and jsMath now work in the preview pane (Sean Seefried). * Use footnotes.js for fancy footnote styling (gwern). * Added a --listen parameter to specify the listen device (Timo B. Hübel). * Removed withInput. * Replaced fileContents with filePath in Params. * Fixed bug in uploadForm.js which caused a prefix to be added in the default wikiname. Version 0.7.3.12 released 01 Feb 2011 * Use pandoc 1.8. * New export formats: textile, org. * New page form: textile. Version 0.7.3.11 released 28 Jan 2011 * Allow time 1.2. Version 0.7.3.10 released 26 Jan 2011 * Updated for filestore-0.4.0.2. Gitit should now compile with ghc 7. Note: It may be necessary to supply the --disable-library-for-ghci flag to 'cabal install highlighting-kate'. Version 0.7.3.9 released 25 Jan 2011 * Removed dependency on cautious-file. It no longer seems to be actively maintained, and the current configuration does not compile on windows. * Removed dependency on datetime package. It is no longer maintained. Everything can be done just as well with the time package. * Depend on filestore >= 0.4 (without datetime dependency). * Bump version bounds on hslogger, network and HTTP. * Support for GHC 7.0 in Plugins (thanks to Max Bollingbroke). * Use xss-sanitize for sanitizing HTML. Previously pandoc's sanitization was used, but this will be removed in the next pandoc release. xss-sanitize is a more complete solution, and also prevents people from messing up layout by inserting unbalanced </div>. * Updated Feed module to make it decouplable from gitit. * jQuery.load wasn't working on Safari. Use jQuery.post instead. Also, the convert function was not always in scope. (It is only in scope when MathML is enabled?) We check if it is defined before calling it. (Thanks to Sean Seefried.) * Export Page module. * Templates are in data directory * Fixed bug in Subst plugin (Lars Petersen). Subst plugin could not deal with non-existing pages, resulting in an server error when trying to substitute with an absent file. This patch now creates a link to the page in order to create it. * Added alt attribute to logo. Version 0.7.3.8 released 24 July 2010 * Fixed MathML in Slidy and S5 exports. * Use languagesByFilename instead of languagesByExtension in isSource. Version 0.7.3.7 released 24 July 2010 * Depend on pandoc >= 1.6, highlighting-kate >= 0.2.7.1 * Added epub and slidy export formats. * Require happstack >= 0.5. * Added google math option (uses google charts api). Slightly modified from a patch by lpeterse. * Made WebArchiver plugin more parallel (gwern). * Fixed Dot plugin to work with GHC 6.12. We were having string encoding issues reading the output of dot with readProcess. Solution is to pass dot an output filename so we don't have to read its output. Version 0.7.3.6 released 05 May 2010 * Fixed ODT/PDF export for files in subdirectories. Resolves Issue #81. * Fix image URLs before calling the ODT or PDF processors * Added plain text export format. * Raised upper bound for datetime, parsec, and happstack dependencies. * Fix wikilinks to they don't get a leading slash. This reverts a bug introduced by 2128afb070b7, which added leading slashes to wikilinks, breaking them for people using gitit as a library on a path other than /. Version 0.7.3.5 released 21 Mar 2010 * Returned to using pandoc's MathML writer option. This is fixed in pandoc 1.5.0.1. Depend on pandoc >= 1.5.0.1. Version 0.7.3.4 released 21 Mar 2010 * Use custom readFileUTF8 (exported in Network.Gitit.Util) instead of broken System.IO.UTF8. This way we have a uniform solution for GHC 6.10 and 6.12, and don't have to use CPP tricks. This change fixes categories on GHC 6.12. Resolves Issue #98. Version 0.7.3.3 released 21 Mar 2010 * Reverted to handling math in MathML mode in the old way, using a transform, rather than relying on pandoc's MathML writer option. The latter was causing amazing CPU and memory usage, for reasons I don't yet understand. This should fix the problem for now. * Fixed caching for unicode page names. * Added max-page-size config option. Thanks to Jinjing Wang for the patch. * Prevented _expire/ from failing if the page is not cached. * Fixed URL encoding for pages. (Note: Don't use + for spaces; that breaks the Ctrl-R cache expiration.) Version 0.7.3.2 released 20 Mar 2010 * Fixed editing of pages when max-upload-size=0. max-upload-size should not double as max-page-size. Resolves Issue #96. Version 0.7.3.1 released 20 Mar 2010 * Changed "In" to "in" in MathMLinJS.js link. Version 0.7.3 released 20 Mar 2010 * Added PDF export option and pdf-export config field. (Based on a patch by gwern.) * Added markdown export. * Use pandoc's new MathML math mode for more efficient MathML. * Improved multi-wiki example code in haddocks. * Added session-timeout config setting. * Config module: Added readSize (recognizing K,M,G suffix). Previously readNumber always recognized K,M,G suffixes, but these only make sense in some contexts (not e.g. for times). * Added Subst plugin (thanks to gwern). * Added notes on PDF caching and idle. * Fixed table of contents in wiki pages (resolving Issue #91). * Added pandoc-user-data config option, allowing the user to specify a directory with e.g. templates that override the defaults used for exported pages. * Fix filesToClean GHC panic when loading plugins on GHC HEAD * Fixed problem with doubled // in updir links. Resolves Issue #88. * Updated interwiki plugin. * Fixed caching for feeds. Thanks to brian.sniffen for pointing out the need to normalize the time diff. Resolves Issue #87. * Improved Feed module (gwern). * Use line anchors from highlighting-source, so that you can link directly to a particular line in a source file. * Disable upload functionality if maxUploadSize is 0. * Exported queryGititState, updateGititState, Network.Gitit.Layout. Exported filledPageTemplate. (Thanks to tphyahoo.) Split off and expose createDefaultPages. Exposed compilePageTemplate. * Use charset=utf-8 on output from Layout. * Use isUnescapedInURI with escapeURIString rather than isAllowedInURI. The latter does not escape % signs. Version 0.7.2 released 02 Jan 2010 * Now compiles with GHC 6.12. Version 0.7.1 released 02 Jan 2010 * Updated exports to work with pandoc 1.4. * Began updating to work with GHC 6.12. (Still untested; there may be further issues involving filestore.) Version 0.7 released 20 Dec 2009 * Updated cabal file to allow happstack 0.4. * Added support for the new mercurial filestore backend. (Depending on filestore >= 0.3.4.) * Depend on xml >= 1.3.5. This fixes a bug in the display of mathml. Previously the self-closed tags in matrices with empty cells confused browsers and caused them to construct the DOM incorrectly. The problem is fixed by using xml's new ppcElement function to render the MathML without self-closed tags. * Depend on pandoc >= 1.3. * Properly handle UTF-8 in config files. * Moved option parsing code from Config module to main program. The Config module now exports getConfigFromFile instead of getConfigFromOpts. This should be more useful for those using gitit as a library. * Use wikiTitle config field in default HTML title. * Improved search results: + Highlight search terms in search results. Partially resolves Issue #76. + Made search results message uniform when no results. + Search: don't match page name against empty patterns. + Allow search matches on subdirectory part of page name. + Search: catch error status from filestore search. Filestore <= 0.3.3 does not properly handle the error status returned by later versions of 'git grep' when no match is found. The problem has been fixed in darcs filestore. * CSS tweaks: + Removed base-min.css, folded necessary styles into screen.css. + Removed 'text-align: left' for th from CSS reset. * Feed improvements: + Modified feed handling so that feeds validate. + Perform proper escaping in Feed.hs (thanks to gwern). + Don't reveal author email in feeds. + Sitewide feed is /_feed/ (with trailing slash). + Add "http://" to base-url config option if needed. * Use + for spaces in URLs linking to wiki pages and folders. * Updated plugins: + Updated Interwiki plugin (gwern). + Modified WebArchiver plugin to make Alexa requests (gwern). Version 0.6.6 released 06 Nov 2009 * Require filestore >= 0.3.3, which closes a security vulnerability. * Don't allow web file uploads to the static or templates directory, even if these are subdirectories of the repository directory. We don't want users uploading new CSS, javascript, or templates that might break the site. * Renamed gitit-dog.png -> logo.png in data/static/img. This way the logo will show up even without a local img directory. Thanks to Thomas Hartmann for the patch. * Return 404 when page not found. Thanks to Richard Fergie. * Improved layout of Export button. * Added links for atom feeds to sitenav.st and pagetools.st, to make the feeds more discoverable. * Minor code safety improvements. * Check for commit messages consisting of whitespace. Commit messages consisting only of whitespace characters are rejected by Git as empty. Gitit should behave similarly. * Allow gitit to start up if custom template directory not found. Thanks to Thomas Hartmann. * Fixed incorrect usage of nullGroup (a debugging function). Thanks to Thomas Hartmann. Version 0.6.5 released 06 Oct 2009 * Added metadata to Page and Context, provided askMeta for plugins. This patch gives plugins access to all of the key/value pairs in the page metadata block. Thanks to Dan Cook. * Added PigLatin plugin to demonstrate use of askMeta. * Display informative message on authentication failure. * Fixed library stanza in cabal file so plugins are properly enabled. Version 0.6.4 released 28 Sep 2009 * Fixed preview javascript so that tex math works properly in preview. Version 0.6.3 released 27 Sep 2009 * Fixed MathML conversion so it doesn't happen when exporting to non-HTML output formats. * Fixed shadowing on page templates: previously page.st was always taken from the defaults, even if a modified version existed in templates/. * Modified YUI CSS reset so that ordered list enumerators can be styled properly. * Modified showPage to work with both POST and GET requests. Version 0.6.2 released 25 Aug 2009 * Use "reference obfuscation" for emails, rather than javascript obfuscation, which seems to interfere with preview. Resolves Issue #59. Version 0.6.1 released 25 Aug 2009 Instructions for upgrading from 0.5.3: - If you were using a Haskell configuration file, you will need to create a new configuration file. 'gitit --print-default-config' will print a self-documenting default configuration file in the new format, which you can modify. - If your wiki contains discuss pages of the form 'foo:discuss.page', rename them to '@foo.page'. - Delete template.html and the static directory so that these will be replaced by the newest versions when you run gitit. If you have customized these, you should back them up first, then merge your changes into the new versions after they are created. (Note that template.html will be replaced by a templates/ directory.) Summary of main changes: * Added support for plugins -- dynamically loaded Haskell programs that transform pages. See the haddock documentation for Gitit.Interface for plugin documentation. The plugins directory contains several sample plugins. * Gitit's configuration file is now a text file with key-value pairs, rather than a Haskell file. The default configuration file (which can be printed using gitit --print-default-config contains comments that document all of the options. * Pages may now be written in (limited dialects of) LaTeX or HTML, as well as markdown and reStructuredText. The default format is determined by a configuration option, but can be overridden on a per-page basis using metadata (see below). The default Front Page and Help page are created in the default format specified by the configuration file. In addition, syntax help is now displayed to the left of the editing box when a page is being edited. * Pages may be written in literate Haskell, using either bird style with markdown or reStructuredText, or LaTeX style with LaTeX. Literate Haskell can be made the default or specified on a per-page basis. * Gitit now exports a library, Network.Gitit, that makes it easy for any happstack application to embed a gitit wiki. * Added optional atom feeds, for whole site (at /_feed) and for individual pages (at /_feed/path/to/page). Feeds are cached with a configurable expiration time. * Completely new caching system. Caching is turned off by default and can be enabled by a configuration option. Complete pages are cached on disk and expired when pages are revised through the web interface. When pages are modified directly through a VCS, the cache must be refreshed manually, either by pressing Ctrl-R while viewing a page, or by sending an HTTP request to /_expire/path/to/page, or by using the included program expireGititPath. The new system is much faster than the old in-memory cache, because it avoids the considerable overhead of filestore calls to get the current revision id. * To make whole-page caching possible, the user login/out box has been made into an ajax request to /_user. jQuery is now loaded on every page. * Math is converted to MathML by default (using the texmath library), and a javascript is linked in that renders it correctly in IE+mathplayer, Firefox, and Opera. The 'math' configuration setting can alternatively be set to 'jsMath' (to use jsMath javascript, which is more portable but ugly and slower) or 'raw' (plain LaTeX code). * Routing changes for better handling of web spiders. Instead of "/foo?history" we now have "/_history/foo"; instead of "/foo?edit" we haev "/_edit/foo"; etc. This makes it possible to exclude web spiders from non-cached pages by excluding URLs that start with '/_'. A default robots.txt file is now provided. Users need not do anything special for this to be enabled. * The authentication system has been revised and made much more flexible. In the configuration file, you can specify either 'form', 'http', or 'generic' as authentication-method. Form authentication is the old form-based gitit authentication system. HTTP authentication presupposes that the wiki pages are locked down under HTTP authentication; the gitit user will be set to the username used for HTTP authentication. Generic authentication takes the username from the REMOTE_USER request header. When gitit is being used as a library, one can specify a custom withUser filter (which determines the logged in user and sets REMOTE_USER accordingly) and a custom authHandler (including handlers for /_login, /_logout, and whatever else is needed). * Security fix: Gitit did not verify that a change password request is genuine when it receives the final POST. It has been changed to re-verify the reset code, otherwise an attacker could simply steal anyone's account by spoofing a POST request. (Thanks to Robin Green.) * template.html has now been replaced by a directory, templates/, with separate templates for each component of a page. * Added /_reloadTemplates action that recompiles the templates. (By default the templates are compiled only on startup.) * Gitit's form-based authentication now includes a "password reset" email. Slightly modified from a patch from Henry Laxen. * The naming scheme for discussion pages has changed: the discussion page for foo is now @foo, not foo:discuss. Reason: Windows, and thus darcs, does not like colons in filenames. * Improved logging, with configurable verbosity. * Major code reorganization and cleanup. Gitit has been moved under the Network namespace. The old WebT handlers are replaced by new ones in ServerPartT. 'handle' has been removed; instead, we use happstack's routing combinators. Configuration and filestores are now passed around in a reader monad, in WikiState. (This also allows different wikis to have different configurations.) Most handlers have been simplified so that they no longer require Page and Params arguments. A new function, 'withInput', is used to avoid the need to pass Params between handlers. * The static handler now "falls back" to the cabal data directory if the requested file is not in "static" (or staticDir). So the user need no longer have a copy of the standard gitit CSS, javascript, and image files in "static" (unless these are to be overridden). This should make updates easier. By default only 'custom.css' and 'logo.png' are put in the user's static directory. * Similarly, the templates in "templates" "fall back" to defaults in the cabal data directory. By default only 'footer.st' is put in the user's static directory. * Gitit State now includes a renderPage function. This is more flexible than storing a page template, since the user may want to use a custom page rendering function, even one not based on string templates. * Added Network.Gitit.ContentTransformer module (thanks to Anton van Straaten). The ContentTransformer module replaces Gitit.Convert. It defines a number of single-purpose combinators that can be combined to yield various kinds of content conversions. These are used to define showPage, preview, showHighlightedSource, and other handlers that used to be defined in Gitit.hs. * Verify in delete POST requests that filetodelete parameter matches page. * Fixed revert when called from diff pages. Revert now reverts to the older of the two revisions being compared. * Revamped auto-merging: user must now verify an edited page after a merge, even if there were no conflicts. * Fixed Content-Disposition header on export so that filenames have proper extensions. * Updated for happstack-server-0.3.3. Since this version of happstack supports UTF-8, gitit's old manual decoding and encoding were removed. * Use fileServeStrict instead of fileServe. Resolves Issue #57. * 'limit' is no longer used in search. The way it worked before was confusing, since it limited total matches (usually to just a few files) rather than limiting the number of matches in each file. * rdgreen's cautious-file library is now used to write the gitit-users file. This makes it less likely that the file will be corrupted on a power outage or hardware failure. * Redirects set properly after account creation. If users go from the Login form to the Register form, they are no longer redirected back to the Login form after creating an account. * indexPage now uses filestore's new 'directory' function. It shows one directory at a time. Subdirectories link to further index pages. This improves on the old javascript folding interface, which did not preserve state. (Thanks to Thomas Hartman for suggestions.) * URLs of the form /a/b/ are now equivalent to /_index/a/b. * Improvements and bug fixes to deleting. Deleting a non-page now works. You get a nice informative message if you try to delete a nonexistent page or file. * Page names containing "..", "?", or "*", and '_' at beginning are disallowed. Page names may now contain periods. * The "Permanent link" link has been removed. It relied on the sha1 parameter always being set, but we've changed that for performance reasons. * Gitit can now be proxied to a subdirectory path. Thanks to Henry Laxen for the idea and patches. See README for instructions. * Performance improvements (mostly due to Gwern Branwen): Pages can be compressed (configurable); unneeded filestore calls removed; cache-control: max-age used. * Moved sidebar to end of HTML to make things easier for screen readers. * Moved search box and go box to templates. * Yahoo YUI CSS framework is now used for better consistency across browsers. CSS cleaned up. Icons for page types removed. * Fixed handling of 'forUser' parameter in 'recent activity'. * Made default maxUploadSize 10 Mb. * Renamed AppState -> GititState. Version 0.5.3 released 1 Feb 2009 * Fixed bug which caused jsMath not to load. Version 0.5.2 released 1 Feb 2009 * Fixed cookie problem caused by empty value fields. Version 0.5.1 released 1 Feb 2009 * Major code reorganization, making gitit more modular. * Gitit can now optionally be built using Happstack instead of HAppS (just use -fhappstack when cabal installing). * Fixed bug with directories that had the same names as pages. * Added code from HAppS-Extra to fix cookie parsing problems. * New command-line options for --port, --debug. * New debug feature prints the date, the raw request, and the processed request data to standard output on each request. * Files with ".page" extension can no longer be uploaded. * Apostrophes and quotation marks now allowed in page names.