## Changes OpenConferenceWare stable releases and changes included, with latest at top: ### master - Improved gem packaging ### v1.0.0.pre1 - Converted to a Rails engine - Packaged as a gem: open_conference_ware - Added a generator to set up config files and seed data - Updated documentation to reflect new packaging ### v0.20131209 - **[!] This is the final release that will be distributed as a Rails application, future releases will be packaged as a gem, providing a Rails engine** - Upgraded to Rails 4.0.2 - Enabled the Rails asset pipeline - Dropped support for Ruby 1.8.7 ### v0.20131201 - **[!] This is the final release to support Ruby 1.8.7** - Upgraded to Rails 3.2 - Look and feel is now based on Bootstrap, not on the Open Source Bridge site - Replaced outdated authenticaiton system with OmniAuth - Improved database support ### v0.20130830 - Locked down a few dependencies for compatibility - Fixed timezone issues in test - Improved documentation ### v0.20130720 - Added Twitter card metadata to proposal pages. - Disabled XML parameter parsing, a security workaround for CVE-2013-0156. - Disabled YAML parsing in JSON parsing code, security patch for CVE-2013-0333 - Disabled rich text editing for snippets - Include accepted-but-not-confirmed proposals in admin schedule - Improve status notification system. - Updated bridgepdx theme for 2014 conference. ### v0.20121002 - Added speaking experience to proposals. - Added audience level to proposals. - Added PDF generation for per-room schedule sheets. - Added support for waitlisted sesssions. - Added the ability to notify speakers of their selection status and request confirmation. - Added a script to generate a user favorites contention report. - Add JSON output for Events, Rooms, and Tracks. - Improved selector votes. - Tweak schedule styling. - Improved spec coverage. - Updated bridgepdx theme for 2013 conference. ### v0.20110630 - Fixed "remember me" feature for logging in through a token. - Fixed session type and proposal validations. - Improved event management experience. - Added CSV exports for speakers. - Added capistrano tasks to download production data - Added customizable agreement field to settings - Improve documentation. - Updated bridgepdx theme for 2012 conference. ### v0.20110429 - Added support for session audio linking and playback to session pages. - Added selection committee voting interface. - Fixed issues with Rails caching. - Updated bridgepdx theme for 2011 conference. - Improved exception notification emails. ### v0.20100818 - Fixed iCalendar exporter to skip items without a "start time" and not set the "end time" unless one is defined. - Fixed proposal to only show a speaker's sessions for the related event, not all events. - Fixed schedule to display time in local timezone. - Fixed session's notes link by using URL escaping. - Improved iCalendar exporter to add speaker names to excerpt. - Improved XML and JSON exporter to include all useful fields in all models. - Improved proposals to show the session's type only if multiple types are defined. - Improved schedule to also show items not assigned to rooms. - Updated `rake bridgepdx:wiki:populate` to work with new libraries. ### v0.20100518 - Fixed schedule of user favorites so it's only displayed when the schedule is published. - Fixed schedule so admin can view an unreleased schedule with collisions but without room assignments. - Fixed schedule items (e.g., coffee breaks) so that they're displayed for an event. - Improved schedule so admins can view it before it's published or sessions are assigned to rooms. - Improved schedule so that it'd display scheduled items even if they're not assigned to rooms yet. - Added task to import schedule for an event from a CSV file: `rake schedule:import:csv`. - Added menu link on 'bridgepdx' header to BoF event if they're available. ### v0.20100429.1 - FIXED Event, added uniqueness validations to slug and title fields. - FIXED `rake clear` to expire the compiled javascripts. - FIXED cache consistency, rollbacks now cause expirations so that cache doesn't store stale data. - Improved performance of shared fragments, they're now only regenerated as needed and use fast preloaded data. - Improved performance of user favorites, they now only load the proposal ids for more efficient transfers. - Improved models, added cascade deletes to avoid leaving orphaned records after parents are deleted. - Improved "README", described the various custom environmental variables that affect the application's behavior. - Improved performance of event loading code by checking identifiers rather than loading entire objects. - Added QueryTrace plugin, it shows where database queries are done. Set QUERYTRACE=1 environmental variable to use. ### v0.20100429 - Fixed "rake setup" and "rake setup:sample": these now drop, create and populate the database correctly. - Improved admin interface, added a way to "accept and decline" a proposal in one step, as pair for the existing "accept and confirm". - Improved the "README.markdown" documentation. ### v0.20100408.1 - FIXED proposal creation: the acts-as-taggable 1.1.9 plugin was buggy, reverted to 1.1.5. ### v0.20100408 - SECURITY flaw fixed: The buggy "restful_authentication" plugin used by OpenConferenceWare and OpenProposals let users without email addresses that had used the "remember me" feature to sometimes login as other users without email addresses that had also used the "remember me" feature during the same day. All known operators running this software were notified and sent patches in advance of this notification. Because authentication was handled by OpenID, a compromise could not be escalated and there was no password to steal, the worst thing an attacker could do was edit your profile and proposals. - FIXED handling of multiple events: reworked layout, header, menu, favorites, tracks, etc. - FIXED autoincrement id in the events table, which could prevent creation of new events. - FIXED "rake setup:sample" to work with an empty database. - FIXED exception handling to display clearer messages and correctly handle rendering errors in the layout. - FIXED "/events/EVENTID/proposals/stats" to use per-event caching. - CHANGED Gem dependencies to use Bundler. You must install the "bundler" gem and run "bundle install" to install the application's dependencies. If you're using the Capistrano deploy task, install Bundler and its "deploy" task will automatically install the other dependencies. - CHANGED "bridgepdx" theme for 2010, it uses a new menu that provides a way to choose events and their associated data. - Added shared fragments to provide a common heaer for Rails app, WordPress blog and wikis, these are local files that are included into these different applications. - Added task to update thumbnails: `rake paperclip:refresh CLASS=User` - Added factory_girl library, factories and additional specs. ### v0.20100218 - FIXED event-related checks to use a proposal's event when possible, rather than the current event, since these aren't always the same. - FIXED scrolling to a specific field on the admin's "Manage event" page. - Added #scroll_to helper, which scrolls the page to an HTML element. - Added "cap db:use" task to dump and download remote database and restore it locally. - Improved "rake db:raw:*" tasks to support proper database dump and restore for MySQL, PostgreSQL and SQLite3. - Upgraded to jQuery 1.3.2 and jwysiwyg 0.6. ### v0.20100206.1 - FIXED rake use when not running the "test" environment. ### v0.20100206 - FIXED Event#underway? typo that would throw exception in schedule. - Improved Proposal's session notes wiki linkage to use flexible URLs. - Improved Proposal's export to iCalendar to include a time zone. - Improved Room, added picture of room. - Improved Proposal to only sort in a few specific ways. - Improved DeferProxy, made it simpler and more transparent. ### v0.20090616 - FIXED bug that showed proposal statuses (e.g., "Accepted session") before these statues were published. They're now only shown if the Admin sets the "Proposal statuses published?" flag on an event. - FIXED the login "remember me" feature. Previously it was ignored. - FIXED proposals feeds. Made top-level "/proposal.atom" and event-specific "/events/2009/proposals.atom" feed. Also fixed the feed article timestamps so proposals aren't relisted if edited. - FIXED the views to use "record-controls" wrappers around controls. - CHANGED logic for finding the current event: first try using the "settings.yml" file's "current_event_slug" field and find an event with a matching slug, else use the old latest-deadline logic. Setting a current event is necessary if you have multiple open events and want a specific one to respond to URLs like "/proposals". - CHANGED anonymous user's label from something like "myopenid.com" to "User #123 at myopenid.com", which is much clearer. - CHANGED "rake db:dump" and "rake db:restore" to "rake db:raw:dump" and "rake db:raw:restore" to avoid collisions with YamlDB. - Improved "rake db:raw:dump" and "rake db:raw:restore" to support both SQLite and MySQL. - Improved proposal form, if an event has a single track or session type, it's used as the default and no UI is shown. This helps child events, e.g., parent has many tracks, child has one track. - Improved events, added parent/child relationships between them. Change these these associations via the Admin's manage events UI. - Added user favorites, these show up as stars next to all proposals. - Added speaker list, e.g., "/events/2009/speakers". - Improved display of sublists (e.g., a user's sessions and proposals). These list links back to sessions and display favorites. - Improved CSV exports for proposals and added these to speakers. - Improved session sidebox, added room and scheduling information. ### v0.20090605 - FIXED schema/migrations for MySQL, it was truncating important columns to 255 characters. This fix upgrades these "varchar(255)" columns to "text": proposal descriptions, schedule items excerpts and descriptions, snippets descriptions, and tracks descriptions. If you were using SQLite, you were not affected by this bug. ### v0.20090524 - FIXED layout, it no longer raises an exception if there's no event. - FIXED cache expiration, it no longer raises an exception if called when there's no cache directory. - FIXED events#index and events#show, they now keep flash notifications, these were previously getting discarded. - FIXED schedule, it now only displays proposals that are confirmed and scheduled, previously it displayed proposals that were just scheduled. - Added event slugs. These provide unique string identifiers for events (e.g., "2009bof"), rather the old integer identifiers (e.g., 2009). - Improved proposal's admin UI, the room and schedule controls are only shown if the proposal is in a confirmed state. - Added new CSV export system that provides more flexible exporting. - Added DeferProxy, a clearer way to defer expensive queries. ### v0.20090516 - Added schedule. It can be displayed as HTML or imported as iCalendar and hCalendar data. New admin interfaces provide ways to create and manage ScheduleItems, non-session scheduled items such as a lunch break, and toggle whether the schedule is available to the public. A new "schedule:import:google_spreadheet" rake task is provided for importing schedule data from Google Spreadsheets as an alternative to using the per-item and bulk edit interfaces for setting the schedule. - Improved the ProposalsController#sort_proposals method to use arguments rather than params, making it much easier to use and extend. - Improved Track color handling with Color objects to make fancy color transformations easy. ### v0.20090514 - FIXED lookup of current event when no events where in the database. - FIXED compatibility with Ruby 1.8.6p111, which doesn't have Enumerable#count. - Added association from rooms to events. - Added "rake export:speakers" task. ### v0.20090505 - FIXED bug introduced by new ruby-openid and passengerl libraries that broke logins. - FIXED bug introduced by new RubyGems library that broke Time::today. - Refactored sorting and caching code used by proposals#index and proposals#sessions_index. Added specs. - Added "rake tags" task that automatically uses ctags or rtags. - Added initial support for publishing schedule as iCalendar. ### v0.20090425 - Added support for displaying sessions differently than proposals. - Added heavy caching to proposals and sessions indexes. - Added helpers to display main and sub navigation based on proposal status and portion of the site being used. - Improved user profiles, added Twitter and Identi.ca handles, and Blog URL. - Improved proposals, sessions and schedule, if non-admin visits these paths before status is published, they'll be redirected away. - Improved NormalizeUrlMixin to validate multiple URLs at once. - Improved boot, added check that ensures migrations have been applied. - Improved documentation. ### v0.20090416 - FIXED login to work with current versions of ruby_openid and Passenger. - FIXED schema, made it compatible with other databases. SQLite was too lax. - HACKED proposal#edit, allowing owners to edit forever. This will be revised. - Improved manage/events#proposals, added display of proposal counts by - status to bulk editor. - Improved proposal#edit, added instructions for asking other speakers to complete their profile so they can be added. - Improved users#show, added a "me" route for accessing current user's profile via . - Added users#complete_profile, which provides a way to complete a person's profile, typically offered as link to . - Improved database support, added MySQL. See "config/database~mysql.sample.yml" for sample. - Improved caching support, added memcache. See "lib/rails_cache_configurator.rb" for details. - Improved caching, added many caches and eliminated many queries. - Added "rake clear:cache" task which empties memcache or filesystem caches. ### v0.20090412 - Improved logit, made it more efficient by avoiding calls based on log level. - Added cucumber specifications for comments. - Added cucumber (rake features). - Upgraded rspec, switched to gem-based dependency. ## Older Changes Below are the list of OpenProposals versions by GIT id (latest is at top) and the changes made to them: ### 6098fe90a3e652a7e57497f31fa38d2df8912dd1 - IMPROVED: ExceptionHandlingMixin now notifies on InvalidAuthenticityToken exceptions. ### 3a07223c1ed0d59d6f0bdcba83be519c9db4f81b - FIXED: ExceptionHandlingMixin now catches InvalidAuthenticityToken errors. ### a9e00d9d22dcc16b53d2e8f1a5d167b53b69a9a2 - FIXED: themes/*/layouts/application.html.erb now doesn't raise exceptions if @events wasn't assigned. - FIXED: AuthenticationSystem#current_user now works in specs when no one is logged in. - IMPROVED: ExceptionHandlingMixin now sends errors even if error template rending fails. - IMPROVED: ApplicationController#can_edit? now works on Proposals and Users. ### 85dcb7365a455d5b21de80ec04e54c271d47e913 - Published source code