Skip to content

Latest commit

 

History

History
1583 lines (1527 loc) · 83.5 KB

CHANGELOG.md

File metadata and controls

1583 lines (1527 loc) · 83.5 KB

Releases

  • v5.0 (10th May 2023)

    • Front end improvements:
      • Use crosshairs for mobile reporting.
      • Enable keyboard navigation of map. #3321
      • Highlight pin on sidebar focus as well as hover.
      • Map page pagination links now styled as links rather than buttons. #3727
      • Include username in inactive email.
      • Update document title on client-side new report page transition.
      • Disable staff phone and name fields to avoid accidental overwriting.
      • Hide 'Assigned to' text if a report is not assigned to anyone
      • Hide 'Assign to' dropdown if no available assignees
      • Allow 'Asset ID' (part of optional extra data displayed for a report) to be customisable for all cobrands
      • Add initial update template on report sending, not creation.
      • Add option to set an emergency message on reporting pages.
      • Add label to questionnaire textarea. #3944
      • Offline report drafting. #4290
      • Set width=device-width in viewport meta tag. #4384
      • Improve performance of front page ‘recent problems’ query. #4424
    • Bugfixes:
      • Add ID attributes to change password form inputs.
      • Fix link deactivation for privacy policy link on privacy policy page. #3704
      • Fix dashboard rows for categories with &s.
      • Make calls from Geocoder files to https rather than http
      • Inspector dropdown list only shows name once even if permissions repeated #3870
      • Inspector dropdown list doesn't show anonymised users, removing blank options #3873
      • Fix report unassignment so it works for users who did not create the report #3903
      • [Open311] External code removal is not a change.
      • Trim whitespace on extra status codes for response templates
      • The permission default_to_body now also affects updates. #3317
      • Decouple the permission to manage shortlist from default_to_body. #3317
      • Fix issue with sanitizing missing attributes.
      • Include email_text from templates in export-import-data script. #4084
      • Stop map moving when navigating through images with arrow keys.
      • Remember category group through OpenID login.
      • For CSV export, fetch children of all generations.
      • Reset subcategory selection on clicking browser 'back' button during new report journey
      • Fix JS error going back from page to report page to map page
      • Fix existing groups being removed when a contact is edited with the category_groups flag unset.
    • Accessibility improvements:
      • The "skip map" link on /around now has new wording. #3794
      • Improve visual contrast of pagination links. #3794
      • Make map pan/zoom controls keyboard-accessible. #3751
      • Add missing label to alert distance input.
      • Give generated map tiles blank alt attribute.
      • Add fieldset to alert list and improve sort order.
      • Remove unnecessary and add some missing fieldsets.
      • Improve fancybox accessibility (text and focus).
      • Add visually-hidden nearest address in report list.
      • Add a focus state for button-variant mixin.
      • Improved focus state for link images in the local alert page.
    • Admin improvements:
      • Admin 'add user' form now always creates staff users
      • Make sure staff permissions removed when anonymized.
      • Add role filter to dashboard interface.
      • Alerts are paginated on user edit page. #4158
      • Restrict flagging users and reports to superusers.
      • Display photos in report moderation updates, rather than just the image hashes.
      • Add 'admin_contact_validate_category' cobrand hook to validate category names when editing or creating contacts.
      • Restrict timeline to users with the report_edit permission.
    • Development improvements:
      • Default make_css to web/cobrands rather than web.
      • Ability to pass custom arguments (eg: SSL config) to server when running via Docker
      • Allow bin/fetch start/end times to be fractional.
      • Add an --exclude option to bin/fetch.
      • Add an index on problem(external_id) to speed up bin/fetch --updates
      • Upgrade Net::DNS and libwww to deal with IPv6 issues.
      • Add send_state column to updates. #3865
      • Enable alternative response from templates to be emailed to issue reporter. #4001
      • Option to read asset layers from configuration.
      • Add GitHub Action to generate POD documentation.
      • Use digest rather than last modified time for static versioning. #4280
      • Add 'open311_title_fetched_report' cobrand hook for customising how titles are created for fetch reports.
      • Add way to use digest in static filename rather than query parameter.
    • Security
      • Permit control over database connection sslmode via $FMS_DB_SSLMODE
    • Open311 improvements:
      • Increase default timeout.
      • Check for an identical latest update when adding a new one.
    • UK:
      • Add CAPTCHA to contact form for non-UK IP addresses
  • v4.0 (3rd December 2021)

    • Front end improvements:
      • Multi-page form reporting.
      • New aerial map toggle.
      • Send text alerts for report updates to only-phone-verified users.
      • Add options for user to set global notification preferences.
      • Pop over mobile navigation menu. #3270
      • Add support for the OS Maps API. #3328
      • Speed up /report/new/ajax call. #3335
      • Improve #geolocate_link display, especially for smaller screens. #2048
      • Allow email alert radius to be specified. #68
      • Update URL on /my when map moves. #3358
      • Make anonymous updates clearer in email alerts. #3417
      • Add Maidenhead Locator support to search box.
      • Update RSS link when distance box changed. #3624
      • Inspector-managers can assign reports to inspectors in the inspector toolbar.
      • Inspectors & inspector-managers can see who a report is assigned to or 'unassigned' if a report is unassigned.
    • Bugfixes:
      • Fix non-JS form when all extra questions answered. #3248
      • Improve display of disabled fields in iOS.
      • Use div for inspector form wrapped extra questions. #3250
      • Fix Open311 JSON services output. #3279
      • Send email reports in staff-only categories.
      • Fix Gaze sometimes being called twice on /around. #3324
      • Improved alert signup for phone-only user. #3367
      • Fix moderation of update text.
      • Only trigger one refresh going Back to list view. #3476
      • Fix checked order of updates in dashboard export.
      • Fix unable to edit user with verified landline #3295
      • Fix 'sites' page to reflect active fixmystreet sites #2481
      • Fix ordering of dropdown lists in extra questions #3566
      • Fix removal of cached opengraph photos.
      • Do not email inactive body comment users. #3587
      • Look up organizational domain in DMARC checking. #3603
      • Stop slash in category name breaking csv download #3642
      • Fix CSS z-index bug that resulted in the main menu being hidden behind the map on small screens #3686
    • Admin improvements:
      • Assignees of reports are now visible in admin reports list and report edit pages.
      • Enable per-category hint customisation.
      • Move ban/unban buttons to user edit admin page.
      • Add link to user edit admin from report/update edit admin.
      • Improve layout of some admin pages.
      • Include email in inspector form information.
      • Improve wording of new report Private checkbox.
      • No questionnaires on reports as body/anonymous.
      • CSV export, improve Site Used and add Device Type.
      • Always record contributed_by for staff users.
      • Add per-photo moderation. #3055
      • Redaction support for photos.
      • UK Councils no questionnaires for non-updating users
      • Script to export/import response templates, #3549
      • Include non-public report in front page search for staff. #3616
      • Include staff categories in map filters for staff. #3616
    • Development improvements:
      • Include failure count in send report error output, #3316
      • Sort output in export script. #3323
      • Show relevant updates in alert-update email preview. #3417
      • Upgrade jQuery to 3.6.0. #3017
      • Upgrade Mozilla::CA to handle new root certificates.
      • Factor alert script to slightly smaller functions. #3615
      • Add development Docker environment.
    • Open311 improvements:
      • Consistent protected field ordering.
      • Move test handling out of core code.
    • Security:
      • Increase minimum password length to eight.
      • Allow throttling by user login attempts
    • Changes
      • Send contact form emails from do-not-reply address if sender's domain uses DMARC.
    • New features:
      • Roles can now have category restrictions like users.
  • v3.1 (16th November 2020)

    • Security:
      • Store personal access tokens hashed, and only show once, upon generation. #3063
    • New features:
      • Add Open Location Codes support to search box. #3047
    • Front end improvements:
      • Add lazy image loading on list items. #3062
      • Improve Bing geocoder results. #2300 #3086
      • Add option of checking passwords against Have I Been Pwned. #3095
      • Add aerial maps option to Bing and OSM maps. #3041 #3114
      • Select matches for both filter category and group. #3110
      • Add an extra zoom level to most map types. #3130
      • Improve new report form when using phone verification. #3191
      • Add option to set an emergency message on the homepage.
    • Changes:
      • Mark user as active when sent an email alert. #3045
    • Bugfixes:
      • Fix issue with dashboard report CSV export. #3026
      • bin/update-schema PostgreSQL 12 compatibility. #3043
      • Make sure category shown in all its groups when reporting. #3029
      • Do not remove any devolved contacts. #3053
      • Fix double encoding of per-category templates. #3058
      • Return reports in all closed states through Open311.
      • Skip accounts without email when sending inactive emails. #3066
      • Include file extensions in Dropzone accepted photo config. #3098
      • Fix photo orientation in modern browsers. #3098
      • Improve compatibility with G Suite OpenID Connect authentication. #3032
      • Fix duplicate asset message after dismissing duplicate suggestions. #3101
      • Improve moderation diff display in a few small ways. #3105
      • Do not have bootstrap run sudo commands. #2930
      • Fix lookups in templates of categories with &s. #3120
      • Fix a few obscure asset layer changing issues. #3157
      • Fix multiple disable messages for dropdown answers. #3186
      • Do not trigger duplicate check when checking stoppers #3194
      • Do not strip spaces from middle of Open311 category codes. #3167
      • Show all category history even if category renamed. #3181
      • Fix email alert on initial update template. #3209
      • Do not cache the service worker. #3201
    • Admin improvements:
      • Interface for disabling updates/reopening for certain categories. #2991 #2992
      • Include group in CSV export if enabled. #2994
      • Disable category rename on Open311 categories when unprotected. #2957
      • In category admin, group is already shown elsewhere.
      • Add assigned_(users|categories)_only functionality.
      • Inspectors can now include a photo with public updates. #2902
      • Display user name/email for contributed as reports. #2990
      • Interface for enabling anonymous reports for certain categories. #2989
      • Better sort admin user table. #3107
      • Centralise update creation to include fields. #3111 #3123
      • Add full text index to speed up admin search. #3129 #3133
      • Offline process for CSV generation. #3146
      • Allow inspectors to change report asset. #3134 #3150
      • Staff users can use HTML tags in updates. #3143
      • Response templates can include HTML tags. #3143
      • Record whether report made on desktop or mobile. #3199
      • Do not display deleted priorities in inspect form. #3195
      • Include extra fields in submit emails. #3215
      • can remove staff status from users in bulk. #3221
      • super users can mark category names as hard coded. #3227
    • Development improvements:
      • #geolocate_link is now easier to re-style. #3006
      • Links inside #front-main can be customised using $primary_link_* Sass variables. #3007
      • Add option to show front end testing code coverage. #3036
      • Add function to fetch user's country from Gaze.
      • Add cobrand hook to specify custom domain for VERP emails. #3100
    • Open311 improvements:
      • Use devolved data on update sending. #3087
      • Rewrite open311-update-reports to share code and improve functionality. #3092
    • Internal things:
      • Move from Travis to GitHub Actions. #3244
    • UK:
      • Add option for recaptcha. #3050
      • Display search tips when location search returns no results. #3180
      • Add ability to use GOV.UK Notify for text messaging.
  • v3.0.1 (6th May 2020)

    • New features:
      • Provide access to staff-only categories in admin. #2925 #2958
      • Allow anonymous updating if anonymous reporting enabled.
    • Admin improvements:
      • Order unsent reports by confirmed date. #2911
      • Disable staff private tickbox on new reports if category is private. #2961
      • Move stats from main admin index to stats index. #2982
      • Speed up dashboard export and report search. #2988
      • Allow a template to be an initial update on reports. #2973
    • Bugfixes:
      • Application user in Docker container can't install packages. #2914
      • Look at all categories when sending reports.
      • Fixes the To header when sending emails about inactive accounts. #2935
      • Recent reports, use same query regardless of cache. #2926 #2999
      • Match body construction on Around with New setup.
      • Only one duplicate call in progress at once. #2941
      • Stop double escape in Google Maps URL.
      • Refactor/stop double escape in report nav link. #2956
      • Maintain group on pin move with same category in multiple groups. #2962
      • Remove unnecessary margin-right on #postcodeForm. #3010
      • Fix sorting by most commented on /around map view. #3013
    • Development improvements:
      • Refactor Script::Report into an object. #2927
      • Move summary failures to a separate script. #2927
      • Add generic import categories from JSON script.
      • Add script to export/import body data. #2905
      • Add fetch script that does combined job of fetch-comments and fetch-reports. #2689
      • Allow fetch script to parallelize fetching. #2689
      • Do all retry timeout or skip checks in database. #2947
      • Show error page when submitting with web param to /import. #2233
      • Add a daemon option for sending reports and updates. #2924
      • Update Getopt::Long::Descriptive to stop warning. #3003
    • Open311 improvements:
      • Allow save/drop of row extra during sending. #2788
      • Match response templates on external status code over state. #2921
      • Add flag to protect category/group names from Open311 overwrite. #2986
    • Documentation:
      • Remove part about restricting access to /admin. #2937
    • UK:
      • Added junction lookup, so you can search for things like "M60, Junction 2". #2918
  • v3.0 (4th March 2020)

    • Security:
      • Fix XSS vulnerability in pagination page number.
      • Rotate session ID after successful login.
      • Switch to auto-escaping of all template variables (see below). #2772
      • Scrub admin description fields. #2791
    • Front end improvements:
      • Improved 403 message, especially for private reports. #2511
      • Mobile users can now filter the pins on the /around map view. #2366
      • Maintain whitespace formatting in email report/update lists. #2525
      • Improve keyboard accessibility. #2542
      • Report form now indicates that details are kept private if report is made in a private category. #2528
      • Improve map JavaScript defensiveness.
      • Upgrade jquery-validation plugin. #2540
      • Pass ‘filter_category’ param to front page to pre-filter map.
      • Remove on-map Permalink. #2631
      • Darken front page step numbers, and improve nested heading structure. #2631
      • Set report title autocomplete to off to prevent email autocompleting. #2518
      • Add map filter debouncing to reduce server requests. #2675
      • Add XSL to RSS feeds so they look nicer in browsers. #2736
      • Add per-report OpenGraph images. #2394
      • Display GPS marker on /around map. #2359
      • Use nicer default photo upload message. #2358
      • Remove pan control from mobile widths. #2865
      • Use category groups whenever category lists are shown. #2702
      • Display map inline with duplicate suggestions on mobile. #2668
      • Improved try again process on mobile. #2863
      • Improve messaging/display of private reports. #2884
      • Add a web manifest and service worker. #2220
      • Also check filter_category for category choice. #2893
      • Reduce duplicate Permalink.updateLink calls when zooming map. #2824
      • Hide ‘provide extra information’ preamble when no visible fields are present. #2811
      • Improve user flow when JavaScript is not available. #2619
      • Change ‘locate me automatically’ to ‘use my location’. #2615
      • Include ‘submit’ button at very bottom of report form when signing in during report
      • Provide ARIA roles for message controller box.
    • Admin improvements:
      • Add new roles system, to group permissions and apply to users. #2483
      • Contact form emails now include user admin links. #2608
      • Allow categories/Open311 questions to disable the reporting form. #2599
      • Improve category edit form. #2469
      • Allow editing of category name. #1398
      • Allow non-superuser staff to use 2FA, and optional enforcement of 2FA. #2701
      • Add optional enforced password expiry. #2705
      • Store a moderation history on admin report edit. #2722
      • Add user admin log page. #2722
      • Allow report as another user with only name. #2781
      • Allow staff users to sign other people up for alerts. #2783
      • Group categories on body page. #2850
      • Add admin UI for managing web manifest themes. #2792
      • Add a new "staff" contact state. #2891
      • Store staff user when staff make anonymous report. #2802
      • Record first time fixed/closed update sent to reporter in email.
      • Pre-filter ‘all reports’ by area for inspectors
      • show open311 failure details in admin report edit page. #2468
    • New features:
      • Categories can be listed under more than one group #2475
      • OpenID Connect login support. #2523
      • Heatmap dashboard. #2675
      • Allow anonymous submission by a button, optionally per-category.
    • Bugfixes:
      • Prevent creation of two templates with same title. #2471
      • Fix bug going between report/new pages client side. #2484
      • Don't include private reports when searching by ref from front page.
      • Set fixmystreet.bodies sooner client-side, for two-tier locations. #2498
      • Fix front-end testing script when run with Vagrant. #2514
      • Handle missing category when sending open311 reports #2502
      • Fix label associations with category groups. #2541
      • Hide category extras when duplicate suggestions shown. #2588
      • Hide duplicate suggestions when signing in during reporting. #2588
      • Retain extra data if signing in during reporting. #2588
      • Have duplicate suggestion and assets coexist better. #2589
      • Don't include lat/lon of private reports in ‘Report another problem here’ link. #2605
      • Allow contact send method to be unset always. #2622
      • Fix z-index stacking bug that was causing unclickable RSS icons on /alert page. #2624
      • Fix issue with inspector duplication workflow. #2678
      • Fix removal of cached photos on moderation. #2696
      • Checking of cached front page details against database. #2696
      • Inconsistent display of mark private checkbox for staff users
      • Clear user categories when staff access is removed. #2815
      • Only trigger one change event on initial popstate. #2862
      • Fix error when hiding a user's updates with no confirmed updates. #2898
      • Sort reporting categories in display order. #2704
      • Do not clear asset attributes on category change.
    • Development improvements:
      • Upgrade the underlying framework and a number of other packages. #2473
      • Add feature cobrand helper function.
      • Add front-end testing support for WSL. #2514
      • Allow cobrands to disable admin resending. #2553
      • Sass variables for default link colour and decoration. #2538
      • Make contact edit note optional on staging sites.
      • Store email addresses report sent to on the report. #2730
      • Add configuration for setting Content-Security-Policy header. #2759
      • Add banner on staging website/emails, and STAGING_FLAGS option to hide it. #2784 #2820
      • Do not hard code site name in database fixture. #2794
      • Ensure OS dependencies are kept updated in development environments. #2886
      • Enhance inactive scripts to act per-cobrand, or full deletion. #2827
    • Open311 improvements:
      • Support use of 'private' service definition to mark reports made in that category private. #2488
      • Ensure any reports fetched in a category marked private are also marked private on the site. #2488
      • Add new upload_files flag which sends files/photos as part of the POST service request. #2495
      • Allow description in email template with placeholder. #2470
      • Do not store display-only extra fields on new reports. #2560
      • Support receiving updates from external source. #2521
      • Improve JSON output of controller.
      • unset external_status_code if blank in update. #2573
      • Add support for account_id parameter to POST Service Request calls.
      • Do not overwrite/remove protected meta data. #2598
      • Spot multiple groups inside a element. #2641
      • Always update problem state from first comment #2832
    • Backwards incompatible changes:
      • The FixMyStreet templating code will now escape all variables by default. If you need to output HTML in a variable directly, you will need to escape it with the safe filter, e.g. [% some_html | safe %].
  • v2.6 (3rd May 2019)

    • New features:
      • (Optional) auto-suggestion of similar nearby problems, while reporting, to discourage duplicate reports. #2386
    • Front end improvements:
      • Track map state in URL to make sharing links easier. #2242
      • Default to unchecked for show name checkbox. #347
    • Email improvements:
      • Header image file name can be customised
    • Admin improvements:
      • Include moderation history in report updates. #2379
      • Allow moderation to potentially change state. #2381
      • Spot moderation conflicts and raise an error. #2384
      • Allow searching for in admin.
      • Make staff JavaScript more self-contained.
      • Alow staff user to be associated with multiple areas.
      • Improvements to admin checkbox display.
    • Bugfixes:
      • Check cached reports do still have photos before being shown. #2374
      • Delete cache photos upon photo moderation. #2374
      • Remove any use of my $x if $foo. #2377
      • Fix saving of inspect form data offline.
      • Add CSRF and time to contact form. #2388
      • Make sure admin metadata dropdown index numbers are updated too. #2369
      • Fix issue with Open311 codes starting with ‘_’. #2391
      • Add parameter to URL when “Show older” clicked. #2397
      • Don't ask for email on alert signup if logged in. #2402
      • Filter out hidden reports from top 5 list. #1957
      • Add space below "map page" contents on narrow screens.
      • Use relative report links where possible. #1995
      • Improve inline checkbox spacing. #2411
      • Prevent duplicate contact history creation with Unicode data.
      • Show all Open311 extra fields in edit admin.
      • Proper bodies check for sending updates.
      • Check better if extra question has values.
      • Stop filter category overriding chosen category.
      • Allow things to reset if "Pick a category" picked.
      • Stop category_change firing more than it should.
      • Fix extra question display when only one category.
      • Fix superusers creating anonymous reports. #2435
      • Ensure non_public reports aren't exposed at /open311 endpoint.
      • Escape body name in admin title.
      • Use REQUEST_URI, not PATH_INFO, to infer path.
    • Development improvements:
      • Make front page cache time configurable.
      • Better working of /fakemapit/ under https.
      • Improve Open311 error output on failing GET requests.
      • Optionally log failed geocoder searches.
    • Backwards incompatible changes:
      • If you wish the default for the showname checkbox to be checked, add sub default_show_name { 1 } to your cobrand file.
      • The admin body and user sections have been refactored – if you have custom templates/code, you may need to update links to those.
  • v2.5 (21st December 2018)

    • Front end improvements:
      • Simplify new report/update sign in flow. #642
      • Simplify /auth sign in page. #2208
      • Clearer relocation options while you’re reporting a problem #2238
      • Enforce maximum photo size server side, strip EXIF data. #2326 #2134
      • Don't require two taps on reports list on touchscreens. #2294
      • Allow moderation to work without JavaScript. #2339
      • More prominent display of "state" on report page #2350
      • Improved report/update display on contact form. #2351
      • Can limit /reports to non-public reports. #2363
    • Admin improvements:
      • Allow moderation to potentially change category. #2320
      • Add Mark/View private reports permission #2306
      • Store more original stuff on moderation. #2325
      • Sort user updates in reverse date order.
      • Improve update display on admin report edit page.
      • Keep all moderation history, and show in report/update admin. #2329
    • Bugfixes:
      • Restore map zoom out when navigating to /around from /report. #1649
      • Don’t escape HTML entities in report titles pulled in by ajax. #2346
      • Show reopening/fixed questionnaire responses lacking updates. #2357
    • Open311 improvements:
      • Fix bug in contact group handling. #2323
      • Improve validation of fetched reports timestamps. #2327
      • Fetched reports can be marked non_public #2356
    • Development improvements:
      • Add option to symlink full size photos. #2326
      • default_to_body/report_prefill permissions to control default report as/prefill behaviour. #2316
  • v2.4.2 (6th November 2018)

    • New features:
      • Dashboard now has update CSV export. #2249
      • Allow cobrands to override searching by reference #2271
      • Allow cobrands to limit contact form to abuse reports only
    • Admin improvements:
      • List number of alerts on report page #669
      • viewing and managing of user alerts in admin #676
      • Allow moderation to potentially change photos/extra info. #2291 #2307
    • Bugfixes:
      • Add perl 5.26/5.28 support.
      • Fix subcategory issues when visiting /report/new directly #2276
      • Give superusers access to update staff dropdowns. #2286
      • Update report areas when moving its location. #2181
      • Don't send questionnaires for closed reports. #2310
      • Make sure Open311 send_method always recorded/spotted. #2121
    • Development improvements:
      • Add cobrand hook for dashboard viewing permission. #2285
      • Have body.url work in hashref lookup. #2284
      • OSM based map types can now override zoom levels #2288
      • Clearer name for navigation colours in SCSS. #2080
      • script/setup now creates conf/general.yml for Vagrant when needed.
    • Internal things:
      • Move send-comments code to package for testing. #2109 #2170
    • Open311 improvements:
      • Set contact group only if handling cobrand has groups enabled. #2312
  • v2.4.1 (2nd October 2018)

    • New features:
      • Support for storing photos in AWS S3. #2253
    • Front end improvements:
      • Import end point can optionally return a web page #2225
      • Clicking the "Report" header links on the homepage now focusses the #pc search input #2237
      • Speed up fetching lists of bodies. #2248
      • Improve vertical alignment of navigation menu in Internet Explorer 9–11.
      • Mobile menu button no longer uses -9999px text-indent hack.
      • HTML email template for confirming "partial" reports #2263
    • Bugfixes:
      • Fix display of area/pins on body page when using Bing or TonerLite map.
      • Do not scan through all problems to show /_dev pages.
      • Say “Set password”, not Change, if no password set.
      • Do not lose from_body field when edited by non-superuser admin.
      • Fix history API bug with category/state selection.
    • Development improvements:
      • Cobrand hook for disabling updates on individual problems.
      • Cobrand hook for disallowing title moderation. #2228
      • Cobrand hook for per-questionnaire sending. #2231
      • Add option for configuring memcache server.
      • Add Blackhole send method. #2246
      • Add script to list/diff template changes in core that might need applying to a cobrand.
      • Move away from FastCGI in sample conf/sysvinit config.
      • Customised Vagrant box available, with an override option.
      • Add Dockerfile and example Docker Compose setup.
      • Add a sample systemd unit file for the Catalyst application server.
  • v2.4 (6th September 2018)

    • Security
      • Update user object before attempting sign-in, to prevent leak of user account phone number.
    • Front end improvements:
      • Simplify footer CSS. #2107
      • Keep commas in geocode lookups. #2162
      • Show message on reports closed to updates. #2163
      • Only display last 6 months of reports on around page by default #2098
      • Always show all reports by default on /my.
      • Much less reliance on input placeholders, for better accessibility #2180
      • “Report another problem here” button on report confirmation page #2198 #393
      • Button in nav bar now makes it easier to report again in the same location #2195
      • Shrink OpenLayers library a bit. #2217
      • Remove need for separate per-category ajax call. #1201
    • Admin improvements:
      • Mandatory defect type selection if defect raised. #2173
      • Send login email button on user edit page #2041
      • Use do-not-reply address for sent report email.
      • Category group can be edited.
      • Trim spaces from user/report search input.
    • Bugfixes:
      • Don't remove automated fields when editing contacts #2163
      • Remove small border to left of Fixed banner. #2156
      • Fix issue displaying admin timeline. #2159
      • Send details of unresponsive bodies to mobile app #2164
      • Fix issue with category filter when category contains comma #2166
      • Inspectors can unset priority. #2171
      • Defect type is recorded if category change made. #2172
      • [UK] Store body ID on council/ward alerts. #2175
      • Show all fixed issues when staff user uses map page filter #2176
      • Allow any user who can see private checkbox to use it. #2182
      • Prevent duplicate category listing on /my.
      • Hide password help field along with other similar. #2185
      • Allow questionnaire link to be revisited in quick succession. #2123
      • Update Google Maps directions link.
      • Fix inspector pin dragging. #2073.
      • Maintain all single newlines in text output, not only the first.
      • Make sure Home clickable with Try again overlay.
      • Check all contacts for metadata and non-public.
    • Open311 improvements:
      • CLOSED status maps to 'closed' state if extended statuses are enabled.
      • Don't generate template comment text on move between fixed states. #2199
    • Development improvements:
      • Cobrand hook for presenting custom search results. #2183
      • Cobrand hook to allow extra login conditions #2092
      • Add ability for client to set bodies not to be sent to. #2179
      • Make it easier to prevent a form_detail_placeholder being printed. #2212
      • Include user agent in contact form emails. #2206
      • Use site name in contact email subject line.
      • Add /_dev endpoints for previewing confirmation/submission pages. #2218
      • Allow cobrand to add extra ability to moderate. #2216
  • v2.3.4 (7th June 2018)

    • Bugfixes:
      • Fix pin clicking on non-/around pages, broken in 2.3.3.
      • Fix issue displaying anonymous account email.
  • v2.3.3 (6th June 2018)

    • Front end improvements:
      • Extra help text on contact form #2149
    • Admin improvements:
      • Improve inspect form position and configurability.
    • Bugfixes:
      • Prevent contact form leaking information about updates #2149
      • Fix pointer event issue selecting pin on map. #2130
      • Fix admin navigation links in multi-language installs.
      • Fix map display issue clicking back from report page as inspector.
  • v2.3.2 (31st May 2018)

    • Front end improvements:
      • Improve questionnaire process. #1939 #1998
      • Increase size of "sub map links" (hide pins, permalink, etc) #2003 #2056
      • Edge-to-edge email layout on narrow screens #2010
      • Add default placeholder to report extra fields. #2027
      • Clicking the "Click map" instruction banner now begins a new report #2033
      • Homepage postcode input is now marked up as a required input #2037
      • Improved cursor/display of the new report pin. #2038
      • Asset layers can be attached to more than one category each. #2049
      • Cobrands hook to remove phone number field. #2049
      • Check recent reports for any hidden since cached. #2053
      • Asset layer attribution automatically shown. #2061
      • The .internal-link-fixed-header positioning is now much simpler. #2117
      • Added UI to view multiple wards at once on /reports. #2120
    • Bugfixes:
      • Stop asset layers obscuring marker layer. #1999
      • Don't delete hidden field values when inspecting reports. #1999
      • Fix text layout issues in /reports/…/summary dashboard charts.
      • Fix post-edit issues on admin report edit page.
      • Truncate dates in Open311 output to the second. #2023
      • Fix check for visible sub map links after 'Try again'.
      • Stop race condition when making a new report quickly.
      • Set a session timezone in case database server is set differently.
      • Fix SQL error on update edit admin page in cobrands. #2049
      • Improve chart display in old IE versions. #2005
      • Improve handling of Open311 state changes. #2069
      • Don't strip whitespace from user passwords. #2111
      • Make OpenGraph description translatable.
      • Stop double-escaping title in alert-update email.
      • Use inspection states in response template admin.
      • Fixed CSS padding/overflow bug during sidebar "drawer" animations. #2132
      • Response template containing double quote now works.
      • A few small display issues with RTL text display.
      • Improve handling of loading spinner display. #2059
      • Ignore non-interactive layers for asset message.
    • Admin improvements:
      • Inspectors can set non_public status of reports. #1992
      • Default start date is shown on the dashboard.
      • Users with 'user_edit' permission can search for users/reports. #2027
      • Don't send sent-report emails to as-body/as-anonymous reports.
      • Show Open311 service code as tooltip on admin category checkboxes. #2049
      • Bulk user import admin page. #2057
      • Add link to admin edit page for reports. #2071
      • Deleted body categories now hidden by default #1962
      • Display contents of report's extra field #1809
      • Store user creation and last active times.
      • Add scripts to anonymize inactive users and reports, email inactive users, or to close reports to new updates.
      • Admin ability to close reports to new updates. #43
    • Open311 improvements:
      • Fetch problems over Open311 #1986 #2067
      • Option to send multiple photos over Open311 #1986
      • Allow Open311 service definitions to include automated attributes #1986
      • Optionally supress blank Open311 update errors #1986
      • Fetch/store external status code with Open311 updates. #2048
      • Response templates can be triggered by external status code. #2048
      • Enable conversion from EPSG:27700 when fetching over Open311 #2028
      • Add CORS header to Open311 output. #2022
      • Nicer Open311 errors. #2078
    • Development improvements:
      • Cobrand hook for adding extra areas to MAPIT_WHITELIST/_TYPES. #2049
      • send-comments warns about errors when called with --verbose #2091
      • Add HTML email previewer.
      • Add some Cypress browser-based testing.
      • Upgrade Vagrantfile to use Ubuntu Xenial. #2093
      • Add validation to cobrand-specific custom reporting fields.
      • Drop support for IE7, improve IE8 support. #2114
      • Add ability to have category extra help text.
      • Cobrand hook for showing all states in filter.
  • v2.3.1 (12th February 2018)

    • Front end improvements:
      • Zoom out as much as necessary on body map page, even on mobile. #1958
      • Show loading message on initial /around map load #1976
      • Ask for current password/send email on password change. #1974
      • Add minimum password length and common password checking. #1981
      • Nicer display of national phone numbers. #1982
      • 'Report as another user' allows phone number without email. #1978
      • Display loading spinner on map when asset layers are loading. #1991
    • Bugfixes:
      • Fix bug specifying category in URL on /around. #1950
      • Fix bug with multiple select-multiples on a page. #1951
      • Make sure dashboard filters all fit onto one line. #1938
      • Fix issue with red bars on bar graph of many categories. #1938
      • Prefetch translations in /reports list of bodies. #1941
      • Ignore deleted/area-less bodies in dashboard list. #1941
      • Add missing CSS class from final questionnaire question. #1953
      • Fix JavaScript error on /my calculating bounds #1954
      • Change text on /reports to match lower down (fix translation).
      • Ensure all reports graph can't dip downward. #1956
      • Fix error sending requires_inspection reports. #1961
      • Fix timezone related test failure. #1984
      • Restore display of extra fields on inspector form. #1994
    • Admin improvements:
      • Admin can anonymize/hide all a user's reports. #1942 #1943
      • Admin can log a user out. #1975
      • Admin can remove a user's account details. #1944
      • Superusers can have optional two-factor authentication. #1973
    • Development improvements:
      • Add script to remove expired sessions. #1987
      • 'components' parameter can be passed to Google geocoder. #1994
    • UK:
      • Lazy load images in the footer.
  • v2.3 (18th December 2017)

    • New features:
      • Optional verification of reports and updates, and logging in, using confirmation by phone text. #1856 #1872
      • Improved email/phone management in your profile.
      • Don't cover whole map with pin loading indicator. #1874
      • Add Expand map toggle to more mobile maps. #1875
      • Allow multiple wards to be shown on reports page. #1870
      • Add functionality to have per-body /reports page. #1880
      • Open311 category group support. #1923
    • Front end improvements:
      • Paginate reports on /around. #1805 #1577 #525
      • Improve performance of various pages, especially front. #1901 #1903
      • More prominent "Hide pins" link on map pages, to aid reporting in busy areas. #525
      • Optimised sprite file down from 97 KB to 36 KB. #1852
      • SVG assets for core elements like button icons and map controls #1888
      • Remove unneeded 2x PNG fallback images.
      • Improve location disambiguation page on small screens. #1918
      • Don't show geolocation link on non-HTTPS pages. #1915
      • Public report page shows state changes made in admin interface #1846
    • Bugfixes
      • Shortlist menu item always remains a link #1855
      • Fix encoded entities in RSS output. #1859
      • Only save category changes if staff user update valid #1857
      • Only create one update when staff user updating category #1857
      • Do not include blank updates in email alerts #1857
      • Redirect inspectors correctly on creation in two-tier. #1877
      • Report status filter All option works for body users #1845
      • Always allow reports to be removed from shortlist #1882
      • Remove shortlist form from inspect duplicate list. #1889
      • Fix pin size when JavaScript unavailable.
      • Fix display of text only body contacts #1895
      • Prevent text overflow bug on homepage stats #1722
      • Stop page jumping too far down on inspect form. #1863
      • Prevent multiple 'Expand map' links appearing. #1909
      • Superusers without a from_body can make reports again. #1913
      • Fix crash when viewing /around in certain locales. #1916
      • Fix back bug, from report after using list filters. #1920
      • Fix issues with send method category change. #1933
    • Admin improvements:
      • Character length limit can be placed on report detailed information #1848
      • Inspector panel shows nearest address if available #1850
      • Return a 200 rather than 404 for ref ID lookup. #1867
      • Remove hidden from default staff state dropdown. #1878
      • Marking an item as a duplicate enforces providing ID/update. #1873
      • Report field pre-filling for inspectors configurable #1854
      • Admins can now unban users #1881
      • More JavaScript-enhanced <select multiple> elements. #1589 #1892
      • 'Auto-response' flag on response templates is honoured for fetched Open311 updates. #1924
      • Individual cobrands can disable social login #1890
      • Cobrands can disable sending of moderation emails. #1910
      • Store all successful send methods. #1933
    • Dashboard/statistics:
      • Improve/consolidate various admin summary statistics pages, all now under /dashboard. #1834 #1919
      • Add date range for report generation #1885
      • CSV export now has token based authentication. #1911
      • And uses machine-readable dates. #1929
    • Development improvements:
      • Add hook for pre-wrapper content.
      • Include JSON representation of extra fields in category_extras output
      • send-reports will never skip failed reports when using --debug
    • UK:
      • Use SVG logo, inlined on front page. #1887
      • Inline critical CSS on front page. #1893
  • v2.2 (13th September 2017)

    • New features:
      • Body and category names can now be translated in the admin. #1244
      • Report states can be edited and translated in the admin. #1826
      • Extra fields can be added to the report form site-wide. #1743
      • Staff users can now create reports as an anonymous user. #1796
      • Staff users can filter reports by all states. #1790
      • LOGIN_REQUIRED config key to limit site access to logged-in users.
      • SIGNUPS_DISABLED config key to prevent new user registrations.
    • Front end improvements:
      • Always show pagination figures even if only one page. #1787
      • Report pages list more updates to a report. #1806
      • Clearer wording and more prominent email input on alert page. #1829
      • Cobrands can implement hide_areas_on_reports to hide outline on map.
      • Templates to allow extra messages through problem confirmation. #1837
    • Admin improvements:
      • Highlight current shortlisted user in list tooltip. #1788
      • Extra fields on contacts can be edited. #1743
      • Clearer highlight for selected duplicate on inspect form. #1798
      • Include MapIt API key on admin config page. #1778
      • Redirect to same map view after inspection. #1820
      • A default response priority can now be set. #1838
      • Dashboard CSV export includes Northing, Easting and Ward. It also now orders fields by report confirmed time. #1832 #1835
    • Bugfixes:
      • Set up action scheduled field when report loaded. #1789
      • Fix display of thumbnail images on page reload. #1815
      • Fix sidebar hover behaviour being lost. #1808
      • Stop errors from JS validator due to form in form.
      • Stop update form toggle causing report submission.
      • Update map size if an extra column has appeared.
      • Improve performance of various pages. #1799
      • Duplicate list not loading when phone number present. #1803
      • Don't list multiple fixed states all as Fixed in dropdown. #1824
      • Disable email field for logged in people. #1840
    • Development improvements:
      • Debug toolbar added. #1823
      • switch-site script to automate switching config.yml files. #1741
      • make_css --watch can run custom script after each compilation.
      • Upgrade comonlib to get nicer MapIt error message.
  • v2.1.1 (3rd August 2017)

    • Email improvements:
      • Clicking on the map in an email links to the report #1596
    • Admin improvements:
      • Resend report if changing category changes send_method. #1772
      • Do not replace deleted text with [...] when moderating. #1774
      • Show reporter's phone number on inspector form. #1773
      • Redirect to /around after inspecting a report.
    • Bugfixes:
      • Cache template paths in About.pm with lang_code. #1765
      • Resize pin image before compositing onto static map.
    • Development improvements:
      • Use standard JavaScript translation for show/hide pins. #1752
      • Allow update-schema to run on empty database. #1755
      • Update MapIt URL to https in example webserver configs.
      • Option to redirect to custom URL from Contact form.
  • v2.1 (8th July 2017)

    • New features:
      • Allow users to hide their name on reports/updates. #658
      • New /reports page. #1630 #1726 #1753
    • Front end improvements:
      • Resize photos client-side before uploading. #1734
      • CSS header/content/navigation refactoring/simplification. #1719 #1718
      • Consolidate state dropdowns, make sure existing state is included. #1707
      • Simplify footer-marketing.html for most cobrands. #1709
      • Change the contact form Post button label to Send. #1750
      • Add an optional phone field to the contact form. #1750
      • Double resolution pin icons in core. #1713
    • Admin improvements:
      • Don't resend if category change subsets body. #1725
      • Fix styling of 'remove from site' button. #1700
      • Add inactive state to categories. #1757
      • Inspect form:
        • Make more visually distinct, better on medium screens. #1700 #1701
        • Populate defect types dropdown on category change. #1698
        • Update templates when category/state changed. #1729
        • Fix bug when switching state to duplicate and back. #1729
        • Don't preselect inspector template on page load. #1747
      • Allow inspectors to shortlist all reports in view. #1652
      • Subscribe inspectors to updates when state changes. #1694
      • Streamline new reports for inspectors. #1636
    • Bugfixes:
      • Make three strings translatable. #1744 #1735
      • Reinstate geolocation on alert page. #1726
      • Fix clickable spaces on inspect form/ward page. #1724
      • Make sure segmented control input not offscreen. #1749
      • Remove superfluous quote in HTML script element. #1705
      • Add missing closing to base FAQ.
    • Development improvements:
      • Allow static home page template override. #1745
      • Add Debian stretch/perl 5.24 support. #1746
      • Add scripts to rule them all. #1740
      • Update submodule on any Vagrant provisioning. #1702
      • Fix imbalanced paragraph tags in glossary. #1737
      • Spot badly configured SMTP type. #1758.
      • Add MAPIT_API_KEY support
      • Hooks:
        • Add hook for post-title field content in report form. #1735
        • Add hook so cobrands can change pin hover title. #1713
        • Allow cobrands to define pin colour for new reports. #1713
      • Testing:
        • Run each test file in a transaction. #1721
        • Test script should run 't' when other args given. #1721
        • Auto-add strict/warnings/Test::More with TestMech. #1554
        • Fix test that would not run offline. #1712
        • Fix timing edge case test failure.
    • Backwards incompatible changes:
      • The nav-wrapper-2 class has been removed. If you have a custom footer template, replace that class with 'container'. #1718
      • The /reports page now uses different generated data. If you have a custom reports/index.html template, you may need to call update-all-reports with the --table argument.
    • Internal things:
      • Move third party libraries into vendor directories. #1704
      • Stop using sudo on Travis, improve locale support. #1712
      • Add CodeCov coverage testing. #1759
    • UK:
      • Add fixture script. #1720
      • Add Borsetshire demo cobrand. #1717
      • Remove requirement for fixed body IDs. #1721
      • Show all pins on two-tier councils only. #1733
      • Stop nearest request with scientific notation. #1695
  • v2.0.4 (13th April 2017)

    • Front end improvements:
      • On /reports maps, only include reports in view. #1689
    • Admin improvements:
      • Allow comma-separated contact emails in the admin. #1683
    • Bugfixes:
      • Upgrade Facebook 3rd party library to fix Facebook login. #1681
      • Don't error when devolved body, blank send methods. #1374
      • Fix issue with categories with regex characters. #1688
  • v2.0.3 (31st March 2017)

    • Front end improvements:
      • Add ability to make map full screen on mobile report pages. #1655
      • Move staff-only JavaScript to separate file. #1666
      • Show loading indicator when loading pins. #1669
      • Allow users to reopen closed reports. #1607
    • Admin improvements:
      • Redirect to category-filtered /reports on login if present. #1622
      • Follow redirect to /admin after login if allowed. #1622
      • Include /admin link on top-level nav for admin users.
      • Add shortlist filters. #1629
      • Add submit buttons to admin index search forms. #1551
      • Store user object when deleting report. #1661
      • Use name at time of moderation, include superusers. #1660
      • Add customisable defect types. #1674
    • Bugfixes:
      • Fix crash on reports with empty bodies_str. #1635
      • Only output appcache/manifest for shortlist users. #1653
      • Fix placeholder typo in French translation.
      • Make sure report Ajax call is not cached by IE11. #1638
      • Check cobrand users list when admin merging users. #1662
      • Make sure emails are lowercased in admin. #1662
      • Specify options in 'all' status filter. #1664
      • Be clearer if no states selected is not all states. #1664
      • Set up correct environment in cobrand PO script. #1616
      • Allow superuser to leave update when inspecting. #1640
      • Remove duplicate <> around envelope senders. #1663
      • Fix invisible segmented controls in old Webkit. #1670
      • Remove superfluous lists from Open311 JSON output. #1672
      • Upgrade to using Email::Sender. #1639
      • Fix bug if test run c. 55 hours before BST starts.
      • Use lat/lon on inspection form if no local coordinates. #1676
      • Improve translatability of various pages.
    • Development improvements:
      • Send open reports regardless of current state. #1334
      • Clarify ‘inspected’ behaviour. #1614
      • Reduce disk stats. #1647
      • Refactor main navigation into reusable blocks.
      • Add Problem->time_ago for pretty-printed duration.
      • Add external_id field to ResponsePriority.
      • Forward on all bounces as bounces.
      • Use sender in From if From and To domains match. #1651
      • Refactor SendReport::Open311 to use cobrand hooks. #792
      • Do upload_dir check on start up, not each report. #1668
      • Make sure all tests can run offline. #1675
      • Add ability to override Google Maps road style. #1676
  • v2.0.2 (3rd February 2017)

    • Front end changes:
      • Add an offline fallback page with appcache. #1588
      • Improve print layout for report list pages. #1548
      • Rename ‘unable to fix’ as ‘no further action’.
    • Bugfixes:
      • Mark two missing strings for translation. #1604
      • Make sure email is lowercase when signing in. #1623
      • Make sure language included in calls to base_url_for_report. #1617
      • Small CSS homepage fixes.
      • Admin:
        • Fix filtering on shortlist page. #1620
        • Fix 'save with public update' toggle. #1615
    • Admin improvements:
      • Add offline report inspection for inspectors. #1588 #1602 #1608
      • Admin with appropriate permission can see body user who left contribute_as_body report or update. #1601 #1603
      • Include ‘Add user’ link on admin user search results page. #1606
      • Redirect to new user after user creation/edit. #1606
      • Redirect to shortlist after inspection if user has permission. #1612
      • Allow response templates to be associated with a state, and default to that template if report state changed to match. #1587
      • Disable show name checkbox when reporting as someone else. #1597
      • Show response priorities in report list items. #1582
      • Shortlist add/remove icons in report lists and report page. #1582
      • Reordering shortlist buttons in report lists. #1582
      • Default inspect form to save with public update.
      • Drop unneeded Cancel button on inspect form.
      • Use ‘*’ on admin page to signify superuser.
    • Development improvements:
      • Update has_body_permission_to to allow superusers. #1600
      • Move staging flags to their own config variable. #1600
      • Only warn of Open311 failure after a couple, in case it's transient.
      • Only load user body permissions once per request.
      • Return 400/500 for some client/server errors.
      • Fix bad cross-year test.
  • v2.0.1 (16th December 2016)

    • Bugfixes:
      • Fix issue in dragging map in Chrome 55. openlayers/ol2#1510
      • Don't double-decode strftime output, to fix date/time display.
      • Filter category should always carry through to form.
      • Don't fix height of admin multiple selects. #1589
    • Admin improvements:
      • Add duplicate management to inspector view. #1581
      • Open inspect Navigate link in new tab. #1583
      • Scroll to report inspect form if present. #1583
      • Update problem lastupdate column on inspect save. #1584
      • Update priorities in inspect form on category change. #1590
    • Development improvements:
      • Pass test if NXDOMAINs are intercepted.
      • Better path for showing config git version. #1586
  • v2.0 (15th November 2016)

    • Front end improvements:
      • Add HTML emails. #1281 #1103
      • Stop map being underneath content sidebar/header. #1350 #361
      • Use Ajax/HTML5 history to pull in reports and improve map views. #1351 #1450 #1457 #1173
      • Allow multiple states and categories to be filtered. #1547
      • Add sort order options to list pages. #308
      • Invert area highlight on body pages. #1564
      • Allow users to change their own email. #360 #1440
      • Improve change password form/success page. #1503
      • Allow scroll wheel to zoom map. #1326
      • Rename "Your reports" in main navigation to "Your account".
      • Centre map on pin location when creating a report.
      • Zoom into map after second click on marker.
      • Maintain single newlines in text output. #306
      • JavaScript performance improvements. #1490 #1491
      • Allow searching for reports with ref: prefix in postcode field. #1495
      • Improve report form, with public, private, category sections. #1528
      • Only show relevant bodies after category selection.
      • Add update form name validation. #1493 #503 #1526
      • Add CORS header to RSS output. #1540
      • Switch MapQuest to HTTPS. #1505
      • Better 403/404 pages.
    • Admin improvements:
      • Greatly improve report edit page, including map. #1347
      • Improve category edit form, and display extra data. #1557 #1524
      • Hide confirmed column on body page if all categories confirmed. #1565
      • Show any waiting reports on admin index page. #1382
      • Allow user's phone number to be edited, and a report's category. #400
      • Resend report if changing category changes body. #1560.
      • Leave a public update if an admin changes a report's category. #1544
      • New user system:
        • /admin requires a user with the is_superuser flag. #1463
        • createsuperuser command for creating superusers.
        • Feature to create report as body/other user. #1473
        • Add user permissions system. #1486
        • Allow user to have an area assigned in admin. #1488
        • Allow user to have categories assigned in admin. #1563
        • Add inspector report detail view. #1470
        • Add user shortlists. #1482
        • Add response templates and priorities. #1500 #1517
        • Add user reputation and trusted users. #1533
    • Bugfixes:
      • Front end:
        • Fix photo preview display after submission. #1511
        • Update list of TLDs for email checking. #1504
        • Fix form validation issue with multiple IDs. #1513
        • Don't show deleted bodies on /reports. #1545
        • Stop using collapse filter in category template.
        • Use default link zoom for all map types.
        • Don't reload /reports or /my pages when filter updated.
        • Don't show alert email box if signed in.
      • Do not send alerts for hidden reports. #1461
      • Admin:
        • Fix contact editing of Open311 categories. #1535
        • Show 'Remove from site' button based on report. #1508
        • Improve moderation display and email. #855
        • Fix invalid SQL being generated by moderation lookup. #1489
        • Show user edit errors (e.g. blank name/email). #1510
        • Disallow empty name when creating/editing bodies.
        • Fix a crash on /admin/timeline.
    • Development improvements:
      • CSS:
        • make_css: Add output style option.
        • make_css: Follow symlinks.
        • Remove some unused CSS, and simplify full-width. #1423
        • Add generic .form-control and .btn classes.
      • Open311:
        • Tidy up/harden some handling. #1428
        • Add config for request limit, default 1000. #1313
        • Automatically spot co-ord/ID attributes. #1499
        • Make sure passed coordinate is decimal.
      • JavaScript:
        • Use static validation_rules.js file. #1451
        • Remove need to customise OpenLayers built script. #1448
        • Refactor and tidy all the JavaScript. #913
        • Prefer using an auto.min.js file if present/newer. #1491
      • Testing:
        • Speed up tests by stubbing out calls to Gaze.
        • Tests can run multiple times simultaneously. #1477
        • run-tests with no arguments runs all tests.
      • Don’t cache geocoder results when STAGING_SITE is 1. #1447
      • Make UPLOAD_DIR/GEO_CACHE relative to project root. #1474
      • Change add_links from a function to a filter. #1487
      • Optionally skip some cobrand restrictions. #1529
      • Allow contact form recipient override and extra fields.
      • Add server-side MapIt proxy.
    • Vagrant installation improvements:
      • Improve error handling.
      • Don't add a symlink if it is to the same place.
    • Backwards incompatible changes:
      • Drop support for IE6. #1356
    • UK
      • Better handling of two-tier reports. #1381
      • Allow limited admin access to body users on their own cobrands.
      • Add Content-Security-Policy header.

The Open311 adapter code has been moved to its own repository at https://github.com/mysociety/open311-adapter.

  • v1.8.4 (6th July 2016)

    • Security:
      • Fix XSS vulnerability in OpenGraph header and hide/all pins links.
    • Front end improvements:
      • Wrap emails better for differing screen sizes. #1393
      • Fix annoying jump when "Get updates" drawer opened. #1425
      • Improve auth flow taken when return key used. #1433
      • Add and improve more CSRF tokens. #1433
      • Remove default box-shadow. #1419
      • Fix missing margin before reporting form email input. #1418
    • Bugfixes:
      • Redirect correctly if filter used without JavaScript. #1422
      • Remove race condition when starting new report. #1434
      • Fix a couple of display bugs in IE7. #1356
      • Correctly orient preview images. #1378
  • v1.8.3 (3rd June 2016)

    • Admin improvements
      • Add search boxes to admin index page, and move stats. #1295
      • Allow change of email in admin to existing entry. #1207
      • Speed up photo removal. #1400
      • Improve in-place moderation UI. #1388
    • Front end improvements:
      • Improve printing of report page in Firefox. #1394
      • Fallback if request to Gaze fails. #1286
    • Bugfixes:
      • Fix non-working Google Maps layer. #1215
      • Fix map tap sensitivity on some devices. #911 and openlayers/ol2#1418
      • Fix lack of removal of cached update photos. #1405
      • Handle reports/updates by logged in abuse entries.
      • Fix size of grey chevrons.
    • Development improvements:
      • Massive speed increase to CSS compilation. #1414
      • Use only one templating system for emails. #1410
      • Move summary string function to template. #694
      • Consolidate CSS clearfix handling. #1414
      • Disable auto-CRLF conversion on git checkout.
      • Support for Debian Jessie/Ubuntu Xenial.
    • UK only
      • Add standard mySociety footer. #1385
  • v1.8.2 (3rd May 2016)

    • Security:
      • Fix vulnerability in image upload that allowed external command execution.
    • New features
      • Twitter social login. #1377
      • PNG image upload support. #1302 #1361
    • Front end improvements:
      • Switch list item heading from h4 to h3. #1348
      • Preserve category when clicking elsewhere on map.
      • Optimize store logo PNGs.
    • Admin improvements
      • Default new category creation to confirmed. #1266
      • Use better link to reports on admin body page.
    • Bugfixes:
      • Show right body user form value for fixed reports. #1369
      • Cope with a '/' in body name slug. #574
      • Ignore empty entries in the image upload IDs.
      • Use transparent border in tips/change_location. #1380
    • Development improvements:
      • Allow cobrands to control front page number colours.
      • Refactor email handling to use Email::MIME alone. #1366
      • Improve testing on Mac OS X.
      • Prevent dev sites auto-creating session.
      • Display used send method in debug line.
      • Remove unused cobrands. #1383
      • Finally combine remaining base/fixmystreet templates.
      • Don't warn on bad photo hashes.
      • Skip fetched updates if they're out of date range. #1390
      • Store Open311 error in report on failure. #1391
  • v1.8.1 (23rd March 2016)

    • Front end improvements: - Remember user's last anonymous state. #150 - Remove auto-scrolling of sidebar on pin hover. #1344 - Better multiple image display for reports/updates. #1325 - Improve accessibility of pretty radio buttons and photo inputs.
    • Bugfixes: - Make sure preview image doesn't hide error. #1361 - Don't double-decode geocoded addresses. #1359 - Ensure top of reporting form is shown. #787 - Other updates for Perl 5.20/5.22. #1358
    • Development improvements: - Add cobrand-specific custom reporting fields. #1352
  • v1.8 (2nd March 2016)

    • New features:
      • Facebook login. #1146
      • Multiple photo upload support, with new UI. #190 #825 #1300
    • Front end improvements:
      • Pad internal update links so they are in view. #1308
      • Move alert page "recent photos" out of sidebar. #1168
      • Clearer relationship between map pins/list items. #1094
      • Consistent styling for updates on /report and /my pages. #1312
      • Stop a top banner overlapping header contents/improve CSS. #1306
      • Improve design of some error pages.
    • Performance improvements:
      • Reduce memory usage. #1285
    • Bugfixes:
      • Default the Google map view to hybrid. #1293
      • Prevent SVG chevron being stretched in Firefox. #1256
      • Better display/internationalisation of numbers. #1297
      • Fix cobrand restriction of My/Nearby. #1289
      • If app user logged in, perform alert signup. #1321
      • Spot media_url in Open311 GetServiceRequestUpdate. #1315
      • Improve disabled input behaviour (no hover, ensure faded).
      • Fix co-ordinate swapping bug in Google geocoder.
      • Exclude update alerts from summary alert counts.
      • Skip sending if any body marks it for skipping.
      • Upgrade Net::SMTP::SSL to fix email sending issue.
    • Development improvements:
      • Add generic static route handler. #1235
      • Store reports summary data by cobrand. #1290
      • Better handling replies to bounce addresses. #85
      • Combine more base/fixmystreet templates.
      • Add OpenStreetMap URL to report email.
    • Admin improvements:
      • Don't allow blank email/name to be submitted. #1294
      • Handle multiple photo rotation/removal in admin. #1300
      • Fix typo in admin body form checked status.
    • UK only
      • Make sure front page error is visible. #1336
      • Don't show app next step if used app. #1305
      • House Rules. #890 #1311
  • v1.7.2 (6th July 2016)

    • Security:
      • Fix XSS vulnerability in OpenGraph header and hide/all pins links.
  • v1.7.1 (3rd May 2016)

    • Security:
      • Fix vulnerability in image upload that allowed external command execution.
  • v1.7 (23rd October 2015)

    • Front end improvements:
      • Add right-to-left design option. #1209
      • Add state/category filters to list pages. #1141
      • Include last update time in around/my page lists. #1245
      • Show report details more nicely on a questionnaire page. #1104
      • Improve email confirmation page (now matches success pages). #577
      • Update URL hash when mobile menu navigation clicked. #1211
      • Add public status page showing stats and version. #1251
      • Accessibility improvements to map pages. #1217
      • New default OpenGraph image. #1184
      • Turkish translation.
    • Performance improvements:
      • A number of database speed improvements. #1017
    • Bugfixes:
      • Translate report states in admin index. #1179
      • Improve translation string on alert page. #348
      • Fix location bug fetching category extras.
      • Workaround DMARC problems. #1070
      • Fix padding of alert form box. #1211
      • Pin Google Maps API version to keep it working. #1215
      • Upgrade Google geocoder to version 3. #1194
      • Fix script running when CDPATH is set. #1250
      • Fix retina image size on front page. #838
      • Process update left as part of questionnaire, to catch empty ones. #1234
      • Make sure explicit sign in button clicks are honoured. #1091
      • Adjust email confirmation text when report not being sent. #1210
      • Fix footer links in admin if behind a proxy. #1206
      • Use base URL in a cobrand alert for a report without a body. #1198
      • Fix potential graph script failure in perl 5.16+. #1262
    • Development improvements:
      • Error logging should now work consistently. #404
      • CSS
        • Streamline navigation menu CSS. #1191
        • Streamline list item CSS. #1141
        • make_css now follows symlinks. #1181
        • Use a sass variable for hamburger menu. #1186
        • Write progress of make_css_watch to terminal title. #1211
      • Templates:
        • Remove final hardcoded "FixMyStreet" from templates. #1205
        • Combine a number of base/fixmystreet templates. #1245
      • Installation:
        • Make sure submodules are checked out by Vagrant. #1197
        • Remove Module::Pluggable warning in newer perls. #1254
        • Bundle carton to ease installation step. #1208
      • Translation:
        • Improve ease of running gettext-extract. #1202
      • Add standard app.psgi file.
      • Add link to volunteer tickets in README. #1259
      • Use Modernizr to decide whether to show mobile map. #1192
      • Prevent potential session cookie recursion. #1077
      • Allow underscore in cobrand name/data. #1236
      • Add a development URL to see check email pages. #1211
  • v1.6.3 (6th July 2016)

    • Security:
      • Fix XSS vulnerability in OpenGraph header and hide/all pins links.
  • v1.6.2 (3rd May 2016)

    • Security:
      • Fix vulnerability in image upload that allowed external command execution.
  • v1.6.1 (31st July 2015)

    • Bugfixes:
      • Fix bug introduced in last release when setting multiple areas for a body in the admin. #1158
      • Don't have default "name >= 5 characters"/"must have space" checks, as Latin-centric #805
    • New features:
      • Danish translation.
    • Front end improvements:
      • Fix “All Reports” table headers on scroll. #50
      • Add time tooltips to All Reports table headings. #983
      • Fix sidebar running over the footer on alerts page. #1168
    • Admin improvements:
      • Add mark as sent button. #601
      • Add link to comment user ID from body form if present. #580
      • Add MapIt links from body page/ report co-ordinates. #638
      • Show any category extra data. #517 #920
      • Mark users who have moderate permission. #990
      • Allow editing of body external URL.
      • List a report’s bodies more nicely.
    • UK specific improvements:
      • Explain gone Northern Ireland councils. #1151
      • Better messaging for councils refusing messages. #968
  • v1.5.5 / v1.6 (10th July 2015)

    • Security:
      • Fix vulnerability in login email sending that could allow an account to be hijacked by a third party.
      • Time out email authentication tokens.
      • Update dependency to fix issue with Unicode characters in passwords.
    • New features:
      • Chinese translation.
    • Front end improvements:
      • Add “Report” button in default mobile header. #931
      • Use ‘hamburger’ menu icon in mobile header. #931
      • Resize map pins based on zoom level. #1041
      • Improve report meta information display. #1080
      • Display message on body page when reports list is empty.
    • Bugfixes:
      • Fix issue with shrunken update photos. #424
      • Fix typo in footer role="contentinfo".
      • Default Google maps to satellite view. #1133
      • Update Bing Maps parameter ID.
    • Development improvements:
      • Add ability for map pages to filter by category/state. #1134 (this is currently on a couple of cobrands, to add to base soon)
      • Allow cobrands to specify ordering on all reports page.
      • Use mocked Nominatim in tests to cope with bad connections.
      • Add Extra role to ease use of the {extra} database field. #1018
    • UK specific improvements:
      • Add dog poop poster. #1028
  • v1.5.4 (25th February 2015)

    • New features:
      • Stamen toner-lite and Bing Maps tiles.
      • Czech and part-done Lithuanian translations.
    • Front end improvements:
      • Nicer confirmation pages, with next steps template example. #972
      • Always show report/update confirmation page, even if logged in. #1003
      • Expire cached geolocations after a week. #684
    • Bugfixes:
      • Make sure all co-ordinates are stringified/truncated. #1009
      • Correct "Open Street Map" to "OpenStreetMap". #1021
      • Only create timezone objects once, at startup.
    • Development improvements:
      • Remove need to specify en-gb in LANGUAGES. #1015
      • Mac installation improvements. #1014
      • Make use of jhead and Math::BigInt::GMP optional. #1016
      • Link from admin config page to MapIt. #1022
      • Test URLs for confirmation pages.
      • New configuration variable for setting up behind a secure proxy.
    • UK specific improvements:
      • Output easting/northing on one line. #997
      • Output Irish easting/northing in Northern Ireland. #822
  • v1.5.3 (21st January 2015)

    • New features:
      • Satellite map toggle option on Google Maps view. #1002
      • Greek translation.
    • Bugfixes:
      • Fix cron-based email to use configured SMTP settings. #988
      • Update UNIX_USER variable on installation setup of crontab. #974
      • Improve make_css finding of bundled compass when in symlink. #978
      • Remove hard-coded site name from submit email template.
      • Allow forked repository pull requests to run on Travis.
      • Fix title of Privacy page, and other minor text fixes.
      • CSS: add some bottom content padding and fix a tiny map links issue.
    • Development improvements:
      • Replace site_title cobrand function with site-name web template. #979
      • Remove need for 'cron-wrapper' to run scripts. #852
      • Rename 'test-wrapper' to 'run-tests'. #999
      • Add client_max_body_size nginx config option. #995
      • Tidy up bin directory and #! lines.
    • Admin improvements:
      • Add staging email warning on admin body pages if needed. #982
      • Add admin navigation link to Configuration page. #1005
      • Better URL for body category editing.
  • v1.5.2 (17th December 2014)

    • Hide unneeded heading on default footer.
    • Suppress 'Argument "" isn't numeric' warning on admin report edit page.
    • [UK] Don't show topic form field when reporting abuse.
    • Use token in moderation response URL to prevent hidden report leak.
  • v1.5.1 (12th December 2014)

    • Bugfixes
      • Use correct cobrand signature in SendReport emails. #960
      • Fix double encoding of non-ASCII signature in emails. #961
      • Use area-based alerts by default, as they function correctly. #959
      • Set DefaultLocale appropriately when language set, for date display.
    • Open311
      • Better error if Open311 server returns a nil service list.
      • Cope better with Open311 server not liking a blank jurisdiction_id.
    • Installation/developer improvements:
      • Add a script to use a test database for running tests. #786
      • Make base FAQ more generic, move out UK-specific parts. #753 #935
      • Provide guidance at top of example config file.
      • Don't install open311-endpoint feature by default.
  • v1.5 (19th November 2014)

    • Installation/developer improvements:
      • Support for Ubuntu Trusty Tahr 14.04 LTS. #921
      • Install bundler for more stable gem installation. #923
      • Rewritten graph generation programs in Perl. #924
      • Front end report moderation code. #809
    • Admin improvements:
      • Pagination of admin search results. #909
      • Validation of category details. #556
      • Removed overhang in body categories table. #738
      • Add encouraging message about support. #929
      • Tweak summary output on bodies page. #516
      • Move diligency table to bottom of page. #739
    • Front end:
      • Map page sidebar now flush with edges of window. #381
      • Simplify z-index usage, with other tidying. #673
      • Filtering of All Reports by category in URL. #254
      • More template generalisation, moving UK-specific stuff away. #344
    • Bugfixes:
      • Fixed JavaScript-disabled submission in Chrome/Firefox. #932
      • Show logged in message as success, not error. #357
      • Remove opacity from map controls on mobile.
      • Escape category in RSS feeds.
    • Internationalisation:
      • Add Albanian, Bulgarian, Hebrew, and Ukranian .po files.
  • v1.4.2 (14th July 2014)

    • Maintenance release to deal with failing package installation. #832
    • User additions/improvements:
      • New links from /reports to open/fixed reports. #798
      • Better detection of signing in on /auth form. #816
    • Installation/developer improvements:
      • Allow SMTP username/password to be specified. #406
      • Correct GitHub link in Vagrantfile.
      • Error correctly if cron-wrapper fails to run.
      • Rename default web templates directory to base.
      • Move UK-specific text to separate templates. #344
      • Upgrade bundled cpanm. #807
  • v1.4.1 (23rd May 2014)

    • Don't run some cron scripts by default, and rejig timings, to alleviate memory problems on EC2 micro instances. #640
  • v1.4 (16th May 2014)

    • User improvements:
      • Adds some guidance on an empty /my page. #671
      • Auto-selects the category when reporting if there is only one. #690
      • Stops indenting emails a few spaces. #715
      • Email template updates. #700
    • Installation/developer improvements:
      • Makes it easier to change the pin icons. #721
      • Sends reports on staging sites to the reporter. #653
      • Adds a no-op send method to suspend report sending. #507
      • Improves the example Apache config. #733
      • Includes a nicer crontab example. #621
      • New developer scripts:
        • make_css_watch. #680
        • geocode. #758
      • Adds external_url field to Bodies. #710
      • Reinstates Open311 original update fetching code. #710 #755
      • Pins sass/compass versions. #585
      • Adds new MAPIT_GENERATION variable. #784
    • Bugfixes:
      • Fixes MapQuest and OSM attribution. #710 #687
      • Remove cached photos when deleted from admin.
      • Tiny bugfixes processing Open311 updates. #677
      • Correctly sets language in email alert loop. #542
      • Cron emails use EMAIL_DOMAIN in Message-ID. #678
      • Minor fixes for Debian wheezy.
      • Graph display of fixed states.
      • Slight CSS simplification. #609
    • Internal things:
      • Improves the robustness of Carton installation. #675
      • Doubles the speed of running tests on Travis.
  • v1.3 (12th November 2013)

    • Changes cobrand behaviour so if only one is specified, always use it. #598
    • Allows multiple email addresses to be given for a contact.
    • Bugfixes to pan icon placement, and bottom navbar in Chrome. #597
    • Admin improvements
      • Search by external ID. #389
      • Date picker in stats. #514
      • Mark external links. #579
      • Fix for bug when changing report state from 'unconfirmed'. #527
      • Improve lists of report updates.
      • Add marking of bodies as deleted.
      • Show version number of code on config page.
    • Test suite runs regardless of config file contents. #596
  • v1.2.6 (11th October 2013)

    • Upgrades OpenLayers to 2.13.1, for e.g. animated zooming.
    • Adds facility for using Google Maps via OpenLayers. #587
    • Swaps installation order of Perl modules/database, more robust. #573
    • Renames default FakeMapIt "Default Area" to "Everywhere". #566
    • Adds a "current configuration" admin page. #561
  • v1.2.5 (13th September 2013)

    • Adds various useful hints and notices to the admin interface. #184
    • Improves the install script, including an example Vagrantfile
    • It is now easier for tests to override particular configuration variables should they need to.
  • v1.2.4 (5th September 2013)

    • A fix for the long-standing issue where multiline strings were not being translated (reported at abw/Template2#29 )
    • Better translation strings for "marked as" updates, fixes #391
    • Less noise when running the tests
  • v1.2.3 (2nd September 2013)

    • Maintenance release to deal with failing installation
    • Improves reuse of make_css and shared CSS
    • Removes hardcoded UK URLs on a couple of admin error emails
    • Marks a couple of strings missing translation
    • Updates mapquest URLs
  • v1.2.2 (26th July 2013)

    • Maintenance release to deal with failing installation
    • Improves the Google Maps plugin somewhat, though still needs work
  • v1.2.1 (5th June 2013)

    • Maintenance release to deal with failing carton installation
    • Test and module fixes for installation on Debian wheezy
    • Module fixes for running on Travis
    • The install script adds gem environment variables to the user's .bashrc so that make_css can be run directly after installation
    • make_css automatically spots which cobrands use compass
    • Adds some missing states to the admin report edit page
  • v1.2 (3rd May 2013)

    • Adds MAPIT_ID_WHITELIST to allow easier use of global MapIt
    • Adds postfix to the install script/ AMI so emailing works out of the box
    • Adds an extra zoom level to the OSM maps
    • Adds the Catalyst gzip plugin so HTML pages are gzipped
    • Fixes an issue with the All Reports summary statistics not including some open states, such as 'in progress'
  • v1.1.2 (15th March 2013)

    • Includes the cpanfile now required by carton, the Perl package management program we use.
  • v1.1.1 (22nd February 2013)

    • Hotfix to fix missed iPhone width bug
  • v1.1 (22nd February 2013)

    • Adds bodies, so that the organisations that reports are sent to can cover multiple MapIt administrative areas, or multiple bodies can cover one area, and other related scenarios
    • Admin display improvements
    • Internationalisation improvements, especially with text in JavaScript
    • Various minor updates and fixes (e.g. a --debug option on send-reports, and coping if MapIt has its debug switched on)
  • v1.0 (24th October 2012)

    • Official launch of the FixMyStreet platform