diff options
| author | Matthew Somerville <matthew-github@dracos.co.uk> | 2019-04-29 19:06:01 +0100 | 
|---|---|---|
| committer | Matthew Somerville <matthew-github@dracos.co.uk> | 2019-05-03 12:06:21 +0100 | 
| commit | 92b253904062edd533e55c22824de6fd01e2f7c1 (patch) | |
| tree | d18f49ff98e87a2aeb6ca6eacc3217183141ec9e /docs/_posts | |
| parent | 5faa1946bda79c31aab04778cb4eb01afa18b473 (diff) | |
Version 2.6.v2.6
Include the usual generate new .pot file, gettext-merge, push to
Transifex, pull from Transifex step.
Diffstat (limited to 'docs/_posts')
| -rw-r--r-- | docs/_posts/2019-04-29-v2.6.md | 37 | 
1 files changed, 37 insertions, 0 deletions
| diff --git a/docs/_posts/2019-04-29-v2.6.md b/docs/_posts/2019-04-29-v2.6.md new file mode 100644 index 000000000..6e74b87f5 --- /dev/null +++ b/docs/_posts/2019-04-29-v2.6.md @@ -0,0 +1,37 @@ +--- +layout: post +title: Version 2.6 +author: matthew +--- + +<div class="r" align="right"> +<img src="/assets/posts/v2.6-image.jpeg" alt=""> +Image © <a href="https://twitter.com/StillWalkers">Ben Waddington</a> +</div> + +Today we have released **version 2.6** of FixMyStreet. + +This release fixes a cross-site scripting security issue where someone could +create a report through the site with a specially constructed query parameter, +and then viewing that report on the admin report edit page would allow the +report creator to run their own JavaScript. We have also released version 2.5.1 +which is identical to 2.5 including this fix. + +There's a new, optional, feature to auto-suggest similar nearby problems while +reporting, to discourage duplicate reports; and the map state is now updated in +the URL to make sharing links easier. A bit more work has been done on +moderation, spotting conflicts and showing moderation history to staff on +report pages, as well as in the admin. + +Mostly this release is bugfixes, please see the +[changelog](https://github.com/mysociety/fixmystreet/releases/tag/v2.6) for +full details. + +## Upgrading + +The admin body and user sections have been refactored – if you have custom +templates/code, you may need to update links to those. + +If you wish the default for the showname checkbox to be checked, you can add +`sub default_show_name { 1 }` to your cobrand file. + | 
