Skip to content

Releases: decidim/decidim

v0.26.5

13 Feb 10:55
Compare
Choose a tag to compare

Upgrade notes

As usual, we recommend that you have a full backup, of the database, application code and static files.

To update, follow these steps:

  1. Update your Gemfile:
gem "decidim", "0.26.5"
gem "decidim-dev", "0.26.5"
  1. Run these commands to upgrade and make sure you get all the latest migrations:
bundle update decidim
bin/rails decidim:upgrade
bin/rails db:migrate

And then follow the steps and commands detailed in these notes.

Changelog

Added

Nothing.

Changed

Nothing.

Fixed

  • decidim-core: Backport 'Fix: The i18n locales selector is showing a dropdown with 3 languages' to v0.26 #10086
  • Backport 'Lock GitHub actions to Ubuntu 20.04 due to OpenSSL 3.0 issues' to v0.26 #10226
  • decidim-api, decidim-core: Backport 'Fix machine translations at the API' to v0.26 #10292
  • decidim-budgets: Backport 'Correct the "voted for this" string in the budgets component' to v0.26 #10301
  • decidim-conferences, decidim-core: Backport 'Fix translations missing on admin log' to v0.26 #10293
  • decidim-conferences: Backport 'Add correct call for conference speaker' to v0.26 #10294
  • decidim-meetings: Backport 'Fix missing fields on duplicate meetings functionality' to v0.26 #10295
  • decidim-core: Backport 'Fix resource_icon with component or manifest nil' to v0.26 #10296
  • decidim-core: Backport 'Add missing logs for UserGroup block and unblock actions' to v0.26 #10313
  • decidim-admin, decidim-core: Backport 'Don't show the 'unreport' action when user is blocked' to v0.26 #10300
  • decidim-core: Backport 'Add order by in linked_participatory_space_resources' to v0.26 #10303
  • decidim-blogs: Backport 'Move i18n attribute key of Post's body' to v0.26 #10298
  • decidim-core: Improve link handling of the redirect engine (#10306) #10306
  • decidim-proposals: Backport 'Removed "disabled" status from proposals' main categories' to v0.26 #10305
  • decidim-initiatives: Backport 'Respect "rich text editor" setting in Initiatives' to v0.26 #10304
  • decidim-proposals: Backport 'Prevent sending proposal create event until is commited' to v0.26 #10309
  • decidim-initiatives: Backport 'Fix initiatives count in initiatives index page' to v0.26 #10310
  • decidim-blogs: Backport 'Remove unused permissions on Blogs' to v0.26 #10299
  • decidim-admin, decidim-assemblies, decidim-elections, decidim-initiatives, decidim-pages, decidim-participatory processes: Backport 'Fix wrong capitalization in i18n values and add missing keys' to v0.26 #10302
  • decidim-accountability, decidim-initiatives, decidim-participatory processes: Backport 'Added missing localizations' to v0.26 #10308
  • decidim-core: Backport 'Allow blocking a UserGroup' to v0.26 #10315
  • decidim-budgets, decidim-core, decidim-debates, decidim-meetings, decidim-proposals, decidim-sortitions: Backport 'Fix filter URL not updated with the text search input' to v0.26 #10297
  • decidim-admin, decidim-core: Backport 'Fix bug when blocking two UserGroups' to v0.26 #10312
  • decidim-core: Backport 'Fix bug regarding user group moderation action logs' to v0.26 #10314
  • decidim-core: Backport 'User's group endorsement no longer disappears after personal endorsement removed' to v0.26 #10311
  • decidim-assemblies, decidim-conferences, decidim-participatory processes: Backport 'Do not display unpublished spaces in linked spaces' to v0.26 #10345
  • decidim-assemblies, decidim-meetings: Backport 'Display Published meetings in Assembly cell' to v0.26 #10341
  • decidim-admin, decidim-core: Backport 'Fix newsletters unwanted CSS and 404 page on preview' to v0.26 #10355
  • decidim-admin: Backport 'A Valuator should not be able to access Global Moderation' to v0.26 #10349
  • decidim-initiatives: Backport 'Fixing some typos in the english translations' to v0.26 #10362

Removed

Nothing.

Internal

  • Backport 'Lock GitHub actions to Ubuntu 20.04 due to OpenSSL 3.0 issues' to v0.26 #10226

Developer improvements

Nothing.

Unsorted

Nothing.

v0.27.1

15 Nov 12:44
ab333ed
Compare
Choose a tag to compare

Upgrade notes

As usual, we recommend that you have a full backup, of the database, application code and static files.

To update, follow these steps:

  1. Update your Gemfile:
gem "decidim", "0.27.1"
gem "decidim-dev", "0.27.1"
  1. Run these commands to upgrade and make sure you get all the latest migrations:
bundle update decidim
bin/rails decidim:upgrade
bin/rails db:migrate

And then follow the steps and commands detailed in these notes.

Changelog

Added

Nothing.

Changed

Nothing.

Fixed

  • decidim-participatory processes: Backport 'Fix unpublished processes shown in the group process count' to v0.27 #9935
  • decidim-admin: Backport 'Fix global moderation types not translated' to v0.27 #9936
  • decidim-admin: Backport 'Fix updating organization settings in case there were errors' to v0.27 #9939
  • decidim-budgets, decidim-core, decidim-elections, decidim-proposals: Backport 'Do not import resources multiple times' to v0.27 #9943
  • decidim-forms, decidim-surveys: Backport 'Fix form answer attachments breaking the answer view' to v0.27 #9944
  • decidim-comments, decidim-core, decidim-verifications: Backport 'Fix user related absolute URLs' to v0.27 #9946
  • decidim-comments: Backport 'Fix "disappearing" underscores with comments' to v0.27 #9948
  • decidim-admin, decidim-core: Backport 'Fix editor content saving when the content has only one video' to v0.27 #9950
  • decidim-core: Backport 'Fix date/time formats at component forms' to v0.27 #9952
  • decidim-proposals: Backport 'Fix collaborative drafts page when there are errors on the form' to v0.27 #9954
  • decidim-debates: Backport 'Fix the finite value on the debate form when editing an existing debate' to v0.27 #9956
  • decidim-pages: Backport 'Fix exporting and importing a page component' to v0.27 #9958
  • decidim-core: Backport 'Fix webpacker crashes on missing icons' to v0.27 #9960
  • decidim-participatory processes: Backport 'Fix importing participatory process from legacy format' to v0.27 #9963
  • decidim-assemblies, decidim-core, decidim-participatory processes: Backport 'Fix duplicate stats on home page and participatory space main page' to v0.27 #9965
  • decidim-budgets, decidim-core, decidim-proposals, decidim-templates: Backport 'Address Crowdin feedback' to v0.27 #9969
  • decidim-core, decidim-proposals: Backport 'Fix cryptic file validation errors' to v0.27 #9971
  • decidim-core: Backport 'Limit invitation redirects only to paths within the application' to v0.27 #9972
  • decidim-admin, decidim-assemblies, decidim-participatory processes: Backport 'Add malformed file errors when CSV reading fails' to v0.27 #9974
  • decidim-elections: Backport 'Define the component import routes, permissions and controller at votings' to v0.27 #9976
  • decidim-core: Backport 'Fix duplicate user activity records when public spaces have private users' to v0.27 #9978
  • decidim-initiatives: Backport 'Fix initiative sign if the authorization metadata is set to nil' to v0.27 #9980
  • decidim-initiatives: Backport 'Add missing i18n key in Initiatives' to v0.27 #9982
  • decidim-comments: Backport 'Fix commenting field disabled when polling new comments' to v0.27 #9986
  • decidim-core: Backport 'Fix correct resource linking for amendments' to v0.27 #9987
  • decidim-core: Backport 'Fix last activity page showing recently updated records' to v0.27 #9989
  • decidim-core: Backport 'Fix user sign up with invalid name' to v0.27 #9990
  • decidim-core: Backport 'Fix user sign up with invalid name' to v0.27 #9990
  • decidim-admin, decidim-assemblies, decidim-initiatives, decidim-participatory processes, decidim-verifications: Backport 'Add missing active actions on admin navigation menu' to v0.27 #9992
  • decidim-admin, decidim-assemblies, decidim-initiatives, decidim-participatory processes, decidim-verifications: Backport 'Add missing active actions on admin navigation menu' to v0.27 #9992
  • decidim-admin, decidim-assemblies, decidim-initiatives, decidim-participatory processes, decidim-verifications: Backport 'Add missing active actions on admin navigation menu' to v0.27 #9992
  • decidim-initiatives: Backport 'Make initiatives order translatable' to v0.27 #9994
  • decidim-core: Backport 'Make ToS agreement translatable' to v0.27 #9996
  • decidim-debates: Backport 'Make Scopes field in debates translatable' to v0.27 #9998
  • decidim-core: Backport 'Remove invitations badge' to v0.27 #10000
  • decidim-conferences: Backport 'Fix conference invitations' to v0.27 #10003
  • decidim-admin, decidim-core: Backport 'Fix preserving bold text in the rich text editor when pasting content' to v0.27 #9961
  • decidim-core, decidim-proposals: Backport 'Fix proposal etiquette and length validator with base64 images' to v0.27 #10009
  • decidim-core: Backport 'Fix disappearing sub-lists in rich text editors' to v0.27 #9967
  • decidim-meetings, decidim-proposals: Backport 'Fix invalid rendering of meeting and proposal body texts' to v0.27 #10002
  • decidim-core, decidim-debates, decidim-meetings, decidim-proposals: Backport 'Refactor cell titles' to v0.27 #10040
  • decidim-admin, decidim-comments: Backport 'Fix moderations for comments that are mapped to deleted resources' to v0.27 #9940
  • decidim-meetings: Backport 'Refactor the meeting list item title display' to v0.27 #10046
  • decidim-system: Backport 'Fix organization SMTP password not saved (became blank) in system panel' to v0.27 #10052
  • decidim-accountability, decidim-admin, decidim-proposals: Backport 'Reformat CSV help for import files on Accountability and Proposals' to v0.27 #10054
  • decidim-budgets, decidim-elections, decidim-proposals, decidim-sortitions: Backport 'Fix usages of reorder and paginate' to v0.27 #10050
  • decidim-admin: Backport 'Show only ToS acceptance when admin hasn't accepted it' to v0.27 #10056
  • decidim-participatory processes: Backport 'Fix usages of sanitize helper methods for editable content provided by admins' to v0.27 #10058
  • decidim-debates, decidim-meetings, decidim-proposals: Backport 'Refactor admin listing titles' to v0.27 #10048

Removed

Nothing.

Developer improvements

Nothing.

Internal

  • decidim-dev: Backport 'Ignore the problematics HTML validation checks with hidden inputs' to v0.27 #10025
  • Backport 'Bump versions on install docs' to v0.27 #10008
  • decidim-assemblies: Backport 'Fix importing a page component without a body' to v0.27 #10029

Previous versions

Please check release/0.27-stable for previous changes.

v0.26.4

15 Nov 12:31
e226c25
Compare
Choose a tag to compare

Upgrade notes

As usual, we recommend that you have a full backup, of the database, application code and static files.

To update, follow these steps:

  1. Update your Gemfile:
gem "decidim", "0.26.4"
gem "decidim-dev", "0.26.4"
  1. Run these commands to upgrade and make sure you get all the latest migrations:
bundle update decidim
bin/rails decidim:upgrade
bin/rails db:migrate

And then follow the steps and commands detailed in these notes.

Changelog

Added

Nothing.

Changed

Nothing.

Fixed

  • decidim-core: Backport 'Prevent the account edit route through Devise' to v0.26 #9932
  • decidim-participatory processes: Backport 'Fix unpublished processes shown in the group process count' to v0.26 #9934
  • decidim-admin: Backport 'Fix global moderation types not translated' to v0.26 #9937
  • decidim-admin: Backport 'Fix updating organization settings in case there were errors' to v0.26 #9938
  • decidim-budgets, decidim-core, decidim-elections, decidim-proposals: Backport 'Do not import resources multiple times' to v0.26 #9942
  • decidim-forms, decidim-surveys: Backport 'Fix form answer attachments breaking the answer view' to v0.26 #9945
  • decidim-comments: Backport 'Fix "disappearing" underscores with comments' to v0.26 #9949
  • decidim-admin, decidim-core: Backport 'Fix editor content saving when the content has only one video' to v0.26 #9951
  • decidim-proposals: Backport 'Fix collaborative drafts page when there are errors on the form' to v0.26 #9955
  • decidim-debates: Backport 'Fix the finite value on the debate form when editing an existing debate' to v0.26 #9957
  • decidim-pages: Backport 'Fix exporting and importing a page component' to v0.26 #9959
  • decidim-participatory processes: Backport 'Fix importing participatory process from legacy format' to v0.26 #9964
  • decidim-assemblies, decidim-core, decidim-participatory processes: Backport 'Fix duplicate stats on home page and participatory space main page' to v0.26 #9966
  • decidim-budgets, decidim-core, decidim-proposals, decidim-templates: Backport 'Address Crowdin feedback' to v0.26 #9970
  • decidim-core: Backport 'Limit invitation redirects only to paths within the application' to v0.26 #9973
  • decidim-initiatives: Backport 'Fix initiative sign if the authorization metadata is set to nil' to v0.26 #9981
  • decidim-initiatives: Backport 'Add missing i18n key in Initiatives' to v0.26 #9983
  • decidim-core: Backport 'Fix correct resource linking for amendments' to v0.26 #9988
  • decidim-core: Backport 'Fix user sign up with invalid name' to v0.26 #9991
  • decidim-initiatives: Backport 'Make initiatives order translatable' to v0.26 #9995
  • decidim-core: Backport 'Make ToS agreement translatable' to v0.26 #9997
  • decidim-debates: Backport 'Make Scopes field in debates translatable' to v0.26 #9999
  • decidim-core: Backport 'Remove invitations badge' to v0.26 #10001
  • decidim-conferences: Backport 'Fix conference invitations' to v0.26 #10004
  • decidim-admin, decidim-core: Backport 'Fix preserving bold text in the rich text editor when pasting content' to v0.26 #9962
  • decidim-admin, decidim-assemblies, decidim-initiatives, decidim-participatory processes, decidim-verifications: Backport 'Add missing active actions on admin navigation menu' to v0.26 #9993
  • decidim-core: Backport 'Fix disappearing sub-lists in rich text editors' to v0.26 #9968
  • decidim-elections: Backport 'Define the component import routes, permissions and controller at votings' to v0.26 #9977
  • decidim-core, decidim-proposals: Backport 'Fix proposal etiquette and length validator with base64 images' to v0.26 #10010
  • decidim-core, decidim-debates, decidim-meetings, decidim-proposals: Backport 'Refactor cell titles' to v0.26 #10041
  • decidim-admin, decidim-comments: Backport 'Fix moderations for comments that are mapped to deleted resources' to v0.26 #9941
  • decidim-comments, decidim-core, decidim-verifications: Backport 'Fix user related absolute URLs' to v0.26 #9947
  • decidim-core: Backport 'Fix duplicate user activity records when public spaces have private users' to v0.26 #9979
  • decidim-meetings: Backport 'Refactor the meeting list item title display' to v0.26 #10047
  • decidim-accountability, decidim-admin, decidim-proposals: Backport 'Reformat CSV help for import files on Accountability and Proposals' to v0.26 #10055
  • decidim-system: Backport 'Fix organization SMTP password not saved (became blank) in system panel' to v0.26 #10053
  • decidim-budgets, decidim-elections, decidim-proposals, decidim-sortitions: Backport 'Fix usages of reorder and paginate' to v0.26 #10051
  • decidim-admin: Backport 'Show only ToS acceptance when admin hasn't accepted it' to v0.26 #10057
  • decidim-debates, decidim-meetings, decidim-proposals: Backport 'Refactor admin listing titles' to v0.26 #10049
  • decidim-core: Backport 'Fix date/time formats at component forms' to v0.26 #9953

Removed

Nothing.

Internal

  • Backport 'Fix importing a page component without a body' to v0.26 #10023

Developer improvements

Nothing.

Previous versions

Please check release/0.26-stable for previous changes.

v0.27.0

29 Sep 14:46
Compare
Choose a tag to compare

See our blog post about the highlights for admins in this release.

1. Upgrade notes

As usual, we recommend that you have a full backup, of the database, application code and static files.

To update, follow these steps:

1.1. Update your Gemfile

gem "decidim", "0.27.0"
gem "decidim-dev", "0.27.0"

1.2. Run these commands

bundle update decidim
bin/rails decidim:upgrade
bin/rails db:migrate

1.3. Follow the steps and commands detailed in these notes

2. General notes

2.1. Ruby update to 3.0

We have updated the Ruby version to 3.0.2. Upgrading to this version will require either to install the Ruby Version on your host, or change the decidim docker image to use ruby:3.0.2.

You can read more about this change on PR #8452.

2.2. Rails update to 6.1

We have updated the Ruby on Rails version to 6.1. This will be done automatically when doing the bundle update. If you had any code customization you'll probably need to take this into account and update your code. Some important aspects to mention:

  • ActionMailer - Change default queue name of the deliver (:mailers) job to be the job adapter's default (:default)
  • ActiveSupport - Remove deprecated fallback to I18n.default_locale when config.i18n.fallbacks is empty. This change should be transparent for all the Decidim users that have configured the Decidim.default_locale
  • If you are using Spring, it is highly suggested to add the following line at the top of your application's config/spring.rb (especially if you are seeing the following messages in the console ERROR: directory is already being watched!):
require "decidim/spring"

You can read more about this change on PR #8411.

2.3. Data consent change (aka "cookie consent")

Local data consent management has been updated, generally also referred to as "cookie consent". Supported data consent categories are essential, preferences, analytics and marketing.

This feature is many times referred to as "cookie consent" due to historic reasons but in Decidim we prefer to call it "data consent" because this can also include other data stored in the user's browser using its APIs, such as data added to LocalStorage.

As many non-technical people are still more familiar with the "cookie" terminology, the user interface talks only about "Cookie consent" to make it easier to understand for non-technical participants.

Iframe HTML elements that are added with the editor or meeting forms are disabled until data consent is given for all data categories. Scripts that require local data to be stored in the user's browser could be added as follows:

<script type="text/plain" data-consent="marketing">
  console.log("marketing data consent given");
</script>

Note that you need to define the type="text/plain" for the script that adds local data to the user's browser in order to prevent the script from being executed before data consent is given. You should also define the metadata for all the local data that you or your 3rd party scripts are adding to the user's browser.

Mind that we also changed the data consent cookie from "decidim-cc" to "decidim-consent" by default. You can change it on your initializer, or update your legal notice accordingly.

Learn more about Data consent at Decidim Documentation. You can read more about this change on PR #9271.

2.4. Configuration via Environment Variables

We've modified the default installation to configure most of the application through Environment Variables. For existing installations we recommend that you migrate to this new model so its easier to configure your applications.

As an example, after migrating to this, if you want to enable a setting, you'll need to:

a. Set the correct Environment Variable
b. Restart the server

Until now the flow could be something like:

a. Change your initializer
b. Commit to git
c. Push to git server
d. Deploy to the server
e. Restart the server

For migrating:

  1. Backup your config/secrets.yml and config/initializers/decidim.rb
  2. Generate a new decidim app and copy your generated files
  3. Migrate your old settings to the new Environment Variables.

Learn more about Environment Variables at Decidim Documentation. You can read more about this change on PR #8725.

2.5. GraphQL API documentation change

We've replaced the graphql-docs npm package with gem. You shouldn't need to do anything as this will be handled automatically.

The static documentation will be rendered into the app/views/static/api/docs directory, which is being refreshed automatically when you run bin/rails decidim:upgrade.

You can read more about this change on PR #8631.

2.6. Custom icons new uploader

We now only allow PNG images at Favicon so we can provide higher quality versions to mobile devices.

You can read more about this change on PR #8645.

2.7. Strong password rules for admin users

For extra security, there are new password rules for administrator users which are enabled by default. This means that:

  • This will force the current administrators to change their passwords after 90 days has passed from the previous login.
  • For development/testing/staging environments this also means that the default user passwords have changed to decidim123456789 to match the minimum length rules for admins.
  • For consistency reasons, regular users password has also been changed with the seed data.

The relevant Environment Variables are:

Name Value Default value
DECIDIM_ADMIN_PASSWORD_STRONG Enable strong password rules for admin users. true
DECIDIM_ADMIN_PASSWORD_EXPIRATION_DAYS Defines how many days admin passwords are valid before they need to be reset. 90
DECIDIM_ADMIN_PASSWORD_REPETITION_TIMES Defines how many previous passwords are compared against new admin user passwords. 5
DECIDIM_ADMIN_PASSWORD_MIN_LENGTH The minimum character length for admin user passwords. 15

You can read more about this change on PR #9347.

2.8 Service workers

For the Progressive Web Application related features, like Push Notifications and Add To Home Screen, you'll need to update your webpack configuration:

bin/rails decidim:webpacker:install

You'll need to also add these to your .gitignore:

public/sw.js
public/sw.js.map

These files will be generated by the asset compilation task in your production server. Most of the time this should be handled automatically by your deployment process (like Capistrano or Heroku). In case that you need to run that manually, this is the command:

bin/rails assets:precompile

In your development environment this should be happening automatically behind the scenes or if you are running the ./bin/webpack-dev-server manually, during the recompilation process.

3. One time actions

These are one time actions that need to be done after the code is updated in the production database.

3.1. Moderated content can now be removed from search index

We have fixed a bug where moderated resources weren't removed from the general search index. This will automatically work for new moderated resources. For already existing ones, we have introduced a new task that will remove the moderated content from being displayed in search:

bin/rails decidim:upgrade:moderation:remove_from_search

You can read more about this change on PR #8811.

3.2. New Comments statistics structure

We've fixed the stastics of comments in participatory spaces. You'll need to run the task:

bin/rails decidim_comments:update_participatory_process_in_comments

You can read more about this change on PR #8012.

3.3. Push Notifications

We've implemented Push Notifications for improving the engagement with the platform. To configure it:

3.3.1. Generate the VAPID keys by running the command

bin/rails decidim:pwa:generate_vapid_keys

3.3.2. Copy them to your Environment Variables file

The relevant Environment Variables are:

Name Value Default value
VAPID_PUBLIC_KEY VAPID public key that will be used to sign the Push API requests.
VAPID_PRIVATE_KEY VAPID private key that will be used to sign the Push API requests.

These will be printed to the console when you run the command instructed in the previous step.

You can read more about this change on PR #8774.

3.4. Categories' description is deprecated

The description field in the categories admin forms has been removed (this applies to any participatory space using categories). For now it's still available in the database, so you can extract it with the following command:

bin/rails runner -e production 'Decidim::Category.pluck(:id, :name, :description).map { |row| puts row.join(";") }'

In the next vers...

Read more

v0.26.3

29 Sep 13:39
Compare
Choose a tag to compare

Upgrade notes

As usual, we recommend that you have a full backup, of the database, application code and static files.

To update, follow these steps:

  1. Update your Gemfile:
gem "decidim", "0.26.3"
gem "decidim-dev", "0.26.3"
  1. Run these commands to upgrade and make sure you get all the latest migrations:
bundle update decidim
bin/rails decidim:upgrade
bin/rails db:migrate

And then follow the steps and commands detailed in these notes.

Changelog

Added

Nothing.

Changed

Nothing.

Fixed

  • decidim-core: Backport 'Fix / Expose createMapController properly to let overriding' to v0.26 #9520
  • decidim-elections: Backport 'Capture unhandled errors from JS promises and inform the user' to v0.26 #9521
  • decidim-elections: Backport 'Remove description from questions in elections' to v0.26 #9522
  • decidim-initiatives: Backport 'Return 404 when there isn't an initiative' to v0.26 #9523
  • decidim-forms, decidim-meetings, decidim-surveys: Backport 'Fix rollback questionnaire answer when file is invalid' to v0.26 #9524
  • decidim-elections: Backport 'Make sure component is published when starting an election' to v0.26 #9525
  • decidim-core, decidim-meetings, decidim-proposals: Backport 'Fix email subject when resource title has special characters' to v0.26 #9526
  • decidim-core: Backport 'Prevent users to validate nicknames/emails taken by user groups' to v0.26 #9527
  • decidim-elections: Backport 'Fix hardcoded hour in election dashboard' to v0.26 #9528
  • decidim-comments, decidim-core: Backport 'Fix long word breaking on comments and cards' to v0.26 #9529
  • decidim-assemblies, decidim-conferences, decidim-consultations, decidim-core, decidim-elections, decidim-initiatives, decidim-participatory processes: Backport 'Fix background-image URLs with weird characters' to v0.26 #9531
  • decidim-assemblies, decidim-conferences, decidim-elections: Backport 'Fix cache hash on Hightlighted spaces' to v0.26 #9536
  • decidim-accountability: Backport 'Add short format to result date' to v0.26 #9540
  • decidim-elections: Backport 'Advertise users if BB connection is lost in trustees/admin zones' to v0.26 #9535
  • decidim-core: Backport 'Fix email subject when participatory space title is present' to v0.26 #9573
  • decidim-conferences: Backport 'Fix published conferences order' to v0.26 #9688
  • decidim-comments: Backport 'Fix creation notification when editing a comment ' to v0.26 #9690
  • decidim-elections: Backport 'Remove margin-bottom on votings navigation' to v0.26 #9692
  • decidim-initiatives: Backport 'Use public link on initiatives mailer' to v0.26 #9694
  • decidim-accountability: Backport 'Disallow creating grandchildren results' to v0.26 #9698
  • decidim-forms, decidim-meetings: Backport 'Prevent showing announcement on meetings registrations' to v0.26 #9700
  • decidim-initiatives: Backport 'Fix for initiative mailer when promoting committee is disabled' to v0.26 #9696
  • decidim-elections: Backport 'Improve steps election check page with census' to v0.26 #9702
  • decidim-core: Backport 'Fix translated attributes field type change' to v0.26 #9704
  • decidim-core: Backport 'Prevent missing ActionLog entries to break the application' to v0.26 #9706
  • decidim-proposals: Backport 'Fix publish event on official proposals' to v0.26 #9708
  • decidim-admin, decidim-proposals: Backport 'Add help text for proposals' 'publish answers immediately' setting ' to v0.26 #9712
  • decidim-conferences: Backport 'Return 404 when there isn't a valid component in program' to v0.26 #9717
  • decidim-budgets: Backport 'Fix budgets seeds on non development apps' to v0.26 #9719
  • decidim-core: Backport 'Fix creating automatic nicknames when taken by user_groups' to v0.26 #9721
  • decidim-debates: Backport 'Fix resource endorsed notification with Debates' to v0.26 #9723
  • decidim-meetings: Backport 'Fix agenda_item association with agenda' to v0.26 #9728
  • decidim-verifications: Backport 'Fix absolute urls on 'managed user error' event' to v0.26 #9730
  • decidim-core: Backport 'Fix mobile notifications switch component overlaps' to v0.26 #9732
  • decidim-core: Backport 'Fix blocked user nickname and avatar in user presenter' to v0.26 #9741
  • decidim-admin: Backport 'Fix form error overlap with character counter in the admin panel' to v0.26 #9749
  • decidim-core: Backport 'Fix the endorsement permissions' to v0.26 #9734
  • decidim-meetings: Backport 'Fix order when filtering Meetings' to v0.26 #9751
  • decidim-proposals: Backport 'Fix redundant notification on comments with linked proposals' to v0.26 #9746
  • decidim-core: Backport 'Make the HERE Map display in the currently selected language' to v0.26 #9714
  • decidim-admin, decidim-forms: Backport 'Fix admin language selector with more than 4 locales' to v0.26 #9710
  • decidim-meetings: Backport 'Ignore participatory spaces without models in meetings visible_for scope' to v0.26 #9794
  • decidim-admin: Backport 'Fix leaking emails on admin user search controller' to 0.26 #9797
  • decidim-assemblies, decidim-participatory processes: Backport 'Fix import of images on spaces' to v0.26 #9803
  • decidim-core: Backport 'Fix hashtags not recognized at the beginning of the string' to v0.26 #9811
  • decidim-accountability, decidim-core, decidim-debates, decidim-initiatives, decidim-meetings, decidim-proposals: Backport 'Fix version pages showing a HTTP 500 error when the version does not exist' to v0.26 #9809
  • decidim-core: Backport 'Fix hidden error messages on the registration form' to v0.26 #9813
  • decidim-core: Backport 'Fix multitenant organizations stats cache' to v0.26 #9807
  • decidim-admin, decidim-initiatives: Backport 'Fix initiatives components' to v0.26 #9825
  • Backport 'Fix doorkeeper initialization after 5.6.0 release' to v0.26 #9788

Removed

Nothing.

Internal

  • Backport 'Fix invalid translation in spec' to v0.26 #9435
  • Backport 'Remove the description field from the elections component seeds' to v0.26 #9553
  • Fix API GraphiQL system spec for 0.26 with newer ChromeDriver #9556
  • Backport 'Update rokroskar/workflow-run-cleanup-action GitHub action to v0.3.3' to v0.26 #9829
  • Backport 'Split parallel test coverage reports into their own folders' to v0.26 #9819
  • Backport 'Improve release process' to v0.26 #9864

Developer improvements

Nothing.

Previous versions

Please check release/0.26-stable for previous changes.

v0.27.0.rc2

19 Sep 11:38
Compare
Choose a tag to compare
v0.27.0.rc2 Pre-release
Pre-release

To see the full explanation on how to update to this version we recommend that you read all the previous release candidates' notes: rc1.

1. Upgrade notes

As usual, we recommend that you have a full backup, of the database, application code and static files.

To update, follow these steps:

1.1. Update your Gemfile

gem "decidim", "0.27.0.rc2"
gem "decidim-dev", "0.27.0.rc2"

1.2. Run these commands

bundle update decidim
bin/rails decidim:upgrade
bin/rails db:migrate

1.3. Follow the steps and commands detailed in these notes

Follow the instructions from the previous release candidates in their release order.

Changelog

Added

Nothing.

Changed

Nothing.

Fixed

  • decidim-assemblies, decidim-conferences, decidim-consultations, decidim-core, decidim-elections, decidim-initiatives, decidim-participatory processes: Backport 'Fix background-image URLs with weird characters' to v0.27 #9495
  • decidim-comments, decidim-core: Backport 'Fix long word breaking on comments and cards' to v0.27 #9530
  • decidim-core: Backport 'Fix nested attributes model mapping' to v0.27 #9532
  • decidim-initiatives: Backport 'Add the rexml gem as a requirement for Ruby 3.0.0+ compatibility' to v0.27 #9533
  • decidim-elections: Backport 'Advertise users if BB connection is lost in trustees/admin zones' to v0.27 #9534
  • decidim-assemblies, decidim-conferences, decidim-elections: Backport 'Fix cache hash on Hightlighted spaces' to v0.27 #9537
  • decidim-core: Backport 'Fix email subject when participatory space title is present' to v0.27 #9538
  • decidim-accountability: Backport 'Add short format to result date' to v0.27 #9541
  • decidim-conferences: Backport 'Fix published conferences order' to v0.27 #9687
  • decidim-comments: Backport 'Fix creation notification when editing a comment ' to v0.27 #9689
  • decidim-elections: Backport 'Remove margin-bottom on votings navigation' to v0.27 #9691
  • decidim-initiatives: Backport 'Use public link on initiatives mailer' to v0.27 #9693
  • decidim-accountability: Backport 'Disallow creating grandchildren results' to v0.27 #9697
  • decidim-forms, decidim-meetings: Backport 'Prevent showing announcement on meetings registrations' to v0.27 #9699
  • decidim-initiatives: Backport 'Fix for initiative mailer when promoting committee is disabled' to v0.27 #9695
  • decidim-elections: Backport 'Improve steps election check page with census' to v0.27 #9701
  • decidim-core: Backport 'Fix translated attributes field type change' to v0.27 #9703
  • decidim-core: Backport 'Prevent missing ActionLog entries to break the application' to v0.27 #9705
  • decidim-proposals: Backport 'Fix publish event on official proposals' to v0.27 #9707
  • decidim-admin, decidim-proposals: Backport 'Add help text for proposals' 'publish answers immediately' setting ' to v0.27 #9711
  • decidim-conferences: Backport 'Return 404 when there isn't a valid component in program' to v0.27 #9716
  • decidim-budgets: Backport 'Fix budgets seeds on non development apps' to v0.27 #9718
  • decidim-core: Backport 'Fix creating automatic nicknames when taken by user_groups' to v0.27 #9720
  • decidim-debates: Backport 'Fix resource endorsed notification with Debates' to v0.27 #9722
  • decidim-core: Backport 'Set push notifications in user locale' to v0.27 #9724
  • decidim-elections: Backport 'Improve census importing process in elections/votings space' to v0.27 #9725
  • decidim-core: Backport 'Strip tags keeping entity characters' to v0.27 #9726
  • decidim-meetings: Backport 'Fix agenda_item association with agenda' to v0.27 #9727
  • decidim-verifications: Backport 'Fix absolute urls on 'managed user error' event' to v0.27 #9729
  • decidim-core: Backport 'Fix mobile notifications switch component overlaps' to v0.27 #9731
  • decidim-core: Backport 'Fix account update without password change' to v0.27 #9735
  • decidim-meetings: Backport 'Fix order when filtering Meetings' to v0.27 #9737
  • decidim-admin: Backport 'Fix admin autocomplete when a locale is defined in the URL' to v0.27 #9738
  • decidim-core: Backport 'Fix blocked user nickname and avatar in user presenter' to v0.27 #9740
  • decidim-core: Backport 'Change the custom public port ENV variable name to HTTP_PORT' to v0.27 #9747
  • decidim-admin: Backport 'Fix form error overlap with character counter in the admin panel' to v0.27 #9748
  • decidim-core: Backport 'Fix the endorsement permissions' to v0.27 #9733
  • decidim-core: Backport 'Fix PWA install prompt keeps appearing more than once' to v0.27 #9744
  • decidim-core: Backport 'Fix issues with daily and weekly notifications' to v0.27 #9739
  • decidim-proposals: Backport 'Fix redundant notification on comments with linked proposals' to v0.27 #9745
  • decidim-generators: Backport 'Add missing queue close_meeting_reminder to sidekiq configuration' to v0.27 #9715
  • decidim-core: Backport 'Make the HERE Map display in the currently selected language' to v0.27 #9713
  • decidim-admin, decidim-forms: Backport 'Fix admin language selector with more than 4 locales' to v0.27 #9709
  • decidim-core, decidim-dev, decidim-generators: Backport 'Fix data consent expiry' to v0.27 #9742
  • decidim-core: Backport 'Fix uninitialized constant errors with custom set of modules' to v0.27 #9743
  • decidim-meetings: Backport 'Ignore participatory spaces without models in meetings visible_for scope' to v0.27 #9795
  • decidim-admin: Backport 'Fix leaking emails on admin user search controller' to 0.27 #9796
  • decidim-core: Backport 'Fix order of last activities' to v0.27 #9802
  • decidim-conferences: Backport 'Fix conference speaker avatars' to v0.27 #9823
  • decidim-core: Backport 'Prevent the account edit route through Devise' to v0.27 #9806
  • decidim-accountability, decidim-core, decidim-debates, decidim-initiatives, decidim-meetings, decidim-proposals: Backport 'Fix version pages showing a HTTP 500 error when the version does not exist' to v0.27 #9810
  • decidim-core: Backport 'Fix hashtags not recognized at the beginning of the string' to v0.27 #9812
  • decidim-comments: Backport 'Fix posting comments before the initial load has run' to v0.27 #9815
  • decidim-core: Backport 'Fix hidden error messages on the registration form' to v0.27 #9814
  • decidim-core: Backport 'Fix multitenant organizations stats cache' to v0.27 #9808
  • decidim-core: Backport 'Fix character counter for the WYSIWYG editor' to v0.27 #9816
  • decidim-admin, decidim-initiatives: Backport 'Fix initiatives components' to v0.27 #9824
  • decidim-core, decidim-meetings: Backport 'Fix iframe disabling producing invalid HTML' to v0.27 #9805
  • decidim-assemblies, decidim-participatory processes: Backport 'Fix import of imag...
Read more

v0.27.0.rc1

27 Jun 16:15
f5cf385
Compare
Choose a tag to compare
v0.27.0.rc1 Pre-release
Pre-release

1. Upgrade notes

As usual, we recommend that you have a full backup, of the database, application code and static files.

To update, follow these steps:

1.1. Update your Gemfile

gem "decidim", "0.27.0.rc1"
gem "decidim-dev", "0.27.0.rc1"

1.2. Run these commands

bundle update decidim
bin/rails decidim:upgrade
bin/rails db:migrate

1.3. Follow the steps and commands detailed in these notes

2. General notes

2.1. Ruby update to 3.0

We have updated the Ruby version to 3.0.2. Upgrading to this version will require either to install the Ruby Version on your host, or change the decidim docker image to use ruby:3.0.2.

You can read more about this change on PR #8452.

2.2. Rails update to 6.1

We have updated the Ruby on Rails version to 6.1. This will be done automatically when doing the bundle update. If you had any code customization you'll probably need to take this into account and update your code. Some important aspects to mention:

  • ActionMailer - Change default queue name of the deliver (:mailers) job to be the job adapter's default (:default)
  • ActiveSupport - Remove deprecated fallback to I18n.default_locale when config.i18n.fallbacks is empty. This change should be transparent for all the Decidim users that have configured the Decidim.default_locale
  • If you are using Spring, it is highly suggested to add the following line at the top of your application's config/spring.rb (especially if you are seeing the following messages in the console ERROR: directory is already being watched!):
require "decidim/spring"

You can read more about this change on PR #8411.

2.3. Data consent change (aka "cookie consent")

Local data consent management has been updated, generally also referred to as "cookie consent". Supported data consent categories are essential, preferences, analytics and marketing.

This feature is many times referred to as "cookie consent" due to historic reasons but in Decidim we prefer to call it "data consent" because this can also include other data stored in the user's browser using its APIs, such as data added to LocalStorage.

As many non-technical people are still more familiar with the "cookie" terminology, the user interface talks only about "Cookie consent" to make it easier to understand for non-technical participants.

Iframe HTML elements that are added with the editor or meeting forms are disabled until data consent is given for all data categories. Scripts that require local data to be stored in the user's browser could be added as follows:

<script type="text/plain" data-consent="marketing">
  console.log("marketing data consent given");
</script>

Note that you need to define the type="text/plain" for the script that adds local data to the user's browser in order to prevent the script from being executed before data consent is given. You should also define the metadata for all the local data that you or your 3rd party scripts are adding to the user's browser.

Mind that we also changed the data consent cookie from "decidim-cc" to "decidim-consent" by default. You can change it on your initializer, or update your legal notice accordingly.

Learn more about Data consent at Decidim Documentation. You can read more about this change on PR #9271.

2.4. Configuration via Environment Variables

We've modified the default installation to configure most of the application through Environment Variables. For existing installations we recommend that you migrate to this new model so its easier to configure your applications.

As an example, after migrating to this, if you want to enable a setting, you'll need to:

a. Set the correct Environment Variable
b. Restart the server

Until now the flow could be something like:

a. Change your initializer
b. Commit to git
c. Push to git server
d. Deploy to the server
e. Restart the server

For migrating:

  1. Backup your config/secrets.yml and config/initializers/decidim.rb
  2. Generate a new decidim app and copy your generated files
  3. Migrate your old settings to the new Environment Variables.

Learn more about Environment Variables at Decidim Documentation. You can read more about this change on PR #8725.

2.5. GraphQL API documentation change

We've replaced the graphql-docs npm package with gem. You shouldn't need to do anything as this will be handled automatically.

The static documentation will be rendered into the app/views/static/api/docs directory, which is being refreshed automatically when you run bin/rails decidim:upgrade.

You can read more about this change on PR #8631.

2.6. Custom icons new uploader

We now only allow PNG images at Favicon so we can provide higher quality versions to mobile devices.

You can read more about this change on PR #8645.

2.7. Strong password rules for admin users

For extra security, there are new password rules for administrator users which are enabled by default. This means that:

  • This will force the current administrators to change their passwords after 90 days has passed from the previous login.
  • For development/testing/staging environments this also means that the default user passwords have changed to decidim123456789 to match the minimum length rules for admins.
  • For consistency reasons, regular users password has also been changed with the seed data.

The relevant Environment Variables are:

Name Value Default value
DECIDIM_ADMIN_PASSWORD_STRONG Enable strong password rules for admin users. true
DECIDIM_ADMIN_PASSWORD_EXPIRATION_DAYS Defines how many days admin passwords are valid before they need to be reset. 90
DECIDIM_ADMIN_PASSWORD_REPETITION_TIMES Defines how many previous passwords are compared against new admin user passwords. 5
DECIDIM_ADMIN_PASSWORD_MIN_LENGTH The minimum character length for admin user passwords. 15

You can read more about this change on PR #9347.

2.8 Service workers

For the Progressive Web Application related features, like Push Notifications and Add To Home Screen, you'll need to update your webpack configuration:

bin/rails decidim:webpacker:install

You'll need to also add these to your .gitignore:

public/sw.js
public/sw.js.map

These files will be generated by the asset compilation task in your production server. Most of the time this should be handled automatically by your deployment process (like Capistrano or Heroku). In case that you need to run that manually, this is the command:

bin/rails assets:precompile

In your development environment this should be happening automatically behind the scenes or if you are running the ./bin/webpack-dev-server manually, during the recompilation process.

3. One time actions

These are one time actions that need to be done after the code is updated in the production database.

3.1. Moderated content can now be removed from search index

We have fixed a bug where moderated resources weren't removed from the general search index. This will automatically work for new moderated resources. For already existing ones, we have introduced a new task that will remove the moderated content from being displayed in search:

bin/rails decidim:upgrade:moderation:remove_from_search

You can read more about this change on PR #8811.

3.2. New Comments statistics structure

We've fixed the stastics of comments in participatory spaces. You'll need to run the task:

bin/rails decidim_comments:update_participatory_process_in_comments

You can read more about this change on PR #8012.

3.3. Push Notifications

We've implemented Push Notifications for improving the engagement with the platform. To configure it:

3.3.1. Generate the VAPID keys by running the command
bin/rails decidim:pwa:generate_vapid_keys
3.3.2. Copy them to your Environment Variables file

The relevant Environment Variables are:

Name Value Default value
VAPID_PUBLIC_KEY VAPID public key that will be used to sign the Push API requests.
VAPID_PRIVATE_KEY VAPID private key that will be used to sign the Push API requests.

These will be printed to the console when you run the command instructed in the previous step.

You can read more about this change on PR #8774.

3.4. Categories' description is deprecated

The description field in the categories admin forms has been removed (this applies to any participatory space using categories). For now it's still available in the database, so you can extract it with the following command:

bin/rails runner -e production 'Decidim::Category.pluck(:id, :name, :description).map { |row| puts row.join(";") }'

In the next version (v0.28.0) it will be fully removed from the database.

You can read more about this change on ...

Read more

v0.26.2

14 Jun 14:48
8c4b546
Compare
Choose a tag to compare

Upgrade notes

As usual, we recommend that you have a full backup, of the database, application code and static files.

To update, follow these steps:

  1. Update your Gemfile:
gem "decidim", "0.26.2"
gem "decidim-dev", "0.26.2"
  1. Run these commands to upgrade and make sure you get all the latest migrations:
bundle update decidim
bin/rails decidim:upgrade
bin/rails db:migrate

And then follow the steps and commands detailed in these notes.

Changelog

Added

Nothing.

Changed

Nothing.

Fixed

  • decidim-comments, decidim-core, decidim-meetings: Backport "Fix timeout in comment view and during meetings" to v0.26 #9091
  • decidim-core: Backport "Dont add external link container inside editor" to v0.26 #9108
  • decidim-core: Backport "Add base URI to meta image URLs" to v0.26 #9153
  • decidim-initiatives: Backport "Remove 'edit link' in topbar for initiative's authors" to v0.26 #9239
  • decidim-elections: Backport 'Clarify message to user when checking census' to v0.26 #9240
  • decidim-participatory processes: Backport 'Fix processes count in processes group title cell' to v0.26 #9242
  • decidim-elections: Backport 'Improve wording when casting your vote' to v0.26 #9243
  • decidim-proposals: Backport 'Add 'not answered' as a possible answer in proposals' to v0.26 #9246
  • decidim-meetings: Backport 'Fix meetings minutes migration' to v0.26 #9247
  • decidim-assemblies, decidim-proposals: Backport "Fix absolute urls on 'assembly member' and 'collaborative drafts' events" to v0.26 #9248
  • decidim-accountability, decidim-consultations: Backport 'Fix components navbar in consultations mobile ' to v0.26 #9249
  • decidim-meetings: Backport 'Move modal to body and fix condition' to v0.26 #9250
  • decidim-meetings: Backport 'Do not send upcoming meeting notification for hidden or withdrawn meetings' to v0.26 #9251
  • decidim-core: Backport 'Show only current organization in verification conflicts with multitenants' to v0.26 #9252
  • decidim-elections: Backport 'Send email to newly added trustees' to v0.26 #9253
  • decidim-meetings: Backport 'Fix registration type field highlighted in admin meeting creation form' to v0.26 #9254
  • decidim-surveys: Backport 'Fix contradictory form errors on survey form' to v0.26 #9257
  • decidim-initiatives: Backport 'Add edit and delete actions in InitiativeType admin table' to v0.26 #9260
  • decidim-surveys: Backport 'Clarify unregistered answers on surveys behavior' to v0.26 #9261
  • decidim-elections: Backport 'Fix voting with single election' to v0.26 #9262
  • decidim-initiatives: Backport 'Fix initiative print link, margin, and organization logo' to v0.26 #9263
  • decidim-elections: Backport 'Remove show more button on elections' to v0.26 #9264
  • decidim-surveys: Backport 'Fix survey activity log entries' to v0.26 #9265
  • decidim-budgets: Backport 'Remove beforeunload confirmation panel from the budgets voting' to v0.26 #9266
  • decidim-admin, decidim-elections: Backport 'Fix newsletters and Decidim Votings' to v0.26 #9258
  • decidim-core: Backport 'Fix notifications where resources are missing' to v0.26 #9256
  • decidim-core: Backport 'Enforce password validation rules on 'Forgot your password?' form' to v0.26 #9245
  • decidim-core: Backport 'Fix displaying blocked users in account follow pages' to v0.26 #9255
  • decidim-core: Backport 'Fix Leaflet trying to load "infinite amount of tiles"' to v0.26 #9269
  • decidim-system: Backport 'Enforce password validation rules on system admins' to v0.26 #9259
  • decidim-meetings: Backport 'Remove presenters in the meetings admin backoffice' to v0.26 #9323
  • decidim-elections: Backport 'Correctly show trustees and votings menu' to v0.26 #9324
  • decidim-core: Backport 'Fix hashtag parsing on URLs with fragments' to v0.26 #9326
  • decidim-comments, decidim-core: Backport 'Add missing events locales' to v0.26 #9327
  • decidim-conferences: Backport 'Make conference's partners logos always mandatory' to v0.26 #9328
  • decidim-admin: Backport 'Fix margin around warning message in colour settings' to v0.26 #9329
  • decidim-elections: Backport 'Hide more information link when there's no description on an election' to v0.26 #9331
  • decidim-admin, decidim-assemblies, decidim-budgets, decidim-core, decidim-elections, decidim-meetings, decidim-pages, decidim-proposals: Backport 'Apply crowdin feedback' to v0.26 #9333
  • decidim-comments, decidim-core: Backport 'Don't show deleted resources in last activities ' to v0.26 #9330
  • decidim-elections: Backport 'Fix election label translations' to v0.26 #9343
  • decidim-verifications: Backport 'Allow to renew expired verifications (if renewable)' to v0.26 #9344
  • decidim-elections: Backport 'Add error message when adding question and election has started' to v0.26 #9404
  • decidim-core: Backport 'Fix user interests' to v0.26 #9406
  • decidim-elections: Backport 'Fix regular expression on census check' to v0.26 #9408
  • decidim-elections: Backport 'Enforce YYYYmmdd format in birthdate when uploading census' to v0.26 #9410
  • decidim-consultations: Backport 'Return 404 when there isn't a question' to v0.26 #9414
  • decidim-consultations: Backport 'Return 404 when there isn't a consultation' to v0.26 #9413
  • decidim-elections: Backport 'Return 404 when there isn't a voting in elections_log' to v0.26 #9415
  • decidim-proposals: Backport 'Fix proposals creation with Participatory Texts ' to v0.26 #9416
  • decidim-elections: Backport 'Fix ActionLog when a ballot style is deleted' to v0.26 #9411
  • decidim-elections: Backport 'Only show that the code can be requested via SMS if its true' to v0.26 #9409
  • decidim-budgets, decidim-proposals: Backport 'Add missing translation keys proposals import and proposals picker' to v0.26 #9412
  • decidim-elections: Backport 'Fix HTML safe content in election voting' to v0.26 #9405
  • decidim-core: Backport 'Fix for internal links not displaying on page title' to v0.26 #9407

Removed

Nothing.

Internal

  • Backport 'Fix generators specs target branch' to v0.26 #9290

Developer improvements

Nothing.

Previous versions

Please check release/0.26-stable for previous changes.

v0.26.1

30 Mar 08:34
193fe63
Compare
Choose a tag to compare

Upgrade notes

As usual, we recommend that you have a full backup, of the database, application code and static files.

To update, follow these steps:

  1. Update your Gemfile:
gem "decidim", "0.26.1"
gem "decidim-dev", "0.26.1"
  1. Run these commands to upgrade and make sure you get all the latest migrations:
bundle update decidim
bin/rails decidim:upgrade
bin/rails db:migrate

And then follow the steps and commands detailed in these notes.

Changelog

Added

Nothing.

Changed

Nothing.

Fixed

  • decidim-meetings: Backport "Fix the meetings export to also include unpublished meetings" to v0.26 #8939
  • decidim-system, decidim-verifications: Backport "Fix verification report with multitenants" to v0.26 #8940
  • decidim-core: Backport "Fix officialized user event missing translations" to v0.26 #8942
  • decidim-verifications: Backport "Fix email for verification conflict with managed users" to v0.26 #8945
  • decidim-core: Backport "Fix profile notifications" to v0.26 #8949
  • decidim-assemblies, decidim-budgets, decidim-comments, decidim-consultations, decidim-core, decidim-elections, decidim-forms, decidim-initiatives, decidim-participatory processes, decidim-proposals: Backport several accessibility fixes to v0.26 #8950
  • decidim-core: Backport "Add missing 'Locale' string in i18n in account page" to v0.26 #8980
  • decidim-meetings: Backport "Truncate the meetings card description" to v0.26 #8979
  • decidim-proposals: Backport "Fix proposals' cards with big images" to v0.26 #8978
  • decidim-initiatives: Backport "Fix link to docs in initiatives admin" to v0.26 #8975
  • decidim-comments: Backport "Fix budget hard dependency and caching flag issues in comments" to v0.26 #8973
  • decidim-participatory processes: Backport "Fix processes creation form with stats, metrics and announcements" to v0.26 #8977
  • decidim-initiatives: Backport "Show signatures in answered initiatives" to v0.26 #8991
  • decidim-core: Backport "Add missing reveal__title classes" to v0.26 #8999
  • decidim-core: Backport "Remove the label from the dropdown menu opener" to v0.26 #9002
  • decidim-core: Backport "Fix mobile nav keyboard focus" to v0.26 #9001
  • decidim-core: Backport "Fix main navigation aria-current attribute" to v0.26 #9000
  • decidim-core: Backport "Show character counter when replying to message" to v0.26 #9003
  • decidim-core: Backport "Fix character counter with emoji picker close to maximum characters" to v0.26 #9012
  • decidim-api, decidim-assemblies, decidim-conferences, decidim-consultations, decidim-initiatives, decidim-meetings, decidim-participatory processes, decidim-proposals: Backport "Fix API when meetings have proposal linking disabled" to v0.26 #8992
  • decidim-core: Backport "Fix Devise flash messages translation" to v0.26 #9043
  • decidim-core: Backport "Disable new conversation next button when no users selected" to v0.26 #9054
  • decidim-initiatives: Backport "Fix initiatives signatures issues" to v0.26 #8974
  • decidim-blogs, decidim-core, decidim-debates, decidim-proposals: Backport "Fix for endorsed_by with other user group's member" to v0.26 #9062
  • decidim-proposals: Backport "Fix footer actions caching on proposals' card" to v0.26 #9063
  • decidim-admin: Backport "Add missing 'Locale' string in i18n in selective newsletter" to v0.26 #9064
  • decidim-core: Backport "Fix social share button sharing" to v0.26 #9065
  • decidim-meetings: Backport "Use published meetings scope on processes landing and proposal's form" to v0.26 #9066
  • decidim-core: Backport "Require omniauth/rails_csrf_protection explicitly" to v0.26 #9067
  • decidim-core, decidim-proposals: Backport "Fix amendable events title" to v0.26 #9079
  • decidim-proposals: Backport "Create admin log records when proposals are imported from a file" to v0.26 #9077
  • decidim-comments, decidim-core, decidim-proposals: Backport "Add noreferrer and ugc to links" to v0.26 #9078
  • decidim-meetings: Backport "Fix submit in meetings admin form" to v0.26 #9076
  • decidim-core: Backport "Fix session cookie SameSite policy" to v0.26 #9059
  • decidim-budgets, decidim-core, decidim-debates, decidim-meetings, decidim-proposals: Backport "Fix cache URLs on cards" to v0.26 #9074
  • decidim-assemblies, decidim-conferences, decidim-consultations, decidim-core, decidim-initiatives, decidim-participatory processes: Backport "Fix Twitter hashtag search when it starts with a number" to v0.26 #9075

Removed

Nothing.

Internal

  • Backport "Fix ActionMailer preview loading" to v0.26 #8963
  • Backport "Fix flaky spec in meetings multi-date selectors" to v0.26 #8976
  • Backport "Local HTML validator for the CI" to v0.26 #9004
  • Backport "Fix API when meetings have proposal linking disabled" to v0.26 #8992

Developer improvements

  • Backport "Fix Devise configs that depend on Decidim configs" to v0.26 #9022
  • Backport "Fix Faker address country code in seeds" to v0.26 #9046

Previous versions

Please check release/0.26-stable for previous changes.

v0.26.0

22 Feb 13:28
070e56d
Compare
Choose a tag to compare

See our blog post about the highlights for admins in this release.

Upgrade notes

As usual, we recommend that you have a full backup, of the database, application code and static files.

To update, follow these steps:

  1. Update your Gemfile:
gem "decidim", "0.26.0"
gem "decidim-dev", "0.26.0"
  1. Run these commands to upgrade and make sure you get all the latest migrations:
bundle update decidim
bin/rails decidim:upgrade
bin/rails db:migrate

And then follow the steps and commands detailed in these notes.

General notes

Register assets paths

To prevent Zeitwerk from trying to autoload classes from the app/packs folder, it's necesary to register these paths for each module and for the application using the method Decidim.register_assets_path on initializers. This is explained in the webpacker migration guides for applications and modules), and was implemented in #8449.

Blocked user in global search

PR #8658 Blocked users are present in global search, to update the search and make them disappear, Run in a bin/rails console or create a migration with:

Decidim::User.find_each(&:try_update_index_for_search_resource)

Please be aware that it could take a while if your database has a lot of Users.

Fix statistics in Comments

As per #8012, for fixing statistic in comments. There's a rake task that you need to run:

bin/rails decidim_comments:update_participatory_process_in_comments

Base64 images migration

As per #8250, we've replaced the default base64 editor images attachment with the use of ActiveStorage attachments. This PR also adds a task to parse all editor contents and replace existing base64 images with attachments. The task parses all the attributes which can be edited from admin using the WYSIWYG editor. The task requires an argument with the email of an admin used to create EditorImage instances. To run this task execute:

bin/rails decidim:active_storage_migrations:migrate_inline_images_to_active_storage[admin_email]

User workflows change to prevent user enumeration attacks

Until now it was possible to see if an email account was registered in Decidim, by using features like "Forgot your password", as the response changed if the email existed ("You will receive an email with instructions on how to reset your password in a few minutes") that's different to a non-existing user account ("could not be found. Did you sign up previously?"). This allows User Enumration attacks, where a malicious actor can check if anyone has an acount in the platform. As per #8537, anyone has the same answer always "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes".

Unconfirmed access disabled by default

As per #8233, by default all participants must confirm their email account to sign in. Implementors can change this setting as a initializer configuration:

Decidim.configure do |config|
  config.unconfirmed_access_for = 2.days
end

Added

  • decidim-budgets: Port decidim-budgets improvements from AjuntamentdeBarcelona/decidim #8249
  • decidim-elections: Improve evote admin logs #8263
  • decidim-blogs, decidim-meetings: Add card images to meetings and blog posts #8276
  • decidim-admin: Align UI groups filtering with the rest of decidim #8105
  • decidim-admin, decidim-proposals: Improve error messages in admin panel #8193
  • decidim-elections: Allow to mark trustees as missing #8314
  • decidim-admin: Add sorting to private participants in a participatory space #8242
  • decidim-comments: Improve control of comments in meetings and debates #8027
  • decidim-proposals: Offer a way to see all proposals in withdrawn proposal list #8251
  • decidim-admin, decidim-proposals: Configurable default order for proposals #8295
  • decidim-assemblies: Filter assemblies by assembly type in admin #7153
  • decidim-assemblies: Non participant assembly members avatar #8277
  • decidim-core: Add image file upload in QuillJS editor #8250
  • decidim-meetings: Make meeting report editable by the author in front-end #8209
  • decidim-core: Improve dialog accessibility #8294
  • decidim-meetings: Ability for users to withdraw their meetings #8248
  • decidim-admin: Add colors accessibility warning in admin Appearance #8354
  • decidim-proposals: Import proposal answers #8271
  • decidim-core: Add more actions in QuillJS toolbar #8120
  • decidim-meetings: Add more filter options to directory meetings page #8333
  • decidim-assemblies, decidim-conferences, decidim-participatory processes: Add filters for Participatory process admins section #8106
  • decidim-budgets: Show modal when user is trying to leave with pending vote #8387
  • decidim-meetings: Meetings iframe visibility #8307
  • decidim-budgets: Add search, filters and sorting to admin panel budget projects #8592
  • decidim-core: Describe the notifications' time with words #8564
  • decidim-comments, decidim-core: Add link to comments in Notifications #8607
  • decidim-comments, decidim-core: Add full content of comments in notifications #8581
  • decidim-core: Change colors on mobile navigation bar #8628
  • decidim-core, decidim-proposals: Add author to proposals in notifications #8603
  • decidim-comments, decidim-core, decidim-meetings, decidim-proposals: Allow participants to receive translated content by email #8174
  • decidim-admin: Add search, filters, pagination and sorting to moderated users #8620
  • decidim-surveys: Add "title and description" in surveys #8588

Changed

  • decidim-elections: Validate census CSV headers #8264
  • decidim-meetings: Improve Attendees count error handling on frontend #8238
  • decidim-core: Disable unconfirmed access by default #8233
  • decidim-meetings: Rename 'upcoming events' content block to 'upcoming meetings' #8412
  • decidim-core: Change user workflows to prevent user enumeration attacks #8537
  • decidim-comments: Backport "Show hidden comments replies" to v0.26 #8868

Fixed

  • decidim-accountability: Fix accountability notifications proposal title #8240
  • decidim-elections: Remove white spaces in Census #8262
  • decidim-debates, decidim-meetings, decidim-proposals: Fix characters not encoded in title #8253
  • decidim-proposals: Fix flaky test on proposals splitting #8302
  • decidim-core: Fix invalid i18n values for diff changeset #8299
  • decidim-meetings: Fix live? missing method delegation in online_meeting cell #8241
  • decidim-comments: Fix statistics in Comments #8012
  • decidim-budgets: Fix some explore budgets specs #8303
  • decidim-core: Fix missing icons after CORS [#82...
Read more