Posted Monday, August 21 at 2:45 AM (a year ago)
Here’s some new bugfixes and features!
- OpenGraph tags now validate per the W3C validator
- Images can now take a value of link=True in order to force a link to the full-size rendition without setting a lightbox gallery ID
- Links will no longer include the template name if it’s the same as the category default (so you no longer need to do annoying things like
view.link(template=template if template.name != 'index')
- Similarly, path-alias to the
index template will now work correctly if the category’s default template is not index
Posted Thursday, July 13 at 12:14 PM (a year ago)
There is a known XSS exploit in webmention.js 0.5.4 and earlier. If you are running webmention.js on your site, please update to the latest version!
Many thanks to @tyage for reporting this vulnerability (and @psmoros for facilitating the report, as well as running huntr.dev which looks like a great security research and reporting platform).
Posted Tuesday, May 23 at 3:49 AM (a year ago)
What’s this, another Publ release? Why, yes! While revamping my personal website I came across some additional things that needed some Publ fixes to really work well.
The changes since 0.7.24 are:
- Consider whitespace-only entry parts (
entry.body and entry.more) to be False
- Enable cache-control on templates which aren’t user-dependent (such as stylesheets), hopefully cutting down on FOUC issues
- Enable an appropriate same-site cookie policy for 2023
Posted Monday, May 22 at 2:21 PM (a year ago)
Latest version of Publ includes:
There was also a minor fix released as 0.7.23 which was to unpin the version of watchdog, which allows Publ to run in debug/hot-reload mode once again.
Posted Monday, May 1 at 7:18 PM (a year ago)
Here’s a new release of Publ.
Actually it looks like I’ve been remiss in announcing the last several releases, because each of them just had minor changes! So here’s a bit of a catchup:
- v0.7.19: Pass through rendition arguments (including quality and format) to the fullsize rendition
- v0.7.20: Just a bunch of upstream dependency updates
- v0.7.21: Some shenanigans while trying to figure out how to deal with Pony’s incompatibility with Python 3.11, as yet unresolved
- v0.7.22:
- Fixed an issue with some transparent images not being detected as transparent due to using uncommon formats (particularly grayscale-with-alpha PNGs in the
LA pixel format)
- Changed the way that the authentication key gets configured; this was necessary due to an upstream change in Flask
At present there appears to be an occasional issue with how watchdog works (or doesn’t), and I haven’t figured out the rhyme or reason. A pending Publ release will hopefully fix this. My apologies for the inconvenience.
Posted Wednesday, January 4 at 8:17 PM (a year ago)
Pushl has been updated to be compatible with an API change made in Python 3.11, specifically fixing some functionality which was deprecated in Python 3.8 and which I somehow failed to notice the deprecation warning of.
Thanks to @seirdy for bringing this to my attention.