v2.5.1

• Add title's and description's length limit in forms #2585

v2.5.0

• Change reuse's form's label name to title #2575
• Unpublished posts are no longer served by the Post.list API endpoint #2578
• Read only mode can now be toggled in settings #2565:
  • Toggles a warning banner on the frontend view and a warning toast on the admin view.
  • Prevents new users to register.
  • Prevents non admin users to create new content such as organizations, datasets, community resources or discussions.
  • Will return a 423 response code to any non-admin request to endpoints specified in METHOD_BLOCKLIST setting.
  • Existing content can still be updated.
• Add an alert block in layout template, to be overrided in installed theme #2580

v2.4.1

• Escaping XML's forbidden characters #2562
• Ignore pattern feature for linkchecker #2564
• Fix TypeError when creating a superuser with an incorrect password #2567

v2.4.0

• ⚠️ Resources and community resources creation API change #2545:
  • Remove the RESOURCES_FILE_ALLOWED_DOMAINS setting and mechanism.
  • The community resource's/resource's url could be set from the client side, even in the case of a hosted one, which is illogical.
    A hosted community resource's/resource's url should only be the sole responsibility of the backend.
  • Consequently, the POST endpoint of the community resources/resources API is only meant for the remote ones and the PUT endpoint of the community resources/resources API will take the existing resource's url to override the one sent by the client.
• Community resources changes #2546:
  • Dataset is now correctly set at community resource creation
  • Remove now useless job 'purge-orphan-community-resources'
• Using the fs_filename logic when uploading a new resource on the data catalog.#2547
• Remove old file when updating resources and community resources from API #2548
• Sortable.js upgrade to fix an issue in udata's editorial page when reordering featured datasets #2550
• Password rotation mechanism #2551:
  • Datetime fields password_rotation_demanded and password_rotation_performed added to user model.
  • Override Flask-Security's login and reset password forms to implement the password rotation checks.
• Password complexity settings hardening #2554
• Migrate ODS datasets urls #2559

v2.3.0

• Plugin's translations are now correctly loaded #2529
• Vine version is now pinned in requirements #2532
• Fix reuses metrics #2531:
  • Reuses "datasets" metrics are now triggered correctly
  • New job to update the datasets "reuses" metrics: update-datasets-reuses-metrics to be scheduled
• Add a migration to set the reuses datasets metrics to the correct value #2540
• Add a specific dataset's method for resource removal #2534
• Flask-Security update #2535:
  • Switch to fork Flask-Security-Too
  • New settings to set the required password length and complexity
• Fix Flask-security sendmail overriding #2536
• Add a custom password complexity checker to Flask-Security #2537
• Change too short password error message #2538

v2.2.1

• Some fixes for the static files deletion #2526:
  • New static files migration replacing the older one:
    • The migration now uses FS_URL.
    • Fixed the fs_filename string formating.
    • Now checks the community ressource's URLs too.
  • Removing the deletion script link in the CHANGELOG previous entry.
• Add a schema facet to the dataset search 🚧 requires datasets reindexation #2523

v2.2.0

• CORS are now handled by Flask-CORS instead of Flask-RestPlus#2485
• Oauth changes #2510:
  • Authorization code Grant now support PKCE flow
  • New command to create an OAuth client
  • ⚠️ Implicit grant is no longer supported
• ⚠️ Deletion workflow changes #2488:
  • Deleting a resource now triggers the deletion of the corresponding static file
  • Deleting a dataset now triggers the deletion of the corresponding resources (including community resources) and their static files
  • Adding a celery job purge-orphan-community-resources to remove community resources not linked to a dataset. This should be scheduled regularly.
  • Adding a migration file to populate resources fs_filename new field. Scripts to delete the orphaned files are available here.
• Show traceback for migration errors #2513
• Add schema field to ressources. This field can be filled based on an external schema catalog #2512
• Add 2 new template hooks: base.modals (base template) and dataset.resource.card.extra-buttons (dataset resource card) #2514

v2.1.3

• Fix internal links in markdown when not starting w/ slash #2500
• Fix JS error when uploading a resource in certain conditions #2483

v2.1.2

• Decoded api key byte string #2482
• Removed now useless metric fetching #2482
• Fix bug in harvester's cron schedule #2493
• Adding banner options in settings for a potential use in an udata's theme #2492

v2.1.1

• Decoded api key byte string #2482
• Removed now useless metric fetching #2482
• Fix bug in harvester's cron schedule #2493
• Adding banner options in settings for a potential use in an udata's theme #2492