From 89289ad641a7fac3b01185ac892820e6676da675 Mon Sep 17 00:00:00 2001 From: Kevin Chung Date: Mon, 23 Jan 2023 10:34:49 -0500 Subject: [PATCH] Mark 3.5.1 (#2246) # 3.5.1 / 2023-01-23 **General** - The public scoreboard page is no longer shown to users if account visibility is disabled - Teams created by admins using the normal team creation flow are now hidden by default - Redirect users to the team creation page if they access a certain pages before the CTF starts - Added a notice on the Challenges page to remind Admins if they are in Admins Only mode - Fixed an issue where users couldn't login to their team even though they were already on the team - Fixed an issue with scoreboard tie breaking when an award results in a tie - Fixed the order of solves, fails, and awards to always be in chronological ordering (latest first). - Fixed an issue where certain custom fields could not be submitted **Admin Panel** - Improved the rendering of Admin Panel tables on mobile devices - Clarified the behavior of Score Visibility with respect to Account Visibility in the Admin Panel help text - Added user id and user email fields to the user mode scoreboard CSV export - Add CSV export for `teams+members+fields` which is teams with Custom Field entries and their team members with Custom Field entries - The import process will now catch all exceptions in the import process to report them in the Admin Panel - Fixed issue where `field_entries` could not be imported under MariaDB - Fixed issue where `config` entries sometimes would be recreated for some reason causing an import to fail - Fixed issue with Firefox caching checkboxes by adding `autocomplete='off'` to Admin Panel pages - Fixed issue where Next selection for a challenge wouldn't always load in Admin Panel **API** - Improve response time of `/api/v1/challenges` and `/api/v1/challenges/[challenge_id]/solves` by caching the solve count data for users and challenges - Add `HEAD /api/v1/notifications` to get a count of notifications that have happened. - This also includes a `since_id` parameter to allow for a notification cursor. - Unread notification count can now be tracked by themes that track which notifications a user has read - Add `since_id` to `GET /api/v1/notifications` to get Notifications that have happened since a specific ID **Deployment** - Imports have been disabled when running with a SQLite database backend - See https://github.com/CTFd/CTFd/issues/2131 - Added `/healthcheck` endpoint to check if CTFd is ready - There are now ARM Docker images for OSS CTFd - Bump dependencies for passlib, bcrypt, requests, gunicorn, gevent, python-geoacumen-city - Properly load `SAFE_MODE` config from environment variable - The `AWS_S3_REGION` config has been added to allow specifying an S3 region. The default is `us-east-1` - Add individual DATABASE config keys as an alternative to `DATABASE_URL` - `DATABASE_PROTOCOL`: SQLAlchemy DB protocol (+ driver, optionally) - `DATABASE_USER`: Username to access DB server with - `DATABASE_PASSWORD`: Password to access DB server with - `DATABASE_HOST`: Hostname of the DB server to access - `DATABASE_PORT`: Port of the DB server to access - `DATABASE_NAME`: Name of the database to use - Add individual REDIS config keys as an alternative to `REDIS_URL` - `REDIS_PROTOCOL`: Protocol to access Redis server with (either redis or rediss) - `REDIS_USER`: Username to access Redis server with - `REDIS_PASSWORD`: Password to access Redis server with - `REDIS_HOST`: Hostname of the Redis server to access - `REDIS_PORT`: Port of the Redis server to access - `REDIS_DB`: Numeric ID of the database to access **Plugins** - Adds support for `config.json` to have multiple paths to add to the Plugins dropdown in the Admin Panel - Plugins and their migrations now have access to the `get_all_tables` and `get_columns_for_table` functions - Email sending functions have now been seperated into classes that can be customized via plugins. - Add `CTFd.utils.email.providers.EmailProvider` - Add `CTFd.utils.email.providers.mailgun.MailgunEmailProvider` - Add `CTFd.utils.email.providers.smtp.SMTPEmailProvider` - Deprecate `CTFd.utils.email.mailgun.sendmail` - Deprecate `CTFd.utils.email.smtp.sendmail` **Themes** - The beta interface `Assets.manifest_css` has been removed - `event-source-polyfill` is now pinned to 1.0.19. - See https://github.com/CTFd/CTFd/issues/2159 - Note that we will not be using this polyfill starting with the `core-beta` theme. - Add autofocus to text fields on authentication pages --- CHANGELOG.md | 76 ++++++++++++++++++++++++++++++++++++++++++++++++ CTFd/__init__.py | 2 +- package.json | 2 +- requirements.in | 4 +-- requirements.txt | 4 +-- 5 files changed, 82 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c1c40362..f0a7b758 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,79 @@ +# 3.5.1 / 2023-01-23 + +**General** + +- The public scoreboard page is no longer shown to users if account visibility is disabled +- Teams created by admins using the normal team creation flow are now hidden by default +- Redirect users to the team creation page if they access a certain pages before the CTF starts +- Added a notice on the Challenges page to remind Admins if they are in Admins Only mode +- Fixed an issue where users couldn't login to their team even though they were already on the team +- Fixed an issue with scoreboard tie breaking when an award results in a tie +- Fixed the order of solves, fails, and awards to always be in chronological ordering (latest first). +- Fixed an issue where certain custom fields could not be submitted + +**Admin Panel** + +- Improved the rendering of Admin Panel tables on mobile devices +- Clarified the behavior of Score Visibility with respect to Account Visibility in the Admin Panel help text +- Added user id and user email fields to the user mode scoreboard CSV export +- Add CSV export for `teams+members+fields` which is teams with Custom Field entries and their team members with Custom Field entries +- The import process will now catch all exceptions in the import process to report them in the Admin Panel +- Fixed issue where `field_entries` could not be imported under MariaDB +- Fixed issue where `config` entries sometimes would be recreated for some reason causing an import to fail +- Fixed issue with Firefox caching checkboxes by adding `autocomplete='off'` to Admin Panel pages +- Fixed issue where Next selection for a challenge wouldn't always load in Admin Panel + +**API** + +- Improve response time of `/api/v1/challenges` and `/api/v1/challenges/[challenge_id]/solves` by caching the solve count data for users and challenges +- Add `HEAD /api/v1/notifications` to get a count of notifications that have happened. + - This also includes a `since_id` parameter to allow for a notification cursor. + - Unread notification count can now be tracked by themes that track which notifications a user has read +- Add `since_id` to `GET /api/v1/notifications` to get Notifications that have happened since a specific ID + +**Deployment** + +- Imports have been disabled when running with a SQLite database backend + - See https://github.com/CTFd/CTFd/issues/2131 +- Added `/healthcheck` endpoint to check if CTFd is ready +- There are now ARM Docker images for OSS CTFd +- Bump dependencies for passlib, bcrypt, requests, gunicorn, gevent, python-geoacumen-city, cmarkgfm +- Properly load `SAFE_MODE` config from environment variable +- The `AWS_S3_REGION` config has been added to allow specifying an S3 region. The default is `us-east-1` +- Add individual DATABASE config keys as an alternative to `DATABASE_URL` + - `DATABASE_PROTOCOL`: SQLAlchemy DB protocol (+ driver, optionally) + - `DATABASE_USER`: Username to access DB server with + - `DATABASE_PASSWORD`: Password to access DB server with + - `DATABASE_HOST`: Hostname of the DB server to access + - `DATABASE_PORT`: Port of the DB server to access + - `DATABASE_NAME`: Name of the database to use +- Add individual REDIS config keys as an alternative to `REDIS_URL` + - `REDIS_PROTOCOL`: Protocol to access Redis server with (either redis or rediss) + - `REDIS_USER`: Username to access Redis server with + - `REDIS_PASSWORD`: Password to access Redis server with + - `REDIS_HOST`: Hostname of the Redis server to access + - `REDIS_PORT`: Port of the Redis server to access + - `REDIS_DB`: Numeric ID of the database to access + +**Plugins** + +- Adds support for `config.json` to have multiple paths to add to the Plugins dropdown in the Admin Panel +- Plugins and their migrations now have access to the `get_all_tables` and `get_columns_for_table` functions +- Email sending functions have now been seperated into classes that can be customized via plugins. + - Add `CTFd.utils.email.providers.EmailProvider` + - Add `CTFd.utils.email.providers.mailgun.MailgunEmailProvider` + - Add `CTFd.utils.email.providers.smtp.SMTPEmailProvider` + - Deprecate `CTFd.utils.email.mailgun.sendmail` + - Deprecate `CTFd.utils.email.smtp.sendmail` + +**Themes** + +- The beta interface `Assets.manifest_css` has been removed +- `event-source-polyfill` is now pinned to 1.0.19. + - See https://github.com/CTFd/CTFd/issues/2159 + - Note that we will not be using this polyfill starting with the `core-beta` theme. +- Add autofocus to text fields on authentication pages + # 3.5.0 / 2022-05-09 **General** diff --git a/CTFd/__init__.py b/CTFd/__init__.py index 909c64ef..144126f2 100644 --- a/CTFd/__init__.py +++ b/CTFd/__init__.py @@ -29,7 +29,7 @@ from CTFd.utils.migrations import create_database, migrations, stamp_latest_revi from CTFd.utils.sessions import CachingSessionInterface from CTFd.utils.updates import update_check -__version__ = "3.5.0" +__version__ = "3.5.1" __channel__ = "oss" diff --git a/package.json b/package.json index 96bc4fff..3f5364c5 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "ctfd", - "version": "3.5.0", + "version": "3.5.1", "description": "CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it's easy to customize with plugins and themes.", "main": "index.js", "directories": { diff --git a/requirements.in b/requirements.in index 9d5014a9..db8f653a 100644 --- a/requirements.in +++ b/requirements.in @@ -14,7 +14,7 @@ requests==2.28.1 PyMySQL==0.9.3 gunicorn==20.1.0 dataset==1.3.1 -cmarkgfm==0.8.0 +cmarkgfm==2022.10.27 redis==3.5.2 gevent==22.10.2 python-dotenv==0.13.0 @@ -25,7 +25,7 @@ boto3==1.13.9 marshmallow==2.20.2 pydantic==1.6.2 WTForms==2.3.1 -python-geoacumen-city==2022.11.15 +python-geoacumen-city==2023.1.15 maxminddb==1.5.4 tenacity==6.2.0 pybluemonday==0.0.9 diff --git a/requirements.txt b/requirements.txt index 0b07ec89..f9db78da 100644 --- a/requirements.txt +++ b/requirements.txt @@ -30,7 +30,7 @@ charset-normalizer==2.0.12 # via requests click==7.1.2 # via flask -cmarkgfm==0.8.0 +cmarkgfm==2022.10.27 # via -r requirements.in dataset==1.3.1 # via -r requirements.in @@ -119,7 +119,7 @@ python-dotenv==0.13.0 # via -r requirements.in python-editor==1.0.4 # via alembic -python-geoacumen-city==2022.11.15 +python-geoacumen-city==2023.1.15 # via -r requirements.in pytz==2020.4 # via flask-restx