# 3.5.0 / 2022-05-09
**General**
- Add a next challenge recommendation to challenges
- Add support for only viewing hints after unlocking another hint
- Add size checking and recommendation for images uploaded during setup
**Admin Panel**
- Imports now happen in the background so that admins can watch the status of the import
- Add progress tracking to backup/export importing
- Add `GET /admin/import` to see status of import
- The public user facing portion of CTFd is now disabled during imports
- Fix issue where custom field entries for Users and Teams would be misaligned in the scoreboard CSV export
- Show admins the email server error message when email sending fails
- Fix issue where the current theme cannot be found in list of themes
- Fix page preview so that it accounts for the provided format
- Add links from User/Team Profile IP addresses to a User IP address search page
- Add city geolocation to Team Profile IP addresses
**API**
- Add the `count` meta field to the following endpoints:
- `/api/v1/users/me/solves`
- `/api/v1/users/me/fails`
- `/api/v1/users/me/awards`
- `/api/v1/teams/me/awards`
- `/api/v1/users/[user_id]/solves`
- `/api/v1/users/[user_id]/fails`
- `/api/v1/users/[user_id]/awards`
- `/api/v1/teams/[team_id]/solves`
- `/api/v1/teams/[team_id]/awards`
- Improve speed of `/api/v1/teams/me/fails`
- Improve speed of `/api/v1/teams/[team_id]/fails`
- Improve speed of `/api/v1/users/me/fails`
- Improve speed of `/api/v1/users/[user_id]/fails`
**Deployment**
- Use Python 3.9 as the default Python version
- Prevent any possible usage of an already existing session ID by checking for duplicates during during session ID generation
- No longer install `python3-dev` in Dockerfile
- docker-compose.yml now uses `nginx:stable` as the image for nginx
**Plugins**
- `CTFd._internal.challenge.render` and `CTFd._internal.challenge.renderer` in the `view.js` Challenge type file has been deprecated. Instead Challenge plugins should refer to the `challenge.html` attribute provided by the API. Essentially CTFd is moving to having markdown & HTML rendered by the server instead of rendering on the client.
**Themes**
- Create the [`core-beta` theme](https://github.com/CTFd/core-beta) and begin documenting the creation of themes using Vite
- Add `userName` and `userEmail` to the CTFd init object in `base.html` for easier integration with other JavaScript code
- Add `teamId` and `teamName` to the CTFd init object in `base.html` for easier integration with other JavaScript code
- Adds the `Assets` constant to access front end assets from Jinja templates
- Adds a `views.themes_beta` route to avoid the `.dev`/`.min` extension being added automatically to frontend asset urls
**Miscellaneous**
- Fix double logging in `log()` function
- Add `--delete_import_on_finish` to `python manage.py import_ctf`
- Fix issue where `field_entries` table could not be imported when moving between MySQL and MariaDB
- Add links from User/Team Profile IP addresses to a User IP address search page
- Add city geolocation to Team Profile IP addresses
Co-authored-by: J <>
Co-authored-by: Kevin Chung <kchung@nyu.edu>
Co-authored-by: Kevin Chung <kchung@ctfd.io>
# 3.5.0 / UNRELEASED
**General**
- Add a next challenge recommendation to challenges
- Add support for only viewing hints after unlocking another hint
- Add size checking and recommendation for images uploaded during setup
**Admin Panel**
- Imports now happen in the background so that admins can watch the status of the import
- Add progress tracking to backup/export importing
- Add `GET /admin/import` to see status of import
- The public user facing portion of CTFd is now disabled during imports
- Fix issue where custom field entries for Users and Teams would be misaligned in the scoreboard CSV export
- Show admins the email server error message when email sending fails
- Fix issue where the current theme cannot be found in list of themes
- Fix page preview so that it accounts for the provided format
**API**
- Add the `count` meta field to the following endpoints:
- `/api/v1/users/me/solves`
- `/api/v1/users/me/fails`
- `/api/v1/users/me/awards`
- `/api/v1/teams/me/awards`
- `/api/v1/users/[user_id]/solves`
- `/api/v1/users/[user_id]/fails`
- `/api/v1/users/[user_id]/awards`
- `/api/v1/teams/[team_id]/solves`
- `/api/v1/teams/[team_id]/awards`
- Improve speed of `/api/v1/teams/me/fails`
- Improve speed of `/api/v1/teams/[team_id]/fails`
- Improve speed of `/api/v1/users/me/fails`
- Improve speed of `/api/v1/users/[user_id]/fails`
**Deployment**
- Use Python 3.9 as the default Python version
- Prevent any possible usage of an already existing session ID by checking for duplicates during during session ID generation
- No longer install `python3-dev` in Dockerfile
- docker-compose.yml now uses `nginx:stable` as the image for nginx
**Plugins**
- `CTFd._internal.challenge.render` and `CTFd._internal.challenge.renderer` in the `view.js` Challenge type file has been deprecated. Instead Challenge plugins should refer to the `challenge.html` attribute provided by the API. Essentially CTFd is moving to having markdown & HTML rendered by the server instead of rendering on the client.
**Themes**
- Create the [`core-beta` theme](https://github.com/CTFd/core-beta) and begin documenting the creation of themes using Vite
- Add `userName` and `userEmail` to the CTFd init object in `base.html` for easier integration with other JavaScript code
- Add `teamId` and `teamName` to the CTFd init object in `base.html` for easier integration with other JavaScript code
- Adds the `Assets` constant to access front end assets from Jinja templates
- Adds a `views.themes_beta` route to avoid the `.dev`/`.min` extension being added automatically to frontend asset urls
**Miscellaneous**
- Fix double logging in `log()` function
- Add `--delete_import_on_finish` to `python manage.py import_ctf`
- Fix issue where `field_entries` table could not be imported when moving between MySQL and MariaDB
* Closes#2087
* Use `python manage.py import_ctf` instead of a new Process to import backups from the Admin Panel.
* This avoids a number of issues with gevent and webserver forking/threading models.
* Add `--delete_import_on_finish` to `python manage.py import_ctf`
* Fix issue where `field_entries` table could not be imported when moving between MySQL and MariaDB
* Improve speed of `/api/v1/teams/me/fails`
* Improve speed of `/api/v1/teams/[team_id]/fails`
* Improve speed of `/api/v1/users/me/fails`
* Improve speed of `/api/v1/users/[user_id]/fails`
* Add progress tracking to import_ctf
* Make imports happen in the background so that we can see status
* Add GET /admin/import to see status of import
* Disable the public interface during imports
* Closes#1980
* Adds the `Assets` constant to access front end assets from Jinja templates
* Adds a `views.themes_beta` route to avoid the `.dev`/`.min` extension being added automatically to frontend asset urls
* Add `count` meta field to `/api/v1/users/me/solves`, `/api/v1/users/me/fails`, `/api/v1/users/me/awards`, `/api/v1/users/[user_id]/solves`, `/api/v1/users/[user_id]/fails`, `/api/v1/users/[user_id]/awards`
* Works on #2049
# 3.4.3 / 2022-03-07
**Security**
- Bump cmarkgfm to 0.8.0 to resolve CVE-2022-24724. Copied entry from 3.4.2 since 3.4.2 introduced a bug that prevented writing raw HTML.
**General**
- Fix issue where raw HTML would not be rendered in markdown
# 3.4.2 / 2022-03-07
**Security**
- Bump cmarkgfm to 0.8.0 to resolve CVE-2022-24724
**General**
- Fix issue where unauthed users couldn't download challenge files after CTF end but viewing after CTF was enabled
# 3.4.1 / 2022-02-19
**General**
- Make session cookies persist in the browser after close
- Fix issue where all-numeric registration codes wouldn't work
- Fix issue where a user's session isn't cleared properly after they are deleted by an admin
- Fix issue where CTF end time couldn't be set during setup
**API**
- Improved speed of the `/api/v1/challenges/[challenge_id]/solves` endpoint
- Document API authentication and `Content-Type` header requirement
- Add nested `UserSchema` and `TeamSchema` to `SubmissionSchema` for easier access to account name
**Admin Panel**
- Improve CSV import error reporting and validation
- Fix non-clickable checkbox label in user creation form in Admin Panel
- Allow submissions per minute ratelimit to be configurable in Admin Panel
- Add a link in the Pages Editor to the [Page Variables documentation page](https://docs.ctfd.io/docs/pages/variables/)
**Themes**
- Fix issue where invalid `theme_settings` can cause broken frontend
- Replace `node-sass` with `sass` and upgrade `sass-loader`
**Deployment**
- Serve all assets from CTFd regardless of internet availability (i.e. fonts and font-awesome)
- Fix regression in `REVERSE_PROXY` to allow comma seperated integers
- Bump `flask-restx` to 0.5.1
- Bump `pybluemonday` to 0.0.9
- Added support for S3 signature version 4 authentication to support alternative S3 buckets (Google Cloud Storage, DigitalOcean Spaces, etc)
**Miscellaneous**
- Add a Github Actions job to publish Docker images to Dockerhub and ghcr
