Indico - A feature-rich event management system, made @ CERN, the place where the Web was born.
MIT License
Bot releases are visible (Hide)
mailto:
link in an email body (#6286)pkg_resources
with importlib
from standard library (#6272, #6273, thanks @maxnoe)Published by github-actions[bot] 7 months ago
SMTP_USE_TLS
) (#6261)Published by github-actions[bot] 7 months ago
This release moves from Python 3.9 to Python 3.12. 🐍
It also drops support for legacy (and nearly end-of-life) operating systems, in particular CentOS 7.
Because of this, make sure to read the 3.x to 3.3 upgrade guide if you plan to upgrade an existing instance.
If you need any help with the upgrade after reading the docs, don't hesitate to ask in our forum.
indico
command-line interface.ENABLE_GOOGLE_WALLET
config setting and then configure it on the category level.LOGIN_LOGO_URL
config option) and using custom logos for auth providers (logo_url
in the auth provider settings) (#5936, thanks @openprojects)~~text~~
to strike-out text in markdown (#6166)ENABLE_GOOGLE_WALLET
indico.conf
setting) (#6028, thanks @openprojects)indico user delete
CLI to attempt to permanently delete a user (#5838)indico user anonymize
CLI to permanently anonymize a user (#5838)is_ticket_blocked
(#6062)5964
, #5965, thanks @foxbunny)foxbunny
)event.is_field_data_locked
signal, allowing plugins to lock registration form fields on a per-registration basis (#5424)event.registration_form_field_deleted
signal, allowing plugins to handle the removal of registration form fields (#5924)bin/managemnent/icons_generate.py
to generate CSS for icomoon icons based on selection.json
(#5986, thanks @foxbunny)core.add_form_fields
signal handlers (#6020, thanks @vtran99)indico i18n
CLI to support plugin-related i18n operations (#5906, #5961, thanks @SegiNyn)<ind-menu>
custom element for managing drop-down menus (#5896, #5897, thanks @foxbunny)Published by github-actions[bot] 9 months ago
Published by github-actions[bot] about 1 year ago
Published by github-actions[bot] about 1 year ago
Published by github-actions[bot] over 1 year ago
{event_link}
email placeholder, using the {event_link:something-else-here}
syntax (#5858, #5860)Published by ThiefMaster over 1 year ago
\href
macro when rendering it client-side. Previously, it was possible to embed arbitrary JavaScript there using the javascript:
protocol. The underlying MathJax library has now been updated to version 3 which allows blacklisting certain protocols, thus allowing only http
, https
and mailto
links in \href
macros (#5818)Published by ThiefMaster over 1 year ago
Vary: Cookie
header when session data is present and used. This ensures that data linked to a (logged-in) session cannot leak between requests even in case of a poorly-configured caching proxy in front of Indico (#5753)0
for a required registration form numbe field (unless a higher minimum value is set) (#5781)Published by ThiefMaster over 1 year ago
Note: The risk of malicious HTML (e.g. scripts) in the global announcement is minimal as only Indico administrators can set such an announcement anyway. However, in the unlikely case that an administrator becomes malicious or is compromised, they would have been be able to perform XSS against their Indico instance.
locked_fields
to the identity provider settings in indico.conf
to prevent non-admin users from turning off their profile's personal data synchronization (#5648)rh.before-check-access
signal (#5639, thanks @omegak)indico celery --watchman ...
to run Celery with the Watchman reloader (#5667)Published by ThiefMaster almost 2 years ago
Published by ThiefMaster almost 2 years ago
Note: We do not think that Indico is affected by those vulnerabilities as it does not use the cryptography library itself, and the dependency that uses it is only used during SSO (OAuth) logins and most likely in a way that is not vulnerable. It is nonetheless recommended to update as soon as possible.
"
) in ckeditor output correctly (#5487)registration_deleted
signal whether it's a permanent deletion from the database or just a soft-deletion (#5559)Published by ThiefMaster about 2 years ago
We published a blog post summarizing the most relevant changes for end users.
regform-container-attrs
template hook to pass additional (data-)attributes to the React registration form containers (#5271)EMAIL_BACKEND
configuration variable to support different email sending backends e.g. during development (#5375, #5376, thanks @Moist-Cat)signal_query
method in the IndicoBaseQuery
class and the db_query
signal, allowing to intercept and modify queries by signal handlers (#4981, thanks @omegak).Indico 3.2 supports both Python 3.9 and 3.10
Published by ThiefMaster over 2 years ago
category-sidebar
template hook and blocks around category sidebar sections (#5237, thanks @omegak)event.reminder.before_reminder_make_email
signal (#5242, thanks @vasantvohra)plugin.interceptable_function
signal to intercept selected function calls (#5254)Published by ThiefMaster almost 3 years ago
We published a blog post summarizing the most relevant changes for end users.
SMTP_ALLOWED_SENDERS
and SMTP_SENDER_FALLBACK
config settings (#4837, #2224, #1877, #5179)CUSTOM_COUNTRIES
not overriding names of existing countries (#5183)Published by ThiefMaster almost 3 years ago
Published by ThiefMaster about 3 years ago
Published by ThiefMaster about 3 years ago
event.before_check_registration_email
signal (#5021, thanks @omegak)event.registration.after_registration_form_clone
signal (#5037, thanks @vasantvohra)registration-invite-options
template hook (#5045, thanks @vasantvohra)Published by ThiefMaster over 3 years ago
Note that we only list the changes since 3.0rc2 here. Please make sure to also check the changelogs for 3.0rc1 and 3.0rc2.
SYSTEM_NOTICES_URL = None
in indico.conf
(#5004)signals.foo
now need to be accessed using their explicit name, i.e. signals.core.foo
(#5007)category.extra_events
signal (#5005, thanks @omegak)Published by ThiefMaster over 3 years ago
Since this is a prerelease, you need to use pip's --pre
switch to install it, ie pip install --pre indico
(same for indico-plugins
)