Releases

Unreleased
- Front end improvements:
  - Include requirements for redeeming the link in the email change confirmation mail. #4422
  - Use email field type for username if SMS authentication not enabled. #4455
  - Text overrides for new report fields can be configured to apply when it is known the report will go to a particular cobrand. #4466, #4516
  - Improve handling cache expiry for front page statistics.
  - Add geolocation button to centre map at user's location. #4671
  - WasteWorks PWA can now have a separate name from the FixMyStreet PWA.
  - Users can now opt out of questionnaires.
  - Include reference in report list emails. #4760
  - Add support for different '/around' map display times for open/closed/fixed reports
  - Add code to enable category filtering box.
  - Improved the display of the map filters. #4728
  - Don't display 'Show my name publicly' checkbox when making a private reports to prevent confusion.
  - Allow decimals in the local alert radius.
- Bugfixes:
  - Stop map panning breaking after long press. #4423
  - Fix RSS feed subscription from alert page button.
  - Fix link to edit category with apostrophe in category name.
  - Fallback extra field in submit email should be name, not code.
  - Allow confirmation links to login user 30s within first use to prevent things like Outlook 'safelinks' breaking the UX.
  - Fixes default status report filter text on Your Account page. #4558
  - Don't zoom to bounds when searching for a postcode.
  - Fix restoring a draft with no location.
  - Create reporter alert before creating first unconfirmed auto-update.
  - Fix display of user in assignment dropdown. #4855
  - Fix setting of fixed timestamp in CSV export. #5119
  - Fix CSV export of reports with only hidden/unconfirmed updates. #5119
  - Fix displaying category page if over 1,000 history entries.
  - Stop wrapping category notices in a label.
- Admin improvements:
  - Rename emergency message to site message.
  - Added a category control for overriding the text of the new report details field.
  - Added support for 'multivaluelist' extra category questions using checkboxes.
  - Added support for 'datetime' extra category questions using a datetime picker.
  - Added option to make a phone number required for a category.
  - Add way to pick multiple categories in the dashboard.
  - Staff cannot update name reporting when logged out. #5031
  - Allow h1, h2, h3 tags in contact notices/questions. #4959
  - Tweak config page display. #5139
  - Minor display improvements to report/update pages. #5141
  - Minor display and performance improvements to user pages. #5138
  - Move add new body/category to their own admin pages.
  - Move navigation to sidebar.
- Development improvements:
  - Extra data columns now stored as JSON, not RABX. #3216
  - Cobrands can provide custom distances for duplicate lookup. #4456
  - Auto-spot a default favicon.ico.
  - Add send_state column to reports. #4048
  - Return random unprocessed row to daemon.
  - A cobrand level text override for the details field label on new reports can now be configured.
  - Cobrands can provide per-category custom distances for duplicate lookup. #4746 #5162
  - Add perl 5.38 support.
  - Add plain text template previews to /_dev/email. #5105
  - Add --exclude option to bin/open311-populate-service-list
  - Add /status/health page to indicate service health.
- Performance improvements:
  - Reduce database queries on shortlist page.
  - Provide ResultSet fallback translation in lookup.
  - Mark non-Open311 updates as processed by daemon. #4552
  - Inspector/planned offline report caching now fetches URLs sequentially, not in parallel.
  - Desktop browsers won't automatically cache reports offline when visiting /my/planned.
- Changes:
  - Switch to OpenStreetMap for reverse geocoding. #4444
  - Convert all uploaded images to JPEGs.
  - Redirect after POST when creating reports. #4362
  - Include status change line in report update emails using auto response templates.
  - Don't display a translation banner in front of important UI elements on Android. #4153
v5.0 (10th May 2023)
- Front end improvements:
  - Use crosshairs for mobile reporting. #4176
  - Enable keyboard navigation of map. #3321
  - Highlight pin on sidebar focus as well as hover. #3709
  - Map page pagination links now styled as links rather than buttons. #3727
  - Include username in inactive email. #3734
  - Update document title on client-side new report page transition. #3834
  - Disable staff phone and name fields to avoid accidental overwriting. #3805
  - Hide 'Assigned to' text if a report is not assigned to anyone #3646
  - Hide 'Assign to' dropdown if no available assignees #3646
  - Allow 'Asset ID' (part of optional extra data displayed for a report) to be customisable for all cobrands #3920
  - Add initial update template on report sending, not creation. #3949 #439
  - Add option to set an emergency message on reporting pages. #4015
  - Add label to questionnaire textarea. #3944
  - Offline report drafting. #4290
  - Set width=device-width in viewport meta tag. #4384
  - Improve performance of front page ‘recent problems’ query. #4424
  - Fix photo field label not visually appearing as a label.
- Bugfixes:
  - Add ID attributes to change password form inputs.
  - Fix link deactivation for privacy policy link on privacy policy page. #3704
  - Fix dashboard rows for categories with &s. #3802
  - Make calls from Geocoder files to https rather than http #3811
  - Inspector dropdown list only shows name once even if permissions repeated #3870
  - Inspector dropdown list doesn't show anonymised users, removing blank options #3873
  - Fix report unassignment so it works for users who did not create the report #3903
  - [Open311] External code removal is not a change. #3988
  - Trim whitespace on extra status codes for response templates #3997
  - The permission default_to_body now also affects updates. #3317
  - Decouple the permission to manage shortlist from default_to_body. #3317
  - Fix issue with sanitizing missing attributes. #4086
  - Include email_text from templates in export-import-data script. #4084
  - Stop map moving when navigating through images with arrow keys. #3856
  - Remember category group through OpenID login. #4231
  - For CSV export, fetch children of all generations. #4059
  - Reset subcategory selection on clicking browser 'back' button during new report journey #4260 #4284
  - Fix JS error going back from page to report page to map page #4175
  - Fix existing groups being removed when a contact is edited with the category_groups flag unset. #4307
  - Stop map panning breaking after press on pin #4132
  - With extended statuses, send 'closed' rather than 'open' status in Open311 service request when report is closed.
- Accessibility improvements:
  - The "skip map" link on /around now has new wording. #3794
  - Improve visual contrast of pagination links. #3794
  - Make map pan/zoom controls keyboard-accessible. #3751
  - Add missing label to alert distance input. #4248
  - Give generated map tiles blank alt attribute. #4248
  - Add fieldset to alert list and improve sort order. #4248
  - Remove unnecessary and add some missing fieldsets. #4283
  - Improve fancybox accessibility (text and focus). #4248
  - Add visually-hidden nearest address in report list. #4283
  - Add a focus state for button-variant mixin. #4312
  - Improved focus state for link images in the local alert page. #4312
- Admin improvements:
  - Admin 'add user' form now always creates staff users #3749
  - Make sure staff permissions removed when anonymized. #4051
  - Add role filter to dashboard interface. #4082
  - Alerts are paginated on user edit page. #4158
  - Restrict flagging users and reports to superusers. #4168
  - Display photos in report moderation updates, rather than just the image hashes. #4266
  - Add 'admin_contact_validate_category' cobrand hook to validate category names when editing or creating contacts.
  - Restrict timeline to users with the report_edit permission.
- Development improvements:
  - Default make_css to web/cobrands rather than web. #3712
  - Ability to pass custom arguments (eg: SSL config) to server when running via Docker #3713
  - Allow bin/fetch start/end times to be fractional. #3738
  - Add an --exclude option to bin/fetch. #3804
  - Add an index on problem(external_id) to speed up bin/fetch --updates #3808
  - Upgrade Net::DNS and libwww to deal with IPv6 issues. #3809
  - Add send_state column to updates. #3865
  - Enable alternative response from templates to be emailed to issue reporter. #4001
  - Option to read asset layers from configuration. #4119
  - Add GitHub Action to generate POD documentation. #4252
  - Use digest rather than last modified time for static versioning. #4280
  - Add 'open311_title_fetched_report' cobrand hook for customising how titles are created for fetch reports.
  - Add way to use digest in static filename rather than query parameter. #4402
- Security
  - Permit control over database connection sslmode via $FMS_DB_SSLMODE #3927
- Open311 improvements:
  - Increase default timeout. #3738
  - Check for an identical latest update when adding a new one. #4007
- UK:
  - Add CAPTCHA to contact form for non-UK IP addresses #2303
v4.0 (3rd December 2021)
- Front end improvements:
  - Multi-page form reporting.
  - New aerial map toggle.
  - Send text alerts for report updates to only-phone-verified users.
  - Add options for user to set global notification preferences.
  - Pop over mobile navigation menu. #3270
  - Add support for the OS Maps API. #3328
  - Speed up /report/new/ajax call. #3335
  - Improve #geolocate_link display, especially for smaller screens. #2048
  - Allow email alert radius to be specified. #68
  - Update URL on /my when map moves. #3358
  - Make anonymous updates clearer in email alerts. #3417
  - Add Maidenhead Locator support to search box.
  - Update RSS link when distance box changed. #3624
  - Inspector-managers can assign reports to inspectors in the inspector toolbar.
  - Inspectors & inspector-managers can see who a report is assigned to or 'unassigned' if a report is unassigned.
- Bugfixes:
  - Fix non-JS form when all extra questions answered. #3248
  - Improve display of disabled fields in iOS.
  - Use div for inspector form wrapped extra questions. #3250
  - Fix Open311 JSON services output. #3279
  - Send email reports in staff-only categories.
  - Fix Gaze sometimes being called twice on /around. #3324
  - Improved alert signup for phone-only user. #3367
  - Fix moderation of update text.
  - Only trigger one refresh going Back to list view. #3476
  - Fix checked order of updates in dashboard export.
  - Fix unable to edit user with verified landline #3295
  - Fix 'sites' page to reflect active fixmystreet sites #2481
  - Fix ordering of dropdown lists in extra questions #3566
  - Fix removal of cached opengraph photos.
  - Do not email inactive body comment users. #3587
  - Look up organizational domain in DMARC checking. #3603
  - Stop slash in category name breaking csv download #3642
  - Fix CSS z-index bug that resulted in the main menu being hidden behind the map on small screens #3686
- Admin improvements:
  - Assignees of reports are now visible in admin reports list and report edit pages.
  - Enable per-category hint customisation.
  - Move ban/unban buttons to user edit admin page.
  - Add link to user edit admin from report/update edit admin.
  - Improve layout of some admin pages.
  - Include email in inspector form information.
  - Improve wording of new report Private checkbox.
  - No questionnaires on reports as body/anonymous.
  - CSV export, improve Site Used and add Device Type.
  - Always record contributed_by for staff users.
  - Add per-photo moderation. #3055
  - Redaction support for photos.
  - UK Councils no questionnaires for non-updating users
  - Script to export/import response templates, #3549
  - Include non-public report in front page search for staff. #3616
  - Include staff categories in map filters for staff. #3616
- Development improvements:
  - Include failure count in send report error output, #3316
  - Sort output in export script. #3323
  - Show relevant updates in alert-update email preview. #3417
  - Upgrade jQuery to 3.6.0. #3017
  - Upgrade Mozilla::CA to handle new root certificates.
  - Factor alert script to slightly smaller functions. #3615
  - Add development Docker environment.
- Open311 improvements:
  - Consistent protected field ordering.
  - Move test handling out of core code.
- Security:
  - Increase minimum password length to eight.
  - Allow throttling by user login attempts
- Changes
  - Send contact form emails from do-not-reply address if sender's domain uses DMARC.
- New features:
  - Roles can now have category restrictions like users.
v3.1 (16th November 2020)
- Security:
  - Store personal access tokens hashed, and only show once, upon generation. #3063
- New features:
  - Add Open Location Codes support to search box. #3047
- Front end improvements:
  - Add lazy image loading on list items. #3062
  - Improve Bing geocoder results. #2300 #3086
  - Add option of checking passwords against Have I Been Pwned. #3095
  - Add aerial maps option to Bing and OSM maps. #3041 #3114
  - Select matches for both filter category and group. #3110
  - Add an extra zoom level to most map types. #3130
  - Improve new report form when using phone verification. #3191
  - Add option to set an emergency message on the homepage.
- Changes:
  - Mark user as active when sent an email alert. #3045
- Bugfixes:
  - Fix issue with dashboard report CSV export. #3026
  - bin/update-schema PostgreSQL 12 compatibility. #3043
  - Make sure category shown in all its groups when reporting. #3029
  - Do not remove any devolved contacts. #3053
  - Fix double encoding of per-category templates. #3058
  - Return reports in all closed states through Open311.
  - Skip accounts without email when sending inactive emails. #3066
  - Include file extensions in Dropzone accepted photo config. #3098
  - Fix photo orientation in modern browsers. #3098
  - Improve compatibility with G Suite OpenID Connect authentication. #3032
  - Fix duplicate asset message after dismissing duplicate suggestions. #3101
  - Improve moderation diff display in a few small ways. #3105
  - Do not have bootstrap run sudo commands. #2930
  - Fix lookups in templates of categories with &s. #3120
  - Fix a few obscure asset layer changing issues. #3157
  - Fix multiple disable messages for dropdown answers. #3186
  - Do not trigger duplicate check when checking stoppers #3194
  - Do not strip spaces from middle of Open311 category codes. #3167
  - Show all category history even if category renamed. #3181
  - Fix email alert on initial update template. #3209
  - Do not cache the service worker. #3201
- Admin improvements:
  - Interface for disabling updates/reopening for certain categories. #2991 #2992
  - Include group in CSV export if enabled. #2994
  - Disable category rename on Open311 categories when unprotected. #2957
  - In category admin, group is already shown elsewhere.
  - Add assigned_(users|categories)_only functionality.
  - Inspectors can now include a photo with public updates. #2902
  - Display user name/email for contributed as reports. #2990
  - Interface for enabling anonymous reports for certain categories. #2989
  - Better sort admin user table. #3107
  - Centralise update creation to include fields. #3111 #3123
  - Add full text index to speed up admin search. #3129 #3133
  - Offline process for CSV generation. #3146
  - Allow inspectors to change report asset. #3134 #3150
  - Staff users can use HTML tags in updates. #3143
  - Response templates can include HTML tags. #3143
  - Record whether report made on desktop or mobile. #3199
  - Do not display deleted priorities in inspect form. #3195
  - Include extra fields in submit emails. #3215
  - can remove staff status from users in bulk. #3221
  - super users can mark category names as hard coded. #3227
- Development improvements:
  - #geolocate_link is now easier to re-style. #3006
  - Links inside #front-main can be customised using $primary_link_* Sass variables. #3007
  - Add option to show front end testing code coverage. #3036
  - Add function to fetch user's country from Gaze.
  - Add cobrand hook to specify custom domain for VERP emails. #3100
- Open311 improvements:
  - Use devolved data on update sending. #3087
  - Rewrite open311-update-reports to share code and improve functionality. #3092
- Internal things:
  - Move from Travis to GitHub Actions. #3244
- UK:
  - Add option for recaptcha. #3050
  - Display search tips when location search returns no results. #3180
  - Add ability to use GOV.UK Notify for text messaging.
v3.0.1 (6th May 2020)
- New features:
  - Provide access to staff-only categories in admin. #2925 #2958
  - Allow anonymous updating if anonymous reporting enabled.
- Admin improvements:
  - Order unsent reports by confirmed date. #2911
  - Disable staff private tickbox on new reports if category is private. #2961
  - Move stats from main admin index to stats index. #2982
  - Speed up dashboard export and report search. #2988
  - Allow a template to be an initial update on reports. #2973
- Bugfixes:
  - Application user in Docker container can't install packages. #2914
  - Look at all categories when sending reports.
  - Fixes the To header when sending emails about inactive accounts. #2935
  - Recent reports, use same query regardless of cache. #2926 #2999
  - Match body construction on Around with New setup.
  - Only one duplicate call in progress at once. #2941
  - Stop double escape in Google Maps URL.
  - Refactor/stop double escape in report nav link. #2956
  - Maintain group on pin move with same category in multiple groups. #2962
  - Remove unnecessary margin-right on #postcodeForm. #3010
  - Fix sorting by most commented on /around map view. #3013
- Development improvements:
  - Refactor Script::Report into an object. #2927
  - Move summary failures to a separate script. #2927
  - Add generic import categories from JSON script.
  - Add script to export/import body data. #2905
  - Add fetch script that does combined job of fetch-comments and fetch-reports. #2689
  - Allow fetch script to parallelize fetching. #2689
  - Do all retry timeout or skip checks in database. #2947
  - Show error page when submitting with web param to /import. #2233
  - Add a daemon option for sending reports and updates. #2924
  - Update Getopt::Long::Descriptive to stop warning. #3003
- Open311 improvements:
  - Allow save/drop of row extra during sending. #2788
  - Match response templates on external status code over state. #2921
  - Add flag to protect category/group names from Open311 overwrite. #2986
- Documentation:
  - Remove part about restricting access to /admin. #2937
- UK:
  - Added junction lookup, so you can search for things like "M60, Junction 2". #2918
v3.0 (4th March 2020)
- Security:
  - Fix XSS vulnerability in pagination page number.
  - Rotate session ID after successful login.
  - Switch to auto-escaping of all template variables (see below). #2772
  - Scrub admin description fields. #2791
- Front end improvements:
  - Improved 403 message, especially for private reports. #2511
  - Mobile users can now filter the pins on the /around map view. #2366
  - Maintain whitespace formatting in email report/update lists. #2525
  - Improve keyboard accessibility. #2542
  - Report form now indicates that details are kept private if report is made in a private category. #2528
  - Improve map JavaScript defensiveness.
  - Upgrade jquery-validation plugin. #2540
  - Pass ‘filter_category’ param to front page to pre-filter map.
  - Remove on-map Permalink. #2631
  - Darken front page step numbers, and improve nested heading structure. #2631
  - Set report title autocomplete to off to prevent email autocompleting. #2518
  - Add map filter debouncing to reduce server requests. #2675
  - Add XSL to RSS feeds so they look nicer in browsers. #2736
  - Add per-report OpenGraph images. #2394
  - Display GPS marker on /around map. #2359
  - Use nicer default photo upload message. #2358
  - Remove pan control from mobile widths. #2865
  - Use category groups whenever category lists are shown. #2702
  - Display map inline with duplicate suggestions on mobile. #2668
  - Improved try again process on mobile. #2863
  - Improve messaging/display of private reports. #2884
  - Add a web manifest and service worker. #2220
  - Also check filter_category for category choice. #2893
  - Reduce duplicate Permalink.updateLink calls when zooming map. #2824
  - Hide ‘provide extra information’ preamble when no visible fields are present. #2811
  - Improve user flow when JavaScript is not available. #2619
  - Change ‘locate me automatically’ to ‘use my location’. #2615
  - Include ‘submit’ button at very bottom of report form when signing in during report
  - Provide ARIA roles for message controller box.
- Admin improvements:
  - Add new roles system, to group permissions and apply to users. #2483
  - Contact form emails now include user admin links. #2608
  - Allow categories/Open311 questions to disable the reporting form. #2599
  - Improve category edit form. #2469
  - Allow editing of category name. #1398
  - Allow non-superuser staff to use 2FA, and optional enforcement of 2FA. #2701
  - Add optional enforced password expiry. #2705
  - Store a moderation history on admin report edit. #2722
  - Add user admin log page. #2722
  - Allow report as another user with only name. #2781
  - Allow staff users to sign other people up for alerts. #2783
  - Group categories on body page. #2850
  - Add admin UI for managing web manifest themes. #2792
  - Add a new "staff" contact state. #2891
  - Store staff user when staff make anonymous report. #2802
  - Record first time fixed/closed update sent to reporter in email.
  - Pre-filter ‘all reports’ by area for inspectors
  - show open311 failure details in admin report edit page. #2468
- New features:
  - Categories can be listed under more than one group #2475
  - OpenID Connect login support. #2523
  - Heatmap dashboard. #2675
  - Allow anonymous submission by a button, optionally per-category.
- Bugfixes:
  - Prevent creation of two templates with same title. #2471
  - Fix bug going between report/new pages client side. #2484
  - Don't include private reports when searching by ref from front page.
  - Set fixmystreet.bodies sooner client-side, for two-tier locations. #2498
  - Fix front-end testing script when run with Vagrant. #2514
  - Handle missing category when sending open311 reports #2502
  - Fix label associations with category groups. #2541
  - Hide category extras when duplicate suggestions shown. #2588
  - Hide duplicate suggestions when signing in during reporting. #2588
  - Retain extra data if signing in during reporting. #2588
  - Have duplicate suggestion and assets coexist better. #2589
  - Don't include lat/lon of private reports in ‘Report another problem here’ link. #2605
  - Allow contact send method to be unset always. #2622
  - Fix z-index stacking bug that was causing unclickable RSS icons on /alert page. #2624
  - Fix issue with inspector duplication workflow. #2678
  - Fix removal of cached photos on moderation. #2696
  - Checking of cached front page details against database. #2696
  - Inconsistent display of mark private checkbox for staff users
  - Clear user categories when staff access is removed. #2815
  - Only trigger one change event on initial popstate. #2862
  - Fix error when hiding a user's updates with no confirmed updates. #2898
  - Sort reporting categories in display order. #2704
  - Do not clear asset attributes on category change.
- Development improvements:
  - Upgrade the underlying framework and a number of other packages. #2473
  - Add feature cobrand helper function.
  - Add front-end testing support for WSL. #2514
  - Allow cobrands to disable admin resending. #2553
  - Sass variables for default link colour and decoration. #2538
  - Make contact edit note optional on staging sites.
  - Store email addresses report sent to on the report. #2730
  - Add configuration for setting Content-Security-Policy header. #2759
  - Add banner on staging website/emails, and STAGING_FLAGS option to hide it. #2784 #2820
  - Do not hard code site name in database fixture. #2794
  - Ensure OS dependencies are kept updated in development environments. #2886
  - Enhance inactive scripts to act per-cobrand, or full deletion. #2827
- Open311 improvements:
  - Support use of 'private' service definition to mark reports made in that category private. #2488
  - Ensure any reports fetched in a category marked private are also marked private on the site. #2488
  - Add new upload_files flag which sends files/photos as part of the POST service request. #2495
  - Allow description in email template with placeholder. #2470
  - Do not store display-only extra fields on new reports. #2560
  - Support receiving updates from external source. #2521
  - Improve JSON output of controller.
  - unset external_status_code if blank in update. #2573
  - Add support for account_id parameter to POST Service Request calls.
  - Do not overwrite/remove protected meta data. #2598
  - Spot multiple groups inside a element. #2641
  - Always update problem state from first comment #2832
- Backwards incompatible changes:
  - The FixMyStreet templating code will now escape all variables by default. If you need to output HTML in a variable directly, you will need to escape it with the safe filter, e.g. [% some_html | safe %].
v2.6 (3rd May 2019)
- New features:
  - (Optional) auto-suggestion of similar nearby problems, while reporting, to discourage duplicate reports. #2386
- Front end improvements:
  - Track map state in URL to make sharing links easier. #2242
  - Default to unchecked for show name checkbox. #347
- Email improvements:
  - Header image file name can be customised
- Admin improvements:
  - Include moderation history in report updates. #2379
  - Allow moderation to potentially change state. #2381
  - Spot moderation conflicts and raise an error. #2384
  - Allow searching for in admin.
  - Make staff JavaScript more self-contained.
  - Alow staff user to be associated with multiple areas.
  - Improvements to admin checkbox display.
- Bugfixes:
  - Check cached reports do still have photos before being shown. #2374
  - Delete cache photos upon photo moderation. #2374
  - Remove any use of my $x if $foo. #2377
  - Fix saving of inspect form data offline.
  - Add CSRF and time to contact form. #2388
  - Make sure admin metadata dropdown index numbers are updated too. #2369
  - Fix issue with Open311 codes starting with ‘_’. #2391
  - Add parameter to URL when “Show older” clicked. #2397
  - Don't ask for email on alert signup if logged in. #2402
  - Filter out hidden reports from top 5 list. #1957
  - Add space below "map page" contents on narrow screens.
  - Use relative report links where possible. #1995
  - Improve inline checkbox spacing. #2411
  - Prevent duplicate contact history creation with Unicode data.
  - Show all Open311 extra fields in edit admin.
  - Proper bodies check for sending updates.
  - Check better if extra question has values.
  - Stop filter category overriding chosen category.
  - Allow things to reset if "Pick a category" picked.
  - Stop category_change firing more than it should.
  - Fix extra question display when only one category.
  - Fix superusers creating anonymous reports. #2435
  - Ensure non_public reports aren't exposed at /open311 endpoint.
  - Escape body name in admin title.
  - Use REQUEST_URI, not PATH_INFO, to infer path.
- Development improvements:
  - Make front page cache time configurable.
  - Better working of /fakemapit/ under https.
  - Improve Open311 error output on failing GET requests.
  - Optionally log failed geocoder searches.
- Backwards incompatible changes:
  - If you wish the default for the showname checkbox to be checked, add sub default_show_name { 1 } to your cobrand file.
  - The admin body and user sections have been refactored – if you have custom templates/code, you may need to update links to those.
v2.5 (21st December 2018)
- Front end improvements:
  - Simplify new report/update sign in flow. #642
  - Simplify /auth sign in page. #2208
  - Clearer relocation options while you’re reporting a problem #2238
  - Enforce maximum photo size server side, strip EXIF data. #2326 #2134
  - Don't require two taps on reports list on touchscreens. #2294
  - Allow moderation to work without JavaScript. #2339
  - More prominent display of "state" on report page #2350
  - Improved report/update display on contact form. #2351
  - Can limit /reports to non-public reports. #2363
- Admin improvements:
  - Allow moderation to potentially change category. #2320
  - Add Mark/View private reports permission #2306
  - Store more original stuff on moderation. #2325
  - Sort user updates in reverse date order.
  - Improve update display on admin report edit page.
  - Keep all moderation history, and show in report/update admin. #2329
- Bugfixes:
  - Restore map zoom out when navigating to /around from /report. #1649
  - Don’t escape HTML entities in report titles pulled in by ajax. #2346
  - Show reopening/fixed questionnaire responses lacking updates. #2357
- Open311 improvements:
  - Fix bug in contact group handling. #2323
  - Improve validation of fetched reports timestamps. #2327
  - Fetched reports can be marked non_public #2356
- Development improvements:
  - Add option to symlink full size photos. #2326
  - default_to_body/report_prefill permissions to control default report as/prefill behaviour. #2316
v2.4.2 (6th November 2018)
- New features:
  - Dashboard now has update CSV export. #2249
  - Allow cobrands to override searching by reference #2271
  - Allow cobrands to limit contact form to abuse reports only
- Admin improvements:
  - List number of alerts on report page #669
  - viewing and managing of user alerts in admin #676
  - Allow moderation to potentially change photos/extra info. #2291 #2307
- Bugfixes:
  - Add perl 5.26/5.28 support.
  - Fix subcategory issues when visiting /report/new directly #2276
  - Give superusers access to update staff dropdowns. #2286
  - Update report areas when moving its location. #2181
  - Don't send questionnaires for closed reports. #2310
  - Make sure Open311 send_method always recorded/spotted. #2121
- Development improvements:
  - Add cobrand hook for dashboard viewing permission. #2285
  - Have body.url work in hashref lookup. #2284
  - OSM based map types can now override zoom levels #2288
  - Clearer name for navigation colours in SCSS. #2080
  - script/setup now creates conf/general.yml for Vagrant when needed.
- Internal things:
  - Move send-comments code to package for testing. #2109 #2170
- Open311 improvements:
  - Set contact group only if handling cobrand has groups enabled. #2312
v2.4.1 (2nd October 2018)
- New features:
  - Support for storing photos in AWS S3. #2253
- Front end improvements:
  - Import end point can optionally return a web page #2225
  - Clicking the "Report" header links on the homepage now focusses the #pc search input #2237
  - Speed up fetching lists of bodies. #2248
  - Improve vertical alignment of navigation menu in Internet Explorer 9–11.
  - Mobile menu button no longer uses -9999px text-indent hack.
  - HTML email template for confirming "partial" reports #2263
- Bugfixes:
  - Fix display of area/pins on body page when using Bing or TonerLite map.
  - Do not scan through all problems to show /_dev pages.
  - Say “Set password”, not Change, if no password set.
  - Do not lose from_body field when edited by non-superuser admin.
  - Fix history API bug with category/state selection.
- Development improvements:
  - Cobrand hook for disabling updates on individual problems.
  - Cobrand hook for disallowing title moderation. #2228
  - Cobrand hook for per-questionnaire sending. #2231
  - Add option for configuring memcache server.
  - Add Blackhole send method. #2246
  - Add script to list/diff template changes in core that might need applying to a cobrand.
  - Move away from FastCGI in sample conf/sysvinit config.
  - Customised Vagrant box available, with an override option.
  - Add Dockerfile and example Docker Compose setup.
  - Add a sample systemd unit file for the Catalyst application server.
v2.4 (6th September 2018)
- Security
  - Update user object before attempting sign-in, to prevent leak of user account phone number.
- Front end improvements:
  - Simplify footer CSS. #2107
  - Keep commas in geocode lookups. #2162
  - Show message on reports closed to updates. #2163
  - Only display last 6 months of reports on around page by default #2098
  - Always show all reports by default on /my.
  - Much less reliance on input placeholders, for better accessibility #2180
  - “Report another problem here” button on report confirmation page #2198 #393
  - Button in nav bar now makes it easier to report again in the same location #2195
  - Shrink OpenLayers library a bit. #2217
  - Remove need for separate per-category ajax call. #1201
- Admin improvements:
  - Mandatory defect type selection if defect raised. #2173
  - Send login email button on user edit page #2041
  - Use do-not-reply address for sent report email.
  - Category group can be edited.
  - Trim spaces from user/report search input.
- Bugfixes:
  - Don't remove automated fields when editing contacts #2163
  - Remove small border to left of Fixed banner. #2156
  - Fix issue displaying admin timeline. #2159
  - Send details of unresponsive bodies to mobile app #2164
  - Fix issue with category filter when category contains comma #2166
  - Inspectors can unset priority. #2171
  - Defect type is recorded if category change made. #2172
  - [UK] Store body ID on council/ward alerts. #2175
  - Show all fixed issues when staff user uses map page filter #2176
  - Allow any user who can see private checkbox to use it. #2182
  - Prevent duplicate category listing on /my.
  - Hide password help field along with other similar. #2185
  - Allow questionnaire link to be revisited in quick succession. #2123
  - Update Google Maps directions link.
  - Fix inspector pin dragging. #2073.
  - Maintain all single newlines in text output, not only the first.
  - Make sure Home clickable with Try again overlay.
  - Check all contacts for metadata and non-public.
- Open311 improvements:
  - CLOSED status maps to 'closed' state if extended statuses are enabled.
  - Don't generate template comment text on move between fixed states. #2199
- Development improvements:
  - Cobrand hook for presenting custom search results. #2183
  - Cobrand hook to allow extra login conditions #2092
  - Add ability for client to set bodies not to be sent to. #2179
  - Make it easier to prevent a form_detail_placeholder being printed. #2212
  - Include user agent in contact form emails. #2206
  - Use site name in contact email subject line.
  - Add /_dev endpoints for previewing confirmation/submission pages. #2218
  - Allow cobrand to add extra ability to moderate. #2216
v2.3.4 (7th June 2018)
- Bugfixes:
  - Fix pin clicking on non-/around pages, broken in 2.3.3.
  - Fix issue displaying anonymous account email.
v2.3.3 (6th June 2018)
- Front end improvements:
  - Extra help text on contact form #2149
- Admin improvements:
  - Improve inspect form position and configurability.
- Bugfixes:
  - Prevent contact form leaking information about updates #2149
  - Fix pointer event issue selecting pin on map. #2130
  - Fix admin navigation links in multi-language installs.
  - Fix map display issue clicking back from report page as inspector.
v2.3.2 (31st May 2018)
- Front end improvements:
  - Improve questionnaire process. #1939 #1998
  - Increase size of "sub map links" (hide pins, permalink, etc) #2003 #2056
  - Edge-to-edge email layout on narrow screens #2010
  - Add default placeholder to report extra fields. #2027
  - Clicking the "Click map" instruction banner now begins a new report #2033
  - Homepage postcode input is now marked up as a required input #2037
  - Improved cursor/display of the new report pin. #2038
  - Asset layers can be attached to more than one category each. #2049
  - Cobrands hook to remove phone number field. #2049
  - Check recent reports for any hidden since cached. #2053
  - Asset layer attribution automatically shown. #2061
  - The .internal-link-fixed-header positioning is now much simpler. #2117
  - Added UI to view multiple wards at once on /reports. #2120
- Bugfixes:
  - Stop asset layers obscuring marker layer. #1999
  - Don't delete hidden field values when inspecting reports. #1999
  - Fix text layout issues in /reports/…/summary dashboard charts.
  - Fix post-edit issues on admin report edit page.
  - Truncate dates in Open311 output to the second. #2023
  - Fix check for visible sub map links after 'Try again'.
  - Stop race condition when making a new report quickly.
  - Set a session timezone in case database server is set differently.
  - Fix SQL error on update edit admin page in cobrands. #2049
  - Improve chart display in old IE versions. #2005
  - Improve handling of Open311 state changes. #2069
  - Don't strip whitespace from user passwords. #2111
  - Make OpenGraph description translatable.
  - Stop double-escaping title in alert-update email.
  - Use inspection states in response template admin.
  - Fixed CSS padding/overflow bug during sidebar "drawer" animations. #2132
  - Response template containing double quote now works.
  - A few small display issues with RTL text display.
  - Improve handling of loading spinner display. #2059
  - Ignore non-interactive layers for asset message.
- Admin improvements:
  - Inspectors can set non_public status of reports. #1992
  - Default start date is shown on the dashboard.
  - Users with 'user_edit' permission can search for users/reports. #2027
  - Don't send sent-report emails to as-body/as-anonymous reports.
  - Show Open311 service code as tooltip on admin category checkboxes. #2049
  - Bulk user import admin page. #2057
  - Add link to admin edit page for reports. #2071
  - Deleted body categories now hidden by default #1962
  - Display contents of report's extra field #1809
  - Store user creation and last active times.
  - Add scripts to anonymize inactive users and reports, email inactive users, or to close reports to new updates.
  - Admin ability to close reports to new updates. #43
- Open311 improvements:
  - Fetch problems over Open311 #1986 #2067
  - Option to send multiple photos over Open311 #1986
  - Allow Open311 service definitions to include automated attributes #1986
  - Optionally supress blank Open311 update errors #1986
  - Fetch/store external status code with Open311 updates. #2048
  - Response templates can be triggered by external status code. #2048
  - Enable conversion from EPSG:27700 when fetching over Open311 #2028
  - Add CORS header to Open311 output. #2022
  - Nicer Open311 errors. #2078
- Development improvements:
  - Cobrand hook for adding extra areas to MAPIT_WHITELIST/_TYPES. #2049
  - send-comments warns about errors when called with --verbose #2091
  - Add HTML email previewer.
  - Add some Cypress browser-based testing.
  - Upgrade Vagrantfile to use Ubuntu Xenial. #2093
  - Add validation to cobrand-specific custom reporting fields.
  - Drop support for IE7, improve IE8 support. #2114
  - Add ability to have category extra help text.
  - Cobrand hook for showing all states in filter.
v2.3.1 (12th February 2018)
- Front end improvements:
  - Zoom out as much as necessary on body map page, even on mobile. #1958
  - Show loading message on initial /around map load #1976
  - Ask for current password/send email on password change. #1974
  - Add minimum password length and common password checking. #1981
  - Nicer display of national phone numbers. #1982
  - 'Report as another user' allows phone number without email. #1978
  - Display loading spinner on map when asset layers are loading. #1991
- Bugfixes:
  - Fix bug specifying category in URL on /around. #1950
  - Fix bug with multiple select-multiples on a page. #1951
  - Make sure dashboard filters all fit onto one line. #1938
  - Fix issue with red bars on bar graph of many categories. #1938
  - Prefetch translations in /reports list of bodies. #1941
  - Ignore deleted/area-less bodies in dashboard list. #1941
  - Add missing CSS class from final questionnaire question. #1953
  - Fix JavaScript error on /my calculating bounds #1954
  - Change text on /reports to match lower down (fix translation).
  - Ensure all reports graph can't dip downward. #1956
  - Fix error sending requires_inspection reports. #1961
  - Fix timezone related test failure. #1984
  - Restore display of extra fields on inspector form. #1994
- Admin improvements:
  - Admin can anonymize/hide all a user's reports. #1942 #1943
  - Admin can log a user out. #1975
  - Admin can remove a user's account details. #1944
  - Superusers can have optional two-factor authentication. #1973
- Development improvements:
  - Add script to remove expired sessions. #1987
  - 'components' parameter can be passed to Google geocoder. #1994
- UK:
  - Lazy load images in the footer.
v2.3 (18th December 2017)
- New features:
  - Optional verification of reports and updates, and logging in, using confirmation by phone text. #1856 #1872
  - Improved email/phone management in your profile.
  - Don't cover whole map with pin loading indicator. #1874
  - Add Expand map toggle to more mobile maps. #1875
  - Allow multiple wards to be shown on reports page. #1870
  - Add functionality to have per-body /reports page. #1880
  - Open311 category group support. #1923
- Front end improvements:
  - Paginate reports on /around. #1805 #1577 #525
  - Improve performance of various pages, especially front. #1901 #1903
  - More prominent "Hide pins" link on map pages, to aid reporting in busy areas. #525
  - Optimised sprite file down from 97 KB to 36 KB. #1852
  - SVG assets for core elements like button icons and map controls #1888
  - Remove unneeded 2x PNG fallback images.
  - Improve location disambiguation page on small screens. #1918
  - Don't show geolocation link on non-HTTPS pages. #1915
  - Public report page shows state changes made in admin interface #1846
- Bugfixes
  - Shortlist menu item always remains a link #1855
  - Fix encoded entities in RSS output. #1859
  - Only save category changes if staff user update valid #1857
  - Only create one update when staff user updating category #1857
  - Do not include blank updates in email alerts #1857
  - Redirect inspectors correctly on creation in two-tier. #1877
  - Report status filter All option works for body users #1845
  - Always allow reports to be removed from shortlist #1882
  - Remove shortlist form from inspect duplicate list. #1889
  - Fix pin size when JavaScript unavailable.
  - Fix display of text only body contacts #1895
  - Prevent text overflow bug on homepage stats #1722
  - Stop page jumping too far down on inspect form. #1863
  - Prevent multiple 'Expand map' links appearing. #1909
  - Superusers without a from_body can make reports again. #1913
  - Fix crash when viewing /around in certain locales. #1916
  - Fix back bug, from report after using list filters. #1920
  - Fix issues with send method category change. #1933
- Admin improvements:
  - Character length limit can be placed on report detailed information #1848
  - Inspector panel shows nearest address if available #1850
  - Return a 200 rather than 404 for ref ID lookup. #1867
  - Remove hidden from default staff state dropdown. #1878
  - Marking an item as a duplicate enforces providing ID/update. #1873
  - Report field pre-filling for inspectors configurable #1854
  - Admins can now unban users #1881
  - More JavaScript-enhanced <select multiple> elements. #1589 #1892
  - 'Auto-response' flag on response templates is honoured for fetched Open311 updates. #1924
  - Individual cobrands can disable social login #1890
  - Cobrands can disable sending of moderation emails. #1910
  - Store all successful send methods. #1933
- Dashboard/statistics:
  - Improve/consolidate various admin summary statistics pages, all now under /dashboard. #1834 #1919
  - Add date range for report generation #1885
  - CSV export now has token based authentication. #1911
  - And uses machine-readable dates. #1929
- Development improvements:
  - Add hook for pre-wrapper content.
  - Include JSON representation of extra fields in category_extras output
  - send-reports will never skip failed reports when using --debug
- UK:
  - Use SVG logo, inlined on front page. #1887
  - Inline critical CSS on front page. #1893
v2.2 (13th September 2017)
- New features:
  - Body and category names can now be translated in the admin. #1244
  - Report states can be edited and translated in the admin. #1826
  - Extra fields can be added to the report form site-wide. #1743
  - Staff users can now create reports as an anonymous user. #1796
  - Staff users can filter reports by all states. #1790
  - LOGIN_REQUIRED config key to limit site access to logged-in users.
  - SIGNUPS_DISABLED config key to prevent new user registrations.
- Front end improvements:
  - Always show pagination figures even if only one page. #1787
  - Report pages list more updates to a report. #1806
  - Clearer wording and more prominent email input on alert page. #1829
  - Cobrands can implement hide_areas_on_reports to hide outline on map.
  - Templates to allow extra messages through problem confirmation. #1837
- Admin improvements:
  - Highlight current shortlisted user in list tooltip. #1788
  - Extra fields on contacts can be edited. #1743
  - Clearer highlight for selected duplicate on inspect form. #1798
  - Include MapIt API key on admin config page. #1778
  - Redirect to same map view after inspection. #1820
  - A default response priority can now be set. #1838
  - Dashboard CSV export includes Northing, Easting and Ward. It also now orders fields by report confirmed time. #1832 #1835
- Bugfixes:
  - Set up action scheduled field when report loaded. #1789
  - Fix display of thumbnail images on page reload. #1815
  - Fix sidebar hover behaviour being lost. #1808
  - Stop errors from JS validator due to form in form.
  - Stop update form toggle causing report submission.
  - Update map size if an extra column has appeared.
  - Improve performance of various pages. #1799
  - Duplicate list not loading when phone number present. #1803
  - Don't list multiple fixed states all as Fixed in dropdown. #1824
  - Disable email field for logged in people. #1840
- Development improvements:
  - Debug toolbar added. #1823
  - switch-site script to automate switching config.yml files. #1741
  - make_css --watch can run custom script after each compilation.
  - Upgrade comonlib to get nicer MapIt error message.
v2.1.1 (3rd August 2017)
- Email improvements:
  - Clicking on the map in an email links to the report #1596
- Admin improvements:
  - Resend report if changing category changes send_method. #1772
  - Do not replace deleted text with [...] when moderating. #1774
  - Show reporter's phone number on inspector form. #1773
  - Redirect to /around after inspecting a report.
- Bugfixes:
  - Cache template paths in About.pm with lang_code. #1765
  - Resize pin image before compositing onto static map.
- Development improvements:
  - Use standard JavaScript translation for show/hide pins. #1752
  - Allow update-schema to run on empty database. #1755
  - Update MapIt URL to https in example webserver configs.
  - Option to redirect to custom URL from Contact form.
v2.1 (8th July 2017)
- New features:
  - Allow users to hide their name on reports/updates. #658
  - New /reports page. #1630 #1726 #1753
- Front end improvements:
  - Resize photos client-side before uploading. #1734
  - CSS header/content/navigation refactoring/simplification. #1719 #1718
  - Consolidate state dropdowns, make sure existing state is included. #1707
  - Simplify footer-marketing.html for most cobrands. #1709
  - Change the contact form Post button label to Send. #1750
  - Add an optional phone field to the contact form. #1750
  - Double resolution pin icons in core. #1713
- Admin improvements:
  - Don't resend if category change subsets body. #1725
  - Fix styling of 'remove from site' button. #1700
  - Add inactive state to categories. #1757
  - Inspect form:
    - Make more visually distinct, better on medium screens. #1700 #1701
    - Populate defect types dropdown on category change. #1698
    - Update templates when category/state changed. #1729
    - Fix bug when switching state to duplicate and back. #1729
    - Don't preselect inspector template on page load. #1747
  - Allow inspectors to shortlist all reports in view. #1652
  - Subscribe inspectors to updates when state changes. #1694
  - Streamline new reports for inspectors. #1636
- Bugfixes:
  - Make three strings translatable. #1744 #1735
  - Reinstate geolocation on alert page. #1726
  - Fix clickable spaces on inspect form/ward page. #1724
  - Make sure segmented control input not offscreen. #1749
  - Remove superfluous quote in HTML script element. #1705
  - Add missing closing to base FAQ.
- Development improvements:
  - Allow static home page template override. #1745
  - Add Debian stretch/perl 5.24 support. #1746
  - Add scripts to rule them all. #1740
  - Update submodule on any Vagrant provisioning. #1702
  - Fix imbalanced paragraph tags in glossary. #1737
  - Spot badly configured SMTP type. #1758.
  - Add MAPIT_API_KEY support
  - Hooks:
    - Add hook for post-title field content in report form. #1735
    - Add hook so cobrands can change pin hover title. #1713
    - Allow cobrands to define pin colour for new reports. #1713
  - Testing:
    - Run each test file in a transaction. #1721
    - Test script should run 't' when other args given. #1721
    - Auto-add strict/warnings/Test::More with TestMech. #1554
    - Fix test that would not run offline. #1712
    - Fix timing edge case test failure.
- Backwards incompatible changes:
  - The nav-wrapper-2 class has been removed. If you have a custom footer template, replace that class with 'container'. #1718
  - The /reports page now uses different generated data. If you have a custom reports/index.html template, you may need to call update-all-reports with the --table argument.
- Internal things:
  - Move third party libraries into vendor directories. #1704
  - Stop using sudo on Travis, improve locale support. #1712
  - Add CodeCov coverage testing. #1759
- UK:
  - Add fixture script. #1720
  - Add Borsetshire demo cobrand. #1717
  - Remove requirement for fixed body IDs. #1721
  - Show all pins on two-tier councils only. #1733
  - Stop nearest request with scientific notation. #1695
v2.0.4 (13th April 2017)
- Front end improvements:
  - On /reports maps, only include reports in view. #1689
- Admin improvements:
  - Allow comma-separated contact emails in the admin. #1683
- Bugfixes:
  - Upgrade Facebook 3rd party library to fix Facebook login. #1681
  - Don't error when devolved body, blank send methods. #1374
  - Fix issue with categories with regex characters. #1688
v2.0.3 (31st March 2017)
- Front end improvements:
  - Add ability to make map full screen on mobile report pages. #1655
  - Move staff-only JavaScript to separate file. #1666
  - Show loading indicator when loading pins. #1669
  - Allow users to reopen closed reports. #1607
- Admin improvements:
  - Redirect to category-filtered /reports on login if present. #1622
  - Follow redirect to /admin after login if allowed. #1622
  - Include /admin link on top-level nav for admin users.
  - Add shortlist filters. #1629
  - Add submit buttons to admin index search forms. #1551
  - Store user object when deleting report. #1661
  - Use name at time of moderation, include superusers. #1660
  - Add customisable defect types. #1674
- Bugfixes:
  - Fix crash on reports with empty bodies_str. #1635
  - Only output appcache/manifest for shortlist users. #1653
  - Fix placeholder typo in French translation.
  - Make sure report Ajax call is not cached by IE11. #1638
  - Check cobrand users list when admin merging users. #1662
  - Make sure emails are lowercased in admin. #1662
  - Specify options in 'all' status filter. #1664
  - Be clearer if no states selected is not all states. #1664
  - Set up correct environment in cobrand PO script. #1616
  - Allow superuser to leave update when inspecting. #1640
  - Remove duplicate <> around envelope senders. #1663
  - Fix invisible segmented controls in old Webkit. #1670
  - Remove superfluous lists from Open311 JSON output. #1672
  - Upgrade to using Email::Sender. #1639
  - Fix bug if test run c. 55 hours before BST starts.
  - Use lat/lon on inspection form if no local coordinates. #1676
  - Improve translatability of various pages.
- Development improvements:
  - Send open reports regardless of current state. #1334
  - Clarify ‘inspected’ behaviour. #1614
  - Reduce disk stats. #1647
  - Refactor main navigation into reusable blocks.
  - Add Problem->time_ago for pretty-printed duration.
  - Add external_id field to ResponsePriority.
  - Forward on all bounces as bounces.
  - Use sender in From if From and To domains match. #1651
  - Refactor SendReport::Open311 to use cobrand hooks. #792
  - Do upload_dir check on start up, not each report. #1668
  - Make sure all tests can run offline. #1675
  - Add ability to override Google Maps road style. #1676
v2.0.2 (3rd February 2017)
- Front end changes:
  - Add an offline fallback page with appcache. #1588
  - Improve print layout for report list pages. #1548
  - Rename ‘unable to fix’ as ‘no further action’.
- Bugfixes:
  - Mark two missing strings for translation. #1604
  - Make sure email is lowercase when signing in. #1623
  - Make sure language included in calls to base_url_for_report. #1617
  - Small CSS homepage fixes.
  - Admin:
    - Fix filtering on shortlist page. #1620
    - Fix 'save with public update' toggle. #1615
- Admin improvements:
  - Add offline report inspection for inspectors. #1588 #1602 #1608
  - Admin with appropriate permission can see body user who left contribute_as_body report or update. #1601 #1603
  - Include ‘Add user’ link on admin user search results page. #1606
  - Redirect to new user after user creation/edit. #1606
  - Redirect to shortlist after inspection if user has permission. #1612
  - Allow response templates to be associated with a state, and default to that template if report state changed to match. #1587
  - Disable show name checkbox when reporting as someone else. #1597
  - Show response priorities in report list items. #1582
  - Shortlist add/remove icons in report lists and report page. #1582
  - Reordering shortlist buttons in report lists. #1582
  - Default inspect form to save with public update.
  - Drop unneeded Cancel button on inspect form.
  - Use ‘*’ on admin page to signify superuser.
- Development improvements:
  - Update has_body_permission_to to allow superusers. #1600
  - Move staging flags to their own config variable. #1600
  - Only warn of Open311 failure after a couple, in case it's transient.
  - Only load user body permissions once per request.
  - Return 400/500 for some client/server errors.
  - Fix bad cross-year test.
v2.0.1 (16th December 2016)
- Bugfixes:
  - Fix issue in dragging map in Chrome 55. openlayers/ol2#1510
  - Don't double-decode strftime output, to fix date/time display.
  - Filter category should always carry through to form.
  - Don't fix height of admin multiple selects. #1589
- Admin improvements:
  - Add duplicate management to inspector view. #1581
  - Open inspect Navigate link in new tab. #1583
  - Scroll to report inspect form if present. #1583
  - Update problem lastupdate column on inspect save. #1584
  - Update priorities in inspect form on category change. #1590
- Development improvements:
  - Pass test if NXDOMAINs are intercepted.
  - Better path for showing config git version. #1586
v2.0 (15th November 2016)
- Front end improvements:
  - Add HTML emails. #1281 #1103
  - Stop map being underneath content sidebar/header. #1350 #361
  - Use Ajax/HTML5 history to pull in reports and improve map views. #1351 #1450 #1457 #1173
  - Allow multiple states and categories to be filtered. #1547
  - Add sort order options to list pages. #308
  - Invert area highlight on body pages. #1564
  - Allow users to change their own email. #360 #1440
  - Improve change password form/success page. #1503
  - Allow scroll wheel to zoom map. #1326
  - Rename "Your reports" in main navigation to "Your account".
  - Centre map on pin location when creating a report.
  - Zoom into map after second click on marker.
  - Maintain single newlines in text output. #306
  - JavaScript performance improvements. #1490 #1491
  - Allow searching for reports with ref: prefix in postcode field. #1495
  - Improve report form, with public, private, category sections. #1528
  - Only show relevant bodies after category selection.
  - Add update form name validation. #1493 #503 #1526
  - Add CORS header to RSS output. #1540
  - Switch MapQuest to HTTPS. #1505
  - Better 403/404 pages.
- Admin improvements:
  - Greatly improve report edit page, including map. #1347
  - Improve category edit form, and display extra data. #1557 #1524
  - Hide confirmed column on body page if all categories confirmed. #1565
  - Show any waiting reports on admin index page. #1382
  - Allow user's phone number to be edited, and a report's category. #400
  - Resend report if changing category changes body. #1560.
  - Leave a public update if an admin changes a report's category. #1544
  - New user system:
    - /admin requires a user with the is_superuser flag. #1463
    - createsuperuser command for creating superusers.
    - Feature to create report as body/other user. #1473
    - Add user permissions system. #1486
    - Allow user to have an area assigned in admin. #1488
    - Allow user to have categories assigned in admin. #1563
    - Add inspector report detail view. #1470
    - Add user shortlists. #1482
    - Add response templates and priorities. #1500 #1517
    - Add user reputation and trusted users. #1533
- Bugfixes:
  - Front end:
    - Fix photo preview display after submission. #1511
    - Update list of TLDs for email checking. #1504
    - Fix form validation issue with multiple IDs. #1513
    - Don't show deleted bodies on /reports. #1545
    - Stop using collapse filter in category template.
    - Use default link zoom for all map types.
    - Don't reload /reports or /my pages when filter updated.
    - Don't show alert email box if signed in.
  - Do not send alerts for hidden reports. #1461
  - Admin:
    - Fix contact editing of Open311 categories. #1535
    - Show 'Remove from site' button based on report. #1508
    - Improve moderation display and email. #855
    - Fix invalid SQL being generated by moderation lookup. #1489
    - Show user edit errors (e.g. blank name/email). #1510
    - Disallow empty name when creating/editing bodies.
    - Fix a crash on /admin/timeline.
- Development improvements:
  - CSS:
    - make_css: Add output style option.
    - make_css: Follow symlinks.
    - Remove some unused CSS, and simplify full-width. #1423
    - Add generic .form-control and .btn classes.
  - Open311:
    - Tidy up/harden some handling. #1428
    - Add config for request limit, default 1000. #1313
    - Automatically spot co-ord/ID attributes. #1499
    - Make sure passed coordinate is decimal.
  - JavaScript:
    - Use static validation_rules.js file. #1451
    - Remove need to customise OpenLayers built script. #1448
    - Refactor and tidy all the JavaScript. #913
    - Prefer using an auto.min.js file if present/newer. #1491
  - Testing:
    - Speed up tests by stubbing out calls to Gaze.
    - Tests can run multiple times simultaneously. #1477
    - run-tests with no arguments runs all tests.
  - Don’t cache geocoder results when STAGING_SITE is 1. #1447
  - Make UPLOAD_DIR/GEO_CACHE relative to project root. #1474
  - Change add_links from a function to a filter. #1487
  - Optionally skip some cobrand restrictions. #1529
  - Allow contact form recipient override and extra fields.
  - Add server-side MapIt proxy.
- Vagrant installation improvements:
  - Improve error handling.
  - Don't add a symlink if it is to the same place.
- Backwards incompatible changes:
  - Drop support for IE6. #1356
- UK
  - Better handling of two-tier reports. #1381
  - Allow limited admin access to body users on their own cobrands.
  - Add Content-Security-Policy header.

The Open311 adapter code has been moved to its own repository at https:/mysociety/open311-adapter.

v1.8.4 (6th July 2016)
- Security:
  - Fix XSS vulnerability in OpenGraph header and hide/all pins links.
- Front end improvements:
  - Wrap emails better for differing screen sizes. #1393
  - Fix annoying jump when "Get updates" drawer opened. #1425
  - Improve auth flow taken when return key used. #1433
  - Add and improve more CSRF tokens. #1433
  - Remove default box-shadow. #1419
  - Fix missing margin before reporting form email input. #1418
- Bugfixes:
  - Redirect correctly if filter used without JavaScript. #1422
  - Remove race condition when starting new report. #1434
  - Fix a couple of display bugs in IE7. #1356
  - Correctly orient preview images. #1378
v1.8.3 (3rd June 2016)
- Admin improvements
  - Add search boxes to admin index page, and move stats. #1295
  - Allow change of email in admin to existing entry. #1207
  - Speed up photo removal. #1400
  - Improve in-place moderation UI. #1388
- Front end improvements:
  - Improve printing of report page in Firefox. #1394
  - Fallback if request to Gaze fails. #1286
- Bugfixes:
  - Fix non-working Google Maps layer. #1215
  - Fix map tap sensitivity on some devices. #911 and openlayers/ol2#1418
  - Fix lack of removal of cached update photos. #1405
  - Handle reports/updates by logged in abuse entries.
  - Fix size of grey chevrons.
- Development improvements:
  - Massive speed increase to CSS compilation. #1414
  - Use only one templating system for emails. #1410
  - Move summary string function to template. #694
  - Consolidate CSS clearfix handling. #1414
  - Disable auto-CRLF conversion on git checkout.
  - Support for Debian Jessie/Ubuntu Xenial.
- UK only
  - Add standard mySociety footer. #1385
v1.8.2 (3rd May 2016)
- Security:
  - Fix vulnerability in image upload that allowed external command execution.
- New features
  - Twitter social login. #1377
  - PNG image upload support. #1302 #1361
- Front end improvements:
  - Switch list item heading from h4 to h3. #1348
  - Preserve category when clicking elsewhere on map.
  - Optimize store logo PNGs.
- Admin improvements
  - Default new category creation to confirmed. #1266
  - Use better link to reports on admin body page.
- Bugfixes:
  - Show right body user form value for fixed reports. #1369
  - Cope with a '/' in body name slug. #574
  - Ignore empty entries in the image upload IDs.
  - Use transparent border in tips/change_location. #1380
- Development improvements:
  - Allow cobrands to control front page number colours.
  - Refactor email handling to use Email::MIME alone. #1366
  - Improve testing on Mac OS X.
  - Prevent dev sites auto-creating session.
  - Display used send method in debug line.
  - Remove unused cobrands. #1383
  - Finally combine remaining base/fixmystreet templates.
  - Don't warn on bad photo hashes.
  - Skip fetched updates if they're out of date range. #1390
  - Store Open311 error in report on failure. #1391
v1.8.1 (23rd March 2016)
- Front end improvements: - Remember user's last anonymous state. #150 - Remove auto-scrolling of sidebar on pin hover. #1344 - Better multiple image display for reports/updates. #1325 - Improve accessibility of pretty radio buttons and photo inputs.
- Bugfixes: - Make sure preview image doesn't hide error. #1361 - Don't double-decode geocoded addresses. #1359 - Ensure top of reporting form is shown. #787 - Other updates for Perl 5.20/5.22. #1358
- Development improvements: - Add cobrand-specific custom reporting fields. #1352
v1.8 (2nd March 2016)
- New features:
  - Facebook login. #1146
  - Multiple photo upload support, with new UI. #190 #825 #1300
- Front end improvements:
  - Pad internal update links so they are in view. #1308
  - Move alert page "recent photos" out of sidebar. #1168
  - Clearer relationship between map pins/list items. #1094
  - Consistent styling for updates on /report and /my pages. #1312
  - Stop a top banner overlapping header contents/improve CSS. #1306
  - Improve design of some error pages.
- Performance improvements:
  - Reduce memory usage. #1285
- Bugfixes:
  - Default the Google map view to hybrid. #1293
  - Prevent SVG chevron being stretched in Firefox. #1256
  - Better display/internationalisation of numbers. #1297
  - Fix cobrand restriction of My/Nearby. #1289
  - If app user logged in, perform alert signup. #1321
  - Spot media_url in Open311 GetServiceRequestUpdate. #1315
  - Improve disabled input behaviour (no hover, ensure faded).
  - Fix co-ordinate swapping bug in Google geocoder.
  - Exclude update alerts from summary alert counts.
  - Skip sending if any body marks it for skipping.
  - Upgrade Net::SMTP::SSL to fix email sending issue.
- Development improvements:
  - Add generic static route handler. #1235
  - Store reports summary data by cobrand. #1290
  - Better handling replies to bounce addresses. #85
  - Combine more base/fixmystreet templates.
  - Add OpenStreetMap URL to report email.
- Admin improvements:
  - Don't allow blank email/name to be submitted. #1294
  - Handle multiple photo rotation/removal in admin. #1300
  - Fix typo in admin body form checked status.
- UK only
  - Make sure front page error is visible. #1336
  - Don't show app next step if used app. #1305
  - House Rules. #890 #1311
v1.7.2 (6th July 2016)
- Security:
  - Fix XSS vulnerability in OpenGraph header and hide/all pins links.
v1.7.1 (3rd May 2016)
- Security:
  - Fix vulnerability in image upload that allowed external command execution.
v1.7 (23rd October 2015)
- Front end improvements:
  - Add right-to-left design option. #1209
  - Add state/category filters to list pages. #1141
  - Include last update time in around/my page lists. #1245
  - Show report details more nicely on a questionnaire page. #1104
  - Improve email confirmation page (now matches success pages). #577
  - Update URL hash when mobile menu navigation clicked. #1211
  - Add public status page showing stats and version. #1251
  - Accessibility improvements to map pages. #1217
  - New default OpenGraph image. #1184
  - Turkish translation.
- Performance improvements:
  - A number of database speed improvements. #1017
- Bugfixes:
  - Translate report states in admin index. #1179
  - Improve translation string on alert page. #348
  - Fix location bug fetching category extras.
  - Workaround DMARC problems. #1070
  - Fix padding of alert form box. #1211
  - Pin Google Maps API version to keep it working. #1215
  - Upgrade Google geocoder to version 3. #1194
  - Fix script running when CDPATH is set. #1250
  - Fix retina image size on front page. #838
  - Process update left as part of questionnaire, to catch empty ones. #1234
  - Make sure explicit sign in button clicks are honoured. #1091
  - Adjust email confirmation text when report not being sent. #1210
  - Fix footer links in admin if behind a proxy. #1206
  - Use base URL in a cobrand alert for a report without a body. #1198
  - Fix potential graph script failure in perl 5.16+. #1262
- Development improvements:
  - Error logging should now work consistently. #404
  - CSS
    - Streamline navigation menu CSS. #1191
    - Streamline list item CSS. #1141
    - make_css now follows symlinks. #1181
    - Use a sass variable for hamburger menu. #1186
    - Write progress of make_css_watch to terminal title. #1211
  - Templates:
    - Remove final hardcoded "FixMyStreet" from templates. #1205
    - Combine a number of base/fixmystreet templates. #1245
  - Installation:
    - Make sure submodules are checked out by Vagrant. #1197
    - Remove Module::Pluggable warning in newer perls. #1254
    - Bundle carton to ease installation step. #1208
  - Translation:
    - Improve ease of running gettext-extract. #1202
  - Add standard app.psgi file.
  - Add link to volunteer tickets in README. #1259
  - Use Modernizr to decide whether to show mobile map. #1192
  - Prevent potential session cookie recursion. #1077
  - Allow underscore in cobrand name/data. #1236
  - Add a development URL to see check email pages. #1211
v1.6.3 (6th July 2016)
- Security:
  - Fix XSS vulnerability in OpenGraph header and hide/all pins links.
v1.6.2 (3rd May 2016)
- Security:
  - Fix vulnerability in image upload that allowed external command execution.
v1.6.1 (31st July 2015)
- Bugfixes:
  - Fix bug introduced in last release when setting multiple areas for a body in the admin. #1158
  - Don't have default "name >= 5 characters"/"must have space" checks, as Latin-centric #805
- New features:
  - Danish translation.
- Front end improvements:
  - Fix “All Reports” table headers on scroll. #50
  - Add time tooltips to All Reports table headings. #983
  - Fix sidebar running over the footer on alerts page. #1168
- Admin improvements:
  - Add mark as sent button. #601
  - Add link to comment user ID from body form if present. #580
  - Add MapIt links from body page/ report co-ordinates. #638
  - Show any category extra data. #517 #920
  - Mark users who have moderate permission. #990
  - Allow editing of body external URL.
  - List a report’s bodies more nicely.
- UK specific improvements:
  - Explain gone Northern Ireland councils. #1151
  - Better messaging for councils refusing messages. #968
v1.5.5 / v1.6 (10th July 2015)
- Security:
  - Fix vulnerability in login email sending that could allow an account to be hijacked by a third party.
  - Time out email authentication tokens.
  - Update dependency to fix issue with Unicode characters in passwords.
- New features:
  - Chinese translation.
- Front end improvements:
  - Add “Report” button in default mobile header. #931
  - Use ‘hamburger’ menu icon in mobile header. #931
  - Resize map pins based on zoom level. #1041
  - Improve report meta information display. #1080
  - Display message on body page when reports list is empty.
- Bugfixes:
  - Fix issue with shrunken update photos. #424
  - Fix typo in footer role="contentinfo".
  - Default Google maps to satellite view. #1133
  - Update Bing Maps parameter ID.
- Development improvements:
  - Add ability for map pages to filter by category/state. #1134 (this is currently on a couple of cobrands, to add to base soon)
  - Allow cobrands to specify ordering on all reports page.
  - Use mocked Nominatim in tests to cope with bad connections.
  - Add Extra role to ease use of the {extra} database field. #1018
- UK specific improvements:
  - Add dog poop poster. #1028
v1.5.4 (25th February 2015)
- New features:
  - Stamen toner-lite and Bing Maps tiles.
  - Czech and part-done Lithuanian translations.
- Front end improvements:
  - Nicer confirmation pages, with next steps template example. #972
  - Always show report/update confirmation page, even if logged in. #1003
  - Expire cached geolocations after a week. #684
- Bugfixes:
  - Make sure all co-ordinates are stringified/truncated. #1009
  - Correct "Open Street Map" to "OpenStreetMap". #1021
  - Only create timezone objects once, at startup.
- Development improvements:
  - Remove need to specify en-gb in LANGUAGES. #1015
  - Mac installation improvements. #1014
  - Make use of jhead and Math::BigInt::GMP optional. #1016
  - Link from admin config page to MapIt. #1022
  - Test URLs for confirmation pages.
  - New configuration variable for setting up behind a secure proxy.
- UK specific improvements:
  - Output easting/northing on one line. #997
  - Output Irish easting/northing in Northern Ireland. #822
v1.5.3 (21st January 2015)
- New features:
  - Satellite map toggle option on Google Maps view. #1002
  - Greek translation.
- Bugfixes:
  - Fix cron-based email to use configured SMTP settings. #988
  - Update UNIX_USER variable on installation setup of crontab. #974
  - Improve make_css finding of bundled compass when in symlink. #978
  - Remove hard-coded site name from submit email template.
  - Allow forked repository pull requests to run on Travis.
  - Fix title of Privacy page, and other minor text fixes.
  - CSS: add some bottom content padding and fix a tiny map links issue.
- Development improvements:
  - Replace site_title cobrand function with site-name web template. #979
  - Remove need for 'cron-wrapper' to run scripts. #852
  - Rename 'test-wrapper' to 'run-tests'. #999
  - Add client_max_body_size nginx config option. #995
  - Tidy up bin directory and #! lines.
- Admin improvements:
  - Add staging email warning on admin body pages if needed. #982
  - Add admin navigation link to Configuration page. #1005
  - Better URL for body category editing.
v1.5.2 (17th December 2014)
- Hide unneeded heading on default footer.
- Suppress 'Argument "" isn't numeric' warning on admin report edit page.
- [UK] Don't show topic form field when reporting abuse.
- Use token in moderation response URL to prevent hidden report leak.
v1.5.1 (12th December 2014)
- Bugfixes
  - Use correct cobrand signature in SendReport emails. #960
  - Fix double encoding of non-ASCII signature in emails. #961
  - Use area-based alerts by default, as they function correctly. #959
  - Set DefaultLocale appropriately when language set, for date display.
- Open311
  - Better error if Open311 server returns a nil service list.
  - Cope better with Open311 server not liking a blank jurisdiction_id.
- Installation/developer improvements:
  - Add a script to use a test database for running tests. #786
  - Make base FAQ more generic, move out UK-specific parts. #753 #935
  - Provide guidance at top of example config file.
  - Don't install open311-endpoint feature by default.
v1.5 (19th November 2014)
- Installation/developer improvements:
  - Support for Ubuntu Trusty Tahr 14.04 LTS. #921
  - Install bundler for more stable gem installation. #923
  - Rewritten graph generation programs in Perl. #924
  - Front end report moderation code. #809
- Admin improvements:
  - Pagination of admin search results. #909
  - Validation of category details. #556
  - Removed overhang in body categories table. #738
  - Add encouraging message about support. #929
  - Tweak summary output on bodies page. #516
  - Move diligency table to bottom of page. #739
- Front end:
  - Map page sidebar now flush with edges of window. #381
  - Simplify z-index usage, with other tidying. #673
  - Filtering of All Reports by category in URL. #254
  - More template generalisation, moving UK-specific stuff away. #344
- Bugfixes:
  - Fixed JavaScript-disabled submission in Chrome/Firefox. #932
  - Show logged in message as success, not error. #357
  - Remove opacity from map controls on mobile.
  - Escape category in RSS feeds.
- Internationalisation:
  - Add Albanian, Bulgarian, Hebrew, and Ukranian .po files.
v1.4.2 (14th July 2014)
- Maintenance release to deal with failing package installation. #832
- User additions/improvements:
  - New links from /reports to open/fixed reports. #798
  - Better detection of signing in on /auth form. #816
- Installation/developer improvements:
  - Allow SMTP username/password to be specified. #406
  - Correct GitHub link in Vagrantfile.
  - Error correctly if cron-wrapper fails to run.
  - Rename default web templates directory to base.
  - Move UK-specific text to separate templates. #344
  - Upgrade bundled cpanm. #807
v1.4.1 (23rd May 2014)
- Don't run some cron scripts by default, and rejig timings, to alleviate memory problems on EC2 micro instances. #640
v1.4 (16th May 2014)
- User improvements:
  - Adds some guidance on an empty /my page. #671
  - Auto-selects the category when reporting if there is only one. #690
  - Stops indenting emails a few spaces. #715
  - Email template updates. #700
- Installation/developer improvements:
  - Makes it easier to change the pin icons. #721
  - Sends reports on staging sites to the reporter. #653
  - Adds a no-op send method to suspend report sending. #507
  - Improves the example Apache config. #733
  - Includes a nicer crontab example. #621
  - New developer scripts:
    - make_css_watch. #680
    - geocode. #758
  - Adds external_url field to Bodies. #710
  - Reinstates Open311 original update fetching code. #710 #755
  - Pins sass/compass versions. #585
  - Adds new MAPIT_GENERATION variable. #784
- Bugfixes:
  - Fixes MapQuest and OSM attribution. #710 #687
  - Remove cached photos when deleted from admin.
  - Tiny bugfixes processing Open311 updates. #677
  - Correctly sets language in email alert loop. #542
  - Cron emails use EMAIL_DOMAIN in Message-ID. #678
  - Minor fixes for Debian wheezy.
  - Graph display of fixed states.
  - Slight CSS simplification. #609
- Internal things:
  - Improves the robustness of Carton installation. #675
  - Doubles the speed of running tests on Travis.
v1.3 (12th November 2013)
- Changes cobrand behaviour so if only one is specified, always use it. #598
- Allows multiple email addresses to be given for a contact.
- Bugfixes to pan icon placement, and bottom navbar in Chrome. #597
- Admin improvements
  - Search by external ID. #389
  - Date picker in stats. #514
  - Mark external links. #579
  - Fix for bug when changing report state from 'unconfirmed'. #527
  - Improve lists of report updates.
  - Add marking of bodies as deleted.
  - Show version number of code on config page.
- Test suite runs regardless of config file contents. #596
v1.2.6 (11th October 2013)
- Upgrades OpenLayers to 2.13.1, for e.g. animated zooming.
- Adds facility for using Google Maps via OpenLayers. #587
- Swaps installation order of Perl modules/database, more robust. #573
- Renames default FakeMapIt "Default Area" to "Everywhere". #566
- Adds a "current configuration" admin page. #561
v1.2.5 (13th September 2013)
- Adds various useful hints and notices to the admin interface. #184
- Improves the install script, including an example Vagrantfile
- It is now easier for tests to override particular configuration variables should they need to.
v1.2.4 (5th September 2013)
- A fix for the long-standing issue where multiline strings were not being translated (reported at abw/Template2#29 )
- Better translation strings for "marked as" updates, fixes #391
- Less noise when running the tests
v1.2.3 (2nd September 2013)
- Maintenance release to deal with failing installation
- Improves reuse of make_css and shared CSS
- Removes hardcoded UK URLs on a couple of admin error emails
- Marks a couple of strings missing translation
- Updates mapquest URLs
v1.2.2 (26th July 2013)
- Maintenance release to deal with failing installation
- Improves the Google Maps plugin somewhat, though still needs work
v1.2.1 (5th June 2013)
- Maintenance release to deal with failing carton installation
- Test and module fixes for installation on Debian wheezy
- Module fixes for running on Travis
- The install script adds gem environment variables to the user's .bashrc so that make_css can be run directly after installation
- make_css automatically spots which cobrands use compass
- Adds some missing states to the admin report edit page
v1.2 (3rd May 2013)
- Adds MAPIT_ID_WHITELIST to allow easier use of global MapIt
- Adds postfix to the install script/ AMI so emailing works out of the box
- Adds an extra zoom level to the OSM maps
- Adds the Catalyst gzip plugin so HTML pages are gzipped
- Fixes an issue with the All Reports summary statistics not including some open states, such as 'in progress'
v1.1.2 (15th March 2013)
- Includes the cpanfile now required by carton, the Perl package management program we use.
v1.1.1 (22nd February 2013)
- Hotfix to fix missed iPhone width bug
v1.1 (22nd February 2013)
- Adds bodies, so that the organisations that reports are sent to can cover multiple MapIt administrative areas, or multiple bodies can cover one area, and other related scenarios
- Admin display improvements
- Internationalisation improvements, especially with text in JavaScript
- Various minor updates and fixes (e.g. a --debug option on send-reports, and coping if MapIt has its debug switched on)
v1.0 (24th October 2012)
- Official launch of the FixMyStreet platform

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CHANGELOG.md

CHANGELOG.md

Releases

Files

CHANGELOG.md

Latest commit

History

CHANGELOG.md

File metadata and controls

Releases