Update CHANGELOG.

Merge branch 'master' into todos-and-issues
Release v0.25.1
2024-02-20 10:15:49 -05:00 · 2024-02-20 08:31:28 -05:00 · 2024-02-18 15:55:56 +02:00 · 2024-02-18 13:53:49 +00:00 · 2024-02-18 03:24:29 +00:00
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,5 +1,47 @@
 # Changelog

+## Unreleased
+
+### Changed
+
+* This is actually both a change and a fix. AP Image objects do not define properties matching the 
+  HTML img tag alt and title properties. Image.name is used to render both alt and title, which IMHO is
+  wrong. With this change, markdown images defining the title property will be recognized instead of
+  being thrown away (the fix) and the title property, if defined, will have precedence over the
+  alt property as the Image.name value (the change). Before this change, the client app would properly
+  render the img tag from the markdown source (with distinct alt and title properties), but the Image
+  object would not federate and hence not be displayed on other platforms (namely Mastodon).
+
+### Fixed
+
+* Note._find_and_mark_mentions: When an AP Mention object href can't be found in the rendered content,
+  try the name property.
+
+* Ignore media objects that don't define a media type.
+
+* Prevent rendered content image duplication when an image is both in the AP payload rendered content
+  and defined as an attachment that doesn't set the inlineImage property.
+
+* Instead of discarding the whole AP payload out when encountering an undefined or unlisted AP object,
+  log a warning and keep going. Ensure None is returned when a nested field only contains an undefined
+  object.
+
+* Accept the application/ld+json type for webfinger AP links.
+
+* Mark an AP mention only if profile.finger is defined.
+
+* Handle escape sequences for inbound markdown mentions.
+
+* Extend the Unicode character range allowed in markdown mentions.
+
+* Discard illegal characters from tag text. Previously, this was done only on tag links.
+
+## [0.25.1] - 2024-02-18
+
+### Fixed
+
+* Address CVE-2024-23832 by ensuring that a pulled AP payload id netloc is the same as the request fid netloc.
+
 ## [0.25.0] - 2024-01-06

 ### Added
--- a/docs/conf.py
+++ b/docs/conf.py
@ -2,7 +2,7 @@
 # -*- coding: utf-8 -*-
 from recommonmark.parser import CommonMarkParser

-__version__ = "0.24.1"
+__version__ = "0.25.1"

 #
 # Federation documentation build configuration file, created by
--- a/federation/init.py
+++ b/federation/init.py
@ -7,7 +7,7 @@ from federation.exceptions import NoSuitableProtocolFoundError
 if TYPE_CHECKING:
    from federation.types import RequestType

-__version__ = "0.25.0"
+__version__ = "0.25.1"

 PROTOCOLS = (
    "activitypub",
Autor	SHA1	Wiadomość	Data
Alain St-Denis	e992e2dc20	Update CHANGELOG.	2024-02-20 10:15:49 -05:00
Alain St-Denis	2ee17e4aa6	Merge branch 'master' into todos-and-issues	2024-02-20 08:31:28 -05:00
Jason Robinson	a109a7f824	Release v0.25.1	2024-02-18 15:55:56 +02:00
Jason Robinson	e7629c9a92	Merge branch 'fix-CVE-2024-23832' into 'master' Fix CVE-2024-23832 See merge request jaywink/federation!182	2024-02-18 13:53:49 +00:00
Alain St-Denis	0bc025b0d8	Update CHANGELOG.	2024-02-18 03:24:29 +00:00