CHANGELOG.md 4.7 KB
Newer Older
Daniel Gerhardt's avatar
Daniel Gerhardt committed
1 2
# Changelog

Daniel Gerhardt's avatar
Daniel Gerhardt committed
3 4 5 6 7 8 9 10
## 2.1.2
This release fixes a security vulnerability caused by the CORS implementation.
Support for cross-origin requests has been removed. Use ARSnova version 2.2 or
newer for proper CORS. (Reported by Rainer Rillke at Wikimedia)

Additional changes:
* Libraries have been upgraded to fix potential bugs

Daniel Gerhardt's avatar
Daniel Gerhardt committed
11 12 13 14 15 16 17 18
## 2.0.4
This release fixes a security vulnerability caused by the CORS implementation.
Support for cross-origin requests has been removed. Use ARSnova version 2.2 or
newer for proper CORS. (Reported by Rainer Rillke at Wikimedia)

Additional changes:
* Libraries have been upgraded to fix potential bugs

Daniel Gerhardt's avatar
Daniel Gerhardt committed
19 20 21 22 23 24 25
## 2.2.1
This release fixes a security vulnerability in the account management API. It is
highly recommended to upgrade if you are using database authentication.

Additional bug fixes:
* The `security.authentication.login-try-limit` setting now works as intended.

Daniel Gerhardt's avatar
Daniel Gerhardt committed
26 27 28 29 30 31 32
## 2.1.1
This release fixes a security vulnerability in the account management API. It is
highly recommended to upgrade if you are using database authentication.

Additional changes:
* Libraries have been upgraded to fix potential bugs

Daniel Gerhardt's avatar
Daniel Gerhardt committed
33 34 35 36 37 38 39 40
## 2.0.3
This release fixes a security vulnerability in the account management API. It is
highly recommended to upgrade if you are using database authentication.

Additional changes:
* Libraries have been upgraded to fix potential bugs
* Some unnecessary log warnings for Websocket communication are filtered

Daniel Gerhardt's avatar
Daniel Gerhardt committed
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66
## 2.2
This release massively improves performance of ARSnova and contains a critical
bugfix so it is highly recommended to upgrade. Because of the newly introduced
caching method, it might be necessary to increase the Java memory limit for
servlet containers.

Major features:
* Performance improvements: Database queries are now cached by the backend.
  Answers are written to the database in batches.
* Pagination support: The range of results can now be limited.
* The API has been extended to support features introduced with ARSnova Mobile
  2.2.

Bugfixes:
* User content consisting of JSON could not be loaded and rendered connected
  data unloadable as well.

**This version is brought to you by:**  
Project management: Klaus Quibeldey-Cirkel  
Lead programming: Andreas Gärtner, Daniel Gerhardt, Christoph Thelen  
Contributions: Dominik Hikade, Tom Käsler, Maximilian Klingelhöfer,
Michael Sann, Jan Sladek, Katharina Staden  
Sponsoring: [AG QLS](https://www.thm.de/site/en/hochschule/service/ag-qls.html),
[HMWK](https://wissenschaft.hessen.de/wissenschaft/it-neue-medien/kompetenznetz-e-learning-hessen)  


Daniel Gerhardt's avatar
Daniel Gerhardt committed
67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84
## 2.1
Major features:
* Public Pool (experimental): It is now possible to share sessions with other
  users in a pool of public sessions. Other users can create their own copies of
  shared sessions. This feature can be enabled in the arsnova.properties
  configuration.

Minor features and changes:
* Adjustments to correctly handle requests for imports from the frontend.
* Some communication between the frontend and backend has been optimized for
  improved performance.
* Additional configuration parameters for tracking, session export and import, a
  demo session and a blog URL have been introduced.

**This version is brought to you by:**  
Project management: Klaus Quibeldey-Cirkel  
Lead programming: Andreas Gärtner, Daniel Gerhardt, Christoph Thelen  
Contributions: Felix Schmidt, Artjom Siebert, Daniel Vogel  
85
Sponsoring: [AG QLS](https://www.thm.de/site/en/hochschule/service/ag-qls.html),
Daniel Gerhardt's avatar
Daniel Gerhardt committed
86 87 88
[HMWK](https://wissenschaft.hessen.de/wissenschaft/it-neue-medien/kompetenznetz-e-learning-hessen)  


Daniel Gerhardt's avatar
Daniel Gerhardt committed
89 90 91 92
## 2.0.2
This release updates dependencies. The updated library for Socket.IO support
fixes memory leaks and disables SSL 3.0 support (POODLE vulnerability).

Daniel Gerhardt's avatar
Daniel Gerhardt committed
93 94 95 96 97 98 99
## 2.0.1
This release introduces the following changes:
* Updates dependency for Socket.IO support to fix memory leaks
* Usernames for student's questions and free text answers are no longer exposed
  by API responses

## 2.0.0
Daniel Gerhardt's avatar
Daniel Gerhardt committed
100 101 102 103 104 105 106 107 108 109 110 111 112
ARSnova 2.0 has been in development for more than two years. Further releases
can be expected much more frequently.

This is actually the first major release of ARSnova Backend. It is called 2.0 to
feature API compatibility with the simultaneously released ARSnova Mobile 2.0.

**This version is brought to you by:**  
Project management: Klaus Quibeldey-Cirkel  
Lead programming: Andreas Gärtner, Daniel Gerhardt, Christoph Thelen,
Paul-Christian Volkmer  
Contributions: Sören Gutzeit, Julian Hochstetter, Jan Kammer, Daniel Knapp,
Felix Schmidt, Artjom Siebert, Daniel Vogel  
Testing & Feedback: Kevin Atkins, Kathrin Jäger  
113
Sponsoring: [AG QLS](https://www.thm.de/site/en/hochschule/service/ag-qls.html),
Daniel Gerhardt's avatar
Daniel Gerhardt committed
114 115
[HMWK](https://wissenschaft.hessen.de/wissenschaft/it-neue-medien/kompetenznetz-e-learning-hessen),
[@LLZ](http://llz.uni-halle.de/)