- 2016-04-17: Graffiti 2.3.1 is released.
-
This update fixes Graffiti unit test compatibility with Sequel 4.
- 2016-04-16: SynCache 1.4 is released.
-
This update fixes a long-standing
race condition that caused RemoteCache to return nil instead of a
new cache entry and triggered an intermittent "Template not found"
error when rendering Samizdat RSS feeds. It also includes minor build,
test, and syncache-drb daemon fixes and improvements.
SynCache 1.4 Release Notes
- 2016-02-15: SynCache 1.3 is released.
-
This is a minor update that brings SynCache up to date with Ruby 2.x.
SynCache 1.3 Release Notes
- 2012-06-09: Graffiti 2.2 is released.
-
In this minor update, SQL queries generated by Graffiti are made
deterministic and independent from Ruby hash element ordering.
- 2012-05-12: Samizdat 0.7.0 is released.
-
This version features massive improvements both in the user interface
and under the hood. Posts by registered members are now organized into
blogs, publishing a message with several pictures and other multimedia
parts can now be done in a single step, sub-tags provide even finer
control over site structure, while translations have been promoted from
special-class comments into its own kind of a message part. Other
changes include short message cut mark, support for comments with empty
titles, Lock Comments moderation action, and public moderators list.
Samizdat 0.7.0 Release Notes
- 2011-12-25: Graffiti 2.1, SynCache 1.2, Whitewash 2.0 are released.
-
Samizdat and its components are now compatible with latest Ruby 1.9,
some ancient dependencies were replaced with new and actively maintained
libraries.
Graffiti RDF store now uses Sequel
instead of DBI for relational database access.
Graffiti 2.1 Release Notes
SynCache 1.2 introduces new RemoteCache wrapper class, uses Mutex
semaphores directly instead of monkey-patching the obsolete and buggy
sync.rb, and fixes several bugs in concurrency management and the
syncache-drb daemon.
SynCache 1.2 Release Notes
Whitewash now uses Nokogiri
instead of REXML and Tidy for parsing and sanitizing HTML. Experimental
support for HTML5 is now included in a separate whitelist, it is more
permissive than the default HTML whitelist, so it's not yet recommended
for content submitted by untrusted parties.
Whitewash 2.0 Release Notes
Samizdat itself was finally migrated from cgi.rb to
Rack, an configuration example
is provided on how to run a Samizdat site using
Thin behind
Nginx. Mahoro file type detection library
was replaced with Magic
FFI bindings,
fast_gettext
is supported as an alternative to Ruby/GetText.
- 2011-11-07: Samizdat moves to GitHub.
-
The main development repositories of Samizdat and its subprojects
SynCache, Graffiti, and Whitewash have moved from mtn-host.prjek.net to
GitHub.
- 2010-03-14: Graffiti, SynCache, Whitewash modules released.
-
Three components of the Samizdat open publishing system are finally
released as stand-alone modules: Graffiti relational
RDF store, SynCache thread-safe object cache,
Whitewash whitelist-based HTML filter.
Graffiti is an RDF store based on dynamic translation of RDF queries
into SQL. Graffiti allows to map any relational database schema into RDF
semantics and vice versa, to store any RDF data in a relational
database. This RDF store was used as the primary means of data access in
Samizdat from the start.
Graffiti 1.0 Release Notes
SynCache is a thread-safe time-limited cache with flexible
replacement policy and ability to wrap generation of expensive cache
entries in synchronized blocks. SynCache was used in Samizdat since
2005.
SynCache 1.0 Release Notes
Whitewash is a whitelist-based HTML filter for Ruby, based on HTML
Tidy and REXML. It allows Ruby programs to clean up any HTML document or
fragment coming from an untrusted source and to remove all dangerous
constructs that could be used for cross-site scripting or request
forgery. Whitewash was used in Samizdat since 2004.
Whitewash 1.0 Release Notes
- 2009-09-19: Samizdat RDF Store paper accepted to ICIS2009.
-
On-demand
RDF to Relational Query Translation in Samizdat RDF Store, a paper
detailing the RDF query translation algorithms used in Samizdat, was
accepted to the 2009 IEEE International
Conference on Intelligent Computing and Intelligent Systems.
Update 2010-01-03: ICIS2009 Proceeding have been
included
in IEEE Xplore.
- 2009-06-10: Samizdat switches from CVS to Monotone.
-
Samizdat development finally leaves the venerable CVS behind
and switches to Monotone
distributed version control system. To access the public
repository hosted at mtn-host.prjek.net,
use the following command:
mtn pull samizdat.mtn-host.prjek.net 'samizdat-*'
Check the announcement
on samizdat-devel mailing list to find out more.
- 2009-04-20: Bugs and blogs.
-
Most of the backlog of patches and bugs from Savannah
trackers has been processed. The improvements mainly concentrate in
the areas of usability and multi-language support, and include timezone
conversion, a public list of site moderators, a command-line tool to
control moderator priviledges, an option to see all replies on a single
page, an option to limit frontpage to messages only in user's preferred
language, ability to specify "undetermined" language for messages in
languages that are not supported by the site, and more (see changelog
for details). In total, 15 issues were resolved; as of now, only 3
patches are still outstanding: calendar,
SMS gateway, and
language guessing.
Several blogging features have also been added to Samizdat. Member
page is now referred to as /blog/login instead of a numeric member id.
This page now displays short previews of the most recent posts by the
member (before, it was a compact list of all kinds of messages,
including replies and edits), and has its own RSS feed. The list of top
tags on the frontpage is now replaced with a tag cloud that sorts tags
by name and uses larger fonts for more popular tags.
- 2009-03-30: Transitive sub-properties, sub-tags, multimedia parts,
and more.
-
Support for sub-properties, transitive closures, and must-not-bind
query subpatterns in RDF storage module in Samizdat CVS has enabled a
whole host of new features. Most prominent are sub-tags (message related
to a sub-tag automatically shows up under parent and grand-parent tags)
and multimedia message parts (you can upload a message with all its
images in one go). More details and upgrade instructions were
posted
to samizdat-devel mailing list.
- 2009-02-12: Cross-site scripting vulnerability fixed in Samizdat.
-
Several cases of unsanitized user-submitted HTML strings were fixed
in Samizdat 0.6.2. These
vulnerabilities allow attackers to perform cross-site scripting attacks
by publishing specially crafted messages or user names
(CVE-2009-0359).
To protect your users from such attacks, you should update your
installations of Samizdat to this release as soon as possible. If you
are not able to update your installation immediately, you should apply
the following patches (applicable to vanilla Samizdat 0.6.1) at the
first opportunity:
- 2009-02-12: Samizdat 0.6.2 is released.
-
The most important part of this release is the long list of security
improvements in various parts of Samizdat engine. Password encryption is
now as strong as it gets, HTTPS now gets the emphasis it deserves,
cross-site scripting protection has been tightened, and in general the
engine is even more paranoid about user-submitted data than before.
End users will be most interested in the integration with Flowplayer
free Flash video player and the thumbnailing capabilities of the new
image plugin. Both features are enabled by the new plugin mechanism,
which, in addition to handling different content types, allows to add
fancy member profile parameters and alternative access control
schemes.
Samizdat 0.6.2 Release Notes
- 2008-10-28: Force secure logins over HTTPS.
-
Samizdat sites that support both plain HTTP and encrypted HTTPS
protocols can now be configured to ensure that login information is
always submitted over HTTPS.
- 2008-09-21: Important fix for Ruby/Tidy DL breakage.
-
Ruby/Tidy DL wrapper that is used by Samizdat's Sanitize
XSS prevention module was broken by security fixes for the DL library in
Ruby 1.8.7-p72. Until a fix for Ruby/Tidy is available, Sanitize will
have to use
the tidy binary instead of the libtidy library. If you follow Ruby
security updates (which you should), you have to update your
sanitize.rb.
- 2008-07-03: Samizdat translated to Japanese.
-
Japanese translation of Samizdat's UI has finally been revised by a
native speaker and is now enabled by default. Thanks, Boud!
- 2008-06-28: Samizdat presented at LVEE-2008.
-
A presentation called "Samizdat: Ruby without Rails" was
given at the
Linux Vacation / Eastern Europe 2008
conference. The talk focused on why and how Samizdat implements
its own MVC instead of relying on existing frameworks like Rails
and Nitro. The slides (in Russian)
are available from this site.
- 2008-05-10: GPL3, Flowplayer, role-based access controls.
-
License of Samizdat upgraded to GPL3:
"version 3 of the license, or (at your option) any later
version".
Flowplayer flash video
player is integrated into Samizdat. When "flowplayer" plugin is
enabled, Samizdat will display flv and mp4/h.264 files inline in
the page in addition to the usual download link. Flowplayer
requires a Flash browser plugin (free Flash implementations
Gnash and
swfdec are
reported to work in most cases) and JavaScript.
List of moderators was moved from site config file to the
database to accomodate the new role-based access control plugin.
See the upgrade
instructions on samizdat-devel.
- 2008-04-07: Plugins system, image thumbnails.
-
A configurable system of plugins allows to customize
different parts of Samizdat with Ruby code. First set of plugins
controls handling of various types of messages. Image plugin
automatically generates and uses reduced versions of uploaded
images with help of RMagick library.
- 2008-03-22: Descriptions in RSS feeds.
-
All RSS feeds generated by Samizdat now include item
descriptions containing previews of referenced
resources.
- 2008-03-04: Samizdat 0.6.1 is released.
-
Main goal of 0.6.x series is to address the shortcomings that
were identified in the IMC
CMS Survey in November 2006. This version takes care of the
most important part: security. New security features in Samizdat
0.6.1 include: CSRF protection, Antispam module, per-resource
moderation logs, moderation requests tracker.
Samizdat's internals have changed beyond recognition since
previous release. The engine code is refactored into MVC
architecture, Samizdat Cache now uses a deadlock-proof two-level
locking algorithm, RDF Storage has undergone a massive overhaul
that allowed to add support for optional sub-patterns in Squish
queries. Apache/PostgreSQL combo is no longer the only way to
install Samizdat: Lighttpd web server and MySQL and SQLite3
databases are now supported. The database schema is changed once
again, see release
notes on how to upgrade.
There's also a lot of small features and usability
improvements here and there. The tired "next page" link is
replaced with proper pagination system, file sizes are displayed
next to download links, replies are sorted by id instead of last
edit date, posting comment to a multi-page thread redirects to
thread's last page, translations don't appear in the replies
list and can't be replied to, error reporting is more detailed
and less confusing to users. User interface was translated into
several more languages, with varying degrees of
completeness.
And the "cherry on top" prize goes to RSS import module, with
special thanks to Boud who evangelized this feature for a long
time and created the first implementation.
Samizdat 0.6.1 Release Notes
- 2008-02-14: Improved pagination, optional subqueries in RDF.
-
New DataSet based pagination system replaces the venerable
'next page' link and allows to jump directly to the last or
first page, skip couple of pages forward or backward.
RDF storage module has undergone a major overhaul. Biggest
addition is the OPTIONAL sub-pattern section that allows to
augment the query pattern graph with sub-graphs that may or may
not match against the site knowledge base. The code of the
module is now easier to understand thanks to better structure,
smaller methods, and sensible variable names. SQL it generates
is now cleaner, too.
- 2008-01-20: Moderation requests implemented.
-
Users with publishing access are now able to request
moderation of a message.
- 2007-11-12: Per-resource moderation logs, file sizes.
-
It is now possible to view a moderation log for a specific
resource. A link to such log is added to the resource after it
has been touched by moderators.
File sizes for non-inline messages are now displayed with the
download links.
- 2007-08-18: RSS import added.
-
Import Feeds patch by Boud refactored and integrated into the
Samizdat application. Front page of a Samizdat site can now
include feeds from other sites. Feeds are updated by external
script that should be configured to run from a cron
job.
- 2007-06-17: Antispam module added.
-
Antispam module originally submitted by Boud was refactored
and integrated into the Samizdat library.
The module loads and caches a list of wiki spam regular
expressions from a configured URL and rejects messages that
match any of the expressions.
- 2007-06-02: Experimental Japanese translation added.
-
Boud provided an experimental translation of Samizdat's
interface into Japanese language. This translation still needs
to be reviewed and corrected by a native speaker.
- 2007-05-09: Samizdat Cache library made deadlock-proof.
-
CSRF protection increased the load on the Samizdat's DRb
cache to the point where the cache deadlocks became an issue.
New implementation features two-level locking algorithm that
prevents deadlocks and livelocks, pluggable replacement policy
(default changed from FIFO to LRU), and syslog-based debug
facility.
Update 2007-05-19: A bug in Ruby's sync.rb
library breaks two-level locking in Samizdat Cache. Monkey fix
is included in the library until this is fixed
upstream.
Update 2007-07-23: Fix for the sync.rb bug
is included in the Debian package of Ruby.
- 2007-04-25: CSRF protection added.
-
Protection against Cross-Site Request Forgery attacks is
implemented in the Samizdat engine and added to all forms that
may be attacked using this technique.
- 2007-04-22: Lighttpd is now supported.
-
Samizdat can now run under Lighttpd/FastCGI. The support is
still rough around the edges due to Samizdat's use of some
Apache configuration options that are not supported by
Lighttpd.
- 2007-04-17: Samizdat refactored into MVC architecture.
-
A need to redesign Samizdat's engine core was evident for
some time. After considering porting Samizdat to Nitro/Og or
Rails framework, I found Nitro lacking in several areas (first
of all documentation and layouts) and Rails imposing too many
assumptions on the application. Instead, I decided to refactor
Samizdat's core into Model-View-Controller architecture loosely
following that of a Rails application, with hope that in time,
it can be shaped into a form that will be easier to port to
Rails or whatever will be the dominant MVC framework for Ruby at
the time.
The result is a minimalistic MVC framework in just 200 lines
of Ruby code for dispatcher, controller, and view parts, and
reusing the existing RDF-based data model.
The refactoring reorganized most of Samizdat's application
code, migration to this version will also require changes to
Apache configuration and one small change to DB schema.
- 2007-01-30: Samidat is translated to Spanish and German.
-
Once again, Boud championed translation of Samizdat interface
into new languages: Castellano y/und Deutch.
- 2007-01-20: SQLite3 and MySQL are now supported.
-
It is now possible to use SQLite3 and MySQL as backend
databases for Samizdat engine. PostgreSQL is still more stable
and well tested option, so it remains the recommended
backend.
- 2006-11-29: Samidat 0.6.0 is released.
-
The version increase attributes to the gradual changes in
0.5.x series and incorporates almost two years worth of
real-world deployment. Now that Samizdat has finally become a
mature open publishing system, the road is cleared for more
intrusive changes and major new features, such as free exchange
and calendaring.
In the way of major features, this version introduces
ubiquitous message translations and RSS syndication. Many old
tools are now more flexible and easier to use: focus management
interface is simplified, the front page now packs more
information in better layout and allows to include static
headers and footers.
There are even more changes under the hood: multi-layer
caching, gzip and ETag support, support for audio and video
uploads, BitTorrent links, HTML and CSS filtering, flexible
access control, new moderation features, new UI translations and
themes, code reorganization, simplified installation, and
more.
Samizdat 0.6.0 Release Notes
- 2006-11-28: Review of Samizdat for IMC CMS project is finalized.
- Samizdat is compared against Drupal, Plone, Wordpress, and
Spip for requirements and wishes of Indymedia activists:
CMS Survey Report,
discussion on samizdat-devel.
- 2006-09-22: Samizdat translated to French.
- French translation of Samizdat interface was contributed by Boud.
- 2006-09-12: Samizdat progress and IMC CMS project.
- In response to IMC CMS project,
discussion of Samizdat's progress in achieving features desired
by Indymedia is started.
- 2006-01-24: Indymedia Ukraine accepted into Indymedia Network.
- Indymedia Ukraine,
running Samizdat engine in production, is accepted
into Indymedia Network.
- 2005-12-19: Indymedia Belarus accepted into Indymedia Network.
- Indymedia Belarus,
running Samizdat engine in production, is accepted
into Indymedia Network.
- 2005-12-02: Samizdat translated to Polish.
- Polish translation of Samizdat interface was contributed by Boud.
- 2005-08-31: New discussions on samizdat-devel.
- See August archive
of samizdat-devel mailing list for general discussions on Java
vs. Ruby and feedback on Debian package of Samizdat.
- 2005-02-11: Samizdat RDF Storage 0.1 is released.
- Due to numerous requests from the public, Samizdat RDF
Storage module is now released as a stand-alone library. The
module provides optimized storage of RDF data in relational
database (PostgreSQL) and is used by Samizdat engine as its main
data storage.
- 2004-10-22: Samizdat 0.5.4 is released.
In this version, front page layout was changed to the more
familiar vertial split with the main column featuring focuses
and right column running recent updates in the open publishing
wire. New moderation facility allows to take over messages,
displace their contents completely, and block member accounts.
More new features: alternative CSS theme Indy is added and now
is selectable from the Settings page; Belarussian translation is
added; database connection is now configurable and allows to run
multiple Samizdat instances on a single server; oversize titles
and descriptions are now truncated.
Samizdat 0.5.4 Release Notes
- 2004-09-24: Demo site at Cat@lyst is back online.
- With generous help from Andy Nicholson, latest Samizdat
version is now running at the same location.
- 2004-09-20: Samizdat 0.5.3 is released.
- Starting with this version, Samizdat can send out email:
currently, it is used to recover lost passwords and to confirm
that member email address is real. Email addresses are now
unique, making it more difficult to cheat using throwaway
accounts. Other changes include new dc:description message
property for attaching article abstract, thumbnail image, or
table of contents to a message, new preferences infrastructure
allowing to add more server-side member settings in the future,
and the inevitable database schema change.
- 2004-09-20: Couple of whitepapers on Samizdat from the
RDF perspective.
- The papers "Model for
Collaborative Decision Making Based on RDF
Reification"
and "Accessing Relational Data with
RDF Queries and Assertions" where submitted to
several RDF-related conferences earlier this year, but where
accepted by none, and thus are now made freely available
online.
- 2004-08-04: New demo site is now online.
- Demo site using Samizdat is deployed at Boblycat by Eugene Zaikonnikov.
- 2004-07-05: Samizdat 0.5.2 is released.
- This version adds Wiki functionality to Samizdat, allowing
to edit messages and track history of changes. Messages may use
Textile format for advanced hypertext markup, editing may be
limited to the original creator or open for all site members.
Other highlights of this release are FastCGI support,
configurable site logo, multiple usability improvements, and the
usual bunch of bugfixes. Once again, database schema is slightly
changed.
- 2004-03-18: Samizdat 0.5.1 "Paris Commune" release is out.
- This release is dedicated to 133rd anniversary of the Paris
Commune. Main feature of this version is i18n support, with
Russian translation already in place. Other improvements include
ability to work as plain CGI without mod_ruby, support for
Windows/Cygwin, massive speed increase, and a long list of
bugfixes. Database schema is changed again, but this time it is
trivial to migrate from the previous version.
- 2003-12-01: Samizdat 0.5.0 is released.
- This version introduces basic focus management, completing
the minimal set of features required for an open publishing part
of the engine, and making Samizdat ready for public beta
testing. Other major changes in this release include Pingback
support, many user interface improvements, another rewrite of
multimedia upload, testing framework, and more.
- 2003-11-18: Demo site is available.
- Demo site using Samizdat is deployed at
Cat@lyst by Andy
Nicholson.
- 2003-10-17: samizdat-devel mailing list is created.
- The mailing list
is dedicated to development of the Samizdat collaboration and
open publishing engine. Secondary list topics include Samizdat
demployment, usage, and other related issues.
- 2003-09-01: Samizdat 0.0.4 is released.
- This version allows to upload multimedia messages, including
images and verbatim plain text, and introduces publishing of
user-defined queries in form of "application/x-squish"
messages. When migrating from older versions, Samizdat database
should be dropped and recreated from scratch because of
incompatible database schema change: content is now stored as a
blob. In addition, file upload feature relies on StringIO module
that is available as part of the Ruby 1.8 or can be installed
separately from the Ruby Shim library for Ruby 1.6.
- 2003-08-08: Samizdat 0.0.3 is released.
- In this version, query construction UI is added, allowing to
compose and modify search queries more conveniently and without
having to manually edit raw Squish. Other major changes include
switch to Unicode UTF-8 as default encoding, great improvement
of browsers support in CSS, more code refactoring. Many minor
bugs and inconsistencies are fixed, UI is enhanced in several
places.
- 2003-07-14: Samizdat 0.0.2 is released.
- This version implements query validation and security
limits, making execution of user-defined search queries safer.
Other changes include schema improvements (better integration of
Samizdat RDF schema with Dublin Core, separate namespace for
tags, switch from RDF/XML to more readable N3 notation),
enhanced search result display (resource rendering is separated
into a class), UI CSS clean-up, documentation updates. Access to
utility classes is reorganized and simplified.
- 2003-06-12: Samizdat 0.0.1 is released.
- This is the first version that includes basic RDF search
query construction UI. Other functionality covered by this
version includes: registering site members, publishing and
replying to messages, voting for standard tags on
resources.