Samizdat: Co-op Engine

Home | About | Documentation | Developers | Download

2016-04-17: Graffiti 2.3.1 is released.

This update fixes Graffiti unit test compatibility with Sequel 4.

2016-04-16: SynCache 1.4 is released.

This update fixes a long-standing race condition that caused RemoteCache to return nil instead of a new cache entry and triggered an intermittent "Template not found" error when rendering Samizdat RSS feeds. It also includes minor build, test, and syncache-drb daemon fixes and improvements.

SynCache 1.4 Release Notes

2016-02-15: SynCache 1.3 is released.

This is a minor update that brings SynCache up to date with Ruby 2.x.

SynCache 1.3 Release Notes

2012-06-09: Graffiti 2.2 is released.

In this minor update, SQL queries generated by Graffiti are made deterministic and independent from Ruby hash element ordering.

2012-05-12: Samizdat 0.7.0 is released.

This version features massive improvements both in the user interface and under the hood. Posts by registered members are now organized into blogs, publishing a message with several pictures and other multimedia parts can now be done in a single step, sub-tags provide even finer control over site structure, while translations have been promoted from special-class comments into its own kind of a message part. Other changes include short message cut mark, support for comments with empty titles, Lock Comments moderation action, and public moderators list.

Samizdat 0.7.0 Release Notes

2011-12-25: Graffiti 2.1, SynCache 1.2, Whitewash 2.0 are released.

Samizdat and its components are now compatible with latest Ruby 1.9, some ancient dependencies were replaced with new and actively maintained libraries.

Graffiti RDF store now uses Sequel instead of DBI for relational database access.

Graffiti 2.1 Release Notes

SynCache 1.2 introduces new RemoteCache wrapper class, uses Mutex semaphores directly instead of monkey-patching the obsolete and buggy sync.rb, and fixes several bugs in concurrency management and the syncache-drb daemon.

SynCache 1.2 Release Notes

Whitewash now uses Nokogiri instead of REXML and Tidy for parsing and sanitizing HTML. Experimental support for HTML5 is now included in a separate whitelist, it is more permissive than the default HTML whitelist, so it's not yet recommended for content submitted by untrusted parties.

Whitewash 2.0 Release Notes

Samizdat itself was finally migrated from cgi.rb to Rack, an configuration example is provided on how to run a Samizdat site using Thin behind Nginx. Mahoro file type detection library was replaced with Magic FFI bindings, fast_gettext is supported as an alternative to Ruby/GetText.

2011-11-07: Samizdat moves to GitHub.

The main development repositories of Samizdat and its subprojects SynCache, Graffiti, and Whitewash have moved from mtn-host.prjek.net to GitHub.

2010-03-14: Graffiti, SynCache, Whitewash modules released.

Three components of the Samizdat open publishing system are finally released as stand-alone modules: Graffiti relational RDF store, SynCache thread-safe object cache, Whitewash whitelist-based HTML filter.

Graffiti is an RDF store based on dynamic translation of RDF queries into SQL. Graffiti allows to map any relational database schema into RDF semantics and vice versa, to store any RDF data in a relational database. This RDF store was used as the primary means of data access in Samizdat from the start.

Graffiti 1.0 Release Notes

SynCache is a thread-safe time-limited cache with flexible replacement policy and ability to wrap generation of expensive cache entries in synchronized blocks. SynCache was used in Samizdat since 2005.

SynCache 1.0 Release Notes

Whitewash is a whitelist-based HTML filter for Ruby, based on HTML Tidy and REXML. It allows Ruby programs to clean up any HTML document or fragment coming from an untrusted source and to remove all dangerous constructs that could be used for cross-site scripting or request forgery. Whitewash was used in Samizdat since 2004.

Whitewash 1.0 Release Notes

2009-09-19: Samizdat RDF Store paper accepted to ICIS2009.

On-demand RDF to Relational Query Translation in Samizdat RDF Store, a paper detailing the RDF query translation algorithms used in Samizdat, was accepted to the 2009 IEEE International Conference on Intelligent Computing and Intelligent Systems. Update 2010-01-03: ICIS2009 Proceeding have been included in IEEE Xplore.

2009-06-10: Samizdat switches from CVS to Monotone.

Samizdat development finally leaves the venerable CVS behind and switches to Monotone distributed version control system. To access the public repository hosted at mtn-host.prjek.net, use the following command:

  mtn pull samizdat.mtn-host.prjek.net 'samizdat-*'

Check the announcement on samizdat-devel mailing list to find out more.

2009-04-20: Bugs and blogs.

Most of the backlog of patches and bugs from Savannah trackers has been processed. The improvements mainly concentrate in the areas of usability and multi-language support, and include timezone conversion, a public list of site moderators, a command-line tool to control moderator priviledges, an option to see all replies on a single page, an option to limit frontpage to messages only in user's preferred language, ability to specify "undetermined" language for messages in languages that are not supported by the site, and more (see changelog for details). In total, 15 issues were resolved; as of now, only 3 patches are still outstanding: calendar, SMS gateway, and language guessing.

Several blogging features have also been added to Samizdat. Member page is now referred to as /blog/login instead of a numeric member id. This page now displays short previews of the most recent posts by the member (before, it was a compact list of all kinds of messages, including replies and edits), and has its own RSS feed. The list of top tags on the frontpage is now replaced with a tag cloud that sorts tags by name and uses larger fonts for more popular tags.

2009-03-30: Transitive sub-properties, sub-tags, multimedia parts, and more.

Support for sub-properties, transitive closures, and must-not-bind query subpatterns in RDF storage module in Samizdat CVS has enabled a whole host of new features. Most prominent are sub-tags (message related to a sub-tag automatically shows up under parent and grand-parent tags) and multimedia message parts (you can upload a message with all its images in one go). More details and upgrade instructions were posted to samizdat-devel mailing list.

2009-02-12: Cross-site scripting vulnerability fixed in Samizdat.

Several cases of unsanitized user-submitted HTML strings were fixed in Samizdat 0.6.2. These vulnerabilities allow attackers to perform cross-site scripting attacks by publishing specially crafted messages or user names (CVE-2009-0359).

To protect your users from such attacks, you should update your installations of Samizdat to this release as soon as possible. If you are not able to update your installation immediately, you should apply the following patches (applicable to vanilla Samizdat 0.6.1) at the first opportunity:

2009-02-12: Samizdat 0.6.2 is released.

The most important part of this release is the long list of security improvements in various parts of Samizdat engine. Password encryption is now as strong as it gets, HTTPS now gets the emphasis it deserves, cross-site scripting protection has been tightened, and in general the engine is even more paranoid about user-submitted data than before.

End users will be most interested in the integration with Flowplayer free Flash video player and the thumbnailing capabilities of the new image plugin. Both features are enabled by the new plugin mechanism, which, in addition to handling different content types, allows to add fancy member profile parameters and alternative access control schemes.

Samizdat 0.6.2 Release Notes

2008-10-28: Force secure logins over HTTPS.

Samizdat sites that support both plain HTTP and encrypted HTTPS protocols can now be configured to ensure that login information is always submitted over HTTPS.

2008-09-21: Important fix for Ruby/Tidy DL breakage.

Ruby/Tidy DL wrapper that is used by Samizdat's Sanitize XSS prevention module was broken by security fixes for the DL library in Ruby 1.8.7-p72. Until a fix for Ruby/Tidy is available, Sanitize will have to use the tidy binary instead of the libtidy library. If you follow Ruby security updates (which you should), you have to update your sanitize.rb.

2008-07-03: Samizdat translated to Japanese.

Japanese translation of Samizdat's UI has finally been revised by a native speaker and is now enabled by default. Thanks, Boud!

2008-06-28: Samizdat presented at LVEE-2008.

A presentation called "Samizdat: Ruby without Rails" was given at the Linux Vacation / Eastern Europe 2008 conference. The talk focused on why and how Samizdat implements its own MVC instead of relying on existing frameworks like Rails and Nitro. The slides (in Russian) are available from this site.

2008-05-10: GPL3, Flowplayer, role-based access controls.

License of Samizdat upgraded to GPL3: "version 3 of the license, or (at your option) any later version".

Flowplayer flash video player is integrated into Samizdat. When "flowplayer" plugin is enabled, Samizdat will display flv and mp4/h.264 files inline in the page in addition to the usual download link. Flowplayer requires a Flash browser plugin (free Flash implementations Gnash and swfdec are reported to work in most cases) and JavaScript.

List of moderators was moved from site config file to the database to accomodate the new role-based access control plugin. See the upgrade instructions on samizdat-devel.

2008-04-07: Plugins system, image thumbnails.

A configurable system of plugins allows to customize different parts of Samizdat with Ruby code. First set of plugins controls handling of various types of messages. Image plugin automatically generates and uses reduced versions of uploaded images with help of RMagick library.

2008-03-22: Descriptions in RSS feeds.

All RSS feeds generated by Samizdat now include item descriptions containing previews of referenced resources.

2008-03-04: Samizdat 0.6.1 is released.

Main goal of 0.6.x series is to address the shortcomings that were identified in the IMC CMS Survey in November 2006. This version takes care of the most important part: security. New security features in Samizdat 0.6.1 include: CSRF protection, Antispam module, per-resource moderation logs, moderation requests tracker.

Samizdat's internals have changed beyond recognition since previous release. The engine code is refactored into MVC architecture, Samizdat Cache now uses a deadlock-proof two-level locking algorithm, RDF Storage has undergone a massive overhaul that allowed to add support for optional sub-patterns in Squish queries. Apache/PostgreSQL combo is no longer the only way to install Samizdat: Lighttpd web server and MySQL and SQLite3 databases are now supported. The database schema is changed once again, see release notes on how to upgrade.

There's also a lot of small features and usability improvements here and there. The tired "next page" link is replaced with proper pagination system, file sizes are displayed next to download links, replies are sorted by id instead of last edit date, posting comment to a multi-page thread redirects to thread's last page, translations don't appear in the replies list and can't be replied to, error reporting is more detailed and less confusing to users. User interface was translated into several more languages, with varying degrees of completeness.

And the "cherry on top" prize goes to RSS import module, with special thanks to Boud who evangelized this feature for a long time and created the first implementation.

Samizdat 0.6.1 Release Notes

2008-02-14: Improved pagination, optional subqueries in RDF.

New DataSet based pagination system replaces the venerable 'next page' link and allows to jump directly to the last or first page, skip couple of pages forward or backward.

RDF storage module has undergone a major overhaul. Biggest addition is the OPTIONAL sub-pattern section that allows to augment the query pattern graph with sub-graphs that may or may not match against the site knowledge base. The code of the module is now easier to understand thanks to better structure, smaller methods, and sensible variable names. SQL it generates is now cleaner, too.

2008-01-20: Moderation requests implemented.

Users with publishing access are now able to request moderation of a message.

2007-11-12: Per-resource moderation logs, file sizes.

It is now possible to view a moderation log for a specific resource. A link to such log is added to the resource after it has been touched by moderators.

File sizes for non-inline messages are now displayed with the download links.

2007-08-18: RSS import added.

Import Feeds patch by Boud refactored and integrated into the Samizdat application. Front page of a Samizdat site can now include feeds from other sites. Feeds are updated by external script that should be configured to run from a cron job.

2007-06-17: Antispam module added.

Antispam module originally submitted by Boud was refactored and integrated into the Samizdat library.

The module loads and caches a list of wiki spam regular expressions from a configured URL and rejects messages that match any of the expressions.

2007-06-02: Experimental Japanese translation added.

Boud provided an experimental translation of Samizdat's interface into Japanese language. This translation still needs to be reviewed and corrected by a native speaker.

2007-05-09: Samizdat Cache library made deadlock-proof.

CSRF protection increased the load on the Samizdat's DRb cache to the point where the cache deadlocks became an issue. New implementation features two-level locking algorithm that prevents deadlocks and livelocks, pluggable replacement policy (default changed from FIFO to LRU), and syslog-based debug facility.

Update 2007-05-19: A bug in Ruby's sync.rb library breaks two-level locking in Samizdat Cache. Monkey fix is included in the library until this is fixed upstream.

Update 2007-07-23: Fix for the sync.rb bug is included in the Debian package of Ruby.

2007-04-25: CSRF protection added.

Protection against Cross-Site Request Forgery attacks is implemented in the Samizdat engine and added to all forms that may be attacked using this technique.

2007-04-22: Lighttpd is now supported.

Samizdat can now run under Lighttpd/FastCGI. The support is still rough around the edges due to Samizdat's use of some Apache configuration options that are not supported by Lighttpd.

2007-04-17: Samizdat refactored into MVC architecture.

A need to redesign Samizdat's engine core was evident for some time. After considering porting Samizdat to Nitro/Og or Rails framework, I found Nitro lacking in several areas (first of all documentation and layouts) and Rails imposing too many assumptions on the application. Instead, I decided to refactor Samizdat's core into Model-View-Controller architecture loosely following that of a Rails application, with hope that in time, it can be shaped into a form that will be easier to port to Rails or whatever will be the dominant MVC framework for Ruby at the time.

The result is a minimalistic MVC framework in just 200 lines of Ruby code for dispatcher, controller, and view parts, and reusing the existing RDF-based data model.

The refactoring reorganized most of Samizdat's application code, migration to this version will also require changes to Apache configuration and one small change to DB schema.

2007-01-30: Samidat is translated to Spanish and German.

Once again, Boud championed translation of Samizdat interface into new languages: Castellano y/und Deutch.

2007-01-20: SQLite3 and MySQL are now supported.

It is now possible to use SQLite3 and MySQL as backend databases for Samizdat engine. PostgreSQL is still more stable and well tested option, so it remains the recommended backend.

2006-11-29: Samidat 0.6.0 is released.

The version increase attributes to the gradual changes in 0.5.x series and incorporates almost two years worth of real-world deployment. Now that Samizdat has finally become a mature open publishing system, the road is cleared for more intrusive changes and major new features, such as free exchange and calendaring.

In the way of major features, this version introduces ubiquitous message translations and RSS syndication. Many old tools are now more flexible and easier to use: focus management interface is simplified, the front page now packs more information in better layout and allows to include static headers and footers.

There are even more changes under the hood: multi-layer caching, gzip and ETag support, support for audio and video uploads, BitTorrent links, HTML and CSS filtering, flexible access control, new moderation features, new UI translations and themes, code reorganization, simplified installation, and more.

Samizdat 0.6.0 Release Notes

2006-11-28: Review of Samizdat for IMC CMS project is finalized.
Samizdat is compared against Drupal, Plone, Wordpress, and Spip for requirements and wishes of Indymedia activists: CMS Survey Report, discussion on samizdat-devel.
2006-09-22: Samizdat translated to French.
French translation of Samizdat interface was contributed by Boud.
2006-09-12: Samizdat progress and IMC CMS project.
In response to IMC CMS project, discussion of Samizdat's progress in achieving features desired by Indymedia is started.
2006-01-24: Indymedia Ukraine accepted into Indymedia Network.
Indymedia Ukraine, running Samizdat engine in production, is accepted into Indymedia Network.
2005-12-19: Indymedia Belarus accepted into Indymedia Network.
Indymedia Belarus, running Samizdat engine in production, is accepted into Indymedia Network.
2005-12-02: Samizdat translated to Polish.
Polish translation of Samizdat interface was contributed by Boud.
2005-08-31: New discussions on samizdat-devel.
See August archive of samizdat-devel mailing list for general discussions on Java vs. Ruby and feedback on Debian package of Samizdat.
2005-02-11: Samizdat RDF Storage 0.1 is released.
Due to numerous requests from the public, Samizdat RDF Storage module is now released as a stand-alone library. The module provides optimized storage of RDF data in relational database (PostgreSQL) and is used by Samizdat engine as its main data storage.
2004-10-22: Samizdat 0.5.4 is released.

In this version, front page layout was changed to the more familiar vertial split with the main column featuring focuses and right column running recent updates in the open publishing wire. New moderation facility allows to take over messages, displace their contents completely, and block member accounts. More new features: alternative CSS theme Indy is added and now is selectable from the Settings page; Belarussian translation is added; database connection is now configurable and allows to run multiple Samizdat instances on a single server; oversize titles and descriptions are now truncated.

Samizdat 0.5.4 Release Notes

2004-09-24: Demo site at Cat@lyst is back online.
With generous help from Andy Nicholson, latest Samizdat version is now running at the same location.
2004-09-20: Samizdat 0.5.3 is released.
Starting with this version, Samizdat can send out email: currently, it is used to recover lost passwords and to confirm that member email address is real. Email addresses are now unique, making it more difficult to cheat using throwaway accounts. Other changes include new dc:description message property for attaching article abstract, thumbnail image, or table of contents to a message, new preferences infrastructure allowing to add more server-side member settings in the future, and the inevitable database schema change.
2004-09-20: Couple of whitepapers on Samizdat from the RDF perspective.
The papers "Model for Collaborative Decision Making Based on RDF Reification" and "Accessing Relational Data with RDF Queries and Assertions" where submitted to several RDF-related conferences earlier this year, but where accepted by none, and thus are now made freely available online.
2004-08-04: New demo site is now online.
Demo site using Samizdat is deployed at Boblycat by Eugene Zaikonnikov.
2004-07-05: Samizdat 0.5.2 is released.
This version adds Wiki functionality to Samizdat, allowing to edit messages and track history of changes. Messages may use Textile format for advanced hypertext markup, editing may be limited to the original creator or open for all site members. Other highlights of this release are FastCGI support, configurable site logo, multiple usability improvements, and the usual bunch of bugfixes. Once again, database schema is slightly changed.
2004-03-18: Samizdat 0.5.1 "Paris Commune" release is out.
This release is dedicated to 133rd anniversary of the Paris Commune. Main feature of this version is i18n support, with Russian translation already in place. Other improvements include ability to work as plain CGI without mod_ruby, support for Windows/Cygwin, massive speed increase, and a long list of bugfixes. Database schema is changed again, but this time it is trivial to migrate from the previous version.
2003-12-01: Samizdat 0.5.0 is released.
This version introduces basic focus management, completing the minimal set of features required for an open publishing part of the engine, and making Samizdat ready for public beta testing. Other major changes in this release include Pingback support, many user interface improvements, another rewrite of multimedia upload, testing framework, and more.
2003-11-18: Demo site is available.
Demo site using Samizdat is deployed at Cat@lyst by Andy Nicholson.
2003-10-17: samizdat-devel mailing list is created.
The mailing list is dedicated to development of the Samizdat collaboration and open publishing engine. Secondary list topics include Samizdat demployment, usage, and other related issues.
2003-09-01: Samizdat 0.0.4 is released.
This version allows to upload multimedia messages, including images and verbatim plain text, and introduces publishing of user-defined queries in form of "application/x-squish" messages. When migrating from older versions, Samizdat database should be dropped and recreated from scratch because of incompatible database schema change: content is now stored as a blob. In addition, file upload feature relies on StringIO module that is available as part of the Ruby 1.8 or can be installed separately from the Ruby Shim library for Ruby 1.6.
2003-08-08: Samizdat 0.0.3 is released.
In this version, query construction UI is added, allowing to compose and modify search queries more conveniently and without having to manually edit raw Squish. Other major changes include switch to Unicode UTF-8 as default encoding, great improvement of browsers support in CSS, more code refactoring. Many minor bugs and inconsistencies are fixed, UI is enhanced in several places.
2003-07-14: Samizdat 0.0.2 is released.
This version implements query validation and security limits, making execution of user-defined search queries safer. Other changes include schema improvements (better integration of Samizdat RDF schema with Dublin Core, separate namespace for tags, switch from RDF/XML to more readable N3 notation), enhanced search result display (resource rendering is separated into a class), UI CSS clean-up, documentation updates. Access to utility classes is reorganized and simplified.
2003-06-12: Samizdat 0.0.1 is released.
This is the first version that includes basic RDF search query construction UI. Other functionality covered by this version includes: registering site members, publishing and replying to messages, voting for standard tags on resources.

What is Samizdat?

  • Samizdat is a generic RDF-based engine for building collaboration and open publishing web sites.

    Samizdat provides users with means to cooperate and coordinate on all kinds of activities, including media activism, resource sharing, education and research, advocacy, and so on. Samizdat intends to promote values of freedom, openness, equality, and cooperation.

    Samizdat's open and transparent nature and its multi-lingual capabilities make it an excellent solution for international and political projects.

Download

External Links