Recent Releases

3.3.624 Mar 2025 23:41 minor feature: Security Update the `Jinja2 `__ library due to a sandbox escape vulnerability (:cve:`2025-27516`). .. note:: Since document templates can only be managed by Indico admins (unless granted to specific other trusted users as well), the impact of this vulnerability is considered low to medium, as it would require a malicious admin to abuse this e.g. to to read. `indico.conf` data, which is otherwise only accessible to people with direct server access. Improvements. . Add a new "Accepted by Submitter" state for editables when a submitter approved the changes proposed by the editor (::`6185`, :pr:`6186`). Highlight editables in the editable list that have been updated since the last time they were viewed (:pr:`6500`). Refresh the looks of the PDF timetable (::`6554`, :pr:`6558`). Redact session cookie value in error emails (:pr:`6666`). Allow creating a new local account during password reset if the user does not have one yet (:pr:`6688`). Set session cookies with `SameSite=Lax` so they are not sent when Indico is embedded in a third-party iframe (:pr:`6690`). Make the event export/import util much more flexible to support exporting whole category subtrees, add better support for dealing with files, and add various things that were not correctly exported before (:pr:`6446`). Add a setting to limit the information room booking users can see for bookings not linked to them or their rooms (:pr:`6704`). Add shortcuts to the past and t events in a category (:pr:`6710`). Improve the appearance of the date pickers (::`6719`, :pr:`6720`, thanks :user:`foxbunny`). Add a new setting (:data:`ALLOW_ADMIN_USER_DELETION`) to let administrators permanently delete Indico users from the user management UI (:pr:`6652`, thanks :user:`SegiNyn`). Support `==text==` to highlight text in markdown (::`6731`, :pr:`6732, 6767`). Add an event setting to allow enforcing search before entering a person manually to a persons list in abstract
3.3.505 Dec 2024 16:45 minor feature:
3.3.423 Nov 2024 07:25 minor feature:
3.3.326 Jun 2024 16:45 minor feature: lt;h1 gt; Internationalization lt;/h1 gt;. lt;ul gt;. lt;li gt;New translation: Hungarian lt;/li gt;. lt;/ul gt;. lt;h1 gt; Improvements lt;/h1 gt;. lt;ul gt;. lt;li gt;Add dialog to contact event participants about a survey lt;/li gt;. lt;li gt;Allow linking existing room booking occurrences to an event lt;/li gt;. lt;li gt;Support including a picture in the conference participant list lt;/li gt;. lt;li gt;Add lt;a href="https://docs.getindico.io/en/stable/config/settings/#FAVICON_URL" rel="nofollow" gt; lt;code gt;FAVICON_URL lt;/code gt; lt;/a gt; config option to set a custom URL for the favicon lt;/li gt;. lt;li gt;Allow filtering the contribution list in the management area by custom fields lt;/li gt;. lt;li gt;Show "Go to timeline" button on the contribution page to everyone who can see the timeline of one of its editables instead of just submitters lt;/li gt;. lt;li gt;Add a new "Timetable Sessions" registration form field type which allows selecting session blocks from the event lt;/li gt;. lt;li gt;Link the event title to the event in registration emails lt;/li gt;. lt;li gt;Add the option to make registration forms private so they can only be accessed using a secret link lt;/li gt;. lt;li gt;Add experimental support for creating Apple Wallet (Passbook / pkpass) (opt-in via lt;a href="https://docs.getindico.io/en/stable/config/settings/#ENABLE_APPLE_WALLET" rel="nofollow" gt; lt;code gt;ENABLE_APPLE_WALLET lt;/code gt; lt;/a gt; lt;code gt;indico.conf lt;/code gt; setting) lt;/li gt;. lt;li gt;Add a new event management permission that grants access only to the contributions module lt;/li gt;. lt;li gt;Add bulk JSON export option in management contribution list lt;/li gt;. lt;li gt;Make the default roles of the contribution person link list field more similar to the abstract person link list field when there is a linked abstract lt;/li gt;. lt;li gt;Add option to hide person titles throughout the event lt;/li gt;. lt;li gt;Preserve input when s
3.3.221 Apr 2024 05:25 minor feature: lt;h1 gt; Improvements lt;/h1 gt;. lt;ul gt;. lt;li gt;Use more verbose page titles in management/admin areas lt;/li gt;. lt;li gt;Prioritize exact matches when searching for users lt;/li gt;. lt;li gt;Show document templates from non-parent categories and other events for cloning as long as the user has management access lt;/li gt;. lt;li gt;Warn about conflicts from concurrent edits of minutes lt;/li gt;. lt;li gt;Include up to two months of past events in dashboard iCal export lt;/li gt;. lt;/ul gt;. lt;h1 gt; lt;/h1 gt;. lt;ul gt;. lt;li gt;adding additional event keywords when some keywords have already been set lt;/li gt;. lt;li gt;overlapping times in some room booking timelines when using a locale with a 12-hour time format lt;/li gt;. lt;li gt;error when printing badges referencing a linked regform picture field that contains no picture lt;/li gt;. lt;li gt;error when creating a reminder for exactly one week before the event lt;/li gt;. lt;li gt;error when unassigning the editor of an editable that has no editor lt;/li gt;. lt;li gt;error when judging an editable from the list of editables lt;/li gt;. lt;li gt;validation error when using a lt;code gt;mailto: lt;/code gt; link in an email body lt;/li gt;. lt;li gt;Clear the flags indicating that registrations or a registration form field have been purged when cloning an event lt;/li gt;. lt;li gt;Use English locale when formatting dates for room booking log entries lt;/li gt;. lt;li gt;date validation in room booking failing in certain timezones lt;/li gt;. lt;/ul gt;. lt;h1 gt; Internal Changes lt;/h1 gt;. lt;ul gt;. lt;li gt;Allow plugins to fully replace the data in a QR code with a custom string instead of just modifying/extending the JSON dict lt;/li gt;. lt;li gt;Replace deprecated lt;code gt;pkg_resources lt;/code gt; with lt;code gt;importlib lt;/code gt; from standard library lt;/li gt;. lt;/ul gt;.
3.3.101 Apr 2024 15:05 minor feature: Fix sending emails when using TLS (SMTP_USE_TLS) (#6261)