Tags: shipko/CTFd
Tags
Merge pull request CTFd#1391 from CTFd/mark-2.4.2 2.4.2 / 2020-05-08 ================== **Admin Panel** * Fix Challenge Reset in Admin Panel where Dynamic Challenges prevented resetting Challenges **Plugins** * Add the `CTFd.plugins.migrations` module to allow plugins to handle migrations. Plugins should now call `CTFd.plugins.migrations.upgrade` instead of `app.db.create_all` which will allow the plugin to have database migrations. * Make Dynamic Challenges have a cascading deletion constraint against their respective Challenge row **Miscellaneous** * Add `app.plugins_dir` object to refer to the directory where plugins are installed
Merge pull request CTFd#1385 from CTFd/mark-2.4.1 2.4.1 / 2020-05-06 ================== **Admin Panel** * Fix issue where admins couldn't update the "Account Creation" email * Fix issue where the Submissions page in the Admin Panel could not be paginated correctly **Miscellaneous** * Add `SQLALCHEMY_ENGINE_OPTIONS` to `config.py` with a slightly higher default `max_overflow` setting for `SQLALCHEMY_MAX_OVERFLOW`. This can be overridden with the `SQLALCHEMY_MAX_OVERFLOW` envvar * Add `node_modules/` to `.dockerignore`
Mark 2.3.3 (CTFd#1316) 2.3.3 / 2020-04-12 ================== **General** * Re-enable the Jinja LRU Cache for **significant speedups** when returning HTML content **API** * `POST /api/v1/unlocks` will no longer allow duplicate unlocks to happen **Admin Panel** * Makes `Account Visibility` subtext clearer by explaining the `Private` setting in Config Panel **Themes** * Fixes an issue with using a theme with a purely numeric name * Fixes issue where the scoreboard graph always said Teams regardless of mode **Miscellaneous** * Bump max log file size to 10 MB and fix log rotation * Docker image dependencies (apk & pip) are no longer cached reducing the image size slightly
2.3.0 (CTFd#1248) 2.3.0 / 2020-02-17 ================== **General** * During setup, admins can register their email address with the CTFd LLC newsletter for news and updates * Fix editting hints from the admin panel * Allow admins to insert HTML code directly into the header and footer (end of body tag) of pages. This replaces and supercedes the custom CSS feature. * The `views.custom_css` route has been removed. * Admins can now customize the content of outgoing emails and inject certain variables into email content. * The `manage.py` script can now manipulate the CTFd Configs table via the `get_config` and `set_config` commands. (e.g. `python manage.py get_config ctf_theme` and `python manage.py set_config ctf_theme core`) **Themes** * Themes should now reference the `theme_header` and `theme_footer` configs instead of the `views.custom_css` endpoint to allow for user customizations. See the `base.html` file of the core theme. **Plugins** * Make `ezq` functions available to `CTFd.js` under `CTFd.ui.ezq` **Miscellaneous** * Python imports sorted with `isort` and import order enforced * Black formatter running on a majority of Python code
Mark 2.2.3 (CTFd#1222) 2.2.3 / 2020-01-21 ================== ### This release includes a critical security fix for CTFd versions >= 2.0.0 All CTFd administrators are recommended to take the following steps: 1. Upgrade their installations to the latest version 2. Rotate the `SECRET_KEY` value 3. Reset the passwords for all administrator users **Security** * This release includes a fix for a vulnerability allowing an arbitrary user to take over other accounts given their username and a CTFd instance with emails enabled **General** * Users will receive an email notification when their passwords are reset * Fixed an error when users provided incorrect team join information
Mark 2.2.2 (CTFd#1212) 2.2.2 / 2020-01-09 ================== **General** * Add jQuery, Moment, nunjucks, and Howl to window globals to make it easier for plugins to access JS modules * Fix issue with timezone loading in config page which was preventing display of CTF times
PreviousNext