Skip to content

Known

Productivity & Wikis

Collaborative social publishing platform.

Track releases GitHub Website
PHP Latest 1.6.4 · 3mo ago Security brief →

Features

  • Social publishing platform
  • Async event queue for background processing
  • ActivityPub support via queued events

Recent releases

View all 2 releases →
1.6.4 Security relevant
Security fixes
  • Security: Improve image import and template validation
Full changelog

What's Changed

  • Remove notifications system by @benwerd in https://github.com/idno/idno/pull/3317
  • Fix undefined variable reference in IndiePub Revoke.php by @benwerd in https://github.com/idno/idno/pull/3318
  • Fix webmention parsing for plain strings and photo alt text by @benwerd in https://github.com/idno/idno/pull/3319
  • Fix webmention self-mention detection to compare URL paths by @benwerd in https://github.com/idno/idno/pull/3320
  • Add async event queue setup documentation to README by @benwerd in https://github.com/idno/idno/pull/3321
  • Fix webmention processing to handle mf2 data types correctly by @benwerd in https://github.com/idno/idno/pull/3322
  • Rebrand Known to Idno with backwards compatibility by @benwerd in https://github.com/idno/idno/pull/3323
  • Fix export memory issues, error handling, and add WXR format support by @benwerd in https://github.com/idno/idno/pull/3325
  • Webfinger fix for ActivityPub by @benwerd in https://github.com/idno/idno/pull/3327
  • Fix follow acceptance, enable Mastodon quoting, clarify queue docs by @benwerd in https://github.com/idno/idno/pull/3328
  • Update copyright holder in README.md by @benwerd in https://github.com/idno/idno/pull/3329
  • Fixes async queue failures by @benwerd in https://github.com/idno/idno/pull/3330
  • Fix ActivityPub follow tracking and auto-accept by @benwerd in https://github.com/idno/idno/pull/3331
  • Fixing ActivityPub transactions by @benwerd in https://github.com/idno/idno/pull/3332
  • Adding AP logging, further improvements to endpoint by @benwerd in https://github.com/idno/idno/pull/3334
  • Fix ActivityPub test suite errors: inbox GET, outbox POST, empty hand… by @benwerd in https://github.com/idno/idno/pull/3335
  • Hopeful fix for 500 errors. by @benwerd in https://github.com/idno/idno/pull/3336
  • Fixing infinite loop on follow acceptance by @benwerd in https://github.com/idno/idno/pull/3337
  • Fix infinite queue loop: dispatch save was silently failing by @benwerd in https://github.com/idno/idno/pull/3338
  • Support ActivityPub quote posts via FEP-044f by @benwerd in https://github.com/idno/idno/pull/3339
  • Add AGENTS.md for AI coding agent guidance by @benwerd in https://github.com/idno/idno/pull/3340
  • Improve ActivityPub Follow acceptance with synchronous delivery by @benwerd in https://github.com/idno/idno/pull/3341
  • Fix ActivityPub Accept activity JSON-LD compatibility by @benwerd in https://github.com/idno/idno/pull/3342
  • Security: Improve image import and template validation by @benwerd in https://github.com/idno/idno/pull/3344
  • Fix CSRF bypass enabling unauthenticated SSRF via URL unfurl endpoint by @benwerd in https://github.com/idno/idno/pull/3345

Full Changelog: https://github.com/idno/idno/compare/1.6.3...1.6.4

View release on GitHub
1.6.3 Breaking risk
Breaking changes
  • Removed documented support for Postgres
Security fixes
  • Fixed password reset security vulnerabilities
Notable features
  • Added Docker & Tailscale setup guide for local development
  • Multiple dependency bumps (e.g., symfony components, twig, tinymce) to newer major/minor versions
Full changelog

What's Changed

  • Activitypub/Sprint 1 by @mediaformat in https://github.com/idno/known/pull/3193
  • Bump npm-asset/mediaelement from 7.0.0 to 7.0.3 by @dependabot[bot] in https://github.com/idno/known/pull/3192
  • Bump symfony/http-foundation from 6.4.3 to 7.0.3 by @dependabot[bot] in https://github.com/idno/known/pull/3204
  • Bump symfony/event-dispatcher from 6.4.3 to 7.0.3 by @dependabot[bot] in https://github.com/idno/known/pull/3203
  • Bump masterminds/html5 from 2.8.1 to 2.9.0 by @dependabot[bot] in https://github.com/idno/known/pull/3215
  • Bump phpseclib/phpseclib from 3.0.35 to 3.0.37 by @dependabot[bot] in https://github.com/idno/known/pull/3208
  • Bump ramsey/uuid from 4.7.5 to 4.7.6 by @dependabot[bot] in https://github.com/idno/known/pull/3221
  • Bump symfony/event-dispatcher from 7.0.3 to 7.0.7 by @dependabot[bot] in https://github.com/idno/known/pull/3224
  • Bump symfony/http-foundation from 7.0.3 to 7.0.7 by @dependabot[bot] in https://github.com/idno/known/pull/3225
  • Bump landrok/activitypub from 0.7.1 to 0.7.2 by @dependabot[bot] in https://github.com/idno/known/pull/3212
  • Bump squizlabs/php_codesniffer from 3.8.1 to 3.9.2 by @dependabot[bot] in https://github.com/idno/known/pull/3220
  • Bump squizlabs/php_codesniffer from 3.9.2 to 3.10.1 by @dependabot[bot] in https://github.com/idno/known/pull/3235
  • Bump twig/twig from 3.8.0 to 3.10.3 by @dependabot[bot] in https://github.com/idno/known/pull/3231
  • Bump symfony/cache from 6.4.3 to 7.0.7 by @dependabot[bot] in https://github.com/idno/known/pull/3222
  • Add setup to run Known with Docker & Tailscale for local development by @jimwins in https://github.com/idno/known/pull/3240
  • Remove documented support for Postgres by @mediaformat in https://github.com/idno/known/pull/3227
  • Fix stray PHP closing tag in template by @jimwins in https://github.com/idno/known/pull/3241
  • Bump composer/installers from 2.2.0 to 2.3.0 by @dependabot[bot] in https://github.com/idno/known/pull/3250
  • Bump symfony/cache from 7.0.7 to 7.1.3 by @dependabot[bot] in https://github.com/idno/known/pull/3256
  • Bump symfony/event-dispatcher from 7.0.7 to 7.1.1 by @dependabot[bot] in https://github.com/idno/known/pull/3245
  • Bump squizlabs/php_codesniffer from 3.10.1 to 3.10.2 by @dependabot[bot] in https://github.com/idno/known/pull/3255
  • Fix the Caddyfile for Docker to include rewrite rules by @jimwins in https://github.com/idno/known/pull/3246
  • Bump npm-asset/underscore from 1.13.6 to 1.13.7 by @dependabot[bot] in https://github.com/idno/known/pull/3259
  • Bump twig/twig from 3.10.3 to 3.14.0 by @dependabot[bot] in https://github.com/idno/known/pull/3269
  • Bump vlucas/phpdotenv from 5.6.0 to 5.6.1 by @dependabot[bot] in https://github.com/idno/known/pull/3254
  • Bump symfony/cache from 7.1.3 to 7.1.5 by @dependabot[bot] in https://github.com/idno/known/pull/3267
  • Bump tinymce/tinymce from 6.8.3 to 7.4.1 by @dependabot[bot] in https://github.com/idno/known/pull/3271
  • Bump npm-asset/tinymce--tinymce-jquery from 2.0.1-patch20221215235251599 to 2.1.0 by @dependabot[bot] in https://github.com/idno/known/pull/3265
  • Bump symfony/http-foundation from 7.0.7 to 7.1.5 by @dependabot[bot] in https://github.com/idno/known/pull/3268
  • Bump npm-asset/mediaelement from 7.0.3 to 7.0.5 by @dependabot[bot] in https://github.com/idno/known/pull/3273
  • Bump symfony/console from 6.4.3 to 7.1.5 by @dependabot[bot] in https://github.com/idno/known/pull/3266
  • Bump symfony/event-dispatcher from 7.1.1 to 7.1.6 by @dependabot[bot] in https://github.com/idno/known/pull/3274
  • Bump symfony/http-foundation from 7.1.5 to 7.1.6 by @dependabot[bot] in https://github.com/idno/known/pull/3275
  • Bump symfony/cache from 7.1.5 to 7.1.6 by @dependabot[bot] in https://github.com/idno/known/pull/3277
  • Bump symfony/console from 7.1.5 to 7.1.6 by @dependabot[bot] in https://github.com/idno/known/pull/3276
  • Bump ezyang/htmlpurifier from 4.17.0 to 4.18.0 by @dependabot[bot] in https://github.com/idno/known/pull/3278
  • Bump squizlabs/php_codesniffer from 3.10.2 to 3.10.3 by @dependabot[bot] in https://github.com/idno/known/pull/3272
  • Bump twig/twig from 3.14.0 to 3.14.1 by @dependabot[bot] in https://github.com/idno/known/pull/3283
  • Bump simplepie/simplepie from 1.8.0 to 1.8.1 by @dependabot[bot] in https://github.com/idno/known/pull/3292
  • Bump symfony/console from 7.1.6 to 7.2.1 by @dependabot[bot] in https://github.com/idno/known/pull/3301
  • Bump symfony/cache from 7.1.6 to 7.2.1 by @dependabot[bot] in https://github.com/idno/known/pull/3302
  • Bump symfony/http-foundation from 7.1.6 to 7.2.0 by @dependabot[bot] in https://github.com/idno/known/pull/3299
  • Bump symfony/http-foundation from 7.2.0 to 7.2.2 by @dependabot[bot] in https://github.com/idno/known/pull/3308
  • Fix deprecation warnings by @juliend2 in https://github.com/idno/known/pull/3309
  • Bump npm-asset/eonasdan-bootstrap-datetimepicker from 6.2.10 to 6.9.11 by @dependabot[bot] in https://github.com/idno/known/pull/3285
  • Bump symfony/event-dispatcher from 7.1.6 to 7.2.0 by @dependabot[bot] in https://github.com/idno/known/pull/3298
  • Bump tinymce/tinymce from 7.4.1 to 7.6.0 by @dependabot[bot] in https://github.com/idno/known/pull/3300
  • Bump squizlabs/php_codesniffer from 3.10.3 to 3.11.2 by @dependabot[bot] in https://github.com/idno/known/pull/3305
  • Bump twig/twig from 3.14.1 to 3.18.0 by @dependabot[bot] in https://github.com/idno/known/pull/3306
  • Fix password reset security vulnerabilities by @benwerd in https://github.com/idno/known/pull/3316

New Contributors

  • @mediaformat made their first contribution in https://github.com/idno/known/pull/3193
  • @jimwins made their first contribution in https://github.com/idno/known/pull/3240
  • @juliend2 made their first contribution in https://github.com/idno/known/pull/3309

Full Changelog: https://github.com/idno/known/compare/1.6.2...1.6.3

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
1,115
Forks
197
Languages
PHP CSS SCSS
View on GitHub Homepage Documentation

Community & Support

Community

Similar tools

Ech0
Elgg
Superdesk
OSSN
Collective Access - Providence

Beta — feedback welcome: [email protected]