Releases: fatfreecrm/fat_free_crm
v0.20.0
- Rails 6.0 support
- A minimalistic but functional responsive layout, for use on mobile
- Bootstrap 5.0.0
- Visual improvements to UI
- Changes to color customisation - this is no longer done via configuration (settings.yml), but by CSS.
- #905 Swap from Marshal.load. Be sure to run bundle exec rake ffcrm:preference_update to migrate your users from old to new format
v0.19.2
v0.19.1
Minor gem updates
Wed Apr 04, 2021 (0.19.1)
Minor gem updates
Wed Apr 04, 2021 (0.19.0)
Important changes
Fixed XSS flaw in tags_helper
Credit Antonin Steinhauser (asteinhauser) for discovery and responsible disclosure.
Devise replaces Authlogic for user authentication
Ticket #742 replaces Authlogic with the latest Devise (4.3.0) which has wider adoption.
This change requires a database migration on the User model. Please note:
- Most User fields are renamed and can hence be rolled back. Existing Authlogic passwords will continue to work.
- Users will be forced logged out. Existing user sessions will not be kept and the fields
persistence_token, single_access_token, perishable_tokenwill be dropped from the database. - Though the migration is generally safe we recommend to make a backup of your database before migrating.
Existing OAuth broken
The Devise change will break any OAuth login plugins which depend on Authlogic.
You can configure OAuth for Devise using the guides here.
Login and user-related routes changed
The login URL routes have been changed to use the defaults of Devise.
User mailers changed
Mailers related to user password reset, etc. are changed to use the defaults of Devise.
PaperClip version updated from 5.2.1 to 6.0.0
PaperClip now only depends on aws-sdk-s3 instead of aws-sdk. For more info see thoughtbot/paperclip#2481.
Replace the Cocaine gem with Terrapin. https://github.com/thoughtbot/terrapin/ Apart from the namespace change, this is a drop in replacement.
Rails 5.2
The underlying framework is now rails 5.2.*
Ruby 2.4 deprecated
Ruby 2.4 has reached end of life and is no longer activity tested against.
Other changes
- #794 Fix defect with unpermitted params in advanced search
- 2bc6184 Remove broken support for delete links on arrays.
- #851 upgrade paper_trail
- Security fixes CVE-2019-16109, CVE-2019-16676, CVE-2019-5477, CVE-2019-16892
- Dependency updates
- Simple Form upgrades to use HTML5 and browser validations by default
v0.18.1
v0.17.3
v0.16.4
v0.15.2
v0.14.2
v0.18.0
Important changes
Mininium ruby version
#665 Support for Ruby 2.3 has been dropped, with test coverage for 2.4 and 2.5 enabled.
Swap to FactoryBot
If you consume fat free crm as an engine and re-use any factories, you'll need to upgrade to FactoryBot.
Removed methods
Lead.update_with_permissions is removed, use user_ids and group_ids inside attributes instead and call lead.update_with_account_and_lead_counters
FatFreeCRM::Permissions.save_with_permissions is removed, use user_ids and group_ids inside attributes and call save
FatFreeCRM::Permissions.update_with_permissions is removed, use user_ids and group_ids inside attributes and call update_attributes
Other changes
- CVE-2018-8048 (loofah gem)
- CVE-2018-3741 (rails-html-sanitizer gem)
- #768 Fix comment creation on entities
- #762 #764 Fix bug in select menu
- #759 Improve zero revenue display
- #753 Opportunities sort by weighted amount
- #749 Fix unsafe reflection and mass assignment