2.1.0

Full Changelog: 2.0.0...2.1.0
Project Roadmap: #39

Changes in this version:

• #421
• #422
• #423
• #424
• #427
• #430
• #374
• #407
• #436
• #437
• #439
• #448
• #446
• #446
• #468
• #469
• #470
• #471
• #473
• #474
• #315
• #465
• #447
• #464
• #475
• #479
• #480
• #481

2.0.0

Full Changelog: 1.9.0...2.0.0
Project Roadmap: #39

This release introduces compatibility-breaking changes to the User model to provide greater flexibility and efficiency in managing user accounts and passwords. For example, it replaces String columns with Datetime columns in the User model, see #203. Further, it adds support for List types when defining custom User fields by storing data as JSON, see #392. In addition, it adds last_login and last_password_change, and failed_login_attempts columns to the User model for improved password management, see #344. We also added an OldPassword table to the data model so administrators can configure password reuse policies, see #389.

More generally, we've added a number of features that make password authentication more viable. For example, admins can now configure a max number of failed login attempts before an account is disabled, see #396. In addition, administrators can now set max password age policies, see #388. Admins can also define a max session lengths before users are required to reauthenticate, #395. Finally, admins can set a max period of account inactivity before deactivation, see #408.

Beyond these fixes, this release adds support for improved dashboards. First, it allows admins to define multiple dashboards for a single form, see #409. It also allows admins to bootstrap custom plotly dashboards to their form configs, see #410.

Other fixes:

• #406
• #417

Further work can be done to simplify the libreForms abstraction layer (#27) and add viable tests (#77). Further, as this project has progressed, certain areas of the web application need to be scrubbed for bugs, cleaned up, and some cases totally rewritten. We've reflected these as issues for a future version:

• #30
• #365
• #366
• #367

Cautiously ready for production use. This major release precedes some anticipated breaking-changes to this implementation of the libreForms API (#27) in a future major version release.

1.9.0

Full Changelog: 1.8.0...1.9.0
Project Roadmap: #39

This release introduces some useful new features to make form submission easier. For example, the UI after users submit forms has been improved to allow users to submit new forms, see #375. Users can also now uploads forms as CSVs, see #184, as well as Excel Workbooks, see #378. We've given form field validators more teeth by assessing them in the front-end, see #380, as well as adding support for more descriptive validation errors, see #381. Based on lessons-learned from implementing validation in the front-end, we were able to fix problems with backend validation as well, see #383. We also implemented front-end validation for user registration fields using the regexes defined for each, see #391.

We've generally improved the RESTful API and the way that signatures and API keys work. Admins can now granularly choose whether the enable the v1 and v2 REST APIs, see #371. We implemented email-based MFA using signing keys, see #328 and #397. When users generate API keys, we render these on their user profiles, see #394. Admins can now register API keys for users, see #359.

We've significantly improved on how the admin console works. We've added an admin page to configure SAML auth, see #364. Admins can also edit users, see #316. Admins can generate new, random passwords for users, see #355 and #354, and notify users after doing so, see #379. Admins can activate and deactivate users, see #345. Additionally, we've fully implemented v2 logging and the concept of transaction IDs, see #356 and #384.

We've significantly improved on how the in-site documentation features, and PDFs more generally, work. For example, users can now download the user docs as a PDF, see #368. Admins can also pass additional assets for user documentation by storing them in the app/static/docs directory, see #369. Based on the improvements made through this process, we were also able to make to some pretty significant cosmetic improvements to PDF downloads, see #135.

Other fixes:

• #377

Further work can be done to simplify the libreForms abstraction layer (#27) and add viable tests (#77). Further, as this project has progressed, certain areas of the web application need to be scrubbed for bugs, cleaned up, and some cases totally rewritten. We've reflected these as issues for a future version:

• #30
• #365
• #366
• #367

We also need to add additional common-sense (but potentially compatibility-breaking) features to improve password-based local auth, see below:

• #203
• #344
• #388
• #389
• #395
• #396

Cautiously ready for production use. This major release precedes some anticipated breaking-changes to this implementation of the libreForms API (#27) in the next major version release.

1.8.0

Full Changelog: 1.7.0...1.8.0
Project Roadmap: #39

This release introduces the v2 REST API, with full form CRUD support, see #72. In addition, this release adds support for SAML authentication, see #7. This has been tested on AWS SSO, see #363, and Okta, see #362.

This release also adds a number of UI changes intended to improve accessibility and user experience. For example, flashed messages now appear with polite tags when they are unimportant, see #338. This release also removes cluttering fields (like DocumentID) from form summary views, see #360. It adds support for a custom logo, see #50. It now renders complex data structures in the form submission view, see #301. It adds a host of security improvements for validating password regexes and verifying password changes, see #343, #347, #348, #351.

Further work can be done to simplify the libreForms abstraction layer (#27) and add viable tests (#77).

Cautiously ready for production use. This major release precedes some anticipated breaking-changes to this implementation of the libreForms API (#27), making backwards compatibility unlikely when 2.0.0 is released.

1.7.0

Full Changelog: 1.6.0...1.7.0
Project Roadmap: #39

This release introduces a libreforms CLI bolted onto those that ship with Flask (#123). This CLI includes subcommands for adding, modifying, showing, and activating users. It also includes a wrapper for flask run that includes useful, applications-specific optimizations. It also includes a command to generate accessibility audio.

In addition, this release added support for rendering form data lookups in other forms (#239), as well as masking form field values behind apparent values (#339). It also added accessibility improvements by removing underscores from apparent metadata fields (#321), set banner politeness levels (#320), replace links with buttons (#323), including audio accessibility buttons (#324).

Further work can be done to simplify the libreForms abstraction layer (#27) and add viable tests (#77). The RESTful API can be improved by adding support for CRUD features beyond read, see #72.

Cautiously ready for production use. This major release precedes some anticipated breaking-changes to this implementation of the libreForms API (#27), making backwards compatibility unlikely when 2.0.0 is released.

1.6.0

Full Changelog: 1.5.0...1.6.0
Project Roadmap: #39

This release introduces an administrative view (#28). Specifically, it adds an @is_admin view decorator (#261), transfers the bulk user registration tool to the admin view (#262), adds an admin log view (#80), adds an admin signing key view (#81), adds an admin user / group view (#82), adds an admin SMTP view (#234), adds support for restarting the application from the admin view (#311), and adds an admin view for forms (#187). To facilitate dynamic configuration from the admin console, this release adds support for dotfile configs (#233). It also configures automatic reloads after configuration changes (#255).

Under the hood, this release adds support for form soft-deletion, which moves individual forms from COLLECTION to _COLLECTION, leveraging the design of the libreForms spec (#186). It builds this on top of a generalizable set of methods for migrating forms between different collections, which enables further flexibility after configuration changes to an application (#130).

Finally, this release adds a few improvements to look-and-feel. It adds view options for other user profiles (#298). It enables clickable user badges when users are referenced in form submissions (#299). It implements configurable docs / help pages in the client (#197). It improves the accessibility of table elements (#326).

Further work can be done to simplify the libreForms abstraction layer (#27), add viable tests (#77), and improve accessibility. The RESTful API can be improved by adding support for CRUD features beyond read, see #72. Administrative work can be significantly improved through the introduction of a command-line library to manage system operations, see #123 .

Cautiously ready for production use. This major release precedes some anticipated breaking-changes to this implementation of the libreForms API (#27), making backwards compatibility unlikely when 2.0.0 is released.

1.5.0

Full Changelog: 1.4.0...1.5.0
Project Roadmap: #39

This release significantly widens support for form approval methods, see #155. This release also makes significant improvements to the MongoDB implementation of the libreForms API. For example, it implements reserved characters for metadata fields, which it references using meta class attributes that allow for easy changing of metadata fields, and the introduction of new ones, without needing to modify the app codebase, see #195. It also improves the implementation if timestamps in the MongoDB wrapper library, see #248. Finally, this release introduces accessibility tools in the form of clickable, audio tags next to form fields and descriptions, see #283.

Further work can be done to simplify the libreForms abstraction layer (#27), add viable tests (#77), and introduce an administrative view (#28). The RESTful API can be improved by adding support for CRUD features beyond read, see #72. Administrative work can be significantly improved through the introduction of a command-line library to manage system operations, see #123, as well as through managing configuration data (including secret keys and credentials) dynamically using dotfiles, see #233.

Cautiously ready for production use. This major release precedes some anticipated breaking-changes to this implementation of the libreForms API (#27), making backwards compatibility unlikely when 2.0.0 is released.

1.4.0

Full Changelog: 1.3.0...1.4.0
Project Roadmap: #39

This release adds robust support for a form data search bar in the UI, see #244. This search bar and associated view functions query form data from the MongoDB database by default, see #254. In addition, it adds support for using elasticsearch as a robust wrapper for form data during search, see #258. This builds on the elasticsearch index developed in the previous release, see #236. In addition to regular search, this release implements fuzzy search support, see #263, as well as form access controls, see #259 and #260. Further work can be done to properly secure, see #257, and optimize, see #256 , the MongoDB search methods. Beyond search features, this release adds a number of UI improvements, including resizable_textarea form field types, see #271, immutable user field mapping to form fields, see #268. It also allows admins to specify the fields they'd like users to see when viewing summary form data in the submissions view , see #272.

Further work can be done to simplify the libreForms abstraction layer (#27), add viable tests (#77), and introduce an administrative view (#28). Form approval can be further improved by adding alternative methods of designating a form's approver, see #155. The RESTful API can be improved by adding support for CRUD features beyond read, see #72. Administrative work can be significantly improved through the introduction of a command-line library to manage system operations, see #123, as well as through managing configuration data (including secret keys and credentials) dynamically using dotfiles, see #233.

Cautiously ready for production use. This major release precedes some anticipated breaking-changes to the libreForms API (#27), making backwards compatibility unlikely when 2.0.0 is released.

1.3.0

Full Changelog: 1.2.0...1.3.0
Project Roadmap: #39

This release adds robust support for time and event triggered reports on form submissions, see #73, #190, and #191. In addition, it added support for optionally using the celery flower dashboard, see #185. It added support for running a containerized version of libreForms with docker-compose, see #198. It added optional support for indexing form data using elasticsearch, see #236, though this may be somewhat redundant with MongoDB, see #254. It fixed some issues with celery and celerybeat processes failing, see #182. It added more robust error logging throughout the application, see #194. It improved the tabular data view, see #120, and implemented a more user-friendly navbar, see #196. It added support for passing SMTP credentials in the config_overrides, instead of requiring a text file, see #216.

Further work can be done to simplify the libreForms abstraction layer (#27), add viable tests (#77), and introduce an administrative view (#28). Form approval can be further improved by adding alternative methods of designating a form's approver, see #155. The RESTful API can be improved by adding support for CRUD features beyond read, see #72. The user experience can be significantly improved by adding support for a search bar into the UI, see #244. Administrative work can be significantly improved through the introduction of a command-line library to manage system operations, see #123, as well as through managing configuration data (including secret keys and credentials) dynamically using dotfiles, see #233.

Cautiously ready for production use. This major release precedes some anticipated breaking-changes to the libreForms API (#27), making backwards compatibility unlikely when 2.0.0 is released.

1.2.0

Full Changelog: 1.1.0...1.2.0
Project Roadmap: #39

This release adds robust support for a Celery daemon, see #159 and #160. It adds context management to reduce tmpfile sprawl, see #169. It significantly changes the names of files, modules, and functions to improve clarity, see #126. It introduces the option to require password-reentry when digitally signing forms, see #167. It reorganizes the project into a separate repository for the project documentation, see #174, adding a views subdirectory for Flask views functions, see #172, and a config directory, see #173. It adds a Metadata field to capture add'l form submission details not intended for end-user consumption, see #175. It adds health check routes for alive and ready, see #171. It also saw the introduction of significantly more developer notes, see the changelog for tasks related to developer docs.

Further work can be done to simplify the libreForms abstraction layer (#27), add viable tests (#77), and introduce an administrative view (#28). Form approval can be further improved by adding alternative methods of designating a form's approver, see #155. The RESTful API can be improved by adding support for CRUD features beyond read, see #72.

Cautiously ready for production use. This major release precedes some anticipated breaking-changes to the libreForms API (#27), making backwards compatibility unlikely when 2.0.0 is released.