Changelog History
Page 1
-
v3.0.0 Changes
CIDRAM v3 branches from v2 at v2.8.0 (2022.02.14).
๐ At the time of branching, CIDRAM's changelog was more than 2,300 lines long and was becoming difficult to read due to both its length and its format. To improve readability, I've decided to clear out the old changelogs from the v3 branch, and to switch from plain-text format to markdown format from v3 onward. The old changelogs will continue at previous branches and remain accessible from there.
Backwards-incompatible changes.
- โ Removed support for webfonts (this expands upon other changes made in the past in response to potential legal concerns; #66).
- โ Removed support for INI files in favour of using just YAML files instead (this is necessary because of changes to the configuration directives available made for v3 and how those changes are intended to work for v3).
- Reorganised how CIDRAM handles L10N data.
- ๐ Configuration directives
hide_version
,empty_fields
,omit_ip
,omit_hostname
, andomit_ua
have been replaced by a new configuration directive,fields
. The new configuration directive is capable of providing the same functionality provided previously, as well as some other, new, related functionality. - ๐ฒ Configuration directives
error_log_stages
andtrack_mode
have been replaced by a new configuration directive,stages
. The new configuration directive is capable of providing the same functionality provided previously, as well as some other, new, related functionality (#208, #211). - Configuration directive
statistics
has been changed from a boolean to a checkbox, to enable users to specify exactly which statistics they want to track. It's also now possible to track non-blocked requests (#204). - ๐ง Configuration directive
maintenance_mode
removed. "Maintenance mode" is now implicit (determined by which execution stages are enabled), rather than explicit (determined by its own configuration directive). - Configuration directive
forbid_on_block
has been renamed tohttp_response_header_code
(#136, #139). - Default value for
http_response_header_code
has been changed to403
. - ๐ฑ Reorganised CIDRAM's file structure, non-executable assets separated into their own directory (front-end and core alike) plus various other small structural changes.
- 0๏ธโฃ Flags.css is now bundled as part of the front-end and thus installed by default, instead of being its own component and not installed by default as was the case before.
- Caching has been unified. Instead of the front-end having its own, separate cache file (frontend.dat), it now just uses CIDRAM's main cache system, and the "frontend.dat" and "frontend.dat.safety" files don't exist anymore.
- ๐ง Completely overhauled the login, sessions, and accounts management system. Account information is now stored within the CIDRAM configuration file, and session information is now handled by CIDRAM's main cache system.
- ๐ Moved all the signature files and modules to their own dedicated directories.
- ๐ง Front-end configuration directives split off to their own category, and it's now possible to set the default themes/templates for the front-end and other generated output (e.g., block event page) separately.
- โ Removed some of the backwards-compatibility code for older themes/templates.
- ๐ URLs for remotes are now specified by the configuration, instead of by the components metadata. New configuration directive
remotes
added accordingly. - All available CIDRAM themes are to be bundled with CIDRAM as of v3 onward.
- ๐ CIDRAM won't have predefined entrypoints anymore. From v3 onward, you can specify your entrypoints wherever and however you want (details about how to do this will be included in the documentation and applicable installation instructions).
- The
disable_frontend
andprotect_frontend
configuration directives have been removed. These directives would be irrelevant for v3, because whether the front-end is "disabled" or "protected" for v3 onward would depend entirely on how you build your entrypoints. - ๐ง Configuration directive
config_imports
has been renamed toimports
, and along with the configuration directivesipv4
,ipv6
,modules
, andevents
, has been moved to a new configuration category,components
. - ๐ง The
default_dns
configuration directive, and allcomponents
configuration directives (ipv4
,ipv6
,modules
,imports
,events
), now delimit entries by newlines (\x0A), no longer delimiting by commas, thus having them behave more naturally as "lists". - ๐ง Component supplementary configuration can no longer be loaded implicitly, and must now be listed explicitly as an import entry in order to be loaded.
- ๐ Component type can no longer be implicitly discerned from its description, and must now be declared explicitly by its metadata.
- ๐ The overall structure of the CIDRAM codebase has been rearranged, made more classful, and namespaced in entirety, its file structure completely rewritten, no more functions files or similar, said parts of the codebase now existing as traits or classes wherever appropriate in order to better facilitate entrypoint changes and a better API experience.
- ๐ The updater and its internal workings, as well as the overall structure of components metadata, have been completely reworked and rewritten (although with very limited UI changes). Those supplying remotes to the public will need to update their formatting accordingly (the general userbase outside of that won't need to be concerned about these changes).
- Configuration directive
enable_two_factor
has been moved from thephpmailer
configuration category to thefrontend
configuration category. - PHPMailer further decoupled from the main CIDRAM codebase. Various hooks and bridges between CIDRAM and PHPMailer are now handled by event handlers rather than through hardcoding.
- ๐ Moved all the event handlers and imports to their own dedicated directories.
- Most (but not all) available CIDRAM modules are to be bundled with CIDRAM as of v3 onward.
- There's no longer any need for an external API or CLI script for CIDRAM, as these are both bundled into CIDRAM itself as of v3 onward.
- Configuration directives
max_login_attempts
andsignatures_update_event_log
have been moved from thegeneral
configuration category to thefrontend
configuration category. - ๐ฒ Configuration directives
standard_log
,apache_style_log
,serialised_log
,error_log
,truncate
,log_rotation_limit
,log_rotation_action
,log_banned_ips
, andlog_sanitisation
have been moved to a new configuration category,logging
. - ๐ง Configuration directives for CAPTCHA logging have been renamed.
- Configuration directives
search_engines
,social_media
, andother
have been moved to a new configuration category,verification
. - Configuration directives
block_attacks
,block_cloud
,block_bogons
,block_generic
,block_legal
,block_malware
,block_proxies
, andblock_spam
have been replaced by a new configuration directive,shorthand
. The new configuration directive is capable of providing the same functionality provided previously, as well as some other, new, related functionality. - ๐ง Configuration can't be injected directly via globals anymore. Instead, paths to files containing any configuration external to CIDRAM's own configuration files can now be specified via the Core's constructor.
๐ Bugs fixed.
- ๐ Some specific files were being misclassified by the file manager; Fixed.
- ๐ HCaptcha class was sending invalid headers when generating output; Fixed (#293).
- ๐ Wrong CSP headers being set by the HCaptcha class; Fixed (#294).
- ๐ Fixed a bottleneck caused by the ReadFile closure (since v3, the readFile method).
- The
nonblocked_status_code
configuration directive wasn't displaying as intended at the front-end configuration page; Fixed. - ๐ฑ Instead of "GMT", the "Last modified" header given for front-end assets specified "+0000", which some browsers don't understand properly; Fixed.
- โ When using the front-end IP test page, hostnames sometimes weren't looked up properly under some conditions; Fixed (#313).
Other changes.
- ๐ Improved IP address resolution strategy (#286).
- 0๏ธโฃ Changed the
enable_apcu
default value totrue
and theprefix
default value toCIDRAM_
. - ๐ง Checkbox configuration directives are now delimited in the configuration by newlines instead of commas.
- ๐ง The
Output
stage of the execution chain has been split into four distinct, separate stages for easier configurability and control. - โ Added a mechanism to the front-end IP test and IP tracking pages to enable the copying of IPs displayed there.
- โ Added a copy mechanism for the output of all range-based pages.
- Added two new configuration directives,
block_event_title
andcaptcha_title
, allowing users to customise the page title used for block events and CAPTCHA requests (#216). - โ Added a "dry run mode" (determined by which execution stages are enabled). While in dry run mode, requests are still checked and logged as block events as per usual, but nothing is blocked (#98, #221).
- โ Added warnings for when the IP tests, modules, or page termination stages are disabled, and for when there aren't any active signature files (as long as the IP tests stage is enabled) or any active modules (as long as the modules stage is enabled).
- The calculator (previously, the "CIDR calculator") now shows both CIDRs and netmasks.
- At the range tables page, show the IPv4/IPv6 totals side by side, for easier comparison between the two.
- โ Removed some unused file manager icons and slightly simplified its logic.
- โ Added a JavaScript warning to the front-end login.
- โ Front-end warnings have been hidden from non-logged in users.
- โ Made the warnings/notices at the front-end accounts page slightly smaller.
- The aggregator has been decoupled from its internal references to the CIDRAM working data, bringing it more in line with its stand-alone counterpart.
- โ Added the copy SVG to the front-end signature file fixer page.
- ๐ Improved log identification strategy.
- Following symlinks for RecursiveDirectoryIterator instances enabled.
- ๐ Slightly improved RTL support.
- โ Added the ability to enable/disable auxiliary rules (#318).
- The path to the cache file can now be customised.
- โ Made IPs at the IP test page searchable.
- โก๏ธ At the updater, when a checksum error occurs, the difference between the actual and the expected will be displayed now.
- ๐ Confirmation is now sought before engaging an attempt to delete an auxiliary rule, and the option moved to the far right to reduce the risk of engaging by accident (#333).
- โ Added the ability to reset specific parts of the configuration back to their defaults (#331).
- โ Added L10N support for some additional languages.
-
v2.4.4 Changes
October 05, 2020๐ Version/Release 2.4.4
โก๏ธ [2020.07.12; Maikuolan]: Added a major version checker to the front-end updates page.
๐ [2020.07.13; Bug-fix; Maikuolan]: PHPMailer notifications would encode incorrectly when dealing with non-ANSI data (i.e., when using languages other than English); Fixed.
โก๏ธ [2020.07.13; Bug-fix; Maikuolan]: Possible problem found with IsActivable when updating certain components via the front-end updates page; Fixed.
โก๏ธ [2020.07.23; Maikuolan]: Updated channels.
[2020.07.31; Maikuolan]: Improved the way that the (generated by ...) notice, displayed at the footer of HTML pages, is rendered.
[2020.08.04; Maikuolan]: Addressed a potential compatibility problem with installations where PHP has its output proxied through to a different host. Also slightly improved the aesthetics of the front-end, and changed the logout link to a logout button.
๐จ [2020.08.06; Maikuolan]: Addressed a potential problem with calculating the number of bytes removed when updating components and slightly refactored the front-end functions file.
[2020.09.24; Maikuolan]: Added the option to the auxiliary rules to forcibly disable IP tracking.
๐ [2020.09.30; Maikuolan]: Synced up common classes.
[2020.10.05; Maikuolan]: Very minor aesthetic fix.
Caleb M (Maikuolan),
October 5, 2020. -
v2.4.3 Changes
July 03, 2020๐ Version/Release 2.4.3
โก๏ธ [2020.06.20; Bug-fix; Maikuolan]: Logs were being written to the wrong directory in some cases due to the way that paths were being reconstructed; Fixed. Also improved some updates page guard code.
[2020.06.30; Maikuolan]: Added the ability for auxiliary rules conditions to be optionally matched via (not-)(greater|less)-than(-or-equal-to) operators.
๐จ [2020.07.03; Maikuolan]: Performed some minor refactoring.
Caleb M (Maikuolan),
July 3, 2020. -
v2.4.2 Changes
June 19, 2020๐ Version/Release 2.4.2
[2020.05.07; Maikuolan]: Some very minor aesthetic improvements.
๐ง [2020.05.16; Maikuolan]: Slightly improved the safety of some included hyperlinks by way of including rel tags like noopener, noreferrer, external. Added the ability for configuration defaults to define regular expressions to be applied to their own values through preg_replace, thus complimenting the existing auto-typing functionality (CIDRAM won't yet be using this functionality for its own configuration defaults, but it is added with the intent to provide a mechanism by which modules may be able to provide additional safeguards of their own against bad configuration values).
๐ [2020.05.28; Bug-fix; Maikuolan]: The front-end accounts page was incorrectly reporting argon2id passwords as invalid; Fixed.
๐ง [2020.06.02; Maikuolan]: Worked on some more minor aesthetic improvements. Also added some configuration filters (based on the work done last month) to some specific potentially error-prone configuration directives to help reduce the risk of erroneous values being specified there.
โก๏ธ [2020.06.03; Maikuolan]: The IP test page will now show when an IP belongs to an ignored signature section, regardless of whether that IP is blocked (this is to aid users checking IP addresses before suggesting them as new additions to ensure that they aren't already listed). Slightly strengthened the sanity checks performed by the front-end updates page when it verifies components.
โก๏ธ [2020.06.07; Maikuolan]: Very slightly improved the logic at the front-end updates page for determining whether a component is active or inactive.
[2020.06.11; Maikuolan]: Slightly improved some PHPDoc annotations.
๐จ [2020.06.15; Maikuolan]: Performed some minor refactoring.
[2020.06.17; Maikuolan]: Strengthened some guard code (the potential existed for some edge-case errors to occasionally slip through the existing code).
๐ [2020.06.19; Bug-fix; Maikuolan]: Logging broken due to missing parameter in the preg_split call in the recently introduced BuildPath closure; Fixed.
Caleb M (Maikuolan),
June 19, 2020. -
v2.4.1 Changes
May 01, 2020๐ Version/Release 2.4.1
โก๏ธ [2020.04.04; Maikuolan]: Updated the execution chain as such that a whitelist action performed from within a module can immediately terminate any further processing of modules for the given request. Updated the front-end configuration page as so that some basic formatting and normalisation of dropdown menu options will now occur when possible.
๐จ [2020.04.13; Maikuolan]: Performed some minor refactoring. Also added some code to allow modules to install their own class dependencies when installing/updating, when needed.
โก๏ธ [2020.04.24; Maikuolan]: Reworked the auxiliary rules interface, changing the structure and layout to hopefully make it somewhat more intuitive and easier to use. Added the ability for auxiliary rules to override the default HTTP status code provided to blocked requests on a per-rule basis. Added the ability to attach webhooks to auxiliary rules. Added the ability to create auxiliary rules to redirect requests elsewhere without blocking them. Added the ability for auxiliary rules to mark requests for use with reCAPTCHA and to suppress output templates. Reworked the webhooks system to make it a little cleaner and to provide the ability for multiple webhooks to be triggered per request. Updated the IP test page to display when a tested IP raises a flag (e.g., marked for use with reCAPTCHA, suppress output template, don't log, etc).
Caleb M (Maikuolan),
May 1, 2020. -
v2.4.0 Changes
March 01, 2020๐ Version/Release 2.4.0
๐ [2020.01.01; Bug-fix; Maikuolan]: The cache handler's PDO query template for deleting expired cache entries was malformed; Fixed.
๐ [2020.01.11; Bug-fixes; Maikuolan]: Syntactically invalid IPv6 addresses could be potentially accepted or produced by the aggregator, the CIDR calculator, or the range subtractor in some obscure circumstances due an insufficiently bound regular expression; Fixed. The range subtractor occasionally wasn't producing the correct differences when IPv6 ranges and addresses with sufficiently contracted shortforms were supplied for subtraction; Fixed.
0๏ธโฃ [2020.01.11; Maikuolan]: Added social media verification support for Facebook external hit requests (requires an ASN lookup facility in order to work correctly; the BGPView module can be used for this purpose). Added the ability for CIDRAM to cache module objects in order to prevent superfluous IO operations to module files. This is similar to the way that files associated with 'Run' parameters can already be cached. Added ASNLookup and CCLookup as silent BlockInfo fields (not populated by default, but can be populated by an appropriate facility, leveraged by modules, search engine and social verification, etc).
๐ง [2020.01.12; Bug-fix; Maikuolan]: Found and fixed a small typo in the choice filter for the default_algo configuration directive.
๐ [2020.01.13; Bug-fix; Maikuolan]: Repair was always failing, specifically for just the very first component to appear in any particular components metadata file; Fixed.
[2020.01.24; Maikuolan]: Added the ability to graphically represent the currently active signatures files as a dynamic image at the front-end range tables page.
๐จ [2020.01.25; Maikuolan]: Performed some minor refactoring.
โก๏ธ [2020.02.02; Maikuolan]: Added a new configuration directive, "exceptions", to provide a way to exempt whitelisted requests, and verified search engine and social media requests, from being rate limited (for when rate limiting is enabled). Added the ability to create auxiliary rules on the basis of ASN lookups, country code lookups, and verified identities (i.e., positive returns from search engine and social media verification). Updated the IP test page as to be able to identify ignored sections and signatures.
๐ [2020.01.25; Maikuolan]: Dropped Teoma support from search engine verification (it's completely dead) and added support for Qwantify/Bleriot.
๐ [2020.02.13; Bug-fix; Maikuolan]: Fixed an undefined index error.
๐จ [2020.02.08/29; Maikuolan]: Performed some minor refactoring.
Caleb M (Maikuolan),
March 1, 2020. -
v1.17.4 Changes
October 05, 2020๐ Version/Release 1.17.4
โก๏ธ [2020.07.12; Maikuolan]: Added a major version checker to the front-end updates page.
๐ [2020.07.13; Bug-fix; Maikuolan]: PHPMailer notifications would encode incorrectly when dealing with non-ANSI data (i.e., when using languages other than English); Fixed.
โก๏ธ [2020.07.13; Bug-fix; Maikuolan]: Possible problem found with IsActivable when updating certain components via the front-end updates page; Fixed.
โก๏ธ [2020.07.23; Maikuolan]: Updated channels.
[2020.07.31; Maikuolan]: Improved the way that the (generated by ...) notice, displayed at the footer of HTML pages, is rendered.
[2020.08.04; Maikuolan]: Addressed a potential compatibility problem with installations where PHP has its output proxied through to a different host. Also slightly improved the aesthetics of the front-end, and changed the logout link to a logout button.
๐จ [2020.08.06; Maikuolan]: Addressed a potential problem with calculating the number of bytes removed when updating components and slightly refactored the front-end functions file.
[2020.09.24; Maikuolan]: Added the option to the auxiliary rules to forcibly disable IP tracking.
๐ [2020.09.30; Maikuolan]: Synced up common classes.
[2020.10.05; Maikuolan]: Very minor aesthetic fix.
Caleb M (Maikuolan),
October 5, 2020. -
v1.17.3 Changes
July 03, 2020๐ Version/Release 1.17.3
โก๏ธ [2020.06.20; Bug-fix; Maikuolan]: Logs were being written to the wrong directory in some cases due to the way that paths were being reconstructed; Fixed. Also improved some updates page guard code.
[2020.06.30; Maikuolan]: Added the ability for auxiliary rules conditions to be optionally matched via (not-)(greater|less)-than(-or-equal-to) operators.
๐จ [2020.07.03; Maikuolan]: Performed some minor refactoring.
Caleb M (Maikuolan),
July 3, 2020. -
v1.17.2 Changes
June 19, 2020๐ Version/Release 1.17.2
[2020.05.07; Maikuolan]: Some very minor aesthetic improvements.
๐ง [2020.05.16; Maikuolan]: Slightly improved the safety of some included hyperlinks by way of including rel tags like noopener, noreferrer, external. Added the ability for configuration defaults to define regular expressions to be applied to their own values through preg_replace, thus complimenting the existing auto-typing functionality (CIDRAM won't yet be using this functionality for its own configuration defaults, but it is added with the intent to provide a mechanism by which modules may be able to provide additional safeguards of their own against bad configuration values).
๐ [2020.05.28; Bug-fix; Maikuolan]: The front-end accounts page was incorrectly reporting argon2id passwords as invalid; Fixed.
๐ง [2020.06.02; Maikuolan]: Worked on some more minor aesthetic improvements. Also added some configuration filters (based on the work done last month) to some specific potentially error-prone configuration directives to help reduce the risk of erroneous values being specified there.
โก๏ธ [2020.06.03; Maikuolan]: The IP test page will now show when an IP belongs to an ignored signature section, regardless of whether that IP is blocked (this is to aid users checking IP addresses before suggesting them as new additions to ensure that they aren't already listed). Slightly strengthened the sanity checks performed by the front-end updates page when it verifies components.
โก๏ธ [2020.06.07; Maikuolan]: Very slightly improved the logic at the front-end updates page for determining whether a component is active or inactive.
[2020.06.11; Maikuolan]: Slightly improved some PHPDoc annotations.
๐จ [2020.06.15; Maikuolan]: Performed some minor refactoring.
[2020.06.17; Maikuolan]: Strengthened some guard code (the potential existed for some edge-case errors to occasionally slip through the existing code).
๐ [2020.06.19; Bug-fix; Maikuolan]: Logging broken due to missing parameter in the preg_split call in the recently introduced BuildPath closure; Fixed.
Caleb M (Maikuolan),
June 19, 2020. -
v1.17.1 Changes
May 01, 2020๐ Version/Release 1.17.1
โก๏ธ [2020.04.04; Maikuolan]: Updated the execution chain as such that a whitelist action performed from within a module can immediately terminate any further processing of modules for the given request. Updated the front-end configuration page as so that some basic formatting and normalisation of dropdown menu options will now occur when possible.
๐จ [2020.04.13; Maikuolan]: Performed some minor refactoring. Also added some code to allow modules to install their own class dependencies when installing/updating, when needed.
โก๏ธ [2020.04.24; Maikuolan]: Reworked the auxiliary rules interface, changing the structure and layout to hopefully make it somewhat more intuitive and easier to use. Added the ability for auxiliary rules to override the default HTTP status code provided to blocked requests on a per-rule basis. Added the ability to attach webhooks to auxiliary rules. Added the ability to create auxiliary rules to redirect requests elsewhere without blocking them. Added the ability for auxiliary rules to mark requests for use with reCAPTCHA and to suppress output templates. Reworked the webhooks system to make it a little cleaner and to provide the ability for multiple webhooks to be triggered per request. Updated the IP test page to display when a tested IP raises a flag (e.g., marked for use with reCAPTCHA, suppress output template, don't log, etc).
Caleb M (Maikuolan),
May 1, 2020.