CHANGES.md 6.76 KB
Newer Older
Stephane Glondu's avatar
Stephane Glondu committed
1
1.8 (2018-02-04)
Stephane Glondu's avatar
Stephane Glondu committed
2 3 4
================

 * Add the possibility to override sendmail via an environment variable
Stephane Glondu's avatar
Stephane Glondu committed
5
 * Use SOURCE_DATE_EPOCH if available
Stephane Glondu's avatar
Stephane Glondu committed
6 7 8 9 10 11 12
 * Use opam 2.0.0 in bootstrap script
 * Web server:
   + Add some automated tests
   + Add the possibility to create administrator accounts
   + Add booth preview
   + Add automatic open / close dates
   + Unhide support for threshold decryption
Stephane Glondu's avatar
Stephane Glondu committed
13 14 15 16
   + Fixed a bug that caused some elections to not appear in the
     administrator's listing when the election pool is big
   + Force the server to be a trustee in basic mode
   + Record in trustee public keys whether the server has the private key
Stephane Glondu's avatar
Stephane Glondu committed
17

Stephane Glondu's avatar
Stephane Glondu committed
18 19 20 21 22 23 24 25 26 27 28
1.7.1 (2018-12-05)
==================

 * Do not output spurious empty lines in records file (bugfix: voting
   records and missing voters were not working)
 * More explicit checklist in election validation page
 * Avoid sending password/credential emails when name has not been
   edited
 * Avoid hidden parameters in some services that are meant to be usable
   from non-web clients

Stephane Glondu's avatar
Stephane Glondu committed
29
1.7 (2018-11-26)
Stephane Glondu's avatar
Stephane Glondu committed
30 31 32 33 34 35 36 37
================

 * Add automatic data archival/deletion policy
 * Do not allow election validation if some items have not been edited
 * Trustees can load their private key from a file
 * Do no longer rely on Ocsipersist
 * Port to OCaml 4.06.1 and Eliom 6.3.0
 * Re-seed LwtRandom prng every 30 minutes
Stephane Glondu's avatar
Stephane Glondu committed
38
 * Add a placeholder for warnings/announcements
Stephane Glondu's avatar
Stephane Glondu committed
39

Stephane Glondu's avatar
Stephane Glondu committed
40
1.6 (2018-06-13)
Stephane Glondu's avatar
Stephane Glondu committed
41 42 43 44 45 46 47
================

 * Add (optional) contact info in emails sent by the server
 * Use base 58 tokens as UUIDs for shorter URLs (optional)
 * Add (optional) return path to mails sent by server
 * Show personal data processing notice to election administrators
 * Fix password regeneration when explicit usernames are used
Stephane Glondu's avatar
Stephane Glondu committed
48 49
 * Make the booth independent of the server and usable offline
 * Internationalize error messages
Stephane Glondu's avatar
Stephane Glondu committed
50

Stephane Glondu's avatar
Stephane Glondu committed
51 52 53 54 55 56 57 58 59 60 61 62
1.5 (2017-12-13)
================

 * Add support for threshold decryption (experimental)
 * Fix bias in random sampling
 * Web server:
   + Add possibility to define the server e-mail address in config
   + Add possibility to explicitly add the server itself as a trustee
   + Add possibility to destroy elections in setup mode
   + Avoid new tabs and use download links
   + Add config option for "contact us" link on admin login page

Stephane Glondu's avatar
Stephane Glondu committed
63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
1.4 (2017-04-05)
================

 * Add a debug mode, which has the possibility to use /dev/urandom as
   source of entropy
 * Check encrypted tally in "belenios-tool verify"
 * Add a sample script to send credentials
 * Web server:
   + Introduce a limit on the number of mails sent at once. This
     effectively limits the number of voters in the general case.
   + Give a link to the future election to the credential authority and
     trustees
   + For each mailto template, add a direct link. This makes life easier
     for situations where complex mailto links are not supported.

1.3 (2017-02-01)
79
================
Stephane Glondu's avatar
Stephane Glondu committed
80 81

 * Add support for blank votes
82
 * More diagnostics in verify-diff
Stephane Glondu's avatar
Stephane Glondu committed
83 84 85
 * Web server:
   + Do not log out of CAS
   + Automatically log out after a vote
86
   + Add Italian translation
Stephane Glondu's avatar
Stephane Glondu committed
87

Stephane Glondu's avatar
Stephane Glondu committed
88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
1.2 (2016-10-05)
================

 * Change the default group parameters to avoid possible
   trapdoors. The new ones are generated using FIPS 186-4.
 * Web server:
   + The administrator can choose the language(s) of mails sent by the
     server
   + The administrator can import trustees from a previous election
   + Question editor: it is now possible to insert and remove
     questions and answers anywhere
   + Add Romanian translation
 * Command-line tool:
   + Add --url option to election subcommands (in particular verify)
   + Add a "verify-diff" command to belenios-tool

Stephane Glondu's avatar
Stephane Glondu committed
104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119
1.1 (2016-07-25)
================

 * Web server:
   + Internationalization of voter-facing interfaces
     - add French and German translations
   + Add a confirmation page for election finalization
   + Add cookie disclaimer
   + Add templates for mails to trustees
   + Add the Belenios logo and use www.belenios.org in links
   + Add OpenID Connect authentication for administrators
 * Command-line tool:
   + Issue a proper warning when a result is missing
   + Support result files where decryption factors are not in the same
     order as trustee public keys

Stephane Glondu's avatar
Stephane Glondu committed
120 121 122 123
1.0 (2016-04-22)
================

 * Many changes in the web server:
Stephane Glondu's avatar
Stephane Glondu committed
124
   + Add election_missing_voters: it is now possible to see the list of
Stephane Glondu's avatar
Stephane Glondu committed
125 126 127 128 129 130
     people who did not vote (new link in election administration
     page).
   + Hide the login box when it is not relevant: We do no longer show
     login links in the top right hand corner of the page. The voter
     is automatically invited to log in when he is about to cast a
     vote.
Stephane Glondu's avatar
Stephane Glondu committed
131
   + Do no longer show warning when window.crypto is unavailable (this
Stephane Glondu's avatar
Stephane Glondu committed
132 133 134 135 136 137 138
     warning appeared on IE8).
   + In admin page, show tallied elections in a new section.
   + In admin page, sort (finalized) elections by finalization time.
   + Add a form to regenerate and mail a password.
   + Generating trustee keys is more resilient to momentary lack of
     entropy.
   + Change default question to make the blank choice explicit.
Stephane Glondu's avatar
Stephane Glondu committed
139
   + Print number of accepted ballots on the result page.
Stephane Glondu's avatar
Stephane Glondu committed
140 141 142 143 144 145 146 147 148 149 150 151 152
   + Add the possibility to specify a login attached to an email
     address. E-mail address and logins must be specified in the
     following way: foo@example.com,login. When login is not
     specified, the address is used as login. This feature is useful
     mainly for CAS authentication.
   + Voters (and passwords) can be imported from another (finalized)
     election.
   + Send a confirmation email after a successful vote.
   + Add a new notion of "archived" elections.
   + Pretty page for records.
   + An e-mail address can be attached to trustees.
   + Do not propose dummy authentication for new elections.

Stephane Glondu's avatar
Stephane Glondu committed
153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173
0.2 (2014-04-09)
================

 * Major overhaul of the web server:
   + changes in configuration items
   + cleaner isolation between elections
   + add per-site and per-election administration pages
   + elections imported from the configuration file must be explicitly
     listed (no more directory scanning)
   + authentication is more modular
   + changes in CAS authentication method:
     - invoke credential requestor with `renew=true`
     - do not assume CAS paths start with `/cas/`
   + change in the password authentication method:
     - the password file must be uploaded via the web server (no more
       reading on-disk file) before the method is used for the first
       time
   + automatic logout after successful ballot casting
   + online creation of election
 * Remove hardcoded default group

174 175 176 177 178 179 180 181 182 183 184 185
0.1.1 (2014-02-13)
==================

 * New subcommands in belenios-tool: "mkelection" and "election vote"
 * Add a demo (bash) script to simulate a whole election
 * Prettier URLs for election pseudo-files
 * Fix compatibility with reverse-proxies

0.1 (2014-01-13)
================

 * First public release