CHANGES.md 7.06 KB
Newer Older
Stephane Glondu's avatar
Stephane Glondu committed
1 2 3 4 5 6 7 8 9 10 11 12
1.9 (2019-05-28)
================

 * Fix use of SOURCE_DATE_EPOCH
 * Web server:
   + Fix a bug that seldom caused the server to not perform its
     partial decryption
   + Check that cookies are not blocked on ballot submission
   + Add the possibility to temporarily hide the result from the
     public

1.8 (2019-02-04)
Stephane Glondu's avatar
Stephane Glondu committed
13 14 15
================

 * Add the possibility to override sendmail via an environment variable
Stephane Glondu's avatar
Stephane Glondu committed
16
 * Use SOURCE_DATE_EPOCH if available
Stephane Glondu's avatar
Stephane Glondu committed
17 18 19 20 21 22 23
 * Use opam 2.0.0 in bootstrap script
 * Web server:
   + Add some automated tests
   + Add the possibility to create administrator accounts
   + Add booth preview
   + Add automatic open / close dates
   + Unhide support for threshold decryption
Stephane Glondu's avatar
Stephane Glondu committed
24 25 26 27
   + Fixed a bug that caused some elections to not appear in the
     administrator's listing when the election pool is big
   + Force the server to be a trustee in basic mode
   + Record in trustee public keys whether the server has the private key
Stephane Glondu's avatar
Stephane Glondu committed
28

Stephane Glondu's avatar
Stephane Glondu committed
29 30 31 32 33 34 35 36 37 38 39
1.7.1 (2018-12-05)
==================

 * Do not output spurious empty lines in records file (bugfix: voting
   records and missing voters were not working)
 * More explicit checklist in election validation page
 * Avoid sending password/credential emails when name has not been
   edited
 * Avoid hidden parameters in some services that are meant to be usable
   from non-web clients

Stephane Glondu's avatar
Stephane Glondu committed
40
1.7 (2018-11-26)
Stephane Glondu's avatar
Stephane Glondu committed
41 42 43 44 45 46 47 48
================

 * Add automatic data archival/deletion policy
 * Do not allow election validation if some items have not been edited
 * Trustees can load their private key from a file
 * Do no longer rely on Ocsipersist
 * Port to OCaml 4.06.1 and Eliom 6.3.0
 * Re-seed LwtRandom prng every 30 minutes
Stephane Glondu's avatar
Stephane Glondu committed
49
 * Add a placeholder for warnings/announcements
Stephane Glondu's avatar
Stephane Glondu committed
50

Stephane Glondu's avatar
Stephane Glondu committed
51
1.6 (2018-06-13)
Stephane Glondu's avatar
Stephane Glondu committed
52 53 54 55 56 57 58
================

 * Add (optional) contact info in emails sent by the server
 * Use base 58 tokens as UUIDs for shorter URLs (optional)
 * Add (optional) return path to mails sent by server
 * Show personal data processing notice to election administrators
 * Fix password regeneration when explicit usernames are used
Stephane Glondu's avatar
Stephane Glondu committed
59 60
 * Make the booth independent of the server and usable offline
 * Internationalize error messages
Stephane Glondu's avatar
Stephane Glondu committed
61

Stephane Glondu's avatar
Stephane Glondu committed
62 63 64 65 66 67 68 69 70 71 72 73
1.5 (2017-12-13)
================

 * Add support for threshold decryption (experimental)
 * Fix bias in random sampling
 * Web server:
   + Add possibility to define the server e-mail address in config
   + Add possibility to explicitly add the server itself as a trustee
   + Add possibility to destroy elections in setup mode
   + Avoid new tabs and use download links
   + Add config option for "contact us" link on admin login page

Stephane Glondu's avatar
Stephane Glondu committed
74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89
1.4 (2017-04-05)
================

 * Add a debug mode, which has the possibility to use /dev/urandom as
   source of entropy
 * Check encrypted tally in "belenios-tool verify"
 * Add a sample script to send credentials
 * Web server:
   + Introduce a limit on the number of mails sent at once. This
     effectively limits the number of voters in the general case.
   + Give a link to the future election to the credential authority and
     trustees
   + For each mailto template, add a direct link. This makes life easier
     for situations where complex mailto links are not supported.

1.3 (2017-02-01)
90
================
Stephane Glondu's avatar
Stephane Glondu committed
91 92

 * Add support for blank votes
93
 * More diagnostics in verify-diff
Stephane Glondu's avatar
Stephane Glondu committed
94 95 96
 * Web server:
   + Do not log out of CAS
   + Automatically log out after a vote
97
   + Add Italian translation
Stephane Glondu's avatar
Stephane Glondu committed
98

Stephane Glondu's avatar
Stephane Glondu committed
99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114
1.2 (2016-10-05)
================

 * Change the default group parameters to avoid possible
   trapdoors. The new ones are generated using FIPS 186-4.
 * Web server:
   + The administrator can choose the language(s) of mails sent by the
     server
   + The administrator can import trustees from a previous election
   + Question editor: it is now possible to insert and remove
     questions and answers anywhere
   + Add Romanian translation
 * Command-line tool:
   + Add --url option to election subcommands (in particular verify)
   + Add a "verify-diff" command to belenios-tool

Stephane Glondu's avatar
Stephane Glondu committed
115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130
1.1 (2016-07-25)
================

 * Web server:
   + Internationalization of voter-facing interfaces
     - add French and German translations
   + Add a confirmation page for election finalization
   + Add cookie disclaimer
   + Add templates for mails to trustees
   + Add the Belenios logo and use www.belenios.org in links
   + Add OpenID Connect authentication for administrators
 * Command-line tool:
   + Issue a proper warning when a result is missing
   + Support result files where decryption factors are not in the same
     order as trustee public keys

Stephane Glondu's avatar
Stephane Glondu committed
131 132 133 134
1.0 (2016-04-22)
================

 * Many changes in the web server:
Stephane Glondu's avatar
Stephane Glondu committed
135
   + Add election_missing_voters: it is now possible to see the list of
Stephane Glondu's avatar
Stephane Glondu committed
136 137 138 139 140 141
     people who did not vote (new link in election administration
     page).
   + Hide the login box when it is not relevant: We do no longer show
     login links in the top right hand corner of the page. The voter
     is automatically invited to log in when he is about to cast a
     vote.
Stephane Glondu's avatar
Stephane Glondu committed
142
   + Do no longer show warning when window.crypto is unavailable (this
Stephane Glondu's avatar
Stephane Glondu committed
143 144 145 146 147 148 149
     warning appeared on IE8).
   + In admin page, show tallied elections in a new section.
   + In admin page, sort (finalized) elections by finalization time.
   + Add a form to regenerate and mail a password.
   + Generating trustee keys is more resilient to momentary lack of
     entropy.
   + Change default question to make the blank choice explicit.
Stephane Glondu's avatar
Stephane Glondu committed
150
   + Print number of accepted ballots on the result page.
Stephane Glondu's avatar
Stephane Glondu committed
151 152 153 154 155 156 157 158 159 160 161 162 163
   + Add the possibility to specify a login attached to an email
     address. E-mail address and logins must be specified in the
     following way: foo@example.com,login. When login is not
     specified, the address is used as login. This feature is useful
     mainly for CAS authentication.
   + Voters (and passwords) can be imported from another (finalized)
     election.
   + Send a confirmation email after a successful vote.
   + Add a new notion of "archived" elections.
   + Pretty page for records.
   + An e-mail address can be attached to trustees.
   + Do not propose dummy authentication for new elections.

Stephane Glondu's avatar
Stephane Glondu committed
164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184
0.2 (2014-04-09)
================

 * Major overhaul of the web server:
   + changes in configuration items
   + cleaner isolation between elections
   + add per-site and per-election administration pages
   + elections imported from the configuration file must be explicitly
     listed (no more directory scanning)
   + authentication is more modular
   + changes in CAS authentication method:
     - invoke credential requestor with `renew=true`
     - do not assume CAS paths start with `/cas/`
   + change in the password authentication method:
     - the password file must be uploaded via the web server (no more
       reading on-disk file) before the method is used for the first
       time
   + automatic logout after successful ballot casting
   + online creation of election
 * Remove hardcoded default group

185 186 187 188 189 190 191 192 193 194 195 196
0.1.1 (2014-02-13)
==================

 * New subcommands in belenios-tool: "mkelection" and "election vote"
 * Add a demo (bash) script to simulate a whole election
 * Prettier URLs for election pseudo-files
 * Fix compatibility with reverse-proxies

0.1 (2014-01-13)
================

 * First public release