6.1.3

• Revert update to flask and werkzeug 2.3 because of a regression (see #1272)

6.1.2

• Fix password generation command line crash (#1242)
• Update to flask and werkzeug 2.3 (#1244)

6.1.1

Currency conversion API workarounds

We are using an external API for currency conversion. This API recently started requiring an API key, and this broke I Hate Money in many ways.

This release adds a set of workarounds for this issue. This should restore basic functionality such as adding bills. However, we had to disable some operations to prevent crashing:

• Setting or changing the default currency on an existing project is no longer possible. However, setting a project to "No currency" is still possible.
• Adding or editing a bill with a currency that differs from the default currency of the project is no longer possible

Longer-term solutions are being discussed.
If you are using currencies in your projects, your input is welcome.

Added

• Simplifies adding a bill with keyboard only (#1221)
• Add details of bills in history (#1223)
• Remember last "For whom?" field when adding a new bill (#1222)
• Speed up unit tests (#1214)
• Update translations for Spanish, Russian, Kannada, Swedish, Polish, German, and Italian

Fixed

• Fix remembering the last selected payer when switching project (#1224)

6.1.0

Added

• Add RSS feed for each project (#1158)
• Security: require private code to edit a project settings (#1204)

Fixed

• Fix 404 page crash (#1201)

6.0.1

Added

• Add support for APPLICATION_ROOT in Docker container (#1189)
• Improve docker-compose example: admin password and volume for database (#1169)

Fixed

• Fix docker-compose example quoting (#1164)
• Fix crash when using existing sessions (migrate them to dict) (#1194)
• Add newly created projects to the list of projects (#1193)

6.0.0

Breaking changes

• Drop Python 3.6 support
• Add Python 3.11 support

The minimum supported version is now Python 3.7, and the project is tested with up to Python 3.11

Added

• Enable new languages: Catalan, Czech, Spanish, Persian, Hebrew, Hungarian, Kannada, Serbian, Telugu, Thai
• Build ARM64 and ARMv7 Docker image (#1141)
• Allow bills with an amount of zero (#1133)
• Add confirmation for expense deletion (#1096)
• Display a QR code when inviting people (#1000)
• Add a cancel button when editing a bill for better UX (#1013)

Fixed

• Fix project deletion in the dashboard (#1094)
• Fix duplicate project name in dropdown list (#1082)
• Fix captcha validation, it should be case insensitive on both side (#1061)
• Fix CSRF on logout (#1040)
• Fix XSS when inviting people by email (#1044)

Changed

• Use a better quality favicon (#1102)
• Use Flask-Limiter to implement rate limiting (#1054)

5.2.0

Added

• Make docker image production-ready: support PostgreSQL, allow customizing port, PUID, PGID (#919)
• List supported currencies in API under api/currencies (#961)
• Allow to import bills in CSV format, compatible with Cospend (#951)
  Note that there is a known issue with this new feature

New settings

• Add SHOW_ADMIN_EMAIL setting (#965)

Changed settings

• MAIL_DEFAULT_SENDER is now a string instead of a tuple. The old syntax is still accepted but support will be dropped on the next major release (#1007)

Fixed

• Fix support for project IDs with uppercase characters (#925, #934)
• Purge project history on deletion (#989)
• Prevent large integer inputs to avoid crash (#994)
• [Performance] Get weight sum along with bills to scale (#949)
• Do not require a captcha when using the API (#931)
• Fix default "legal link" value in docker (#950)
• Fix showcase images in case of subdir installation (#974)
• Check that chosen language is in the supported list (#971)

Changed

• User interface fixes, especially for mobile devices (#901, #904, #905, #929, #943, #944, #945, #991)
• Always display topmost buttons in the list of bills: new bill button & pagination (#956)
• Display monthly statistics for the range of months where the project was active (#885)
• Hide "each" amount when there's only one recipient (#1008)
• Display admin email in error message for password reminder (#965)
• Send an email when the project is created via the API (#938)
• Add compatibility with Python 3.10 (#921)
• Support WTForms 3 (#916)

5.1.1

Added

• Add the option to display a "legal link" at the bottom of pages (#883)

New settings

• Add LEGAL_LINK setting (#883)

Changed

• Improve performance of balance and statistics computation (#890)
• Reduce the resolution of showcase pictures by 50% (#880)
• Improve pagination style in the list of bills (#873)

5.0.1

• Include images in the package archives (#872)

5.0.0

It's been a while since we didn't issue a major release. So here we go! This contains a lot of improvements, new features and fixes.

Thanks to everyone involved! 🥳

Breaking changes

• Include project code into project authentication token. This invalidates all existing API tokens and invitation links from previous versions (#802 #843)
• Drop support for Python 2 (#483)
• Drop support for Python 3.5 (#571)
• Drop support for MySQL (#743)
• Require MariaDB version 10.3.2 or above (#632)
• Enable session cookie security by default (#845)
• Change token path authentication to /{project}/join/{token} (#843)

The minimum supported version is now Python 3.6, and the project is tested with up to Python 3.9

See the upgrade instructions to make sure the upgrade goes smoothly.

Security

• Add CSRF validation on destructive actions (#796)
• Ask for private code to delete project or project history (#796)
• Add headers to mitigate Clickjacking, XSS, and other attacks: X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, Content-Security-Policy, Referrer-Policy (#845)
• Add URL validation to external link to prevent XSS (#846)

Added

• Allow to import previously exported json data (#518)
• Add new optional field "external link" in bill form (#429)
• Add optional currencies to project and bills (#541, #864)
• Add new statistics showing monthly expenses (#526)
• Add pagination to the list of bills (#480)
• Add sorting, pagination, and searching to the admin dashboard (#538)
• Add Project History page that records all changes (#553)
• Add token-based authentication to the API (#504)
• Add illustrations as a showcase, currently only for French (#544)
• Add a page for downloading mobile application (#688)
• Add optional support for a simple CAPTCHA (#844)
• Add translations for Greek, Esperanto, Italian, Japanese, Portuguese and Swedish
• Publish an official docker image

Changed

• Use the external debts lib to solve settlements (#476)
• Remove balance column in statistics view (#323)
• Make language choice persistent (#547)
• Localize date strings in the current language (#590)
• Differentiate "flash alerts" notifications (#594)
• Display "flash messages" persistently instead of making them disappear (#856)
• Improve menu bar spacing, put history and settings in a submenu (#739)
• Change Dockerfile to install python dependencies at build time (#793)
• Updating project settings doesn't require to enter or update project code (#774)
• Bump dependencies: WTForms (#768) jinja2 (#753) itsdangerous (#756) flask (#755 #757 #764)
• Remove requirements files in favor of setup.cfg pinning (#558)
• Make language choice persistent (#547)
• Flash messages must be dismissed manually (#856)
• Increased the font size of the logo (#828)

Fixed

• Improve input of email addresses when inviting people to join a project (#133)
• Fix order of participants in the statistics page (#608)
• Clarify project edition form: private code is not required (#774)
• Fix Python dependency constraints to be less strict
• Improve documentation (#781 #819 #821)
• Fix datepicker that was displayed twice on some browsers (#221)
• Members weight are now rounded to 2 decimal (#838)

Documentation

• Reorganize "Contributing" documentation to be more accessible to new contributors
• Improve documentation regarding database migrations (#569)
• Added a page about the security model (#858)