From 595e5679f6fd0db419e0c942cb54e59a743375db Mon Sep 17 00:00:00 2001 From: Darin Kotter Date: Fri, 8 Nov 2024 09:33:12 -0700 Subject: [PATCH 1/4] Version bump to 2.8.0 --- package-lock.json | 4 ++-- package.json | 2 +- readme.txt | 2 +- simple-local-avatars.php | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index c5a04b5..8341bb3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "simple-local-avatars", - "version": "2.7.11", + "version": "2.8.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "simple-local-avatars", - "version": "2.7.11", + "version": "2.8.0", "license": "GPL-2.0-or-later", "devDependencies": { "@10up/cypress-wp-utils": "^0.2.0", diff --git a/package.json b/package.json index a7240ad..90883a8 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "simple-local-avatars", - "version": "2.7.11", + "version": "2.8.0", "description": "Adds an avatar upload field to user profiles. Generates requested sizes on demand just like Gravatar!", "license": "GPL-2.0-or-later", "author": "10up (https://10up.com)", diff --git a/readme.txt b/readme.txt index edcf2e5..adb185d 100644 --- a/readme.txt +++ b/readme.txt @@ -3,7 +3,7 @@ Contributors: jakemgold, 10up, thinkoomph, jeffpaul, faisal03 Donate link: https://10up.com/plugins/simple-local-avatars-wordpress/ Tags: avatar, gravatar, user photos, users, profile Tested up to: 6.7 -Stable tag: 2.7.11 +Stable tag: 2.8.0 License: GPL-2.0-or-later License URI: https://spdx.org/licenses/GPL-2.0-or-later.html diff --git a/simple-local-avatars.php b/simple-local-avatars.php index 6b2618c..9b131de 100644 --- a/simple-local-avatars.php +++ b/simple-local-avatars.php @@ -3,7 +3,7 @@ * Plugin Name: Simple Local Avatars * Plugin URI: https://10up.com/plugins/simple-local-avatars-wordpress/ * Description: Adds an avatar upload field to user profiles. Generates requested sizes on demand, just like Gravatar! Simple and lightweight. - * Version: 2.7.11 + * Version: 2.8.0 * Requires at least: 6.5 * Requires PHP: 7.4 * Author: 10up @@ -35,7 +35,7 @@ require_once dirname( __FILE__ ) . '/includes/class-simple-local-avatars.php'; // Global constants. -define( 'SLA_VERSION', '2.7.11' ); +define( 'SLA_VERSION', '2.8.0' ); define( 'SLA_PLUGIN_URL', plugin_dir_url( __FILE__ ) ); if ( ! defined( 'SLA_IS_NETWORK' ) ) { From 966f7cdb0f059520d5833f97d022fc0276804fcf Mon Sep 17 00:00:00 2001 From: Darin Kotter Date: Fri, 8 Nov 2024 09:51:36 -0700 Subject: [PATCH 2/4] Update changelogs --- CHANGELOG.md | 25 ++++++++++++++++++++++ readme.txt | 59 ++++++++++++++++------------------------------------ 2 files changed, 43 insertions(+), 41 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5051c21..87517ec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,31 @@ All notable changes to this project will be documented in this file, per [the Ke ## [Unreleased] - TBD +## [2.8.0] - 2024-11-11 +**Note that this release bumps the minimum required version of WordPress from 6.4 to 6.5.** + +### Added +- Support for the WordPress.org plugin preview (props [@faisal-alvi](https://github.com/faisal-alvi), [@jeffpaul](https://github.com/jeffpaul) via [#297](https://github.com/10up/simple-local-avatars/pull/297)). + +### Changed +- Update PHP compatibility check to use `10up/wp-compat-validation-tool` (props [@Sidsector9](https://github.com/Sidsector9), [@jeffpaul](https://github.com/jeffpaul), [@faisal-alvi](https://github.com/faisal-alvi) via [#291](https://github.com/10up/simple-local-avatars/pull/291)). +- Bump Wordpress "tested up to" version 6.7 (props [@sudip-md](https://github.com/sudip-md), [@jeffpaul](https://github.com/jeffpaul), [@dkotter](https://github.com/dkotter) via [#310](https://github.com/10up/simple-local-avatars/pull/310), [#312](https://github.com/10up/simple-local-avatars/pull/312)). +- Bump WordPress minimum supported version to 6.5 (props [@sudip-md](https://github.com/sudip-md), [@jeffpaul](https://github.com/jeffpaul), [@dkotter](https://github.com/dkotter) via [#310](https://github.com/10up/simple-local-avatars/pull/310), [#312](https://github.com/10up/simple-local-avatars/pull/312)). + +### Fixed +- Ensure all strings are properly translated (props [@pedro-mendonca](https://github.com/pedro-mendonca), [@dkotter](https://github.com/dkotter) via [#295](https://github.com/10up/simple-local-avatars/pull/295)). +- Properly handle malformed `simple_local_avatar` user data (props [@adekbadek](https://github.com/adekbadek), [@dkotter](https://github.com/dkotter), [@faisal-alvi](https://github.com/faisal-alvi) via [#302](https://github.com/10up/simple-local-avatars/pull/302)). + +### Security +- Run a user capability check before we clear the avatar cache (props [@dkotter](https://github.com/dkotter), [@truonghuuphuc](https://github.com/truonghuuphuc), [@Sidsector9](https://github.com/Sidsector9) via [#309](https://github.com/10up/simple-local-avatars/pull/309)). +- Bump `axios` from 1.6.7 to 1.7.4 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#298](https://github.com/10up/simple-local-avatars/pull/298)). +- Bump `webpack` from 5.90.0 to 5.94.0 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#303](https://github.com/10up/simple-local-avatars/pull/303)). +- Bump `ws` from 7.5.10 to 8.18.0 and `@wordpress/scripts` from 27.1.0 to 30.4.0 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#305](https://github.com/10up/simple-local-avatars/pull/305), [#311](https://github.com/10up/simple-local-avatars/pull/311)). +- Bump `body-parser` from 1.20.2 to 1.20.3, `express` from 4.19.2 to 4.21.0, `send` from 0.18.0 to 0.19.0 and `serve-static` from 1.15.0 to 1.16.2 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#306](https://github.com/10up/simple-local-avatars/pull/306)). + +### Developer +- Update repo badges, add WordPress Playground badge, add plugin banner image (props [@faisal-alvi](https://github.com/faisal-alvi), [@thrijith](https://github.com/thrijith), [@jeffpaul](https://github.com/jeffpaul) via [#297](https://github.com/10up/simple-local-avatars/pull/297), [#300](https://github.com/10up/simple-local-avatars/pull/300), [#304](https://github.com/10up/simple-local-avatars/pull/304), [#307](https://github.com/10up/simple-local-avatars/pull/307)). + ## [2.7.11] - 2024-07-18 **Note that this release bumps the minimum required version of WordPress from 6.3 to 6.4.** diff --git a/readme.txt b/readme.txt index adb185d..3737e75 100644 --- a/readme.txt +++ b/readme.txt @@ -45,6 +45,21 @@ No. Simple Local Avatars neither collects, stores, nor sends any PII data of vi == Changelog == += 2.8.0 - 2024-11-11 = +**Note that this release bumps the minimum required version of WordPress from 6.4 to 6.5.** + +* **Added:** Support for the WordPress.org plugin preview (props [@faisal-alvi](https://github.com/faisal-alvi), [@jeffpaul](https://github.com/jeffpaul) via [#297](https://github.com/10up/simple-local-avatars/pull/297)). +* **Changed:** Update PHP compatibility check to use `10up/wp-compat-validation-tool` (props [@Sidsector9](https://github.com/Sidsector9), [@jeffpaul](https://github.com/jeffpaul), [@faisal-alvi](https://github.com/faisal-alvi) via [#291](https://github.com/10up/simple-local-avatars/pull/291)). +* **Changed:** Bump Wordpress "tested up to" version 6.7 (props [@sudip-md](https://github.com/sudip-md), [@jeffpaul](https://github.com/jeffpaul), [@dkotter](https://github.com/dkotter) via [#310](https://github.com/10up/simple-local-avatars/pull/310), [#312](https://github.com/10up/simple-local-avatars/pull/312)). +* **Changed:** Bump WordPress minimum supported version to 6.5 (props [@sudip-md](https://github.com/sudip-md), [@jeffpaul](https://github.com/jeffpaul), [@dkotter](https://github.com/dkotter) via [#310](https://github.com/10up/simple-local-avatars/pull/310), [#312](https://github.com/10up/simple-local-avatars/pull/312)). +* **Fixed:** Ensure all strings are properly translated (props [@pedro-mendonca](https://github.com/pedro-mendonca), [@dkotter](https://github.com/dkotter) via [#295](https://github.com/10up/simple-local-avatars/pull/295)). +* **Fixed:** Properly handle malformed `simple_local_avatar` user data (props [@adekbadek](https://github.com/adekbadek), [@dkotter](https://github.com/dkotter), [@faisal-alvi](https://github.com/faisal-alvi) via [#302](https://github.com/10up/simple-local-avatars/pull/302)). +* **Security:** Run a user capability check before we clear the avatar cache (props [@dkotter](https://github.com/dkotter), [@truonghuuphuc](https://github.com/truonghuuphuc), [@Sidsector9](https://github.com/Sidsector9) via [#309](https://github.com/10up/simple-local-avatars/pull/309)). +* **Security:** Bump `axios` from 1.6.7 to 1.7.4 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#298](https://github.com/10up/simple-local-avatars/pull/298)). +* **Security:** Bump `webpack` from 5.90.0 to 5.94.0 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#303](https://github.com/10up/simple-local-avatars/pull/303)). +* **Security:** Bump `ws` from 7.5.10 to 8.18.0 and `@wordpress/scripts` from 27.1.0 to 30.4.0 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#305](https://github.com/10up/simple-local-avatars/pull/305), [#311](https://github.com/10up/simple-local-avatars/pull/311)). +* **Security:** Bump `body-parser` from 1.20.2 to 1.20.3, `express` from 4.19.2 to 4.21.0, `send` from 0.18.0 to 0.19.0 and `serve-static` from 1.15.0 to 1.16.2 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#306](https://github.com/10up/simple-local-avatars/pull/306)). + = 2.7.11 - 2024-07-18 = **Note that this release bumps the minimum required version of WordPress from 6.3 to 6.4.** @@ -104,51 +119,13 @@ No. Simple Local Avatars neither collects, stores, nor sends any PII data of vi * **Security:** Bump `@wordpress/env` version from 5.2.0 to 8.7.0 (props [@iamdharmesh](https://github.com/iamdharmesh), [@faisal-alvi](https://github.com/faisal-alvi) via [#236](https://github.com/10up/simple-local-avatars/pull/236)). * **Security:** Bump `cypress-mochawesome-reporter` version from 3.0.1 to 3.6.0 (props [@iamdharmesh](https://github.com/iamdharmesh), [@faisal-alvi](https://github.com/faisal-alvi) via [#236](https://github.com/10up/simple-local-avatars/pull/236)). -= 2.7.5 - 2023-05-15 = -* **Added:** Ajax loading animation during process of uploading and deleting local avatars (props [@lllopo](https://github.com/lllopo), [@BhargavBhandari90](https://github.com/BhargavBhandari90), [@faisal-alvi](https://github.com/faisal-alvi) via [#204](https://github.com/10up/simple-local-avatars/pull/204)). -* **Changed:** Avatar removal button text (props [@jayedul](https://github.com/jayedul), [@jeffpaul](https://github.com/jeffpaul), [@dkotter](https://github.com/dkotter), [@faisal-alvi](https://github.com/faisal-alvi) via [#208](https://github.com/10up/simple-local-avatars/pull/208)). -* **Changed:** WordPress "tested up to" version 6.2 (props [@jayedul](https://github.com/jayedul), [@faisal-alvi](https://github.com/faisal-alvi) via [#210](https://github.com/10up/simple-local-avatars/pull/210)). -* **Changed:** Run E2E tests on the zip generated by "Build release zip" action (props [@jayedul](https://github.com/jayedul), [@iamdharmesh](https://github.com/iamdharmesh), [@faisal-alvi](https://github.com/faisal-alvi) via [#205](https://github.com/10up/simple-local-avatars/pull/205)). -* **Security:** Bump `webpack` from 5.75.0 to 5.76.1 (props [@dependabot](https://github.com/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#207](https://github.com/10up/simple-local-avatars/pull/207)). - -= 2.7.4 - 2023-02-23 = -* **Fixed:** Support passing `WP_User` to `get_avatar()` (props [@mattheu](https://github.com/mattheu), [@faisal-alvi](https://github.com/faisal-alvi) via [#193](https://github.com/10up/simple-local-avatars/pull/193)). -* **Fixed:** Remove trailing commas in function calls (props [@patrixer](https://github.com/patrixer), [@dkotter](https://github.com/dkotter), [@sekra24](https://github.com/sekra24), [@faisal-alvi](https://github.com/faisal-alvi) via [#196](https://github.com/10up/simple-local-avatars/pull/196)). -* **Security:** Bump `simple-git` from 3.15.1 to 3.16.0 (props [@dependabot](https://github.com/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#191](https://github.com/10up/simple-local-avatars/pull/191)). -* **Security:** Bump `http-cache-semantics` from 4.1.0 to 4.1.1 (props [@dependabot](https://github.com/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#197](https://github.com/10up/simple-local-avatars/pull/197)). - -= 2.7.3 - 2023-01-16 = -* **Fixed:** Issue causing fatal errors when avatars used on front end of site (props [@Rottinator](https://github.com/Rottinator), [@peterwilsoncc](https://github.com/peterwilsoncc), [@ravinderk](https://github.com/ravinderk), [@faisal-alvi](https://github.com/faisal-alvi) via [#187](https://github.com/10up/simple-local-avatars/pull/187)). -* **Fixed:** Deprecation error in admin on PHP 8.0 and later (props [@Rottinator](https://github.com/Rottinator), [@peterwilsoncc](https://github.com/peterwilsoncc), [@ravinderk](https://github.com/ravinderk), [@faisal-alvi](https://github.com/faisal-alvi) via [#187](https://github.com/10up/simple-local-avatars/pull/187)). - -= 2.7.2 - 2023-01-13 = -* **Added:** Filter hook `simple_local_avatars_upload_limit` to restrict image upload size & image file checking enhanced (props [@Shirkit](https://github.com/Shirkit), [@jayedul](https://github.com/jayedul), [@faisal-alvi](https://github.com/faisal-alvi), [@jeffpaul](https://github.com/jeffpaul) via [#171](https://github.com/10up/simple-local-avatars/pull/171)). -* **Added:** GitHub Actions summary on Cypress e2e test runs (props [@faisal-alvi](https://github.com/faisal-alvi), [@jeffpaul](https://github.com/jeffpaul), [@iamdharmesh](https://github.com/iamdharmesh) via [#174](https://github.com/10up/simple-local-avatars/pull/174)). -* **Changed:** Cypress integration migrated from 9.5.4 to 11.2.0 (props [@iamdharmesh](https://github.com/iamdharmesh), [@jayedul](https://github.com/jayedul), [@faisal-alvi](https://github.com/faisal-alvi) via [#172](https://github.com/10up/simple-local-avatars/pull/172)). -* **Fixed:** PHP8 support for `assign_new_user_avatar` (props [@lllopo](https://github.com/lllopo), [@mattwatsoncodes](https://github.com/mattwatsoncodes), [@faisal-alvi](https://github.com/faisal-alvi) via [#183](https://github.com/10up/simple-local-avatars/pull/183)). -* **Fixed:** Fixed the user profile language not respected issue (props [@dkotter](https://github.com/dkotter), [@lllopo](https://github.com/lllopo), [@faisal-alvi](https://github.com/faisal-alvi), [@jeffpaul](https://github.com/jeffpaul) via [#175](https://github.com/10up/simple-local-avatars/pull/175)). -* **Removed:** textdomain from the core strings and the function `update_avatar_ratings` as it's not required anymore (props [@dkotter](https://github.com/dkotter), [@lllopo](https://github.com/lllopo), [@faisal-alvi](https://github.com/faisal-alvi), [@jeffpaul](https://github.com/jeffpaul) via [#175](https://github.com/10up/simple-local-avatars/pull/175)). -* **Security:** Bump `json5` from 1.0.1 to 1.0.2 (props [@dependabot](https://github.com/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#182](https://github.com/10up/simple-local-avatars/pull/182)). - -= 2.7.1 - 2022-12-08 = -* **Added:** Added missing files from the last release and changed the readme file to fix the bullet points and added fullstops. - -= 2.7.0 - 2022-12-08 = -* **Added:** Added `Build release zip` GitHub Action (props [@peterwilsoncc](https://github.com/peterwilsoncc), [@faisal-alvi](https://github.com/faisal-alvi) via [#168](https://github.com/10up/simple-local-avatars/pull/168)). -* **Changed:** Set plugin defaults on `wp_initialize_site` instead of deprecated action `wpmu_new_blog` (props [@kadamwhite](https://github.com/kadamwhite), [@faisal-alvi](https://github.com/faisal-alvi) via [#156](https://github.com/10up/simple-local-avatars/pull/156)). -* **Changed:** Support Level from Active to Stable (props [@jeffpaul](https://github.com/jeffpaul), [@dkotter](https://github.com/dkotter) via [#159](https://github.com/10up/simple-local-avatars/pull/159)). -* **Changed:** Build tools: Allow PHPCS installer plugin to run without prompting user (props [@peterwilsoncc](https://github.com/peterwilsoncc), [@jeffpaul](https://github.com/jeffpaul) via [#164](https://github.com/10up/simple-local-avatars/pull/164)). -* **Changed:** WP tested up to version bump to 6.1 (props [@peterwilsoncc](https://github.com/peterwilsoncc), [@faisal-alvi](https://github.com/faisal-alvi) via [#165](https://github.com/10up/simple-local-avatars/pull/165)). -* **Fixed:** Non admin users can not crop avatar (props [@jayedul](https://github.com/jayedul), [@faisal-alvi](https://github.com/faisal-alvi), [@zamanq](https://github.com/zamanq), [@dkotter](https://github.com/dkotter), [@jeffpaul](https://github.com/jeffpaul) via [#155](https://github.com/10up/simple-local-avatars/pull/155)). -* **Security:** Bump `@wordpress/env` from 4.9.0 to 5.2.0 and `got` from 10.7.0 to 11.8.5 (props [@dependabot](https://github.com/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#153](https://github.com/10up/simple-local-avatars/pull/153)). -* **Security:** Bump `loader-utils` from 2.0.2 to 2.0.3 (props [@dependabot](https://github.com/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#160](https://github.com/10up/simple-local-avatars/pull/160)). -* **Security:** Bump `loader-utils` from 2.0.3 to 2.0.4 (props [@dependabot](https://github.com/dependabot), [@peterwilsoncc](https://github.com/peterwilsoncc) via [#162](https://github.com/10up/simple-local-avatars/pull/162)). -* **Security:** Bump `simple-git` from 3.9.0 to 3.15.1 (props [@dependabot](https://github.com/dependabot) via [#176](https://github.com/10up/simple-local-avatars/pull/176)). - [View historical changelog details here](https://github.com/10up/simple-local-avatars/blob/develop/CHANGELOG.md). == Upgrade Notice == += 2.8.0 = +**Note that this release bumps the minimum required version of WordPress from 6.4 to 6.5.** + = 2.7.11 = **Note that this release bumps the minimum required version of WordPress from 6.3 to 6.4.** From 33e3734ae6536669d281a7e3d13c78e3b2514729 Mon Sep 17 00:00:00 2001 From: Darin Kotter Date: Fri, 8 Nov 2024 09:53:45 -0700 Subject: [PATCH 3/4] Update CREDITS.md --- CREDITS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CREDITS.md b/CREDITS.md index b7cdfa5..99e9535 100644 --- a/CREDITS.md +++ b/CREDITS.md @@ -10,7 +10,7 @@ The following individuals are responsible for curating the list of issues, respo Thank you to all the people who have already contributed to this repository via bug reports, code, design, ideas, project management, translation, testing, etc. -[Jake Goldman (@jakemgold)](https://github.com/jakemgold), [Steve Grunwell (@stevegrunwell)](https://github.com/stevegrunwell), [Ravi Chandra (@ravichdev)](https://github.com/ravichdev), [Eduard Florea (@eflorea)](https://github.com/eflorea), [Helen Hou-Sandi (@helen)](https://github.com/helen), [@kniebremser](https://github.com/kniebremser), [Robbie Trencheny (@robbiet480)](https://github.com/robbiet480), [Jeffrey Paul (@jeffpaul)](https://github.com/jeffpaul), [Adam Silverstein (@adamsilverstein)](https://github.com/adamsilverstein), [Paul de Wouters (@pdewouters)](https://github.com/pdewouters), [Ledwing Hernandez (@Waka867)](https://github.com/Waka867), [Tim Moore (@tmoorewp)](https://github.com/tmoorewp), [Oscar Sanchez S. (@oscarssanchez)](https://github.com/oscarssanchez), [Tung Du (@dinhtungdu)](https://github.com/dinhtungdu), [Ben Lobaugh (@blobaugh)](https://github.com/blobaugh), [Chris Jones (@heyjones)](https://github.com/heyjones), [Darin Kotter (@dkotter)](https://github.com/dkotter), [Ammon Lockwood (@sumnercreations)](https://github.com/sumnercreations), [David Shanske (@dshanske)](https://github.com/dshanske), [Myles McNamara (@tripflex)](https://github.com/tripflex), [Jackie Kjome (@JackieKjome)](https://github.com/JackieKjome) [David Chabbi (@davidchabbi)](https://profiles.wordpress.org/davidchabbi/), [Jeffrey Carandang (@phpbits)](https://github.com/phpbits), [@Antonio-Laguna](https://github.com/Antonio-Laguna), [(@ituk)](https://github.com/ituk), [Fabio Giannese (@diodoe)](https://github.com/diodoe), [Ankit K Gupta (@ankitguptaindia)](https://github.com/ankitguptaindia), [Ajay Maurya (@ajmaurya99)](https://github.com/ajmaurya99), [Clayton Collie (@claytoncollie)](https://github.com/claytoncollie), [Connor Smyth (@ActuallyConnor)](https://github.com/ActuallyConnor), [Thrijith Thankachan (@thrijith)](https://github.com/thrijith), [Rahul Prajapati (@rahulsprajapati)](https://github.com/rahulsprajapati), [Faisal Alvi (@faisal-alvi)](https://github.com/faisal-alvi), [Sudip Dadhaniya (@sudip-10up)](https://github.com/sudip-10up), [Max Lyuchin (@cadic)](https://github.com/cadic), [Dharmesh Patel (@iamdharmesh)](https://github.com/iamdharmesh), [(@holle75)](https://github.com/holle75), [Mehul Kaklotar (@mehulkaklotar)](https://github.com/mehulkaklotar), [Ulrich Pogson (@grappler)](https://github.com/grappler), [Peter Wilson (@peterwilsoncc)](https://github.com/peterwilsoncc), [Austin Passy (@thefrosty)](https://github.com/thefrosty), [Vikram Moparthy (@vikrampm1)](https://github.com/vikrampm1), [Alireza Salehi (@alireza-salehi)](https://github.com/alireza-salehi), [Vlad Olaru (@vladolaru)](https://github.com/vladolaru), [Alec Kinnear (@foliovision)](https://github.com/foliovision), [Siddharth Thevaril (@Sidsector9)](https://github.com/Sidsector9), [David (@pixelloop)](https://github.com/pixelloop), [Victor Berland (@victorberland)](https://github.com/victorberland), [Konstantin Kovshenin (@kovshenin)](https://github.com/kovshenin), [Timothy Wheelock (@t-lock)](https://github.com/t-lock), [Jayedul Kabir (@jayedul)](https://github.com/jayedul), [Quamruz Zaman (@zamanq)](https://github.com/zamanq), [K. Adam White (@kadamwhite)](https://github.com/kadamwhite), [Shirkit (@Shirkit)](https://github.com/Shirkit), [Georgi Georgiev (@lllopo)](https://github.com/lllopo), [Matt Watson (@mattwatsoncodes)](https://github.com/mattwatsoncodes), [Christoph Rothmeier (@Rottinator)](https://github.com/Rottinator), [Ravinder Kumar (@ravinderk)](https://github.com/ravinderk), [Matthew Haines-Young (@mattheu)](https://github.com/mattheu), [Patryk Kujawa (@patrixer)](https://github.com/patrixer), [Sebastian (@sekra24)](https://github.com/sekra24), [Bhargav Bhandari (@BhargavBhandari90)](https://github.com/BhargavBhandari90), [Konstantinos Galanakis (@kmgalanakis)](https://github.com/kmgalanakis), [Jon Christensen (@Firestorm980)](https://github.com/Firestorm980), [Joseph Richardson (@EHLOVader)](https://github.com/EHLOVader), [Dominik Schilling (@ocean90)](https://github.com/ocean90), [Jake Jackson (@jakejackson1)](https://github.com/jakejackson1), [Leo Germani (@leogermani)](https://github.com/leogermani), [Viktor Szépe (@szepeviktor)](https://github.com/szepeviktor), [horrormovies.gr (@horrormoviesgr)](https://profiles.wordpress.org/horrormoviesgr/), [inpeaks (@inpeaks)](https://profiles.wordpress.org/inpeaks/), [lillylark (@lillylark)](https://profiles.wordpress.org/lillylark/), [Rafał Całka (@rafaucau)](https://github.com/rafaucau), [janrenn (@janrenn)](https://profiles.wordpress.org/janrenn/), [Amir Hossein (amirhossein7)](https://profiles.wordpress.org/amirhossein7/), [Sumit Bagthariya (@qasumitbagthariya)](https://github.com/qasumitbagthariya), [Sudip Dadhaniya (@sudip-md)](https://github.com/sudip-md), [Evan Mattson (@aaemnnosttv)](https://github.com/aaemnnosttv), [Rafie Muhammad (@rafiem)](https://github.com/rafiem). +[Jake Goldman (@jakemgold)](https://github.com/jakemgold), [Steve Grunwell (@stevegrunwell)](https://github.com/stevegrunwell), [Ravi Chandra (@ravichdev)](https://github.com/ravichdev), [Eduard Florea (@eflorea)](https://github.com/eflorea), [Helen Hou-Sandi (@helen)](https://github.com/helen), [@kniebremser](https://github.com/kniebremser), [Robbie Trencheny (@robbiet480)](https://github.com/robbiet480), [Jeffrey Paul (@jeffpaul)](https://github.com/jeffpaul), [Adam Silverstein (@adamsilverstein)](https://github.com/adamsilverstein), [Paul de Wouters (@pdewouters)](https://github.com/pdewouters), [Ledwing Hernandez (@Waka867)](https://github.com/Waka867), [Tim Moore (@tmoorewp)](https://github.com/tmoorewp), [Oscar Sanchez S. (@oscarssanchez)](https://github.com/oscarssanchez), [Tung Du (@dinhtungdu)](https://github.com/dinhtungdu), [Ben Lobaugh (@blobaugh)](https://github.com/blobaugh), [Chris Jones (@heyjones)](https://github.com/heyjones), [Darin Kotter (@dkotter)](https://github.com/dkotter), [Ammon Lockwood (@sumnercreations)](https://github.com/sumnercreations), [David Shanske (@dshanske)](https://github.com/dshanske), [Myles McNamara (@tripflex)](https://github.com/tripflex), [Jackie Kjome (@JackieKjome)](https://github.com/JackieKjome) [David Chabbi (@davidchabbi)](https://profiles.wordpress.org/davidchabbi/), [Jeffrey Carandang (@phpbits)](https://github.com/phpbits), [@Antonio-Laguna](https://github.com/Antonio-Laguna), [(@ituk)](https://github.com/ituk), [Fabio Giannese (@diodoe)](https://github.com/diodoe), [Ankit K Gupta (@ankitguptaindia)](https://github.com/ankitguptaindia), [Ajay Maurya (@ajmaurya99)](https://github.com/ajmaurya99), [Clayton Collie (@claytoncollie)](https://github.com/claytoncollie), [Connor Smyth (@ActuallyConnor)](https://github.com/ActuallyConnor), [Thrijith Thankachan (@thrijith)](https://github.com/thrijith), [Rahul Prajapati (@rahulsprajapati)](https://github.com/rahulsprajapati), [Faisal Alvi (@faisal-alvi)](https://github.com/faisal-alvi), [Sudip Dadhaniya (@sudip-10up)](https://github.com/sudip-10up), [Max Lyuchin (@cadic)](https://github.com/cadic), [Dharmesh Patel (@iamdharmesh)](https://github.com/iamdharmesh), [(@holle75)](https://github.com/holle75), [Mehul Kaklotar (@mehulkaklotar)](https://github.com/mehulkaklotar), [Ulrich Pogson (@grappler)](https://github.com/grappler), [Peter Wilson (@peterwilsoncc)](https://github.com/peterwilsoncc), [Austin Passy (@thefrosty)](https://github.com/thefrosty), [Vikram Moparthy (@vikrampm1)](https://github.com/vikrampm1), [Alireza Salehi (@alireza-salehi)](https://github.com/alireza-salehi), [Vlad Olaru (@vladolaru)](https://github.com/vladolaru), [Alec Kinnear (@foliovision)](https://github.com/foliovision), [Siddharth Thevaril (@Sidsector9)](https://github.com/Sidsector9), [David (@pixelloop)](https://github.com/pixelloop), [Victor Berland (@victorberland)](https://github.com/victorberland), [Konstantin Kovshenin (@kovshenin)](https://github.com/kovshenin), [Timothy Wheelock (@t-lock)](https://github.com/t-lock), [Jayedul Kabir (@jayedul)](https://github.com/jayedul), [Quamruz Zaman (@zamanq)](https://github.com/zamanq), [K. Adam White (@kadamwhite)](https://github.com/kadamwhite), [Shirkit (@Shirkit)](https://github.com/Shirkit), [Georgi Georgiev (@lllopo)](https://github.com/lllopo), [Matt Watson (@mattwatsoncodes)](https://github.com/mattwatsoncodes), [Christoph Rothmeier (@Rottinator)](https://github.com/Rottinator), [Ravinder Kumar (@ravinderk)](https://github.com/ravinderk), [Matthew Haines-Young (@mattheu)](https://github.com/mattheu), [Patryk Kujawa (@patrixer)](https://github.com/patrixer), [Sebastian (@sekra24)](https://github.com/sekra24), [Bhargav Bhandari (@BhargavBhandari90)](https://github.com/BhargavBhandari90), [Konstantinos Galanakis (@kmgalanakis)](https://github.com/kmgalanakis), [Jon Christensen (@Firestorm980)](https://github.com/Firestorm980), [Joseph Richardson (@EHLOVader)](https://github.com/EHLOVader), [Dominik Schilling (@ocean90)](https://github.com/ocean90), [Jake Jackson (@jakejackson1)](https://github.com/jakejackson1), [Leo Germani (@leogermani)](https://github.com/leogermani), [Viktor Szépe (@szepeviktor)](https://github.com/szepeviktor), [horrormovies.gr (@horrormoviesgr)](https://profiles.wordpress.org/horrormoviesgr/), [inpeaks (@inpeaks)](https://profiles.wordpress.org/inpeaks/), [lillylark (@lillylark)](https://profiles.wordpress.org/lillylark/), [Rafał Całka (@rafaucau)](https://github.com/rafaucau), [janrenn (@janrenn)](https://profiles.wordpress.org/janrenn/), [Amir Hossein (amirhossein7)](https://profiles.wordpress.org/amirhossein7/), [Sumit Bagthariya (@qasumitbagthariya)](https://github.com/qasumitbagthariya), [Sudip Dadhaniya (@sudip-md)](https://github.com/sudip-md), [Evan Mattson (@aaemnnosttv)](https://github.com/aaemnnosttv), [Rafie Muhammad (@rafiem)](https://github.com/rafiem), [Pedro Mendonça (@pedro-mendonca)](https://github.com/pedro-mendonca), [Adam Cassis (@adekbadek)](https://github.com/adekbadek), [Trương Hữu Phúc (@truonghuuphuc)](https://github.com/truonghuuphuc). ## Libraries From 203fc1845401561c0bbbe11dd505df4ca1571b11 Mon Sep 17 00:00:00 2001 From: Darin Kotter Date: Tue, 12 Nov 2024 10:44:08 -0700 Subject: [PATCH 4/4] Update release date; add another item to the changelog --- CHANGELOG.md | 3 ++- CREDITS.md | 2 +- readme.txt | 3 ++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 87517ec..a4c2fd9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ All notable changes to this project will be documented in this file, per [the Ke ## [Unreleased] - TBD -## [2.8.0] - 2024-11-11 +## [2.8.0] - 2024-11-12 **Note that this release bumps the minimum required version of WordPress from 6.4 to 6.5.** ### Added @@ -21,6 +21,7 @@ All notable changes to this project will be documented in this file, per [the Ke ### Security - Run a user capability check before we clear the avatar cache (props [@dkotter](https://github.com/dkotter), [@truonghuuphuc](https://github.com/truonghuuphuc), [@Sidsector9](https://github.com/Sidsector9) via [#309](https://github.com/10up/simple-local-avatars/pull/309)). +- Ensure REST API requests to set an avatar only allow existing attachment IDs to be used (props [@dkotter](https://github.com/dkotter), Justus Böhme, [@faisal-alvi](https://github.com/faisal-alvi) via [GHSA-wfjh-m788-w2c5](https://github.com/10up/simple-local-avatars/security/advisories/GHSA-wfjh-m788-w2c5)). - Bump `axios` from 1.6.7 to 1.7.4 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#298](https://github.com/10up/simple-local-avatars/pull/298)). - Bump `webpack` from 5.90.0 to 5.94.0 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#303](https://github.com/10up/simple-local-avatars/pull/303)). - Bump `ws` from 7.5.10 to 8.18.0 and `@wordpress/scripts` from 27.1.0 to 30.4.0 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#305](https://github.com/10up/simple-local-avatars/pull/305), [#311](https://github.com/10up/simple-local-avatars/pull/311)). diff --git a/CREDITS.md b/CREDITS.md index 99e9535..ce87f08 100644 --- a/CREDITS.md +++ b/CREDITS.md @@ -10,7 +10,7 @@ The following individuals are responsible for curating the list of issues, respo Thank you to all the people who have already contributed to this repository via bug reports, code, design, ideas, project management, translation, testing, etc. -[Jake Goldman (@jakemgold)](https://github.com/jakemgold), [Steve Grunwell (@stevegrunwell)](https://github.com/stevegrunwell), [Ravi Chandra (@ravichdev)](https://github.com/ravichdev), [Eduard Florea (@eflorea)](https://github.com/eflorea), [Helen Hou-Sandi (@helen)](https://github.com/helen), [@kniebremser](https://github.com/kniebremser), [Robbie Trencheny (@robbiet480)](https://github.com/robbiet480), [Jeffrey Paul (@jeffpaul)](https://github.com/jeffpaul), [Adam Silverstein (@adamsilverstein)](https://github.com/adamsilverstein), [Paul de Wouters (@pdewouters)](https://github.com/pdewouters), [Ledwing Hernandez (@Waka867)](https://github.com/Waka867), [Tim Moore (@tmoorewp)](https://github.com/tmoorewp), [Oscar Sanchez S. (@oscarssanchez)](https://github.com/oscarssanchez), [Tung Du (@dinhtungdu)](https://github.com/dinhtungdu), [Ben Lobaugh (@blobaugh)](https://github.com/blobaugh), [Chris Jones (@heyjones)](https://github.com/heyjones), [Darin Kotter (@dkotter)](https://github.com/dkotter), [Ammon Lockwood (@sumnercreations)](https://github.com/sumnercreations), [David Shanske (@dshanske)](https://github.com/dshanske), [Myles McNamara (@tripflex)](https://github.com/tripflex), [Jackie Kjome (@JackieKjome)](https://github.com/JackieKjome) [David Chabbi (@davidchabbi)](https://profiles.wordpress.org/davidchabbi/), [Jeffrey Carandang (@phpbits)](https://github.com/phpbits), [@Antonio-Laguna](https://github.com/Antonio-Laguna), [(@ituk)](https://github.com/ituk), [Fabio Giannese (@diodoe)](https://github.com/diodoe), [Ankit K Gupta (@ankitguptaindia)](https://github.com/ankitguptaindia), [Ajay Maurya (@ajmaurya99)](https://github.com/ajmaurya99), [Clayton Collie (@claytoncollie)](https://github.com/claytoncollie), [Connor Smyth (@ActuallyConnor)](https://github.com/ActuallyConnor), [Thrijith Thankachan (@thrijith)](https://github.com/thrijith), [Rahul Prajapati (@rahulsprajapati)](https://github.com/rahulsprajapati), [Faisal Alvi (@faisal-alvi)](https://github.com/faisal-alvi), [Sudip Dadhaniya (@sudip-10up)](https://github.com/sudip-10up), [Max Lyuchin (@cadic)](https://github.com/cadic), [Dharmesh Patel (@iamdharmesh)](https://github.com/iamdharmesh), [(@holle75)](https://github.com/holle75), [Mehul Kaklotar (@mehulkaklotar)](https://github.com/mehulkaklotar), [Ulrich Pogson (@grappler)](https://github.com/grappler), [Peter Wilson (@peterwilsoncc)](https://github.com/peterwilsoncc), [Austin Passy (@thefrosty)](https://github.com/thefrosty), [Vikram Moparthy (@vikrampm1)](https://github.com/vikrampm1), [Alireza Salehi (@alireza-salehi)](https://github.com/alireza-salehi), [Vlad Olaru (@vladolaru)](https://github.com/vladolaru), [Alec Kinnear (@foliovision)](https://github.com/foliovision), [Siddharth Thevaril (@Sidsector9)](https://github.com/Sidsector9), [David (@pixelloop)](https://github.com/pixelloop), [Victor Berland (@victorberland)](https://github.com/victorberland), [Konstantin Kovshenin (@kovshenin)](https://github.com/kovshenin), [Timothy Wheelock (@t-lock)](https://github.com/t-lock), [Jayedul Kabir (@jayedul)](https://github.com/jayedul), [Quamruz Zaman (@zamanq)](https://github.com/zamanq), [K. Adam White (@kadamwhite)](https://github.com/kadamwhite), [Shirkit (@Shirkit)](https://github.com/Shirkit), [Georgi Georgiev (@lllopo)](https://github.com/lllopo), [Matt Watson (@mattwatsoncodes)](https://github.com/mattwatsoncodes), [Christoph Rothmeier (@Rottinator)](https://github.com/Rottinator), [Ravinder Kumar (@ravinderk)](https://github.com/ravinderk), [Matthew Haines-Young (@mattheu)](https://github.com/mattheu), [Patryk Kujawa (@patrixer)](https://github.com/patrixer), [Sebastian (@sekra24)](https://github.com/sekra24), [Bhargav Bhandari (@BhargavBhandari90)](https://github.com/BhargavBhandari90), [Konstantinos Galanakis (@kmgalanakis)](https://github.com/kmgalanakis), [Jon Christensen (@Firestorm980)](https://github.com/Firestorm980), [Joseph Richardson (@EHLOVader)](https://github.com/EHLOVader), [Dominik Schilling (@ocean90)](https://github.com/ocean90), [Jake Jackson (@jakejackson1)](https://github.com/jakejackson1), [Leo Germani (@leogermani)](https://github.com/leogermani), [Viktor Szépe (@szepeviktor)](https://github.com/szepeviktor), [horrormovies.gr (@horrormoviesgr)](https://profiles.wordpress.org/horrormoviesgr/), [inpeaks (@inpeaks)](https://profiles.wordpress.org/inpeaks/), [lillylark (@lillylark)](https://profiles.wordpress.org/lillylark/), [Rafał Całka (@rafaucau)](https://github.com/rafaucau), [janrenn (@janrenn)](https://profiles.wordpress.org/janrenn/), [Amir Hossein (amirhossein7)](https://profiles.wordpress.org/amirhossein7/), [Sumit Bagthariya (@qasumitbagthariya)](https://github.com/qasumitbagthariya), [Sudip Dadhaniya (@sudip-md)](https://github.com/sudip-md), [Evan Mattson (@aaemnnosttv)](https://github.com/aaemnnosttv), [Rafie Muhammad (@rafiem)](https://github.com/rafiem), [Pedro Mendonça (@pedro-mendonca)](https://github.com/pedro-mendonca), [Adam Cassis (@adekbadek)](https://github.com/adekbadek), [Trương Hữu Phúc (@truonghuuphuc)](https://github.com/truonghuuphuc). +[Jake Goldman (@jakemgold)](https://github.com/jakemgold), [Steve Grunwell (@stevegrunwell)](https://github.com/stevegrunwell), [Ravi Chandra (@ravichdev)](https://github.com/ravichdev), [Eduard Florea (@eflorea)](https://github.com/eflorea), [Helen Hou-Sandi (@helen)](https://github.com/helen), [@kniebremser](https://github.com/kniebremser), [Robbie Trencheny (@robbiet480)](https://github.com/robbiet480), [Jeffrey Paul (@jeffpaul)](https://github.com/jeffpaul), [Adam Silverstein (@adamsilverstein)](https://github.com/adamsilverstein), [Paul de Wouters (@pdewouters)](https://github.com/pdewouters), [Ledwing Hernandez (@Waka867)](https://github.com/Waka867), [Tim Moore (@tmoorewp)](https://github.com/tmoorewp), [Oscar Sanchez S. (@oscarssanchez)](https://github.com/oscarssanchez), [Tung Du (@dinhtungdu)](https://github.com/dinhtungdu), [Ben Lobaugh (@blobaugh)](https://github.com/blobaugh), [Chris Jones (@heyjones)](https://github.com/heyjones), [Darin Kotter (@dkotter)](https://github.com/dkotter), [Ammon Lockwood (@sumnercreations)](https://github.com/sumnercreations), [David Shanske (@dshanske)](https://github.com/dshanske), [Myles McNamara (@tripflex)](https://github.com/tripflex), [Jackie Kjome (@JackieKjome)](https://github.com/JackieKjome) [David Chabbi (@davidchabbi)](https://profiles.wordpress.org/davidchabbi/), [Jeffrey Carandang (@phpbits)](https://github.com/phpbits), [@Antonio-Laguna](https://github.com/Antonio-Laguna), [(@ituk)](https://github.com/ituk), [Fabio Giannese (@diodoe)](https://github.com/diodoe), [Ankit K Gupta (@ankitguptaindia)](https://github.com/ankitguptaindia), [Ajay Maurya (@ajmaurya99)](https://github.com/ajmaurya99), [Clayton Collie (@claytoncollie)](https://github.com/claytoncollie), [Connor Smyth (@ActuallyConnor)](https://github.com/ActuallyConnor), [Thrijith Thankachan (@thrijith)](https://github.com/thrijith), [Rahul Prajapati (@rahulsprajapati)](https://github.com/rahulsprajapati), [Faisal Alvi (@faisal-alvi)](https://github.com/faisal-alvi), [Sudip Dadhaniya (@sudip-10up)](https://github.com/sudip-10up), [Max Lyuchin (@cadic)](https://github.com/cadic), [Dharmesh Patel (@iamdharmesh)](https://github.com/iamdharmesh), [(@holle75)](https://github.com/holle75), [Mehul Kaklotar (@mehulkaklotar)](https://github.com/mehulkaklotar), [Ulrich Pogson (@grappler)](https://github.com/grappler), [Peter Wilson (@peterwilsoncc)](https://github.com/peterwilsoncc), [Austin Passy (@thefrosty)](https://github.com/thefrosty), [Vikram Moparthy (@vikrampm1)](https://github.com/vikrampm1), [Alireza Salehi (@alireza-salehi)](https://github.com/alireza-salehi), [Vlad Olaru (@vladolaru)](https://github.com/vladolaru), [Alec Kinnear (@foliovision)](https://github.com/foliovision), [Siddharth Thevaril (@Sidsector9)](https://github.com/Sidsector9), [David (@pixelloop)](https://github.com/pixelloop), [Victor Berland (@victorberland)](https://github.com/victorberland), [Konstantin Kovshenin (@kovshenin)](https://github.com/kovshenin), [Timothy Wheelock (@t-lock)](https://github.com/t-lock), [Jayedul Kabir (@jayedul)](https://github.com/jayedul), [Quamruz Zaman (@zamanq)](https://github.com/zamanq), [K. Adam White (@kadamwhite)](https://github.com/kadamwhite), [Shirkit (@Shirkit)](https://github.com/Shirkit), [Georgi Georgiev (@lllopo)](https://github.com/lllopo), [Matt Watson (@mattwatsoncodes)](https://github.com/mattwatsoncodes), [Christoph Rothmeier (@Rottinator)](https://github.com/Rottinator), [Ravinder Kumar (@ravinderk)](https://github.com/ravinderk), [Matthew Haines-Young (@mattheu)](https://github.com/mattheu), [Patryk Kujawa (@patrixer)](https://github.com/patrixer), [Sebastian (@sekra24)](https://github.com/sekra24), [Bhargav Bhandari (@BhargavBhandari90)](https://github.com/BhargavBhandari90), [Konstantinos Galanakis (@kmgalanakis)](https://github.com/kmgalanakis), [Jon Christensen (@Firestorm980)](https://github.com/Firestorm980), [Joseph Richardson (@EHLOVader)](https://github.com/EHLOVader), [Dominik Schilling (@ocean90)](https://github.com/ocean90), [Jake Jackson (@jakejackson1)](https://github.com/jakejackson1), [Leo Germani (@leogermani)](https://github.com/leogermani), [Viktor Szépe (@szepeviktor)](https://github.com/szepeviktor), [horrormovies.gr (@horrormoviesgr)](https://profiles.wordpress.org/horrormoviesgr/), [inpeaks (@inpeaks)](https://profiles.wordpress.org/inpeaks/), [lillylark (@lillylark)](https://profiles.wordpress.org/lillylark/), [Rafał Całka (@rafaucau)](https://github.com/rafaucau), [janrenn (@janrenn)](https://profiles.wordpress.org/janrenn/), [Amir Hossein (amirhossein7)](https://profiles.wordpress.org/amirhossein7/), [Sumit Bagthariya (@qasumitbagthariya)](https://github.com/qasumitbagthariya), [Sudip Dadhaniya (@sudip-md)](https://github.com/sudip-md), [Evan Mattson (@aaemnnosttv)](https://github.com/aaemnnosttv), [Rafie Muhammad (@rafiem)](https://github.com/rafiem), [Pedro Mendonça (@pedro-mendonca)](https://github.com/pedro-mendonca), [Adam Cassis (@adekbadek)](https://github.com/adekbadek), [Trương Hữu Phúc (@truonghuuphuc)](https://github.com/truonghuuphuc), [Justus Böhme](). ## Libraries diff --git a/readme.txt b/readme.txt index 3737e75..5df9d58 100644 --- a/readme.txt +++ b/readme.txt @@ -45,7 +45,7 @@ No. Simple Local Avatars neither collects, stores, nor sends any PII data of vi == Changelog == -= 2.8.0 - 2024-11-11 = += 2.8.0 - 2024-11-12 = **Note that this release bumps the minimum required version of WordPress from 6.4 to 6.5.** * **Added:** Support for the WordPress.org plugin preview (props [@faisal-alvi](https://github.com/faisal-alvi), [@jeffpaul](https://github.com/jeffpaul) via [#297](https://github.com/10up/simple-local-avatars/pull/297)). @@ -55,6 +55,7 @@ No. Simple Local Avatars neither collects, stores, nor sends any PII data of vi * **Fixed:** Ensure all strings are properly translated (props [@pedro-mendonca](https://github.com/pedro-mendonca), [@dkotter](https://github.com/dkotter) via [#295](https://github.com/10up/simple-local-avatars/pull/295)). * **Fixed:** Properly handle malformed `simple_local_avatar` user data (props [@adekbadek](https://github.com/adekbadek), [@dkotter](https://github.com/dkotter), [@faisal-alvi](https://github.com/faisal-alvi) via [#302](https://github.com/10up/simple-local-avatars/pull/302)). * **Security:** Run a user capability check before we clear the avatar cache (props [@dkotter](https://github.com/dkotter), [@truonghuuphuc](https://github.com/truonghuuphuc), [@Sidsector9](https://github.com/Sidsector9) via [#309](https://github.com/10up/simple-local-avatars/pull/309)). +* **Security:** Ensure REST API requests to set an avatar only allow existing attachment IDs to be used (props [@dkotter](https://github.com/dkotter), Justus Böhme, [@faisal-alvi](https://github.com/faisal-alvi) via [GHSA-wfjh-m788-w2c5](https://github.com/10up/simple-local-avatars/security/advisories/GHSA-wfjh-m788-w2c5)). * **Security:** Bump `axios` from 1.6.7 to 1.7.4 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#298](https://github.com/10up/simple-local-avatars/pull/298)). * **Security:** Bump `webpack` from 5.90.0 to 5.94.0 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#303](https://github.com/10up/simple-local-avatars/pull/303)). * **Security:** Bump `ws` from 7.5.10 to 8.18.0 and `@wordpress/scripts` from 27.1.0 to 30.4.0 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#305](https://github.com/10up/simple-local-avatars/pull/305), [#311](https://github.com/10up/simple-local-avatars/pull/311)).