We released a new Weblate version; let us guide you through the reasons why updating to it matters.
Imperatives are represented by two fixed security issues, published in advisories GHSA-4qqf-9m5c-w2c5 and GHSA-57jg-m997-cx3q. None of those two is severe, and there is no evidence of exploitation of them, but would you call yourself a proud, responsible admin, keeping known security issues on your server when they can be fixed by a simple Docker pull? We are pleased that both of these issues were discovered and published by appreciated members of the HackeOne community, credited both there and on GitHub. Open source truly is the best way to develop software.
Now let’s change our focus to different hooks than these strong, collectively punched hooks to the security oops. Webhooks! Those received improvements of documentation, logs, multiple installations, and also a new add-on working with the special webhooks of Slack!
After some time, Weblate again supports a new translation file format! It’s called Compose Multiplatform Resources, and we believe it will make devs of Kotlin apps happy. There is no such thing as too many slightly different standards, right?
And now, regular readers’ favorite topic: API. It wouldn't be the right release blog without mentioning the evolution of Weblate’s REST API. First is an invitation for those who are waiting with their migration from other TMS platforms. Bring the comments of your community with you! Other new calls are specific for instances using the Billing module, like Hosted Weblate does. Creating projects and managing teams, previously blocked by this module, is now possible.
On our way to improve Weblate’s transparency and describe everything that hasn’t been already, we published a new part of the documentation called Security and privacy. It is mostly connected to Weblate Cloud services, but who doesn’t like a lot of technical information in a compact package? Answers to all potential questions from these fields should be there, so if you have one unanswered, feel free to ask us! We will add the information.
So that’s 5.12.1. Yes, .1 directly, because of a small issue denying building of 5.12. All Weblate Cloud users are getting it now, and Hosted Weblate is running it already. Should you want any help with the configuration or upgrades, Weblate humans are ready!
If not sooner, see you with 5.13 in mid-August.
