Version 3.0.1

• Changed title of the "My Information"-page to prevent being able to track users through collected analytics.
• Changed login form validation messages to prevent account enumeration attacks.
• Changed login form redirects to prevent open redirects.
• Fixed issue where graduates could be incorrectly assigned active_member privileges.

Version 3.0

• Added support for marking sign-up lists as having limited capacity.
• Added support for adding a representative to a company (this is different from a company contact).
• Added CompanyUsers (i.e. representatives) that can manage company profiles.
• Added the GEWIS Career Platform where company representatives can log in to manage their company.
• Added support for company representatives to propose new jobs in the company's job package(s).
• Added support for company representatives to propose updates to existing jobs in the company's job package(s).
• Added support for company representatives to transfer jobs from expired job packages to non-expired job packages.
• Added support for company representatives to delete jobs.
• Added elementary support for company representatives to update their company's profile.
• Added the option to add a contract number to company packages.
• Added an approval queue for company profile and job (update) proposals.
• Added support for approving or rejecting job proposals (rejections may include a message that is shown to the company representative).
• Added support for applying or cancelling job update proposals (cancellations may include a message that is shown to the company representative).
• Added checks for passwords against the GEWIS-hosted version of Pwned Passwords. If a password is leaked in a public data breach, the user must reset their password before they can log in. When (re)setting passwords, this check is also performed and "pwned" passwords cannot be used.
• Added the Alcohol Policy to publicly available policies.
• Added timestamps to SignUps to track when people signed up to a sign-up list.
• Added support for searching for specific decisions.
• Added timestamps to Albums to add a "NEW"-tag to recently uploaded albums.
• Added support for recording when a user has changed their password, this is used to see which users comply with new password requirements.
• Added support for renaming MeetingDocuments after being uploaded.
• Added timestamps to MeetingDocuments and MeetingMinutes to track when they are uploaded.
• Changed AV to ALV to adhere to the terminology from the bylaws.
• Changed the minimum required length of passwords to 12 for Users.
• Changed the career admin to move job categories and labels to separate sections, leaving more space to interact with companies.
• Changed most of the e-mail templates to use the new e-mail template from Stijl.
• Changed the default state of new jobs to be published (when approved).
• Changed the agreement text when subscribing to an activity to include the Alcohol Policy in accordance with changes to the Activity Policy.
• Changed the maximum number of decisions returned when searching to 100 (from 50).
• Changed how decisions are displayed after searching or on meeting pages to improve readability.
• Changed the default duration of activation and password reset links to 24h (from ∞).
• Changed the default cookie SameSite directive to Lax.
• Improved several translations.
• Upgraded to PHP 8.2.
• Fixed issue where exams and summaries would still be inaccessible from the university's NAT'd Wi-Fi network.
• Fixed issue where the Content Security Policy was too lenient on what content was allowed.
• Fixed issue where cookies where incorrectly shared with sub-domains.
• Fixed issue where the privacy widget could appear after it was already dismissed.
• Fixed issue where a (limited) SQL injection was possible through the decision search field.
• Fixed issue where searching for decisions using only a meeting number would not return any decisions.
• Fixed issue where form validation on the login form was not applied.
• Fixed issue where proposing an update to an activity could silently fail.
• Fixed issue where selecting a meeting that shares its meeting number with another meeting of another type would prevent uploads of MeetingDocuments.
• Fixed issue where deleted, expired, or hidden members could still request a password reset.
• Updated dependencies.

Version 2.9.1

• Added generation of members to the admin sign-up list participants overview.
• Improved the way upcoming meetings are displayed when multiple are planned.
• Improved several translations.
• Fixed issue where exams and summaries would be inaccessible from the university's NAT'd Wi-Fi network.
• Fixed issue where e-mails could be incorrectly classified as spam due to a missing Message-Id value.
• Updated dependencies.

Version 2.9

• Added elementary support for remote member information update requests.
• Added support for editable courses.
• Added support for the deletion of courses and course documents.
• Changed option calendar to always start on Mondays regardless of used locale.
• Changed how options for activities can be proposed (this includes the ability to propose in different periods at the same time).
• Improved associations between members and resources to allow for easier removal of member data.
• Improved translations of all things related to meetings.
• Improved validation of the option proposal form.
• Improved ordering of album years in the photo admin dashboard.
• Improved distinction between normal folders and Archived folders in the public archive.
• Fixed issue where the generation of an album cover would fail it the album only contained sub-sub-albums with photos.
• Fixed issue where course documents could not be downloaded due timeouts.
• Fixed issue where incorrectly filling out the option proposal form resulted in an error.

Version 2.8.9

• Added the option to revoke an authorization that was made on the website.
• Improved the hiding of deleted members.
• Removed references to the Web Commissie and replaced them with ApplicatieBeheerCommissie.
• Removed last reference to SuSOS.
• Fixed issue where an invalid JWT cookie could lead to unauthenticated loops.

Version 2.8.8

• Added a historical overview of organ memberships on a member's page.
• Added breadcrumbs for organs that are not listable.
• Added a button to GEWIKI on the Members page.
• Improved separation between sub-albums and photos in an album.
• Improved the performance of the /career page by reducing the number of executed queries.
• Improved loading of infima on the home page.
• Fixed issue where the privacy widget would not work as expected.
• Fixed issue where hidden members would appear in the results of a member search.
• Updated CKEditor.

Version 2.8.7

• Added a switch to hide members from birthdays, search results, and logins.
• Added functionality to allow graduates to see their own photos and albums they are tagged in.
• Added a default cover for non-existing covers.
• Fixed issue where it was not possible to enable translatable fields in forms.
• Fixed issue where the Content Security Policy would break in production.
• Fixed issue where the Glide cache would need to be repopulated.
• Fixed issue where viewing organs with inactive members resulted in an error.
• Fixed issue where viewing an album without start and/or end date resulted in an error.
• Fixed issue where execution of automated tasks was delayed.
• Updated CKEditor.

Version 2.8.6

• Added a stricter Content Security Policy (CSP), mitigating multiple cross-site scripting (XSS) attacks.
• Changed SuSOS to SudoSOS and updated the associated links.
• Updated CKEditor.

Version 2.8.5

• Added support for inactive organ members.
• Changed abbreviation of audit committee to KCC.
• Removed gender from members.
• Fixed issue where uploading meeting documents could fail.
• Fixed issue where text that was supposed to be localised was not actually being localised.
• Fixed issue where custom pages could be deleted without the required privileges.
• Fixed issue where images could be uploaded without the proper privileges.

Version 2.8.4

• Fixed issue where an incorrect runtime configuration was used, resulting in reduced performance.
• Fixed issue where performing a password reset resulted in an error.
• Updated dependencies.