FixMyStreet: Platform

Blog

  • Version 1.7 23 October 2015

    yellow lines

    We’ve released version 1.7 of FixMyStreet.

    This version adds some new features. First off is that the FixMyStreet design is now bi-directional, providing an easy switch to flip the design to either left-to-right or right-to-left. This was done with the kind support of the National Democratic Institute.

    We have added state and category filters to the list pages, letting users view only e.g. open reports in the potholes category, or all reports in the graffiti category. Various design improvements have been made, including the showing of the report on a questionnaire page and the email confirmation pages, and we’ve added a nicer default OpenGraph image.

    Database performance has been improved in a number of areas, and the accessibility of the map pages has been improved.

    This release also fixes a number of small bugs, including translating report states in the admin index, dealing with DMARC email issues, and fixes for Google Maps API users.

    For developers, we’ve made it easier to run gettext-extract if you’re performing your own translations, removed some confusing warnings, finally removed the final few hardcoded “FixMyStreet” strings so it’s easy to rename your site, streamlined the navigation menu and list item CSS using a BEM style naming scheme so it is easy to change and override, and lastly fixed a long standing issue where errors were not always logged correctly.

    Plus quite a few other things; as always, see the full list of changes over on GitHub.

  • Version 1.6.1 31 July 2015

    Copenhagen trip

    We’ve released version 1.6.1 of FixMyStreet.

    This release fixes a bug introduced in the previous release when setting multiple areas for a body in the administration interface.

    It also includes improvements to the All Reports page, adding a fixed header and tooltips, and stops the sidebar running over the footer on alerts pages. The admin gets a variety of minor improvements, with better internal linking and a mark as sent button. Plus a Danish translation :)

    As ever, see the full list of changes over on GitHub.

  • Version 1.6 10 July 2015

    security

    We’ve released version 1.6 of FixMyStreet (previously numbered 1.5.5).

    This release includes important security fixes:

    • A vulnerability in login email sending that could allow an account to be hijacked by a third party;
    • Alterations to token logging in and timeout behaviour;
    • A dependency update to fix an issue with Unicode characters in passwords.

    More details on those items below. Other items in this release include a Chinese translation, a bug fix with shrunken update photos, and some front end improvements, such as a ‘hamburger’ menu icon and an easier Report button on mobile, and resized map pins based on zoom level.

    See the full list of changes over on GitHub.

    Security fixes

    Login email account hijacking: Due to the way parameters were passed into the token table in the database, it was possible for someone to request a login email for one email address, but have the login email sent to different address. This would allow a third party to log in as someone else, letting them make reports or updates as that person.

    The code has been rewritten so all user parameter passing goes through central functions that return only one parameter even if the user has passed multiple parameters. More details of this class of vulnerability.

    Email authentication tokens: Problem confirmation tokens had to be used within a month; this now applies to all confirmation tokens, and email sign in tokens are valid for a day. Using those tokens after confirmation will redirect correctly, but no longer log you in; links in alert emails will no longer log you in.

    Unicode characters in passwords: The package our code uses to encode database columns, DBIx::Class::EncodedColumn, could have issues with Unicode characters provided to it. This was fixed by upgrading the version we use.

  • Version 1.5.4 18 March 2015

    Female Yellow Warbler
    Female Yellow Warbler by Alan Vernon on Flickr

    We’ve released version 1.5.4 of FixMyStreet.

    This includes a couple of new map layers, Bing Maps and Stamen’s toner-lite, and nicer confirmation pages for after you’ve made a report or update, along with other smaller improvements and bug fixes. See the full list of changes over on GitHub.

    For developers, it includes a few small improvements, to do with Mac installation, making some things optional, and including a new configuration variable for if you’re running behind an SSL proxy. We’ve also added some test URLs so that you can view confirmation pages without having to leave a new report or update, e.g. see it in action on fixmystreet.com: https://www.fixmystreet.com/P/_test_.

    As always, do ask on the mailing list if you’d like more information on any of the above, or submit an issue or pull request on GitHub.

  • Version 1.5 20 November 2014

    Resting Tahr 2
    Resting Tahr by Jason Armstrong on Flickr

    We’ve released version 1.5 of FixMyStreet. This version fully supports the new Long Term Support (LTS) version of Ubuntu, Trusty Tahr 14.04 (the code did already run fine on Ubuntu Trusty if you set it up manually, but now the install script will work and a few other bits have been tidied).

    This release comes with a few improvements to the admin interface, including pagination of search results, validation of new categories, and some display enhancements.

    We’ve moved the map sidebar to be flush with the window edge, which we think is simpler and easier on the eye, and we’ve continued making the template structure easier to change and override.

    We’ve also fixed some bugs, such as map submission not working with JavaScript disabled or unavailable. As another example, we had a report of the Android browser crashing when showing a map page, which we tracked down to the slightly transparent map navigation controls – crashing wasn’t worth this, so now on mobile they’re fully opaque.

    From Transifex we’ve added four new languages (as well as updating the existing ones): Albanian, Bulgarian, Hebrew, and Ukranian.

    See the full changes over on GitHub.

    As always, do ask on the mailing list if you’d like more information on any of the above, or submit an issue or pull request on GitHub.

  • Version 1.4.2 15 July 2014

    Bicycle Rack
    Bicycle Rack by Theen Moy on Flickr

    We’ve released version 1.4.2, a maintenance release, but also with a couple of new features. The main reason for this release was to fix a couple of issues with the installation script, which are hopefully now resolved. It also upgrades our bundled copy of cpanm (to cope better when an external module website is down), tidies up the template structure, copes with browser autofill on the /auth sign in page, and adds links from the All Reports page to a body’s open or fixed reports.

    The main new feature is the addition of SMTP username/password and SSL/TLS options for your setup. You can read about the new options on the configuration settings page

    See the full changes over on GitHub at https://github.com/mysociety/fixmystreet/releases.

    As always, do ask on the mailing list if you’d like more information on any of the above, or submit an issue or pull request on GitHub.

  • Version 1.4 23 May 2014

    Yellow
    Yellow by RozSheffield on Flickr

    Say hello to version 1.4 of FixMyStreet. As usual, the install script and AMI have both been updated to this version.

    Hopefully this release will run more smoothly on EC2 micro instances, with some cron rejigging to alleviate memory problems.

    There have been a few minor user-facing improvements, such as automatically selecting the reporting category if there’s only one choice, and removing the indenting of emails; some bug fixes, including changes for the new version of Debian, a problem with language setting in email alerts, and removal of cached photos; and a number of improvements for people reusing the code, including a no-op send method, having reports on staging sites be sent to the reporter, adding an external URL field to bodies, and making it easier to change the pin icons.

    See the full changes over on GitHub at https://github.com/mysociety/fixmystreet/releases.

    Thanks to Andy Lulham, Chris Mytton, Dave Arter, Dave Whiteland, Gerald, Hakim Cassimally, Ian Chard, Jon Kristensen, Jonas Oberg, Kindrat, Matthew Somerville, Rikard, Steven Day, and Struan Donald for contributing to this release.

    As always, do ask on the mailing list if you’d like more information on any of the above, or submit an issue or pull request on GitHub.

  • Version 1.3 25 November 2013

    Yosemite tunnel tonemapped in qtpfsgui

    Version 1.3 of FixMyStreet is now out :-) The install script and AMI are both updated to this version.

    I realise I haven’t posted here with each point release during version 1.2, sorry. You can see the changes in each release here on GitHub at https://github.com/mysociety/fixmystreet/releases and below is a list of all the main things that have changed since version 1.2 (* means new since the last version, 1.2.6, if you were keeping track):

    • OpenLayers upgraded to 2.13.1, giving e.g. animated zooming
    • A fully functional Google Maps layer via OpenLayers
    • * If you only specify one cobrand in the configuration file, the site will always use it, rather than only if your hostname also matches. This is probably what you would expect to happen!
    • * A contact can be given multiple email addresses
    • * A body can be marked as deleted, and then it will not be used by the front end at all
    • The admin interface has had a lot of inline documentation, hints and notices added, along with a page showing the site’s current configuration
    • * The admin interface has some feature additions from coding volunteers, such as a date picker on the stats page thanks to Andrew Black, and searching by external ID thanks to Andy Lulham
    • We’ve added an example Vagrantfile and improved the install scripts
    • * The test suite should now run regardless of the contents of your configuration file
    • Translation improvements - some better wording of strings, some missed or UK-only URLs/translations (thanks Jonas and Rikard), and a fix for the long-standing issue where multiline strings were not being translated (hooray)
    • * Bug fixes, most notably sometimes when changing report state in the admin interface, and an issue with the bottom navbar in Chrome (which we’ve reported to the Chromium project)

    As always, do ask on the mailing list if you’d like more information on any of the above, or submit an issue or pull request on GitHub.

  • Version 1.2 3 May 2013

    broken lamp post

    Today we’re releasing version 1.2 of the FixMyStreet platform. The AMI has been updated and the install script will automatically now install this version.

    The main items in this release are things prompted by requests on our mailing list :-)

    • Postfix is now installed as part of the install script, or in the AMI. This means email should work out of the box. For anyone already installed, you can run the commands in the GitHub ticket.

    • A new configuration option MAPIT_ID_WHITELIST has been added, to restrict usage to the IDs specified, if given. This means Claudio, who emailed last week, could have [ 239540 ] as his MAPIT_ID_WHITELIST, and then reports could only be made within the Marche region of Italy. We already use this new option ourselves on https://www.zueriwieneu.ch/ where before it was hard-coded in the code.

    • Other things include being able to zoom in further on OSM maps, and HTML pages are now being gzipped.

    Lastly, as you can see this site has had a redesign to make it more friendly, and we’ve added some more documentation about e.g. updating an AMI instance to a newer version. If there’s anything unclear, please do ask on the mailing list or submit an issue or pull request on GitHub.

  • Version 1.1 - Bodies 22 February 2013

    Big Beautiful Face Statue in Tenerife by epSos.de

    Today we’re releasing version 1.1 of the FixMyStreet platform. The AMI has been updated and the install script will automatically now install this version.

    The main change since version 1.0 is the addition of bodies. Historically, FixMyStreet has assumed that the administrative areas that are returned from MapIt are the same thing as the bodies to which the reports will be sent. This has led over time to a number of workarounds when this hasn’t been the case, either in manual code changes in FixMyStreet or by adding new types to a MapIt install, and dealing with it in that way.

    We have updated the code so that FixMyStreet holds its own records of bodies to which reports can be sent, and the MapIt area – or areas – that they cover. This is conceptually much clearer, as well as making it much easier to have a body covering multiple areas, an area with multiple bodies, or a combination.

    Smaller functional changes in this release include admin improvements (it now looks like the front end site, and has add a number of other additions), and a couple of new configuration variables, DO_NOT_REPLY_EMAIL and SEND_REPORTS_ON_STAGING, to make debugging a little easier, along with a --debug option to send-reports. Also, we found on the mailing list a couple of times that people ran into trouble because their MapIt had debug turned on, and FixMyStreet didn’t cope well with the debug output MapIt included in its responses. This has now been fixed.

    Many others of the commits in the past few months have been for various installations of the codebase, from the forthcoming FixMyBarangay in the Philippines to local UK council installs such as Oxfordshire or Bromley. These have in many cases led to small improvements and bugfixes to the central codebase, which can then be used by any reusers of the code.

    Lastly, all the strings in the JavaScript are now translatable, along with a few other strings that had previously been missed; do let us know if you find any other strings that can’t be translated and we’ll look into it.