Mercurial Mercurial > enmi-conf.org / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
wp/wp-content/plugins/include-mastodon-feed/readme.txt
changeset 23 417f20492bf7
parent 21 48c4eec2b7e6 
--- a/wp/wp-content/plugins/include-mastodon-feed/readme.txt	Fri Sep 05 18:52:52 2025 +0200
+++ b/wp/wp-content/plugins/include-mastodon-feed/readme.txt	Mon Sep 08 19:44:41 2025 +0200
@@ -3,10 +3,10 @@
 Donate link: https://www.buymeacoffee.com/w101
 Tags: mastodon, status, feed
 Requires at least: 6.0
-Tested up to: 6.5
+Tested up to: 6.8
 Requires PHP: 7.4
-Stable tag: 1.9.4
-License: Expat License
+Stable tag: 1.13.1
+License: MIT
 License URI: https://directory.fsf.org/wiki/License:Expat
 
 Plugin that provides a shortcode to easily integrate mastodon feeds into wordpress pages.
@@ -14,6 +14,8 @@
 == Description ==
 Plugin that provides an `[include-mastodon-feed]` shortcode to easily integrate mastodon feeds into wordpress pages. Supports personal and tag feeds.
 
+Account and post images are lazy loaded if preserveImageAspectRatio is set to true (default: false).
+
 The plugin is written in PHP and generates native JavaScript to fetch and render the mastodon feed. No special libraries needed.
 
 == Installation ==
@@ -26,15 +28,15 @@
 `[include-mastodon-feed instance="YOUR-INSTANCE" account="YOUR-ACCOUNT-ID"]`
 
 = Shortcode attributes =
+* **instance** (required)
+Domain name of the instance without https:// (e.g. example.org)
+
 * **account** (required)
 The account ID (a long number - see FAQ on how to get it)
 
 * **tag**
 Use **tag** instead of **account** if you want to embed a tag feed instead of a personal feed
 
-* **instance** (required)
-Domain name of the instance without https:// (e.g. example.org)
-
 * **limit**
 Maximum number of statuses (Default: 20)
 
@@ -56,6 +58,12 @@
 * **preserveImageAspectRatio**
 Preserve image aspect ratio (Default: false)
 
+* **imageSize**
+Load small sized preview images or full size high quality images (Default: preview, full)
+
+* **imageLink**
+Link image to status or image (Default: status, image)
+
 * **tagged**
 Show only statuses that are tagged with given tag name (Default: false)
 No leading #, case insensitive, e.g.: tagged="tagname"
@@ -102,12 +110,10 @@
 * **date-locale**
 Locale for date string, used in toLocaleString() (Default: en-US)
 
-* **date-options**
-Format options directly fed into toLocaleString() (Default: {})
 
 = Additional customizations =
 
-You can define several plugin constants to set custom default options that will be applied site-wide.
+You can define several plugin constants to set custom default options that will be applied site-wide (e.g. date options can only be set as php constant to mitigate an XSS vulnerability).
 
 1. Open your `wp-config.php` file
 2. Search for the line `/* Add any custom values between this line and the "stop editing" line. */`
@@ -148,6 +154,58 @@
 
 == Changelog ==
 
+= 1.13.1 =
+* fix: removed unnecessary, broken aria-label functionality
+
+= 1.13 =
+Special release for Global Accessibility Awareness Day
+in collaboration with @oldrup@mastodon.green
+
+Happy [Accesssibility Day](https://accessibility.day)
+
+* accessibility (fix): image alt attributes - initial implementation was faulty
+* accessibility: added alt text to image / gifv attachments
+* accessibility: added alt text to avatar images
+* accessibility: added alt text to preview card media
+* accessibility: added descriptive aria-labels
+* accessibility: increased default text / background color contrast
+* accessibility: switched from DIV to semantic OL / LI structure
+
+= 1.12 =
+* accessibility: added image alt attribute (thank you @oldrup@mastodon.green)
+
+= 1.11 =
+* now favoring preview_url (smaler size) instead of remote_url (full size) for image previews (thank you @oldrup@mastodon.green)
+
+= 1.10 =
+* added image lazy loading for account and post images - post image lazy loading only works with preserveImageAspectRatio set to true (thank you @oldrup@mastodon.green)
+
+= 1.9.11 =
+* fixed typo (thank you @hjek)
+* cleaned up code after 1.9.10 release
+
+= 1.9.10 =
+* fixed XSS vulnerability: removed support for date-options as shortcode attribute completely - to mitigate an XSS vulnerability where authenticated attackers with contributor permission could insert malicious JavaScript (still can be set as constant in PHP code)
+
+= 1.9.9 =
+* fixed esc_url context that previously broke the URL for the Mastodon API JS ajax request (thank you @beach@illo.social)
+
+= 1.9.8 =
+* fix broken date-locale and date-options parameters (thank you @crusy@chaos.social)
+* improved string excaping for text parameters and added url escaping
+* removed unnecessary output buffering
+* fix license SPDX Identifier
+
+= 1.9.7 =
+* fix option to either display smaller image media attachment previews (default) or large image versions (thank you @beach@illo.social)
+
+= 1.9.6 =
+* fixed XSS vulnerability where authenticated attackers with contributor permissions could insert malicious JavaScript
+
+= 1.9.5 =
+* added option to either display smaller image media attachment previews (default) or large image versions (thank you @beach@illo.social)
+* added option to point image media attachment links to either status (default) or image
+
 = 1.9.4 =
 * added option to hide status meta information and date/time (thank you @PaulKingtiger@dice.camp)
 * added tag support - you can now embed tag feeds (thank you @martin@openedtech.social)
enmi-conf.org