Version 4.1

• Added information on tutoring to the education page.
• Added overview for similar courses.
• Added links to directly submit/search infima on the Supremum website.
• Added fail-safe for manually assigned roles to let them automatically expire.
• Added proper Markdown support to Activity, NewsItem, and OrganInformation.
• Added highlights to search terms in the results of a decision search.
• Added functionality to assist with GDPR data subject requests.
• Improved searching for specific meetings by allowing the English initialism of the meetings.
• Improved course document display by separating exams & summaries and ordering by date.
• Improved wording on the privacy widget to prevent confusing analytics with tracking.
• Improved activity creation form by moving it to the more spacious administration section of the website.
• Improved activity overview page by not removing structure and simple styling from descriptions.
• Improved activity sign-up process.
• Improved separation of concerns by splitting board and admin privileges.
• Removed links to education pages that are behind a login.
• Fixed issue where cropping images resulted in an incorrect aspect ratio.
• Fixed issue where requesting an infimum around midnight resulted in an exception.
• Fixed issue where the sign-up overview was not responsive on mobiles.
• Fixed issue where activities did not appear in the news section of the front page.
• Fixed issue where injection of HTML in activity descriptions was possible.
• Fixed issue where existing custom pages had URLs longer than the limit.

Version 4.0.2

• Fixed issue where decisions removed in GEWISDB were not removed during synchronisation.

Version 4.0.1

• Added the option to mark a sign-up list field as sensitive. Sensitive fields are only viewable by the organiser or the board.
• Added tooltip to meeting documents to show when the meeting document was uploaded.
• Improved activity admin approval view by preserving structure of activity descriptions.
• Improved sign-up form by adding asterisks to denote required fields.
• Fixed issue where the navbar was grey instead of GEWIS red.
• Fixed issue where it was possible to use special path characters for custom routes.
• Fixed issue where sub-albums did not display the 'NEW' tag if they were recently created.
• Fixed issue where photos in the admin album overview would not load.
• Fixed issue where the 'Text' sign-up list field was never validated when signing up.
• Fixed issue where activities that were not yet approved could be viewed by everyone.

Version 4.0

• Added notice for administrators to warn them about their powers.
• Added history of board positions to member profiles of board members.
• Added option to mark course documents as scanned to improve quality of watermarked PDF.
• Added option for organisers of activities to view sign-up list details up to a month after the activity ended.
• Added more detailed suggestions to failed searches to help with getting results.
• Added notice to polls to prevent personal data from appearing in polls.
• Added horizontal watermark to course documents to help with automatic OCR detection.
• Added button to historical poll overview to go to the current poll.
• Added language aware router for localised URLs (e.g. gewis.nl/en/).
• Added localisable routes to custom pages.
• Changed how historical polls are displayed and interacted with.
• Changed coding standard to catch issues before they make it to production.
• Changed map provider for photo locations from Google Maps to OpenStreetMap.
• Changed how translations are compiled.
• Changed localisation of polls.
• Changed validation of poll questions to always require them to end with a question mark.
• Improved support for password managers to autofill and change passwords.
• Improved diff display for proposed updates to activities and vacancies.
• Improved selecting required viewing privileges for custom pages by exchanging the text field with a list.
• Improved consistency of page headings for custom pages.
• Improved synchronisation script for GEWISDB by replacing not dropping all data at once.
• Improved layout of album overview when albums have long titles.
• Fixed issue where long poll options were not split across multiple lines.
• Fixed issue where it was not possible to update a JobCategory.
• Fixed issue where poll question was not shown on the frontpage.
• Fixed issue where renaming a MeetingDocument would redirect away from the current page.
• Fixed issue where it was not possible to unsubscribe from an activity.
• Fixed issue where organ functions where displayed for the wrong organ due to incorrect deduplication and ordering of organ hashes.
• Fixed issue where e-mails with a Reply-To with special characters resulted in an exception.
• Fixed issue where MariaDB healthcheck did no longer work.
• Fixed issue where birthdays of expired memberships/graduate statuses were shown on July 1.
• Fixed issue where it was not possible to view activity update proposals when the organiser was removed in the update.
• Fixed issue where it was possible to approve activity update proposals without having the proper privileges.
• Fixed issue where it was possible to comment on old or unapproved polls.
• Fixed issue where certain sign-up list fields would not show when selected.
• Fixed issue where errors in the synchronisation script for GEWISDB could result in (temporary) loss of data.
• Fixed issue where it was not possible to close a dropdown that was open by default on mobile devices.
• Fixed issue where (un)collapsing the main navbar would also (un)collapse the admin navbar.
• Updated dependencies.

Version 3.0.5

• Changed text under active polls on the frontpage to be more descriptive.
• Removed notices regarding the changed password requirements.
• Fixed issue where adding spaces around poll content (e.g., comments) would circumvent length checks.

Version 3.0.4

• Added bylaws and internal regulations to list of policies on the members page.
• Fixed issue where uploading a meeting document for a specific meeting would be uploaded to another meeting.

Version 3.0.3

• Added sender and recipient names to e-mails.
• Fixed issue where keyholders were not correctly synced.
• Fixed issue where the 90-day reminder logic was inverted preventing external authentication.
• Fixed issue where the approver of an activity would be lost preventing being able to reset the approval status of the activity.
• Fixed issue where e-mails would not be sent if the recipient's name contains unicode characters.

Version 3.0.2

• Added support for keyholders.
• Added base-uri to Content Security Policy to prevent hijacking of relative URLs.
• Changed website title from GEWIS Website to Study Association GEWIS (Studievereniging GEWIS when Dutch is selected as language).
• Changed sender of e-mails to Study Association GEWIS.
• Removed unused photo_guest role.
• Fixed issue where viewing retired fraternities could result in an error in certain cases.
• Fixed issue where going to an external application would fail if the 90-day reminder dialog was shown.

Version 3.0.1

• Changed title of the "My Information"-page to prevent being able to track users through collected analytics.
• Changed login form validation messages to prevent account enumeration attacks.
• Changed login form redirects to prevent open redirects.
• Fixed issue where graduates could be incorrectly assigned active_member privileges.

Version 3.0

• Added support for marking sign-up lists as having limited capacity.
• Added support for adding a representative to a company (this is different from a company contact).
• Added CompanyUsers (i.e. representatives) that can manage company profiles.
• Added the GEWIS Career Platform where company representatives can log in to manage their company.
• Added support for company representatives to propose new jobs in the company's job package(s).
• Added support for company representatives to propose updates to existing jobs in the company's job package(s).
• Added support for company representatives to transfer jobs from expired job packages to non-expired job packages.
• Added support for company representatives to delete jobs.
• Added elementary support for company representatives to update their company's profile.
• Added the option to add a contract number to company packages.
• Added an approval queue for company profile and job (update) proposals.
• Added support for approving or rejecting job proposals (rejections may include a message that is shown to the company representative).
• Added support for applying or cancelling job update proposals (cancellations may include a message that is shown to the company representative).
• Added checks for passwords against the GEWIS-hosted version of Pwned Passwords. If a password is leaked in a public data breach, the user must reset their password before they can log in. When (re)setting passwords, this check is also performed and "pwned" passwords cannot be used.
• Added the Alcohol Policy to publicly available policies.
• Added timestamps to SignUps to track when people signed up to a sign-up list.
• Added support for searching for specific decisions.
• Added timestamps to Albums to add a "NEW"-tag to recently uploaded albums.
• Added support for recording when a user has changed their password, this is used to see which users comply with new password requirements.
• Added support for renaming MeetingDocuments after being uploaded.
• Added timestamps to MeetingDocuments and MeetingMinutes to track when they are uploaded.
• Changed AV to ALV to adhere to the terminology from the bylaws.
• Changed the minimum required length of passwords to 12 for Users.
• Changed the career admin to move job categories and labels to separate sections, leaving more space to interact with companies.
• Changed most of the e-mail templates to use the new e-mail template from Stijl.
• Changed the default state of new jobs to be published (when approved).
• Changed the agreement text when subscribing to an activity to include the Alcohol Policy in accordance with changes to the Activity Policy.
• Changed the maximum number of decisions returned when searching to 100 (from 50).
• Changed how decisions are displayed after searching or on meeting pages to improve readability.
• Changed the default duration of activation and password reset links to 24h (from ∞).
• Changed the default cookie SameSite directive to Lax.
• Improved several translations.
• Upgraded to PHP 8.2.
• Fixed issue where exams and summaries would still be inaccessible from the university's NAT'd Wi-Fi network.
• Fixed issue where the Content Security Policy was too lenient on what content was allowed.
• Fixed issue where cookies where incorrectly shared with sub-domains.
• Fixed issue where the privacy widget could appear after it was already dismissed.
• Fixed issue where a (limited) SQL injection was possible through the decision search field.
• Fixed issue where searching for decisions using only a meeting number would not return any decisions.
• Fixed issue where form validation on the login form was not applied.
• Fixed issue where proposing an update to an activity could silently fail.
• Fixed issue where selecting a meeting that shares its meeting number with another meeting of another type would prevent uploads of MeetingDocuments.
• Fixed issue where deleted, expired, or hidden members could still request a password reset.
• Updated dependencies.