# Changelog for diohsc This file covers only non-trivial user-visible changes; see the git log for full gory details. # 0.1.14 * Run $EDITOR on input/query ending with backslash * Strip all control characters (including ANSI formatting) outside preformatted blocks # 0.1.13 * Set CLIENT_CERT and CLIENT_KEY environment variables when invoking external commands * Improve wrapping of lines with words longer than the screen width # 0.1.12 * SECURITY FIX: Restrict TOFU-trust of a certificate to a single service. Previous behaviour could be exploited for a MitM attack, by convincing the user to accept a certificate for one host, then using it in a MitM for another host. * Immediately run commands entered in pager mode * Wrap title lines * Tell user if a certificate has been temporarily trusted before # 0.1.11 * Drop targets of "log" from queues * Preserve history when using relative links (e.g. "2?foo") * Document backslash escapes in query # 0.1.10 * Allow pre-fetched items in queue, with new "fetch" command to add them * Add named queues, e.g. foo~ * Implement notation for (n-from) last element of a list, e.g. _$, _$2, _5-$2 * Run default action on a history item when going to it, e.g. with < * Don't shell-quote explicit '%s' arguments, only implicit final argument # 0.1.9 * Improve wrapping and paging with long words, wide chars, or thin terminals * Shell-quote arguments to 'browse' and '!' * Save uri with null last path segment under penultimate segment / hostname * Sort file:// directory listings # 0.1.8 * Use standard PEM/DER format for identities, allowing import/export * Optionally generate Ed25519 client certificates ("TARGET id NAME ed") * Require confirmation before following redirect into scope of identity * TOFU-trust by default even if there are V3 or NameMismatch errors # 0.1.7 * Handle ^C during streaming by truncating the stream * Always request when going to uris using an identity # 0.1.6.1 * Use canonical notBefore (00:00:00 1 Jan 1950) in client certs * Add --prompt option, enabling usual command prompt after -e/-f * Fix query escaping * Fix colouring of wrapped link descriptions being lost when paging * Fix --ghost not affecting queue loading # 0.1.6 * New command "query" for e.g. convenient use of search engines * Allow IRIs in user input (converted to URIs) * Implement SOCKS5 support (-S and -P options) * Fix bug triggered by /home being a symlink * Fix bug with connecting to literal IPv6 addresses # 0.1.5 * Align and wrap link lines; add option to print description first * Use reverse video in prompt for added visibility (thanks Ben) * Try all addresses when making connections (thanks rwv) * Improve behaviour in non-interactive mode; add --batch to enable it * Fix X.509 version and use dummy notAfter in generated client certificates * Fix bugs in wrapping and relative link display # 0.1.4 * Indicate links to cached history items * Retry with full handshake if session resume fails * Recommend trust for new certificate signed by previous certificate * Increase client cert validity to 50y * Make ghost mode even more spectral # 0.1.3 * Allow trusting certificates just for the current session * Don't require tail certificates to be v3 * Add uri of any request to log, even if request fails * Just show fingerprint of known cert rather than picture # 0.1.2 * Add @ target modifier for history root * Understand e.g. ~< * Suppress alt text by default * Fix: uri quoting for queries and file:// was incorrect * Fix: queue was not appended to on exit in non-interactive mode