Indico 3.2 released [v3.2.1]

We’re happy to announce the release of Indico 3.2!

:bulb: Blog Post

We published a blog post summarizing the most relevant changes for end users.

:trophy: Major Features

  • The registration form frontend has been completely rewritten using modern web technology.
  • Registrations can now have a retention period for the whole registration and individual fields, after which their data is permanently deleted.
  • The participant list of an event can now use consent to determine whether a participant should be displayed, and its visibility can be different for the general public and other registered participants.
  • An event can now have one or more privacy notices and it’s possible to set the name and contact information of the “Data controller” (useful where GDPR or similar legislation applies).

:flags: Internationalization

  • New translation: German

:tada: Improvements

  • Add a new event management permission that grants access only to the abstracts module (#5212)
  • Add a link to quickly view the current stylesheet on the conference layout customization page (#5239, #5259)
  • Add more powerful filters to “get next editable” and the list of editables (#5188, #5224, #5241)
  • Add the ability to create speaker-only menu entries for conferences (#5261, #5268)
  • Highlight changed fields in notification emails about modified registrations (#5265, #5269)
  • Add an option to send notifications of new abstract comments (#5266, #5284)
  • Badge/poster templates can have additional images besides the background image (#5273, thanks @SegiNyn)
  • Add ability to add alerts to iCal exports (#5318, #5320, thanks @PerilousApricot)
  • Show affiliations of submitters and authors in abstract/contribution lists and add an extra column with this information to Excel/CSV exports (#5330)
  • Add option to delete persons from the event if they have no roles or other ties to the event anymore (#5294, #5313)
  • Allow events to be favorited (#1662, #5338, thanks @Leats)
  • Include abstract content in CSV/Excel export if enabled in the abstract list (#5356, #5372, thanks @rppt)
  • Add the ability to include an optional static javascript file when defining custom conference themes from within a plugin (#5414, thanks @brittyazel)
  • Add option to make the ‘Affiliation’ and ‘Comment’ fields mandatory in the account request form (#4819, #5389, thanks @elsbethe)
  • Include tags in registrant API (#5441)
  • Subcontribution speakers can now be granted submission privileges in the event’s protection settings (#2363, #5444)
  • Registration forms can now require a CAPTCHA when the user is not logged in (#4698, #5400)
  • Account creation now requires a CAPTCHA by default to prevent spam account creation (#4698, #5446)
  • Add contribution’s program code to revision’s “Download ZIP” filename (#5449)
  • Add UI to manage series of events (#4048, #5436, thanks @Leats)
  • Event series can now specify a title pattern to use when cloning an event in the series (#5456)
  • Insert new categories into the correct position if the list is already sorted (#5455)
  • Images can now be uploaded by pasting or dropping them into the editor for minutes or the event description (#5458)
  • Add JSON export for contribution details (#5460)

:bug: Bugfixes

  • Fix selected state filters not showing up as selected in abstract list customization (#5363)
  • Do not propose an impossible date/time in the Room Booking module when accessing it shortly before midnight (#5371)
  • Do not fail when viewing an abstract that has been reviewed in a track which has been deleted in the meantime (#5386)
  • Fix error when editing a room’s nonbookable periods (#5390)
  • Fix incorrect access check when directly accessing a registration form (#5406)
  • Fix error in rate limiter when using Redis with a UNIX socket connection (#5391)
  • Ensure that submitters with contribution edit privileges can only edit basic fields (#5425)
  • Do not return the whole contribution list when editing a contribution from elsewhere (#5425)
  • Fix session blocks not being sorted properly in a timetable PDF export when they have the same start time (#5426)
  • Fix printing badges containing text elements with malformed HTML (#5437, thanks @OmeGak)
  • Fix misleading start and end times for Poster contributions in the timetable HTTP API and the contributions placeholder in emails (#5443)
  • Do not mark persons as registered if the registration form has been deleted (#5448)
  • Fix error when a room owner who is not an admin edits their room (#5457)

:wrench: Internal Changes

  • Add new regform-container-attrs template hook to pass additional (data-)attributes to the React registration form containers (#5271)
  • Add support for JavaScript plugin hooks to register objects or react components for use by JS code that’s in the core (#5271)
  • Plugins can now define custom registration form fields (#5282)
  • Add EMAIL_BACKEND configuration variable to support different email sending backends e.g. during development (#5375, #5376, thanks @Moist-Cat)
  • Make model attrs to clone interceptable by plugins (#5403, thanks @OmeGak)
  • Add signal_query method in the IndicoBaseQuery class and the db_query signal, allowing to intercept and modify queries by signal handlers (#4981, thanks @OmeGak).
  • Update WYSIWYG editor to CKEditor 5, resulting in a slightly different look for the editor controls and removal of some uncommon format options (#5345)

:snake: Python 3.10 supported

Indico 3.2 supports both Python 3.9 and 3.10


We have released v3.2.1 which contains some bugfixes, improvements and a minor security fix.

:warning: Security fixes

Note: We do not think that Indico is affected by those vulnerabilities as it does not use the cryptography library itself, and the dependency that uses it is only used during SSO (OAuth) logins and most likely in a way that is not vulnerable. It is nonetheless recommended to update as soon as possible.

:flags: Internationalization

:tada: Improvements

  • Enable better image linking UI in CKEditor (#5492)
  • Restore the “fullscreen view” option in CKEditor (#5505)
  • Display & enforce judging deadline (#5506)
  • Add a setting to disable entering persons in person link fields manually (#5499)
  • Allow taking minutes in markdown (#3386, #5500, thanks @Leats)
  • Add setting to preselect “Include users with no Indico account” when adding authors/speakers (#5553)
  • Include event label in email reminders (#5554, #5556, thanks @OmeGak)
  • Include emails of submitters, speakers and authors in abstract/contribution Excel/CSV exports (#5565)

:bug: Bugfixes

  • Fix meeting minutes being shown when they are expected to be hidden (#5475)
  • Force default locale when generating Book of Abstracts (#5477)
  • Fix width and height calculation when printing badges (#5479)
  • Parse escaped quotes (") in ckeditor output correctly (#5487)
  • Fix entering room name if room booking is enabled but has no locations (#5495)
  • Fix privacy information dropdown not opening on Safari (#5507)
  • Only let explicitly assigned reviewers review papers (#5527)
  • Never count participants from a registration forms with a fully hidden participant list for the total count on the participant page (#5532)
  • Fix “Session Legend” not working in all-days timetable view (#5539)
  • Fix exporting unlisted events via API (#5555)

:wrench: Internal Changes

  • Require at least Postgres 13 during new installations. This check can be forced on older Postgres versions (11+ should work), but we make no guarantees that nothing is broken (the latest version we test with is 12) (#5503)
  • Refactor service request email generation so plugins can override sender and reply-to addresses for these emails (#5501)
  • Deleting a session no longer leaves orphaned session blocks (#5533, thanks @OmeGak)
  • Indicate in the registration_deleted signal whether it’s a permanent deletion from the database or just a soft-deletion (#5559)