• Fixed a regression in the puppet configuration for S3 upload backend
  introduced in 2.0.1.
• Fixed a too-fast fade for "Saved" in organization settings.
• Fixed a white flash when loading a browser in night mode.
• Fixed a few bugs in new LDAP synchronization features.
• Fixed a buggy validator for custom stream colors.
• Fixed a confusing "Subscribe" button appearing for guest users.
• Updated translations, including a new Italian translation.

2.0.1 -- 2019-03-04

• Fixed handling of uploaded file routing on Ubuntu Trusty.
• Fixed buggy behavior of branding logos in night theme.
• Fixed handling of deployment directories being owned by root.
• The styling of "unavailable" status icons is now less prominent.
• The "deactivated realm" error page now auto-refreshes, to handle
  realm reactivation.
• Updated documentation to avoid recommending realm deactivation as
  a preferred approach to prepare for backups.
• Added support for using multiple organizations with same LDAP
  backend configuration.

This release is primarily intended to improve the experience for new
Zulip installations; it has minimal changes for existing servers.

• Added support for getting multi-domain certificates with setup-certbot.
• Improved various installer error messages and sections of the
  installation documentation to help avoid for common mistakes.
• The Google auth integration now always offers an account chooser.
• Fixed buggy handling of avatars in Slack import.
• Fixed nginx configuration for mobile API authentication to access uploads.
• Updated translation data, including significant new Italian strings.

1.9.0 -- 2018-11-07

Highlights:

• Support for Ubuntu bionic and Debian stretch (our first non-Ubuntu
  platform!). We expect to deprecate support for installing a new
  Zulip server on Ubuntu Trusty in the coming months, in preparation
  for Trusty’s end-of-life in April 2019.
• New data import tools for HipChat and Gitter. The Slack importer
  is now out of beta.
• Zulip Python process startup time is about 30% faster; this effort
  resulted in upstream contributions to fix significant performance
  bugs in django-bitfield, libthumbor, and pika.
• You can now configure custom (organization-specific) fields for user
  profiles; Zulip can now serve as your organization’s employee
  directory.
• Zulip now supports using Google Hangouts instead of Jitsi as the
  video chat provider.
• Users can now configure email and mobile push notifications for
  all messages in a stream (useful for low-traffic
  streams/organizations), not just for messages mentioning them.
• New stream settings
  control whether private stream subscribers can access history
  from before they joined, and allow configuring streams to only
  allow administrators to post.
• Zulip now has experimental support for guest users (intended
  for use cases like contractors who the organization only wants
  to have access to a few streams).
• New native integrations for Ansible Tower, Appveyor, Clubhouse,
  Netlify, and Zabbix; Zulip now has over 100 native integrations (in
  addition to hundreds more available via Zapier and IFTTT).
• New translations for Ukrainian, Portuguese, Indonesian, Dutch, and
  Finnish. Zulip now has complete or nearly-complete translations
  for German, Spanish, French, Portuguese, Russian, Ukrainian,
  Czech, Finnish, and Turkish. Partial translations for Chinese,
  Dutch, Korean, Polish, Japanese, and Indonesian cover the majority
  of the total strings in the project.

Upgrade notes:

• Zulip 1.9 contains a significant database migration that can take
  several minutes to run. The upgrade process automatically minimizes
  disruption by running this migration first, before beginning the
  user-facing downtime. However, if you'd like to watch the downtime
  phase of the upgrade closely, we recommend
  running them first manually
  and as well as the usual trick of
  doing an apt upgrade first.

Full feature changelog:

• Added an organization setting for message deletion time limits.
• Added an organization setting to control who can edit topics.
• Added ctrl+K keyboard shortcut for getting to search (same as /, but
  works even when you're inside compose).
• Renamed the hotkey for starring a message to Ctrl+S.
• Added the new SOCIAL_AUTH_SUBDOMAIN setting, which all servers using
  both GitHub authentication and hosting multiple Zulip organizations
  should set (see the docs for details).
• Added automatic thumbnailing of images, powered by thumbor. The new
  THUMBOR_URL setting controls this feature; it is disabled by default
  in this release, because the mobile apps don't support it yet.
• Added documentation on alternative production deployment options.
• Added Gitter and HipChat data import tools.
• Added support for using both LDAPAuthBackend and EmailAuthBackend.
• Added support for rendering message content written in right-to-left
  languages in a right-to-left style.
• Added support for compose keyboard shortcuts in message edit UI.
• Added a fast database index supporting the "Private messages" narrow.
• Added a notification setting for whether to send "new login" emails.
• Dramatically expanded our API documentation to cover many more endpoints.
• Optimized the performance of loading Zulip in an organization with
  thousands of users and hundreds of bot users.
• Optimized production release tarballs to save about 40MB of size.
• Dropped support for the EmojiOne and Apple emoji sets, and added
  support for the Google modern emoji set.
• Removed the "Delete streams" administration page; one can delete
  streams directly on "Manage streams".
• Removed support code for the (long-deprecated) legacy desktop app.
• Fixed several bugs with progress bars when uploading files.
• Fixed several bugs in manage.py register_server.
• Fixed several minor real-time sync issues with stream settings.
• Fixed some tricky corner cases with the webapp's caching model and
  narrowing to the first unread message.
• Fixed confusing intermediate states of group PMs online indicators.
• Fixed several subtle unread count corner case bugs.
• Fixed several installer issues to make it easier to Dockerize Zulip.
• Fixed several subtle issues with both the LDAP/Active Direcotry
  integration and its documentation, making it much easier to setup.
• Fixed several minor bugs and otherwise optimized search typeahead.
• Fixed a bad nginx configuration interaction with servers that have
  misconfigured IPv6.
• Fixed most of the caveats on the Slack data import tool.
• Fixed memcached cache size issues for organizations over 10,000 users.
• Zulip's data export system has full support for all features, and
  tests to ensure that it stays that way.
• Rewrote user documentation for dozens of integrations.
• Rewrote the GitHub authentication backend (and more generally our
  python-social-auth integration) to make it easier to add new auth methods.
• Upgraded to modern versions of most of our stale dependencies.
• Updated our CSS toolchain to support hot module reloading.
• Updated numerous pages within the /help/ site.
• We no longer require re-authing to signup after trying to login with
  an OAuth authentication backend (GitHub or Google).
• Made major improvements to the Help Center.
• Improved system for configuring the S3 file uploads backend.
• Improved emoji typeahead sorting.
• Improved Zulip's layout for windows with a width around 1024px.
• Improved Zulip's generic error handling behavior for webhooks.
• Improved keyboard navigation of settings and popovers.
• Renamed "Realm Filters" to "Linkifiers", at least in the UI.
• Converted several layered-checkbox settings to clearer dropdowns.
• Cleaned up some legacy APIs still using email addresses.
• Made arrow-key navigation work within right and left sidebar search.
• Fixed performance issues of the right sidebar user list with 5000+
  user accounts on a server.
• Emails and several other onboarding strings are now tagged for
  translation.
• Optimized the performance of importing Zulip by about 30%. This
  significantly decreases the load spike when restarting a Zulip server.
• Optimized the performance of development provisioning; a no-op
  provision now completes in about 3.5s.
• Migrated our static asset pipeline to webpack.
• Our steady work on codebase quality and our automated test suite
  continues. Backend test coverage is now an incredible 98%.

• Added an automated tool (manage.py register_server) to sign up for
  the mobile push notifications service.
• Improved rendering of block quotes in mobile push notifications.
• Improved some installer error messages.
• Fixed several minor bugs with the new Slack import feature.
• Fixed several visual bugs with the new compose input pills.
• Fixed several minor visual bugs with night mode.
• Fixed bug with visual clipping of "g" in the left sidebar.
• Fixed an issue with the LDAP backend users' Organization Unit (OU)
  being cached, resulting in trouble logging in after a user was moved
  between OUs.
• Fixed a couple subtle bugs with muting.

1.8.0 -- 2018-04-17

Highlights:

• Dramatically simplified the server installation process; it's now possible
  to install Zulip without first setting up outgoing email.
• Added experimental support for importing an organization's history
  from Slack.
• Added a new "night mode" theme for dark environments.
• Added a video call integration powered by Jitsi.
• Lots of visual polish improvements.
• Countless small bugfixes both in the backend and the UI.

Security and privacy:

• Several important security fixes since 1.7.0, which were released
  already in 1.7.1 and 1.7.2.
• The security model for private streams has changed. Now
  organization administrators can remove users, edit descriptions, and
  rename private streams they are not subscribed to. See Zulip's
  security model documentation for details.
• On Xenial, the local uploads backend now does the same security
  checks that the S3 backend did before serving files to users.
  Ubuntu Trusty's version of nginx is too old to support this and so
  the legacy model is the default; we recommend upgrading.
• Added an organization setting to limit creation of bots.
• Refactored the authentication backends codebase to be much easier to
  verify.
• Added a user setting to control whether email notifications include
  message content (or just the fact that there are new messages).

Visual and UI:

• Added a user setting to translate emoticons/smileys to emoji.
• Added a user setting to choose the emoji set used in Zulip: Google,
  Twitter, Apple, or Emoji One.
• Expanded setting for displaying emoji as text to cover all display
  settings (previously only affected reactions).
• Overhauled our settings system to eliminate the old "save changes"
  button system.
• Redesigned the "uploaded files" UI.
• Redesigned the "account settings" UI.
• Redesigned error pages for the various email confirmation flows.
• Our emoji now display at full resolution on retina displays.
• Improved placement of text when inserting emoji via picker.
• Improved the descriptions and UI for many settings.
• Improved visual design of the help center (/help/).

Core chat experience:

• Added support for mentioning groups of users.
• Added a setting to allow users to delete their messages.
• Added support for uploading files in the message-edit UI.
• Redesigned the compose are for private messages to use pretty pills
  rather than raw email addresses to display recipients.
• Added new ctrl+B, ctrl+I, ctrl+L compose shortcuts for inserting
  common syntax.
• Added warning when linking to a private stream via typeahead.
• Added support for automatically-numbered markdown lists.
• Added a big warning when posting to #announce.
• Added a notification when drafts are saved, to make them more
  discoverable.
• Added a fast local echo to emoji reactions.
• Messages containing just a link to an image (or an uploaded image)
  now don't clutter the feed with the URL: we just display the image.
• Redesigned the API for emoji reactions to support the full range of
  how emoji reactions are used.
• Fixed most of the known (mostly obscure) bugs in how messages are
  formatted in Zulip.
• Fixed "more topics" to correctly display all historical topics for
  public streams, even though from before a user subscribed.
• Added a menu item to mark all messages as read.
• Fixed image upload file pickers offering non-image files.
• Fixed some subtle bugs with full-text search and unicode.
• Fixed bugs in the "edit history" HTML rendering process.
• Fixed popovers being closed when new messages come in.
• Fixed unexpected code blocks when using the email mirror.
• Fixed clicking on links to a narrow opening a new window.
• Fixed several subtle bugs with the email gateway system.
• Fixed layering issues with mobile Safari.
• Fixed several obscure real-time synchronization bugs.
• Fixed handling of messages with a very large HTML rendering.
• Fixed several bugs around interacting with deactivated users.
• Fixed interaction bugs with unread counts and deleting messages.
• Fixed support for replacing deactivated custom emoji.
• Fixed scrolling downwards in narrows.
• Optimized how user avatar URLs are transmitted over the wire.
• Optimized message sending performance a bit more.
• Fixed a subtle and hard-to-reproduce bug that resulted in every
  message being condensed ([More] appearing on every message).
• Improved typeahead's handling of editing an already-completed mention.
• Improved syntax for inline LaTeX to be more convenient.
• Improved syntax for permanent links to streams in Zulip.
• Improved behavior of copy-pasting a large number of messages.
• Improved handling of browser undo in compose.
• Improved saved drafts system to garbage-collect old drafts and sort
  by last modification, not creation.
• Removed the legacy "Zulip labs" autoscroll_forever setting. It was
  enabled mostly by accident.
• Removed some long-deprecated markdown syntax for mentions.
• Added support for clicking on a mention to see a user's profile.
• Links to logged-in content in Zulip now take the user to the
  appropriate upload or view after a user logs in.
• Renamed "Home" to "All messages", to avoid users clicking on it too
  early in using Zulip.
• Added a user setting to control whether the organization's name is
  included in email subject lines.
• Fixed uploading user avatars encoded using the CMYK mode.

User accounts and invites:

• Added support for users in multiple realms having the same email.
• Added a display for whether the user is logged-in in logged-out
  pages.
• Added support for inviting a new user as an administrator.
• Added a new organization settings page for managing invites.
• Added rate-limiting on inviting users to join a realm (prevents spam).
• Added an organization setting to disable welcome emails to new users.
• Added an organization setting to ban disposable email addresses
  (I.e.. those from sites like mailinator.com).
• Improved the password reset flow to be less confusing if you don't
  have an account.
• Split the Notifications Stream setting in two settings, one for new
  users, the other for new streams.

Stream subscriptions and settings:

• Added traffic statistics (messages/week) to the "Manage streams" UI.
• Fixed numerous issues in the "stream settings" UI.
• Fixed numerous subtle bugs with the stream creation UI.
• Changes the URL scheme for stream narrows to encode the stream ID,
  so that they can be robust to streams being renamed. The change is
  backwards-compatible; existing narrow URLs still work.

API, bots, and integrations:

• Rewrote our API documentation to be much more friendly and
  expansive; it now covers most important endpoints, with nice examples.
• New integrations: ErrBot, GoCD, Google Code-In, Opbeat, Groove,
  Raygun, Insping, Dialogflow, Dropbox, Front, Intercom,
  Statuspage.io, Flock and Beeminder.
• Added support for embedded interactive bots.
• Added inline preview + player for Vimeo videos.
• Added new event types and fixed bugs in several webhook integrations.
• Added support for default bots to receive messages when they're
  mentioned, even if they are not subscribed.
• Added support for overriding the topic is all incoming webhook integrations.
• Incoming webhooks now send a private message to the bot owner for
  more convenient testing if a stream is not specified.
• Rewrote documentation for many integrations to use a cleaner
  numbered-list format.
• APIs for fetching messages now provide more metadata to help clients.

Keyboard shortcuts:

• Added new "basics" section to keyboard shortcuts documentation.
• Added a new ">" keyboard shortcut for quote-and-reply.
• Added a new "p" keyboard shortcut to jump to next unread PM thread.
• Fixed several hotkeys scope bugs.
• Changed the hotkey for compose-private-message from "C" to "x".
• Improve keyboard navigation of left and right sidebars with arrow keys.

Mobile apps backend:

• Added support for logging into the mobile apps with RemoteUserBackend.
• Improved mobile notifications to support narrowing when one clicks a
  mobile push notification.
• Statistics on the fraction of strings that are translated now
  include strings in the mobile apps as well.

For server admins:

• Added certbot support to the installer for getting certificates.
• Added support for hosting multiple domains, not all as subdomains of
  the same base domain.
• Added a new nagios check for the Zulip analytics state.
• Fixed buggy APNs logic that could cause extra exception emails.
• Fixed a missing dependency for the localhost_sso auth backend.
• Fixed subtle bugs in garbage-collection of old node_modules versions.
• Clarified instructions for server settings (especially LDAP auth).
• Added missing information on requesting user in many exception emails.
• Improved Tornado retry logic for connecting to RabbitMQ.
• Added a server setting to control whether digest emails are sent.

For Zulip developers:

• Migrated the codebase to use the nice Python 3 typing syntax.
• Added a new /team/ page explaining the team, with a nice
  visualization of our contributors.
• Dramatically improved organization of developer docs.
• Backend test coverage is now 95%.

This is a security release, with a handful of cherry-picked changes
since 1.7.1. All Zulip server admins are encouraged to upgrade
promptly.

• CVE-2018-9986: Fix XSS issues with frontend markdown processor.
• CVE-2018-9987: Fix XSS issue with muting notifications.
• CVE-2018-9990: Fix XSS issue with stream names in topic typeahead.
• CVE-2018-9999: Fix XSS issue with user uploads. The fix for this
  adds a Content-Security-Policy for the LOCAL_UPLOADS_DIR storage
  backend for user-uploaded files.

Thanks to Suhas Sunil Gaikwad for reporting CVE-2018-9987 and w2w for
reporting CVE-2018-9986 and CVE-2018-9990.