CTFs as you need them
General
API
/api/v1/challenges?view=admin
to allow admin users to see all challenges regardless of their visibility state/api/v1/users?view=admin
to allow admin users to see all users regardless of their hidden/banned state/api/v1/teams?view=admin
to allow admin users to see all teams regardless of their hidden/banned state/api/v1/scoreboard
is now significantly more performant (20x) due to better response generation/api/v1/scoreboard/top/<count>
is now more performant (3x) due to better response generation/api/v1/scoreboard
will no longer show hidden/banned users in a non-hidden teamDeployment
docker-compose
now provides a basic nginx configuration and deploys nginx on port 80Dockerfile
now installs python3
and python3-dev
instead of python
and python-dev
because Alpine no longer provides those dependenciesMiscellaneous
get_config
and get_page
config utilities now use SQLAlchemy Core instead of SQLAlchemy ORM for slight speedupsget_team_standings
and get_user_standings
functions now return more data (id, oauth_id, name, score for regular users and banned, hidden as well for admins)%
signs in database passwords.Miscellaneous
gunicorn
dependency to 19.10.0
boto3
dependency to 1.13.9
import_ctf()
reliability by closing all connections before dropping & recreating databasedb
folderimport_ctf()
process slightly to import built-in tables first and then plugin tablesAPI
DELETE /api/v1/files/[file_id]
) will now correctly delete the associated filePlugins
CTFd.plugins.get_plugin_names()
to get a list of available pluginsCTFd.plugins.migrations.current()
to get the current revision of a plugin migrationCTFd.plugins.migrations.upgrade()
to be able to upgrade to a specific plugin migrationThemes
scoreboard.js
Admin Panel
Admin Panel
Plugins
CTFd.plugins.migrations
module to allow plugins to handle migrations. Plugins should now call CTFd.plugins.migrations.upgrade
instead of app.db.create_all
which will allow the plugin to have database migrations.Miscellaneous
app.plugins_dir
object to refer to the directory where plugins are installedAdmin Panel
Miscellaneous
SQLALCHEMY_ENGINE_OPTIONS
to config.py
with a slightly higher default max_overflow
setting for SQLALCHEMY_MAX_OVERFLOW
. This can be overridden with the SQLALCHEMY_MAX_OVERFLOW
envvarnode_modules/
to .dockerignore
General
flask_restplus
with flask_restx
datafreeze
, normality
, and banal
dependencies in favor of in-repo solutions to exporting databaseAdmin Panel
Themes
python manage.py build jsenums
.min-vh-*
and .opacity-*
).spinner-error
CSS classis_admin()
Miscellaneous
get_config
from CTFd.models
EmailMessage
Faker
library for populate.py
instead of hardcoded datayarn lint
command to run eslint on JS filesGeneral
API
POST /api/v1/unlocks
will no longer allow duplicate unlocks to happenAdmin Panel
Account Visibility
subtext clearer by explaining the Private
setting in Config PanelThemes
Miscellaneous
General
TEAMS_MODE
API
/api/v1/statistics/users
route to be admins_only/api/v1/awards
, CTFd will look up a user's team ID if team_id
is not specifiedAdmin Panel
Themes
core
theme stores the initial value of inputs as a data
attribute and checks for changes when updating data. This should be a temporary hack until a proper front-end framework is in place.ezToast()
issue that was keeping toast messages visible indefinitelymodal-body
parameters in ezq.js for ezAlert
and ezQuery
and fix the progress bar for certain cases in ezProgressBar
authed()
function to check if user is authed in base.html
. This fixes an issue where a page could look as if the user was logged in.Miscellaneous
REVERSE_PROXY
config setting when set to a boolean instead of a stringDockerfile
to run fewer commands and re-use the build cachemake coverage
to generate an HTML coverage reportcoverage
and pytest-cov
development dependenciesGeneral
General
views.custom_css
route has been removed.manage.py
script can now manipulate the CTFd Configs table via the get_config
and set_config
commands. (e.g. python manage.py get_config ctf_theme
and python manage.py set_config ctf_theme core
)Themes
theme_header
and theme_footer
configs instead of the views.custom_css
endpoint to allow for user customizations. See the base.html
file of the core theme.Plugins
ezq
functions available to CTFd.js
under CTFd.ui.ezq
Miscellaneous
isort
and import order enforcedAll CTFd administrators are recommended to take the following steps:
SECRET_KEY
valueSecurity
General