From 2afb0dd66332136f47d08f2ee4de292eb73c8779 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@debian.org>
Date: Wed, 27 May 2015 08:52:01 +0100
Subject: Do not directly enable emailauth by default, only indirectly via
 openid

This avoids nasty surprises on upgrade if a site is using httpauth,
or passwordauth with an account_creation_password, and relying on
only a select group of users being able to edit the site. We can revisit
this for ikiwiki 4.
---
 debian/NEWS | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'debian/NEWS')

diff --git a/debian/NEWS b/debian/NEWS
index d09b4d9be..c1f343520 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -1,3 +1,15 @@
+ikiwiki (3.20150330) UNRELEASED; urgency=medium
+
+  The new "emailauth" plugin allows users to authenticate using an email
+  address, without otherwise creating an account.
+
+  The openid plugin now enables emailauth by default. Please include
+  emailauth in the disable_plugins setting if this is not desired.
+  Conversely, if emailauth is required on a wiki that does not enable
+  openid, you can list it in the enable_plugins setting.
+
+ -- Simon McVittie <smcv@debian.org>  Wed, 27 May 2015 08:30:43 +0100
+
 ikiwiki (3.20150107) experimental; urgency=medium
 
   By default, this version of IkiWiki tells mobile browsers that its
-- 
cgit v1.2.3