Looks like it’s time for another release of Radiant:
This release contains an important security update. Passwords since 0.5
have been written straight into the log files without filtering of any
kind. This could enable a malicious user with read permissions on the
log files to discover other users’ passwords. We’ve repaired the problem
in 0.6.1. It is recommended that everyone upgrade immediately. You
should also delete production.log and development.log.
This release also includes a few minor bug fixes.
WHAT IS RADIANT CMS?
Radiant is a no-fluff content management system made for designers and
programmers and is ideal for use on small teams. It is similar to
Movable Type or Textpattern, but is much more than a blogging engine.
- An elegant user interface
- The ability to arrange pages in a hierarchy
- Flexible templating with layouts, snippets, page parts, and a
custom tagging language (Radius: http://radius.rubyforge.org)
- A dynamic extension system
- A simple user management/permissions system
- Support for Markdown and Textile as well as traditional HTML
(it’s easy to create other filters)
- Operates in two modes: dev and production depending on the URL
- A caching system which expires pages every 5 minutes
- Built using Ruby on Rails (which means that extending Radiant is
as easy as any other Rails application)
- Licensed under the MIT-License
- And much more…
There’s even a live demo over on the project Web site:
WHAT’S NEW IN THIS RELEASE?
- Fixed a security vulnerability which caused passwords to appear in the
- Fixed a bug in the site map code which caused it to forget which rows
- The find_by_url method has been optimized to improve performance
- GET requests are now the only requests that are cached [Daniel
- Added rudimentary support for extension depencency specification
through directory prefixing [Daniel S.]
- Fixed syntax error in fixture loading extension [Sean C.]
- Minor documentation fix for date tag [Sean C.]
- Fixed a bug in the migrations that prevented 0.5.x users from
upgrading properly [Sean C.]
We’ve worked hard to make it easy to install Radiant. For starters you
can download it with Ruby Gems:
% gem install --include-dependencies radiant
Once the Radiant gem is installed you have access to the
radiant command is similar to the
rails command (if you
are from the Rails world. It’s how you generate a new Radiant project
for a website. So
cd to the directory where you would like your
instance to be installed and type:
% radiant -d [mysql|postgres|sqlite3] .
Next, edit config/database.yml to taste. Then run the rake bootstrap
% rake production db:bootstrap
And start up the test server:
% script/server -e production
Finally, hit the /admin/ URL and you should be off to the races. See the
README file in the release for additional details.
If you are interested in other download options, visit the download
UPGRADING FROM 0.6.0
Update the Radiant gem:
% gem update radiant
Change the RADIANT_GEM_VERSION constant in config/environment.rb
Run the update rake task:
Restart the server
UPGRADING FROM 0.5.x
The upgrade process changed significantly from last release, so listen
up! To upgrade an existing installation, BACKUP YOUR DATABASE, update
the gem, and create a new Radiant project using the instructions above.
Then point Radiant to the right database by editing config/database.yml
and execute the following command in your project directory:
% rake db:migrate
If you have problems during the upgrade, please let us know.
Radiant wouldn’t be possible without the help of some fine people. The
following people have made contributions to this release:
- Alexander H. * Sean C.
Thanks guys! If you’d like to hop on the development band wagon head on
over to our dev site (http://dev.radiantcms.org/).
The best place to get support is definitely on the Radiant mailing list.
There’s a crowd of people there who have been hanging around for many
moons now. Newbie questions are welcome! To sign up, go to:
The Radiant mailing list is also accessible via Ruby forum: