- Update JS dependencies with high CVE

- Fix form submissions losing values when field names contain spaces or non-word characters

- Add audit log (#214)

- Fix stored XSS vulnerability in custom embed iframes via input sanitization with attribute whitelisting
- Fix XSS vulnerability in URL link formatting by escaping user-submitted URLs
- Fix IDOR on form export endpoint by adding authorization check
- Fix cross-event IDOR on polls, quizzes, forms, embeds, and posts by enforcing event-scoped resource access in context layer
- Fix atom exhaustion DoS by replacing `String.to_atom/1` on user input with explicit whitelists (8 locations)
- Add rate limiting on authentication endpoints using Hammer 7.0

- Fix date picker crash when hook is destroyed before initialization
- Fix date picker crash for unsupported browser locales
- Fix form submission crash for anonymous attendees
- Improve SMTP config and handling (#197)
- Fix presentation slides URL (#200)
- Fix custom S3 endpoint (#199)
- Fix quizz real time average score update and id duplication
- Fix crash when broadcasting events to leaders with unregistered emails
- Fix OIDC compatibility with providers like Authelia and Microsoft Entra ID (#216) (#143) (#195)
- Fix manager and presenter views while presentation conversion has no slide count yet
- Fix crash on event manager pages when an event has multiple activity leaders

- S3 variables are now named: S3_ACCESS_KEY_ID, S3_SECRET_ACCESS_KEY,…

… S3_REGION and S3_BUCKET

- Users now have roles. Refer to the `roles` table and assign a role to a user with the `role_id` column in the `users` table.

- Add Admin Panel to manage users and presentations
- Add user roles: user, admin
- Add `LANGUAGES` setting to configure available languages in the app
- Add hideable presenter attendee count (#183 #155)
- Add Hungarian translation (#161)
- Add Latvian translation (#163)
- Add custom S3 endpoint with `S3_SCHEME`, `S3_HOST`, `S3_PORT` and `S3_PUBLIC_URL`

- Upgrade JS dependencies
- Upgrade Elixir dependencies, including Phoenix Live View to 1.0.17
- Upgrade to Tailwind 4+
- Refactor view templates to use {} instead of <%= %>
- Fix event name validation to be required
- Docker image is now using Ubuntu instead of Alpine for better dependencies support
- Fix scrollbar not showing in event manager when no presentation file (#164) (@aryel780)
- Fix settings scroll for small screen (#168)
- Fix duplicate key quiz when duplicate (#182)
- Fix email change confirmation (#172)
- Fix italian translation (#179)
- Fix random poll choices (#184)

- Add PKCE support for OpenID Connect (#134) (@onyedikachi-david)

- Fix settings panel on tablet-sized screens (#121)
- Fix question counting for quiz component
- Fix embed deletion bad keys for attendees
- Fix event name length validation (min: 5, max: 50)
- Fix event code length validation (min: 5, max: 10)
- Fix presentation upload progress when editing an event

- Improve performance of presentation to load slides faster

- Fix manager layout on small screens
- Add clickable hyperlinks in messages
- Improve quiz export
- Add option to force login to submit quizzes
- Fix url with question mark being flagged as a question

- Add quizzes interaction with LTI AGS integration and QTI export

- Add join link in manager view to join attendee room more easily
- Export all interactions to CSV in the reports view
- Add Oban for asynchronous jobs (mailer and LMS API calls)

- New report view with better metrics and tab-view for all interactions
- Improve design improvements for interaction boxes in attendee room
- Fix engagement rate stats
- Add button to trigger product tour instead of automatically starting it
- Improve design and UX for interactions and presentation settings in the manager view
- Add pagination for events on the dashboard
- Fix STMP adapter to work with secure connection
- Add soft delete for user accounts

- Add duplicate feature on finished events

- Add italian translation (thanks to @loviuz and @albanobattistella)
- Add EMAIL_CONFIRMATION environment variable to disable or enable email confirmation after registration

- Improve performance of global reactions
- Change QR Code background color to white
- Improve auto scroll of messages on the manager
- Fix pinning of questions
- Fix name picker being empty during a reconnect
- Change wording for more options dropdown and access
- Fix dropdown position to be on the front of other elements
- Owner and facilitators of the event can now join the attendee room before the event starts
- Fix email templates

- Fix OIDC to allow only client_secret_basic and client_secret_post a…

…uth methods

- Fix minimum length for 2 characters messages
- Fix poll option order
- Fix translations for current interactions
- Improve poll results UI
- Optimize resource usage of the manager when attendees join the event
- Fix duplicate event being inaccesible

- LTI 1.3 integration (Beta)

- OpenID Connect integration
- New layout for presentation manager
- Duplicate event feature

- Improve embeds integration for better compatibility with different providers
- Add an option to polls to show results to attendees

- Fix input length validation for polls

- Add Dutch translation #91 (@robinaartsma)

- Add dynamic layout for the presenter view

- Fix responsive layout on dashboard
- Fix presenter layout with embeds when messages are hidden
- Fix missing stream for form submits
- Fix unknown locales
- Fix embeds when updated
- Add validation to avoid user to self assign as a facilitator
- Toggle for message reactions is replaced with toggle for message and global reactions
- Improve embed integration in presenter view