decidim 0.31.5 → 0.32.0.rc2

data/docs/modules/develop/pages/c4_component.adoc

@@ -38,7 +38,6 @@ Container_Boundary(web_app, "Web Application") {
     Component(pages, "Pages module", "Ruby On Rails Engine", "Component. adds static page capabilities to any participatory space. It basically provides an interface to include arbitrary HTML content to any step.")
     Component(proposals, "Proposals module", "Ruby On Rails Engine", "Component. Adds one of the main components of Decidim: allows users to contribute to a participatory space by creating proposals.")
     Component(surveys, "Surveys module", "Ruby On Rails Engine", "Component. Makes possible to publish surveys (for registered participants or visitors users).")
-    Component(sortitions, "Sortitions module", "Ruby On Rails Engine", "Component. makes possible to select randomly a number of proposals among a set of proposals (or a category of proposals within a set) maximizing guarantees of randomness and avoiding manipulation of results by the administrator.")
 
     Rel(surveys, forms, "Consumes")
     Rel(meetings, forms, "Consumes")
@@ -50,7 +49,6 @@ Container_Boundary(web_app, "Web Application") {
     ' Rel(initiatives, comments, "Consumes")
     ' Rel(accountability, comments, "Consumes")
     ' Rel(budgets, comments, "Consumes")
-    ' Rel(sortitions, comments, "Consumes")
     ' Rel(dev, comments, "Consumes")
     ' Rel(meetings, comments, "Consumes")
     ' Rel(debates, comments, "Consumes")
@@ -60,7 +58,6 @@ Container_Boundary(web_app, "Web Application") {
     ' Rel(initiatives, admin, "Managed in")
     ' Rel(accountability, admin, "Managed in")
     ' Rel(budgets, admin, "Managed in")
-    ' Rel(sortitions, admin, "Managed in")
     ' Rel(meetings, admin, "Managed in")
     ' Rel(debates, admin, "Managed in")
     ' Rel(proposals, admin, "Managed in")

data/docs/modules/develop/pages/classes/models.adoc

@@ -87,7 +87,6 @@ Most commonly used concerns are:
 - `Decidim::Forms::HasQuestionnaire`
 - `Decidim::Initiatives::HasArea`
 - `Decidim::Initiatives::InitiativeSlug`
-- `Decidim::Proposals::CommentableCollaborativeDraft`
 - `Decidim::Proposals::CommentableProposal`
 - `Decidim::Proposals::ParticipatoryTextSection`
 - `Decidim::Proposals::Evaluable`

data/docs/modules/develop/pages/components.adoc

@@ -47,7 +47,7 @@ Decidim.register_component(:my_component) do |component|
   # along with its hooks, so you can decide to halt the transaction by raising
   # an exception.
   #
-  # Valid hook names are :create and :destroy.
+  # Please refer to the section below to understand the component hooks
   component.on(:create) do |component|
     MyComponent::DoSomething.with(component)
   end
@@ -154,6 +154,72 @@ Each setting should have one or more translation texts related for the admin zon
 * `decidim.components.[component_name].settings.[global|step].[attribute_name]_help`: Additional text with help for the setting use.
 * `decidim.components.[component_name].settings.[global|step].[attribute_name]_readonly`: Additional text for the setting when it is readonly.
 
+
+== Life Cycle
+
+The following hooks are being fired when an action is being done in the admin web interface:
+
+- `:create` - A new component is being created
+- `:publish` - A component is being published
+- `:unpublish` - A component is being unpublished
+- `:update` - A component is being updated
+- `:permission_update` - The component permissions are being changed
+- `:duplicate` - A component is being copied
+
+[source,ruby]
+----
+# :my_component is the unique name of the component that will be globally registered.
+Decidim.register_component(:my_component) do |my_component|
+  my_component.on(:create) do |component|
+    # In the officially provided libraries we are using this hook to create additional required resources, like the default proposal states.
+    MyComponent::DoSomething.with(component)
+  end
+
+  my_component.on(:publish) do |component|
+    # In the officially provided libraries we are using this hook to add items to the search index
+    MyComponent::DoSomething.with(component)
+  end
+
+  my_component.on(:unpublish) do |component|
+    # In the officially provided libraries we are using this hook to remove items from the search index
+    MyComponent::DoSomething.with(component)
+  end
+  my_component.on(:update) do |component|
+    MyComponent::DoSomething.with(component)
+  end
+
+  my_component.on(:permission_update) do |component|
+    MyComponent::DoSomething.with(component)
+  end
+
+  my_component.on(:duplicate) do |new_component, old_component|
+    MyComponent::DoSomething.with(new_component)
+    MyComponent::DoSomethingElse.with(old_component)
+  end
+end
+----
+
+In some cases, you could define your own component hooks like the following:
+
+[source,ruby]
+----
+# :my_component is the unique name of the component that will be globally registered.
+Decidim.register_component(:my_component) do |my_component|
+  my_component.on(:my_action) do |params|
+    MyComponent::DoSomething.with_the(params)
+  end
+end
+----
+
+Then you could call it in your codebase as the following:
+
+[source,ruby]
+----
+# ... Some code that you may have
+@my_resource.component.run_hooks(:my_action, params)
+# ... Some other code you may need
+----
+
 == Fixtures
 
 This sections explains how to add dummy content to a development application.

data/docs/modules/develop/pages/machine_translations.adoc

@@ -42,7 +42,7 @@ config.machine_translation_service = "MyApp::MyOwnTranslationService"
 config.machine_translation_delay = 0.seconds
 ----
 
-The class will need to be implemented, or reuse one from the community. Check the docs on how to implement a machine translation service.
+The class will need to be implemented, or reuse one from the community. Check the docs on xref:services:machine_translations.adoc[how to implement a machine translation service].
 
 == Enabling the integration, organization-wise
 

data/docs/modules/develop/pages/maintainers/releases.adoc

@@ -1,6 +1,14 @@
 = Releasing new versions
 
-In order to release new version you need to be owner of all the gems at RubyGems, ask one of the owners to add you before releasing. Try `gem owner decidim` to find out the owners of the gem. It is worth making sure you are owner of all gems.
+In order to release new version you need to:
+
+. be owner of all the gems at RubyGems, ask one of the owners to add you before releasing. Try `gem owner decidim` to find out the owners of the gem. It is worth making sure you are owner of all gems.
+. be owner of all the NPM packages. You also need to be authenticated with `npm login`.
+. have the `gh` command line installed. You can install by following the https://github.com/cli/cli/blob/trunk/docs/install_linux.md[GH installation instructions]. You also need to be authenticated with `gh auth login`.
+. have the `yq` command line installed. You can install it with `snap install yq` in Ubuntu.
+. have the `decidim-maintainers_toolbox` gem. You can install it with `gem install decidim-maintainers_toolbox`.
+
+Before you begin the release process, make sure you check if there are any open or pending backports. Currently, is not mandatory to open or merge all the backports, but is something that we usually aim for. Refer to the xref:develop:backports.adoc[backports] page for more information.
 
 == Release Candidates
 
@@ -9,26 +17,31 @@ They should be ready to go to production, but publicly released just before in o
 
 If this is a *Release Candidate version* release, the steps to follow are:
 
-. Merge all the https://github.com/decidim/decidim/pulls?q=is%3Apr+is%3Aopen+author%3Adecidim-bot+sort%3Aupdated-desc[Crowdin pull requests created by the user `decidim-bot`], specially the one that is going to be marged against the release branch `release/x.y-stable` that should be returned by the provided example search (pick the correct pull request for the release from the results).
+. Merge all the https://github.com/decidim/decidim/pulls?q=is%3Apr+is%3Aopen+author%3Adecidim-bot+sort%3Aupdated-desc[Crowdin pull requests created by the user `decidim-bot`], specially the one that is going to be merged against the release branch `release/x.y-stable` that should be returned by the provided example search (pick the correct pull request for the release from the results).
 . Go to develop with `git checkout develop`
 . Install the last version of the `decidim-maintainers_toolbox` gem, and run the releaser command. Mind that for this to work you need locally the gh CLI from GitHub.
 [source,bash]
 ----
 gem install decidim-maintainers_toolbox
-decidim-releaser --github-token=(gh auth token) --version-type=rc
+decidim-releaser --github-token=$(gh auth token) --version-type=rc
 ----
 . This will create the stable branch and also create two Pull Requests:
 .. One for changing the development version on the `develop` branch (with title "Bump develop to next release version (x.y.z)")
-.. Another for creating the  the new release in the stable branch with title `Bump to vx.y.z version`. Wait for the tests to finish and check that everything is passing before releasing the version.
+.. Another for creating the new release in the stable branch with title `Bump to vx.y.z version`. Wait for the tests to finish and check that everything is passing before releasing the version.
 During this process you will have the instructions on how to follow with the process in the command line. One of the tasks is updating Crowdin, you can read more about this in the "Create the stable branch in Crowdin" section of this page.
 . Review, accept and merge the Pull Request.
 . Run `git pull && bin/rake release_all`, this will create all the tags, push the commits and tags and release the gems to RubyGems. Be ready for the One Time Password fill for each of the gems.
+. Once all the gems are published:
+.. Re-run the failed generators tests at the release branch.
+.. Always check if there are any pending security CVEs that need to be published. If there are, then follow the instructions in the xref:develop:maintainers/security.adoc[Security] page.
+.. Create a new release at this repository, just go to the https://github.com/decidim/decidim/releases[releases page] and create a new one.
 
 Usually, at this point, the release branch is deployed to Metadecidim during, at least, one week to validate the stability of the version.
 
 === During the validation period
 
-. During the validation period, bugfixes must be implemented directly to the current `release/x.y.z-stable` branch and ported to `develop`.
+. During the validation period, bugfixes must be implemented directly to the current `develop` branch, and if you need to backport, just add the labels `type: fix` and also the `release: v0.xx` to allow automated backports.
+ ... In special cases only (when the feature aimed to be fixed does not exist anymore in `develop`), you can open the Pull Request directly against the release branch. This is something that we usually defer to doing, as it could bring inconsistencies between the versions, making the maintenance harder.
 . During the validation period, translations to the officially supported languages must be added to Crowdin and, when completed, merged into `release/x.y.z-stable`.
 
 == Major/Minor versions
@@ -37,20 +50,19 @@ Release Candidates will be tested in a production server (usually Metadecidim) d
 
 . Merge all the https://github.com/decidim/decidim/pulls?q=is%3Apr+is%3Aopen+author%3Adecidim-bot+sort%3Aupdated-desc[Crowdin pull requests created by the user `decidim-bot`], specially the one that is going to be marged against the release branch `release/x.y-stable` that should be returned by the provided example search (pick the correct pull request for the release from the results).
 . Checkout the release stable branch `git checkout release/x.y-stable`.
-. Update `.decidim-version` by removing the `.rcN` suffix, leaving a clean version number like `x.y.z`
-. Run `bin/rake update_versions`, this will update all references to the new version.
-. Run `bin/rake patch_generators`, this will update the Gemfile for the generators to the new version.
-. Run `bin/rake bundle`, this will update all the `Gemfile.lock` files
-. Run `bin/rake webpack`, this will update the JavaScript bundle.
-. Update the `CHANGELOG.md`.
-Add the header with the current version and link like `+## [0.20.0](https://github.com/decidim/decidim/tree/v0.20.0)+` and the headers generated by the changelog generator.
-. Commit all the changes: `git add . && git commit -m "Bump to v0.XX.0 final version" && git push origin release/x.y-stable`.
+. Install the last version of the `decidim-maintainers_toolbox` gem, and run the releaser command. Mind that for this to work you need locally the gh CLI from GitHub.
+[source,bash]
+----
+gem install decidim-maintainers_toolbox
+decidim-releaser --github-token=$(gh auth token) --version-type=minor
+----
 . Wait for the tests to finish and check that everything is passing before releasing the version.
 NOTE: When you bump the version, the generator tests will fail because the gems and NPM packages have not been actually published yet (as in sent to rubygems/npm). You may see errors such as `No matching version found for @decidim/browserslist-config@~0.xx.y` in the CI logs. This should be fine as long as you have ensured that the generators tests passed in the previous commit.
-. Run `git pull && bin/rake release_all`, this will create all the tags, push the commits and tags and release the gems to RubyGems.
+. Run `git pull && bin/rake release_all`, this will create all the tags, push the commits and tags and release the gems to RubyGems. Be ready for the One Time Password fill for each of the gems.
 . Once all the gems are published:
- .. Re-run the failed generators tests at the release branch.
- .. Create a new release at this repository, just go to the https://github.com/decidim/decidim/releases[releases page] and create a new one.
+.. Re-run the failed generators tests at the release branch.
+.. Always check if there are any pending security CVEs that needs to be published. If there are, then follow the instructions in the xref:develop:maintainers/security.adoc[Security] page.
+.. Create a new release at this repository, just go to the https://github.com/decidim/decidim/releases[releases page] and create a new one.
 . Update Decidim's Docker repository as explained in the Docker images section below.
 . Update Crowdin synchronization configuration with GitHub:
  .. Add the new `release/x.y-stable` branch.
@@ -96,22 +108,23 @@ After you commit this change in `develop` branch you will have to wait a couple
 Releasing new versions from a *_release/x.y-stable_* branch is quite easy.
 The process is very similar from releasing a new Decidim version:
 
-. Merge all the https://github.com/decidim/decidim/pulls?q=is%3Apr+is%3Aopen+author%3Adecidim-bot+sort%3Aupdated-desc[Crowdin pull requests created by the user `decidim-bot`], specially the one that is going to be marged against the release branch `release/x.y-stable` that should be returned by the provided example search (pick the correct pull request for the release from the results).
+. Merge all the https://github.com/decidim/decidim/pulls?q=is%3Apr+is%3Aopen+author%3Adecidim-bot+sort%3Aupdated-desc[Crowdin pull requests created by the user `decidim-bot`], specially the one that is going to be merged against the release branch `release/x.y-stable` that should be returned by the provided example search (pick the correct pull request for the release from the results).
 . Make sure that there are no more PRs to backport. Learn more about xref:develop:backports.adoc[Backports].
-. Checkout the branch you want to release: `git checkout -b release/x.y-stable`
+. Checkout the branch you want to release: `git checkout release/x.y-stable && git pull origin release/x.y-stable`
 . Install the last version of the `decidim-maintainers_toolbox` gem, and run the releaser command. Mind that for this to work you need locally the gh CLI from GitHub.
 [source,bash]
 ----
 gem install decidim-maintainers_toolbox
-decidim-releaser --github-token=(gh auth token) --version-type=patch
+decidim-releaser --github-token=$(gh auth token) --version-type=patch
 ----
 . This will create a Pull Request for the new release with title `Bump to vx.y.z version`. Wait for the tests to finish and check that everything is passing before releasing the version.
 NOTE: When you bump the version, the generator tests will fail because the gems and NPM packages have not been actually published yet (as in sent to rubygems/npm). You may see errors such as `No matching version found for @decidim/browserslist-config@~0.xx.y` in the CI logs. This should be fine as long as you have ensured that the generators tests passed in the previous commit.
 . Review, accept and merge the Pull Request.
 . Run `git pull && bin/rake release_all`, this will create all the tags, push the commits and tags and release the gems to RubyGems. Be ready for the One Time Password fill for each of the gems.
 . Once all the gems are published:
- .. Re-run the failed generators tests at the release branch.
- .. Create a new release at this repository, just go to the https://github.com/decidim/decidim/releases[releases page] and create a new one.
+.. Re-run the failed generators tests at the release branch.
+.. Always check if there are any pending security CVEs that needs to be published. If there are, then follow the instructions in the xref:develop:maintainers/security.adoc[Security] page.
+.. Create a new release at this repository, just go to the https://github.com/decidim/decidim/releases[releases page] and create a new one.
 . Update Decidim's Docker repository as explained in the Docker images section.
 
 == Docker images for each release

data/docs/modules/develop/pages/maintainers/security.adoc

@@ -7,14 +7,19 @@ This page provides an overview of the security procedures followed by the Mainta
 .. an explanation of the issue, without giving much details about the vulnerability.
 .. the metadata necessary, such as affected releases and severity.
 .. we will not give a step by step explanation on how to exploit the vulnerability.
+.. internally, we leave the instructions for other Maintainers in the comments of the Security Advisory (so it is reproducible, both the bug and the fix when there is any).
 . The issue will be handled privately (on a private fork) until a fix is ready.
 . Once the fix is ready, we will open a PR to the `develop` branch with the fix.
 . We will do the backports to the https://github.com/decidim/decidim/blob/develop/SECURITY.md[supported versions].
 . We will release a new version with the fix.
 . On the Release Notes of the versions with the fix, we will add a note about the vulnerability with a reference to the CVE or the GitHub Security Advisory ID if there is not any ID. See below the `Template for the Release Notes`.
-. We will send a notification to the Decidim Devs Matrix chat room. We will not mention the vulnerability, just that there is a new version with a security fix. See below the `Template for the Decidim Devs chat room message`
+. We will send a notification to the Decidim Devs Matrix chat room. We will not mention the vulnerability, just that there is a new version with a security fix. See below the `Template for the Decidim Devs chat room message`.
 . We will wait the grace period (2 or 4 months depending on the severity) before disclosing the vulnerability.
+. We will add a comment for other Maintainers to keep track of when the Security Advisory will be published. See below the `Template for the Security Advisory messages`.
+. We will update the metadata of the Security Advisory with the versions that have this fix (the "Patched versions" in GitHub UI).
+. We will add to the Internal Decidim calendar the date when the Security Advisory will be published.
 . After the grace period, we will publish the Security Advisory.
+. Once the Security Advisory is published, then the release note message is updated with the link to the published page.
 
 == Template for the Release Notes
 
@@ -50,3 +55,12 @@ XXX
 [1] https://github.com/decidim/decidim/releases/tag/v0.XXX.XXX
 [2] https://github.com/decidim/decidim/blob/develop/SECURITY.md
 ----
+
+== Template for the Security Advisory messages
+
+[source,markdown]
+----
+Two versions with the fix have been published today: v0.XXX.XXX and v0.XXX.XXX.
+
+This security vulnerability will be published on XXX according to our security policy.
+----

data/docs/modules/develop/partials/api/decidim_version.adoc

@@ -0,0 +1,102 @@
+
+++++
+<div class="tabs" data-tab-group="language">
+  <div class="tabs-nav">
+    <button class="tabs-nav__button is-active" data-tab="curl">cURL</button>
+    <button class="tabs-nav__button" data-tab="javascript">JavaScript</button>
+    <button class="tabs-nav__button" data-tab="python">Python</button>
+    <button class="tabs-nav__button" data-tab="ruby">Ruby</button>
+  </div>
+  <div class="tabs-content">
+    <div class="tabs-content__panel is-active" data-tab="curl">
+++++
+
+[source,bash]
+----
+curl -sSH "Content-Type: application/json" \
+  -d '{"query": "{ decidim { version } }"}' \
+  https://www.decidim.barcelona/api/
+----
+
+++++
+    </div>
+    <div class="tabs-content__panel" data-tab="javascript">
+++++
+
+[source,javascript]
+----
+const url = "https://www.decidim.barcelona/api/";
+const query = "{ decidim { version } }";
+
+fetch(url, {
+  method: "POST",
+  headers: {
+    "Content-Type": "application/json",
+  },
+  body: JSON.stringify({ query }),
+})
+  .then((response) => response.json())
+  .then((data) => {
+    console.log(data);
+  })
+  .catch((error) => {
+    console.error(error);
+  });
+----
+
+++++
+    </div>
+    <div class="tabs-content__panel" data-tab="python">
+++++
+
+[source,python]
+----
+import requests
+
+url = "https://www.decidim.barcelona/api/"
+query = "{ decidim { version } }"
+
+headers = {
+    "Content-Type": "application/json"
+}
+
+response = requests.post(
+    url,
+    json={"query": query},
+    headers=headers
+)
+
+print(response.json())
+----
+
+++++
+    </div>
+    <div class="tabs-content__panel" data-tab="ruby">
+++++
+
+[source,ruby]
+----
+require "net/http"
+require "uri"
+require "json"
+
+uri = URI.parse("https://www.decidim.barcelona/api/")
+
+http = Net::HTTP.new(uri.host, uri.port)
+http.use_ssl = true
+
+request = Net::HTTP::Post.new(uri.request_uri)
+request["Content-Type"] = "application/json"
+request.body = {
+  query: "{ decidim { version } }"
+}.to_json
+
+response = http.request(request)
+puts JSON.parse(response.body)
+----
+
+++++
+    </div>
+  </div>
+</div>
+++++

data/docs/modules/install/pages/manual.adoc

@@ -8,6 +8,7 @@ In order to develop on decidim, you will need:
 * *NodeJS* 22.14.x
 * *Npm* 10.9.x
 * *ImageMagick*
+* *LibVips*
 * *Chrome* browser and https://sites.google.com/a/chromium.org/chromedriver/[chromedriver] (if you need to run specs/tests)
 
 The compatibility between the different versions of the components is the following:
@@ -57,7 +58,7 @@ An important component for Decidim is Node.js and Yarn. With this commands you w
 ----
 curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash
 source "$HOME/.nvm/nvm.sh"
-nvm install 24
+nvm install 22
 npm install -g yarn
 ----
 
@@ -67,7 +68,7 @@ Next, we need to install the `decidim` gem with its dependencies:
 
 [source,bash]
 ----
-sudo apt install -y libicu-dev imagemagick
+sudo apt install -y libicu-dev imagemagick libvips libvips-tools
 gem install decidim
 ----
 
@@ -158,5 +159,5 @@ The seed data will not be created in production environments, if you still want
 
 [source,bash]
 ----
-SEED=true rails assets:precompile db:seed
+SEED=true bin/rails assets:precompile db:seed
 ----

data/docs/modules/install/pages/update.adoc

@@ -6,34 +6,16 @@ To keep our system up to date, we can visit the page https://github.com/decidim/
 
 [source,ruby]
 ----
-gem "decidim", "0.20.1"
-gem "decidim-conferences", "0.20.1"
-gem "decidim-initiatives", "0.20.1"
+gem "decidim", "0.29.0"
+gem "decidim-conferences", "0.29.0"
+gem "decidim-initiatives", "0.29.0"
 
-gem "decidim-dev", "0.20.1"
+gem "decidim-dev", "0.29.0"
 ----
 
-For example, if the latest release is 0.16 we could decide to update.
+To update, we recommend using small increments. From time to time we change the Ruby version or update dependencies, and skipping multiple versions at once can introduce breaking changes. Therefore, if you need to upgrade from v0.29.0 to v0.31.0, we recommend to first upgrade to v0.30.0, follow the release notes, and then, from v0.30.0 to upgrade to v0.31.0.
 
-To update, usually requires only to change the old version number on these gems to the new one. For instance, previous example should be:
-
-[source,ruby]
-----
-gem "decidim", "0.21"
-gem "decidim-conferences", "0.21"
-gem "decidim-initiatives", "0.21"
-
-gem "decidim-dev", "0.21"
-----
-
-After doing that, you need to execute these commands:
-
-[source,console]
-----
-bundle update decidim
-bin/rails decidim:upgrade
-bin/rails db:migrate
-----
+So, to perform the upgrade, we first follow the https://github.com/decidim/decidim/releases/tag/v0.30.0[release notes for v0.30.0], then, after we confirmed everything went OK, we should follow the https://github.com/decidim/decidim/releases/tag/v0.31.0[release notes for v0.31.0].
 
 In theory, that would be all. However, you need to be careful in certain situations, specially if your copy of Decidim has many code modifications. We'd recommend to always test the upgrade following Ruby on Rails best practices: working with development mode in localhost, deploying to a staging/preproduction server to test it manually (specially your modifications) and finally deploying to production. As an alternative you can test the upgrade in a separate machine with the same configuration (If using DigitalOcean you can create an snapshot of the server, tested the update, and then remove it, similar process on other providers).
 
@@ -88,6 +70,7 @@ include::install:partial$version_matrix.adoc[]
 == Recommendations
 
 . Make a full backup of the database before updating, just in case something unexpected happens.
+. Never add 2 or more versions of Decidim to the same deployment to production, as the database structure could change, deprecated functions could be removed, causing issues that may prevent you to successfully run post release commands.
 . If you are more than update away. Always update from one version to the immediately next one and then repeat the process until you are up to date.
 . Always check the instructions for a certain version upgrade in https://github.com/decidim/decidim/releases[Releases]. Some releases require to perform certain actions as they may change some database structures. Follow that instructions if you are affected.
 . Check also the file https://github.com/decidim/decidim/blob/develop/CHANGELOG.md[CHANGELOG] It may have relevant information for updates between versions.

data/docs/modules/install/partials/version_matrix.adoc

@@ -2,16 +2,12 @@
 |===
 |Decidim version |Ruby version |Node version | Status
 
-|develop | 3.3.4 | 22.14.x | Unreleased
+|develop | 3.4.7 | 22.14.x | Unreleased
 
-|v0.30 | 3.3.4 | 18.17.x | Bug fixes and security updates
-
-|v0.29 | 3.2.2 | 18.17.x | Bug fixes and security updates
+|v0.31 | 3.3.4 | 22.14.x | Bug fixes and security updates
 
-|v0.28 | 3.1.1 | 18.17.x | Not maintained
-
-|v0.27 | 3.0.2 | 16.18.x | Security updates
+|v0.30 | 3.3.4 | 18.17.x | Bug fixes and security updates
 
-|v0.26 | 2.7.5+ | 16.9.x | Not maintained
+|v0.29 | 3.2.2 | 18.17.x | Not maintained
 
 |===

data/docs/modules/services/pages/activestorage.adoc

@@ -47,6 +47,46 @@ Locate the bucket, go into the "Permissions" tab and find the section titled "CO
 
 Read more at https://docs.aws.amazon.com/AmazonS3/latest/userguide/cors.html[Amazon S3 CORS documentation].
 
+==== Public assets
+
+To have public assets in your application, so that you do not rely on the ActiveStorage redirect system, you need to configure your bucket as follows:
+
+1. Go to your AWS S3 console
+2. Select the bucket you are using for uploads
+3. Open the *Permissions* tab
+4. In the *Block public access* section, click *Edit*
+5. Disable all blocking options by *unchecking* every box:
+  - "Block all public access"
+  - "Block public access to buckets and objects granted through new access control lists (ACLs)"
+  - "Block public access to buckets and objects granted through any access control lists (ACLs)"
+  - "Block public access to buckets and objects granted through new public bucket or access point policies"
+  - "Block public and cross-account access to buckets and objects through any public bucket or access point policies"
+6. Click *Save changes*
+7. Still in the *Permissions tab*, locate the *Bucket policy section* and click *Edit*.
+8. Add a bucket policy similar to the example below.
+   - If you are unsure of your bucket’s ARN, you can find it in the Properties tab. For this example, we use  `arn:aws:s3:::your-bucket-name`
+9. Click *Save changes*
+[source,json]
+----
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "Statement1",
+            "Effect": "Allow",
+            "Principal": "*",
+            "Action": "s3:GetObject",
+            "Resource": "arn:aws:s3:::your-bucket-name/*"
+        }
+    ]
+}
+----
+
+[NOTE]
+====
+If you use any other provider than the default (`local`) you will need to also configure the xref:customize:content_security_policy.adoc[Content security policy]. For the directives "img-src", "media-src", and "connect-src" adding some additional content like https://$YOUR-BUCKET-NAME.s3.$YOUR-AWS-REGION.amazonaws.com/*  (should look like: https://your-bucket-name.s3.eu-west-1.amazonaws.com)
+====
+
 ===  Google Cloud Storage
 
 Google Cloud Storage requires you to use the `gsutil` command line tool to set the CORS policy on your bucket. First you need to know the name of your bucket and then use the following command (replace `your-bucket-name` with the actual name of the bucket):

data/docs/modules/services/pages/aitools.adoc

@@ -71,7 +71,6 @@ Decidim::Ai::SpamDetection.resource_models = {
   "Decidim::Debates::Debate" => "Decidim::Ai::SpamDetection::Resource::Debate",
   "Decidim::Meetings::Meeting" => "Decidim::Ai::SpamDetection::Resource::Meeting",
   "Decidim::Proposals::Proposal" => "Decidim::Ai::SpamDetection::Resource::Proposal",
-  "Decidim::Proposals::CollaborativeDraft" => "Decidim::Ai::SpamDetection::Resource::CollaborativeDraft",
   "Decidim::User" => "Decidim::Ai::SpamDetection::Resource::UserBaseEntity"
 }
 

data/docs/modules/services/pages/index.adoc

@@ -6,6 +6,7 @@ There are multiple services that can be enabled in a Decidim installation. It is
 * xref:services:activestorage.adoc[Active Storage]
 * xref:services:aitools.adoc[AI tools]
 * xref:services:etherpad.adoc[Etherpad]
+* xref:services:machine_translation.adoc[Machine Translation]
 * xref:services:maps.adoc[Maps]
 * xref:services:sms.adoc[SMS]
 * xref:services:smtp.adoc[SMTP]