There has been some discussion about broken logins and being unable to login right after signing up. I did a review of the affected code and unfortunately, there are a couple of issues in 0.8.3. As a direct result, I’ll push the next release including many bugfixes in the next few weeks.

Issues found are:

• When creating a new account, the password is not picked up. Instead, an empty string is encoded and written to the database (this is different from an empty password field, though)
• In 0.8.3 it is possible to request a new password (forgotten_password) for a guest account. This will, effectively, convert the account into a registered account.
• The create account controller does not check for duplicate email addresses

If your site suffers from any of these symptoms, please stay tuned for the next release to fix those issues as soon as possible.

While trying to test as much as I can, there are certainly things I do and will miss. Admittedly, these sort of bugs are not acceptable and I would like to apologize to everyone affected. I really appreciate the trust you put into me and ZenMagick and will do everything I can to justify that.

As a first action I suggest that I build release candidates for testing before releasing official new versions. However, this will require participation on your side to pick up those builds and test them as much as possible.

Alternatively, the release cycles might have to get longer which I do not really like. Still, perhaps it is better to have less innovation but a more stable product.