Weblate 2026.7

尚未发布。

新功能

  • Added Safe MDX check to ensure that the target string contains the same JSX expressions as the source string for MDX 文件 files.

  • Added Source string length check for source strings near max-length.

  • Added the Accelerator key quality check, which verifies that accelerator keys are used consistently between the source and the translation. Enable it with the accelerator: flag and the marker character, for example accelerator:&.

  • 新增 Mistral LLM 自动建议 Mistral 机器继承。

  • 项目级别备份 backups can now be created and downloaded via the Weblate 的 REST API.

  • Added file format parameters for translating individual YAML front matter values in Markdown 文件 and MDX 文件 files and escaping formula-like values in CSV 文件 files.

改进

  • 虚拟键盘 for RTL languages now includes Unicode isolate controls for better mixed-direction text editing.

  • Management interface access control is now more fine-grained with dedicated site-wide permissions.

  • Default commit and merge request message templates now use Conventional Commits, and settings forms can restore installation defaults for individual message templates.

  • Documented 法律组件 customizations and added options to hide legal pages or disable document numbering.

  • Expanded Data residency and EU cloud sovereignty with EU cloud sovereignty guidance.

  • 更新 LINGUAS 文件 更好地检测 LINGUAS 文件存在与否。

  • 更新 POT 文件(xgettext) can now leave the xgettext language blank to let xgettext guess it from source file extensions.

  • Add-ons installed at higher scopes are now shown on lower-scope add-on pages, and broad-scope add-ons can list affected components with compatibility details.

  • Docker 容器中现在有了 WEBLATE_ALLOWED_ASSET_SIZE

  • LLM automatic suggestions now use translated examples, language-specific instructions, and richer glossary context for more reliable output.

  • 改进了 RTL 译文展示和编辑器预览的双向文本处理。

  • 元描述现在更好地匹配单项目安装和自托管安装。

  • Zen mode now loads large search results and glossary-heavy projects more efficiently.

  • Translate pages with filtered searches and nearby strings now load more efficiently.

  • Translation form submissions now avoid loading complete search result sets when saving strings.

  • Add-on management pages now load recent add-on history more efficiently on large sites.

  • Added Packaging Weblate for distributions guidance for distribution maintainers.

  • Expanded security documentation for release artifacts, supported versions, security updates, release verification, SBOMs, and dependency handling.

  • Clarified security metadata, vulnerability reporting, hosted-service incident response, and self-hosted operator responsibilities.

  • Large component imports now avoid duplicate translation-memory processing.

  • 现在可以配置 GNU gettext PO (Portable Object) 在保存时删除陈旧的字符串。

  • Added analyze_translator_work to estimate realistic daily translator throughput from change history.

  • DeepL now handles DeepL API versions internally, uses v3 for glossary management and language discovery, and no longer supports DeepL API v1.

  • Bulk accepting suggestions now confirms the number of affected suggestions, can approve them for reviewers, and processes the acceptance in the background.

  • Committing large numbers of pending translations now queues browser requests in the background and avoids duplicate repository commit tasks.

  • Change-event notification add-ons can now use presets for translation content events, all events, or selected individual events.

  • Fedora Messaging now validates secure broker connections and exposes delivery timing settings.

缺陷修复

  • Malformed replacements flags no longer abort source length checks.

  • Scoped team assignments can no longer be expanded through the API.

  • Empty component lists are no longer exposed to users without component list management permission.

  • TBX glossary files no longer duplicate terms when repeated pending add operations are saved.

  • Gerrit 审核请求 review pushes can again include Gerrit push options in the target branch.

  • Webhook target fallback matching is now stricter and reported in component diagnostics.

  • 创建与 weblate:// 链接的部件在请求期间不再等待共享的仓库锁。

  • Project and workspace translation license defaults now follow component and project licenses more closely.

  • Component and category API PATCH requests no longer remove the category when the field is omitted.

  • Hardened HTML and AJAX object lookups against private project enumeration.

  • ZIP downloads no longer follow repository symbolic links outside the downloaded tree.

  • Document and translation-memory uploads now enforce TRANSLATION_UPLOAD_MAX_SIZE, and API document uploads validate file extensions.

  • reStructuredText 语法错误 现在检测不成对反引号包裹的内联角色。

  • 不安全的 HTML now efficiently detects changed placeholder-only HTML attribute values in translations.

  • Repository reset and update progress now includes follow-up translation-file reconciliation.

  • Updating repository URLs now validates compatible Git history without requiring an immediate successful merge.

  • 自动翻译 使用机器翻译时不再验证隐藏的部件字段。

  • Strings marked for edit links now include all strings needing editing, checking, or rewriting.

  • Anonymous permission checks no longer fail when loading teams scoped to projects or workspaces.

  • API project creation can again use the user's only eligible workspace when no explicit workspace is supplied.

  • Git auto-maintenance is now disabled for Weblate-managed repositories to avoid concurrent detached maintenance jobs.

  • Component diagnostics now sort entries by severity, color-code severity badges, and show the error count on the Diagnostics tab.

  • 译文最大尺寸 no longer wraps text when checking strings configured to fit on one line.

  • Watched translations on the dashboard now include category path segments.

兼容性

  • Teams enforcing two-factor authentication now also withhold site-wide permissions from human members without 2FA configured.

  • Fedora Messaging topics now include category path segments, and broker settings are stored as an AMQP URL with existing host and SSL settings migrated automatically.

升级

请按照 一般的升级指示 来执行升级。

  • There are changes in settings_example.py, most notably in SOCIAL_AUTH_PIPELINE and SOCIAL_AUTH_DISCONNECT_PIPELINE; please adjust your settings accordingly.

贡献者

所有变化详情

Weblate 2026.6.1

发布于 2026 年 6 月 1 日。

缺陷修复

  • 面向所有语言的 公告 不再破坏语言概览页。

升级

请按照 一般的升级指示 来执行升级。

贡献者

代码贡献

Michal Čihař

文档贡献

Michal Čihař

所有变化详情

Weblate 2026.6

发布于 2026 年 6 月 1 日。

新功能

  • 现在也可通过特定项目语言的 Weblate 的 REST API 管理 公告

  • 现在可以将团队成员身份限制为所选语言用于每用户翻译权限。

  • 翻译报告新增 花费预估

  • Added optional OpenTelemetry tracing for backend requests and tasks, and Google Cloud Error Reporting for handled server errors.

  • Added 工作空间 to group related projects, with workspace project listings, workspace-scoped teams and project creation permissions, inherited workspace, project, and category defaults for selected component settings, and billing details when available.

改进

  • Docker 容器现在可以配置 WEBLATE_SAML_SECURITY_CONFIG 来自定义 SAML 安全设置,并用 WEBLATE_ADD_FORMATSWEBLATE_REMOVE_FORMATS 调整 WEBLATE_FORMATS

  • 改进了大型项目 不一致的 检查的性能。

  • Translation flag fields now use a tag-based editor with autocompletion and grouped suggestions for all known flags.

  • Contributor stats now de-duplicate repeated work on the same string by default, with an option to count all changes.

  • 代码托管集成 now documents HTTPS access-token URLs and dedicated-user SSH URLs for accessing repositories, and 持续本地化 now explains why squash merging Weblate conflict-resolution pull requests can require a repository reset.

  • 翻译部件诊断 now include dismissible component diagnostics for community localization.

  • 屏幕截图和可视化上下文 now support bulk assignment from search or image text recognition results, make finding strings in uploaded images easier to discover, show source string coverage counts, and include advanced listing search.

  • 软件物料清单 release artifacts now include CISA 2025 document-level metadata.

缺陷修复

  • Outbound URL validation now rejects additional non-public targets (CVE 2026-50127, GHSA-vmfc-9982-2m45).

  • 项目语言 公告 不再在整个项目中出现。

  • Hardened POST /api/screenshots/ access checks against private project enumeration.

  • Registration-attempt account activity e-mails now link to password reset to help users finish account setup.

  • 邀请新用户 links now work for signed-in users whose account owns the invited e-mail address.

  • Searching for strings with content changes without a recorded author now supports changed_by:"", and combined change filters now apply to the same change event.

  • Gitea and Forgejo pull requests no longer reconfigure existing fork remotes to point to the source repository.

  • Project and category language translation sessions now keep strings grouped by component priority and show component switch warnings reliably.

  • Engage page task links now stay centered and show the target translation language.

  • Gettext POT update add-ons now rescan translations after committing updated POT and PO files.

  • Git repositories now update branches correctly when the remote also has a tag with the same name.

  • 冲突的仓库设置警报现在允许同分支直接推送。

  • Obsolete cleanup schedules are now removed from Celery beat during upgrade.

  • Translation pages for workspace projects no longer crash when workspace fields are deferred.

升级

请按照 一般的升级指示 来执行升级。

  • INSTALLED_APPS 有一处更改;应添加 weblate.workspaces

  • 数据库迁移在较大的实例上可能要花更长时间。

贡献者

代码贡献

Michal Čihař, Karen Konou, Weblate CI, Basheer Radman, michael-smt, Kristián Kunc, felixfon

翻译贡献

Michal Čihař, VfBFan, 大王叫我来巡山, Emin Tufan Çetin, Basheer Radman, 為什麼不加空格, Peter Vančo, Christian Wia, Любомир Василев, Matthaiks, Andrei Stepanov, Libre, Besnik Bleta, ℂ𝕠𝕠𝕠𝕝 (𝕘𝕚𝕥𝕙𝕦𝕓.𝕔𝕠𝕞/ℂ𝕠𝕠𝕠𝕝), Balázs Meskó, Aindriú Mac Giolla Eoin, Adam Havránek, Dick Groskamp, Arif Budiman, Mickaël Binos, Ryo Nakano, hoanghuy309, Pierfrancesco Passerini, Alefsander Ribeiro Nascimento, Massimo Pissarello, justcontributor, 이정희, Cabdi Waaxid Siciid, Yaron Shahrabani, User2068, Kyotaro Iijima, pan93412, jernejp21, libermax, Phileas Fogg, Fjuro, Jim Kats, Fulup Jakez, Priit Jõerüüt, Ldm Public, Andi Chandler, Burak SDN, ojppe

文档贡献

Michal Čihař, VfBFan, Basheer Radman, Weblate CI, michael-smt, felixfon

所有变化详情

Weblate 2026.5

发布于 2026 年 5 月 15 日。

新功能

  • Added MDX 文件 support for translating Markdown text while preserving JSX syntax, with 文件格式参数 shared with Markdown 文件 for line wrapping, code blocks, front matter, and placeholder handling.

  • Added extended LLM translation context for automatic suggestions, covering string context, explanations, secondary-language translations, plurals, failing checks, and placeholders.

  • Added a digest-only translation activity summary notification, see 通知.

  • CSV and XLSX downloads in 下载译文 now export plural strings as separate plural-form rows that can be imported back.

  • Added Gettext PO and POT 文件格式参数 to control whether Weblate updates the Language-Team, Last-Translator, X-Generator, and Report-Msgid-Bugs-To headers.

  • Added a backup to run configured backup services synchronously.

  • The translation memory lookup API can now skip fuzzy matching with the exact query parameter.

  • 新增 翻译文件 CDN 发布翻译文件到配置的 CDN。

改进

  • 现在可用 dos_eol 文件格式参数 来配置使用 DOS 行结尾符号。

  • OpenAI and Alibaba no longer require their vendor Python SDKs.

  • 现在在历史记录中记录经审计的项目和部件设置。

  • Gerrit review pushes now use 推送分支 as the target branch.

  • Weblate now checks whether CACHE_DIR allows executing generated helper files.

  • The 软件物料清单 is now generated during release and published as a versioned release asset instead of being stored in the source repository.

  • The translating page now separates screenshots from string information, collapses rarely used string details, and groups glossary and screenshot actions more consistently.

  • Project access management now paginates users and better explains site-wide automatic team assignments.

  • Added provider-oriented code hosting documentation and Gettext-style 复数公式 guidance.

  • The Python wheel no longer ships source translation catalogs, test files, or deployment example files, reducing the installed package size.

  • The engage page now highlights actionable translation task buckets for newcomers.

  • RSS feeds can now use the same filters as the changes browsing page.

  • 更新 gettext 模板(Django) now supports gettext PO files used as templates when they are excluded by the language filter.

  • Reworked Weblate 威胁模型 into a contract-style document.

缺陷修复

  • Hardened search previews and 自动建议 suggestion origins against XSS, and stopped exposing database error details in upload failures (CVE 2026-45106 / GHSA-6wxc-8mgq-w26m).

  • Screenshot URL uploads, remote HTML extraction in JavaScript 本地化 CDN, and URL health-check redirects now reject internal or non-public targets by default.

  • Gerrit review pushes now reject target branches containing push options, track the target branch before invoking git-review, and suggest short branch names when full refs are supplied.

  • 公告 类别不再出现在整个项目中,翻译声明删除现在遵守语言级的权限。

  • Merge request pushes now refresh stale fork remotes after changing repository hosting.

  • Plural counts parsed from translation file headers are now bounded, and plural formulas are rejected when they can evaluate outside the configured plural form range.

  • 项目访问令牌 expiring today now remain valid until the end of the day.

  • Malformed ALTCHA CAPTCHA submissions and repository URLs in webhook payloads no longer cause server errors.

  • 占位符 now merges overlapping non-nested spans from multiple flags.

  • 备份和迁移 Weblate logs no longer include OpenSSH post-quantum key exchange warnings from remote Borg connections.

  • Category repository paths are now handled more safely during cleanup and moves.

  • Locked component pages now show an unsubscribe action after subscribing to unlock notifications.

  • 项目级别备份 imports now restore in the background to avoid web worker memory limits.

兼容性

  • The dos-eol flag is no longer supported. Use the dos_eol 文件格式参数 instead.

  • The registration CAPTCHA now uses the ALTCHA widget v3 protocol with Argon2id proof-of-work.

  • The set_language_team project attribute has been replaced with the po_set_language_team file format parameter at the component level; see 文件格式参数.

  • Weblate now uses calendar versioning for releases, see 发行周期.

  • Weblate now uses stricter dependency version constraints to better control runtime environment.

升级

请按照 一般的升级指示 来执行升级。

  • The ALTCHA_MAX_NUMBER setting has been replaced by ALTCHA_COST, ALTCHA_MEMORY_COST, and ALTCHA_PARALLELISM; please adjust your settings accordingly.

  • The upgrading policy was changed, and upgrades are only supported from the current or previous calendar year.

  • The COMMENT_CLEANUP_DAYS and SUGGESTION_CLEANUP_DAYS settings are migrated once to site-wide 陈旧评论删除 and 陈旧建议删除 add-ons; configure those add-ons instead.

贡献者

代码贡献

Michal Čihař, Karen Konou, AliceVisek, Gersona, Weblate CI

翻译贡献

이정희, Andrei Stepanov, Milo Ivir, ssantos, 大王叫我来巡山, Kaya Zeren, reducedradius, Peter Vančo, amano, Michal Čihař, Anucha Hlownonkor, Yaron Shahrabani, UDP, Максим Горпиніч, Agnieszka C, VfBFan, Blueberry, ojppe, Francisco Serrador, Aindriú Mac Giolla Eoin, Fjuro, Любомир Василев, Frank Paul Silye, Temuri Doghonadze, Yuri Chornoivan, Sergio Granadoz, Sketch6580, Hyeonjeong Lee, 為什麼不加空格, ℂ𝕠𝕠𝕠𝕝 (𝕘𝕚𝕥𝕙𝕦𝕓.𝕔𝕠𝕞/ℂ𝕠𝕠𝕠𝕝), justcontributor, Kristijan "Fremen" Velkovski, Pierfrancesco Passerini, Besnik Bleta, Arif Budiman, Andi Chandler, jernejp21, Manuela Silva, Sjur N Moshagen, Abduqadir Abliz, Laitei, Кирилл Ванин, Matthaiks, Nozomu Matsui, Dick Groskamp, MrZwave, hoanghuy309, Jim Spentzos, Adam Havránek, Ricky Tigg, Christian Wia, ButterflyOfFire

文档贡献

Michal Čihař, Gersona, Karen Konou, AliceVisek

所有变化详情