release-notes-4.6.0.rst
157 lines
| 7.1 KiB
| text/x-rst
|
RstLexer
| r1394 | |RCE| 4.6.0 |RNS| | ||
| ----------------- | |||
| Release Date | |||
| ^^^^^^^^^^^^ | |||
| - 2017-02-03 | |||
| New Features | |||
| ^^^^^^^^^^^^ | |||
| - Pull requests: introduced versioning for pull requests. | |||
| Each update of pull requests creates and exposes a new version of it. | |||
| Users can navigate each version to show the previous state of pull request, or | |||
| generate diffs between versions to show what changed since the last update. | |||
| Also on each update attached comments are pinned to versions, so users can | |||
| tell at which state particular comment was made. | |||
| Various UI/UX fixes on PR page. | |||
| - Pull requests: introduced new merge-checks. | |||
| Merge checks show nicer UI for the status of merge approval. | |||
| Merge checks now also forbid a merge if TODO notes are present. | |||
| Submitting a status will auto-refresh merge checks, it means that it's no | |||
| longer required to re-load diff to merge a PR. | |||
| Same logic is now used for API, pre-conditions on show, and checks on | |||
| actual merge API call. | |||
| - Code review: approval state is now bound to pull request versioning. Users | |||
| can track their last approval and only show changes of pull requests between | |||
| their last approval and latest state. | |||
| - Code review: inline and main comments have now two types. a `note` and `todo`. | |||
| unresolved TODO comments show up in pull requests or commit view. | |||
| Unresolved TODO also prevents a PR from being merged. | |||
| - Code review: added navigation on outdated comments. | |||
| - Diffs: compare mode overhaul. | |||
| Made compare and commit range pages more consistent with other commit | |||
| diff pages. Old diff2way is replaced by new diffs with side-by-side | |||
| mode, and it also removes mergerly. Cleanup button behaviour on the compare | |||
| page. Switched file-diffs to use the compare page with file filter. | |||
| Added collapse/expand commits buttons in compare views. Generally improved UX. | |||
| - Diffs: added a wide-mode button to expand large diffs. | |||
| - Comments: an overhaul of comments forms. Adjust them for new comment types and | |||
| resolution comments. | |||
| - Comments: replaced a ctrl+space commands with slash commands. This becomes | |||
| more standardized and easier to use. | |||
| - Changelog: added load more anchors into changelog view. | |||
| Users in changelog can now load comments via ajax and extend the data | |||
| set to show more than 100 commits. This also re-renders the graph. So it's | |||
| possible to show 1000s of commits in an efficient way with the DAG graph. | |||
| - User sessions: added interface to show, and cleanup user auth sessions. | |||
| It's possible to show, and clean obsolete sessions. Also a cleanup of all | |||
| sessions option were added to completely log-out all users from the system. | |||
| - Integrations: webhook integration have now additional setting to choose if | |||
| the call should be made with POST or GET. | |||
| - API: get_repos call now allows to filter returned data by specifying a start | |||
| root location. Additionally, a traverse flag was added to define if returned | |||
| data should be only from top-level or recursive. | |||
| - API: comment_type (`note` or `todo`) for comment API. | |||
| - API: added comment_resolved_id into comments API to resolve TODO notes. | |||
| General | |||
| ^^^^^^^ | |||
| - Api: comment_pull_request, added commit_id parameter to validate status | |||
| changed on particular commit. In case users set status on the commit | |||
| which is not current valid head this API call won't change the status anymore. | |||
| - Channelstream: added testing panel for live notifications. | |||
| - Authentication: disable password change form for accounts that are not | |||
| managed by RhodeCode, in the case of external accounts such as LDAP/oAuth, | |||
| password reset doesn't make sense. | |||
| - Core: let pyramid handle tracebacks for all exceptions. | |||
| Otherwise, we'll miss exception caused in pure pyramid views. | |||
| - Vcs server: expose remote tracebacks from HTTP backend using | |||
| the Pyro4AwareFormatter. This will now in most cases propagate VCSServer | |||
| exception into Enterprise logs for easier tracking of errors | |||
| - Ishell: updated code with latest iShell changes. | |||
| - Svn: generate HTTP downgrade via the auto-generated config. This allows | |||
| a HTTPs/HTTP configuration with SVN. | |||
| - Dependencies: bumped various pytest related libraries to latest versions. | |||
| - Dependencies: bumped gevent to 1.1.2 and greenlet to 0.4.10 versions. | |||
| - Dependencies: bumped msgpack to version 0.4.8. | |||
| - Dependencies: bumped supervisor to 3.3.1 version. | |||
| - Dependencies: bumped Whoosh to version 2.7.4. | |||
| - Dependencies: bumped Markdown library to 2.6.7 | |||
| - Dependencies: bumped mako templates to 1.0.6 | |||
| - Dependencies: bumped waitress version to 1.0.1 | |||
| - Dependencies: bumped pygments to 2.2.0 | |||
| - dependencies: bumped Mercurial version to 4.0.2 | |||
| - dependencies: bumped git version to 2.9.3 | |||
| Security | |||
| ^^^^^^^^ | |||
| - Login: Don't display partial password helper hash inside the logs. | |||
| The information is not-required and will prevent people worrying about this | |||
| shown in logs. | |||
| - Auth: use pyramid HTTP exception when detecting CSRF errors. It helps | |||
| catching this error by our error handler and displaying it nicely to users. | |||
| - SVN: hide password entries in logs using specially generated configuration | |||
| for Apache Mod-Dav | |||
| - Permissions: fixed call to correctly check permissions for admin, before admin | |||
| users were ban deleting of pull requests in certain conditions. | |||
| Performance | |||
| ^^^^^^^^^^^ | |||
| - Markup renderer: use global Markdown object to speed up markdown rendering. | |||
| We'll skip heavy initialization on each render thanks to this. | |||
| - Diffs: optimize how lexer is fetched for rich highlight mode. | |||
| Speeds up initial diff creation significantly since lexer cache is re used | |||
| and we don't need to fetch lexer many times. | |||
| - VCS: do an early detection of vcs-type request. | |||
| In case we're handling a VCS request, we can skip some of the pylons | |||
| stack initialization, speeding the request processing. | |||
| Fixes | |||
| ^^^^^ | |||
| - Code review: render outdated comments that don't fit current context. | |||
| Comments attached to files that were removed from pull-request now will also | |||
| properly show up. | |||
| - Markup renderer: don't render plaintext files as RST. This prevents plain | |||
| Readme files have been wrongly rendered. | |||
| - VCS: raise a better exception if file node history cannot be extracted. | |||
| Helps to trace corrupted repositories. | |||
| - Exception handling: nicer error catching on repository creation. | |||
| - Fixed excessive number of session object creation. There should be now a | |||
| significant reduction in new file or DB entries created for sessions. | |||
| - Core: remove global timezone hook from tests. This was leaking into main | |||
| application causing TZ problems (such as UTC log dates). | |||
| - Pull requests: wait for all dynamic checks before enabling opening a PR. | |||
| This ensures that all code analysis were run before users are allowed to open | |||
| a pull request. | |||
| - i18n: use a consistent way of setting user language. | |||
| - API: added merge checks into API because it was not validated before and could | |||
| return an error if the merge wasn't possible for some reason. | |||
| - VCSServer: fetch proper locale before defaulting to default. Prevents | |||
| errors on some machines that don't have locales set. | |||
| - VCSServer: fixed 500 error if the wrong URL on HTTP mode vcsserver was accessed. | |||
| Upgrade notes | |||
| ^^^^^^^^^^^^^ | |||
| - Integrations: since new POST/GET option was added to integrations, users | |||
| are advised to optionally check Webhooks integrations and pick one. | |||
| (default is still POST) |
