release-notes-3.0.0.rst
166 lines
| 8.0 KiB
| text/x-rst
|
RstLexer
r1 | |RCE| 3.0.0 |RNS| | |||
----------------- | ||||
r3290 | As |RCE| 3.0 is a big release, the release notes have been split into the following sections: | |||
r1 | ||||
* :ref:`general-rn-ref` | ||||
* :ref:`security-rn-ref` | ||||
* :ref:`api-rn-ref` | ||||
* :ref:`performance-rn-ref` | ||||
* :ref:`prs-rn-ref` | ||||
* :ref:`gists-rn-ref` | ||||
* :ref:`search-rn-ref` | ||||
* :ref:`fixes-rn-ref` | ||||
.. _general-rn-ref: | ||||
General | ||||
^^^^^^^ | ||||
* Released 2015-01-27 | ||||
* Basic |svn| support added | ||||
* GPLv3 components removed | ||||
* Server/Client architecture for VCS systems created | ||||
* Python 2.5 and 2.6 support deprecated | ||||
* Server info pages now show gist/archive cache storage, and also CPU/Memory/Load information. | ||||
* Added new bulk commit (changeset) status comment form into compare view which enables bulk code-reviews without | ||||
opening a pull-request. | ||||
* License checks and limits now only apply to active users. | ||||
* Removed CLI command for |repo| scans as it can be done via an API call. | ||||
* VCS backends can be globally enabled/disabled from the :file:`rhodecode.ini` file. | ||||
* Added a UI option to set default rendering to rst or markdown. | ||||
* Added syntax highlighting to 2 way compare diff. | ||||
* Markup rendering can now render checkboxes for easy checklists generation. | ||||
* Gravatars are now retina ready. | ||||
* Admins can define custom CSS or JavaScript in the header or footer via new pre/post code options. | ||||
* Replaced ``graph.js`` with ``commits-graph.js`` html5 implementation. | ||||
* Added editable owner field for repository groups, and user group. | ||||
* Added an option to detach/delete user repositories when deleting users from the system. | ||||
* Added a Supervisor control page that shows status of processes. | ||||
* User admin grid can now filter by username OR email. | ||||
* Added personal |repo| group link for easier fork creation. | ||||
* Added support for using subdirectories when creating and uploading new files. | ||||
* Added option to rename a file from the web interface. | ||||
* Added arrow key navigation to file filter and fixed the back button behaviour. | ||||
* Added fuzzy matching to file filter. | ||||
* Added functionality to create folder structures along with files when adding content via the web interface. | ||||
* Separated default permissions UI into `global`, `user`, or `object` permissions management. | ||||
* Added an inheritance flag to object permissions which allows for explicit permissions which disregard global | ||||
permissions. | ||||
* Added post create repository group hook. | ||||
* Added trigger push hooks on online file editor. | ||||
* Added default title for pull request. | ||||
* More detailed logs during Authentication. | ||||
* More explicit logging when permission checks occur. | ||||
* Switched the implementation of |git| ``fetch clone pull checkout`` commands to pure |py| without any subprocess | ||||
calls. | ||||
* Introduced the ``rcserver`` command for custom development. | ||||
* Added the ability to force no cache archived via the ``GET no_cache`` flag | ||||
.. _security-rn-ref: | ||||
Security | ||||
^^^^^^^^ | ||||
* CSRF (Cross-Site Request Forgery) tokens now in all pages that use forms. | ||||
* The ``clone_url`` field is now AES encrypted inside the database. | ||||
* ACLs (Access Control Lists) are checked on the gist edit page for logged in users. | ||||
* New repository groups and repositories are created with 0755 permissions and not not 0777. | ||||
* Explicit RSS tokens are used for the RSS journal, when leaked, limits access to RSS only. | ||||
* Fixed XSS issues when rendering raw SVG files. | ||||
* Added force password reset option for users. | ||||
* IP list now accepts comma-separated values, and also ranges using `-` to specify multiple addresses. | ||||
* Added ``auth tokens``, these authentication tokens can be used as an alternative to passwords. | ||||
* Added roles (``http, api, rss, all, vcs``) into authentication tokens (previously called ``apikeys``). | ||||
* LDAP Group Support added. | ||||
* Added JASIG CAS auth plugin support. | ||||
* Added a plugin parameter that defines if a plugin can create new users on the fly. | ||||
.. _api-rn-ref: | ||||
API | ||||
^^^ | ||||
* Added permissions delegation when creating |repos| or |repo| groups. | ||||
* Added ``strip`` support for |hg| and |git| |repos|. | ||||
* Added comments API for commits. | ||||
* Added add/remove methods for extra fields in repositories. | ||||
* ``get_*`` calls now use ``permission()`` and ``permission_user_group()`` methods for unified permissions structure. | ||||
* ``get_repo_nodes`` information sending has changed and is no longer a boolean flag, it's now ``basic`` or ``full``. | ||||
* Due to configurable backends ``repo_type`` is now mandatory parameter for the ``create_repo`` call. | ||||
.. _performance-rn-ref: | ||||
Performance | ||||
^^^^^^^^^^^ | ||||
* Significant performance improvements across all application functions. | ||||
* HTTP Authentication performance enhancements. | ||||
* Added a ``scope`` variable to the permissions fetching function which improves building permission trees in large | ||||
amounts by a factor of 10. | ||||
* Implemented caching logic for all authentication plugins. The ``AUTH_CACHE_TTL = <int>`` property now allow you to | ||||
set the cache in seconds. | ||||
.. _prs-rn-ref: | ||||
Pull Requests | ||||
^^^^^^^^^^^^^ | ||||
* Pull requests can be now updated and merged from the web interface | ||||
* Fixed creating a Mercurial |pr| from a bookmark. | ||||
* Forbid closing pull requests when calculated status is different that the approved or rejected version. | ||||
* Properly display calculated pull request review status on listing page. | ||||
* Disable delete comment button if |pr| is closed. | ||||
.. _gists-rn-ref: | ||||
Gists | ||||
^^^^^ | ||||
* New UI based on grids with filtering. | ||||
* Super-admins can see all gists. | ||||
* Gists can now be created with a custom names. | ||||
.. _search-rn-ref: | ||||
Search | ||||
^^^^^^ | ||||
* New API based indexer. | ||||
* Added the ability to create size limits for indexed files. | ||||
* Added a new mapping configuration file which gives a very high level of flexibility when creating full text search. | ||||
.. _fixes-rn-ref: | ||||
Fixes | ||||
^^^^^ | ||||
* General: fixed issues with dependent objects, such as ``users`` in ``user groups``. Cleaning up these dependent | ||||
objects is now done in a safe way. | ||||
* General: deleting a ``user group`` from **settings > advanced** will use force removal and cleanup from all | ||||
associations. | ||||
* General: fixed issue with filter proxy middleware it's now more error prone. | ||||
* General: fixed issues with unable to create fork inside a group. | ||||
* General: fixed bad logic in ``ext_json`` lib, that checked bool on microseconds, in case it was 0 bool it returned False. | ||||
* General: authors in annotation mode shows authors of current source, not from all history (that is in normal mode) | ||||
* Permissions: fix issue when inherit flag for user group stopped working after initial permissions set. | ||||
* |git|: fixed shallow clones. | ||||
* |git|: added ``\n`` into the service line of |git| protocol. It is in the specifications and some python clients | ||||
require this. | ||||
* |hg|: fix thread safety for mercurial ``in-memory`` commits. | ||||
* Windows: fixed issue with shebang and env headers. | ||||
* MySQL: fixed database fields with 256 char length with added indexes. Mysql had problems with them. | ||||
* Database: fixed bad usage of matching using ``ILIKE``. Previously it could happen that if you had | ||||
``marcin_1@rhodecode.com`` and ``marcin_2@rhodecode.com`` emails, using ``marcin_@rhodecode.com`` would match both. | ||||
* VCS: fixed issues with double new lines on the commit patches. | ||||
* VCS: repository locking now requires write permission to repository. If we allowed locking with read, | ||||
people can lock repository without an option to unlock it. | ||||
* Models: removed the ``isdigit`` call that can create issues when names are actually numbers on fetching objects. | ||||
* Files: Fix bug with show authors in annotate view. | ||||
* Hooks: truncate excessive commit lists on ``post_push`` hook. | ||||
* Hooks: in |git|, support added to set the default branch if it is not ``master``. | ||||
* Notifications: now can be marked as read when you are not admin. | ||||
* Notifications: marking all notifications as read will hide the counter. | ||||
* Frontend: fixed branch-tag switcher multiple ajax calls. | ||||
* Repository group: |repo| group owners can now change group settings even if they don't have access to top-level | ||||
permissions. | ||||
* Repositories: if you set ``Fork of`` in advanced repository settings it will now only show valid repositories | ||||
with the same type. | ||||