##// END OF EJS Templates
deps: bumped zope.interface==7.1.1
deps: bumped zope.interface==7.1.1

File last commit:

r4728:29e77558 default
r5595:e7e5db4e default
Show More
release-notes-4.26.0.rst
55 lines | 1.7 KiB | text/x-rst | RstLexer
/ docs / release-notes / release-notes-4.26.0.rst
docs: added 4.26.0 release notes.
r4728 |RCE| 4.26.0 |RNS|
------------------
Release Date
^^^^^^^^^^^^
- 2021-08-06
New Features
^^^^^^^^^^^^
General
^^^^^^^
- Caches: introduce invalidation as a safer ways to expire keys, deleting them are more problematic.
- Caches: improved locking problems with distributed lock new cache backend.
- Pull requests: optimize db transaction logic.
This should prevent potential problems with locking of pull-requests that have a lot of reviewers.
- Pull requests: updates use retry logic in case of update is locked/fails for some concurrency issues.
- Pull requests: allow forced state change to repo admins too.
- SSH: handle subrepos better when using SSH communication.
Security
^^^^^^^^
- Drafts comments: don't allow to view history for others than owner.
- Validators: apply username validator to prevent bad values being searched in DB, and potential XSS payload sent via validators.
Performance
^^^^^^^^^^^
- SSH: use pre-compiled backends for faster matching of vcs detection.
- Routing: don't check channelstream connections for faster handling of this route.
- Routing: skip vcsdetection for ops view so they are not checked against the vcs operations.
Fixes
^^^^^
- Permissions: flush all users permissions when creating a new user group.
- Repos: recover properly from bad extraction of repo_id from URL and DB calls.
- Comments history: fixed fetching of history for comments
- Pull requests: fix potential crash on providing a wrong order-by type column.
- Caches: report damaged DB on key iterations too not only the GET call
- API: added proper full permission flush on API calls when creating repos and repo groups.
Upgrade notes
^^^^^^^^^^^^^
- Scheduled release 4.26.0.