##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
release: merge back stable branch into default
marcink -
r2024:1069b5cc merge default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,66 b''
1 |RCE| 4.9.0 |RNS|
2 -----------------
3
4 Release Date
5 ^^^^^^^^^^^^
6
7 - 2017-08-12
8
9
10 New Features
11 ^^^^^^^^^^^^
12
13
14
15 General
16 ^^^^^^^
17
18 - Off cycle Minor release to fix SCM vulnerabilities.
19
20
21 Security
22 ^^^^^^^^
23
24 - security(critical): Bumped GIT to 2.9.5 fixes CVE-2017-1000117
25 https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1466490.html
26 - security(critical): Bumped SVN to 1.9.7 fixes CVE-2017-9800
27 https://subversion.apache.org/security/CVE-2017-9800-advisory.txt
28 - security(critical): Bumped Mercurial to 4.2.3 fixes CVE-2017-1000116
29 https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
30
31
32 Performance
33 ^^^^^^^^^^^
34
35 - Fixed Mercurial Stream support for very large repositories. Due to discovered
36 bug in WebOb library we manage to fix Mercurial stream support.
37 Now cloning very large repos e.g 100GB, ~1mln commits should be much
38 faster, and use less memory.
39
40
41 Fixes
42 ^^^^^
43
44 - Fixed problem with default-reviewers in EE package that was missing panel
45 title and in some occasions generate 500 errors.
46 - Fixed problem with potential URL generation inside our integration.
47 This was introduced during pyramid porting. We know ensure that proper
48 routing generation is done on all events.
49
50
51 Upgrade notes
52 ^^^^^^^^^^^^^
53
54
55 - The 4.9.0 release is an off-cycle release. Due to the fact that we needed to
56 bump Mercurial from 4.1.X to 4.2.X, and Subversion from 1.9.4 to 1.9.7, we
57 released this version not as 4.8.1 security bug fix but 4.9.0.
58 We know historically that SVN and Mercurial can have internal api changes.
59 We tested basic functionality for all 3 vcs-es but due to very short release
60 time we were unable to test everything. Please report any found problems to us
61 and we'll for sure address them.
62
63 Note to SVN users: Please make sure to upgrade mod_dav to 1.9.7 version.
64 At this time we know Wandisco provides 1.9.7 packages for most major distros.
65
66
Show file before | Show file after | Hide comments
@@ -1,21 +1,22 b''
1 1 1bd3e92b7e2e2d2024152b34bb88dff1db544a71 v4.0.0
2 2 170c5398320ea6cddd50955e88d408794c21d43a v4.0.1
3 3 c3fe200198f5aa34cf2e4066df2881a9cefe3704 v4.1.0
4 4 7fd5c850745e2ea821fb4406af5f4bff9b0a7526 v4.1.1
5 5 41c87da28a179953df86061d817bc35533c66dd2 v4.1.2
6 6 baaf9f5bcea3bae0ef12ae20c8b270482e62abb6 v4.2.0
7 7 32a70c7e56844a825f61df496ee5eaf8c3c4e189 v4.2.1
8 8 fa695cdb411d294679ac081d595ac654e5613b03 v4.3.0
9 9 0e4dc11b58cad833c513fe17bac39e6850edf959 v4.3.1
10 10 8a876f48f5cb1d018b837db28ff928500cb32cfb v4.4.0
11 11 8dd86b410b1aac086ffdfc524ef300f896af5047 v4.4.1
12 12 d2514226abc8d3b4f6fb57765f47d1b6fb360a05 v4.4.2
13 13 27d783325930af6dad2741476c0d0b1b7c8415c2 v4.5.0
14 14 7f2016f352abcbdba4a19d4039c386e9629449da v4.5.1
15 15 416fec799314c70a5c780fb28b3357b08869333a v4.5.2
16 16 27c3b85fafc83143e6678fbc3da69e1615bcac55 v4.6.0
17 17 5ad13deb9118c2a5243d4032d4d9cc174e5872db v4.6.1
18 18 2be921e01fa24bb102696ada596f87464c3666f6 v4.7.0
19 19 7198bdec29c2872c974431d55200d0398354cdb1 v4.7.1
20 20 bd1c8d230fe741c2dfd7100a0ef39fd0774fd581 v4.7.2
21 21 9731914f89765d9628dc4dddc84bc9402aa124c8 v4.8.0
22 c5a2b7d0e4bbdebc4a62d7b624befe375207b659 v4.9.0
Show file before | Show file after | Hide comments
@@ -1,150 +1,167 b''
1 1 .. _svn-http:
2 2
3 3 |svn| With Write Over HTTP
4 4 ^^^^^^^^^^^^^^^^^^^^^^^^^^
5 5
6 6 To use |svn| with read/write support over the |svn| HTTP protocol, you have to
7 7 configure the HTTP |svn| backend.
8 8
9 9 Prerequisites
10 10 =============
11 11
12 12 - Enable HTTP support inside the admin VCS settings on your |RCE| instance
13 13 - You need to install the following tools on the machine that is running an
14 14 instance of |RCE|:
15 15 ``Apache HTTP Server`` and ``mod_dav_svn``.
16 16
17 17
18 Using Ubuntu 14.04 Distribution as an example execute the following:
18 .. tip::
19
20 We recommend using Wandisco repositories which provide latest SVN versions
21 for most platforms. Below is example how to add the wandisco repositories
22 for Ubuntu.
23
24 .. code-block:: bash
25
26 $ sudo sh -c 'echo "deb http://opensource.wandisco.com/ubuntu `lsb_release -cs` svn19" >> /etc/apt/sources.list.d/subversion19.list'
27 $ sudo wget -q http://opensource.wandisco.com/wandisco-debian.gpg -O- | sudo apt-key add -
28 $ sudo apt-get update
29
30
31 Using Ubuntu 14.04/16.04 Distribution as an example execute the following to
32 install required components:
19 33
20 34 .. code-block:: bash
21 35
22 36 $ sudo apt-get install apache2 libapache2-mod-svn
23 37
24 38 Once installed you need to enable ``dav_svn``:
25 39
26 40 .. code-block:: bash
27 41
28 42 $ sudo a2enmod dav_svn
29 43 $ sudo a2enmod headers
30 44 $ sudo a2enmod authn_anon
31 45
32 46
33 47 Configuring Apache Setup
34 48 ========================
35 49
36 50 .. tip::
37 51
38 52 It is recommended to run Apache on a port other than 80, due to possible
39 53 conflicts with other HTTP servers like nginx. To do this, set the
40 54 ``Listen`` parameter in the ``/etc/apache2/ports.conf`` file, for example
41 55 ``Listen 8090``.
42 56
43 57
44 58 .. warning::
45 59
46 60 Make sure your Apache instance which runs the mod_dav_svn module is
47 61 only accessible by |RCE|. Otherwise everyone is able to browse
48 62 the repositories or run subversion operations (checkout/commit/etc.).
49 63
50 64 It is also recommended to run apache as the same user as |RCE|, otherwise
51 65 permission issues could occur. To do this edit the ``/etc/apache2/envvars``
52 66
53 67 .. code-block:: apache
54 68
55 69 export APACHE_RUN_USER=rhodecode
56 70 export APACHE_RUN_GROUP=rhodecode
57 71
58 72 1. To configure Apache, create and edit a virtual hosts file, for example
59 73 :file:`/etc/apache2/sites-enabled/default.conf`. Below is an example
60 74 how to use one with auto-generated config ```mod_dav_svn.conf```
61 75 from configured |RCE| instance.
62 76
63 77 .. code-block:: apache
64 78
65 79 <VirtualHost *:8090>
66 80 ServerAdmin rhodecode-admin@localhost
67 81 DocumentRoot /var/www/html
68 82 ErrorLog ${'${APACHE_LOG_DIR}'}/error.log
69 83 CustomLog ${'${APACHE_LOG_DIR}'}/access.log combined
84 LogLevel info
85 # allows custom host names, prevents 400 errors on checkout
86 HttpProtocolOptions Unsafe
70 87 Include /home/user/.rccontrol/enterprise-1/mod_dav_svn.conf
71 88 </VirtualHost>
72 89
73 90
74 91 2. Go to the :menuselection:`Admin --> Settings --> VCS` page, and
75 92 enable :guilabel:`Proxy Subversion HTTP requests`, and specify the
76 93 :guilabel:`Subversion HTTP Server URL`.
77 94
78 95 3. Open the |RCE| configuration file,
79 96 :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini`
80 97
81 98 4. Add the following configuration option in the ``[app:main]``
82 99 section if you don't have it yet.
83 100
84 101 This enables mapping of the created |RCE| repo groups into special
85 102 |svn| paths. Each time a new repository group is created, the system will
86 103 update the template file and create new mapping. Apache web server needs to
87 104 be reloaded to pick up the changes on this file.
88 105 To do this, simply configure `svn.proxy.reload_cmd` inside the .ini file.
89 106 Example configuration:
90 107
91 108
92 109 .. code-block:: ini
93 110
94 111 ############################################################
95 112 ### Subversion proxy support (mod_dav_svn) ###
96 113 ### Maps RhodeCode repo groups into SVN paths for Apache ###
97 114 ############################################################
98 115 ## Enable or disable the config file generation.
99 116 svn.proxy.generate_config = true
100 117 ## Generate config file with `SVNListParentPath` set to `On`.
101 118 svn.proxy.list_parent_path = true
102 119 ## Set location and file name of generated config file.
103 120 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
104 121 ## Used as a prefix to the <Location> block in the generated config file.
105 122 ## In most cases it should be set to `/`.
106 123 svn.proxy.location_root = /
107 124 ## Command to reload the mod dav svn configuration on change.
108 125 ## Example: `/etc/init.d/apache2 reload`
109 126 svn.proxy.reload_cmd = /etc/init.d/apache2 reload
110 127 ## If the timeout expires before the reload command finishes, the command will
111 128 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
112 129 #svn.proxy.reload_timeout = 10
113 130
114 131
115 132 This would create a special template file called ```mod_dav_svn.conf```. We
116 133 used that file path in the apache config above inside the Include statement.
117 134 It's also possible to manually generate the config from the
118 135 :menuselection:`Admin --> Settings --> VCS` page by clicking a
119 136 `Generate Apache Config` button.
120 137
121 138 5. Now only things left is to enable svn support, and generate the initial
122 139 configuration.
123 140
124 141 - Select `Proxy subversion HTTP requests` checkbox
125 142 - Enter http://localhost:8090 into `Subversion HTTP Server URL`
126 143 - Click the `Generate Apache Config` button.
127 144
128 145 This config will be automatically re-generated once an user-groups is added
129 146 to properly map the additional paths generated.
130 147
131 148
132 149
133 150 Using |svn|
134 151 ===========
135 152
136 153 Once |svn| has been enabled on your instance, you can use it with the
137 154 following examples. For more |svn| information, see the `Subversion Red Book`_
138 155
139 156 .. code-block:: bash
140 157
141 158 # To clone a repository
142 159 svn checkout http://my-svn-server.example.com/my-svn-repo
143 160
144 161 # svn commit
145 162 svn commit
146 163
147 164
148 165 .. _Subversion Red Book: http://svnbook.red-bean.com/en/1.7/svn-book.html#svn.ref.svn
149 166
150 167 .. _Ask Ubuntu: http://askubuntu.com/questions/162391/how-do-i-fix-my-locale-issue No newline at end of file
Show file before | Show file after | Hide comments
@@ -1,98 +1,99 b''
1 1 .. _rhodecode-release-notes-ref:
2 2
3 3 Release Notes
4 4 =============
5 5
6 6 |RCE| 4.x Versions
7 7 ------------------
8 8
9 9 .. toctree::
10 10 :maxdepth: 1
11 11
12 release-notes-4.9.0.rst
12 13 release-notes-4.8.0.rst
13 14 release-notes-4.7.2.rst
14 15 release-notes-4.7.1.rst
15 16 release-notes-4.7.0.rst
16 17 release-notes-4.6.1.rst
17 18 release-notes-4.6.0.rst
18 19 release-notes-4.5.2.rst
19 20 release-notes-4.5.1.rst
20 21 release-notes-4.5.0.rst
21 22 release-notes-4.4.2.rst
22 23 release-notes-4.4.1.rst
23 24 release-notes-4.4.0.rst
24 25 release-notes-4.3.1.rst
25 26 release-notes-4.3.0.rst
26 27 release-notes-4.2.1.rst
27 28 release-notes-4.2.0.rst
28 29 release-notes-4.1.2.rst
29 30 release-notes-4.1.1.rst
30 31 release-notes-4.1.0.rst
31 32 release-notes-4.0.1.rst
32 33 release-notes-4.0.0.rst
33 34
34 35 |RCE| 3.x Versions
35 36 ------------------
36 37
37 38 .. toctree::
38 39 :maxdepth: 1
39 40
40 41 release-notes-3.8.4.rst
41 42 release-notes-3.8.3.rst
42 43 release-notes-3.8.2.rst
43 44 release-notes-3.8.1.rst
44 45 release-notes-3.8.0.rst
45 46 release-notes-3.7.1.rst
46 47 release-notes-3.7.0.rst
47 48 release-notes-3.6.1.rst
48 49 release-notes-3.6.0.rst
49 50 release-notes-3.5.2.rst
50 51 release-notes-3.5.1.rst
51 52 release-notes-3.5.0.rst
52 53 release-notes-3.4.1.rst
53 54 release-notes-3.4.0.rst
54 55 release-notes-3.3.4.rst
55 56 release-notes-3.3.3.rst
56 57 release-notes-3.3.2.rst
57 58 release-notes-3.3.1.rst
58 59 release-notes-3.3.0.rst
59 60 release-notes-3.2.3.rst
60 61 release-notes-3.2.2.rst
61 62 release-notes-3.2.1.rst
62 63 release-notes-3.2.0.rst
63 64 release-notes-3.1.1.rst
64 65 release-notes-3.1.0.rst
65 66 release-notes-3.0.2.rst
66 67 release-notes-3.0.1.rst
67 68 release-notes-3.0.0.rst
68 69
69 70 |RCE| 2.x Versions
70 71 ------------------
71 72
72 73 .. toctree::
73 74 :maxdepth: 1
74 75
75 76 release-notes-2.2.8.rst
76 77 release-notes-2.2.7.rst
77 78 release-notes-2.2.6.rst
78 79 release-notes-2.2.5.rst
79 80 release-notes-2.2.4.rst
80 81 release-notes-2.2.3.rst
81 82 release-notes-2.2.2.rst
82 83 release-notes-2.2.1.rst
83 84 release-notes-2.2.0.rst
84 85 release-notes-2.1.0.rst
85 86 release-notes-2.0.2.rst
86 87 release-notes-2.0.1.rst
87 88 release-notes-2.0.0.rst
88 89
89 90 |RCE| 1.x Versions
90 91 ------------------
91 92
92 93 .. toctree::
93 94 :maxdepth: 1
94 95
95 96 release-notes-1.7.2.rst
96 97 release-notes-1.7.1.rst
97 98 release-notes-1.7.0.rst
98 99 release-notes-1.6.0.rst
Show file before | Show file after | Hide comments
@@ -1,85 +1,88 b''
1 1 # Auto generated configuration for use with the Apache mod_dav_svn module.
2 2 #
3 3 # WARNING: Make sure your Apache instance which runs the mod_dav_svn module is
4 4 # only accessible by RhodeCode. Otherwise everyone is able to browse
5 5 # the repositories or run subversion operations (checkout/commit/etc.).
6 6 #
7 7 # The mod_dav_svn module does not support subversion repositories which are
8 8 # organized in subfolders. To support the repository groups of RhodeCode it is
9 9 # required to provide a <Location> block for each group pointing to the
10 10 # repository group sub folder. To ease the configuration RhodeCode auto
11 11 # generates this file whenever a repository group is created/changed/deleted.
12 12 # Auto generation can be configured in the ini file. Settings are prefixed with
13 13 # ``svn.proxy``.
14 14 #
15 15 # To include this configuration into your apache config you can use the
16 16 # `Include` directive. See the following example snippet of a virtual host how
17 17 # to include this configuration file.
18 18 #
19 19 # <VirtualHost *:8090>
20 20 # ServerAdmin webmaster@localhost
21 21 # DocumentRoot /var/www/html
22 22 # ErrorLog ${'${APACHE_LOG_DIR}'}/error.log
23 23 # CustomLog ${'${APACHE_LOG_DIR}'}/access.log combined
24 # LogLevel info
25 # # allows custom host names, prevents 400 errors on checkout
26 # HttpProtocolOptions Unsafe
24 27 # Include /path/to/generated/mod_dav_svn.conf
25 28 # </VirtualHost>
26 29 #
27 30 # Depending on the apache configuration you may encounter the following error if
28 31 # you are using speecial characters in your repository or repository group
29 32 # names.
30 33 #
31 34 # ``Error converting entry in directory '/path/to/repo' to UTF-8``
32 35 #
33 36 # In this case you have to change the LANG environment variable in the apache
34 37 # configuration. This setting is typically located at ``/etc/apache2/envvars``.
35 38 # You have to change it to an UTF-8 value like ``export LANG="en_US.UTF-8"``.
36 39 # After changing this a stop and start of Apache is required (using restart
37 40 # doesn't work).
38 41
39 42 # fix https -> http downgrade with DAV. It requires an header downgrade for
40 43 # https -> http reverse proxy to work properly
41 44 % if use_https:
42 45 RequestHeader edit Destination ^https: http: early
43 46 % else:
44 47 #RequestHeader edit Destination ^https: http: early
45 48 % endif
46 49
47 50 <Location "${location_root|n}">
48 51 # The mod_dav_svn module takes the username from the apache request object.
49 52 # Without authorization this will be empty and no username is logged for the
50 53 # transactions. This will result in "(no author)" for each revision. The
51 54 # following directives implement a fake authentication that allows every
52 55 # username/password combination.
53 56 AuthType Basic
54 57 AuthName "${rhodecode_realm|n}"
55 58 AuthBasicProvider anon
56 59 Anonymous *
57 60 Anonymous_LogEmail off
58 61 Require valid-user
59 62
60 63 DAV svn
61 64 SVNParentPath "${parent_path_root|n}"
62 65 SVNListParentPath ${"On" if svn_list_parent_path else "Off"|n}
63 66
64 67 Allow from all
65 68 Order allow,deny
66 69 </Location>
67 70
68 71 % for location, parent_path in repo_group_paths:
69 72
70 73 <Location "${location|n}">
71 74 AuthType Basic
72 75 AuthName "${rhodecode_realm|n}"
73 76 AuthBasicProvider anon
74 77 Anonymous *
75 78 Anonymous_LogEmail off
76 79 Require valid-user
77 80
78 81 DAV svn
79 82 SVNParentPath "${parent_path|n}"
80 83 SVNListParentPath ${"On" if svn_list_parent_path else "Off"|n}
81 84
82 85 Allow from all
83 86 Order allow,deny
84 87 </Location>
85 88 % endfor
General Comments 0
You need to be logged in to leave comments. Login now