##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
docs: added changelog for 4.8.0 release.
marcink -
r1848:6a5f62ae default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,103 b''
1 |RCE| 4.8.0 |RNS|
2 -----------------
3
4 Release Date
5 ^^^^^^^^^^^^
6
7 - 2017-06-30
8
9
10 New Features
11 ^^^^^^^^^^^^
12
13 - Code Review: added new reviewers logic. This features now is Common Criteria
14 compatible and allows to define Mandatory (non-removable) reviewers.
15 In addition new options were added to forbid adding new reviewers or forbid
16 author of commits or the pull request itself to be a reviewer of the code.
17 - Audit logs: introducing new audit logs tracking most important actions in
18 the system. Admins can track important events such as deletion of resources,
19 permissions changes, user groups changes. Each event tracks users with his
20 IP and user agent.
21 - Mercurial: enabled evolve extensions. Each repository can be now configured
22 to support evolve, commit phases, and evolve state are also shown in
23 commit and changelog views.
24 - VCS: expose newly pushed bookmarks or branches as quick links to open a
25 pull request on client output. Allows easier pull request creation via CLI.
26
27
28 General
29 ^^^^^^^
30
31 - Core: ported many views into pure pyramid code with python3.6 compatibility.
32 Now almost 80% of the code is ported, and future ready. It's our ongoing
33 effort to allow support for modern python version.
34 - Comments: show author tag in pull request comments to easily
35 discover the author of changes in discussions.
36 - Files: allow specifying custom filename for uploaded files via web interface.
37 - Pull requests: changed who is allowed to close a pull request. Now it's only
38 super-admin, owner or person who can merge.
39 Before it was every reviewer can close. Which really doesn't make sense.
40 - Users: show that user is disabled when editing his properties.
41 - Integrations: expose user_id, and username in Webhook integration
42 templates arguments.
43 - Integrations: exposed extra repo variables in template arguments of
44 Webhook integration.
45 - Login: add link when using external auth to make it easier to login
46 using oauth providers, such as Google or Github.
47 - Maintenance: added svn verify command to tasks to be able to verify the
48 filesystem and repo formats from web interface. Allows much easier tracking
49 of incompatible filesystem storage of subversion repositories.
50 - Events: expose permalink urls for pull requests, and repositories.
51 Permalink url should provide a non-changeable url that can be used in
52 external system.
53 - Svn: increase possibility to specify compatibility to pre 1.9 version.
54
55
56 Security
57 ^^^^^^^^
58
59 - security(high): fixed possibility to delete other users inline comments
60 for users who were repository admins.
61 - security(med): fixed XSS inside the tooltip for author string.
62 - security(med): fixed stored XSS in notifications inbox.
63 - security(med): use custom writer for RST rendering to prevent injection of javascript: tags.
64 - security(med): escape flash messaged VCS errors to prevent reflected XSS attacks.
65 - security(low): use 404 instead of 403 code on permission decorator to
66 prevent brute force resource discovery attacks.
67 - security(low): fixed self XSS inside autocomplete files view.
68 - security(low): fixed self Xss inside repo strip view.
69 - security(low): fixed self Xss inside the email add functionality.
70 - security(none): use new safe escaped user attributes across the application.
71 Will prevent all possible XSS attack vectors from user stored attributes.
72 This specially can come from external authentication systems which doesn't
73 validate the data.
74
75
76 Performance
77 ^^^^^^^^^^^
78
79
80
81
82 Fixes
83 ^^^^^
84
85 - Pull requests: make sure we process comments in the order of IDS when
86 linking them. In some edge cases it could lead to comments not displaying
87 correctly.
88 - Emails: fixed newlines in email templates that can break email sending code.
89 - Markdown: fixed hr and strong tags styling.
90 - Notifications: fixed problem with 500 errors on non-numeric entries in url.
91 - API: use simple schema validator to be consistent how we validate between
92 API and web views for create user and create user_group calls.
93 - Users: fixed problem with personal repo group wasn't shown for disabled users.
94 - Oauth: improve Google extraction of first/last name from returned data.
95
96
97 Upgrade notes
98 ^^^^^^^^^^^^^
99
100
101 - API: the `update_pull_request` method will no longer support a close action.
102 Users should use the existing `close_pull_request` method which allows
103 specifying a message and status while closing a pull request. No newline at end of file
Show file before | Show file after | Hide comments
@@ -1,97 +1,98 b''
1 1 .. _rhodecode-release-notes-ref:
2 2
3 3 Release Notes
4 4 =============
5 5
6 6 |RCE| 4.x Versions
7 7 ------------------
8 8
9 9 .. toctree::
10 10 :maxdepth: 1
11 11
12 release-notes-4.8.0.rst
12 13 release-notes-4.7.2.rst
13 14 release-notes-4.7.1.rst
14 15 release-notes-4.7.0.rst
15 16 release-notes-4.6.1.rst
16 17 release-notes-4.6.0.rst
17 18 release-notes-4.5.2.rst
18 19 release-notes-4.5.1.rst
19 20 release-notes-4.5.0.rst
20 21 release-notes-4.4.2.rst
21 22 release-notes-4.4.1.rst
22 23 release-notes-4.4.0.rst
23 24 release-notes-4.3.1.rst
24 25 release-notes-4.3.0.rst
25 26 release-notes-4.2.1.rst
26 27 release-notes-4.2.0.rst
27 28 release-notes-4.1.2.rst
28 29 release-notes-4.1.1.rst
29 30 release-notes-4.1.0.rst
30 31 release-notes-4.0.1.rst
31 32 release-notes-4.0.0.rst
32 33
33 34 |RCE| 3.x Versions
34 35 ------------------
35 36
36 37 .. toctree::
37 38 :maxdepth: 1
38 39
39 40 release-notes-3.8.4.rst
40 41 release-notes-3.8.3.rst
41 42 release-notes-3.8.2.rst
42 43 release-notes-3.8.1.rst
43 44 release-notes-3.8.0.rst
44 45 release-notes-3.7.1.rst
45 46 release-notes-3.7.0.rst
46 47 release-notes-3.6.1.rst
47 48 release-notes-3.6.0.rst
48 49 release-notes-3.5.2.rst
49 50 release-notes-3.5.1.rst
50 51 release-notes-3.5.0.rst
51 52 release-notes-3.4.1.rst
52 53 release-notes-3.4.0.rst
53 54 release-notes-3.3.4.rst
54 55 release-notes-3.3.3.rst
55 56 release-notes-3.3.2.rst
56 57 release-notes-3.3.1.rst
57 58 release-notes-3.3.0.rst
58 59 release-notes-3.2.3.rst
59 60 release-notes-3.2.2.rst
60 61 release-notes-3.2.1.rst
61 62 release-notes-3.2.0.rst
62 63 release-notes-3.1.1.rst
63 64 release-notes-3.1.0.rst
64 65 release-notes-3.0.2.rst
65 66 release-notes-3.0.1.rst
66 67 release-notes-3.0.0.rst
67 68
68 69 |RCE| 2.x Versions
69 70 ------------------
70 71
71 72 .. toctree::
72 73 :maxdepth: 1
73 74
74 75 release-notes-2.2.8.rst
75 76 release-notes-2.2.7.rst
76 77 release-notes-2.2.6.rst
77 78 release-notes-2.2.5.rst
78 79 release-notes-2.2.4.rst
79 80 release-notes-2.2.3.rst
80 81 release-notes-2.2.2.rst
81 82 release-notes-2.2.1.rst
82 83 release-notes-2.2.0.rst
83 84 release-notes-2.1.0.rst
84 85 release-notes-2.0.2.rst
85 86 release-notes-2.0.1.rst
86 87 release-notes-2.0.0.rst
87 88
88 89 |RCE| 1.x Versions
89 90 ------------------
90 91
91 92 .. toctree::
92 93 :maxdepth: 1
93 94
94 95 release-notes-1.7.2.rst
95 96 release-notes-1.7.1.rst
96 97 release-notes-1.7.0.rst
97 98 release-notes-1.6.0.rst
General Comments 0
You need to be logged in to leave comments. Login now