rhodecode-enterprise-ce Commit - r1848:6a5f62ae

docs: added changelog for 4.8.0 release.

marcink -

r1848:6a5f62ae default

parent child

docs/release-notes/release-notes-4.8.0.rst

0 created 644 +103 0

@@ -0,0 +1,103 b''
	1	\|RCE\| 4.8.0 \|RNS\|
	2	-----------------
	3
	4	Release Date
	5	^^^^^^^^^^^^
	6
	7	- 2017-06-30
	8
	9
	10	New Features
	11	^^^^^^^^^^^^
	12
	13	- Code Review: added new reviewers logic. This features now is Common Criteria
	14	compatible and allows to define Mandatory (non-removable) reviewers.
	15	In addition new options were added to forbid adding new reviewers or forbid
	16	author of commits or the pull request itself to be a reviewer of the code.
	17	- Audit logs: introducing new audit logs tracking most important actions in
	18	the system. Admins can track important events such as deletion of resources,
	19	permissions changes, user groups changes. Each event tracks users with his
	20	IP and user agent.
	21	- Mercurial: enabled evolve extensions. Each repository can be now configured
	22	to support evolve, commit phases, and evolve state are also shown in
	23	commit and changelog views.
	24	- VCS: expose newly pushed bookmarks or branches as quick links to open a
	25	pull request on client output. Allows easier pull request creation via CLI.
	26
	27
	28	General
	29	^^^^^^^
	30
	31	- Core: ported many views into pure pyramid code with python3.6 compatibility.
	32	Now almost 80% of the code is ported, and future ready. It's our ongoing
	33	effort to allow support for modern python version.
	34	- Comments: show author tag in pull request comments to easily
	35	discover the author of changes in discussions.
	36	- Files: allow specifying custom filename for uploaded files via web interface.
	37	- Pull requests: changed who is allowed to close a pull request. Now it's only
	38	super-admin, owner or person who can merge.
	39	Before it was every reviewer can close. Which really doesn't make sense.
	40	- Users: show that user is disabled when editing his properties.
	41	- Integrations: expose user_id, and username in Webhook integration
	42	templates arguments.
	43	- Integrations: exposed extra repo variables in template arguments of
	44	Webhook integration.
	45	- Login: add link when using external auth to make it easier to login
	46	using oauth providers, such as Google or Github.
	47	- Maintenance: added svn verify command to tasks to be able to verify the
	48	filesystem and repo formats from web interface. Allows much easier tracking
	49	of incompatible filesystem storage of subversion repositories.
	50	- Events: expose permalink urls for pull requests, and repositories.
	51	Permalink url should provide a non-changeable url that can be used in
	52	external system.
	53	- Svn: increase possibility to specify compatibility to pre 1.9 version.
	54
	55
	56	Security
	57	^^^^^^^^
	58
	59	- security(high): fixed possibility to delete other users inline comments
	60	for users who were repository admins.
	61	- security(med): fixed XSS inside the tooltip for author string.
	62	- security(med): fixed stored XSS in notifications inbox.
	63	- security(med): use custom writer for RST rendering to prevent injection of javascript: tags.
	64	- security(med): escape flash messaged VCS errors to prevent reflected XSS attacks.
	65	- security(low): use 404 instead of 403 code on permission decorator to
	66	prevent brute force resource discovery attacks.
	67	- security(low): fixed self XSS inside autocomplete files view.
	68	- security(low): fixed self Xss inside repo strip view.
	69	- security(low): fixed self Xss inside the email add functionality.
	70	- security(none): use new safe escaped user attributes across the application.
	71	Will prevent all possible XSS attack vectors from user stored attributes.
	72	This specially can come from external authentication systems which doesn't
	73	validate the data.
	74
	75
	76	Performance
	77	^^^^^^^^^^^
	78
	79
	80
	81
	82	Fixes
	83	^^^^^
	84
	85	- Pull requests: make sure we process comments in the order of IDS when
	86	linking them. In some edge cases it could lead to comments not displaying
	87	correctly.
	88	- Emails: fixed newlines in email templates that can break email sending code.
	89	- Markdown: fixed hr and strong tags styling.
	90	- Notifications: fixed problem with 500 errors on non-numeric entries in url.
	91	- API: use simple schema validator to be consistent how we validate between
	92	API and web views for create user and create user_group calls.
	93	- Users: fixed problem with personal repo group wasn't shown for disabled users.
	94	- Oauth: improve Google extraction of first/last name from returned data.
	95
	96
	97	Upgrade notes
	98	^^^^^^^^^^^^^
	99
	100
	101	- API: the `update_pull_request` method will no longer support a close action.
	102	Users should use the existing `close_pull_request` method which allows
	103	specifying a message and status while closing a pull request. No newline at end of file

docs/release-notes/release-notes.rst

0 +1 0

             .. _rhodecode-release-notes-ref:
             Release Notes
             =============
             |RCE| 4.x Versions
             ------------------
             .. toctree::
                :maxdepth: 1
+               release-notes-4.8.0.rst
                release-notes-4.7.2.rst
                release-notes-4.7.1.rst
                release-notes-4.7.0.rst
                release-notes-4.6.1.rst
                release-notes-4.6.0.rst
                release-notes-4.5.2.rst
                release-notes-4.5.1.rst
                release-notes-4.5.0.rst
                release-notes-4.4.2.rst
                release-notes-4.4.1.rst
                release-notes-4.4.0.rst
                release-notes-4.3.1.rst
                release-notes-4.3.0.rst
                release-notes-4.2.1.rst
                release-notes-4.2.0.rst
                release-notes-4.1.2.rst
                release-notes-4.1.1.rst
                release-notes-4.1.0.rst
                release-notes-4.0.1.rst
                release-notes-4.0.0.rst
             |RCE| 3.x Versions
             ------------------
             .. toctree::
                :maxdepth: 1
                release-notes-3.8.4.rst
                release-notes-3.8.3.rst
                release-notes-3.8.2.rst
                release-notes-3.8.1.rst
                release-notes-3.8.0.rst
                release-notes-3.7.1.rst
                release-notes-3.7.0.rst
                release-notes-3.6.1.rst
                release-notes-3.6.0.rst
                release-notes-3.5.2.rst
                release-notes-3.5.1.rst
                release-notes-3.5.0.rst
                release-notes-3.4.1.rst
                release-notes-3.4.0.rst
                release-notes-3.3.4.rst
                release-notes-3.3.3.rst
                release-notes-3.3.2.rst
                release-notes-3.3.1.rst
                release-notes-3.3.0.rst
                release-notes-3.2.3.rst
                release-notes-3.2.2.rst
                release-notes-3.2.1.rst
                release-notes-3.2.0.rst
                release-notes-3.1.1.rst
                release-notes-3.1.0.rst
                release-notes-3.0.2.rst
                release-notes-3.0.1.rst
                release-notes-3.0.0.rst
             |RCE| 2.x Versions
             ------------------
             .. toctree::
                :maxdepth: 1
                release-notes-2.2.8.rst
                release-notes-2.2.7.rst
                release-notes-2.2.6.rst
                release-notes-2.2.5.rst
                release-notes-2.2.4.rst
                release-notes-2.2.3.rst
                release-notes-2.2.2.rst
                release-notes-2.2.1.rst
                release-notes-2.2.0.rst
                release-notes-2.1.0.rst
                release-notes-2.0.2.rst
                release-notes-2.0.1.rst
                release-notes-2.0.0.rst
             |RCE| 1.x Versions
             ------------------
             .. toctree::
                :maxdepth: 1
                release-notes-1.7.2.rst
                release-notes-1.7.1.rst
                release-notes-1.7.0.rst
                release-notes-1.6.0.rst

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages