##// END OF EJS Templates
docs: added 4.13 release note about potential encoding problems
marcink -
r3066:c326d326 default
parent child Browse files
Show More
@@ -1,133 +1,137 b''
1 1 |RCE| 4.13.0 |RNS|
2 2 ------------------
3 3
4 4 Release Date
5 5 ^^^^^^^^^^^^
6 6
7 7 - 2018-09-05
8 8
9 9
10 10 New Features
11 11 ^^^^^^^^^^^^
12 12
13 13 - Branch permissions: new set of permissions were added to control branch modification.
14 14 There are 4 basic permissions that can be set for branch names/branch patterns:
15 15 * no-access (any modification for given branch is forbidden)
16 16 * web-merge (modify branch by web based PR merge)
17 17 * push (only non-forced modification on branch are allowed)
18 18 * forced push (all modification to branch are allowed)
19 19 Available in EE edition only.
20 20 - Unified search and repo-switcher: a new persistent search box is now present allowing
21 21 to search for repositories, repository groups, commits (using full text search),
22 22 users, user-groups. Replaces redundant quick-filters/repo switcher.
23 23 - Default Reviewers: added possibility to match against regex based pattern as
24 24 alternative syntax to glob which didn't handle all the cases.
25 25 - Built-in Error tracker: added new exception tracking capability. All errors are now
26 26 tracked and stored. This allows instance admins to see potential problems without
27 27 access to the machine and logs.
28 28 - User Groups: each user group which users have access to expose public profile link.
29 29 It's possible to view the members of a group before attaching it to any resource.
30 30 - New caching framework: existing Beaker cache was completely replaced by dogpile.cache
31 31 library. This new cache framework in addition to solving multiple
32 32 performance/reliability problems of Beaker is used to cache permissions tree.
33 33 This gives huge performance boosts for very large and complex permission trees.
34 34 - Pull Requests: description field is now allowed to use a RST/Markdown syntax.
35 35 - SVN: added support for SVN 1.10 release line.
36 36
37 37
38 38 General
39 39 ^^^^^^^
40 40
41 41 - Google: updated google auth plugin with latest API changes.
42 42 - Frontend: Switched to Polymer 2.0.
43 43 - Events: added a default timeout for operation calling the endpoint url, so
44 44 they won't block forever.
45 45 - SQLAlchemy: allow DB connection ping/refresh using dedicated flag from .ini file.
46 46 `sqlalchemy.db1.ping_connection = true`
47 47 - Pull Requests: added option to force-refresh merge workspace in case of problems.
48 48 Adding GET param `?force_refresh=1` into PR page triggers the refresh.
49 49 - Pull Requests: show more info about version of comment vs latest version.
50 50 - Diffs: skip line numbers during copy from a diff view.
51 51 - License: use simple cache to read license info.
52 52 Due to the complex and expensive encryption, this reduces requests time by ~10ms.
53 53 - Debug: add new custom logging to track unique requests across systems.
54 54 Allows tracking single requests in very busy system by unique ID added into logging system.
55 55 - Configuration: .ini files now can replace a special placeholders e.g "{ENV_NAME}"
56 56 into a value from the ENVIRONMENT. Allows easier setup in Docker and similar.
57 57 - Backend: don't support vcsserver.scm_app anymore, now it uses http even if scm_app
58 58 is specified.
59 59 - Repositories: re-order creation/fork forms for better UX and consistency.
60 60 - UI: Add the number of inactive users in _admin/users and _admin/user_groups
61 61 - UX: updated registration form to better indicate what is the process of binding a
62 62 RhodeCode account with external one like Google.
63 63 - API: pull-requests allow automatic title generation via API
64 64 - VCSServer: errors: use a better interface to track exceptions and tracebacks.
65 65 - VCSServer: caches: replaced beaker with dogpile cache.
66 66 - GIT: use GIT_DISCOVERY_ACROSS_FILESYSTEM for better compatibility on NFS servers.
67 67 - Dependencies: bumped mercurial to 4.6.2
68 68 - Dependencies: bumped evolve to 8.0.1
69 69 - Dependencies: bumped hgsubversion to 1.9.2
70 70 - Dependencies: bumped git version to 2.16.4
71 71 - Dependencies: bumped SVN to 1.10.2
72 72 - Dependencies: added alternative pymysql drivers for mysql
73 73 - NIX: updated to 18.03 nix packages, now shipped with python 2.7.15
74 74 release and multiple other new libraries.
75 75
76 76
77 77 Security
78 78 ^^^^^^^^
79 79
80 80 - Mercurial: general protocol security updates.
81 81 * Fixes Mercurial's CVE for lack of permissions checking on mercurial batch commands.
82 82 * Introduced more strict checks for permissions, now they default to push instead of pull.
83 83 * Decypher batch commands and pick top-most permission to be required.
84 84 * This follows changes in Mercurial CORE after 4.6.1 release.
85 85 - Fixed bug in bleach sanitizer allowing certain custom payload to bypass it. Now
86 86 we always fails if sanitizing fails. This could lead to stored XSS
87 87 - Fixed stored XSS in binary file rendering.
88 88 - Fixed stored XSS in repo forks datagrid.
89 89
90 90
91 91 Performance
92 92 ^^^^^^^^^^^
93 93
94 94 - Permissions: Permission trees for users and now cached, after calculation.
95 95 This reduces response time for some pages dramatically.
96 96 In case of any permission changes caches are invalidated.
97 97 - Core: new dogpile.cache based cache framework was introduced, which is faster than
98 98 previously used Beaker.
99 99
100 100
101 101 Fixes
102 102 ^^^^^
103 103
104 104 - Audit Logs: store properly IP for certain events.
105 105 - External Auth: pass along came_from into the url so we get properly
106 106 redirected back after logging using external auth provider.
107 107 - Pull Requests: lock submit on pull request to prevent double submission on a fast click.
108 108 - Pull Requests: fixed a case of unresolved comments attached to removed file in pull request.
109 109 That prevented from closing it.
110 110 - Pull Requests: use numeric repo id for creation of shadow repos. Fixes a problem
111 111 when repository is renamed during PR lifetime.
112 112 - API: fixed creation of a pull request with default reviewer rules.
113 113 - Default Reviewers: fixed voting rule calculation on user group.
114 114 - Pull Requests: in GIT use force fetch and update for target ref.
115 115 This solves a case when in PR a target repository is force updated (by push force)
116 116 and is out of sync.
117 117 - VCSServer: detect early potential locale problem, and fallback to LC_ALL=C,
118 118 instead of crashing vcsserver.
119 119 - Pull Requests: use a safer way of destroying shadow repositories.
120 120 Fixes some problems in NFS storage and big repositories
121 121
122 122
123 123 Upgrade notes
124 124 ^^^^^^^^^^^^^
125 125
126 126 - The direct backend `vcsserver.scm_app` is not supported anymore. This backed was
127 127 already deprecated some time ago. Now it will use `http` mode even if scm_app is
128 128 specified. Please contact us in case you still use it, and not sure how to upgrade.
129 129 - New dogpile cache settings are not ported to converted .ini. If users want to do
130 130 adjustments please copy the settings over dogpile cache section from a newly
131 131 generated rhodecode.template.ini file. This file is stored next to rhodecode.ini
132 132 - SVN 1.10.2 was introduced in this release. Please make sure to update your
133 133 mod_dav to the same version for best compatibility.
134 - This release brings new Database drivers. We discovered that in some setups it is now
135 required to explicitly define a encoding charset in the database connection string.
136 If you're getting a permanent exception such as `"UnicodeDecodeError: 'utf8' codec can't decode byte 0xfc in position 15: invalid start byte"`
137 please follow a fix from here: https://community.rhodecode.com/t/unicodedecodeerror-utf8-codec-cant-decode-byte-0xfc-in-position-15-invalid-start-byte/246
General Comments 0
You need to be logged in to leave comments. Login now