##// END OF EJS Templates
docs: added 4.13 release note about potential encoding problems
marcink -
r3066:c326d326 default
parent child Browse files
Show More
@@ -1,133 +1,137 b''
1 |RCE| 4.13.0 |RNS|
1 |RCE| 4.13.0 |RNS|
2 ------------------
2 ------------------
3
3
4 Release Date
4 Release Date
5 ^^^^^^^^^^^^
5 ^^^^^^^^^^^^
6
6
7 - 2018-09-05
7 - 2018-09-05
8
8
9
9
10 New Features
10 New Features
11 ^^^^^^^^^^^^
11 ^^^^^^^^^^^^
12
12
13 - Branch permissions: new set of permissions were added to control branch modification.
13 - Branch permissions: new set of permissions were added to control branch modification.
14 There are 4 basic permissions that can be set for branch names/branch patterns:
14 There are 4 basic permissions that can be set for branch names/branch patterns:
15 * no-access (any modification for given branch is forbidden)
15 * no-access (any modification for given branch is forbidden)
16 * web-merge (modify branch by web based PR merge)
16 * web-merge (modify branch by web based PR merge)
17 * push (only non-forced modification on branch are allowed)
17 * push (only non-forced modification on branch are allowed)
18 * forced push (all modification to branch are allowed)
18 * forced push (all modification to branch are allowed)
19 Available in EE edition only.
19 Available in EE edition only.
20 - Unified search and repo-switcher: a new persistent search box is now present allowing
20 - Unified search and repo-switcher: a new persistent search box is now present allowing
21 to search for repositories, repository groups, commits (using full text search),
21 to search for repositories, repository groups, commits (using full text search),
22 users, user-groups. Replaces redundant quick-filters/repo switcher.
22 users, user-groups. Replaces redundant quick-filters/repo switcher.
23 - Default Reviewers: added possibility to match against regex based pattern as
23 - Default Reviewers: added possibility to match against regex based pattern as
24 alternative syntax to glob which didn't handle all the cases.
24 alternative syntax to glob which didn't handle all the cases.
25 - Built-in Error tracker: added new exception tracking capability. All errors are now
25 - Built-in Error tracker: added new exception tracking capability. All errors are now
26 tracked and stored. This allows instance admins to see potential problems without
26 tracked and stored. This allows instance admins to see potential problems without
27 access to the machine and logs.
27 access to the machine and logs.
28 - User Groups: each user group which users have access to expose public profile link.
28 - User Groups: each user group which users have access to expose public profile link.
29 It's possible to view the members of a group before attaching it to any resource.
29 It's possible to view the members of a group before attaching it to any resource.
30 - New caching framework: existing Beaker cache was completely replaced by dogpile.cache
30 - New caching framework: existing Beaker cache was completely replaced by dogpile.cache
31 library. This new cache framework in addition to solving multiple
31 library. This new cache framework in addition to solving multiple
32 performance/reliability problems of Beaker is used to cache permissions tree.
32 performance/reliability problems of Beaker is used to cache permissions tree.
33 This gives huge performance boosts for very large and complex permission trees.
33 This gives huge performance boosts for very large and complex permission trees.
34 - Pull Requests: description field is now allowed to use a RST/Markdown syntax.
34 - Pull Requests: description field is now allowed to use a RST/Markdown syntax.
35 - SVN: added support for SVN 1.10 release line.
35 - SVN: added support for SVN 1.10 release line.
36
36
37
37
38 General
38 General
39 ^^^^^^^
39 ^^^^^^^
40
40
41 - Google: updated google auth plugin with latest API changes.
41 - Google: updated google auth plugin with latest API changes.
42 - Frontend: Switched to Polymer 2.0.
42 - Frontend: Switched to Polymer 2.0.
43 - Events: added a default timeout for operation calling the endpoint url, so
43 - Events: added a default timeout for operation calling the endpoint url, so
44 they won't block forever.
44 they won't block forever.
45 - SQLAlchemy: allow DB connection ping/refresh using dedicated flag from .ini file.
45 - SQLAlchemy: allow DB connection ping/refresh using dedicated flag from .ini file.
46 `sqlalchemy.db1.ping_connection = true`
46 `sqlalchemy.db1.ping_connection = true`
47 - Pull Requests: added option to force-refresh merge workspace in case of problems.
47 - Pull Requests: added option to force-refresh merge workspace in case of problems.
48 Adding GET param `?force_refresh=1` into PR page triggers the refresh.
48 Adding GET param `?force_refresh=1` into PR page triggers the refresh.
49 - Pull Requests: show more info about version of comment vs latest version.
49 - Pull Requests: show more info about version of comment vs latest version.
50 - Diffs: skip line numbers during copy from a diff view.
50 - Diffs: skip line numbers during copy from a diff view.
51 - License: use simple cache to read license info.
51 - License: use simple cache to read license info.
52 Due to the complex and expensive encryption, this reduces requests time by ~10ms.
52 Due to the complex and expensive encryption, this reduces requests time by ~10ms.
53 - Debug: add new custom logging to track unique requests across systems.
53 - Debug: add new custom logging to track unique requests across systems.
54 Allows tracking single requests in very busy system by unique ID added into logging system.
54 Allows tracking single requests in very busy system by unique ID added into logging system.
55 - Configuration: .ini files now can replace a special placeholders e.g "{ENV_NAME}"
55 - Configuration: .ini files now can replace a special placeholders e.g "{ENV_NAME}"
56 into a value from the ENVIRONMENT. Allows easier setup in Docker and similar.
56 into a value from the ENVIRONMENT. Allows easier setup in Docker and similar.
57 - Backend: don't support vcsserver.scm_app anymore, now it uses http even if scm_app
57 - Backend: don't support vcsserver.scm_app anymore, now it uses http even if scm_app
58 is specified.
58 is specified.
59 - Repositories: re-order creation/fork forms for better UX and consistency.
59 - Repositories: re-order creation/fork forms for better UX and consistency.
60 - UI: Add the number of inactive users in _admin/users and _admin/user_groups
60 - UI: Add the number of inactive users in _admin/users and _admin/user_groups
61 - UX: updated registration form to better indicate what is the process of binding a
61 - UX: updated registration form to better indicate what is the process of binding a
62 RhodeCode account with external one like Google.
62 RhodeCode account with external one like Google.
63 - API: pull-requests allow automatic title generation via API
63 - API: pull-requests allow automatic title generation via API
64 - VCSServer: errors: use a better interface to track exceptions and tracebacks.
64 - VCSServer: errors: use a better interface to track exceptions and tracebacks.
65 - VCSServer: caches: replaced beaker with dogpile cache.
65 - VCSServer: caches: replaced beaker with dogpile cache.
66 - GIT: use GIT_DISCOVERY_ACROSS_FILESYSTEM for better compatibility on NFS servers.
66 - GIT: use GIT_DISCOVERY_ACROSS_FILESYSTEM for better compatibility on NFS servers.
67 - Dependencies: bumped mercurial to 4.6.2
67 - Dependencies: bumped mercurial to 4.6.2
68 - Dependencies: bumped evolve to 8.0.1
68 - Dependencies: bumped evolve to 8.0.1
69 - Dependencies: bumped hgsubversion to 1.9.2
69 - Dependencies: bumped hgsubversion to 1.9.2
70 - Dependencies: bumped git version to 2.16.4
70 - Dependencies: bumped git version to 2.16.4
71 - Dependencies: bumped SVN to 1.10.2
71 - Dependencies: bumped SVN to 1.10.2
72 - Dependencies: added alternative pymysql drivers for mysql
72 - Dependencies: added alternative pymysql drivers for mysql
73 - NIX: updated to 18.03 nix packages, now shipped with python 2.7.15
73 - NIX: updated to 18.03 nix packages, now shipped with python 2.7.15
74 release and multiple other new libraries.
74 release and multiple other new libraries.
75
75
76
76
77 Security
77 Security
78 ^^^^^^^^
78 ^^^^^^^^
79
79
80 - Mercurial: general protocol security updates.
80 - Mercurial: general protocol security updates.
81 * Fixes Mercurial's CVE for lack of permissions checking on mercurial batch commands.
81 * Fixes Mercurial's CVE for lack of permissions checking on mercurial batch commands.
82 * Introduced more strict checks for permissions, now they default to push instead of pull.
82 * Introduced more strict checks for permissions, now they default to push instead of pull.
83 * Decypher batch commands and pick top-most permission to be required.
83 * Decypher batch commands and pick top-most permission to be required.
84 * This follows changes in Mercurial CORE after 4.6.1 release.
84 * This follows changes in Mercurial CORE after 4.6.1 release.
85 - Fixed bug in bleach sanitizer allowing certain custom payload to bypass it. Now
85 - Fixed bug in bleach sanitizer allowing certain custom payload to bypass it. Now
86 we always fails if sanitizing fails. This could lead to stored XSS
86 we always fails if sanitizing fails. This could lead to stored XSS
87 - Fixed stored XSS in binary file rendering.
87 - Fixed stored XSS in binary file rendering.
88 - Fixed stored XSS in repo forks datagrid.
88 - Fixed stored XSS in repo forks datagrid.
89
89
90
90
91 Performance
91 Performance
92 ^^^^^^^^^^^
92 ^^^^^^^^^^^
93
93
94 - Permissions: Permission trees for users and now cached, after calculation.
94 - Permissions: Permission trees for users and now cached, after calculation.
95 This reduces response time for some pages dramatically.
95 This reduces response time for some pages dramatically.
96 In case of any permission changes caches are invalidated.
96 In case of any permission changes caches are invalidated.
97 - Core: new dogpile.cache based cache framework was introduced, which is faster than
97 - Core: new dogpile.cache based cache framework was introduced, which is faster than
98 previously used Beaker.
98 previously used Beaker.
99
99
100
100
101 Fixes
101 Fixes
102 ^^^^^
102 ^^^^^
103
103
104 - Audit Logs: store properly IP for certain events.
104 - Audit Logs: store properly IP for certain events.
105 - External Auth: pass along came_from into the url so we get properly
105 - External Auth: pass along came_from into the url so we get properly
106 redirected back after logging using external auth provider.
106 redirected back after logging using external auth provider.
107 - Pull Requests: lock submit on pull request to prevent double submission on a fast click.
107 - Pull Requests: lock submit on pull request to prevent double submission on a fast click.
108 - Pull Requests: fixed a case of unresolved comments attached to removed file in pull request.
108 - Pull Requests: fixed a case of unresolved comments attached to removed file in pull request.
109 That prevented from closing it.
109 That prevented from closing it.
110 - Pull Requests: use numeric repo id for creation of shadow repos. Fixes a problem
110 - Pull Requests: use numeric repo id for creation of shadow repos. Fixes a problem
111 when repository is renamed during PR lifetime.
111 when repository is renamed during PR lifetime.
112 - API: fixed creation of a pull request with default reviewer rules.
112 - API: fixed creation of a pull request with default reviewer rules.
113 - Default Reviewers: fixed voting rule calculation on user group.
113 - Default Reviewers: fixed voting rule calculation on user group.
114 - Pull Requests: in GIT use force fetch and update for target ref.
114 - Pull Requests: in GIT use force fetch and update for target ref.
115 This solves a case when in PR a target repository is force updated (by push force)
115 This solves a case when in PR a target repository is force updated (by push force)
116 and is out of sync.
116 and is out of sync.
117 - VCSServer: detect early potential locale problem, and fallback to LC_ALL=C,
117 - VCSServer: detect early potential locale problem, and fallback to LC_ALL=C,
118 instead of crashing vcsserver.
118 instead of crashing vcsserver.
119 - Pull Requests: use a safer way of destroying shadow repositories.
119 - Pull Requests: use a safer way of destroying shadow repositories.
120 Fixes some problems in NFS storage and big repositories
120 Fixes some problems in NFS storage and big repositories
121
121
122
122
123 Upgrade notes
123 Upgrade notes
124 ^^^^^^^^^^^^^
124 ^^^^^^^^^^^^^
125
125
126 - The direct backend `vcsserver.scm_app` is not supported anymore. This backed was
126 - The direct backend `vcsserver.scm_app` is not supported anymore. This backed was
127 already deprecated some time ago. Now it will use `http` mode even if scm_app is
127 already deprecated some time ago. Now it will use `http` mode even if scm_app is
128 specified. Please contact us in case you still use it, and not sure how to upgrade.
128 specified. Please contact us in case you still use it, and not sure how to upgrade.
129 - New dogpile cache settings are not ported to converted .ini. If users want to do
129 - New dogpile cache settings are not ported to converted .ini. If users want to do
130 adjustments please copy the settings over dogpile cache section from a newly
130 adjustments please copy the settings over dogpile cache section from a newly
131 generated rhodecode.template.ini file. This file is stored next to rhodecode.ini
131 generated rhodecode.template.ini file. This file is stored next to rhodecode.ini
132 - SVN 1.10.2 was introduced in this release. Please make sure to update your
132 - SVN 1.10.2 was introduced in this release. Please make sure to update your
133 mod_dav to the same version for best compatibility.
133 mod_dav to the same version for best compatibility.
134 - This release brings new Database drivers. We discovered that in some setups it is now
135 required to explicitly define a encoding charset in the database connection string.
136 If you're getting a permanent exception such as `"UnicodeDecodeError: 'utf8' codec can't decode byte 0xfc in position 15: invalid start byte"`
137 please follow a fix from here: https://community.rhodecode.com/t/unicodedecodeerror-utf8-codec-cant-decode-byte-0xfc-in-position-15-invalid-start-byte/246
General Comments 0
You need to be logged in to leave comments. Login now