Show More
| @@ -1,133 +1,137 b'' | |||||
| 1 | |RCE| 4.13.0 |RNS| |
|
1 | |RCE| 4.13.0 |RNS| | |
| 2 | ------------------ |
|
2 | ------------------ | |
| 3 |
|
3 | |||
| 4 | Release Date |
|
4 | Release Date | |
| 5 | ^^^^^^^^^^^^ |
|
5 | ^^^^^^^^^^^^ | |
| 6 |
|
6 | |||
| 7 | - 2018-09-05 |
|
7 | - 2018-09-05 | |
| 8 |
|
8 | |||
| 9 |
|
9 | |||
| 10 | New Features |
|
10 | New Features | |
| 11 | ^^^^^^^^^^^^ |
|
11 | ^^^^^^^^^^^^ | |
| 12 |
|
12 | |||
| 13 | - Branch permissions: new set of permissions were added to control branch modification. |
|
13 | - Branch permissions: new set of permissions were added to control branch modification. | |
| 14 | There are 4 basic permissions that can be set for branch names/branch patterns: |
|
14 | There are 4 basic permissions that can be set for branch names/branch patterns: | |
| 15 | * no-access (any modification for given branch is forbidden) |
|
15 | * no-access (any modification for given branch is forbidden) | |
| 16 | * web-merge (modify branch by web based PR merge) |
|
16 | * web-merge (modify branch by web based PR merge) | |
| 17 | * push (only non-forced modification on branch are allowed) |
|
17 | * push (only non-forced modification on branch are allowed) | |
| 18 | * forced push (all modification to branch are allowed) |
|
18 | * forced push (all modification to branch are allowed) | |
| 19 | Available in EE edition only. |
|
19 | Available in EE edition only. | |
| 20 | - Unified search and repo-switcher: a new persistent search box is now present allowing |
|
20 | - Unified search and repo-switcher: a new persistent search box is now present allowing | |
| 21 | to search for repositories, repository groups, commits (using full text search), |
|
21 | to search for repositories, repository groups, commits (using full text search), | |
| 22 | users, user-groups. Replaces redundant quick-filters/repo switcher. |
|
22 | users, user-groups. Replaces redundant quick-filters/repo switcher. | |
| 23 | - Default Reviewers: added possibility to match against regex based pattern as |
|
23 | - Default Reviewers: added possibility to match against regex based pattern as | |
| 24 | alternative syntax to glob which didn't handle all the cases. |
|
24 | alternative syntax to glob which didn't handle all the cases. | |
| 25 | - Built-in Error tracker: added new exception tracking capability. All errors are now |
|
25 | - Built-in Error tracker: added new exception tracking capability. All errors are now | |
| 26 | tracked and stored. This allows instance admins to see potential problems without |
|
26 | tracked and stored. This allows instance admins to see potential problems without | |
| 27 | access to the machine and logs. |
|
27 | access to the machine and logs. | |
| 28 | - User Groups: each user group which users have access to expose public profile link. |
|
28 | - User Groups: each user group which users have access to expose public profile link. | |
| 29 | It's possible to view the members of a group before attaching it to any resource. |
|
29 | It's possible to view the members of a group before attaching it to any resource. | |
| 30 | - New caching framework: existing Beaker cache was completely replaced by dogpile.cache |
|
30 | - New caching framework: existing Beaker cache was completely replaced by dogpile.cache | |
| 31 | library. This new cache framework in addition to solving multiple |
|
31 | library. This new cache framework in addition to solving multiple | |
| 32 | performance/reliability problems of Beaker is used to cache permissions tree. |
|
32 | performance/reliability problems of Beaker is used to cache permissions tree. | |
| 33 | This gives huge performance boosts for very large and complex permission trees. |
|
33 | This gives huge performance boosts for very large and complex permission trees. | |
| 34 | - Pull Requests: description field is now allowed to use a RST/Markdown syntax. |
|
34 | - Pull Requests: description field is now allowed to use a RST/Markdown syntax. | |
| 35 | - SVN: added support for SVN 1.10 release line. |
|
35 | - SVN: added support for SVN 1.10 release line. | |
| 36 |
|
36 | |||
| 37 |
|
37 | |||
| 38 | General |
|
38 | General | |
| 39 | ^^^^^^^ |
|
39 | ^^^^^^^ | |
| 40 |
|
40 | |||
| 41 | - Google: updated google auth plugin with latest API changes. |
|
41 | - Google: updated google auth plugin with latest API changes. | |
| 42 | - Frontend: Switched to Polymer 2.0. |
|
42 | - Frontend: Switched to Polymer 2.0. | |
| 43 | - Events: added a default timeout for operation calling the endpoint url, so |
|
43 | - Events: added a default timeout for operation calling the endpoint url, so | |
| 44 | they won't block forever. |
|
44 | they won't block forever. | |
| 45 | - SQLAlchemy: allow DB connection ping/refresh using dedicated flag from .ini file. |
|
45 | - SQLAlchemy: allow DB connection ping/refresh using dedicated flag from .ini file. | |
| 46 | `sqlalchemy.db1.ping_connection = true` |
|
46 | `sqlalchemy.db1.ping_connection = true` | |
| 47 | - Pull Requests: added option to force-refresh merge workspace in case of problems. |
|
47 | - Pull Requests: added option to force-refresh merge workspace in case of problems. | |
| 48 | Adding GET param `?force_refresh=1` into PR page triggers the refresh. |
|
48 | Adding GET param `?force_refresh=1` into PR page triggers the refresh. | |
| 49 | - Pull Requests: show more info about version of comment vs latest version. |
|
49 | - Pull Requests: show more info about version of comment vs latest version. | |
| 50 | - Diffs: skip line numbers during copy from a diff view. |
|
50 | - Diffs: skip line numbers during copy from a diff view. | |
| 51 | - License: use simple cache to read license info. |
|
51 | - License: use simple cache to read license info. | |
| 52 | Due to the complex and expensive encryption, this reduces requests time by ~10ms. |
|
52 | Due to the complex and expensive encryption, this reduces requests time by ~10ms. | |
| 53 | - Debug: add new custom logging to track unique requests across systems. |
|
53 | - Debug: add new custom logging to track unique requests across systems. | |
| 54 | Allows tracking single requests in very busy system by unique ID added into logging system. |
|
54 | Allows tracking single requests in very busy system by unique ID added into logging system. | |
| 55 | - Configuration: .ini files now can replace a special placeholders e.g "{ENV_NAME}" |
|
55 | - Configuration: .ini files now can replace a special placeholders e.g "{ENV_NAME}" | |
| 56 | into a value from the ENVIRONMENT. Allows easier setup in Docker and similar. |
|
56 | into a value from the ENVIRONMENT. Allows easier setup in Docker and similar. | |
| 57 | - Backend: don't support vcsserver.scm_app anymore, now it uses http even if scm_app |
|
57 | - Backend: don't support vcsserver.scm_app anymore, now it uses http even if scm_app | |
| 58 | is specified. |
|
58 | is specified. | |
| 59 | - Repositories: re-order creation/fork forms for better UX and consistency. |
|
59 | - Repositories: re-order creation/fork forms for better UX and consistency. | |
| 60 | - UI: Add the number of inactive users in _admin/users and _admin/user_groups |
|
60 | - UI: Add the number of inactive users in _admin/users and _admin/user_groups | |
| 61 | - UX: updated registration form to better indicate what is the process of binding a |
|
61 | - UX: updated registration form to better indicate what is the process of binding a | |
| 62 | RhodeCode account with external one like Google. |
|
62 | RhodeCode account with external one like Google. | |
| 63 | - API: pull-requests allow automatic title generation via API |
|
63 | - API: pull-requests allow automatic title generation via API | |
| 64 | - VCSServer: errors: use a better interface to track exceptions and tracebacks. |
|
64 | - VCSServer: errors: use a better interface to track exceptions and tracebacks. | |
| 65 | - VCSServer: caches: replaced beaker with dogpile cache. |
|
65 | - VCSServer: caches: replaced beaker with dogpile cache. | |
| 66 | - GIT: use GIT_DISCOVERY_ACROSS_FILESYSTEM for better compatibility on NFS servers. |
|
66 | - GIT: use GIT_DISCOVERY_ACROSS_FILESYSTEM for better compatibility on NFS servers. | |
| 67 | - Dependencies: bumped mercurial to 4.6.2 |
|
67 | - Dependencies: bumped mercurial to 4.6.2 | |
| 68 | - Dependencies: bumped evolve to 8.0.1 |
|
68 | - Dependencies: bumped evolve to 8.0.1 | |
| 69 | - Dependencies: bumped hgsubversion to 1.9.2 |
|
69 | - Dependencies: bumped hgsubversion to 1.9.2 | |
| 70 | - Dependencies: bumped git version to 2.16.4 |
|
70 | - Dependencies: bumped git version to 2.16.4 | |
| 71 | - Dependencies: bumped SVN to 1.10.2 |
|
71 | - Dependencies: bumped SVN to 1.10.2 | |
| 72 | - Dependencies: added alternative pymysql drivers for mysql |
|
72 | - Dependencies: added alternative pymysql drivers for mysql | |
| 73 | - NIX: updated to 18.03 nix packages, now shipped with python 2.7.15 |
|
73 | - NIX: updated to 18.03 nix packages, now shipped with python 2.7.15 | |
| 74 | release and multiple other new libraries. |
|
74 | release and multiple other new libraries. | |
| 75 |
|
75 | |||
| 76 |
|
76 | |||
| 77 | Security |
|
77 | Security | |
| 78 | ^^^^^^^^ |
|
78 | ^^^^^^^^ | |
| 79 |
|
79 | |||
| 80 | - Mercurial: general protocol security updates. |
|
80 | - Mercurial: general protocol security updates. | |
| 81 | * Fixes Mercurial's CVE for lack of permissions checking on mercurial batch commands. |
|
81 | * Fixes Mercurial's CVE for lack of permissions checking on mercurial batch commands. | |
| 82 | * Introduced more strict checks for permissions, now they default to push instead of pull. |
|
82 | * Introduced more strict checks for permissions, now they default to push instead of pull. | |
| 83 | * Decypher batch commands and pick top-most permission to be required. |
|
83 | * Decypher batch commands and pick top-most permission to be required. | |
| 84 | * This follows changes in Mercurial CORE after 4.6.1 release. |
|
84 | * This follows changes in Mercurial CORE after 4.6.1 release. | |
| 85 | - Fixed bug in bleach sanitizer allowing certain custom payload to bypass it. Now |
|
85 | - Fixed bug in bleach sanitizer allowing certain custom payload to bypass it. Now | |
| 86 | we always fails if sanitizing fails. This could lead to stored XSS |
|
86 | we always fails if sanitizing fails. This could lead to stored XSS | |
| 87 | - Fixed stored XSS in binary file rendering. |
|
87 | - Fixed stored XSS in binary file rendering. | |
| 88 | - Fixed stored XSS in repo forks datagrid. |
|
88 | - Fixed stored XSS in repo forks datagrid. | |
| 89 |
|
89 | |||
| 90 |
|
90 | |||
| 91 | Performance |
|
91 | Performance | |
| 92 | ^^^^^^^^^^^ |
|
92 | ^^^^^^^^^^^ | |
| 93 |
|
93 | |||
| 94 | - Permissions: Permission trees for users and now cached, after calculation. |
|
94 | - Permissions: Permission trees for users and now cached, after calculation. | |
| 95 | This reduces response time for some pages dramatically. |
|
95 | This reduces response time for some pages dramatically. | |
| 96 | In case of any permission changes caches are invalidated. |
|
96 | In case of any permission changes caches are invalidated. | |
| 97 | - Core: new dogpile.cache based cache framework was introduced, which is faster than |
|
97 | - Core: new dogpile.cache based cache framework was introduced, which is faster than | |
| 98 | previously used Beaker. |
|
98 | previously used Beaker. | |
| 99 |
|
99 | |||
| 100 |
|
100 | |||
| 101 | Fixes |
|
101 | Fixes | |
| 102 | ^^^^^ |
|
102 | ^^^^^ | |
| 103 |
|
103 | |||
| 104 | - Audit Logs: store properly IP for certain events. |
|
104 | - Audit Logs: store properly IP for certain events. | |
| 105 | - External Auth: pass along came_from into the url so we get properly |
|
105 | - External Auth: pass along came_from into the url so we get properly | |
| 106 | redirected back after logging using external auth provider. |
|
106 | redirected back after logging using external auth provider. | |
| 107 | - Pull Requests: lock submit on pull request to prevent double submission on a fast click. |
|
107 | - Pull Requests: lock submit on pull request to prevent double submission on a fast click. | |
| 108 | - Pull Requests: fixed a case of unresolved comments attached to removed file in pull request. |
|
108 | - Pull Requests: fixed a case of unresolved comments attached to removed file in pull request. | |
| 109 | That prevented from closing it. |
|
109 | That prevented from closing it. | |
| 110 | - Pull Requests: use numeric repo id for creation of shadow repos. Fixes a problem |
|
110 | - Pull Requests: use numeric repo id for creation of shadow repos. Fixes a problem | |
| 111 | when repository is renamed during PR lifetime. |
|
111 | when repository is renamed during PR lifetime. | |
| 112 | - API: fixed creation of a pull request with default reviewer rules. |
|
112 | - API: fixed creation of a pull request with default reviewer rules. | |
| 113 | - Default Reviewers: fixed voting rule calculation on user group. |
|
113 | - Default Reviewers: fixed voting rule calculation on user group. | |
| 114 | - Pull Requests: in GIT use force fetch and update for target ref. |
|
114 | - Pull Requests: in GIT use force fetch and update for target ref. | |
| 115 | This solves a case when in PR a target repository is force updated (by push force) |
|
115 | This solves a case when in PR a target repository is force updated (by push force) | |
| 116 | and is out of sync. |
|
116 | and is out of sync. | |
| 117 | - VCSServer: detect early potential locale problem, and fallback to LC_ALL=C, |
|
117 | - VCSServer: detect early potential locale problem, and fallback to LC_ALL=C, | |
| 118 | instead of crashing vcsserver. |
|
118 | instead of crashing vcsserver. | |
| 119 | - Pull Requests: use a safer way of destroying shadow repositories. |
|
119 | - Pull Requests: use a safer way of destroying shadow repositories. | |
| 120 | Fixes some problems in NFS storage and big repositories |
|
120 | Fixes some problems in NFS storage and big repositories | |
| 121 |
|
121 | |||
| 122 |
|
122 | |||
| 123 | Upgrade notes |
|
123 | Upgrade notes | |
| 124 | ^^^^^^^^^^^^^ |
|
124 | ^^^^^^^^^^^^^ | |
| 125 |
|
125 | |||
| 126 | - The direct backend `vcsserver.scm_app` is not supported anymore. This backed was |
|
126 | - The direct backend `vcsserver.scm_app` is not supported anymore. This backed was | |
| 127 | already deprecated some time ago. Now it will use `http` mode even if scm_app is |
|
127 | already deprecated some time ago. Now it will use `http` mode even if scm_app is | |
| 128 | specified. Please contact us in case you still use it, and not sure how to upgrade. |
|
128 | specified. Please contact us in case you still use it, and not sure how to upgrade. | |
| 129 | - New dogpile cache settings are not ported to converted .ini. If users want to do |
|
129 | - New dogpile cache settings are not ported to converted .ini. If users want to do | |
| 130 | adjustments please copy the settings over dogpile cache section from a newly |
|
130 | adjustments please copy the settings over dogpile cache section from a newly | |
| 131 | generated rhodecode.template.ini file. This file is stored next to rhodecode.ini |
|
131 | generated rhodecode.template.ini file. This file is stored next to rhodecode.ini | |
| 132 | - SVN 1.10.2 was introduced in this release. Please make sure to update your |
|
132 | - SVN 1.10.2 was introduced in this release. Please make sure to update your | |
| 133 | mod_dav to the same version for best compatibility. |
|
133 | mod_dav to the same version for best compatibility. | |
|
|
134 | - This release brings new Database drivers. We discovered that in some setups it is now | |||
|
|
135 | required to explicitly define a encoding charset in the database connection string. | |||
|
|
136 | If you're getting a permanent exception such as `"UnicodeDecodeError: 'utf8' codec can't decode byte 0xfc in position 15: invalid start byte"` | |||
|
|
137 | please follow a fix from here: https://community.rhodecode.com/t/unicodedecodeerror-utf8-codec-cant-decode-byte-0xfc-in-position-15-invalid-start-byte/246 | |||
General Comments 0
You need to be logged in to leave comments.
Login now