release-notes-3.0.0.rst
166 lines
| 8.0 KiB
| text/x-rst
|
RstLexer
|RCE| 3.0.0 |RNS|
As |RCE| 3.0 is a big release, the release notes have been split into the following sections:
- :ref:`general-rn-ref`
- :ref:`security-rn-ref`
- :ref:`api-rn-ref`
- :ref:`performance-rn-ref`
- :ref:`prs-rn-ref`
- :ref:`gists-rn-ref`
- :ref:`search-rn-ref`
- :ref:`fixes-rn-ref`
General
- Released 2015-01-27
- Basic |svn| support added
- GPLv3 components removed
- Server/Client architecture for VCS systems created
- Python 2.5 and 2.6 support deprecated
- Server info pages now show gist/archive cache storage, and also CPU/Memory/Load information.
- Added new bulk commit (changeset) status comment form into compare view which enables bulk code-reviews without opening a pull-request.
- License checks and limits now only apply to active users.
- Removed CLI command for |repo| scans as it can be done via an API call.
- VCS backends can be globally enabled/disabled from the :file:`rhodecode.ini` file.
- Added a UI option to set default rendering to rst or markdown.
- Added syntax highlighting to 2 way compare diff.
- Markup rendering can now render checkboxes for easy checklists generation.
- Gravatars are now retina ready.
- Admins can define custom CSS or JavaScript in the header or footer via new pre/post code options.
- Replaced graph.js with commits-graph.js html5 implementation.
- Added editable owner field for repository groups, and user group.
- Added an option to detach/delete user repositories when deleting users from the system.
- Added a Supervisor control page that shows status of processes.
- User admin grid can now filter by username OR email.
- Added personal |repo| group link for easier fork creation.
- Added support for using subdirectories when creating and uploading new files.
- Added option to rename a file from the web interface.
- Added arrow key navigation to file filter and fixed the back button behaviour.
- Added fuzzy matching to file filter.
- Added functionality to create folder structures along with files when adding content via the web interface.
- Separated default permissions UI into global, user, or object permissions management.
- Added an inheritance flag to object permissions which allows for explicit permissions which disregard global permissions.
- Added post create repository group hook.
- Added trigger push hooks on online file editor.
- Added default title for pull request.
- More detailed logs during Authentication.
- More explicit logging when permission checks occur.
- Switched the implementation of |git| fetch clone pull checkout commands to pure |py| without any subprocess calls.
- Introduced the rcserver command for custom development.
- Added the ability to force no cache archived via the GET no_cache flag
Security
- CSRF (Cross-Site Request Forgery) tokens now in all pages that use forms.
- The clone_url field is now AES encrypted inside the database.
- ACLs (Access Control Lists) are checked on the gist edit page for logged in users.
- New repository groups and repositories are created with 0755 permissions and not not 0777.
- Explicit RSS tokens are used for the RSS journal, when leaked, limits access to RSS only.
- Fixed XSS issues when rendering raw SVG files.
- Added force password reset option for users.
- IP list now accepts comma-separated values, and also ranges using - to specify multiple addresses.
- Added auth tokens, these authentication tokens can be used as an alternative to passwords.
- Added roles (http, api, rss, all, vcs) into authentication tokens (previously called apikeys).
- LDAP Group Support added.
- Added JASIG CAS auth plugin support.
- Added a plugin parameter that defines if a plugin can create new users on the fly.
API
- Added permissions delegation when creating |repos| or |repo| groups.
- Added strip support for |hg| and |git| |repos|.
- Added comments API for commits.
- Added add/remove methods for extra fields in repositories.
- get_* calls now use permission() and permission_user_group() methods for unified permissions structure.
- get_repo_nodes information sending has changed and is no longer a boolean flag, it's now basic or full.
- Due to configurable backends repo_type is now mandatory parameter for the create_repo call.
Performance
- Significant performance improvements across all application functions.
- HTTP Authentication performance enhancements.
- Added a scope variable to the permissions fetching function which improves building permission trees in large amounts by a factor of 10.
- Implemented caching logic for all authentication plugins. The AUTH_CACHE_TTL = <int> property now allow you to set the cache in seconds.
Pull Requests
- Pull requests can be now updated and merged from the web interface
- Fixed creating a Mercurial |pr| from a bookmark.
- Forbid closing pull requests when calculated status is different that the approved or rejected version.
- Properly display calculated pull request review status on listing page.
- Disable delete comment button if |pr| is closed.
Gists
- New UI based on grids with filtering.
- Super-admins can see all gists.
- Gists can now be created with a custom names.
Search
- New API based indexer.
- Added the ability to create size limits for indexed files.
- Added a new mapping configuration file which gives a very high level of flexibility when creating full text search.
Fixes
- General: fixed issues with dependent objects, such as users in user groups. Cleaning up these dependent objects is now done in a safe way.
- General: deleting a user group from settings > advanced will use force removal and cleanup from all associations.
- General: fixed issue with filter proxy middleware it's now more error prone.
- General: fixed issues with unable to create fork inside a group.
- General: fixed bad logic in ext_json lib, that checked bool on microseconds, in case it was 0 bool it returned False.
- General: authors in annotation mode shows authors of current source, not from all history (that is in normal mode)
- Permissions: fix issue when inherit flag for user group stopped working after initial permissions set.
- |git|: fixed shallow clones.
- |git|: added \n into the service line of |git| protocol. It is in the specifications and some python clients require this.
- |hg|: fix thread safety for mercurial in-memory commits.
- Windows: fixed issue with shebang and env headers.
- MySQL: fixed database fields with 256 char length with added indexes. Mysql had problems with them.
- Database: fixed bad usage of matching using ILIKE. Previously it could happen that if you had marcin_1@rhodecode.com and marcin_2@rhodecode.com emails, using marcin_@rhodecode.com would match both.
- VCS: fixed issues with double new lines on the commit patches.
- VCS: repository locking now requires write permission to repository. If we allowed locking with read, people can lock repository without an option to unlock it.
- Models: removed the isdigit call that can create issues when names are actually numbers on fetching objects.
- Files: Fix bug with show authors in annotate view.
- Hooks: truncate excessive commit lists on post_push hook.
- Hooks: in |git|, support added to set the default branch if it is not master.
- Notifications: now can be marked as read when you are not admin.
- Notifications: marking all notifications as read will hide the counter.
- Frontend: fixed branch-tag switcher multiple ajax calls.
- Repository group: |repo| group owners can now change group settings even if they don't have access to top-level permissions.
- Repositories: if you set Fork of in advanced repository settings it will now only show valid repositories with the same type.