##// END OF EJS Templates
feat(hide recaptcha secrets): masked sensitive information related to reCaptcha configuration.
feat(hide recaptcha secrets): masked sensitive information related to reCaptcha configuration.

File last commit:

r3299:6926852f stable
r5641:ad0048eb tip default
Show More
release-notes-4.15.0.rst
82 lines | 2.9 KiB | text/x-rst | RstLexer

|RCE| 4.15.0 |RNS|

Release Date

  • 2018-12-10

New Features

  • Authentication: Added SAML 2.0 Authentication, with support of OneLogin and DUO Security.
  • Core: add debug mode that switches logging to debug. It's no longer required to reconfigure all logging. A debug=true set in .ini file does it automatically.

General

  • Authentication: rename oauth to external identity as it would now be serving both oAuth and SAML.
  • Authentication: allow setting extern type with registration. This will allow external identity plugins to define proper externs instead of always using "rhodecode" one.
  • Authentication: show if plugin is activated and enabled in the list.
  • Authentication: add better logging for ldap related attributes to help track LDAP connection problems more easily.
  • Visual: add change logo header template
  • UI: updated error pages style to be consistent with other pages.
  • Utils: updated request generation so ishell can run some automation scripts.
  • Docs: updated documentation for SVN 1.10 Wandisco repositories.
  • System info: expose base_url set in .ini file.
  • Style: update pygments template styling.
  • Style: updated li style and markdown style.
  • Dependencies: added python-saml library.
  • Dependencies: bumped hgsubversion to 1.9.3 release.
  • Dependencies: bumped gevent to 1.3.7 release.
  • Dependencies: bumped lxml to 4.2.5 release.
  • Dependencies: bumped gevent to 1.3.7 release.
  • Dependencies: bumped alembic to 1.0.5 release.
  • Dependencies: bumped peppercorn to 0.6 release.
  • Dependencies: bumped pyotp to 2.2.7 release.
  • Dependencies: bumped deform to 2.0.7 release
  • Dependencies: bumped py-gfm to 0.1.4 release.
  • Dependencies: bumped colander to 1.5.1 release
  • Dependencies: bumped appenlight-client to 0.6.26 release.
  • Dependencies: bumped bleach to 3.0.2 release.
  • Dependencies: bumped pygments to 2.3.0

Security

  • Mercurial: support evolve sub-commands when checking for permissions. Those defaulted to write, while only read is required for evolve.
  • auth/security: enforce that external users cannot reset their password. External users don't use RhodeCode passwords, so resetting them shouldn't be allowed.

Performance

  • Markdown: use lazy loaded markdown initialization to speed up app startup.
  • Gevent: changed DNS resolver to ares for better stability on long running processes.

Fixes

  • Default Reviewers: use target repo owner as default reviewer in case of CE edition.
  • LDAP: ensure the proper cert files and dirs are set. It's also now possible to specify custom paths for those.
  • Markdown: fixed auto checkbox generation from markdown code

Upgrade notes

  • In this release we introduced new options for cert directory and file for LDAP plugins. In case of problems with LDAPS please verify the settings in the LDAP plugin configuration.