##// END OF EJS Templates
docs: added release notes for 4.13
marcink -
r2998:77ccbdd4 default
parent child Browse files
Show More
@@ -0,0 +1,133 b''
1 |RCE| 4.13.0 |RNS|
2 ------------------
3
4 Release Date
5 ^^^^^^^^^^^^
6
7 - 2018-09-05
8
9
10 New Features
11 ^^^^^^^^^^^^
12
13 - Branch permissions: new set of permissions were added to control branch modification.
14 There are 4 basic permissions that can be set for branch names/branch patterns:
15 * no-access (any modification for given branch is forbidden)
16 * web-merge (modify branch by web based PR merge)
17 * push (only non-forced modification on branch are allowed)
18 * forced push (all modification to branch are allowed)
19 Available in EE edition only.
20 - Unified search and repo-switcher: a new persistent search box is now present allowing
21 to search for repositories, repository groups, commits (using full text search),
22 users, user-groups. Replaces redundant quick-filters/repo switcher.
23 - Default Reviewers: added possibility to match against regex based pattern as
24 alternative syntax to glob which didn't handle all the cases.
25 - Built-in Error tracker: added new exception tracking capability. All errors are now
26 tracked and stored. This allows instance admins to see potential problems without
27 access to the machine and logs.
28 - User Groups: each user group which users have access to expose public profile link.
29 It's possible to view the members of a group before attaching it to any resource.
30 - New caching framework: existing Beaker cache was completely replaced by dogpile.cache
31 library. This new cache framework in addition to solving multiple
32 performance/reliability problems of Beaker is used to cache permissions tree.
33 This gives huge performance boosts for very large and complex permission trees.
34 - Pull Requests: description field is now allowed to use a RST/Markdown syntax.
35 - SVN: added support for SVN 1.10 release line.
36
37
38 General
39 ^^^^^^^
40
41 - Google: updated google auth plugin with latest API changes.
42 - Frontend: Switched to Polymer 2.0.
43 - Events: added a default timeout for operation calling the endpoint url, so
44 they won't block forever.
45 - SQLAlchemy: allow DB connection ping/refresh using dedicated flag from .ini file.
46 `sqlalchemy.db1.ping_connection = true`
47 - Pull Requests: added option to force-refresh merge workspace in case of problems.
48 Adding GET param `?force_refresh=1` into PR page triggers the refresh.
49 - Pull Requests: show more info about version of comment vs latest version.
50 - Diffs: skip line numbers during copy from a diff view.
51 - License: use simple cache to read license info.
52 Due to the complex and expensive encryption, this reduces requests time by ~10ms.
53 - Debug: add new custom logging to track unique requests across systems.
54 Allows tracking single requests in very busy system by unique ID added into logging system.
55 - Configuration: .ini files now can replace a special placeholders e.g "{ENV_NAME}"
56 into a value from the ENVIRONMENT. Allows easier setup in Docker and similar.
57 - Backend: don't support vcsserver.scm_app anymore, now it uses http even if scm_app
58 is specified.
59 - Repositories: re-order creation/fork forms for better UX and consistency.
60 - UI: Add the number of inactive users in _admin/users and _admin/user_groups
61 - UX: updated registration form to better indicate what is the process of binding a
62 RhodeCode account with external one like Google.
63 - API: pull-requests allow automatic title generation via API
64 - VCSServer: errors: use a better interface to track exceptions and tracebacks.
65 - VCSServer: caches: replaced beaker with dogpile cache.
66 - GIT: use GIT_DISCOVERY_ACROSS_FILESYSTEM for better compatibility on NFS servers.
67 - Dependencies: bumped mercurial to 4.6.2
68 - Dependencies: bumped evolve to 8.0.1
69 - Dependencies: bumped hgsubversion to 1.9.2
70 - Dependencies: bumped git version to 2.16.4
71 - Dependencies: bumped SVN to 1.10.2
72 - Dependencies: added alternative pymysql drivers for mysql
73 - NIX: updated to 18.03 nix packages, now shipped with python 2.7.15
74 release and multiple other new libraries.
75
76
77 Security
78 ^^^^^^^^
79
80 - Mercurial: general protocol security updates.
81 * Fixes Mercurial's CVE for lack of permissions checking on mercurial batch commands.
82 * Introduced more strict checks for permissions, now they default to push instead of pull.
83 * Decypher batch commands and pick top-most permission to be required.
84 * This follows changes in Mercurial CORE after 4.6.1 release.
85 - Fixed bug in bleach sanitizer allowing certain custom payload to bypass it. Now
86 we always fails if sanitizing fails. This could lead to stored XSS
87 - Fixed stored XSS in binary file rendering.
88 - Fixed stored XSS in repo forks datagrid.
89
90
91 Performance
92 ^^^^^^^^^^^
93
94 - Permissions: Permission trees for users and now cached, after calculation.
95 This reduces response time for some pages dramatically.
96 In case of any permission changes caches are invalidated.
97 - Core: new dogpile.cache based cache framework was introduced, which is faster than
98 previously used Beaker.
99
100
101 Fixes
102 ^^^^^
103
104 - Audit Logs: store properly IP for certain events.
105 - External Auth: pass along came_from into the url so we get properly
106 redirected back after logging using external auth provider.
107 - Pull Requests: lock submit on pull request to prevent double submission on a fast click.
108 - Pull Requests: fixed a case of unresolved comments attached to removed file in pull request.
109 That prevented from closing it.
110 - Pull Requests: use numeric repo id for creation of shadow repos. Fixes a problem
111 when repository is renamed during PR lifetime.
112 - API: fixed creation of a pull request with default reviewer rules.
113 - Default Reviewers: fixed voting rule calculation on user group.
114 - Pull Requests: in GIT use force fetch and update for target ref.
115 This solves a case when in PR a target repository is force updated (by push force)
116 and is out of sync.
117 - VCSServer: detect early potential locale problem, and fallback to LC_ALL=C,
118 instead of crashing vcsserver.
119 - Pull Requests: use a safer way of destroying shadow repositories.
120 Fixes some problems in NFS storage and big repositories
121
122
123 Upgrade notes
124 ^^^^^^^^^^^^^
125
126 - The direct backend `vcsserver.scm_app` is not supported anymore. This backed was
127 already deprecated some time ago. Now it will use `http` mode even if scm_app is
128 specified. Please contact us in case you still use it, and not sure how to upgrade.
129 - New dogpile cache settings are not ported to converted .ini. If users want to do
130 adjustments please copy the settings over dogpile cache section from a newly
131 generated rhodecode.template.ini file. This file is stored next to rhodecode.ini
132 - SVN 1.10.2 was introduced in this release. Please make sure to update your
133 mod_dav to the same version for best compatibility.
@@ -9,6 +9,7 b' Release Notes'
9 9 .. toctree::
10 10 :maxdepth: 1
11 11
12 release-notes-4.13.0.rst
12 13 release-notes-4.12.4.rst
13 14 release-notes-4.12.3.rst
14 15 release-notes-4.12.2.rst
General Comments 0
You need to be logged in to leave comments. Login now