Show More
| @@ -0,0 +1,178 b'' | |||||
|
|
1 | |RCE| 4.10.0 |RNS| | |||
|
|
2 | ------------------ | |||
|
|
3 | ||||
|
|
4 | Release Date | |||
|
|
5 | ^^^^^^^^^^^^ | |||
|
|
6 | ||||
|
|
7 | - 2017-11-02 | |||
|
|
8 | ||||
|
|
9 | ||||
|
|
10 | New Features | |||
|
|
11 | ^^^^^^^^^^^^ | |||
|
|
12 | ||||
|
|
13 | - SSH (Beta): added support for authentication via SSH keys. It's possible | |||
|
|
14 | to use SSH key based authentication instead of HTTP. Users are allowed to | |||
|
|
15 | store multiple keys and use them to push/pull code via SSH. | |||
|
|
16 | - Pull requests: store and show a merge strategy. Pull request strategy will | |||
|
|
17 | be also now shown in the UI. | |||
|
|
18 | Close/delete branch are shown if that option is selected. | |||
|
|
19 | - Pull requests: Add option to close a branch before merging for Mercurial. | |||
|
|
20 | - Processes page. RhodeCode will show a list of all current workers with | |||
|
|
21 | CPU and Memory usage. | |||
|
|
22 | It's also possible to restart each worker from the web interface. | |||
|
|
23 | - Auth tokens: allow specifying a custom expiration date from UI. | |||
|
|
24 | - Integrations: webhook, allow to set a custom header. | |||
|
|
25 | - Integrations: webhook, add possibility to specify username and password. | |||
|
|
26 | - UI: added copy-to-clipboard for commits, file paths, gist/clone urls. | |||
|
|
27 | - UI: improve support for meta-tags in repository description: | |||
|
|
28 | Tags are extracted to the beginning of the description during rendering. | |||
|
|
29 | Show helpers in proper places in groups/repos/forks with all available tags. | |||
|
|
30 | Add a new deprecated tag. | |||
|
|
31 | - UI: commits page, hide evolve commits. | |||
|
|
32 | Now optionally it's possible to show them via a new link on changelog page. | |||
|
|
33 | - Audit logs: allow showing individual entries for audit log. | |||
|
|
34 | - Audit logs: expose repo related audit logs in repository view. | |||
|
|
35 | - User sessions: get ability to count memcached sessions. | |||
|
|
36 | - Core: added support for REDIS based user sessions and cache backend. | |||
|
|
37 | - Core: added support for Golang go-import functionality. | |||
|
|
38 | - SVN: allow specifying alternative template file for mod_dav config. | |||
|
|
39 | - Markup: make relative links pin to raw files for images/files as links. | |||
|
|
40 | Allows building relative MD/RST links that go to rendered content | |||
|
|
41 | - Auth: allow binding the whitelist views to specific auth tokens. This allows | |||
|
|
42 | to access only specific pages via given auth token. E.g possible to expose | |||
|
|
43 | raw diff/raw file content only for specific single token. | |||
|
|
44 | The new format is `viewName@TOKEN` | |||
|
|
45 | - Channelstream: push events with comments on single commits. Users will get | |||
|
|
46 | live notification for events on single commits too. | |||
|
|
47 | ||||
|
|
48 | ||||
|
|
49 | General | |||
|
|
50 | ^^^^^^^ | |||
|
|
51 | ||||
|
|
52 | - License: add helper to show alternative application method for license via | |||
|
|
53 | ishell. | |||
|
|
54 | - http: set REMOTE_USER and REMOTE_HOST http variables in order for more | |||
|
|
55 | Mercurial extensions compatibility. | |||
|
|
56 | - User/User groups: show if users or user groups are a part of review rules. | |||
|
|
57 | - Permissions: new improved visual permissions summary. Show exactly how | |||
|
|
58 | permissions were inherited, and which rule overwrote the other. | |||
|
|
59 | - Permissions: added new JSON endpoint to extract permissions as JSON data | |||
|
|
60 | for 3rd party processing. This allows access for reporting tools without | |||
|
|
61 | giving any ADMIN API access to fetch permissions. | |||
|
|
62 | - Pyramid: ported all controllers to Pyramid, with python3 compatible code. | |||
|
|
63 | - Gunicorn: allow custom logger to be set for a consistent formatting of | |||
|
|
64 | Gunicorn logs with RhodeCode logs. | |||
|
|
65 | - Search: per-repo search shouldn't require admin permissions. Read is enough | |||
|
|
66 | because we access the repo data only. | |||
|
|
67 | - Git: updated to 2.13.5 release | |||
|
|
68 | - Mercurial: updated to 4.2.3 release. | |||
|
|
69 | - Mercurial Evolve: updated to 6.6.0 release. | |||
|
|
70 | - Dependencies: bumped pysqlite to Mako to 1.0.7 | |||
|
|
71 | - Dependencies: bumped pysqlite to 2.8.3 | |||
|
|
72 | - Dependencies: bumped psycopg2 to 2.7.1 | |||
|
|
73 | - Dependencies: bumped docutils to 0.13.1 | |||
|
|
74 | - Dependencies: bumped simplejson to 3.11.1 | |||
|
|
75 | - Dependencies: bumped alembic to 0.9.2 | |||
|
|
76 | - Dependencies: bumped Beaker to 1.9.0 | |||
|
|
77 | - Dependencies: bumped Markdown to 2.6.8 | |||
|
|
78 | - Dependencies: bumped dogpile.cache to 0.6.4 | |||
|
|
79 | - Dependencies: bumped colander to 1.3.3 | |||
|
|
80 | - Dependencies: bumped appenlight_client to 0.6.21 | |||
|
|
81 | - Dependencies: bumped cprofileV to 1.0.7 | |||
|
|
82 | - Dependencies: bumped ipdb to 0.10.3 | |||
|
|
83 | - Dependencies: bumped supervisor to 3.3.2 | |||
|
|
84 | - Dependencies: bumped subprocess32 to 3.2.7 | |||
|
|
85 | - Dependencies: bumped pathlib2 to 2.3.0. | |||
|
|
86 | - Dependencies: bumped gunicorn==19.7.1 | |||
|
|
87 | - Dependencies: bumped gevent to 1.2.2 together with greenlet to 0.4.12 | |||
|
|
88 | - Dependencies: bumped venusian to 1.1.0 | |||
|
|
89 | - Dependencies: bumped ptyprocess to 0.5.2 | |||
|
|
90 | - Dependencies: bumped testpath to 0.3.1 | |||
|
|
91 | - Dependencies: bumped Pyramid to 1.9.1 | |||
|
|
92 | - Dependencies: bumped supervisor to 3.3.3 | |||
|
|
93 | - Dependencies: bumped sqlalchemy to version 1.1.11 | |||
|
|
94 | ||||
|
|
95 | ||||
|
|
96 | Security | |||
|
|
97 | ^^^^^^^^ | |||
|
|
98 | ||||
|
|
99 | - Security: use no-referrer for outside link to stop leaking potential | |||
|
|
100 | parameters such as auth token stored inside GET flags. | |||
|
|
101 | - Auth tokens: always check permissions to scope tokens to prevent resource | |||
|
|
102 | discovery of private repos. | |||
|
|
103 | - Strip: fix XSS in repo strip view. | |||
|
|
104 | - Files: prevent XSS in fake errors message on filenodes. | |||
|
|
105 | - Files: remove right-to-left override character for display in files. | |||
|
|
106 | This allows faking the name a bit, we in this particular place want to | |||
|
|
107 | skip the override for enhanced security. | |||
|
|
108 | - Repo forks: security, check for access to fork_id parameter to prevent | |||
|
|
109 | resource discovery. | |||
|
|
110 | - Pull requests: security double check permissions on injected forms of | |||
|
|
111 | source and target repositories. Fixes resource discovery. | |||
|
|
112 | - Pull requests: security, prevent from injecting comments to other pull | |||
|
|
113 | requests for users don't have access to. | |||
|
|
114 | ||||
|
|
115 | ||||
|
|
116 | Performance | |||
|
|
117 | ^^^^^^^^^^^ | |||
|
|
118 | ||||
|
|
119 | - Goto-switcher: use special commit: prefix to explicitly search for commits. | |||
|
|
120 | previous solution could make the go-to switcher slow in case of larger search | |||
|
|
121 | index present. | |||
|
|
122 | - Goto-switcher: optimized performance and query capabilities. | |||
|
|
123 | - Diffs: use whole chunk diff to calculate if it's oversized or not. | |||
|
|
124 | This fixes an issue if a file is added that has very large number of small | |||
|
|
125 | lines. In this case the time to detect if the diff should be limited was | |||
|
|
126 | very long and CPU intensive. | |||
|
|
127 | - Markup: use cached version of http pattern for urlify_text. This | |||
|
|
128 | increases performance because we don't have to compile the pattern each time | |||
|
|
129 | we execute this commonly used function. | |||
|
|
130 | - Changelog: fix and optimize loading of chunks for file history. | |||
|
|
131 | - Vcs: reduce sql queries used during pull/push operations. | |||
|
|
132 | - Auth: use cache_ttl from a plugin to also cache calculated permissions. | |||
|
|
133 | This gives a 30% speed increase in operations like svn commit. | |||
|
|
134 | ||||
|
|
135 | ||||
|
|
136 | Fixes | |||
|
|
137 | ^^^^^ | |||
|
|
138 | ||||
|
|
139 | - Initial-gravatars: fix case of dot being present before @domain. | |||
|
|
140 | - Vcs: report 404 for shadow repos that are not existing anymore. | |||
|
|
141 | - RSS/Atom Feeds: generate entries with proper unique ids. | |||
|
|
142 | - DB: use LONGTEXT for mysql in user_logs. Fixes problem with mysql rejecting | |||
|
|
143 | insert because of too long json data. | |||
|
|
144 | - Pull request: add missing audit data for pull_request.close action. | |||
|
|
145 | - User groups: properly set add/delete members for usage in audit data. | |||
|
|
146 | - Repo, auth-tokens: UX, set VCS scope if repo scopped token is selected. | |||
|
|
147 | - Changelog: fix and optimize loading of chunks for file history. | |||
|
|
148 | - Error reporting: improve handling of exception that are non-standard. | |||
|
|
149 | Inject traceback information into unhandled exceptions. | |||
|
|
150 | - Users: add additional information why user with pending reviews | |||
|
|
151 | shouldn't be deleted. | |||
|
|
152 | - Auth ldap: improve messages when users failed to authenticate via LDAP. | |||
|
|
153 | - Sqlalchemy: enabled connection ping. | |||
|
|
154 | should fix potential issues with Mysql server has gone away issues. | |||
|
|
155 | - License page: fix usage of url() that could prevent from using convert license. | |||
|
|
156 | - Permissions: use same way of sorting of user_group permissions like user ones. | |||
|
|
157 | ||||
|
|
158 | ||||
|
|
159 | Upgrade notes | |||
|
|
160 | ^^^^^^^^^^^^^ | |||
|
|
161 | ||||
|
|
162 | - Searching for commits in goto-switcher must be now prefixed with | |||
|
|
163 | commit:<hash> | |||
|
|
164 | - Because of pyramid porting view names have changed, and we made a backward | |||
|
|
165 | compatibility mapping for most common ones only. | |||
|
|
166 | We recommend reviewing your whitelist view access list. | |||
|
|
167 | There's a new dedicated page with ALL views listed under admin > permissions | |||
|
|
168 | Please take a look in there to port any non-standard views for whitelist access. | |||
|
|
169 | ||||
|
|
170 | - SSH support is implemented via combination of internal, and installed hooks. | |||
|
|
171 | A file called `hgrc_rhodecode` is added to each repository that was used with | |||
|
|
172 | SSH access. This file is then imported inside main hgrc file, it contains | |||
|
|
173 | some Mercurial hooks for ACL checks. | |||
|
|
174 | This breaks full backward compatibility with releases prior to 4.10.0. | |||
|
|
175 | If you install 4.10+, enable SSH module and use SSH with a Mercurial repo, then | |||
|
|
176 | rollback used version to 4.9.1. In such case one additional actions is required. | |||
|
|
177 | Remove following line from `hgrc` file stored inside the repository: | |||
|
|
178 | `%include hgrc_rhodecode` | |||
General Comments 0
You need to be logged in to leave comments.
Login now