Show More
@@ -0,0 +1,162 b'' | |||
|
1 | |RCE| 4.7.0 |RNS| | |
|
2 | ----------------- | |
|
3 | ||
|
4 | Release Date | |
|
5 | ^^^^^^^^^^^^ | |
|
6 | ||
|
7 | - 2017-04-08 | |
|
8 | ||
|
9 | ||
|
10 | New Features | |
|
11 | ^^^^^^^^^^^^ | |
|
12 | ||
|
13 | - Git: added support for Git LFS v2 protocol. RhodeCode now supports both | |
|
14 | Mercurial Largefiles, and Git LFS for storing large binaries. | |
|
15 | - Largefiles: detect Git LFS or Mercurial Largefiles objects in UI. | |
|
16 | Those are now available for downloading together with showing their size. | |
|
17 | - Files: Jupyter notebooks will be now rendered inside the file view. Including | |
|
18 | MatJax support, and relative images. | |
|
19 | - Files: render images inside the file view. | |
|
20 | Instead of displaying binary message, render images icons and gifs | |
|
21 | inside the file view page. | |
|
22 | - Files: relative ULR support inside rendered files. It's now possible to | |
|
23 | write Markup files and relative links will be handled from the RhodeCode | |
|
24 | instance itself. Adds basic wiki functionality. | |
|
25 | - Files: allow to show inline pdf in browser using embedded files from source code. | |
|
26 | - Annotation: added shortcut links to browse the annotation view with previous | |
|
27 | commits. Allows browsing history for each line from annotation view. | |
|
28 | - Pull Requests: add explicit close action instead of close with status from | |
|
29 | status selector. This allows closing of approved or rejected | |
|
30 | pull requests, without performing a merge action. | |
|
31 | - Authentication: LDAP now has an option to sync LDA groups using two | |
|
32 | distinct ways. Either using rfc2307 or rfc2307bis. Increases compatibility | |
|
33 | with different OpenLDAP and AD servers. | |
|
34 | - Slack: updated slack integration to use the attachments for nicer formatting. | |
|
35 | Added number of commits inside the message, changed UI for all Slack events. | |
|
36 | - Authentication (EE edition only): added repository scope for VCS type auth | |
|
37 | tokens. Each token can be now bound to particular repository for added security. | |
|
38 | - User administration: added audit page to allow showing single user actions. | |
|
39 | - API: implemented `get_user_audit_logs` method to fetch audit logs via API endpoint. | |
|
40 | - User administration: It's now possible to edit user group membership from | |
|
41 | user view. | |
|
42 | - User groups administration: added managing and showing the group | |
|
43 | synchronization in UI. It's now possible to enable manual group syncing on | |
|
44 | already existing user groups from external sources such as LDAP/AD. | |
|
45 | - Repositories: added new strip view allowing removing commits from repositories | |
|
46 | via web interface for repository administrators. | |
|
47 | - System Info: added info about workers and worker type. | |
|
48 | Added more details about CPU. Expose workers of VCSServer in system info data. | |
|
49 | Detect database migration errors. | |
|
50 | ||
|
51 | ||
|
52 | General | |
|
53 | ^^^^^^^ | |
|
54 | ||
|
55 | - Core: ported many views into pure pyramid code with python3.6 compatibility. | |
|
56 | - Core: removed deprecated Pyro4 backend from Enterprise code. | |
|
57 | - Maintenance: implemented maintenance view for Mercurial and GIT repositories. | |
|
58 | For HG it will run `hg verify`, and for GIT a `git gc` command. | |
|
59 | - Notifications: different approach with fixed/standard container. Floating | |
|
60 | notifications no longer hide the menu when browsed on top of the page. | |
|
61 | Also added option to remove single elements from stacked notifications. | |
|
62 | - VCS server: exception-handling: better handling of remote exception and logging. | |
|
63 | - VCS server: propagate hooks tracebacks to VCS server for easier debugging. | |
|
64 | - Core: prevent `httplib3` logs to spam internal RhodeCode logs. | |
|
65 | It often confuses people looking at those entries, misleading during debug. | |
|
66 | - Mercurial: allow editing Largefiles store location from web interface. | |
|
67 | - Git: allow editing GIT LFS store location from web interface. | |
|
68 | - API: add get_method API call. This allows showing the method and it's parameter | |
|
69 | from the CLI without reading the documentation. | |
|
70 | In addition use it's mechanics to propose users other methods with close names | |
|
71 | if the calling method is not found. | |
|
72 | - UI: add timezone info into tooltips. | |
|
73 | - Dependencies: bumped pyramid to 1.7.4 | |
|
74 | - Dependencies: bumped Mercurial version to 4.1.2 | |
|
75 | ||
|
76 | ||
|
77 | Security | |
|
78 | ^^^^^^^^ | |
|
79 | ||
|
80 | - Hooks: added changes to propagate commit metadata on pre-push. | |
|
81 | This allows easier implementation of checking hooks such as branch protection. | |
|
82 | - Hooks: added new pretx hook to allow mercurial checks such as protected | |
|
83 | branches, or force push. | |
|
84 | - Auth: give owner of user group proper admin permissions to the user group. | |
|
85 | This makes the behaviour consistent with repositories and repository groups. | |
|
86 | And allows delegation of administration of those to other users. | |
|
87 | - Password reset: strengthen security on password reset logic. | |
|
88 | Generate token that has special password reset role. | |
|
89 | Set 10 minute expiration for the token. | |
|
90 | Add some logic to prevent brute forcing attacks. | |
|
91 | Use more implicit messages to prevent user email discovery attacks. | |
|
92 | - Core: added checks for password change for authenticated users in pure | |
|
93 | Pyramid views. 2 views were still available and not forcing users to change | |
|
94 | their passwords. | |
|
95 | - Auth tokens: removed builtin auth-token for users. | |
|
96 | Builtin token were non-removable, and always generated for new users. This | |
|
97 | wasn't best practice for security as some users are strictly not allowed to | |
|
98 | use tokens. From now on new users needs a new token generation in case they | |
|
99 | want to use token based authentication. | |
|
100 | - Auth tokens: don't generate builtin token for new users. | |
|
101 | Also don't change them when password reset is made. | |
|
102 | - Api: added last-activity into returned data of get_user api. | |
|
103 | ||
|
104 | ||
|
105 | Performance | |
|
106 | ^^^^^^^^^^^ | |
|
107 | ||
|
108 | - Mercurial: enabled new `Zstandard` compression algorithm available with | |
|
109 | Mercurial 4.1.X. This allows faster, more CPU efficient clones when used | |
|
110 | with new Mercurial clients. | |
|
111 | ||
|
112 | - Users Admin: moved user admin to pyramid, and made it load users in chunks. | |
|
113 | Fixed loading data to be lazy fetched, drastically improves speed of user | |
|
114 | administration page in case of large amount of users. | |
|
115 | ||
|
116 | ||
|
117 | Fixes | |
|
118 | ^^^^^ | |
|
119 | ||
|
120 | - Search: goto commit search will now use a safe search option and never | |
|
121 | throw any exceptions even if search is misconfigured | |
|
122 | e.g. Elastic Search cluster is down. | |
|
123 | - Events: fix a case for events called from API that couldn't fetch | |
|
124 | registered user object. | |
|
125 | - Comments: unlock submit if we use slash commands to set status. | |
|
126 | - UI: fixed an issue with date of last change was not displayed correctly. | |
|
127 | - Emails: added comment types (TODO/NOTE) into emails. | |
|
128 | - Events: fix wrongly returned author data. | |
|
129 | - Error middleware: read the instance title from cached object. | |
|
130 | Reading from settings inside error handler can cause error hiding when | |
|
131 | error_handler was caused by database errors. | |
|
132 | - Pull requests: show version age component should use local dates instead of UTC. | |
|
133 | - Pull requests: lock button when updating reviewers to forbid multi-submit | |
|
134 | problems. Additionally fixed some small UI issues found in that view. | |
|
135 | - Pull requests: forbid browsing versions on closed pull request. | |
|
136 | - Pull requests: allow super-admins to delete pull requests instead of only owners. | |
|
137 | - Diffs: support mercurial copy operation in diffs details. | |
|
138 | - SVN: escape special chars to allow interactions with non-standard svn paths. | |
|
139 | Path with special characters such as '#' will no longer trigger 404 errors. | |
|
140 | - Data grids: fix some styling and processing text display. | |
|
141 | - API: use consistent way to extract users, repos, repo groups and user groups | |
|
142 | by id or name. Makes usage of Number vs String to differentiate if we pick | |
|
143 | object ID or it's name this will allow editing of objects by either id or | |
|
144 | it's name, including numeric string names. | |
|
145 | - API: validate commit_id when using commit_comment API | |
|
146 | - API: cleanup sessions enforce older_then must be a valid INT. | |
|
147 | ||
|
148 | ||
|
149 | Upgrade notes | |
|
150 | ^^^^^^^^^^^^^ | |
|
151 | ||
|
152 | - Auth-tokens: a builtin token will be migrated for all users into a custom | |
|
153 | external token. We advise to inform users that the current builtin tokens | |
|
154 | will now show as external ones. Builtin tokens were removed to allow expiring | |
|
155 | ,or removing them. It's now possible to create users without any tokens. | |
|
156 | ||
|
157 | From now on new users needs a new token generation in case they want to use | |
|
158 | token based authentication. | |
|
159 | ||
|
160 | - Hooks: we added via migration a pre transaction hook for Mercurial. If you're | |
|
161 | using a custom code inside pre-push function of rcextensions make sure it | |
|
162 | will not block your pushes. |
@@ -1,94 +1,95 b'' | |||
|
1 | 1 | .. _rhodecode-release-notes-ref: |
|
2 | 2 | |
|
3 | 3 | Release Notes |
|
4 | 4 | ============= |
|
5 | 5 | |
|
6 | 6 | |RCE| 4.x Versions |
|
7 | 7 | ------------------ |
|
8 | 8 | |
|
9 | 9 | .. toctree:: |
|
10 | 10 | :maxdepth: 1 |
|
11 | 11 | |
|
12 | release-notes-4.7.0.rst | |
|
12 | 13 | release-notes-4.6.1.rst |
|
13 | 14 | release-notes-4.6.0.rst |
|
14 | 15 | release-notes-4.5.2.rst |
|
15 | 16 | release-notes-4.5.1.rst |
|
16 | 17 | release-notes-4.5.0.rst |
|
17 | 18 | release-notes-4.4.2.rst |
|
18 | 19 | release-notes-4.4.1.rst |
|
19 | 20 | release-notes-4.4.0.rst |
|
20 | 21 | release-notes-4.3.1.rst |
|
21 | 22 | release-notes-4.3.0.rst |
|
22 | 23 | release-notes-4.2.1.rst |
|
23 | 24 | release-notes-4.2.0.rst |
|
24 | 25 | release-notes-4.1.2.rst |
|
25 | 26 | release-notes-4.1.1.rst |
|
26 | 27 | release-notes-4.1.0.rst |
|
27 | 28 | release-notes-4.0.1.rst |
|
28 | 29 | release-notes-4.0.0.rst |
|
29 | 30 | |
|
30 | 31 | |RCE| 3.x Versions |
|
31 | 32 | ------------------ |
|
32 | 33 | |
|
33 | 34 | .. toctree:: |
|
34 | 35 | :maxdepth: 1 |
|
35 | 36 | |
|
36 | 37 | release-notes-3.8.4.rst |
|
37 | 38 | release-notes-3.8.3.rst |
|
38 | 39 | release-notes-3.8.2.rst |
|
39 | 40 | release-notes-3.8.1.rst |
|
40 | 41 | release-notes-3.8.0.rst |
|
41 | 42 | release-notes-3.7.1.rst |
|
42 | 43 | release-notes-3.7.0.rst |
|
43 | 44 | release-notes-3.6.1.rst |
|
44 | 45 | release-notes-3.6.0.rst |
|
45 | 46 | release-notes-3.5.2.rst |
|
46 | 47 | release-notes-3.5.1.rst |
|
47 | 48 | release-notes-3.5.0.rst |
|
48 | 49 | release-notes-3.4.1.rst |
|
49 | 50 | release-notes-3.4.0.rst |
|
50 | 51 | release-notes-3.3.4.rst |
|
51 | 52 | release-notes-3.3.3.rst |
|
52 | 53 | release-notes-3.3.2.rst |
|
53 | 54 | release-notes-3.3.1.rst |
|
54 | 55 | release-notes-3.3.0.rst |
|
55 | 56 | release-notes-3.2.3.rst |
|
56 | 57 | release-notes-3.2.2.rst |
|
57 | 58 | release-notes-3.2.1.rst |
|
58 | 59 | release-notes-3.2.0.rst |
|
59 | 60 | release-notes-3.1.1.rst |
|
60 | 61 | release-notes-3.1.0.rst |
|
61 | 62 | release-notes-3.0.2.rst |
|
62 | 63 | release-notes-3.0.1.rst |
|
63 | 64 | release-notes-3.0.0.rst |
|
64 | 65 | |
|
65 | 66 | |RCE| 2.x Versions |
|
66 | 67 | ------------------ |
|
67 | 68 | |
|
68 | 69 | .. toctree:: |
|
69 | 70 | :maxdepth: 1 |
|
70 | 71 | |
|
71 | 72 | release-notes-2.2.8.rst |
|
72 | 73 | release-notes-2.2.7.rst |
|
73 | 74 | release-notes-2.2.6.rst |
|
74 | 75 | release-notes-2.2.5.rst |
|
75 | 76 | release-notes-2.2.4.rst |
|
76 | 77 | release-notes-2.2.3.rst |
|
77 | 78 | release-notes-2.2.2.rst |
|
78 | 79 | release-notes-2.2.1.rst |
|
79 | 80 | release-notes-2.2.0.rst |
|
80 | 81 | release-notes-2.1.0.rst |
|
81 | 82 | release-notes-2.0.2.rst |
|
82 | 83 | release-notes-2.0.1.rst |
|
83 | 84 | release-notes-2.0.0.rst |
|
84 | 85 | |
|
85 | 86 | |RCE| 1.x Versions |
|
86 | 87 | ------------------ |
|
87 | 88 | |
|
88 | 89 | .. toctree:: |
|
89 | 90 | :maxdepth: 1 |
|
90 | 91 | |
|
91 | 92 | release-notes-1.7.2.rst |
|
92 | 93 | release-notes-1.7.1.rst |
|
93 | 94 | release-notes-1.7.0.rst |
|
94 | 95 | release-notes-1.6.0.rst |
General Comments 0
You need to be logged in to leave comments.
Login now