##// END OF EJS Templates
auth: don't break hashing in case of user with empty password....
auth: don't break hashing in case of user with empty password. In some cases such as LDAP user created via external scripts users might set the passwords to empty. The hashing uses the md5(password_hash) to store reference to detect password changes and forbid using the same password. In case of pure LDAP users this is not valid, and we shouldn't raise Errors in such case. This change makes it work for empty passwords now.

File last commit:

r1:854a839a default
r2203:8a18c3c3 default
Show More
release-notes-3.5.0.rst
91 lines | 3.7 KiB | text/x-rst | RstLexer

|RCE| 3.5.0 |RNS|

Release Date

  • 2015-08-12

Pull Requests

  • Added full support for pre_push and post_push hooks, which ensures |repo| locking is respected when using the server side merging of |prs|.
  • Fixed horizontal scrolling of diffs.
  • Improved the links of the pull request source and target references.
  • Properly escape the names of added reviewers to prevent code injection.
  • Fixed journal entries after a merge to provide a more complete history.
  • Replaced the comment text area with a more dynamic component.
  • Data now loads for :guilabel:`@mention` asynchronously.
  • Added a shortcut, :kbd:`Ctrl Space`, to set the review status out of the comment area.

News

  • Diffs: Unify the display and functionality around diffs in pull requests, commit pages, compare pages, and file diff pages.
  • Files: Improved the structure of the Add file, Upload file, Edit file, and Delete file pages.
  • General: Bundle the LDAP bindings in Windows builds.
  • General: Add a new page, User profile, which displays information about a user.
  • General: The navigation and sub-navigation are fully based on click events.
  • General: Updated the front end component for comments and side-by-side diffs to the latest version.
  • Logging: The logger JSONRPC got renamed to reflect the module name, the new name is rhodecode.controllers.api.base
  • Security: |RCE| now uses os.urandom as a source for generating the authentication tokens.
  • Settings: Adjusted the Edit user and Edit my account pages to be consistent with the new User profile page.
  • Style: User names linked to the new user profile page.
  • Style: Adjusted the colors in flash messages to better integrate with the rest of the application.
  • Style: Consistently applied a small border radius to the rendering of files.
  • SVN: Basic support to handle Subversion client requests which can be enabled based on a lab setting.
  • SVN: Installed basic hooks into new and migrated Subversion repositories.

VCS Server

  • Fixed the error during re-connection after a restart of the VCS Server.
  • Made the streaming of data from subprocess calls more solid.

Fixes

  • Auth: Fixed user name logged as None in the authentication component.
  • Diffs: Fixed a potential internal server error if diff contains binary files.
  • Diffs: |RCE| now expands all content by default.
  • General: Fixed an exceptions in the logging system around the permission validator and on the system info page.
  • General: Avoid internal server error if unknown error documents are requested.
  • General: Keep get parameters after a login redirection.
  • Gists: Fixed header in Gists tables.
  • Repository: Fixed a problem around archiving repositories which contain non-ascii characters in their name.
  • Repository: Show the locked state of a repository if it has been locked manually via the web interface.
  • Repository: Better rendering of the :file:`README` file on the summary page, especially with very long lines.
  • Repository: Avoid internal server error if filtering with a wrong branch name.
  • VCS: Fixed the handling of branch and tag names with special characters.

Style

  • More consistent display of form controls in IE8.
  • Improve navigation display for IE8.
  • Fixed the disabled state of the :guilabel:`Create personal user group` button in the advanced user settings.
  • Corrected the position of flash messages.
  • Fixed a small display issue around the avatar image in the users table.
  • Fixed spacing in the head of the Add Gist form.
  • Fixed help text in permissions form.
  • Fixed the case for various action links.
  • Adjusted the color of action links which delete or remove objects to red.
  • Improved vertical alignment inside of various tabular displays.