forked from apache/allura
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGES
951 lines (840 loc) · 43 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
Version 1.8.1 (March 2018)
New Features
* [#8192] StopForumSpam filter and moderation+spam update
* [#8193] Allow rate-limiting of comments
General
* [#4841] Anonymous updates should be moderated
* [#8182] Improve category management screens
* [#8183] Browse Commits graph should support hi-dpi
* [#8184] Project Importer should include optional icon
* [#8185] Allow additional domain patterns for inbound email
* [#8187] Make forum thread subjects editable
* [#8191] Remove html-only mailing options
* Adds convenience property for Neighborhood shortname
* Fix visual style on a modal cancel button
* Add tool_data field, use ProjectRegistrationProvider shortname validator, cleanup
* Ensure after a pwd reset, you can still log in. Test improvements.
Performance:
* [#8189] Fix slow forum listings
* [#8188] Config options for some scm limit params
Security:
* [#8190] HTTP response splitting vulnerability CVE-2018-1319
* Remove md5 from our release script, per latest ASF dist policy
* Publicize previous security fix in changelog
Version 1.8.0 (February 2018)
New Features
* Notify user of password changes, and more login audit logging
* [#7908] Docker setup for production environment
Upgrade Instructions
Run `pip install -r requirements.txt` to install updated dependencies
To subscribe merge request creators to their own merge requests, run:
paster script config-file.ini ../scripts/migrations/032-subscribe-merge-request-submitters.py
Bug Fixes & Minor Improvements
Security:
* [#8180] StaticFilesMiddleware allows directory traversal CVE-2018-1299
* [#8155] Record logins to audit log
* [#8156] Notify user of password changes
* [#8158] Add antispam measures to login page
* [#8159] Loosen ip requirements for antispam checks
General:
* [#6342] Errors in ForgeLinkPattern parsing
* [#8160] UnicodeEncodeError processing inbound email
* [#8169] Updating markdown cache should not affect last_updated
* [#8172] Markdown dialog shows same text repeatedly
* [#8176] Don't show related artifacts that user can't view
* Make Youtube embed work better with different CSS
* Allow a legacy icon (no original stored) to still be served when a larger width is requested
* If small icon requested, allow resizing down from old icons even if we don't have newer fullsize original
* Add a stylized search button to sidebar search boxes
* When reindexing, set c.app based on current artifact to avoid "Ambiguous link..."
* Make sure fontawesome never is downloaded twice, since we always provide it
* Upgrade to pygments 2.2 (includes faster HTML rendering for long lines)
Code Repositories:
* [#7896] Better plaintext mail for commit notifications
* [#8048] Better email subjects for merge request updates
* [#8157] Improvements to multiple commits in single notification
* [#8164] Merge requests should notify the submitter of changes HAS MIGRATION SCRIPT
* Handle repo's upstream fork being gone, rather than whole sidebar being blank
* Fix git merge requests to not update project last_updated when viewed.
* Show a root directory icon in the repo directory breadcrumbs too
* If a user can "write" to a MR but not "post" to it, still let them reject their MR
* Clarify a bit that a repo refresh is different than just refreshing the page
* Put the disabled attr on the merge button, not the icon within it
* Handle git 2.x output for last-commit detection
* Fix url encoding of diff urls
* Ensure markdown always gets unicode input (e.g. for rendering files from a repo)
* Fix encoding errors noticed in test.log when running tests with weird-chars.git repo
News:
* [#8167] errors when updating blog post, if feed item doesn't exist
Activity:
* [#8171] Changing your name should update your activity records
* [#8173] Empty activity pages have floating "1"
Wiki:
* [#8175] Better permission handling for non-existent wiki pages
Tickets:
* [#8177] Search bin counts include deleted items
* [#8178] Configurable invalidation delay for bin counts update
* Don't error on search_feed if ticket has unresolvable reporter
* Avoid errors on ticket search if filter=123 or =foo instead of json dict
Forum:
* Better labels & buttons for creating new forum
* Cache Thread.last_post, which avoids dupe queries when the prop is accessed frequently, e.g. in allura/templates/widgets/threads_table.html
* Include thread subject on spam check (for first post of forum threads)
Admin:
* [#8162] When purging a project, admin users missing audit log
* [#8174] Improve messaging around icon uploads
* Improve user skills interface:
* Allow subprojects within User-projects to be removed (since you can create them, after all)
* Fix positioning of Create project button
* Add username to admin user detail page title
* Provide convenience link on admin user detail page to remove all their projects
* Stronger delete tool messaging (since some people may use it while on an individual thread page)
For Developers:
* [#8161] Switch from React to Preact - or upgrade to React 16
* [#8168] Remove TreesDoc usage
* [#8179] Use PreferencesProvider for contacts and availability fields
* If an entry point is specified incorrectly, provide helpful error message and continue
* Flash message positioning moved CSS
* Add **kw to various @expose'd methods to avoid errors from extra url params
* Make merge instructions textarea height/width controllable by theme CSS
* Allow packages to have their own test.ini used automatically from their TestController tests
* Fix & clean up breadcrumbs link logic (loop scoping changed in jinja 2.9.x)
* Adds subnav to some account pages, allow explicit selection of current nav item
* Replace g.url usage with h.absurl; have it always use config.base_url so it works fine behind proxies, etc
* Adds extra content block for masthead, Adds optional textbox placeholders
* update jinja version; handle new jinja filter args and loop var scoping
* Add support for a size param in project_icon_srcs
* Tests can sometimes convert markdown in "0 seconds" making the caching not work, so use a slightly negative number
* Provide a AuthProvider hook to do things after login
* Release script: push single tag instead of all tags
Deployment & Configuration:
* Better bearer token https check; Unauthorized instead of Forbidden
* Provide a good index for last_post queries, so mongo won't ever pick the 'timestamp' index which can be very slow
* Config option to customize the default user avatar image
* Remove SF branding from default icon (on profile pages), allow overriding
* Upgrade docker-compose file to v2 format
* Replace forgemail.url with base_url
* Include Date header in email, instead of assuming mail service will add it
* Ticket custom fields that are "number" need to be indexed in solr as double, not int
* Optional support for much faster cchardet, used in really_unicode()
* Use nofollow on raw (download) and mode switching links, to reduce crawling within repos a little bit
Version 1.7.0 (June 2017)
New Features
* [#8143] Support hi-res logos
* Adds ability for neighborhood home to use Wiki home content
Upgrade Instructions
Run `pip install -r requirements.txt` to install updated dependencies
Bug Fixes & Minor Improvements
Security:
* [#8140] After password change, change current session id
* update Pypeline for .rst XSS fix
General:
* [#5867] Table display too wide, displaying very wide content in comments
* [#6016] Personal Contacts Remove button not working
* [#8120] CSS problem in help tooltip
* Allow for a lot more text in activity entries; do real truncation client-side
Code Repositories:
* [#7811] Coloring of long lines in diffs stops too early
* [#7814] Showing diffs for renamed files
* [#8144] When pushing multiple commits, email/rss list them backwards
* [#8142] Allow more configuration of types of checkout commands
* Remove unneeded broken icon link
Admin:
* [#7839] Failed to change permission of discussion
* [#7232] some unmoderated posts missing from in-line discussion view
* [#8021] Surface to spammy users to site admins
* [#8055] Moderate page has wrong params for next/prev page
* [#8073] Prevent pending users from being added to project ACLs
* [#8148] Error exporting with certain attachments
* Remove space in middle of URL that shows where a new tool will be installed at
* Fix broken export control link
Tickets:
* [#8059] Ticket search's dropdown filter choices should not show options from deleted tickets
* [#8150] Bulk edit change comment not shown as meta
* [#8154] Ticket searches not matching properly
* On new ticket page, hide helper text that was showing at bottom of page; regression from [#8145] most likely. Rules copied from jquery-ui.css which isn't included on that page
News:
* [#8112] Filter out comments from rss feeds
* Fix RSS updates to blog posts, when post has comments.
For Developers:
* [#8145] Minimize jquery ui JS
* [#8146] Index error with mongo 3.4
* [#8152] UnicodeDecodeError on svn tarball export's cleanup
* [#8153] Stronger no-cache headers
* Updates to installation (libffi-dev needed for cffi package if not installing from wheel)
* Some SVN errors have critical info after the "Unable to connect" lines (e.g. unreadable repo formats from a newer SVN versions), and should not be treated like an empty/missing dir
* Latest ubuntu requires locales pkg for locale-gen cmd
* Move "stylistic" rules from navbar.css to site_style.css so that different themes can more easily style the nav bar
* Remove unneeded backslashes
* Upgrade jquery.lightbox_me.js so it can work with jQuery 2 (no $.browser)
* Change the ForgeUserStats tests' git repos to be unique from each other so they can be run in parallel safely
* Update link to SVN patch for recursive repos
* Allow spam checks where artifact=None; text fixes; for [ca8b596]
* Update six to latest, to match with latest setuptools' six requirement
* Fix inner_grid for right_bar. Closing quote and variable scoping were wrong. Not used in core allura currently, so hadn't been a problem
* Removes neighborhood cache
* Avoid importer requests hanging indefinitely
* Better debugging with docker
Version 1.6.0 (December 2016)
New Features
* Multifactor authentication and recovery codes
* Add git-http docker container
* Per-thread subscriptions in discussion forums [#7981]
Bug Fixes & Minor Improvements
General:
* Specify python 2.7 and ubuntu 16.04 in docs
* [#6876] Handle revoked OAuth tokens for GitHub import
* [#8132] Fix comment threading when email In-Reply-To header isn't useful
* [#8125] Require password when confirming new email address
* Add rel=nofollow to links in user profiles
* Includes "seconds" in ago() helper
* Remove src="#" that was causing extra requests to the same page
* Fix iframe sanitization so that closing tag is okay, which had been putting closing tags in the wrong place
* Good text wrapping on project lists
* Remove weird notch from project list when project has award, and using 2 or 3 column display
Admin:
* [#8135] Improve admin categorization page
Code Repositories:
* [#5496] Git browse view stalls on "Loading commit details ..."
* [#8001] Error with git status "T" in a commit
* [#8131] refresh repo task uses wrong query
* Remove message about browser not supporting canvas
* Adds commit id to notification email subject
For Developers:
* [#8062] Naming of docker image is incorrect in docker-compose during initial build using git
* Update docker images, pysolr
* Update for newer `docker-compose logs` syntax
* Fix RAML syntax (queryRequired wasn't coming through as bool in the type def), other minor tweaks
* Split up pylint test into chunks that can be run with nose multiprocess; move pyflakes chunks into parallelized pattern
* Various other test improvements
* Remove requirements from setup.py
Version 1.5.0 (August 2016)
New Features
* [#3593] Add a guided tour after project registration
* [#8088] Design changes to Discussions
* Added project count and new design for neighborhood listing
* Design changes to list attachments. Added lightbox_me to view images
* Updated design of tool listing
* Added refresh commits button to merge requests
* Added emoji rendering via twemoji
Bug Fixes & Minor Improvements
General:
* [#4644] Don't whitelist form elements in markdown processing
* [#8006] Large timeline performance issue in activity stream
* [#8082] Rate limit artifact creation per-user NEEDS INDEX
* [#8094] Improve project creation UX
* [#8110] moderation queue items with long lines break layout
* Added optional parameter metalink in sendmail function that adds a view button in email clients
* Move help/fullscreen/preview icons on markdown editor to the right
* Fix how far lists inside comments can go; a proper fix for [#6248]
* Compressed PNG images losslessly using OptiPNG (-o6 -zm1-9)
* No rate limiting for anonymous user; on wiki page edit check perms before rate limit
* Whitelist posts for members of a project
Code Repositories:
* [#6409] CSS & JS on commit view missing
* [#7949] Better listing of files changed in a certain commit
* [#7965] Improve git/hg/svn endpoints for rest api
* [#8048] Better email subjects for merge request updates
* [#8078] Missing notification when using the one-click merge button
* [#8090] Show merge requests in sidebar, even if there are 0
* Added link items of owner column to filter by assigned_to
* Improve design of merge requests listing filter
* Fix for scm-ssh-key to be visible only if allow upload ssh key is true
* Speed up checking of newly forked repo (patterned after tarball, merge request pages)
* Use authored date instead of committed date in merge requests
Tickets:
* [#8087] Make Columns resizable in ticket table and ticket search
* [#8104] Skip creating metapost if list of changes is empty
* [#8106] tracker: can't reply to comment which was just moderated Approved
* [#8108] tracker markdown text editor handles end key incorrectly
Wiki:
* [#8071] Create wiki page button should work without admin access
* [#5194] For newly registered projects, don't send new wiki page email
Admin:
* [#7858] /categories URLs needs to use unique ids
* Don't error out when reindexing a post/thread that has been deleted
* Specify title for /nf/admin/new_projects page
API:
* [#8077] Add author profile picture information to the post inside response from the API
* [#8092] REST API for User Activity does not work due to missing attribute
For Developers:
* [#8040] Upgrade SimpleMDE and contribute our toggleCodeBlock
* [#8079] ensure_index command should not drop indexes
* [#8109] Reduce gridfs index creation
* Update copyright year.
* Adds a jinja block for specifying css classes on body element
* Remove modernizr and some unused related classes.
* Updated readme
* Minor updates to release script
* Do not buffer output from gunicorn (or taskd/mail containers that extend this one), useful when using print statements during dev
* Stop tracking ForgeGit/forgegit/tests/data/testgit.git/FETCH_HEAD file which changes values based on local machine when running tests
* Add a few helpful notes for Docker installation, move login info to Post-setup section so Docker installers see it too
Version 1.4.0 (April 2016)
Upgrade Instructions
To show a custom logo, update your .ini file with logo.* settings (see development.ini for examples)
To show custom header links, set global_nav in the .ini file
New Features
* [#7919] [#7920] New admin nav bar
* [#5940] Add options for site logo and links in header
* [#8023] [#8024] Site notification admin interface
* [#6662] [#8051] Add attachments to Export
* [#7987] Standardize fenced blocks in markdown
Bug Fixes & Minor Improvements
Code Repositories:
* [#8029] Submitter should be able to reject merge request
* [#8042] Better handing of tmp dirs during merge
* [#8072] Change "asked you to merge" text
* Remove .ts from list of known binary extensions; allow repo settings to override binary blacklist
* Encode username for git
Wiki:
* [#7998] Adding attachment to wiki loses your text changes
Tickets:
* [#7929] Enable voting on tickets by default
* [#8069] Ticket search error: undefined field assigned_to
* [#8061] Attachments not visible if ticket status is 'pending'
Blog:
* [#4153] RSS feed for blog should not show revisions or deleted posts
* [#8031] Show blog search box
Admin:
* [#7145] When deleting a tool, the solr call should be a bg task
* [#7682] Add confirmation dialog to award/awardgrant delete
* [#8020] Easy way to view all posts from a certain user, and flag as spam
* [#8033] create-allura-sitemap.py broken
* [#8037] Change "Label" admin option to "Rename"
* [#8057] Handle user-projects better in project delete form
* When deleting a user project, actually do it - not just disable the user
General:
* [#4849] Pages are more printer-friendly
* [#7978] Activity page fixes
* [#8003] Bugs in attachments to comments
* [#8005] Subprojects not checked for 'deleted' flag
* [#8010] Markdown editor does not load when url hash contains slashes
* [#8013] New Users should not be displayed in /u/wiki/home until email is verified
* [#8036] Update modal css (simple-flat-dark)
* [#8046] Don't duplicate titles on neighborhood pages
* [#8066] Don't error out on missing users
* Add login redirect to the nav "Log In" link
* better tool descriptions
For Developers:
* [#7907] Use standardized solr installation
* [#7921] Remove old tool configuration page
* [#8032] Set up primary emails for test users (paster setup-app)
* [#8034] Fire event for any menu changes
* [#8035] Finalize frontend eslint/jscs setup
* [#8038] Support mongo 3.x
* [#8039] Change jslint to use an npm tool instead of java
* [#8041] Update regexes to match DNS host rules better
* [#8044] API for current site notification
* [#8047] Akismet filter needs to send original metadata when reporting spam/ham
* [#8054] Remove Google Code importers
* Add audit log messages to disable_users.py script
* Docker fixes
* Add clear_user_data and from_username helper methods
* Add guardfile for livereload of frontend changes
* Delete bootstrap tasks instead of running them; 30-40% speedup in test run time
* new admin APIs, new _nav.json param
* remove AdminModal widgets, use JS directly
* remove sidebar_menu_widgets and admin_menu_widgets, using JS directly instead
* upgrade existing react code to 0.14
* better calculation of tool/subproject ordinal values when installing
Version 1.3.2 (December 2015)
Upgrade Instructions
To enable faster commit views, by skipping copy detection, update the development.ini file to set
scm.commit.git.detect_copies and scm.commit.hg.detect_copies to false.
New Features
* [#6797] Move API docs from sf.net wiki to RAML. Browse at https://forge-allura.apache.org/p/allura/rest-api-docs
* [#7922] Add "admin" section to the left sidebar of all tools
* [#7924] Update icon set to FontAwesome
* [#7999] Admin page to really delete projects
* [#8004] Cleaner project nav, tool icons removed
* [#7955] Add more formatting support to markdown editor
Security
* [#5694] Set max limit on limit param
* [#8011] Served SVG images can execute JS
Bug Fixes & Minor Improvements
Documentation:
* [#7957] Document how to run allura with gunicorn/uwsgi/mod_wsgi
* [#7995] Some docker config & doc improvements
Tickets:
* [#7911] Remove "bin" terminology from saved searches pages
Code Repositories:
* [#7403] [Allura|Bug] - Typo found in initial Git command description.
* [#7538] If diff is empty, it shouldn't show "empty file" [ss7532]
* [#7913] Handle parsing of the output from git 2.4.0+
* [#7925] Speed up diff processing with binary files
* [#7963] Speed up commit view by disabling copy detection with option
Blog:
* [#7822] Should not show draft blog post changes in activity stream
Wiki:
* [#7871] Send email notifiction on wiki page delete
Admin:
* [#7923] Left sidebar should show appropriate links when viewing tool options
General:
* [#7943] Limit the "_discuss" results from the tickets api.
* [#7948] Cursor position often wrong in new markdown editor
* [#7950] Markdown editor should have max height
* [#7970] Expand urlopen retry conditions
* [#7994] Fix comments split across two threads, not all comments showing
* [#8016] Dialog 'cancel' link in wrong place
Other:
* [#7946] Error setting channel in Chat's options
* [#7953] API endpoints error when using access_token as URL param
* [#7984] Fix layout at bottom of subscriptions page
* [#7990] Change link on new_projects admin page
* [#7997] image attachments visible on posts (replies) awaiting moderation
* [#8007] Broken icon images when running under gunicorn
* [#8014] Bug: removed upsert() method needed by TracWikiImporter
* [#7959] Need to set focus when phone validation overlay appears
* [#7960] clean_phone_number function is too eager to prepend 1-
* [#7969] Option to force phone validation language
* [#7979] Phone validation interfering with project import
* [#7991] Option to limit phone validation usage
For Developers:
* [#7976] JSX and ES6 support, via Broccoli toolchain
* [#8026] Remove jquery.file_chooser.js
* [#8027] Fix licensing of several files
* [#7964] test_merge_request_detail_view fails (intermittent)
* [#7980] Fix pep8 and pyflakes violations
* [#8015] Activitystream needs ming config option
* [#8028] Use virtualenv inside docker
Version 1.3.1 (August 2015)
Upgrade Instructions
To enable CORS headers for the rest APIs, use the cors.* settings in the development.ini file.
If you have your own .ini file, enable git tag & branch caching speedups by setting: repo_refs_cache_threshold = .01
New Features
* [#5943] Post-setup instructions
* [#6373] Document administrative commands
* [#7897] Live syntax highlighting for markdown editing
* [#7927] Allow CORS access to rest APIs
* [#7540] Ticket notifications should include links to attachments
Security
* [#7947] XSS vulnerability in link rewriting
* [#7942] In project admin - user permissions, removing a custom group needs to use POST
* [#7685] Subscribe/unsubscribe action should use POST
Bug Fixes & Minor Improvements
Tickets:
* [#4020] Date picker in milestone editor doesn't flip between months
Wiki:
* [#4802] Wiki edit link is not very discoverable
* [#7310] "Maximize" should stick
Code repositories:
* [#7873] Git branch & tag speedups -- NEEDS INI
* [#7894] Don't update merge request timestamps incorrectly
* [#7932] Fix pagination issue in the commit browser
* [#7899] Issue with downloading files from repo with spaces in name
* [#7906] Fix login check on ApacheAccessHandler.py
Forums:
* [#7880] Forums mail not getting sent that require moderation
* [#7930] Bug: viewing a thread updates project mod_date
Project Admin:
* [#7884] Move add/edit Features to Metadata section
* [#7885] Tooltip for project admin
* [#7898] Icon upload/edit is not clear
General:
* [#7803] Fix taskd_cleanup to search for right process name
* [#7889] Improve markdown logic for cached vs threshold limits
* [#7890] Neighborhood cache preventing saving admin changes
* [#7916] Error when handling user-profile URLs of users with invalid names.
* [#7928] Site admin search tables can overflow the page width
* [#7903] No mention about small letters in user registration
* [#7909] Use dashes when suggesting project shortnames
* [#7915] Move Allura installation instructions into the docs
For Developers:
* [#7809] Update install/docker to ubuntu 14.04
* [#7891] Remove zarkov integration code
Version 1.3.0 (June 2015)
Upgrade Instructions
* Run: cd Allura; paster script development.ini allura/scripts/trim_emails.py
New Features
Webhooks:
* [#4542] Implement webhooks
* [#7832] APIs to manage webhooks
* [#7829] Webhooks documentation
Merge requests:
* [#7830] One-click merge
* [#7865] Config options to disable one-click merge requests
* [#7866] Run can_merge in background, and cache results
* [#7882] Option to use a tmp dir for git ops on merge request view
* [#7872] Show markdown preview/help buttons for merge requests
Phone verification:
* [#7868] Phone verification system
* [#7881] Clean up phone numbers before using them
* [#7887] Better messaging for phone validation
Other:
* [#7806] Create a docker image for Allura
* [#7886] Config options to limit ticket & wiki page creation
* [#7840] Support Authorization header for OAuth
* [#7633] API for has_access
* [#6057] Adding an external link should be one step, not two
* [#7850] Ability to close discussion on a ticket
* [#6107] Disable email posting for the forum? [ss3579]
Security
* [#7786] Invalidate pwd reset tokens after email change
* [#7893] CSRF checks don't work on login
Bug Fixes & Minor Improvements
Tickets:
* [#6017] Should show attachment changelog when ticket gains an attachment
* [#5467] Create Issue Button Should Always Appear (Only possibly refer to an explanation for why it was disabled).
* [#7834] Bug: viewing a ticket updates its 'updated' date
* [#7874] UnicodeEncodeError on ticket attachment diff
Code Repositories:
* [#7837] Use repo directly instead of DiffInfoDoc
* [#7843] Handle quotes in filenames on commit view
* [#7857] Retry svnsync repo clone failures
* [#7825] Update "new commits" email template
* [#7836] Merge request shows 0 commits, if upstream has new commits
Wiki:
* [#7841] wiki code to not show delete authors.
User Profile:
* [#7072] User can't access personal subscriptions page [ss6565]
* [#7833] Trim emails before saving them to mongo NEEDS SCRIPT
Tools Configuration:
* [#7817] Replace "mount point" field with URL field, on tool creation forms
* [#7820] Validate URLs when configuring external link tool
Importers:
* [#7864] Error on google code import with paginated comments
* [#7854] Decode html entities in importers; and make taskd easier to debug
Activity Stream:
* [#7823] Commit activity is assigned to wrong person
* [#7082] Filter deleted, unmoderated, or spam artifacts from Activity Stream
* [#7888] has_activity_access/deleted error
Administration:
* [#7892] script/task to disable list users
For Developers:
* [#7827] Upgrade jQuery to latest version
* [#7835] Update theme for the documentation.
* [#7855] Upgrade docutils, Pygments and Babel, so docs can be built easily
* [#7869] During tests, apply patches only once
* [#7870] Clean up .ini files
Other:
* [#1731] Cannot delete a post, after deleting its parent
* [#7852] Don't update mod time when viewing artifact creates a cache
* [#7856] Error looking up user by email address when email is invalid
* [#7876] projects macro display_mode=list is missing CSS
Version 1.2.1 (February 2015)
Bug Fixes & Minor Improvements
* [#5726] RSS feed for discussion stopped 12/13/2012? [ss2637]
* [#6248] long lines in markdown lists get truncated on the right [ss4073]
* [#7772] Type text is splitted in more lines if separated by spaces in bulk edit
* [#7813] Handle uppercase in email address all the time
* [#7815] KeyError: 'name'
* [#7808] Check for wiki presence before importing it
* [#7831] Logout issue
Administration:
* [#7816] Show/manage user's pending status
* [#7821] More accurate audit logs when changing user's status
Performance:
* [#7824] Cache neighborhood record
For developers:
* [#7516] Timing may case test_set_password_sets_last_updated to fail
* [#7795] test_version_race fails occassionally
* [#7819] New email address lookup helpers fail on None
Version 1.2.0 (December 2014)
Upgrade Instructions
* Edit Allura/development.ini and set: activitystream.enabled = true
* Run: mongo allura scripts/migrations/030-email-address-_id-to-email--before-upgrade.js
* Run: mongo allura scripts/migrations/030-email-address-_id-to-email--after-upgrade.js
* Run (optional): mongo allura scripts/migrations/030-email-address-_id-to-email--cleanup.js
* Run: cd Allura; paster ensure_index development.ini
* Run: cd Allura; paster script development.ini ../scripts/migrations/031-set-user-pending-to-false.py
* Run: cd Allura; paster script development.ini allura/scripts/remove_duplicate_troves.py
New Features
* [#7097] New profile page design
* [#7156] Turn on activitystreams by default
* Admin page to search for projects
* Admin pages to search, view, and edit user details
* [#7524] User audit trail, for site admins
* [#7593] Allow site admins to add user audit entries
* LDAP improvements
* [#7409] Configurable max & min password lengths
* [#7432] Password expiration
* [#7451] Remember me option on login
* [#7372] Allow users to disable their own accounts
* [#2286] Ability to restrict tools per neighborhood
* [#4019] Add an easy way to filter ticket queries by open/closed without knowing Solr syntax
* [#4905] button to subscribe to a wiki
* [#7134] Added option to allow overriding repo clone URL
* [#7381] Google code importer should handle Apache-Extras/EclipseLabs projects
Removed functionality:
* [#1687] Remove pre-oauth API keys (use OAuth now)
* [#7013] Remove broken openid support
Bug Fixes & Minor Improvements:
* [#4602] Artifact links to closed tickets should have strikethrough
* [#4987] Artifact links within a tool should match within tool first
* [#4703] "Related" artifacts should indicate project/tool if referencing other project
* [#6305] Merge email notifications when possible
* [#7213] Discussion edit/reply non-functional in IE11 (at least)
* [#7378] RSS feeds shouldn't include comments held for moderation
* [#7679] project admin listings should not include disabled users
Users & Authentication:
* [#6677] User profile's list of projects is slow to build
* [#5414] Typo on user prefs page
* [#3815] return_to field not created in LoginForm
* [#7085] error on activity rss feed for users
* [#7164] Make activity widgets show 5 items if possible
* [#7410] Show more info in password recovery flow
* [#7436] /auth/preferences cleanup
* [#7452] Require an email address be verified before it is set as primary
* [#7480] Track last session info
* [#7484] OAuth app names don't need to be globally unique NEEDS ENSURE_INDEX
* [#7492] Clean up incomplete sentence in activity feed
* [#7523] Better to go to /auth/preferences after email addr verification
* [#7526] Fix mail headers in email verification email
* [#7527] Email address associations need better user associations NEEDS MONGO MIGRATION
* [#7543] Password recovery should not confirm email addr existance
* [#7545] return_to param should be validated for relative URLs
* [#7585] Require password entry for changes to email settings
* [#7635] Add autofocus to login form
* [#7636] Fix forgotten pwd link on login overlay
* [#7688] Redirect to password expiration page after login
* [#7704] Option to require email for user registration NEEDS MIGRATION
* [#7715] Handle + in email address url params
* [#7717] Better existing email addr handling
* [#7732] Be able to use secure cookies and SSLMiddleware
* [#7756] Ensure user always go to pwd expired form, when expired
* [#7759] After resetting pwd and logging in, don't redir back to pwd reset form
* [#7761] Disabling a user does not remove/disable his primary email
* [#7787] Ldap error when logging in with unicode in username or password
* [#7794] "Page Size" preference must actually affect pagination
* [#7799] Changing password should invalidate other sessions
Admin:
* [#5939] Missing icons on permission edit page
* [#6495] Screenshot admin UI improvements
* [#6834] Inconsistent display of new user in Permissions
* [#6949] Error on export: artifact ref and cleanup
* [#7014] Trove category editing improvements
* [#7075] Screenshot macro incorrectly includes text about sorting
* [#7275] Add users broken in IE11
* [#7293] Create Trove Category browse page
* [#7347] Add URL and comment fields to AwardGrant
* [#7351] When export control is True, it always records a change in the audit log
* [#7613] Integrate sortable.js to the new_projects page
* [#7675] Fix error when deleted permission group is still referenced
Code Repositories:
* [#5175] Merge requests should have a good <title>
* [#5176] Merge requests should show the date
* [#6164] Ability to edit merge requests
* [#6301] Track changes to merge requests
* [#6902] Merge request to branch list commits against master
* [#7295] Bigger text inputs for merge requests
* [#5472] JS spinner uses a lot of CPU
* [#5700] Replace "git branch --set-upstream" with "git branch --set-upstream-to"
* [#5769] Can't select code via double- or triple-click
* [#6764] Git test failures on 1.8.3
* [#7021] Handle pgp-signed git commits
* [#7051] 500 error with large number of repos
* [#7069] unable to view/process merge requests when fork is deleted
* [#7127] "Download snapshot" background too tall
* [#7207] git repos without master branch behave poorly
* [#7325] Uninitialized git repo allows forking.
* [#7333] svn web import tool breaks repos
Tickets:
* [#5948] Status on individual Milestone view always shows Open
* [#6019] List current user first in user-drop-downs
* [#4701] Add current ticket's milestone to email notification
* [#4981] Ticket voting buttons should only display if you have permission to vote
* [#7399] JS errors on ticket bulk edit prevent submission
* [#7495] 'url' missing on MovedTicket models
* [#7560] Avoid weird permissions when anonymous creates a private ticket
* [#7566] Milestone admin page can be very slow
Wiki:
* [#7528] XSS on wiki page and preview
* [#7107] Add confirmation to "Revert to Version" button
* [#7168] Markdown macro to load content from repository
* [#7202] Use https for youtube embed
* [#7353] Cannot delete wiki entries
* [#7294] "related" section header not aligned properly
* [#7647] Script to clean up, or code to handle, Dupe Key errors on wiki page_history
Blog:
* [#6930] Email notification for a blog post rename stating the opposite
* [#7218] Feedburner doesn't like Blog RSS feed
URL Shortener:
* [#7324] Fix incorrect div width on URL shortening tool
API:
* [#7208] DOAP API for projects
* [#7292] User profile API
* [#7267] Change TroveCategory event API
* [#7507] Project API errors on unicode screenshot name
* [#7508] Add project creation date to API
* [#7659] Allow tools to add fields to project json API
* [#7722] API for disabled users should 404
* [#7789] Return more fields in ticket API search results
Importers:
* [#7114] Make imports work on user projects
* [#7124] Validate Trac URLs before importing
* [#7111] Refactor tool importers to use target_app for g.entry_points
* [#7160] Trac-Tickets Importer Rejects URL Containing IP Address
* [#7177] Trac ticket error: astimezone() cannot be applied to a naive datetime
* [#7580] Ticket attachments aren't imported in Allura importer
* [#7801] Issues import from GitHub is broken
Administration:
* [#6561] Clean up setup-app output
* [#6701] Integrate allura authorization with Git/SVN (over HTTP)
* [#7128] Change SVN's browse commits graph to direct SCM access
* [#7163] Create read perms on ForgeActivity app - NEEDS MONGO CMD
* [#7214] Fix pytidylib install; admin page when tools not installed
* [#7224] Timermiddleware should measure mongo write ops too
* [#7277] Incubator graduation items
* [#7287] Update docs/scm_host.rst with info about ApacheAuthHandler.py
* [#7316] Review & update scm_host docs
* [#7309] add_project form lists all tools, including several that won't work
* [#7307] Broken handling of InvalidDocument: BSON document too large
* [#7513] Fixing imported wiki pages with slashes in titles
* [#7510] Test extracting Allura tickets for Apache move
* [#7582] Script to set up MovedTicket records for tickets we're moving to Apache
* [#7628] Clean up dupe trove categories / test_filtering fails occasionally NEEDS CMD
* [#7683] Make collection of birthdate configurable
* [#7800] Standardize IP addr lookup
Performance:
* [#7027] Cache /nf/tool_icon_css better
* [#7181] users_with_named_role should query for the name role only
* [#7185] project list macro makes unnecessary queries
* [#7186] Need index on artifact_feed (project_id, pubdate) NEEDS ENSURE_INDEX
* [#7199] filter projects in create-allura-sitemap.py
* [#7472] Thread view counts shouldn't trigger add_artifact tasks
* [#7562] Remove unnecessary monq_task 'args' index NEEDS ENSURE_INDEX
* [#7644] Make /nf/admin/new_projects faster
For developers:
* [#7802] Easier to make a custom theme based on main theme
* [#7401] Allow custom middleware
* [#7029] AuthProvider should be able to add routes to /auth/
* [#7154] Expand AdminExtension to support site-admin pages
* [#7130] Blob.next_commit and prev_commit should be removed
* [#7142] Better conditional around sending zarkov events
* [#7173] Improve auth docstrings
* [#7178] error with parallel tests: 'solr' is None
* [#7215] Test suite timing out
* [#7239] Update feedparser
* [#7260] Tests create trove categories unnecessarily
* [#7305] Document SCM code and merge repo.py into repository.py
* [#7329] Update ForeignIdProperty('User') for latest ming
* [#7579] Use sendsimplemail instead of sendmail in some cases
* [#7581] TestSVNRepo.test_log fails with svn 1.8
* [#7804] Use OAuth token for github project validation
* [#7805] Improve GitHubOAuthMixin
Version 1.1.0 (February 2014)
Upgrade Instructions
* Run ensure_index command
* 3rd party tools that do not use EasyWidgets will need {{lib.csrf_token()}} added to each <form>
New Features
* [#6777] Create a site-wide notification mechanism
* Improved activity stream display and events
* [#6694] Form to send message to a user
* [#6783] Create a process to reset forgotten passwords
* [#6804] API to install a tool
* [#6692] API for exports
* [#6692] Simpler oauth API via bearer tokens
* [#5475] Javascript not required for most forms any more
* [#5424] Provide instructions for running git/hg/svn services
* [#6896] Developer architecture docs
* [#4808] Factor out SourceForge-specific bits of Allura
Bug Fixes & Minor Improvements:
* Many fixes and improvements for GitHub, Google Code, Trac and Allura importers
Code Tools:
* [#7006] hide misleading message on Browse Commits page
* [#6796] Render all (not just readme) markdown files in repos
* [#6801] Options to parallelize last_commit_ids
* [#6826] Mass edit emails have invalid To: address
* [#6821] Change hg browser to get "last commit" info from hg instead of mongo (if ForgeHg installed)
* [#6894] SVN/Git refresh hooks fail for redirects
* [#6905] better code snapshot status UX
* [#6938] AttributeError on fork listing page
* [#6982] SCM views should parse user/email pairs better
* [#7022] UnicodeDecodeError on side-by-side diff text
* [#6111] remove markdown rendering of commit messages, keep artifact linking
* [#4671] Delete old-style LastCommitDoc code
* [#6603] Certain code snapshots take forever even to queue up
* [#6686] Change git browser to get "last commit" info from git instead of mongo
* [#6743] unicode paths in code browser 500 error
Tickets:
* [#6852] Maximize view for ticket lists
* [#6803] Labels should be set without hitting enter
* [#6893] Former team member unassigned from ticket on metadata update
* [#2778] Tickets: milestone names are bound once they are equal
* [#4812] Title field for new tickets mistaken as search bar
* [#5749] setting to specify a default milestone
* [#6088] Ticket search help open in new window
* [#6328] Use In-Reply-To: and References: headers for outgoing ticket emails
* [#6381] Allura tickets system intermittently discards replies to comments
* [#7047] ticket bulk_edit task sometimes doesn't call add_artifacts
* [#4429] ticket bulk-edit forcibly always sets all custom boolean fields to True
* [#6646] bulk edit to add labels
* [#6752] bulk edit to change "private" field
* [#6979] Bulk edit on some milestones with ":" gives empty set
* [#6906] Fatal error when replying to tracker item
User profile:
* [#6833] Choice of social networks should be configurable
* [#7062] Set first email address as 'primary' automatically
* [#6676] User profile page should show date joined
Discussion:
* [#7063] Add last_edited field to discussion REST API
* [#7065] Slow post queries happening on invalid URLs
* [#6864] Add spam button for comments
* [#6910] Emails with empty or missing From: should be treated as anonymous
* [#6917] User block list not stopping posts-via-email
* [#5182] prevent out-of-office replies to allura notifications
* [#6249] Use a stable Sender: header in email notifications
Wiki:
* [#4373] wiki diff incorrectly shows a lot of changes
Project admin:
* [#6848] Coalesce scripts/migrations/*trove*.py into command/create_trove_categories.py
* [#6865] Project admin for categories should be sorted
* [#6866] Audit trail adds fb & twitter values even if they don't change
* [#6795] TroveCategory.children is slow
* [#6889] possible XSS on /p/add_project/
* [#5502] Prevent adding certain tools multiple times
System/Misc:
* Cache markdown rendering results
* [#6971] Task manager can't set c.project for user-projects
* [#7009] /nf/tool_icon_css doesn't preserve https for URLs
* improved smtp_server error handling
* [#4091] ensure_index takes for ever looping over every single project
* [#4723] Don't link to user-project when Anonymous
* [#5330] taskd leaves defunct git processes around
* [#6713] Slow /auth/bare_openid?url=/user/registration
* [#6484] Move ForgeWiki mediawiki importer (GPL dep) into standalone importer - NEEDS CONFIGTREE
* [#7005] allura.tasks.repo_tasks.clone clobbers Project record
For developers:
* [#7028] severely stunted landing page html after vagrant install
* [#6393] Allow plugins to register new markdown macros
* [#6994] Test improvements/speedups
* [#6942] Make custom tool icons work properly
* [#7119] Add config switch to disable template overriding
* [#6714] Rename & move User.project_role()
* [#6716] __json__ should return plain dicts
* [#6388] Tool to inspect performance, particularly between commits
Version 1.0.1 (October 2013)
Upgrade Instructions
* Run ensure_index command
* Add bulk export and importer_upload_path INI settings (see development.ini)
New Features
* [#6422] Added release script and DISCLAIMER, cleaned up NOTICE, LICENSE, and README files
* Added GitHub importers for Project, Code, Wiki, and Tickets
* Added Tickets importer for Google Code
* Added Allura exported Tickets importer
* [#3154] Allura data export
Bug Fixes & Minor Improvements:
* Improvements to importer infrastructure
* Additions to Tracker API
* Fixes for Trac importer
* Performance improvements for code snapshots
* [#5561] Maximize view for wide code files
* [#5775] Allura Code Viewer: provide "copied from" link in history view
* [#6284] Allura Code Viewer: show SVN revision in commit browser
* [#6626] Regression: SVN urls don't default to HEAD revision
* [#6629] "list index out of range" error on git _iter_commits_with_refs
* [#6695] timeout & loop detection in LCD logic
* [#6529] Login overlay
* [#4595] Revisions to /nf/admin/new_projects
* [#5966] Script to move wiki
* [#6100] URL-Redirection for moved tickets
* [#6392] Per tool user bans
* [#6431] Upgrade to ming 0.4.x to avoid extraneous count() queries
* [#6539] Timeouts on approving moderated comments [ss4838]
* [#6545] Show forum stats graph
* [#6604] IE9 json parsing vulnerability
* [#6654] Tracker stats template error
* [#6685] add faulthandler to smtp_server
* [#6699] Provide a way to add additional Timers to AlluraTimerMiddleware
Version 1.0.0 (August 2013) (unreleased)
* Initial ASF Incubation release