RhodeCode Enterprise 3.0.0 Release Notes¶
As RhodeCode Enterprise 3.0 is a big release, the release notes have been split into the following sections:
General¶
- Released 2015-01-27
- Basic Subversion support added
- GPLv3 components removed
- Server/Client architecture for VCS systems created
- Python 2.5 and 2.6 support deprecated
- Server info pages now show gist/archive cache storage, and also CPU/Memory/Load information.
- Added new bulk commit (changeset) status comment form into compare view which enables bulk code-reviews without opening a pull-request.
- License checks and limits now only apply to active users.
- Removed CLI command for repository scans as it can be done via an API call.
- VCS backends can be globally enabled/disabled from the
rhodecode.ini
file.- Added a UI option to set default rendering to rst or markdown.
- Added syntax highlighting to 2 way compare diff.
- Markup rendering can now render checkboxes for easy checklists generation.
- Gravatars are now retina ready.
- Admins can define custom CSS or JavaScript in the header or footer via new pre/post code options.
- Replaced
graph.js
withcommits-graph.js
html5 implementation.- Added editable owner field for repository groups, and user group.
- Added an option to detach/delete user repositories when deleting users from the system.
- Added a Supervisor control page that shows status of processes.
- User admin grid can now filter by username OR email.
- Added personal repository group link for easier fork creation.
- Added support for using subdirectories when creating and uploading new files.
- Added option to rename a file from the web interface.
- Added arrow key navigation to file filter and fixed the back button behaviour.
- Added fuzzy matching to file filter.
- Added functionality to create folder structures along with files when adding content via the web interface.
- Separated default permissions UI into global, user, or object permissions management.
- Added an inheritance flag to object permissions which allows for explicit permissions which disregard global permissions.
- Added post create repository group hook.
- Added trigger push hooks on online file editor.
- Added default title for pull request.
- More detailed logs during Authentication.
- More explicit logging when permission checks occur.
- Switched the implementation of Git
fetch clone pull checkout
commands to pure Python without any subprocess calls.- Introduced the
rcserver
command for custom development.- Added the ability to force no cache archived via the
GET no_cache
flag
Security¶
- CSRF (Cross-Site Request Forgery) tokens now in all pages that use forms.
- The
clone_url
field is now AES encrypted inside the database.- ACLs (Access Control Lists) are checked on the gist edit page for logged in users.
- New repository groups and repositories are created with 0755 permissions and not not 0777.
- Explicit RSS tokens are used for the RSS journal, when leaked, limits access to RSS only.
- Fixed XSS issues when rendering raw SVG files.
- Added force password reset option for users.
- IP list now accepts comma-separated values, and also ranges using - to specify multiple addresses.
- Added
auth tokens
, these authentication tokens can be used as an alternative to passwords.- Added roles (
http, api, rss, all, vcs
) into authentication tokens (previously calledapikeys
).- LDAP Group Support added.
- Added JASIG CAS auth plugin support.
- Added a plugin parameter that defines if a plugin can create new users on the fly.
API¶
- Added permissions delegation when creating repositories or repository groups.
- Added
strip
support for Mercurial and Git repositories.- Added comments API for commits.
- Added add/remove methods for extra fields in repositories.
get_*
calls now usepermission()
andpermission_user_group()
methods for unified permissions structure.get_repo_nodes
information sending has changed and is no longer a boolean flag, it’s nowbasic
orfull
.- Due to configurable backends
repo_type
is now mandatory parameter for thecreate_repo
call.
Performance¶
- Significant performance improvements across all application functions.
- HTTP Authentication performance enhancements.
- Added a
scope
variable to the permissions fetching function which improves building permission trees in large amounts by a factor of 10.- Implemented caching logic for all authentication plugins. The
AUTH_CACHE_TTL = <int>
property now allow you to set the cache in seconds.
Pull Requests¶
- Pull requests can be now updated and merged from the web interface
- Fixed creating a Mercurial pull request from a bookmark.
- Forbid closing pull requests when calculated status is different that the approved or rejected version.
- Properly display calculated pull request review status on listing page.
- Disable delete comment button if pull request is closed.
Gists¶
- New UI based on grids with filtering.
- Super-admins can see all gists.
- Gists can now be created with a custom names.
Search¶
- New API based indexer.
- Added the ability to create size limits for indexed files.
- Added a new mapping configuration file which gives a very high level of flexibility when creating full text search.
Fixes¶
- General: fixed issues with dependent objects, such as
users
inuser groups
. Cleaning up these dependent objects is now done in a safe way.- General: deleting a
user group
from settings > advanced will use force removal and cleanup from all associations.- General: fixed issue with filter proxy middleware it’s now more error prone.
- General: fixed issues with unable to create fork inside a group.
- General: fixed bad logic in
ext_json
lib, that checked bool on microseconds, in case it was 0 bool it returned False.- General: authors in annotation mode shows authors of current source, not from all history (that is in normal mode)
- Permissions: fix issue when inherit flag for user group stopped working after initial permissions set.
- Git: fixed shallow clones.
- Git: added
\n
into the service line of Git protocol. It is in the specifications and some python clients require this.- Mercurial: fix thread safety for mercurial
in-memory
commits.- Windows: fixed issue with shebang and env headers.
- MySQL: fixed database fields with 256 char length with added indexes. Mysql had problems with them.
- Database: fixed bad usage of matching using
ILIKE
. Previously it could happen that if you hadmarcin_1@rhodecode.com
andmarcin_2@rhodecode.com
emails, usingmarcin_@rhodecode.com
would match both.- VCS: fixed issues with double new lines on the commit patches.
- VCS: repository locking now requires write permission to repository. If we allowed locking with read, people can lock repository without an option to unlock it.
- Models: removed the
isdigit
call that can create issues when names are actually numbers on fetching objects.- Files: Fix bug with show authors in annotate view.
- Hooks: truncate excessive commit lists on
post_push
hook.- Hooks: in Git, support added to set the default branch if it is not
master
.- Notifications: now can be marked as read when you are not admin.
- Notifications: marking all notifications as read will hide the counter.
- Frontend: fixed branch-tag switcher multiple ajax calls.
- Repository group: repository group owners can now change group settings even if they don’t have access to top-level permissions.
- Repositories: if you set
Fork of
in advanced repository settings it will now only show valid repositories with the same type.