RhodeCode Enterprise 4.26.0 Release Notes#
Release Date#
2021-08-06
New Features#
General#
Caches: introduce invalidation as a safer ways to expire keys, deleting them are more problematic.
Caches: improved locking problems with distributed lock new cache backend.
Pull requests: optimize db transaction logic. This should prevent potential problems with locking of pull-requests that have a lot of reviewers.
Pull requests: updates use retry logic in case of update is locked/fails for some concurrency issues.
Pull requests: allow forced state change to repo admins too.
SSH: handle subrepos better when using SSH communication.
Security#
Drafts comments: don’t allow to view history for others than owner.
Validators: apply username validator to prevent bad values being searched in DB, and potential XSS payload sent via validators.
Performance#
SSH: use pre-compiled backends for faster matching of vcs detection.
Routing: don’t check channelstream connections for faster handling of this route.
Routing: skip vcsdetection for ops view so they are not checked against the vcs operations.
Fixes#
Permissions: flush all users permissions when creating a new user group.
Repos: recover properly from bad extraction of repo_id from URL and DB calls.
Comments history: fixed fetching of history for comments
Pull requests: fix potential crash on providing a wrong order-by type column.
Caches: report damaged DB on key iterations too not only the GET call
API: added proper full permission flush on API calls when creating repos and repo groups.
Upgrade notes#
Scheduled release 4.26.0.