## 2.5.0 / 2013-03-06
* Prevent Object methods from being called on drops
* Avoid symbol injection from liquid
* Added break and continue statements
* Fix filter parser for args without space separators
* Add support for filter keyword arguments
Since 2.2.3.1-beta
------------------
bugfix: Search in a member does not find file contents.
bugfix: Click on "search everywhere" does not find file contents.
bugfix: Groups listed alphabetically in the Administration Panel.
bugfix: Monthly view calendar print shows empty calendar.
bugfix: Improvements in performance of overview widgets.
bugfix: Timeslots are not reclassified reclassifying tasks.
bugfix: Cannot delete members if it has objects.
bugfix: Member deletion does not clean all related tables.
bugfix: Only managers or superior roles can change other user passwords.
bugfix: Several missing langs and undefined variables warnings clean.
bugfix: Db error when adding two workspaces with the same name.
bugfix: Quick add files - all radio buttons can be selected.
system: Russian translations updated.
Since 2.2.2
----------------
bugfix: Owner company cannot be classified.
bugfix: Task list group by user fix.
bugfix: Add pdf and docx files to searchable objects.
bugfix: js managers bugfixes.
bugfix: Cannot edit/delete mails from deleted accounts.
bugfix: Error in tasks reports when ordering by 'order' column.
bugfix: Fixes in migration from 1.X of custom properties.
usability: Reports can be edited to allow execution in every context.
usability: Performance improved in tasks list.
usability: Users are filtered by permissions in 'People' dimension when filtering by a workspace.
usability: Contacts are filtered in 'People' dimension when filtering by a workspace if they belong to the workspace.
system: Portuguese language updated.
Since 2.2.1
----------------
bugfix: logged_user fix when classifying attachments
bugfix: go back instead of redirect when editing file properties.
bugfix: chmod after mkdir when repository file backend creates directory
bugfix: Several template instatiation fixes
bugfix: mail classification bugfix
bugfix: allow to classify mails in workspaces,tags
bugfix: administration/users: 10 users per page fix
bugfix: do not use objects in estimated-worked widget, use raw data for better performance
bugfix: language fixes
bugfix: cannot use assigned_to combo when adding tasks in ie
bugfix: ie compatibility fix in calendar toolbars
bugfix: enable/disable cron events for calendar export/import when adding/deleting accounts
bugfix: html tags in task tooltip description at calendar
bugfix: cvs export prints html tags
bugfix: users with can_manage_security cannot manage groups
bugfix: view week calendar views don't show tasks all days if task starts or ends in another week
bugfix: dont show timeslots of other users if cannot see assigned to other's tasks
bugfix: ext buttons hechos a lo chancho
bugfix: patch if not exists function array_fill_keys (para php < 5.2)
bugfix: break large words in task description
bugfix: administrator cannot log in to admin panel when asking for credentials
bugfix: cannot edit file after uploaded from object picker
bugfix: getTimeValue when 12:XX AM
bugfix: bugfix in custom reports with boolean conditions on custom properties
bugfix: admin users paging fix
bugfix: migration companies comments fix
Since 2.2.1-rc
----------------
bugfix: Cannot manage plugins if no super admin.
bugfix: Reports were not grouping unclassified objects.
bugfix: Reports grouping misses a group.
bugfix: Fixed findById function in ContentDataObjects.
bugfix: Fixed Email plugin installation.
bugfix: Fixed translations for dimension names.
bugfix: Error with company logo when sending notifications.
bugfix: Time report fix when selecting custom dates and listing paused timeslots.
bugfix: Fix when getting plugin's javascript translations.
Since 2.2
----------------
bugfix: Calendar monthly view bugs with repeating events.
bugfix: Permissions system fix.
bugfix: Projects appear in object picker.
bugfix: language fixes (en_us, es_la, es_es).
bugfix: Error in calendar when user has timezone=0.
bugfix: Formatted tasks description and notes content does not shows italics and quotes when viewing.
bugfix: Compressing files does not create compressed file in the current context.
bugfix: Sometimes can subscribe users with no permissions to the object.
bugfix: Activity widget bug with general timeslots.
bugfix: Error when selecting default workspace in mail account edition.
bugfix: User types are not transalted.
bugfix: Prevent double generation of tasks when completing a repetitive task instance (double click on complete link).
bugfix: CSV export fixes at Total tasks times report.
usability: Create events according the filtered user.
usability: Config option to show tab icons.
usability: Config option to enable/disable milestones.
* Change the :ignore_crawl_delay option to a handler option :crawl_delay.
* Merge back the previous change to the source file.
* Remove Gemfile.lock.
* Add the ability to externalize the enforcement of the robots.txt Craw
jasonhowes authored a month ago.
* Migrate from jeweler to bundle gem.
=== unicorn 4.6.2 - HTTP parser fix for Rainbows! / 2013-02-26 02:59 UTC
This release fixes a bug in Unicorn::HttpParser#filter_body
which affected some configurations of Rainbows! There is
also a minor size reduction in the DSO.
=== unicorn 4.6.1 - minor cleanups / 2013-02-21 08:38 UTC
Unicorn::Const::UNICORN_VERSION is now auto-generated from
GIT-VERSION-GEN and always correct. Minor cleanups for
hijacking.
=== unicorn 4.6.0 - hijacking support / 2013-02-06 11:23 UTC
This pre-release adds hijacking support for Rack 1.5 users.
See Rack documentation for more information about hijacking.
There is also a new --no-default-middleware/-N option
for the `unicorn' command to ignore RACK_ENV within unicorn
thanks to Lin Jen-Shin.
There are only documentation and test-portability updates
since 4.6.0pre1, no code changes.
=== unicorn 4.6.0pre1 - hijacking support / 2013-01-29 21:05 UTC
This pre-release adds hijacking support for Rack 1.5 users.
See Rack documentation for more information about hijacking.
There is also a new --no-default-middleware/-N option
for the `unicorn' command to ignore RACK_ENV within unicorn.
3.2.7
* The index and zip functions now work like all other list functions and treat
individual values as single-element lists.
* Avoid stack overflow errors caused by very long function or mixin argument
lists.
* Emit relative paths when using the --line-comments flag of the sass
executable.
* Fix a case where very long numbers would cause the SCSS parser to take
exponential time.
3.2.6
* Support for Rubinius 2.0.0.rc1. All tests pass in 1.8 mode. 1.9 mode has
some tests blocked on Rubinius issue 2139.
* Support for JRuby 1.7.2.
* Support for symlinked executables. Thanks to Yin-So Chen.
* Support for bubbling @supports queries in the indented syntax.
* Fix an incorrect warning when using @extend from within nested @media
queries.
* Update the bundled version of listen to 0.7.2.
== 0.12.1 / 2013-02-19
* Minor Enhancements
* Update Kramdown version to 0.14 (#744, #808)
* Test Enhancements
* Update Rake version to 10.0.3 (#744)
* Update Shoulda version to 3.3.2 (#744)
* Update Redcarpet version to 2.2.2 (#744)
== 0.12.0 / 2012-12-22
* Minor Enhancements
* Add ability to explicitly specify included files (#261)
* Add --default-mimetype option (#279)
* Allow setting of RedCloth options (#284)
* Add post_url Liquid tag for internal post linking (#369)
* Allow multiple plugin dirs to be specified (#438)
* Inline TOC token support for RDiscount (#333)
* Add the option to specify the paginated url format (#342)
* Support Redcarpet 2 and fenced code blocks (#619)
* Better reporting of Liquid errors (#624)
* Bug Fixes
* Allow some special characters in highlight names
* URL escape category names in URL generation (#360)
* Fix error with limit_posts (#442)
* Properly select dotfile during directory scan (#363, #431, #377)
* Allow setting of Kramdown smart_quotes (#482)
* Ensure front-matter is at start of file (#562)
[866c9cd | 2013-02-21 12:21:46 UTC] Michael Fellinger <m.fellinger@gmail.com>
* Version 2013.02.21
[aa22191 | 2013-02-21 12:21:16 UTC] Michael Fellinger <m.fellinger@gmail.com>
* update dependencies
[1a2ee39 | 2013-02-07 00:10:01 UTC] Michael Fellinger <m.fellinger@gmail.com>
* Version 2013.02
[64ca67a | 2013-01-29 23:34:26 UTC] Michael Fellinger <m.fellinger@gmail.com>
* don't do CI for REE, it's not supported anymore, add rbx and jruby 1.9
[079975c | 2013-01-29 21:57:39 UTC] Yorick Peterse <yorickpeterse@gmail.com>
* Preserve values when calling render_full.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[a90d3f9 | 2013-01-29 21:53:16 UTC] Yorick Peterse <yorickpeterse@gmail.com>
* Fix for generting URLs using anchor().
Instead of always appending "?" to the URL the anchor() method should only do
so when there actually is a query string.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[d2aeb7f | 2013-01-29 21:17:08 UTC] Yorick Peterse <yorickpeterse@gmail.com>
* Caching of provides and method arities.
Caching of a controller's provide handlers as well as the method arities can
lead to a nice performance boost of around 300 transactions/second using the
following benchmark:
require 'innate'
Innate.middleware :live do
run Innate.core
end
Innate::Log.level = Logger::ERROR
Innate.options.mode = :live
ENV['RACK_ENV'] = 'none'
class MainController
Innate.node('/', self)
def index
return 'index'
end
end
[:fast_mappings, :cache_provides, :cache_method_arities].each do |key|
MainController.ancestral_trait[key] = true
end
Innate.start(:adapter => :thin)
Benchmarking this was done by running `siege -c 10 -t 5s -b HOST` and would
initially result in around 1700 trans/sec. When using this commit this sits
between 2000/2100 trans/sec.
To prevent any potential issues the caching of provides and method aritites is
disabled by default.
See Github issue #7 for more information.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[06dd4c5 | 2013-01-29 18:25:49 UTC] Yorick Peterse <yorickpeterse@gmail.com>
* Revert action caching.
Instead of caching the entire action instance (which is modified further down
the chain) various parts that make up this process will be cached instead
(where possible).
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
[32440b0 | 2013-01-15 18:38:41 UTC] Michael Fellinger <m.fellinger@gmail.com>
* prevent memory leak from action caching
[040d084 | 2013-01-15 18:37:19 UTC] Michael Fellinger <m.fellinger@gmail.com>
* clean up LRUHash a bit
[a136a72 | 2013-01-14 20:06:22 UTC] Michael Fellinger <m.fellinger@gmail.com>
* build middleware only once
[8aea7cb | 2013-01-14 18:31:37 UTC] Yorick Peterse <yorickpeterse@gmail.com>
* Only compile middleware for the current mode.
Signed-off-by: Yorick Peterse <yorickpeterse@gmail.com>
* Add and Update PKG_OPTIONS related to storage backend.
- squid-backend-null: "null" type of storage backend had been deperecated.
- Add squid-backend-rock.
- Revive squid-backend-aufs.
Bump PKGREVISION.
Version 0.10
~~~~~~~~~~~~
Released on 2013-03-11.
* Add the ``FREEZER_DESTINATION_IGNORE`` configuration
(Thanks to Jim Gray and Christopher Roach.)
* Add the ``FREEZER_RELATIVE_URLS`` configuration
* Add the :func:`relative_url_for` function.
Django 1.5 introduces support for a configurable User model. The basic Django User model is still around, of course, but now there's first-class support for specifying your own model and having Django's auth system make use of it.
Django 1.5 is the first Django release with support for Python 3 (specifically, Python 3.2 and newer). Python 3 support is still considered experimental -- largely because it hasn't received as much real-world testing as we'd like -- but a Python 3 porting guide is available if you'd like to give it a try, and we will be considering Python 3 compatibility bugs to be blockers for future releases.
Of course, if you're still comfortable with Python 2, Django continues to offer support for that just as we always have -- though note that the minimum version for Django 1.5 is Python 2.6.5, and Python 2.7.3 or newer is strongly recommended.
Django's documentation has also gotten some pretty significant work; the main documentation page has had a bit of a facelift to make things easier to find, the existing tutorial got some refurbishing, and several new tutorials -- including some more advanced topics, like writing an app you can reuse in multiple projects -- have been added. And the documentation for class-based views has been significantly expanded, which should make this feature a lot easier to understand and take advantage of.
== Changes
Please note that this release includes a few potentially breaking changes.
Of particular note are:
* SessionHash is no longer a Hash sublcass
* Rack::File cache_control parameter is removed in place of headers options
Additonally, SPEC has been updated in several areas and is now at 1,2.
A new SPEC section was introduced that provides two server-optional IO hijacking
APIs. Further information on these APIs will be made available by the community
in good time. In the mean time, some information can be found in the original
pull request: https://github.com/rack/rack/pull/481
* January 21st, 2013: Thirty third public release 1.5.0
* Introduced hijack SPEC, for before-response and after-response hijacking
* SessionHash is no longer a Hash subclass
* Rack::File cache_control parameter is removed, in place of headers options
* Rack::Auth::AbstractRequest#scheme now yields strings, not symbols
* Rack::Utils cookie functions now format expires in RFC 2822 format
* Rack::File now has a default mime type
* rackup -b 'run Rack::File.new(".")', option provides command line configs
* Rack::Deflater will no longer double encode bodies
* Rack::Mime#match? provides convenience for Accept header matching
* Rack::Utils#q_values provides splitting for Accept headers
* Rack::Utils#best_q_match provides a helper for Accept headers
* Rack::Handler.pick provides convenience for finding available servers
* Puma added to the list of default servers (preferred over Webrick)
* Various middleware now correctly close body when replacing it
* Rack::Request#params is no longer persistent with only GET params
* Rack::Request#update_param and #delete_param provide persistent operations
* Rack::Request#trusted_proxy? now returns true for local unix sockets
* Rack::Response no longer forces Content-Types
* Rack::Sendfile provides local mapping configuration options
* Rack::Utils#rfc2109 provides old netscape style time output
* Updated HTTP status codes
* Ruby 1.8.6 likely no longer passes tests, and is no longer fully supported
* January 28th, 2013: Thirty fourth public release 1.5.1
* Rack::Lint check_hijack now conforms to other parts of SPEC
* Added hash-like methods to Abstract::ID::SessionHash for compatibility
* Various documentation corrections
* February 7th, Thirty fifth public release 1.5.2
* Fix CVE-2013-0263, timing attack against Rack::Session::Cookie
* Fix CVE-2013-0262, symlink path traversal in Rack::File
* Add various methods to Session for enhanced Rails compatibility
* Request#trusted_proxy? now only matches whole stirngs
* Add JSON cookie coder, to be default in Rack 1.6+ due to security concerns
* URLMap host matching in environments that don't set the Host header fixed
* Fix a race condition that could result in overwritten pidfiles
* Various documentation additions
Docs: document ConnOpener::swanSong() better
Bug 3329: Quieten orphan Comm::Connection messages
Sync TESTDIR names used by testCoss and testUfs with testRock changes.
MacOS: reduce the testRock unit test UDS path
Bug 3720: SourceLayout: shuffle fd_table definition into fde.h
Bug 3794: MacOS: workaround compiler errors and case-insensitivity
Polish debugs in cacheability test
Bug 3753: Removes the domain from the cache_peer server pconn key
Bug 3781: Proxy Authentication not sent to cache_peer
Bug 3763: diskd Error: no filename in shm buffer
Solaris: Fix xstrto*() function linkages
Mentioned creation of diskers in cache_dir rock documentation.
Fix coverity scan issue 740457: unsecure temporary file creation
Bug 3686: cache_dir max-size default fails
Bug 3752: objects that cannot be cached in memory are not cached on disk if cache_dir max-size is used.
Upstream changes:
1.101 Sat Jul 21 15:01:20 PDT 2012
- Fix typos and formatting
- Mention CGI variables ala PEP 333
1.10 Fri Mar 9 08:46:27 PST 2012
- Released as PSGI 1.1
1.09_3 Wed Jun 22 13:48:31 PDT 2011
- Separated extensions into PSGI::Extensions
- Added psgix.harakiri and psgix.harakiri.commit
- Updated terminology section
- Clarified that body should be encoded byte strings and do not contain wide characters
- Clarified that header values must be defined
1.09_2 Tue Jun 7 15:21:47 PDT 2011
- Fixed a dumb mistake about allowed characters in header values
- Updated FAQ document
- psgi.input MUST have seek() only if psgix.input.buffered is true
1.09_1 Mon Mar 28 11:35:44 PDT 2011
- 1.1 beta
- Upped psgi.version to be [1,1]
- Lots of grammar and style fixes
- Removed poll_cb from writer spec
- Streaming interface now SHOULD be implemented, rather than MAY
- Promoted psgi.streaming, nonblocking and run_once keys to be MUST
- Added psgix.logger and psgix.session extensions
- Updated FAQ
Upstream changes:
0.028 2013-03-05 14:11:57 America/New_York
[SUPPORT]
- Fix repository/issue links to reflect proper repo name
0.027 2013-03-05 12:02:58 America/New_York
[SUPPORT]
- Changed metadata to point to the chansen github repository
for code and issues
[DOCUMENTATION]
- Added hyperlink for HTTP::CookieJar
0.026 2013-03-04 22:53:39 America/New_York
[ADDED]
- Added cookie support if an HTTP::CookieJar object is provided in the
'cookie_jar' attribute [Edward Zborowski]
0.025 2012-12-26 12:09:43 America/New_York
[ADDED]
- Agent string appends default if it ends in a space, just like LWP
[Chris Weyl]
0.024 2012-10-09 20:44:53 America/New_York
[ADDED]
- SSL connections now auto-retry I/O after SSL renegotiation [Alan
Gardner]
[FIXED]
- User-specified CA bundles take precedence over Mozilla::CA [Alan
Gardner]
[PREREQS]
- SSL support now requires Net::SSLeay 1.49 or greater to support
auto-retry [Mike Doherty]
- Downgraded IO::Socket::SSL and related prereqs to 'suggests' again
0.023 2012-09-19 09:55:46 America/New_York
[PREREQS]
- IO::Socket::SSL and related prereqs changed to 'required' for dev
release to get better failure diagnostics from CPAN Testers
[TESTING]
- Skip live SSL testing unless IO::Socket::SSL 1.56+ installed
Upstream changes:
MediaWiki 1.20.3
This is a security and maintenance release of the MediaWiki 1.20 branch.
Changes since 1.20.2
New preference type - 'api'. Preferences of this type are not shown on Special:Preferences, but are still available via the action=options API. (Unbreaks MLEB.)
(bug 44010) Context is passed to UserGetLanguageObject.
The recursion guard on RequestContext::getLanguage() was weakened.
(bug 40585) Don't drop 'step="any"' in HTML input fields.
(bug 44024) Fixed problems in ObjectCache when using XCache.
(bug 44010) FauxRequest leaked cookie data from primary request.
(bug 44135/bug 42441) Pass '2' instead of 'true' to CURLOPT_SSL_VERIFYHOST
(bug 43518) API action=unblock should return the user name, not the full user object
(Bug 45355) Prevent read of arbitrary files through mwdoc-filter.php
Drupal 7.21, 2013-03-06
-----------------------
- Allowed sites using the 'image_allow_insecure_derivatives' variable to still
have partial protection from the security issues fixed in Drupal 7.20.
Packages Collection.
The Zend Optimizer+ provides faster PHP execution through opcode caching and
optimization. It improves PHP performance by storing precompiled script
bytecode in the shared memory. This eliminates the stages of reading code from
the disk and compiling it on future access. In addition, it applies a few
bytecode optimization patterns that make code execution faster.
Provides a CAPTCHA for Python using the reCAPTCHA service. Does not require
any imaging libraries because the CAPTCHA is served directly from reCAPTCHA.
Also allows you to securely obfuscate emails with Mailhide.
*) Feature: $connections_active, $connections_reading, and
$connections_writing variables in the ngx_http_stub_status_module.
*) Feature: support of WebSocket connections in the
ngx_http_uwsgi_module and ngx_http_scgi_module.
*) Bugfix: in virtual servers handling with SNI.
*) Bugfix: new sessions were not always stored if the "ssl_session_cache
shared" directive was used and there was no free space in shared
memory.
Thanks to Piotr Sikora.
*) Bugfix: multiple X-Forwarded-For headers were handled incorrectly.
Thanks to Neal Poole for sponsoring this work.
*) Bugfix: in the ngx_http_mp4_module.
Thanks to Gernot Vormayr.
