issues (CVE-2008-1474, CVE-2008-1475). Changes since 1.1.2:
- Make URL matching code less matchy.
- Try to clarify mail_domain config setting.
- Add use of username/password stored in ~/.netrc in mailgw.
- 'Make a Copy' failed with more than one person in nosy list.
- xml-rpc security checks and tests across all backends.
- Send a Precedence header in email so (well-written) autoresponders don't.
- Fix mailgw total failure bounce message generation (thanks Bradley Dean).
- Fix for postgres 8.3 compatibility (and bug).
- Fix for translations.
- Fire reactors after file storage is all done.
- Allow negative ids other than -1 for item generation.
- Better German translation for retiring users.
- More improvements to German translation.
- Add filter() to XML-RPC interface.
- Fix IndexError when there are no messages to an issue.
- Prevent broken pipe errors in csv export.
- New session API and cleanup thanks anatoly t.
- Make WSGI handler threadsafe.
- Improved URL matching RE.
- Allow binary file content submission via XML-RPC.
- Don't run old code on newer database.
- Fix HTML injection into page title
- Fix indexer handling of indexed Link properties.
- Security fixes (thanks Roland Meister).
- New config option in mail section: ignore_alternatives allows to
ignore alternatives besides the text/plain part used for the content
of a message in multipart/alternative attachments.
- Admin copy of error email from mailgw includes traceback (thanks Ulrik
Mikaelsson).
- Messages created through the web are now given an in-reply-to header
when email out to nosy (thanks Martin v. L�wis).
- Nosy messages now include more information about issues (all link
properties with a "name" attribute) (thanks Martin v. L�wis).
- Searching date range by supplying just a date as the filter spec.
- Handle no time.tzset under Windows.
- Fix race condition in file storage transaction commit.
- Make user utils JS work with firstname/lastname again.
- Fix ZRoundup to work with Zope 2.8.5.
- Fix race condition for key properties in rdbms backends.
- Handle Reject in mailgw final set/create.
- Removed some metakit references.
- Roundup has a new xmlrpc frontend that gives access to a tracker using
XMLRPC.
- Dates can now be in the year-range 1-9999.
- The metakit backend has been removed.
- Add simple anti-spam recipe to docs.
- Allow customisation of regular expressions used in email parsing, thanks
Bruno Damour.
- Italian translation by Marco Ghidinelli.
- Multilinks take any iterable.
- config option: specify port and local hostname for SMTP connections.
- Tracker index templating (i.e. when roundup_server is serving multiple
trackers).
- config option: Limit nosy attachments based on size (Philipp Gortan).
- roundup_server supports SSL via pyopenssl.
- templatable 404 not found messages.
- Unauthorized email includes a link to the registration page for
the tracker.
- config options: control whether author info/email is included in email
sent by roundup.
- support for receiving OpenPGP MIME messages (signed or encrypted).
- Handling of unset Link search in RDBMS backend.
- Journal export of anydbm didn't correctly export previously empty values.
- Fix handling of defaults for date fields.
- Fix <form> name in user editing to allow multilink popups to work.
- Fix form handling of editing existing hyperdb items from a new item page.
- Added new rdbms-indexes for full-text index which will speed up
reindexing.
- Turning off indexing for content properties of FileClass instance
(e.g., "file" and "msg") now works for SQL backends.
- Enabled over-riding of content-type in web interface (thanks
John Mitchell).
- Validate user timezones to filter bad entries.
- Classic template allows searching for issues with no topic set.
- xapian_indexer uses current API for stemming (Rick Benavidez).
- Ensure email addresses are unique.
- roundup_admin tracks uncommitted changes in interactive mode
for all backends.
- add template search path for easy_install (Marek Kubica).
- don't spam the roundup admin on client shutdowns (Ulrik Mikaelsson).
- respect umask on filestorage backends (Ulrik Mikaelsson).
- cope with spam robots posting multiple instances of the same form.
- include the author of property-only changes in generated messages.
- fuller email validation in templates.
- cope with bad cookies from other apps on same domain.
- updated Spanish translation from Ramiro Morales.
- clean up query display of "Private to you items".
- use local timezone for mail date header.
- allow CSV export of queries on selected issues.
- remove blobfiles on destroy.
- handle postgres exceptions during session cleanup.
- update Xapian indexer to use current API.
- handle export and import of old trackers that have data attached to
journal "create" events.
- fix a couple more old instances of "type" instead of "ENGINE" for mysql
backend.
- make LinkHTMLProperty handle non-existing keys.
- If-Modified-Since handling was broken.
- Updated documentation for customising hard-coded searches in page.html.
- Updated Windows installation docs (thanks Bo Berglund).
- Handle rounding of seconds generating invalid date values.
- Handle 8-bit untranslateable messages from database properties.
- Fix scripts/roundup-reminder date calculation.
- Improved due_date and timelog customisation docs.
- relax rules for required fields in form_parser.py.
- documentation cleanup from Luke Ross.
- updated Spanish translation from Ramiro Morales.
- handle 8-bit untranslateable messages in tracker templates.
- handling of required for boolean False and numeric 0.
- removed bogus args attr of ConfigurationError.
- implemented start_response in roundup.cgi.
- clarified windows service documentation.
- HTMLClass fixed to work with new item permissions check.
- support POP over SSL.
- clean up input field generation and quoting of values.
- allow use of roundup-server pidfile without forking.
- allow translation of status/priority menu options.
- setup.py had broken reference to roundup.cgi.
- full-text search wasn't coping with multiple multilinks to the same class.
- unicode / sqlite 3 problem.
- WSGI support via roundup.cgi.wsgi_handler.
- sqlite module detection was broken for python 2.5 compiled without sqlite
support.
- fixed support for pysqlite2 (version 2.1.0 is the minimum version
supported).
- roundup-server called setuid when run by non-root user.
- fix sort/group direction checkbox in issue.index.html.
- fix error detection for non-EN locales of postgres.
- fix email change note rendering of multiline properties.
- fix sidebar search links.
- nicer "permission required" messages.
- fix unstable ordering of detectors.
- E-mail subject line prefix delimiter configuration was being ignored.
- Password confirm field in user editing.
- supports Python 2.5, including the sqlite3 module.
- full timezone support.
- handle connection loss when responding to web requests.
- match incoming mail In-Reply-To against existing messages when no issue
id is specified in the Subject.
- added StringHTMLProperty wrapped() method to wrap long lines in issue
display.
- include the popcal in Date field editing and search fields by default.
- @required in forms may now specify properties of linked items.
- update for latest version of pysqlite.
- update for latest version of psycopg2.
- new "exporttables" command in roundup-admin.
- roundup-admin "export" may specify classes to exclude.
- sorting and grouping by multiple properties is now supported by the
backends *and* the classic template.
- sorting, grouping, and searching by transitive properties (e.g.,
messages.author.supervisor) is now supported in all backends.
- added filter_sql to SQL backends which takes an arbitrary SQL statement
and returns a list of item ids.
- Verbose option for import and export.
- -c option for roundup-mailgw won't accept parameter.
- '?' in rfc2822-encoded header isn't quoted.
- fix error message in form parser.
- updated ZRoundup for Zope 2.9.
- fix timelog example in customisation doc to mention permissions.
- nicer listing of Superseder links.
- include roundup-server.ini.example.
- dumb bug in cgi templating utils.
- handle unicode in query names.
- fix error during mailgw bouncing message.
- hyperdb handling of empty raw values for Multilink and Password.
- don't int() ids.
- fix importing into anydbm backend.
- fix help message for roundup-admin install.
- removed traceback with OTK is used multiple times.
- metakit backend was indexing FileClass content even when asked not to.
- anydbm backend will finally sort numerically by ID.
- problem with string sorting in anydbm backend fixed: If a string was
fully numeric it was sorted as a number.
- Multilink-sorting now sorts by orderprop not by ID and works for all
backends.
- Bug with name-collisions in sorted classes when sorting by Link
properties in metakit backend fixed.
- Postgres backend allows transaction collisions to be ignored when
committing cleanup in the sessions database.
- translate titles of "show all" and "unassigned" issue lists
in classic template.
- "as" is a keyword in Python 2.6.
- "from __future__" statments need to be first line of file in Python 2.6.
- better conflict retry in postgresql backend.
- fix time log example.
- assume that Python 2.4 and 2.5 are compatible and allow checking for
fallout.
- remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+
default. Modify the others to deal with the removals.
INSTALLATION_DIRS, as well as all occurrences of ${PREFIX}/man with
${PREFIX}/${PKGMANDIR}.
Fixes PR 35265, although I did not use the patch provided therein.
Patch provided by Simon 'corecode' Schubert in private mail.
2006-04-27 1.1.2
Feature:
- server-ctl script uses server configuration file (sf bug 1443805)
Fixed:
- progress display in roundup-admin reindex
- bug in menu() permission filter (sf bug 1444440)
- indexing may be turned off for FileClass "content" now
("content" and "type" properties are now automatically included in the
FileClass schema where previously the "content" property was faked and
"type" was optional)
- verbose output during import is optional now (sf bug 1475624)
- escape *all* uses of "schema" in mysql backend (sf bug 1472120)
- responses to user rego email (sf bug 1470254)
- dangling connections in session handling (sf bug 1463359)
- reduced frequency of session timestamp update
- classhelp popup pagination forgot about "type" (sf bug 1465836)
- umask is now configurable (with the same 0002 default)
- sorting of entries in classhelp popup (sf bug 1449000)
- allow single digit seconds in date spec (sf bug 1447141)
- prevent generation of new single-digit seconds dates (sf bug 1429390)
- implement close() on all indexers (sf bug 1242477)
2006-03-03 1.1.1
Fixed:
- failure with browsers not sending "Accept-Language" header
(sf bugs 1429646 and 1435335)
- translate class name in "required property not supplied" error message
(sf bug 1429669)
- error in link property lookups with numeric-alike key values (sf bug 1424550)
- ignore UTF-8 BOM in .po files
- add permission filter to menu() implementations (sf bug 1431188)
- lithuanian translation updated by Nerijus Baliunas (sf patch 1411175)
- incompatibility with python2.3 in the mailer module (sf bug 1432602)
- typo in SMTP TLS option name: "MAIL_TLS_CERFILE" (sf bug 1435452)
- email obfuscation code in html templating is more robust
- blank-title subject line handling (sf bug 1442121)
- "All users may only view and edit issues, files and messages they
create" example in docs (sf bug 1439086)
- saving of queries (sf bug 1436169)
- "Adding a new constrained field to the classic schema" example in docs
(sf bug 1433118)
- security check in mailgw (sf bug 1442145)
- "clear this message" (sf bug 1429367)
- escape all uses of "schema" in mysql backend (sf bug 1397569)
- date spec wasn't allowing week intervals
2006-02-10 1.1.0
Feature:
- trackers may configure custom stop-words for the full-text indexer
- login may now be for a single session (and this is the default)
- trackers may hide exceptions from web users (they will be mailed to the
tracker admin) (hiding is the default)
- include "clear this message" link in the "ok" message bar
Fixed:
- fixes in scripts/import_sf.py
- fix some unicode bugs in roundup-admin import
- Xapian indexer wasn't actually being used and its reindexing of existing
data was busted to boot
- roundup-admin import wasn't indexing message content
- allow dispname to be passed to renderWith (sf bug 1424587)
- rename dispname to @dispname to avoid name clashes in the future
- fixed schema migration problem when Class keys were removed
2006-02-03 1.0.1
Feature:
- scripts/import_sf.py will import a tracker from Sourceforge.NET
- added hasRole() to HTMLUser
Fixed:
- SQL generation for sort/group by separate Link properties (sf bug
1417565)
- fix timezone offsetting in email Date: header
- fix security check for hasPermission('Permission', None)
2006-01-27 1.0
Feature:
- Lithuanian translation by Aiste Kesminaite
- Web User Interface language selection by form variable @language,
browser cookie or HTTP header Accept-Language (sf patch 1360321)
- initial values for configuration options may be passed on
'roundup-admin install' command line (based on sf patch 1237110)
- favicon.ico image may be changed with server config option (sf patch 1355661)
- Password objects initialized from plaintext remember plaintext value
(sf rfe 1379447)
- Roundup installation document includes configuration example
for Exim Internet Mailer (sf bug 1393860)
- enable registration confirmation by web only (sf bug 1381675)
- allow preselection of values in templating menu()s (sf patch 1396085)
- display the query name in the header (sf feature 1298535 / patch 1349387)
- classhelp works with Link properties now (sf bug 1410290)
- added setorderprop() and setlabelprop() to Class (sf features 1379534,
1379490)
- CSV encoding support (sf bug 1240848)
- fields rendered with StructuredText are hyperlinked by default
- additional attributes for input element may be passed to the 'field'
method of a property wrapper
- added "copy_url" method to generate a URL for copying an item
Fixed:
- MySQL now creates String columns using the TEXT column type
- password.crypt won't work with md5 passwords (sf bug 1372253)
- use quoted printable encoding for nosy attachments that have MIME
type 'text/plain' but contain 8-bit characters (sf bug 1381559)
- login name and email address fields in the classic template
are highlighted as required fields (sf bug 1392364)
- french translation updated by Patrick Decat (sf patch 1397059)
- HTTP authorization takes precedence over session cookie (sf bug 1396134)
- enforce correct encoding of PostgreSQL backend (sf bug 1374235)
- grouping/sorting on link to same class fixed (sf bug 1404930)
- all backends implement the retired check in getnodeids (sf bug 1290560)
- fix detection of "missing" existing values in CGI form parser (sf bug
1414149)
- ZRoundup works again (sf bug 1263842)
- default user template does not display password fields and submit button
when editing is not allowed
- fix StructuredText import in cgi.templating
- have "System Messages" be marked as such again (sf bug 1281907)
- enable editing of public queries (sf bug 966144)
2005-10-07 0.9.0b1
Feature:
- added "imapServer.py" script (sf patch 934567)
- added date selection popup windows (thanks Marcus Priesch)
- added Xapian indexer; replaces standard indexers if Xapian is available
- mailgw subject parsing has configurable levels of strictness
- nosy messages may be sent individually to all recipients
- remember where we came from when logging in (sf patch 1312889)
2006-??-?? 0.8.6
Fixed:
- french translation updated by Patrick Decat (sf patch 1397059)
- tighten up Date parsing to not allow 'M/D/YY' (or 'D/M/YY) (sf bug
1290550)
- handle "schema" being reserved word in MySQL 5+ (sf bug 1397569)
- fixed documentation of filter() in the case of multiple values in a
String search (sf bug 1373396)
- fix comma-separated ID filter spec in web requests (sf bug 1396278)
- fix Date: header generation to be LOCALE-agnostic (sf bug 1352624)
- fix admin doc description of roundup-server config file
- fix redirect after instant registration (sf bug 1381676)
- fix permission checks in cgi interface (sf bug 1289557)
- fix permission check on RetireAction (sf bug 1407342)
- timezone now applied to date for pretty-format (sf bug 1406861)
- fix mangling of "_" in mail Subject class name (sf bug 1413852)
- catch bad classname in URL (related to sf bug 1240541)
- clean up digested_file_types (sf bug 1268303)
- fix permission checks in mailgw (sf bug 1263655)
- fix encoding of subject in generated error message (sf bug 1414465)
2005-10-07 0.8.5
Feature:
- Argentinian Spanish translation by Ramiro Morales
Fixed:
- Display of Multilinks where linked Class labelprop values are None
- Fix references to the old * Registration Permissions
- Fix missing merge of fix to sf bug 1177057
- Fix RDBMS indexer indexing UTF-8 words that encode to > 30 chars
- Handle invalidly-specified charsets in incoming email
PKGLOCALEDIR and which install their locale files directly under
${PREFIX}/${PKGLOCALEDIR} and sort the PLIST file entries. From now
on, pkgsrc/mk/plist/plist-locale.awk will automatically handle
transforming the PLIST to refer to the correct locale directory.
2005-07-18 0.8.4
Fixed:
- extra CRs in CSV export files on Windows platform (sf bug 1195742)
- activity RDBMS columns were being reported in changes
- fix name collision in roundup.cgi script (sf bug 1203795)
- fix handling of invalid interval input
- search locale files relative ro roundup installation path (sf bug 1219689)
- use translation for boolean property rendering (sf bug 1225152)
- enabled disabling of REMOTE_USER for when it's not a valid username (sf
bug 1190187)
- fix invocation of hasPermission from templating code (sf bug 1224172)
- have 'roundup-admin security' display property restrictions (sf bug
1222135)
- fixed templating menu() sort_on handling (sf bug 1221936)
- allow specification of pagesize, sorting and filtering in "classhelp"
popups (sf bug 1211800)
- handle dropped properies in rdbms/metakit journal export (sf bug 1203569)
- handle missing Subject lines better (sf bug 1198729)
- sort/group by missing values correctly (sf bugs 1198623, 1176897)
- discard, don't bounce messages to the mailgw when the messages's sender
is invalid (ie. when we try to bounce, we get a 550 "unknown user
account" response from the SMTP server) (sf bug 1190906)
- removed debugging code from cgi/actions.py
- refactored hyperdb.rawToHyperdb, allowing a number of improvements
(thanks Ralf Schlatterbeck)
- don't try to set a timeout for IMAPS (thanks Paul Jimenez)
- present Reject exception messages to web users (sf bug 1237685)
2005-05-02 0.8.3
Feature:
- chinese translation by limodou
Fixed:
- fix reference to The Zope Book in Roundup FAQ
- disabled file logging in Roundup test suite (sf bug 1155649)
- return original string if message issue xref isn't valid
- fix nosyreaction.py to stop it setting the nosy list unnecessarily
(see doc/upgrading.txt for how to fix in your trackers)
- after logout, always display tracker home page
- web forms don't create new items if no item properties are set from UI
- item creation failed if multilink fields had invalid entries (sf bug
1177602)
- fix bdist_rpm (sf bug 1164328)
- fix checking of "Email Access" for Anonymous email registration (sf bug
1177057)
- disable "Email Access" for Anonymous by default to stop spam regsitering
users on public trackers
- send errors in the web interface to a logfile by default. Use the
"debug" multiprocess mode (roundup-server) or the DEBUG_TO_CLIENT var
(roundup.cgi) to have the errors appear in your browser
- fix setgid typo (sf bug 1171346)
- fix faulty find_template filename facility (sf bug 1163629)
- fix roundup-admin "export" so it creates the target dir if needed
- "fix" roundup-admin "import" to not use "universal newline support" since
the csv module appears to have its own ideas about such things (sf bug
1163890)
- fix installation docs referring to old-style configuration variables
- fix roundup-admin "find" for searching Multilinks (sf bug 1189465)
2005-03-03 0.8.2
Feature:
- roundup-server automatically redirects from trackers list
to the tracker page if there is only one tracker
Fixed:
- added content to ZRoundup refresh.txt file (sf bug 1147622)
- fix invalid reference to csv.colon_separated
- correct URL to What's New in setup.py meta-data
- change AUTOCOMMIT=OFF to AUTOCOMMIT=0 for MySQL (sf bug 1143707)
- compile message objects in 'setup.py build'
- use backend datatype for journal timestamps in RDBMSes
- fixes to the "Using an external password validation source"
customisation example (sf bugs 1153640 and 1155108)
2005-02-17 0.8.1
Fixed:
- replaced MutlilinkIterator with multilinkGenerator (thanks Bob Ippolito)
- fixed broken csv import in roundup.admin module
- fixed braino in HTMLClass.filter() (sf bug 1124213)
- change ZTUtils Iterator to always iter() its sequence argument
2005-02-16 0.8.0
Fixed:
- fix roundup-server log and PID file paths to be absolute
- fix initialisation of roundup-server in daemon mode so initialisation
errors are visible
- fix: 'Logout' link was enabled on issue index page only
- have Permissions only test the check function if itemid is suppled
- modify cgi templating system to check item-level permissions in listings
- enable batching in message and file listings
- more documentation of security mechanisms (incl. sf patches 1117932,
1117860)
- better unit tests for security mechanisms
- code cleanup (sf patch 1115329 and additional)
- issue search page allows setting of no sorting / grouping (sf bug
1119475)
- better edit conflict handling (sf bug 1118790)
- consistent text searching behaviour (AND everywhere) (sf bug 1101036)
- fix handling of invalid date input (sf bug 1102165)
- retain Boolean selections in edit error handling (sf bug 1101492)
- fix initialisation of logging module from config file (sf bug 1108577)
- removed rlog module (py 2.3 is minimum version now)
- fixed class "help" listing paging (sf bug 1106329)
- nicer error looking up values of None (response to sf bug 1108697)
- fallback for (list) popups if javascript disabled (sf patch 1101626)
2005-01-13 0.8.0b2
Fixed:
- note about how to run roundup demo in Windows (sf bug 1082090)
- fix API for templating utils extensions - remove "utils" arg (sf bug 1081981)
- back_sqlite.py is missing "import time" (sf bug 1081959)
- fix (list) popup (sf bug 1083570)
- fix some security assertions (sf bug 1085481)
- 'roundup-server -S' always writes [trackers] section heading (sf bug 1088878)
- fix port number as int in mysql connection info (sf bug 1082530)
- fix setup.py to work with <Python2.3 (sf bug 1082801)
- fix permissions checks in cgi templating (sf bug 1082755)
- fix "Users may only edit their issues" example in docs
- handle ~/.my.cnf files for MySQL defaults (sf bug 1096031)
2004-12-08 0.8.0b1
Feature:
- added MD5 scheme for password hiding
- added support for HTTP charset selection
- implement __nonzero__ for HTMLProperty
- remove "manual" locking of sqlite database
- create a new RDBMS cursor after committing
- added basic logging, and configuration of it and python's logging module
- roundup-mailgw now logs fatal exceptions rather than mailing them to admin
- add a default argument to the DateHTMLProperty.field method, and an
optional Interval (string or object) to the DateHTMLProperty.now (patch
from Vickenty Fesunov)
- hide "(list)" popup links when issue is only viewable
- roundup-server options -g and -u accept both ids and names (sf bug 983769)
- roundup-server now has a configuration file (-C option)
- added mod_python interface (see installation.txt)
- reorganised tracker configuration, using ConfigParser config, cleaned-up
schema definition and implementing easier extension writing (sf rfe 661301)
- Permissions may now be defined on a per-property basis
- added "Create" Permission. Replaces the "Web"- and "Email Registration"
Permissions.
- added option to turn off registration confirmation via email
("instant_registration" in config) (sf rfe 922209)
- roundup-admin reindex command may now work on single items or classes
- multiple selection Link/Multilink search field (thanks Marlon van den Berg)
- relaxed hyperlinking in web interface (accept "issue123" or "Issue 123")
- record journaltag lookup ("fixes" sf bug 998140)
- allow listing popup to be used in query forms (thanks Marcus Priesch)
- roundup windows service may be installed with command line options
recognized by roundup-server (but not tracker specification arguments).
Use this to specify server configuration file for the service.
- added experimental multi-thread server
- don't try to import all backends in backends.__init__ unless we *want* to
- unless in debug mode, keep a single persistent connection through a
single web or mailgw request.
- HTTP Basic Authentication (sf patch 1067690)
- extended security.addPermissionToRole to allow skipping the separate
getPermission call
Fixed:
- postgres backend open doesn't hide corruption in schema (sf bug 956375)
- *dbm-style backends nuke() method now clear id counters
- removed safeget() from the API (sf bug 994750)
- demo tracker is always set up on localhost (sf bug 1049101)
- relaxed URL designator syntax to allow issue[0]*1 (sf bug 1054523)
2004-10-06 0.7.11
Fixed:
- index args URL generation broken in .10 (sf bug 1096027)
- handle NotModified for non-static files (sf patch 1095790)
- fix permission lookup in query editing
2005-01-04 0.7.10
Fixed:
- reset ID counters if the database is cleared (thanks William)
- apply IE caching "fix" to automatically serve up all pages expired
- fix typo (sf patch 1076629)
- fix hyperlinking of items (sf bug 1080251)
- fix roundup-admin find command handling of Multilinks
- fix some security assertions (sf bug 1085481) (see doc/upgrading.txt for
notes)
- don't set the title to nothing from incoming mail (thanks Bruce Guenter)
- fix py2.4 strftime() API change bug (sf bug 1087746)
- fix indexer searching with no valid words (sf bug 1086787)
- updated searching / indexing docs
- fix "(list)" popup when list is one item long (sf bug 1064716)
- have RDBMS full-text indexer do AND searching (sf bug 1055435)
- handle spaces in String index params in batching (sf bug 1054224)
python*-pth packages into meta-packages which will install the non-pth
packages. Bump PKGREVISIONs on the non-pth versions to propagate the
thread change, but leave the *-pth versions untouched to not affect
existing installations.
Sync all PYTHON_VERSIONS_AFFECTED lines in package Makefiles.
2004-10-26 0.7.9
Feature:
- DateHTMLProperty.field() accepts format string (thanks Wil Cooley)
Fixed:
- popup listing uses filter args (thanks Marlon van den Berg)
- fixed editing of message contents
- loosened the detection of issue cross-references in messages
- open CSV files in "universal newline" mode
- s/Modifed/Modified (thanks donfu)
- applied patch fixing some form handling issues in ZRoundup (thanks Chris
Withers)
- enforce View Permission when serving file content (sf bug 1050470)
- don't index common words (sf bug 1046612)
- set the current username correctly after rego (sf bug 1048398)
- don't wrap query.item.html in a <span> (thanks Roch'e Compaan)
- TAL expressions like 'request/show/whatever' return True
if the request does not contain explicit @columns list
- NumberHTMLProperty should return '' not "None" if not set (thanks
William)
- ensure multilink ordering in RDBMS backends (thanks Marcus Priesch, sf
bug 950963)
- always honor indexme property on Strings (sf patch 1063711)
- make hyperdb value parsing errors readable in mailgw errors
- make anydbm journal export handle removed properties
- allow use of XML templates again
2004-10-15 0.7.8
Fixed:
- Clean out sessions / otks tables when migrating
2004-10-11 0.7.7
Fixed:
- ZRoundup's search interface works now (sf bug 994957)
- fixed history display when "ascending"
- removed references to py2.3+ boolean values (sf bug 995682)
- fix static file path normalisation in security check (thanks David Linke)
- less specific messages for login failures (thanks Chris Withers)
- Reject raised against email messages should result in email rejection, not
discarding of the message
- mailgw can override the MAIL_DEFAULT_CLASS
- handle Py2.3+ datetime objects as Date specs (sf bug 971300)
- use row locking in MySQL newid() (sf bug 1034211)
- add sanity check for sort and group on same property (sf bug 1033477)
- extend OTK and session table value cols to TEXT (sf bug 1031271)
- fix lookup of REMOTE_USER (sf bug 1002923)
- new Interval props weren't created properly in rdbms
- date.Interval() now accepts an Interval as a spec (sf bug 1041266)
- handle deleted properties in RDBMS history
- apply timezone in correct direction in user input (sf bug 1013097)
- more efficient find() in RDBMS (sf bug 1012781)
- pydotorg-specific change to mailgw to handle bizzaro permissions ;)
2004-07-20 0.7.6
Fixed:
- rdbms backend full text search failure after import (sf bug 980314)
- rdbms backends not filtering correctly on link=None
- fix anydbm journal import (sf bug 983166)
- handle postgresql bug in SQL generation (sf bug 984591)
- fix dates-from-Dates (sf bug 984604)
- fix messageid generated when msgid is None for send_message (sf bug 987933)
- make user permissions check more sane (fix search page for anonymous)
- fixed RDBMS filter() for no matches from full-text search (sf bug 990778)
- fixed DateHTMLProperty for invalid date entry (sf bug 986538)
- fixed external password source example (sf bug 986601)
- document the STATIC_FILES config var
- implement the HTTP HEAD command (sf bug 992544)
- fix journal export of files to remove content from CSV files
- API clarification. Previously, the anydbm/bsddb/metakit filter() methods
had required exact matches to Multilink argument lists. The RDBMS
backends treated Multilink matches like all other data types - matching
any of the Multilink argument list is good enough. The latter behaviour
is implemented across the board now.
- fix metakit handling of filter on Link==None
0.7.5 is a bug fix release, including:
- force lookup of journal props in anydbm filtering
- fixed lookup of "missing" Link values for new props in anydbm backend
- allow list of values for id, Number and Boolean filtering in anydbm
backend
- fixed some more mysql 0.6->0.7 upgrade bugs (sf bug 950410)
- fixed Boolean values in postgresql (sf bugs 972546 and 972600)
- fixed -g arg to roundup-server (sf bug 973946)
- better roundup-server usage string (sf bug 973352)
- include "context" always, as documented (sf bug 965447)
- fixed REMOTE_USER (external HTTP Basic auth) (sf bug 977309)
- fixed roundup-admin "find" to use better value parsing
- fixed RDBMS Class.find() to handle None value in multiple find
- export now stores file "content" in separate files in export directory
0.7.4 is a bug fix release, including:
- re-acquire the OTK manager when we re-open the database
- mailgw handler can close the database on us
- fixed grouping by a NULL Link value
- fixed anydbm import/export (sf bugs 965216, 964457, 964450)
- fix python 2.3.3 strftime deprecation warning (sf patch 968398)
- fix some column datatypes in postgresql and mysql (sf bugs 962611,
959177 and 964231)
- fixed RDBMS journal packing (sf bug 959177)
- fixed filtering by floats in anydbm (sf bug 963584)
0.7.3 is a SECURITY FIX release of Roundup. All users are encouraged
to upgrade immediately.
2004-05-28 0.7.3
Fixed:
- add "checked" to truth values for Boolean input
- fixed import in metakit backend
- fix SearchAction use of Class.filter(), and clarify API docs for same
- ensure static files may only be served out of the tracker's "static
files" directory
This release fixes some bugs in the previous release:
- several temp files made it into the source distribution (sf bug 949243)
- typo in roundup/instance.py
- missing CRLF var in rfc822.py (sf patch 949471)
- fix user creation page
- have roundup server pass though the cause of a "403 Forbidden" response
- fix schema mutation in sqlite backends (thanks Tamer Fahmy)
- make popup Javascript IE 5.0 friendly (thanks Marlon van den Berg)
- fix RDBMS import (thanks Tamer Fahmy)
changes (among many others):
- added postgresql backend
- trackers using postgresql or mysql backends may have many users
- new "actor" automatic property (user who caused the last "activity")
- RDBMS backends have data typed columns and indexes on several columns
- registration may be concluded by replying to the confirmation email
- HTML templating permission checks are greatly simplified
- database exports now include full journals
For a complete list see:
http://roundup.sourceforge.net/doc-0.7/whatsnew-0.7.html
The 0.6.7 release fixes some bugs:
- be more backward-compatible when asking for EMAIL_CHARSET
- made error on create consistent with edit when user enters invalid data
for Multilink and Link form fields (sf bug 904072)
- made errors from bad input in the quick "Show issue:" form more
user-friendly (sf bug 904064)
- don't add a query to a user's list if it's already there
- nicer invalid property error in HTML templating
- use EMAIL_CHARSET for message body too (still sf bug 900046)
The 0.6.5 release fixes some bugs:
- mailgw handling of subject-line errors
- allow serving of FileClass file content when the class isn't called
"file" (eg. messages and other FileClasses)
- allowed negative ids (ie. new item markers) in HTMLClass.getItem,
allowing "db/file_with_status/-1/status/menu" to generate a useful
widget
- fixed content-type when templates are serving up xml (thanks Godefroid
Chapelle)
- fixed IE double-submit when it shouldn't (sf bug 842254)
- fixed check for JS pop()/push() to make more general (sf bug 877504)
- fix re-enabling queries (sf bug 861940)
- use supplied content-type on file uploads before trying filename
- fixed roundup-reminder script to use default schema (thanks Klamer Schutte)
- fixed edit action / parsePropsFromForm to handle index-page edits better
- safer logging from HTTP server (sf bug 896917)
Fixed:
- fixed date arithmetic to not allow day-of-month == 0 (sf bug 853306)
- fixed date arithmetic to limit hours-per-day to 24, not 60
- hard-coded python2.3-ism (socket.timeout) fixed
- fixed activity displaying as future because of Date arithmetic fix in
0.6.3 (sf bug 842027).
- fix Windows service mode for roundup-server (sf bug 819890)
- fixed #white in cgitb (thanks Henrik Levkowetz)
Fixed:
- fixed detectors fix incorrectly fixed in bugfix release 0.6.2
- added note to upgrading doc for detectors fix in 0.6.2
- added script to help migrating queries from pre-0.6 trackers
- fixed "documentation" of getnodeids in roundup.hyperdb
- added flush() to DevNull (sf bug #835365)
- fixed javascript for help window for only one checkbox case
- Date +/- Interval now works, and Date - Date also works
- handle socket timeout exception (thanks Marcus Priesch)
- fixed retirement of items in rdbms imports (sf bug 841355)
- fixed bug in looking up journal of newly-created items in *dbm backends
Fixed:
- cleaned up, clarified internal caching API in *dbm backends
- stopped pyc writing to current directory! yay! (patch 800718 with changes)
- fixed file leak in detector initialisation (patch 800715)
- commented out example tracker homes (patch 800720)
- added note about hidden :template var in user.item (bug 799842)
- fixed Apply Error that was raised, when property was deleted from class and
we are trying to edit an instance
