Mercurial > p > roundup > code

annotate doc/features.txt @ 4880:ca692423e401

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Different approach to fix XSS in issue2550817 Encapsulate the error/ok message append method as add_ok_message and add_error_message. The new approach escapes the messages when appending -- at a point in the code where we still know where the message comes from. Escaping is the default but can bei turned off. This also fixes issue2550836 where certain messages may contain links. Another advantage of the new fix is that users don't need to change installed trackers and are secure by default.
author Ralf Schlatterbeck <rsc@runtux.com>
date Mon, 31 Mar 2014 18:19:23 +0200
parents d0a3ac73b4c1
children e74c3611b138
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
739
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1 ================
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
2 Roundup Features
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
3 ================
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
4
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
5 Roundup is a simple-to-use and -install issue-tracking system with
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
6 web, e-mail and command-line interfaces. It is based on the winning design
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
7 from Ka-Ping Yee in the Software Carpentry "Track" design competition.
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
8
1228
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
9 *simple to install*
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
10 - installation (including web interface) takes about 30 minutes
2660
2ebeb53eb336 *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 2259
diff changeset
11 - instant-gratification ``python demo.py`` :)
1228
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
12 - two templates included in the distribution for you to base your tracker on
2660
2ebeb53eb336 *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 2259
diff changeset
13 - play with the demo, customise it and then use *it* as the template for
2ebeb53eb336 *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 2259
diff changeset
14 your production tracker
4226
d0a3ac73b4c1 clarify python version
Richard Jones <richard@users.sourceforge.net>
parents: 3935
diff changeset
15 - requires *no* additional support software - python (2.3+ but not 3+) is
2223
9b447ac40be3 *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 2138
diff changeset
16 enough to get you going
2138
f76d1642014a doc cleanup, editing and creation of a What's New
Richard Jones <richard@users.sourceforge.net>
parents: 1649
diff changeset
17 - easy to set up higher-performance storage backends like sqlite_,
3935
1dab48842cbd Throwing up hands in resignation and finally deleting the metakit backend.
Richard Jones <richard@users.sourceforge.net>
parents: 3839
diff changeset
18 mysql_ and postgresql_
739
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
19
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
20 *simple to use*
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
21 - accessible through the web, email, command-line or Python programs
740
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
22 - may be used to track bugs, features, user feedback, sales opportunities,
1228
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
23 milestones, ...
2259
f47ab53269cd *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 2258
diff changeset
24 - automatically keeps a full history of changes to issues with
f47ab53269cd *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 2258
diff changeset
25 configurable verbosity and easy access to information about who created
f47ab53269cd *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 2258
diff changeset
26 or last modified *any* item in the database
1649
6d392197daa3 *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 1228
diff changeset
27 - issues have their own mini mailing list (nosy list)
2258
c8f426142289 doc changes
Richard Jones <richard@users.sourceforge.net>
parents: 2223
diff changeset
28 - users may sign themselves up, there may be automatic signup for
c8f426142289 doc changes
Richard Jones <richard@users.sourceforge.net>
parents: 2223
diff changeset
29 incoming email and users may handle their own password reset requests
739
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
30
1228
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
31 *highly configurable*
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
32 - web interface HTML is fully editable
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
33 - database schema is also fully editable (only the "user" class is required)
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
34 with a full set of data types (including dates and many-to-many relations)
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
35 across all storages available
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
36 - customised automatic auditors and reactors may be written that perform
2138
f76d1642014a doc cleanup, editing and creation of a What's New
Richard Jones <richard@users.sourceforge.net>
parents: 1649
diff changeset
37 actions before and after changes are made to entries in the database,
3754
9f4dd27ae843 documentation cleanup from Luke Ross (patch [SF#1594860])
Richard Jones <richard@users.sourceforge.net>
parents: 3748
diff changeset
38 or may veto the creation or modification of items in the database
2258
c8f426142289 doc changes
Richard Jones <richard@users.sourceforge.net>
parents: 2223
diff changeset
39 - samples are provided for all manner of configuration changes and
c8f426142289 doc changes
Richard Jones <richard@users.sourceforge.net>
parents: 2223
diff changeset
40 customisations
1228
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
41
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
42 *fast, scalable*
3935
1dab48842cbd Throwing up hands in resignation and finally deleting the metakit backend.
Richard Jones <richard@users.sourceforge.net>
parents: 3839
diff changeset
43 - with the sqlite, mysql and postgresql backends, roundup is
2138
f76d1642014a doc cleanup, editing and creation of a What's New
Richard Jones <richard@users.sourceforge.net>
parents: 1649
diff changeset
44 also fast and scalable, easily handling thousands of issues and users
f76d1642014a doc cleanup, editing and creation of a What's New
Richard Jones <richard@users.sourceforge.net>
parents: 1649
diff changeset
45 with decent response times
f76d1642014a doc cleanup, editing and creation of a What's New
Richard Jones <richard@users.sourceforge.net>
parents: 1649
diff changeset
46 - database indexes are automatically added for those backends that
3935
1dab48842cbd Throwing up hands in resignation and finally deleting the metakit backend.
Richard Jones <richard@users.sourceforge.net>
parents: 3839
diff changeset
47 support them (sqlite, mysql and postgresql)
1228
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
48 - indexed text searching giving fast responses to searches across all
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
49 messages and indexed string properties
3526
9b99fff18683 *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 2660
diff changeset
50 - support for the Xapian full-text indexing engine for large trackers
1228
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
51
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
52 *documented*
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
53 - documentation exists for installation, upgrading, maintenance, users and
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
54 customisation
739
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
55
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
56 *web interface*
1228
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
57 - fully editable interfaces for listing and display of items
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
58 - extendable to include wizards, parent/meta bug displays, ...
739
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
59 - differentiates between anonymous, known and admin users
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
60 - may be set up to require login, and may also only allow admin users
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
61 to register new users
1649
6d392197daa3 *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 1228
diff changeset
62 - authentication of user registration and user-driven password resetting
6d392197daa3 *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 1228
diff changeset
63 using email and one time keys
3748
fdc9eb78d708 *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 3533
diff changeset
64 - may be run using WSGI or through CGI as a normal cgi script, as a
3754
9f4dd27ae843 documentation cleanup from Luke Ross (patch [SF#1594860])
Richard Jones <richard@users.sourceforge.net>
parents: 3748
diff changeset
65 stand-alone web server, under mod_python or through Zope
740
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
66 - searching may be performed using many constraints, including a full-text
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
67 search of messages attached to issues
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
68 - file attachments (added through the web or email) are served up with the
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
69 correct content-type and filename
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
70 - email change messages generated by roundup appear to be sent by the
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
71 person who made the change, but responses will go back through the nosy
741
b48a19a88b65 Cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 740
diff changeset
72 list by default
2258
c8f426142289 doc changes
Richard Jones <richard@users.sourceforge.net>
parents: 2223
diff changeset
73 - flexible access control built around Permissions and Roles with assigned
c8f426142289 doc changes
Richard Jones <richard@users.sourceforge.net>
parents: 2223
diff changeset
74 Permissions
c8f426142289 doc changes
Richard Jones <richard@users.sourceforge.net>
parents: 2223
diff changeset
75 - generates valid HTML4 or XHTML
c8f426142289 doc changes
Richard Jones <richard@users.sourceforge.net>
parents: 2223
diff changeset
76 - detects concurrent user changes
c8f426142289 doc changes
Richard Jones <richard@users.sourceforge.net>
parents: 2223
diff changeset
77 - saving and editing of user-defined queries which may optionally be
c8f426142289 doc changes
Richard Jones <richard@users.sourceforge.net>
parents: 2223
diff changeset
78 shared with other users
739
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
79
741
b48a19a88b65 Cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 740
diff changeset
80 *e-mail interface*
739
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
81 - may be set up using sendmail-like delivery alias, POP polling or mailbox
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
82 polling
740
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
83 - may auto-register users who send in mail and aren't known to roundup
739
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
84 - nosy list configuration controls how people are added and when messages
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
85 are sent to the list
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
86 - auto-filing of "unformatted" messages into a particular class
740
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
87 - e-mail attachments are handled sanely, being attached to the issue they're
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
88 intended for, and forwarded on to the nosy list
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
89 - sane handling of content-type and content-encoding of messages (text/plain
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
90 preferred in all situations)
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
91 - email packages that display threading will show issue messages correctly
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
92 threaded
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
93 - users may send in messages from multiple addresses and be associated
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
94 with the same roundup username
1649
6d392197daa3 *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 1228
diff changeset
95 - built-in security features like TLS and APOP
739
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
96
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
97 *command-line*
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
98 - may be used to interactively manage roundup databases
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
99 - may be scripted using standard shell scripting
740
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
100 - roundup's API may also be used by other Python programs - a sample is
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
101 provided that runs once a day and emails people their assigned issues
1649
6d392197daa3 *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 1228
diff changeset
102 - a variety of sample shell scripts are provided (weekly reports, issue
6d392197daa3 *** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents: 1228
diff changeset
103 generation, ...)
739
c612747b1126 Added a Features doc
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
104
3839
Stefan Seefeld <stefan@seefeld.name>
parents: 3754
diff changeset
105 *xmlrpc interface*
Stefan Seefeld <stefan@seefeld.name>
parents: 3754
diff changeset
106 - simple remote tracker interface with basic HTTP authentication
Stefan Seefeld <stefan@seefeld.name>
parents: 3754
diff changeset
107 - provides same access to tracker as roundup-admin, but based on
Stefan Seefeld <stefan@seefeld.name>
parents: 3754
diff changeset
108 XMLRPC calls
Stefan Seefeld <stefan@seefeld.name>
parents: 3754
diff changeset
109
1228
Richard Jones <richard@users.sourceforge.net>
parents: 742
diff changeset
110 .. _sqlite: http://www.hwaci.com/sw/sqlite/
2258
c8f426142289 doc changes
Richard Jones <richard@users.sourceforge.net>
parents: 2223
diff changeset
111 .. _mysql: http://sourceforge.net/projects/mysql-python
c8f426142289 doc changes
Richard Jones <richard@users.sourceforge.net>
parents: 2223
diff changeset
112 .. _postgresql: http://initd.org/software/initd/psycopg
740
2d50d6a17617 more marketing ;)
Richard Jones <richard@users.sourceforge.net>
parents: 739
diff changeset
113
Roundup Issue Tracker: http://roundup-tracker.org/