Mercurial > p > roundup > code
comparison doc/announcement.txt @ 7530:ed2bc951277b
Updates for 2.3.0 release.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Wed, 12 Jul 2023 22:59:49 -0400 |
| parents | 52f22cfcbdc1 |
| children | a03f8f681992 |
comparison
equal
deleted
inserted
replaced
| 7529:05448536f154 | 7530:ed2bc951277b |
|---|---|
| 1 I'm proud to release version 2.3.0b2 of the Roundup issue | 1 I'm proud to release version 2.3.0 of the Roundup issue |
| 2 tracker. This release is a bugfix and minor feature | 2 tracker. This release is a bugfix and feature |
| 3 release, so make sure to read `docs/upgrading.txt | 3 release, so make sure to read `docs/upgrading.txt |
| 4 <https://www.roundup-tracker.org/docs/upgrading.html>`_ to | 4 <https://www.roundup-tracker.org/docs/upgrading.html>`_ to |
| 5 bring your tracker up to date. | 5 bring your tracker up to date. |
| 6 | 6 |
| 7 The changes, as usual, include some new features and many | 7 The changes, as usual, include some new features and many |
| 22 | 22 |
| 23 (preferably in a virtual environment) can be used. | 23 (preferably in a virtual environment) can be used. |
| 24 | 24 |
| 25 Among the notable improvements from the 2.2.0 release are: | 25 Among the notable improvements from the 2.2.0 release are: |
| 26 | 26 |
| 27 * Dockerfile demo mode implemented. | 27 * Dockerfile demo mode implemented. This allows quick evaluation as |
| 28 well as the ability to spin up a configured tracker to customise. | |
| 28 | 29 |
| 29 * SQLite backends can use WAL mode to reduce blocking between readers | 30 * SQLite backends can use WAL mode to reduce blocking between readers |
| 30 and writers. | 31 and writers improving concurrent use. |
| 31 | 32 |
| 32 * Redis can be used for session database with SQLite and dbm | 33 * Redis can be used for session database with SQLite and dbm |
| 33 backends. Provides a major performance improvement. | 34 backends. Provides a major performance improvement. |
| 34 | 35 |
| 35 * roundup-mailgw can use OAUTH authentication to SMTP | 36 * roundup-mailgw can use OAUTH authentication to SMTP |
| 36 server. (roundup-mailgw command line options changed as a result.) | 37 server. (roundup-mailgw command line options changed as a result.) |
| 37 | 38 |
| 38 * Postgres full text index can now be enabled. | 39 * Postgres full text index can now be enabled. |
| 39 | 40 |
| 40 * Modifications to in-reply-to threading when there are multiple | 41 * Modifications to in-reply-to threading when there are multiple |
| 41 matches. | 42 matches resulting in more predictable handling of messages. |
| 42 | 43 |
| 43 * Many updates to documentation to make it scannable, useful and | 44 * Many updates to documentation to make it scannable, useful and |
| 44 work on mobile. | 45 work on mobile. |
| 45 | 46 |
| 46 * Admin documentation includes a section on setting up Content | 47 * Admin documentation includes a section on setting up Content |
| 47 Security Policy (CSP) | 48 Security Policy (CSP) to better secure your Roundup trackers. |
| 48 | 49 |
| 49 * REST now allows rate limiting headers to be accessed by client | 50 * REST now allows rate limiting headers to be accessed by client |
| 50 JavaScript. | 51 JavaScript. |
| 51 | 52 |
| 52 * Default number of rounds for PBKDF2 updated to 2M to account for | 53 * Default number of rounds for PBKDF2 updated to 2M to account for |
| 53 improvements in password crackers and CPU power. | 54 improvements in password crackers and CPU power. |
| 54 | 55 |
| 55 * Support PBKDF2 with SHA512 for password storage | 56 * Support PBKDF2 with SHA512 for password storage to improve |
| 57 resistance to password crackers. | |
| 56 | 58 |
| 57 * Deprecate SSHA password hash function. | 59 * Deprecate SSHA password hash function. |
| 58 | 60 |
| 59 * roundup-admin reindex can be done in batches to manage load | 61 * roundup-admin reindex can be done in batches to manage load |
| 60 incurred by reindexing. | 62 incurred by reindexing. |
| 61 | 63 |
| 62 * roundup-admin can list available templates and their installed | 64 * roundup-admin can list available templates and their installed |
| 63 locations. | 65 locations. This is useful when installing via pip or in a docker |
| 64 | 66 container as supporting files are not stored in the usual locations |
| 65 * Crash fixes in detector handling, configuration handling, fix for | 67 like /usr/share/roundup. |
| 66 sorting of multilinks. | 68 |
| 69 * Crash fixes in detector handling | |
| 67 | 70 |
| 68 The file CHANGES.txt has a detailed list of feature additions and | 71 The file CHANGES.txt has a detailed list of feature additions and |
| 69 bug fixes (52) for each release. The most recent changes from | 72 bug fixes (53) for each release. The most recent changes from |
| 70 there are at the end of this announcement. Also see the | 73 there are at the end of this announcement. Also see the |
| 71 information in doc/upgrading.txt. | 74 information in doc/upgrading.txt. |
| 72 | 75 |
| 73 If you find bugs, please report them to issues AT roundup-tracker.org | 76 If you find bugs, please report them to issues AT roundup-tracker.org |
| 74 or create an account at https://issues.roundup-tracker.org and open a | 77 or create an account at https://issues.roundup-tracker.org and open a |
| 146 and supports four database back-ends (anydbm, sqlite, mysql and postgresql). | 149 and supports four database back-ends (anydbm, sqlite, mysql and postgresql). |
| 147 | 150 |
| 148 Recent Changes | 151 Recent Changes |
| 149 ============== | 152 ============== |
| 150 | 153 |
| 151 From 2.2.0 to 2.3.0b2 | 154 From 2.2.0 to 2.3.0 |
| 152 | 155 |
| 153 Fixed: | 156 Fixed: |
| 154 ------ | 157 ------ |
| 155 | 158 |
| 156 - Updated directions for verifying Roundup distribution using pgp. | 159 - Updated directions for verifying Roundup distribution using pgp. |
| 205 Anonymous user. Replaces the old Create permission. (John Rouillard) | 208 Anonymous user. Replaces the old Create permission. (John Rouillard) |
| 206 - Allow '*' and explicit origins in allowed_api_origins. Only return | 209 - Allow '*' and explicit origins in allowed_api_origins. Only return |
| 207 'Access-Control-Allow-Credentials' when not matching '*'. Fixes | 210 'Access-Control-Allow-Credentials' when not matching '*'. Fixes |
| 208 security issue with rest when using '*'. (John Rouillard) | 211 security issue with rest when using '*'. (John Rouillard) |
| 209 - issue2551263: In REST response expose rate limiting, sunset, allow | 212 - issue2551263: In REST response expose rate limiting, sunset, allow |
| 210 HTTP headers to calling javascript. (John Rouillard) | 213 HTTP headers to calling JavaScript. (John Rouillard) |
| 211 - issue2551257: When downloading an attached (user supplied file), | 214 - issue2551257: When downloading an attached (user supplied file), |
| 212 make sure that an 'X-Content-Type-Options: nosniff' header is sent. | 215 make sure that an 'X-Content-Type-Options: nosniff' header is sent. |
| 213 (John Rouillard) | 216 (John Rouillard) |
| 214 - issue2551252 - default number of rounds for PKDF2 password increased | 217 - issue2551252 - default number of rounds for PKDF2 password increased |
| 215 to 2,000,000. (John Rouillard) | 218 to 2,000,000. (John Rouillard) |
| 296 - issue2551190 - Allow roundup-admin reindex to work in | 299 - issue2551190 - Allow roundup-admin reindex to work in |
| 297 batches. Running roundup-admin -i ... reindex issue:1-1000 will | 300 batches. Running roundup-admin -i ... reindex issue:1-1000 will |
| 298 reindex the first 1000 issues while reporting any missing issues | 301 reindex the first 1000 issues while reporting any missing issues |
| 299 in the range. Also completion progress is reported when indexing a | 302 in the range. Also completion progress is reported when indexing a |
| 300 specific class. | 303 specific class. |
| 304 - doc updates: add explanation for SQL code in 1.3.3->1.4.0 upgrade. | |
| 305 document schema table in rdbms backends and how to dump/extract | |
| 306 version from them. (John Rouillard) |