security:\r
- Raw servlet was insecure. If someone knew the exact repository name and path to a file, the raw blob could be retrieved bypassing security constraints. (issue 198)\r
fixes:\r
- - Could not reset settings with $ or { characters through Gitblit Manager because they are not properly escaped\r
- - Added more error checking to blob page and blame page\r
- - Disable SNI extensions for client SSL connections\r
- - Fixed prettify language extension loading\r
- - Fixed index out of bounds exceptions when generating client certificates for a user when the user's table has been filtered\r
- - Fixed AddindexedBranch tool when specifying the non-default branch. \r
- Use bash instead of sh in Linux/OSX shell scripts (issue 154)\r
- Fix NPE when getting user's fork without repository list caching (issue 182)\r
- Fix internal error on folder history links (issue 192)\r
- Improve NPE handling for hook script enumeration (issue-253)\r
- Workaround missing commit information in blame page (JGit bug 374382, issue-254) \r
- Ignore orphan ".git" folder in the repositories root folder (issue-256)\r
+ - Could not reset settings with $ or { characters through Gitblit Manager because they are not properly escaped\r
+ - Added more error checking to blob page and blame page\r
+ - Disable SNI extensions for client SSL connections\r
+ - Fixed prettify language extension loading\r
+ - Fixed index out of bounds exceptions when generating client certificates for a user when the user's table has been filtered\r
+ - Fixed AddindexedBranch tool when specifying the non-default branch. \r
\r
changes:\r
- Improved error logging for servlet containers which provide a null contextFolder (issue 199)\r
- - Improved the repository url display. This display now indicates your repository access permission, per-protocol.\r
- Improve Gerrit change ref decoration in the refs panel (issue 206)\r
+ - Improved the repository url display. This display now indicates your repository access permission, per-protocol.\r
+ - Automatically encode/decode usernames for urls using %XX notation on space, @, and \\r
- Disable Gson's pretty printing which has a huge performance gain\r
- Properly set application/json content-type on api calls\r
- Make days back filter choices a setting\r
- Updated Polish translation\r
- Updated Japanese translation\r
\r
- additions:\r
+ additions: \r
+ - Added a ui for the ref log introduced in 1.2.1 (issue-177)\r
+ - Added weblogic.xml to WAR for deployment on WebLogic (issue 199)\r
+ - Support username substitution in web.otherUrls (issue 213)\r
+ - Option to force client-side basic authentication instead of form-based authentication if web.authenticateViewPages=true (issue 222)\r
+ - Setting to automatically create an user account based on an authenticated user principal from the servlet container (issue-246)\r
- Added WindowsUserService to authenticate users against Windows accounts (issue-250)\r
- Global and per-repository setting to exclude authors from metrics (issue-251)\r
- Added SalesForce.com user service\r
- Added simple star/unstar function to flag or bookmark interesting repositories\r
- Added Dashboard page which shows a news feed for starred repositories and offers a filterable list of repositories you care about\r
- - Added a ui for the push log introduced in 1.2.1 (issue-177)\r
- Added client application menus for Git, SmartGit/Hg, SourceTree, Tower, GitHub for Windows, GitHub for Mac, and SparkleShare\r
- Added GO http/https connector thread pool size setting\r
- Added a server setting to force a particular translation/Locale for all sessions\r
- FogBugz post-receive hook script\r
- Chinese translation\r
- Support --baseFolder parameter in Federation Client\r
- - Added weblogic.xml to WAR for deployment on WebLogic (issue 199)\r
- - Support username substitution in web.otherUrls (issue 213)\r
- - Option to force client-side basic authentication instead of form-based authentication if web.authenticateViewPages=true (issue 222)\r
- - Setting to automatically create an user account based on an authenticated user principal from the servlet container (issue-246)\r
\r
contributors:\r
- Bandarupalli Satyanarayana\r
- { name: 'web.allowAppCloneLinks', defaultValue: 'true' }\r
- { name: 'web.forceDefaultLocale', defaultValue: ' ' }\r
- { name: 'web.metricAuthorExclusions', defaultValue: ' ' }\r
- - { name: 'web.overviewPushCount', defaultValue: 5 }\r
- - { name: 'web.pushesPerPage', defaultValue: 10 }\r
+ - { name: 'web.overviewReflogCount', defaultValue: 5 }\r
+ - { name: 'web.reflogChangesPerPage', defaultValue: 10 }\r
- { name: 'server.nioThreadPoolSize', defaultValue: 50 }\r
}\r
\r
-## What is Gitblit?\r
<div class="well" style="margin-left:5px;float:right;width:275px;padding: 10px 10px;">\r
<div style="text-align:center">\r
<b>Current Release ${project.releaseVersion} (${project.releaseDate})</b><br/><a href="releasenotes.html">release notes</a>\r
</div>\r
</div>\r
\r
+## What is Gitblit?\r
+\r
Gitblit is an open-source, pure Java stack for managing, viewing, and serving [Git][git] repositories. \r
It's designed primarily as a tool for small workgroups who want to host centralized repositories.\r
\r
- Groovy push hook scripts\r
- Pluggable user service mechanism\r
- LDAP authentication with optional LDAP-controlled Team memberships\r
+ - Redmine authentication\r
+ - SalesForce.com authentication\r
+ - Windows authentication\r
- Custom authentication, authorization, and user management\r
- Rich RSS feeds\r
- JSON-based RPC mechanism\r
projects / gitblit.git / commitdiff