summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorian Zschocke <f.zschocke+git@gmail.com>2022-12-18 15:32:03 +0100
committerFlorian Zschocke <f.zschocke+git@gmail.com>2023-04-03 22:52:20 +0200
commit92ace0597c4d443efeffce45dbbc8add8de90439 (patch)
tree76bb1402c1a0bb03228391ac27c49cb0939cf375
parent16404d1eb6d7d8e20b37580e740ad08378fcee68 (diff)
downloadgitblit-92ace0597c4d443efeffce45dbbc8add8de90439.tar.gz
gitblit-92ace0597c4d443efeffce45dbbc8add8de90439.zip
doc: Update release notes
-rw-r--r--releases.moxie73
1 files changed, 60 insertions, 13 deletions
diff --git a/releases.moxie b/releases.moxie
index 4e8006ff..303ee7ea 100644
--- a/releases.moxie
+++ b/releases.moxie
@@ -8,31 +8,77 @@ r34: {
note: ''
From 1.10.0 on Gitblit requires Java 8 as minimum Java version.
- Should you have disabled the Flash-based copy-to-clipboard function because it wasn't working anymore
- (web.allowFlashCopyToClipboard = false), you may want to rethink this and enable it again. The configuration
- property has the same name, but the mechanism was exchanged. Flash is gone, and a modern JavaScript solution
- is now used to copy text directly to the clipboard (via clipboard.js).
+ Should you have disabled the Flash-based copy-to-clipboard function because it wasn't working anymore (web.allowFlashCopyToClipboard = false), you may want to rethink this and enable it again. The configuration property has the same name, but the mechanism was exchanged. Flash is gone, and a modern JavaScript solution is now used to copy text directly to the clipboard (via clipboard.js).
+
+ The setting 'server.requireClientCertificates' now has three values: required, optional and none. While 'required' is synonymous to the old 'true' value, and 'optional' is synonymous to the old 'false' value, the new 'none' value results in the server never asking the client to present any client certificate at all. The old values 'true' and 'false' can still be used and keep their meaning.
+
''
html: ~
- text: ~
- security: ~
+ text: ''
+ Highlights:
+
+ * Support for ECDSA and Ed25519 SSH keys
+ * Move to Java 8
+ * Explicitly disable requesting optional client TLS certificates
+ * Copy-to-clipboard button is back and working
+
+ While old DSA SSH host keys can still be used, a new Gitblit installation will no longer
+ generate a DSA host key. The default set of host keys is now RSA, ECDSA and Ed25519.
+
+ Snapshot builds of the current master branch are now available as Docker containers on
+ Docker Hub under the "Nightly" tag.
+ ''
+ security:
+ - Fix path traversal vulnerability which allowed access to "/resources//../WEB-INF/". (CVE-2022-31268) This was fixed by updating Jetty. (issue-1409)
fixes:
- - Fix crash in Gitblit Authority when users were deleted from Gitblit but still had entries (certificates) in the Authority.
+ - Fix crash in Gitblit Authority when users were deleted from Gitblit but still had entries (certificates) in the Authority. (issue-1359, pr-1435)
+ - Fix tab-to-space conversion to work like tabs. (pr-1065 by @QuentinC)
+ - Fix user effective permission display when user is in multiple groups with different permissions. (pr-1100 by @felazuris)
+ - Fix issue in pt under Python 3. (pr-1428 by @urkle)
+ - Fix null pointer exception which could occur during debug logging. (pr-1433)
+ - Fix Bugtraq to fallback to UTF-8 if the commit encoding is unsupported.
+ - Fix errors in Bugtraq preventing display of commit completely.
+ - Fix misaligned images in primary repository URL display. (issue-1437)
+ - Fix incorrect text being copied by copy button on tickets page
changes:
- - Minimum Java required increased to Java 8.
- - Replaced the Flash-based approach to copy text to the clipboard with a modern JavaScript solution. (issue-1241)
- additions: ~
+ - Minimum Java required increased to Java 8. (pr-1218 by @paladox)
+ - Add feedback on invalid keys to SSH key form. (issue-984, pr-1239 by @martinspielmann)
+ - Replace old Flash-based Clippy copy-paste buttons to copy repository URLs and other text to the clipboard with a modern JavaScript-based approach via clipboard.js. (issue-1241, issue-965, pr-1438 by @flaix)
+ additions:
+ - Option to explicitly disable optional client TLS certificates. (issue-1137, pr-1138 by @oddeirik)
+ - Support for ECDSA and Ed25519 (EdDSA) user keys. (pr-1427, pr-1272)
+ - New ECDSA and EdDSA host key types. (issue-1354, pr-1429 by @flaix)
+ - French version of empty repository page. (by @piradix)
+ - Add support for Jenkins access token. Use setting 'groovy.jenkinsToken'. (issue-1423, pr-1425 by @TDesjardins)
dependencyChanges:
- update to JavaMail 1.5.6 (pr-1217 by @paladox)
- update to Google Guice 5.1.0
- update to Google Guava 31.1-jre
- update to Google Gson 2.10
- update to Apache commons-io 2.11.0
+ - update to Apache commons-codec 1.9
- update to Apache commons-compress 1.22
- update to libpam4j 1.11
- - added clipboard.js, replacing clippy.swf
+ - update to MINA SSHD 1.7.0
+ - update to BouncyCastle 1.69
+ - update to Jetty 9.4.49.v20220914 (pr-1213 by @paladox, plus more)
+ - update to JGit 4.11.9.201909030838-r (pr-1252 by @jvanhercke, plus more)
+ - update to Bugtraq v0.4
+ - added clipboard.js, replacing Clippy
+ settings:
+ - { name: 'server.requireClientCertificates', defaultValue: 'optional' }
contributors:
- - paladox
+ - @paladox
+ - @QuentinC
+ - @felazuris
+ - Odd Eirik Nes
+ - Edward Rudd
+ - Florian Zschocke
+ - Martin Spielmann
+ - Jan Vanhercke
+ - @xxcdd
+ - @piradix
+ - Tino Desjardins
}
#
@@ -129,7 +175,7 @@ r31: {
id: 1.9.1
date: 2020-04-05
note: ''
- When you have Gitblit installed as a service under Linux or Windows, you may need to edit your service script/definition. The command line to start Gitblit needs to be different, the classpath and class are speficied now.
+ When you have Gitblit installed as a service under Linux or Windows, you may need to edit your service script/definition. The command line to start Gitblit needs to be different, the classpath and class are specified now.
See notes for release 1.9.0.
''
@@ -366,6 +412,7 @@ r28: {
- Improve diff performance by gracefully limiting large diffs (pr-226)
- Add granular settings to disable display of git transport urls (pr-274)
- Use author date to be consistent with other tools (pr-919)
+ - Adjust URLs to point to new 'gitblit-org.github.com' organisation (issue-1441, pr-1442)
additions:
- Add GitHub Octicons (ticket-106)
- Support for chain-loading properties files (ticket-110)