Path: csiph.com!usenet.pasdenom.info!news.redatomik.org!newsfeed.xs4all.nl!newsfeed1a.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-announce-list@python.org Delivered-To: python-announce-list@mail.python.org X-Spam-Status: OK 0.000 X-Spam-Evidence: '*H*': 1.00; '*S*': 0.00; 'parameters': 0.04; 'encoding': 0.05; 'handler': 0.05; 'output': 0.05; 'automate': 0.07; 'binary': 0.07; 'cache': 0.07; 'column': 0.07; 'context': 0.07; 'diff': 0.07; 'error:': 0.07; 'extent': 0.07; 'fixes': 0.07; 'indices': 0.07; 'json': 0.07; 'rename': 0.07; 'revision': 0.07; 'strict': 0.07; 'string': 0.09; '0.1': 0.09; 'append': 0.09; 'buttons': 0.09; 'changeset:': 0.09; 'cleanup': 0.09; 'consistency': 0.09; 'email addr:example.com': 0.09; 'escape': 0.09; 'executed': 0.09; 'git': 0.09; 'jquery,': 0.09; 'locale': 0.09; 'mercurial': 0.09; 'parameter': 0.09; 'prefix': 0.09; 'setup.py': 0.09; 'skip:/ 10': 0.09; 'spaces': 0.09; 'structure,': 0.09; 'trailing': 0.09; 'translations': 0.09; 'warn': 0.09; 'python': 0.11; 'bug': 0.12; 'translation': 0.12; 'changes': 0.15; "'my": 0.16; '(issue': 0.16; '0.2': 0.16; '255': 0.16; 'add,': 0.16; 'add/remove': 0.16; 'admin:': 0.16; 'backward': 0.16; 'bin:': 0.16; 'boolean': 0.16; 'cleaned': 0.16; 'clone': 0.16; 'comma': 0.16; 'deletion': 0.16; 'fallback': 0.16; 'files:': 0.16; 'from:addr:andrew': 0.16; 'hashes': 0.16; 'json:': 0.16; 'limit,': 0.16; 'lowercase': 0.16; 'merged': 0.16; 'middleware': 0.16; 'pane': 0.16; 'paster': 0.16; 'patches': 0.16; 'preserve': 0.16; 'python-based': 0.16; 'readable': 0.16; 'renamed': 0.16; 'robust.': 0.16; 'slash': 0.16; 'spurious': 0.16; 'ssh': 0.16; 'templates:': 0.16; 'to:addr:python-announce-list': 0.16; 'tweak': 0.16; 'typo': 0.16; 'typos': 0.16; 'unexpected': 0.16; 'uppercase': 0.16; 'yui,': 0.16; 'comment:': 0.16; 'prevent': 0.16; 'ignore': 0.16; 'language': 0.16; 'fix': 0.17; 'module': 0.19; 'trying': 0.19; 'commit': 0.19; 'split': 0.19; 'command': 0.22; 'settings': 0.22; 'import': 0.22; 'admin': 0.22; 'coding': 0.22; 'hack': 0.22; 'previously': 0.22; 'separate': 0.22; 'install': 0.23; 'creating': 0.23; 'load': 0.23; 'error': 0.23; 'byte': 0.24; 'delta': 0.24; 'unicode': 0.24; 'visible': 0.24; 'cheers,': 0.24; 'source': 0.25; 'compare': 0.26; 'handling': 0.26; 'pending': 0.26; 'query': 0.26; 'recognized': 0.26; 'shown': 0.26; 'second': 0.26; 'code:': 0.26; 'values': 0.27; 'installed': 0.27; 'hosting': 0.29; 'correct': 0.29; 'below.': 0.71; 'influence': 0.74; 'introduce': 0.78; '100': 0.79; 'discovered': 0.83; '4.7': 0.84; 'activated': 0.84; 'ages': 0.84; 'bare': 0.84; 'bitmap': 0.84; 'compare:': 0.84; 'crowd': 0.84; 'descendants': 0.84; 'groups:': 0.84; 'hub': 0.84; 'iis': 0.84; 'improvement': 0.84; 'notably,': 0.84; 'rev': 0.84; 'silently': 0.84; 'stability': 0.84; 'text/plain': 0.84; 'browsing': 0.91; 'lazy': 0.91 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=shadura.me; s=a; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date; bh=sAjxTec35AR6a6aXdqUrDrTjii5+MqUKYzZThcHRdWI=; b=ubnN9pnbwhXHPIc4Ba5iUo6AIy3CMXkp34uSSpN6gqS0sRq0xwzVRjFHwTei6OvM1a+aB/0iATvyENJOxUgwIX+8MCoSTECHVrS5geoHbQYvKpTr6LuISBDCg1gdE/pB48iBjaKBdwlU9gf9BqJj0rYebbmvGCS+4B0dgGQ11rY=; Date: Fri, 10 Apr 2015 19:32:48 +0200 From: Andrew Shadura To: python-announce-list@python.org Subject: Kallithea 0.2 X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.25; i586-pc-linux-gnu) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; boundary="Sig_/yp_YB+eDNPmynvb+bwIAtpR"; protocol="application/pgp-signature" X-Mailman-Approved-At: Fri, 10 Apr 2015 21:18:54 +0200 X-BeenThere: python-announce-list@python.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Announcement-only list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Approved: python-announce-list@python.org Newsgroups: comp.lang.python.announce Message-ID: Lines: 247 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1428693535 news.xs4all.nl 2836 [2001:888:2000:d::a6]:38953 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python.announce:1663 --Sig_/yp_YB+eDNPmynvb+bwIAtpR Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Kallithea 0.2 has been released. Kallithea is a Python-based GPLv3 source code management software for web-based hosting of Mercurial and Git repositories. This release brings many changes since 0.1. Notably, pull requests system have been improved, making contributing changes more robust. The visual appearance has also been refined: modern font-based symbolic icons from FontAwesome and GitHub Octicons have replaced the previously used bitmap icons, and revision graphs are now drawn with HiDPI display support. Kallithea now supports Mercurial 3.3 and Dulwich 0.9.9. Several fixes in the database code boosted performance significantly. We have also updated our Javascript libraries: jQuery, CodeMirror and Merge= ly. Javascript and CSS code have been cleaned up, with less and less code depen= ding on Yahoo UI library. Since 0.1 we have discovered two security issues, so all users are strongly recommended to upgrade. For more details on these issues, please see our Security Notices page: https://kallithea-scm.org/security/ For more information, see https://kallithea-scm.org/ or=20 http://docs.kallithea-scm.org/ virtualenv --no-site-packages dist/v . dist/v/bin/activate pip install kallithea paster make-config Kallithea my.ini python setup.py compile_catalog # for translation of the UI paster setup-db my.ini --user=3Duser --email=3Duser@example.com \ --password=3Dpassword --repos=3D/tmp paster serve my.ini & firefox http://127.0.0.1:5000/ The summary of the changes since 0.1 release is below. Bug fixes: forms: add CSRF protection to all forms - CVE-2015-0276 api: don't send internal data unless asked for it - CVE-2015-0260 middleware: fix force_tls typo in force_https backward compatibility code (= Issue #44) rebranddb: update user extern_type and _name to 'internal' instead of 'kall= ithea' (Issue #38) git: do not fail if git is not installed and has been removed from __init__= .py BACKENDS git: fix "'name' must be bytestring, not unicode" error on browsing changes= ets git: close SubprocessIOChunker inputstream used for git (Issue #32) git: introduce hack for handling git failure on --depth cloning (Issue #33) git: fix version detection with unexpected version string (Issue #71) git: preserve line endings when calling out to git hg: fix clone from svn+http urls using hg-svn (Issue #72) migrate: add missing import (Issue #29) pullrequests: handle pull requests to empty repos (Issue #27) pullrequests: when creating PRs, fix handling of new ajax requests while ot= her ajax requests are pending pullrequests: fix updates for PRs between different repositories pullrequests: preserve query parameters in pull request overview paging lin= ks compare: workaround unexpected Mercurial behaviour when finding ancestor of= null rev javascript: remove trailing comma to please IE8 (Issue #39) download: fix for zip file downloads not being valid zips (Issue #35) helpers: fix crash on new users without email (Issue #28) middleware: change middleware ordering so we don't buffer hgweb output in r= edirect bin: give kallithea_config.py #!/usr/bin/env python so it can be executed d= irectly bin: reintroduce cleanup-repos paster command bin: fix update_repoinfo command urlify: don't include trailing punctuation in markup urlify: markup of hashes in () styling: don't loop on trying to load kallithea-logo.png after kallithea-lo= go.svg failed error: don't crash on /error/document urls error: don't crash on response without status admin: prevent deletion of users that are owners of a repository/user group= (Issue #64) admin: make settings hook name field smaller so it is less likely to overla= p with the value field admin: when scanning for repos to add, ignore removed groups auth_crowd: fix Admin Group Membership when using the Atlassian Crowd plugin auth: enable selecting PAM authentication module auth_ldap: fix user automatically activated with LDAP authentication (Issue= #78) db: fix beaker cache key for user groups - don't collide with users db: fix handling of (invalid) unicode email addresses db: don't use sql 'in' on empty sets in compare - avoid warning of bad perf= ormance db: to the extent it makes sense to have a one byte size limit, make it 255= instead of 256 to please MySQL (Issue #96) files: use current revision as default for 'show at' (Issue #31) files: fix HTML injection via file names files: use forward slash as path separator for consistency files: don't use HTML encoding where not needed (closes: #74). feed: urlify and escape the commit description diff: fix diff of renamed files with whitespace in their names diff: don't split lines on bare CR as python splitlines do mergely: update Mergely to v3.3.9 (Issue #83) jquery: upgrade to 1.11.1 codemirror: cleanup of integration and update to version 4.7 setup: constrain dulwich to version 0.9.9, fixes CVE-2015-0838 gists: add missing formencode.htmlfill import ini: Make celeryd.log.level default values uppercase - lowercase might not = be recognized and cause failure notification: handle unicode translations (Issue #95) repos: fix redirect after repo creation (and user/group add focus) (Issue #= 98) changeset: don't crash on malformed whitespace parameter - return 400 Bad R= equest stats: fix display when no data ready yet stats: fix "show more" link Features and improvements: ui: use font based icons - FontAwesome and Git Hub Octicons from fontello ui: HiDPI / Retina support in graphs and other places paster: add install-iis command to automate IIS handler generation and upda= te documentation email templates: send text/plain part as well docs: lots of improvements of structure and content and language translations: updated using WebLate admin: show links to added repos after repo scan admin: show links to created users and groups admin: when scanning for repos without 'remove', report the repos that coul= d/would be removed setup: support Mercurial 3.3 db: drop most lazy joins - significant performance improvement db: add missing indices - significant performance improvement db: don't commit session if cache invalidation didn't change anything - imp= roves performance comment: show full username in emails for PR/changeset comments changelog: added Settings to repo context menu utils: better display of ages >1 year when in short form remotes: add support to clone from Mercurial repositories over ssh hg: reimplement branch head listings more efficiently pullrequests: use same code and table ui for Repo Pull Requests and My Pull= Requests pullrequests: add delete button to My Pull Requests overview pullrequests: on 'my pullrequests' show the user's own vote as second colum= n next to 'latest vote' pullrequests: add option for adding repo owner as reviewer if none assigned pullrequests: make top pane one big form with meta data and one save button= and preview changes in pane below - more like when creating the PR pullrequests: make 'update' functionality a separate submit button in the b= ig form, automatically enabled when an update changeset is chosen pullrequests: show graph next to the list of changesets that are available = for update pullrequests: for available changesets, also show changesets that not are d= escendants and thus not directly available but will be merged in pullrequests: show unrelated branch heads in the graph too - show the probl= em instead of trying to explain it pullrequests: show pending reviewer changes with "(not saved)" pullrequests: show comment count in top of summary box diff: improved parsing, be more strict and fail with good error messages diff: handle GIT delta binary patches diff: show renamed files as that diff: make trailing spaces more visible - make vertical line less transpare= nt diff: show CR (\r) in diffs comment: warn before leaving page with open comments comment: clarify shown comment count (inline vs general) comment: extend next/previous links to global comments (issue #91) Changes (might influence workflows): i18n: en translation has been removed - make sure to update your .ini files= to have 'lang =3D' (nothing) ini: turn show_revision_number off by default pullrequests: don't give changeset 'unreviewed' status just because it is a= dded to a PR pullrequests: tweak readable titles - just append /_/ and branch name pullrequests: only author and admin can close pullrequests: don't add repo owner as reviewer in all PRs pullrequests: PRs between different repos should default to same destinatio= n/source branch pullrequests: use '-- ' as separator in the automatic text when "updating" = pull requests and is it to put latest updates first diff: don't group diffs based on the kind of change admin: set current user as owner when running repo scan changelog: change default view to 100 changesets, max to 2000 date representation: use ISO8601 rather than a specific locale user groups: drop add/remove all buttons for member selection - they are to= o dangerous and multi-select can do the same hg: drop support for hg web.hidden template: link the last revision in the file browser to the changeset Cleanup: code: Fix typos and language in comments and code ui: Correct capitalization and improved English text in the UI javascript: use strict mode tags: rename old non-Kallithea tags and prefix them with 0.0 to show that K= allithea is superior javascript: more jQuery, less YUI, less clutter templates: better structure, less cut'n'paste coding html: various improvements css: various improvements exceptions: avoid silently catching exceptions - especially avoid catch all tests: stability fixes tests: remove large unused test fixture whitespacecleanup.sh: run it regularly to ensure consistent whitespace and = avoid spurious changes controllers: consistently use formfill.render with force_defaults=3DFalse gists: use allow_extra_fields and filter_extra_fields in gist forms like in= most other forms json: always use kallithea.lib.compat for json - and nothing else json: drop simplejson fallback and just use stdlib db: check for None instead of boolean false if that is what we mean --=20 Cheers, Andrew --Sig_/yp_YB+eDNPmynvb+bwIAtpR Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJVKAlAAAoJEG6k0jEaLSaNBHYP/00CXSnAuBhzrnBp0Xo0YbAS DCHYmsytIrZJpi16xRGJ5sBB5JnhAt1KeWXJuzKjfQbqEDHxo6T3JiqB25CYnBlg DduZ+S86sxGs3HC6gFVRmhrWhedbx7R/mv1e+ZRmjC9dOG6IPZ5gfmGVxmk2LcTf UCDOb2H+GZHOfRjz7zI0Mo7Q/t9qm0O1oa0+hazWq9PK+TkMj3ecYaOqWdVhmfRH QoOqZ505xzPqDzRupP8qPeXRvUYWsEwCmBoR6AaEUnRLswDa9awkf+tRVbH3kWyT GcqOiAKiI3EdEPCibjKTDB2lOaV/lPix3vA05PEkbbZL32OM+ab+bc2MtwCyr67g 8Ja2wvYXVteXkZq4pMwcJSZWCh+vWfvGJ/Iy5mVBkHx3YveEepXjqysTl8hOFnbB ppXUgt4xjzb1kWSmdt1tZnOG+6rUnd4DoBgIdSHitrpMe2MOcmeE1T8Rh6PIqyvf rxZhHHqQoGTCqdueMe3V9VmqHYpiyat052jrHxYgGu36v1gkgANh6gsbvPSZBZKu wgdjV0JOgaVJvRCzy8eN5PgInRcJaDRBlvSyt5IufM07BY0dSXhZHNcbZkYmiKLy 4NbxHwoDUtbagfGvduz+rOHh2R1V/QNH8oTcIlZcvgujWTgeZWYFRk6A2LCfDwJL 1L6oSW3GN+iOjhcFQHxP =nNRV -----END PGP SIGNATURE----- --Sig_/yp_YB+eDNPmynvb+bwIAtpR--