Release Name: 7.11Notes: Tuleap 7.11 (Wednesday, March 4th 2015) ======================================== Feature ----------------------- * Parts of story #7495: set permissions on artifact priority change * story #7854 Add new extensions into Mediawiki * Parts of story #7579 move cards in my cardwall Feature Request ----------------------- * request #7711: Add csv export in site admin user list interface (Contrib STMicroelectronics) Security ----------------------- * request #7831: Fix SQL injection in trove cat listing * request #7818: Fix SQL injection in trove cat * request #7819: Fix persistent XSS in trove categories * request #7849: Fix XSS in development mode * request #7847: Fix persistent XSS in project sidebar * request #7806: Avoid HTTP Response Splitting and uncontroled redirection in FRS * request #7872: Escape all SQL queries parameters in survey service * request #7887: Properly escape SQL queries in cross reference * request #7889: Fix persistent XSS in cross reference * request #7895: Fix SQL injection in the most active projects page Plugins ----------------------- ### agiledashboard 1.168 * Kanban Glossification - Transform table layout to div layout - Width of columns is evenly distributed (even if user resize the browser or collapse/expand columns) - Height/Width of the board are 100% - When user scroll cards, they go under the column header - spinners are replaced by animation on big numbers - Fat combined is no more included in kanban view - Cards color This is part of story #7579 move cards in my cardwall * story #7579: Cards can be moved to any columns * story #7579: Save order when card is moved to backlog * story #7579: Display error message when rest fails * story #7579: Remove open/closed meaningless numbers in header * story #7579: Move card from other colmuns in backlog * story #7495 - permissions on static groups are not kept during duplication * story #7579 - Deal with global rank in archive * story #7579 - Deal with priority change * story #7495 - Tell the user why he can't drag'n'drop items * story #7495: Manage the perm in REST routes * story #7495 - Manage the perm in the planning v1 * story #7495: Prevent adding element in the backlog in planning v2 if user hasn't the perm to prioritize items * story #7495: Manage the perm in the planning v2 * story #7579: On load, display cards in archive * story #7579: On load, display cards not in backlog * story #7579: Drag 'n drop cards on Kanban (ui only) * story #7495 - I can't reorder items in the content if I don't have the permission to do it * story #7495 - Define a priority change permission on a planning (perms not taken into account) ### docman 2.26.66 * request #7864: reindexing project services on ugroup changes ### fulltextsearch 0.126 * Revert fix request #7862: Old phppwiki search method no longer available * request #7864: only reindex project services once * request #7864: reindexing project services on ugroup changes * request #7816: not trying to index files above a certain size in elastic search * Fix request #7862: Old phppwiki search method no longer available ### git 4.13 * Refactor general settings to ease modifications * Have more git logs in debug mode ### graphontrackers 1.13 * request #7828: Fix XSS in graph on tracker v3 plugin ### mediawiki 0.62 * story #7745: Mediawiki new plugins * http://www.mediawiki.org/wiki/Extension:Labeled_Section_Transclusion * http://www.mediawiki.org/wiki/Categorytree * http://www.mediawiki.org/wiki/Extension:Cite * http://www.mediawiki.org/wiki/Extension:ImageMap * http://www.mediawiki.org/wiki/Extension:InputBox * http://www.mediawiki.org/wiki/UNC_links ### tracker 5.582 * Deal with XML for POST Artifacts For now, it only works (in XML) when we add in the XML structure 2 or moar fields This task is part of story #7702 use XML for REST api * request #7894: Fixing potential blank page on report save * story #7702 use XML for REST api (Add Restler type in ArtifactReprensetation) * story #7579: Move card from other colmuns in backlog * request #7864: reindexing project services on ugroup changes * request #7640: on-screen notification for tracker admins when all the reports are set to Private * story #7776: see diff for string without having to click on 'Show diff button' * story #7495 - permissions on static groups are not kept during duplication * story #7579 - Deal with priority change * story #7495 - Manage the perm in the planning v1 * request #7876 - Javascript error when not on tracker page * story #7579: On load, display cards not in backlog * request #7865: PHP fatal error when modifying a report * Fix request #7855: Issue with 'Select artifacts to link' on the artifact Edit page ### webdav 1.9.8 * story #7821: Windows 7 webdav FRS file creation * Empty files can be created * Files can be updated * Files can be drag'n'droped from filesystem to webdav * You can't create files with name containing special chars (parenthesis are not allowed) Bug Fix ----------------------- * request #7846: allowing a system to always handle CVS commits as coming from windows or utf8 * request #7879: Add a whitelist for the Content-Security-Policy directive script-src * request #7758: php error when registering new user * request #7841: Pagination headers cannot be read in CORS request * request #7839: A project admin can't remove his rights if he is the only project admin * request #7855: Issue with 'Select artifacts to link' on the artifact Edit page * request #7862: Old phppwiki search method no longer available * request #7826: Improve error detection of FRS file moving * request #7860: Redirection link when you are not authenticated only redirects to service * request #7297: allowing a restricted user to see their own avatar * request #7809: force into utf8 tv3 export of artifact history * request #7877: Use a valid value for the Content Security Policy directive reflected-xss * request #7811: Filenames with ' are now correctly processed in FRS Development ----------------------- * story #7495: be able to get ugroups of a project for a given permission * Have more git logs in debug mode * Bump copyright * Integrate REST api in version checker Themes ----------------------- * FlamingParrot: 1.66 Api ----------------------- * REST API: 1.6 References List of items referenced by or referencing this item. Artifact Tracker v5
|