Notes

Release Name: 8.19

Notes:
Tuleap 8.19 (Thursday, September 15th 2016)
========================================

Enhancement
-----------------------

    * story #9281: define FRS global permissions (Refactoring : Read and Write lists will be in includable mustache)
    * story #9281: define FRS global permissions (Refactoring of package and release)
    * story #9409: define FRS permissions for packages and releases (Refactoring : add package router)
    * request #9419: It should be possible to create ldap users at XML import
    * story #9393 See svn plugin access logs
    * story #9427: Quickly switch between FRS/Scrum/Artifact release
    * story #9409: define FRS permissions for packages and releases
		- Refactoring release introduce release router
		- Have consistent selectbox for FRS package
		- Have consistent selectbox for FRS release
    * story #8610:
		- Use viewvc-theme-tuleap in CVS
		- Dont truncate error message
    * story #8597:
		- have a recent version of ViewVC (CVS, SVN core or plugin can use either viewvc or viewvc-tuleap)
		- Update version of packages tuleap-core-subversion and tuleap-core-cvs to take the dependency change into account
    * request #9455: XML import user mapping should provide an automap strategy

Development
-----------------------

    * request #9202: Make Tuleap compatible with PHP 5.6 (Remove split usage in src/www/file)
    * request #9202: Make Tuleap compatible with PHP 5.6 (Remove split usage in Git plugin)
    * request #9202: Make Tuleap compatible with PHP 5.6 (Remove split usage in Tracker plugin)
    * request #9202: Make Tuleap compatible with PHP 5.6 (Remove split usages in src/www/admin)
    * request #9202: Make Tuleap compatible with PHP 5.6 (Remove split usage in src/www/docman)
    * request #9347: Tuleap RealTime independent of Tuleap
    * request #9435: Be able to use the script docker_generate_packages.sh with a non default NPM registry
    * request #9449: Remove Gravatar usage

Bug fix
-----------------------

    * request #9406: Missing login CSRF protection
    * story #9393: SVN custom logs are not working in new installation
    * request #9414: Removing the backup cron for new installation
    * request #9407: HTTPS is not properly detected when behind a reverse proxy
    * request #9122: Don't remove deleted items if copy doesn't work
    * story #9393: SVN custom logs are not working in new installation in HTTPS
    * request #9395: A restricted user can not browse the SVN tree in SVN core if the SVN plugin is not installed
    * request #9443: Project creation via SOAP is broken
    * request #9444: FRS error at release creation when nobody is selected in the package permission list
    * request #9413: Tuleap is leaking private user information
    * request #9450: Unable to enable/disable a service
    * request #9464: User can't login from the homepage if the standard Tuleap homepage is not used
    * request #9481: Fatal error when you try to browse a SVN core or CVS repo and you do not have access
    * request #9487: Help link in the toolbar of the file release manager does not open into a new window
    * request #9479: Copied/pasted item in docman doesn't have any permissions
    * request #9478: Cannot apply permissions recursively in docman
    * request #9491: scp/ftp file list is empty on page load

Plugins
-----------------------


### agiledashboard 1.416

    * Fix request #9432: Can't import a configuration from a template file in Agile Dashboard
    * story #9427: Quickly switch between FRS/Scrum/Artifact release
    * request #9417: Missing CSRF protection in the semantic administration
    * request #9415: Impossible to unset the semantic Initial effort

### cardwall 1.67

    * request #9437: Fatal error when updating manual value of a computed field in AD card
    * request #9417: Missing CSRF protection in the semantic administration

### docman 2.26.120

    * request #9483: Docman header actions tooltip does not work on subfolder
    * request #9122: Don't remove deleted items if copy doesn't work

### frs 0.20

    * story #9427: Quickly switch between FRS/Scrum/Artifact release

### git 4.257

    * request #9460: Performance issues when querying permissions table
    * Wrapp project id into extractCrossReference method
    * request #9122: Don't remove deleted items if copy doesn't work
    * request #9397: Manually push SSH keys to a Gerrit server can be confusing if two servers use the same hostname
    * Remove split usage in Git plugin

### hudson 1.34

    * story #9322: pass additional parameters to Hudson jobs

### hudson_svn 0.17

    * story #9322: pass additional parameters to Hudson jobs

### ldap 3.109

    * request #9445: Too many reminders sent to admins about users to be deleted
    * request #9419 It should be possible to create ldap users at XML import
    * request #9406: Missing login CSRF protection

### mediawiki 0.124

    * request #9406: Missing logout CSRF protection

### openidconnectclient 0.26

    * request #9403: User info endpoint should not be mandatory
    * request #9408: Prevent mix-up attacks with OpenID Connect

### pluginsadministration 1.20

    * request #9406: Missing logout CSRF protection

### statistics 0.64

    * request #9407: HTTPS is not properly detected when behind a reverse proxy

### svn 0.93

    * request #9484: On SVN plugin the URL to come back on a repository doesn't work
    * request #9482: Cross references are not displayed when using EPEL's ViewVC in SVN plugin
    * story #8610: Dont truncate error message
    * Use viewvc-theme-tuleap in core SVN
    * Use viewvc-theme-tuleap
    * docker run -v /home/mgarnier/tuleap:/tuleap enalean/tuleap-generate-changelog
    * Wrapp project id into extractCrossReference method
    * Add SVN multi repo to the service usage statistics
    * Add SVN multi repo to the SCM usage statistics
    * story #9393: Display data in project access log
    * story #9393: Store ViewVC access
    * db_stats_svn_plugin_history.pl script stores data in database
    * Create db_stats_svn_plugin_history.pl script
    * request #9122: Don't remove deleted items if copy doesn't work
    * request #9416 SVN import doesn't properly take into account empty ugroups

### tracker 5.1002

    * request #9467: Fatal error when connecting to soap tracker client
    * request #9452: CSRF check error when trying to restore a tracker
    * request #9437: Fatal error when updating manual value of a computed field in AD card
    * request #9440: Enhance Tracker restoration page
    * request #9428 Artifact link with nature are not well exported at CSV export
    * request #9431: Remove sys_strip_outlook
    * story #9427: Quickly switch between FRS/Scrum/Artifact release
    * request #9417: Missing CSRF protection in the semantic administration
    * request #9415: Impossible to unset the semantic Initial effort
    * request #9420: Openlist field can have an erroneous value when an artifact is created
    * request #9331: Copy artifact - warning when permission on field is used
    * request #9407: HTTPS is not properly detected when behind a reverse proxy
    * Remove split usage in Tracker plugin

### userlog 1.10

    * request #9406: Missing logout CSRF protection

### webdav 1.9.20

    * request #9485: Webdav is broken due to a fatal error
    * request #9407: HTTPS is not properly detected when behind a reverse proxy

Themes
-----------------------

    * FlamingParrot: 1.151

Api
-----------------------

    * REST API: 1.17
Changes:

References

List of items referenced by or referencing this item.