| | |
|---|
| | | note: "The default access restriction has been elevated from NONE to PUSH and anonymous push access has been disabled." |
|---|
| | | html: ~ |
|---|
| | | text: ~ |
|---|
| | | security: ~ |
|---|
| | | security: |
|---|
| | | - ''issue-361: Cookies were not reset on administrative password change of a user account. |
|---|
| | | This allowed accounts with changed passwords to continue authenticating. |
|---|
| | | Cookies are now reset on password changes, they are validated on each page request, |
|---|
| | | AND they will now expire 7 days after generation. |
|---|
| | | '' |
|---|
| | | fixes: |
|---|
| | | - Fixed incorrect tagger attribution in the dashboard (issue-276) |
|---|
| | | - Fixed support for implied SSH urls in web.otherUrls (issue-311) |
|---|
| | |
|---|
| | | - Fixed NPE when attempting to add a permission without a registrant (issue-344) |
|---|
| | | - Invalidate all cached repository data on "clear cache" (issue-346) |
|---|
| | | - Fix chart failures when an apostrophe is in a user display name (issue-350, pr-128) |
|---|
| | | - Fix support url decoding with non-ascii characters (pr-136) |
|---|
| | | - Fix potential NPE on removing uncached repository from cache |
|---|
| | | - Ignore the default contents of .git/description file |
|---|
| | | - Fix error on generating activity page when there is no activity |
|---|
| | |
|---|
| | | - Reversed line links in blob view (issue-309) |
|---|
| | | - Dashboard and Activity pages now obey the web.generateActivityGraph setting (issue-310) |
|---|
| | | - Do not log passwords on failed authentication attempts (issue-316) |
|---|
| | | - Show displayname and username in palettes (issue-364) |
|---|
| | | - Updated default binary and Lucene ignore extensions |
|---|
| | | - Change the WAR baseFolder context parameter to a JNDI env-entry to improve enterprise deployments |
|---|
| | | - Removed internal Gitblit ref exclusions in the upload pack |
|---|
| | |
|---|
| | | - Added GO setting to automatically redirect all http requests to the secure https connector |
|---|
| | | - Automatically display common repository root documents as tabs on the docs page |
|---|
| | | - Support bugtraq configuration in collaboration with syntevo |
|---|
| | | - Added FishEye hook script (pr-137) |
|---|
| | | - Added Redmine Fetch hook script (issue-359) |
|---|
| | | dependencyChanges: |
|---|
| | | - updated to Jetty 8.1.13 |
|---|
| | | - updated to JGit 3.2.0 |
|---|
| | |
|---|
| | | - Alfred Schmid |
|---|
| | | - Gareth Collins |
|---|
| | | - Martijn van der Kleijn |
|---|
| | | - Berke Viktor |
|---|
| | | - Vitaly Litvak |
|---|
| | | - Matthias Cullman |
|---|
| | | } |
|---|
| | | |
|---|
| | | # |
|---|
