[v0.71 -> v0.72] Catalin(ux) M. BOIE (49): Added rg_git_repo_is_empty function plus func test SELinux: allow httpd_t to map rocketgit_exec_t files vm: get rid of i386 (we move to x86_64) nginx: remove text/html because it is always added to gzip_types Added Phabricator to comparison Corrected stupid space char inside cache key Because of docker, we are now using HTTP_HOST insead of SERVER_NAME Docker updates Texts updates + cosmetic Some git tweaks to deal with empty repositories Do not try to access a repo if is deleted ldap: if we have no server, it is useless to continue processing Added statistics for the installation Mostly cosmetic nginx sample update Remove PayPal donation because of legal uncertainly Insist on respecting the privacy Cosmetic More statistics changes (load, cpu, mem) docker: push also the latest label Invalidate slave table cache when updating the db structure, else new slaves will not be created Added LDAP/qrencode to features/thanks pages CSS small correction Merge branch 'mr-2' Added Business model to comparison nginx configuration update .spec: require tidy for building the tests worker improvements Added a TODO for worker worker: change git clone parameters because we could not clone totp: Allow also years for 'val' command builder: show queue in the web page Samples update (switch to systemd services for builder and worker) Worker and builder big changes Improved a little bit the mail reporting for admin Lots of tests updates More tests updates Lots of changes all over the place Added functional test for HTTP 304 code Lots of things, mostly worker fixes Lots of small fixes and functional tests Lots of changes Small stuff Avoid complains from install for systemd daemon-reload Added sample configuration for workers Switch to Podman (because of Fedora 32) and fix the worker service in the spec file .spec updates We need to prepare the partition tables before some inserts Reverse test messed the creation of partition tables; more debugging [v0.70 -> v0.71] Catalin(ux) M. BOIE (104): build_jobs: Columns with no defaults must be specified rg_authorize must be run as rocketgit user - fix permissions to 0755 hints: ssh: make more clear that ssh must be restarted wh: builder: we need repo info for clone_url_ssh info struct: add itime for commit_labels css: make border more visible Use a more efficient way to log multi line strings Remove rg_log_buf stuff because of performance issues Be less verbose in rg_rights_test If git_log_simple returns error, just return error Some free_result and unlock only if successfully locked Fix state bug which triggered a not needed update of the structure Lots of changes, but mostly LDAP support Latest git breaks anonymous push - fix it by using 'guest' user instead of the empty one Improved a little bit the way the tests are run Added debug for rg_cache_merge function We must set oversize_diff, even if also_patch is false Small fix for typos in test runner Fixed edit_no_check's pass field usage Newer git, by providing an empty user, will not sent the user. This is bad, switch to using 'guest' user CURLOPT_SSLCERT must not be provided in newer versions of curl lock cache must not store 'ok' field Default uid_attr for ldap is now 'uid' Added timeout for ldap bind/search operations Show disk size in users list totp: remove expired entries totp: urlencode must be used when building the url for 2fa Store the timestamp of the deletion for a repo, not 1 tests: added helper for totp enrollment Cosmetic changes docker updates samples updated Cosmetic changes for the theme Allow login token to be appended to the password ldap changes Corrected wrong help for ssh 2fa SELinux updates Show rg_log_sid into the user output to help identifying the logs Destroy confirmation link after use History updates Added TLS1.3 to the list of protocols for nginx AUTHORS file update Add rg_log_sid value to all push methods, to be able to identify the log from the user reports Did some debug changes for git TODO changes rg_git_from_to: if to is empty, ignore it. rg_exec - do not return if the program closes stderr If rg_dir_load returns false, propagate the error tests: cosmetic stuff Added git_log1_strange.php to generate strange filenames Changed CIF Limit the desciption of the project to 100 chars to be able to pack more repos per page Do not allow a repo to start with minus; strlen -> mb_strlen Do not allow a user name to start with minus; strlen -> mb_strlen Fix an XSS in repo description Do not allow : char in repo name Do not allow : char in user name selinux: added map (for packs) totp: remove a double DELETE sql query and invalidate cache after we remove the data from db rg_change_pass missed a log file name git: fixes display of filenames which are not UTF-8 valid Disable GC when serving requests from web/fetch/push; we will do it from cron Fixed rg_git_merge because it was broken cache: functional test for timeout fixes: ignore some errors Some more error testing for http_confirm test typo git_log2listing big changes Compute repo disk size only for not deleted repos /run/rocketgit-fpm/ -> /run to not create the dir totp: urlencode parameters when calling qrencode Activating gzip compression in nginx sample file Be more explicit and specify exactly the ssh command instead of 'ssh ... totp' Big rework for rg_exec/rg_exec2 History update TODO update Comparison updates css updates Compariso script updates Rework rg_git_merge because it failed Cosmetic selinux: rg_change_pass updates Update version to 0.71 .spec update selinux: we need also map for httpd_t -> rocketgit_usr_t Cosmetic Adapt spec file to Fedora 31 pool sample: removed comments Removed comments from php-fpm.conf SELinux: php tries to map the config file Small changes in several places We need also php-json for API SELinux: more rights added css: gravatar is displayed as block to get rid of below extra space git(rocketgit_t) needs to map rocketgit_var_t files html: specify logo size to avoid re-render comparison: updated pagespeed and other changes css: small updates download page updates README updates White space corrections Always set rg[hostname] - used also for ssh connections for TOTP More rg_exec2 fixes TODO updates, user_min/max defaults changed [v0.69 -> v0.70] Catalin(ux) M. BOIE (24): rpm: Forgot to create nginx conf.d folder If we get an error when checking the db version, just exit, do not try to do updates. Add texts about the under age and about what laws you have to respect tests: fixed wh_http - time race closed Added a make target to compute the number of lines compare: added number of lines Improve host name auto-detection problems to work in VM env Activate the caching also for HTTP/2.0 Anonymize also admin init parameters More debugging added to webhooks duilder: add also samples directory TODO: some updates ssh_host and git_host must not depend on http host Do not use http_host anymore tests: deal with the case when ControlMaster is not 'no' Small corrections rg_exec: when stdout closes, we should not try to get input anymore from the external program Added nginx next to apache Bump version to 0.70 duilder: add 'samples' dir to the docs state_get: Return empty if the state table does not exists Minor corrections rg_template_eval_cond: now supports more operations Show the suggestion to use https correctly [v0.68 -> v0.69] Catalin(ux) M. BOIE (22): Use the database only after we setup the connection Improved apache sample configuration Docker improvements and 'make docker' to easy testing Add a random id to all requests to be able to identify them in the logs Manually free memory to improve performance Disabled repo 'Stats' menu because of performance issues Docker fixes Improved the installation documentation (add added nginx) compare: added 'LDAP groups' item and 'Product distribution/evaluation' category nginx preparations in .spec file and remove hard dependency on a web server Fixed the commit show page (showing multiple commits) Fixes for base_url: did not work for docker (bad switch to https) Small fixes to the 'download' section documentation css: when diff is too big, show it inline not as a ugly block web: the jump to a file did not work because of a wrong anchor css: added warning_text class tests: added a test with 500 10k commits Small text changes Apache sample config fixes tests: switch to nginx; small fixes for the 'log' test TODO updates Bumped version to 0.69 [v0.67 -> v0.68] Catalin(ux) M. BOIE (30): Added a 'push' target in Makefile to not forget to push tags... When an un-auth user is visiting a user page with no repo, do not invite to create a repo Allow .well-known folder access Fixed the crash with big diffs by setting a limit Fixed a lot of tests which used time() for different fields and sometime lost the time race Silent curl in API functional test Add possibility for admin to limit the git log --patch limit Cosmetic changes Do not recursively set the rights - not needed Some big fixes for push over http Added a 'Thanks' section Added a functional test for http.postBuffer problem Forgot to add diff_too_big file Do not allow anyone to activate the debug (rg_debug). Get rid of strage rewriting in we server config Improved error reporting when php-fpm receives chunked encoding Added sample nginx config file Added samples config files in the doc folder Send errors on sterr instead of stdout for ssh commands Use rg_exec in tests to polute the output Do not generate an internal error if the user has no e-mail Big change allowing http and https to work in parallel Improved http tests by using persistent connections Small texts fixes Declare state as loaded only if I can really save it in cache Use base_url function instead of the obsolete web_url variable Prepare env to use base_url TODO updates Small debug of schema_ver Bump version to 0.68 [v0.66 -> v0.67] Catalin(ux) M. BOIE (20): SELinux: Allow php-fpm to create log files Admin init form: pass next to user to be able to be cached by browsers Do not report security violations generated by the functional tests Functional tests improvements Some improvements for comparison Small changes regarding more debugging in several places Docker improvements Do not create a namespace anymore if the user has the rights to push Do not use UA when building anti-CSRF token. Think about plugins which change the UA at every request Do the right thing (no error) when an empty tree is present Trim the hints for cloning the tree comparison: add red/green for css/js sizes and for pagespeed Link to anon push doc tests: ignore some dirs Removed a not used variable I cannot be sure if the data is stored only in Germany. And we do backups in Romania. Impoved debug for cache Improve state handling: do not check for an old value; verify if table exists before doing a select Cosmetic Bump version to 0.67 [v0.65 -> v0.66] Catalin(ux) M. BOIE (25): Corrected a ORDER before WHERE affecting the listing of the users in admin section Comparison updated based on Stig's help! Thanks! Added more info to comparison and added baloons (Stig suggestion) Switch to quotes to be able to use commas; small corrections Some clients, for exampple JGit sends the request gzipped. Deal with it. Thanks Gabi for the report! Change caps for some error message; no code changes. Improved testing; add a fetch over git for a private repo SELinux policy; php-fpm pids, logs and sockets TODO changes Trademark signs for Git and add a reference to SFC Set language to 'en' for htmln tag Disable fetch by git protocol of private repos! Do not show big files. Return error if a mr cannot be found Disable TRACE command in Apache sample conf TODO add/delete Do not test doit != 1 because it can be a bigger number (thanks w3af!) Added a custom csv line parsing (partial) for when the program will be re-written in C Cosmetic changes for comparison Minor change on how do we call fgetcsv Bump version to 0.66 If nothing found in a folder, xargs will fail No need anymore for usr/lib tests: now we keep the state Allow anonymous push when using git:// or ssh:// [v0.64 -> v0.65] Catalin(ux) M. BOIE (21): Use getmyuid instead of posix_getuid to not depend on another extention No need for AllowOverride All If session expires and the user presses logout, do not give errors Added Gogs.io into comparison and added more criteria Raise the limits for the queries to 50 Put passwords next to username to allow browser to cache username and not e-mail Improved the functional tests events.php missed apikeys include Typos, some additions for hints, TODO Big Amazon fixes Corrected the api key mail Improved TLS cyphers list for better security Allow users to delete their account If user is suspended or deleted, show an error Fixed push by HTTP; fixing some tests Use IdentitiesOnly when setup SSH config for RocketGit TODO updates Make more clear the text about Enterprise Edition Added credits for TLS setup about perfect forward secrecy Updates SELinux policy file Bump version to v0.65 [v0.63 -> v0.64] Catalin(ux) M. BOIE (4): Do not set ServerName if it unknown; else will not match Bump version to 0.64 Some rewording in Donate page CSS adjustments [v0.62 -> v0.63] Catalin(ux) M. BOIE (29): No need to login to find out the ip address Small changes at vm docs Instruct login user to create a repo if she/he has none. Add 'SSLCipherSuite PROFILE=SYSTEM' to the SSL configuration ssl_request_log -> rocketgit-ssl_request_log Post configuration must include also web conf file Footer: reverse last two columns Make it the default: word-wrap: break-word Small correction in wording agains CLA Be sure a key is present or use a default one (api) Added git hosting solution comparison page Added CORS headers so API will work Restart rocketgit-fpm service if needed Added possibility to use AuthorizedKeysCommand for performance reasons TODO update and typo corrections. More SSH fixes: allow admin to limit what key types are allowed and the max number of keys. Functional test for Admin -> Settings -> SSH Added tutorial for OpenSSH key settings; also template improvements More tweaking to compare.csv Add a link to the comparison on the front page TODO changes Disable weak keys if admin says so. Changed "FLOS" to "free (as in speech)" to reflect the reality. Added GNU Ethical Repository Criteria Evaluations results in compare.csv Update comparison Do not show "My repositories" and "Suggestion" menus if admin TODO updates Bump version to 0.63 The build process nedds php [v0.61 -> v0.62] Catalin(ux) M. BOIE (4): Add ServerName and ServerAlias also for TLS virtual host Allow php-fpm to use lock files and to regenerate authorized_keys file TODO updates Bump version to 0.62 [v0.60 -> v0.61] Catalin(ux) M. BOIE (9): Prefer https over ssh Compute the md5 key only when needed fpm: raise the memory limit to 128M from 32M because some initial commits may be very big Now, any script can update the structure and apply the fixes Docker fixes Allow the use of multiple workers Small adjustments to unit/functional tests TODO updates Bump version to 0.61 root (1): Pass all parameters to worker.php to be able to choose a different configuration [v0.58 -> v0.60] Catalin(ux) M. BOIE (3): SELinux: more fixes to start rocketgit-fpm without AVC errors We cannot store directly in /var/lib/rocketgit because is owned by root Bump version to 0.60 [v0.57 -> v0.58] Catalin(ux) M. BOIE (8): Renamed systemd.service to rocketgit-fpm.service Do not show the query in the error message in plan.inc.php Corrected typos and made clear some comments/hints worker fixes for when admin edits workers SELinux: no need for rocketgit-log folder; allow httpd server to write log files Rewrap of text Adjust goal and talk about CLA Bump version to 0.58 [v0.56 -> v0.57] Catalin(ux) M. BOIE (13): When ssh host nmae is autodetected, it must not also use the http port Autodetect admin e-mail based on host name duilder fixes (USR was not defined) Author file update Lots of fixes for html/css to adapt to any device git remote change was replaced with git remote set-url Typo Invalid repo path used fix a unit test In features, add something about Affero Bump version to 0.57 Fix duilder: forgot to replace @USR@ .spec file fixes: use %{_unitdir} instead of @USR@/lib and systemd dependency [v0.55 -> v0.56] Catalin(ux) M. BOIE (31): Remove summary from tables because violates HTML5 specs. :( When using rg_json_encode, no quotes needed. Do not clobber the cron file Fixed small bug preventing e-mail to show in report Doc: restore context for rc.local Document docker on Download web section SELinux improvements to support the builder Small improvements to builder and worker Allow strange chars in cache names Allow rights to have numbers and _ in name Improved user cache to not have null elements in JSON Do more tests and resync some with the reality Fixed e-mail confirmation logic. Fixed the unit tests (minor) Simplify event processing by passing full 'ui'; fixed 'confirmed' filed usage rg_exec accepts a second para: data to be sent as stdin Fix a bug that prevented the log function to log invalid UTF-8 chars Spell checking Added tutorials infrastructure and the first tutorial about CI rg_exec function permits stdout streaming Spell checkings and ommisions apikeys: we need to init some vars We do not run update-server-info in post-update hook anymore because we do not support dumb protocol rg_exec has new parameters: two callbacks for stdout and stderr Corrected url for refs and path rights Redo css for clone urls and added http url Big (bulk) update: fetch/push by http(s) Now is safe to install rocketgit on a multiuser machine Debian: adapt a little bit the dependencies Bump version to 0.56 Adapt a little bit the install guide because of php-fpm [v0.54 -> v0.55] Catalin(ux) M. BOIE (6): Correct license for spec file (Affero -> A) webhooks - rename Name to Type Packaging changes: prepared for Debian build Do not free resources if query fails. Big commit of a lot of unrelated changes. Shame on me! Bump version to 0.55 [v0.53 -> v0.54] Catalin(ux) M. BOIE (10): Added web instructions for RedHat based distributions Do not give internal errors if commit ID is wrong More changes to support RedHat derivates Add build_jobs table to statistics Cosmetic changes for config file Corrected set_pass function cache actions Get rid of php-mbstring: is not a standard extention TODO changes SELinux: permit access to /tmp Bump version to 0.54 [v0.52 -> v0.53] Catalin(ux) M. BOIE (2): Improve installation instructions for Redhat/Oracle/CentOS Bump version to v0.53 [v0.51 -> v0.52] Catalin(ux) M. BOIE (2): Lots of fixes and added the build hook for continuous integration Bump version to v0.52 [v0.50 -> v0.51] Catalin(ux) M. BOIE (9): Do not allow random input as reference Avoid caching in docker Added unit test for e-mail confirmation Add RLUG to history Improved installation (checksum for postgres, useless SELinux booleans Improved docker image creation Improved git_init function Improved user info caching Allow del_tree on a non-existing repository [v0.49 -> v0.50] Catalin(ux) M. BOIE (3): docker small fixes Fixed bug add menu Bump version to 0.50 [v0.48 -> v0.49] Catalin(ux) M. BOIE (37): Some small fixes for http hooks Store good key string into the database. When adding hooks, help the user by providing some defaults (slack for now) Some docker fixes Some TODO updates and some minor text fixes Fixes for data encoding for slack Change download location for rocketgit.xml Added bug template and prefill the bug form assigned to field to the owner of the repo docker: fixes and improvements for image generation More detailed and correct description for hooks In admin's report, add in the subject the total number of yesterday's changes Improved a little how a tree is shown Improved a little the admin report Show the key size in bits when listing ssh keys Improved a little the error message received by git:// Show ssh key type before number of bits minor: reorder functions CSS fixes to make the spaces the same all over the place Added rg_change_pass tool css: fixed admins pages Added login hints: about rg_change_pass TODO changes for git:// access, organization field was missing text correction: Amazon user must also have S3 rights Replaced rg_bug_next_id with the more generic rg_repo_next_id Lots of fixes for pull requests Clean some items on TODO regarding mr We need to copy also the tags in the namespace to not get errors when pushing tags Accept 301 as a valid HTTP code Make more clearer the events error message Do not continue to show objects if repo returned an error Do not log password in logs Document web hooks and anonymous push TODO clean-ups Just some comments Bump version to v0.49 Corrected a problem in spec file [v0.47 -> v0.48] Catalin(ux) M. BOIE (6): If git ls-tree returns nothing, the path is invalid Log the id of the event Do not allow a failed connection to generate err-* file Fixed bad interaction between fixes and structure Remove debug leftover Bump version [v0.46 -> v0.47] Catalin(ux) M. BOIE (3): Mostly Amazon CodeDeploy and Lambda, and maked the plugins more generic Hooks fixes bump version to 0.47 [v0.45 -> v0.46] Catalin(ux) M. BOIE (2): When we add a repo, we have some variables that are not filled Minor stuff [v0.44 -> v0.45] Catalin(ux) M. BOIE (2): Cannot use env vars from cron Small changes all over the place; first version with docker [v0.43 -> v0.44] Catalin(ux) M. BOIE (4): If SELinux is not enabled, do not check the label Set a timezone if is not set globally Minor changes all over the place. Bump version to 0.44 [v0.42 -> v0.43] Catalin(ux) M. BOIE (30): Show the repo # on main repo page We allow empty description for bugs When creating an array, last_bug_id is set now correctly 404 http error was receive for showing blobs ending in .php or .html Pass uid for all events; more fixes for unit tests Let the user choose the e-mail, no defaults should be suggested DO not show 2fa hint for a visiting user Missing Affero Settle to Affero GPLv3+ Deal correctly with cache regarding last_bug_id keys: add some caching and prevent updating first_use if not necessary TODO updates, log last webhook output Add 'watch' button for user; corrected 'watch' bugs First draft for Amazon trim description - eles an empty line will show up Added 'lock repo' feature Fetch for public repo smust have prio 1 not 30001 Show on user's homepage since when is a member Explained more clear the block all rights rule Amazon CodeDeploy first "battle" plan Random changes: TODO, CSS etc. Corrected urls to bug and notes Rights and CSS fixes When editing rights, do not filter by uid. Reported by Gabi Sort rights by prio for real Fixed submodule link (reported by Gabi B) Fixes all over the code; made webhooks generic Drop old and empty slave tables CSS fixes (more flex); removed 'between' template 0.43 release [v0.41 -> v0.42] Catalin(ux) M. BOIE (3): Admin user must not confirm the account by e-mail Renamed the virtual machines files Bumped version to 0.42 [v0.40 -> v0.41] Catalin(ux) M. BOIE (10): Do not on any event if the protocol match. Assume is stable now. Added weeks for ssh IP validity Correct some gramatical problems Mostly totp fixes; all tests pass; css fixes Added webhooks Checkpoint: ip/user fixes for remote connections, some pull request fixes and unit test start webhooks fixes Only texts changes. Mostly debug signaling by cache Bump the version to 0.41 [v0.39 -> v0.40] Catalin(ux) M. BOIE (9): duilder updates (error out if head is not a tag TODO clean-up. Added TOTP feature and some other minor stuff Mostly TOTP stuff for ssh Lots of bug fixes, especially for cache TOTP fixes: mostly correct error messages Added back the repo stats Fix repo stats when there is no commit inside. Bump version to 0.40 [v0.38 -> v0.39] Catalin(ux) M. BOIE (7): Remove more junk from testing folder. Corrected 'rights' unit test. Really corrected repo.php unit test. TODO stuff Use _blank instead of _new for page loading duilder updates Bump version to 0.39 [v0.36 -> v0.38] Catalin(ux) M. BOIE (16): Add a history entry when a repo is created. Improved a little but the report1. Small changes to the rights pages. Do not add a border for submenus. On account creation, we did not set the 'confirmed' field. If user has no repos, go directly to 'create' page. More texts changes and ToS is bigger now. Fixed suggestions' 'yesterday' report. Add support for accepting ToS. CSS changes, rework of