AArch64 | |
ppc64le | |
s390x | |
x86-64 |
- fossil 2.12.1: * CVE-2020-24614: Remote authenticated users with check-in or administrative privileges could have executed arbitrary code [boo#1175760] * Security fix in the "fossil git export" command. New "safety-net" features were added to prevent similar problems in the future. * Enhancements to the graph display for cases when there are many cherry-pick merges into a single check-in. Example * Enhance the fossil open command with the new --workdir option and the ability to accept a URL as the repository name, causing the remote repository to be cloned automatically. Do not allow "fossil open" to open in a non-empty working directory unless the --keep option or the new --force option is used. * Enhance the markdown formatter to more closely follow the CommonMark specification with regard to text highlighting. Underscores in the middle of identifiers (ex: fossil_printf()) no longer need to be escaped. * The markdown-to-html translator can prevent unsafe HTML (for example: <script>) on user-contributed pages like forum and tickets and wiki. The admin can adjust this behavior using the safe-html setting on the Admin/Wiki page. The default is to disallow unsafe HTML everywhere. * Added the "collapse" and "expand" capability for long forum posts. * The "fossil remote" command now has options for specifying multiple persistent remotes with symbolic names. Currently only one remote can be used at a time, but that might change in the future. * Add the "Remember me?" checkbox on the login page. Use a session cookie for the login if it is not checked. * Added the experimental "fossil hook" command for managing "hook scripts" that run before checkin or after a push. * Enhance the fossil revert command so that it is able to revert all files beneath a directory. * Add the fossil bisect skip command. * Add the fossil backup command. * Enhance fossil bisect ui so that it shows all unchecked check-ins in between the innermost "good" and "bad" check-ins. * Added the --reset flag to the "fossil add", "fossil rm", and "fossil addremove" commands. * Added the "--min N" and "--logfile FILENAME" flags to the backoffice command, as well as other enhancements to make the backoffice command a viable replacement for automatic backoffice. Other incremental backoffice improvements. * Added the /fileedit page, which allows editing of text files online. Requires explicit activation by a setup user. * Translate built-in help text into HTML for display on web pages. * On the /timeline webpage, the combination of query parameters "p=CHECKIN" and "bt=ANCESTOR" draws all ancestors of CHECKIN going back to ANCESTOR. * Update the built-in SQLite so that the "fossil sql" command supports new output modes ".mode box" and ".mode json". * Add the "obscure()" SQL function to the "fossil sql" command. * Added virtual tables "helptext" and "builtin" to the "fossil sql" command, providing access to the dispatch table including all help text, and the builtin data files, respectively. * Delta compression is now applied to forum edits. * The wiki editor has been modernized and is now Ajax-based. - Remove fossil-2.11-reproducible.patch: Upstream integrated the patch and improved it to also recognize SOURCE_DATE_EPOCH. - Remove fossil-2.7-remove_date_time.patch: OBS now sets SOURCE_DATE_EPOCH and gcc recognizes it, so the removal of __DATE__ and __TIME__ is not needed anymore. - Package the fossil.1 manual page.
- fossil 2.11.1: * Make the "fossil git export" command more restrictive about characters that it allows in the tag names
- Add fossil-2.11-reproducible.patch to override build date (boo#1047218)
- fossil 2.11: * Support Markdown in the default ticket configuration * Timestamp strings in object names can now omit punctation * Enhance backlink processing so that it works with Markdown- formatted tickets and so that it works for wiki pages fossil rebuild is needed to take full advantage of this fix * Many improvements to the forum and especially email notification of forum posts * Minimum length of a self-registered user ID increased from 3 to 6 characters * Rework the fossil grep command to be more useful * Expose the redirect-to-https setting to the settings command * Most commands now support the Unix-conventional "--" flag to treat all following arguments as filenames instead of flags * Add the mimetypes config setting * security harening against possibly tampered database schemas * Now sends the Content-Security-Policy header * Stop using the IP address as part of the login cookie * many web UI and CLI improvements, documentation updates
- fossil 2.10: * Add support for CGI-based Server Extensions * UI improvement and extensions * Change the default hash policy to SHA3 * Performance optimizations
- update to 2.9: * Add the fossil git export command * Web UI layout and behavior improvements * Add the fossil touch command, and the --setmtime option on the fossil open and fossil update commands * Add the /secureraw page that requires the complete SHA1 or SHA3 hash, not just a prefix, before it will deliver content * Improvement to clone and sync behavior * many other bug fixes and improvements - includes changes from 2.8: * Show cherry-pick merges as dotted lines on the timeline graph. The "fossil rebuild" command must be run to create and populate the new "cherrypick" table in the repository in order for this feature to operate. * Web UI improvements * Wiki setup is now at /setup_wiki * Provide the ability to redirect all HTTP pages to HTTPS * Add the backoffice-disable setting to completely disable the backoffice feature
- update to 2.7: * New email alerts feature * New discussion forum feature * UI improvements for built-in skins on small screens * Use of Content Security Policy (CSP) in built-in skins - includes changes from 2.6: * Add the new "Classic" timeline viewing mode * Add support HTTP cache control mechanisms * Improvements to various pages and functions * Additional defenses against web-based attacks - requires SQLite >= 3.25.0 - rebase fossil-1.37-remove_date_time.patch to fossil-2.7-remove_date_time.patch