--- - branch: MAIN date: Sun Jul 6 06:32:32 UTC 2014 files: - new: '1.13' old: '1.12' path: pkgsrc/devel/rt4/Makefile pathrev: pkgsrc/devel/rt4/Makefile@1.13 type: modified - new: '1.6' old: '1.5' path: pkgsrc/devel/rt4/PLIST pathrev: pkgsrc/devel/rt4/PLIST@1.6 type: modified - new: '1.7' old: '1.6' path: pkgsrc/devel/rt4/distinfo pathrev: pkgsrc/devel/rt4/distinfo@1.7 type: modified - new: '0' old: '1.1' path: pkgsrc/devel/rt4/patches/patch-share_html_Install_Initialize.html pathrev: pkgsrc/devel/rt4/patches/patch-share_html_Install_Initialize.html@0 type: deleted id: 20140706T063232Z.81acfb31da330ea4a619057b7421f33f6a81eafe log: | Update to 4.2.5 from 4.2.1 Changelog: >From http://bestpractical.com/release-notes/rt/4.2.5 This release is primarily a bugfix release; most notably, it explicitly updates a dependency to fix a previously-announced security vulnerability, resolves two serious bugs in the serializer, and fixes the "paste" feature in the Rich Text editor. Updated dependencies * Updated Email::Address::List dependency, to resolve CVE-2014-1474, as was previously announced in http://blog.bestpractical.com/2014/01/security-vulnerability-in-rt-42.html * Bump CGI dependency (under perl 5.20 and above, only) to quash warnings about CGI.pm's deprecation in core (#29053) Serializer/Importer * Serialize binary data as binary, not as UTF-8 codepoints; this fixes a regression introduced in 4.2.3 which corrupted all binary data in serialized data. * Serialize ObjectScrips when cloning, which had been mistakenly omitted; this only partially resolves #29949, as it does not address serialization of ObjectScrips when not cloning. General web UI * Force CKEDITOR_BASEPATH; this fixes errors during pasting into the Rich Text editor (#29780, #29987) * Ticket autocompletion (for links) is more predictable when completing on strings containing numbers (#25755) * Fix "Show Outgoing Email" and Reply/Comment/Forward links in Approvals (#29800) * Correctly decode text/html parts of old (RT 3.6.5 and prior) emails Internationalization * Updated localizations (German, Greek, Slovak, Lithuanian) Web administration * Display clean Stage name in ColumnMaps (#28739) * Add Scrips Select/Create menu, and maintain context on which list of Scrips the Select page should link to (#28787) * Granting rights to new groups no longer requires clicking in textbox twice in Firefox (#29911) Server administration * Log when Encode::HanExtra would be useful in decoding emails, and make use of it if it is available. * Squash warnings in 4.1.17 upgrade step (#29595) * Reorder DROP IF EXISTS on 4.1.1 Postgres upgrade step to drop sequence after dropping the table; avoids bugs on upgrading in a previously-upgraded database * Stop hardcoding the list of available themes, instead auto-detecting new themes as they are added (#14667) * Explicitly point to $AutocompleteOwners setting in warning that RT is switching to the autocompleter due to too many owners. * Remove caching of template object in rt-crontool; this fixes a bug where the same content would be sent on all tickets (#29454) * rt-fulltext-indexer now locks, to prevent more than one instance from running at once (#17423) Developer * Add BeforeMessageBox callback in ModifyAll.html for parity with Create.html and Update.html * BeforeCustomFields callback in ShowCustomFields now takes $Table parameter * Default callback in ShowTransaction can now modify $ShowBody * Add a RT::Date->IsSet method * Fix invalid ContextObject on RT::CustomField->LoadByName when passed Queue => 0; this led to invalid LookupType limits on later calls to ->LoadByName. * Generalize RT::CustomField->LoadByName to work with non-Queue context objects, and to optionally return globally-applied CFs and not Disabled CFs. * Tests now pass again using RT_TEST_WEB_HANDLER=inline * ->AddCustomFieldValues no longer allows adding repeated values (#4553) Documentation * Drop references to MySQL 4.1, as RT 4.2 requires MySQL 5.1 * Updated example plugins used in documentation, and suggest Plugin() over Set(@Plugins, ...) (#29978) * Documentation for ColumnMap >From http://bestpractical.com/release-notes/rt/4.2.4 This release is primarily a bugfix release; notable changes include: Database changes * Add the AutoOpenInactive action for upgrades; clean installs of RT 4.2.0 or higher have this action already * Force Lifecycle and Disabled properties of the internal __Approvals queue to the values RT needs to function correctly Notable new features * If indexed full-text searching is enabled, the simple search will search in both Content and Subject. * Align headers of collections to their content, by default. This right-aligns the "#" header of ticket collections, for instance. * Send caching headers for all static content; this fixes a regression from RT 4.0, which correctly set caching headers on static images (#28640) * Re-order JS to optimize parallel resource fetching, and decrease load times * Allow LIKE and NOT LIKE with Status limits (#29654) Regression fixes * Resolve a regression in 4.2.3 wherein TITLE information was lost after parsing on the Advanced page (#29425) * Fix a regression in 4.2.2, which caused "select" custom fields to not pick up their defaults when cloning tickets (#29751) * Fix a regression in 4.2.2 which caused checkbox CFs to add the same value multiple times (#29392) * Fix a regression in 4.2.2 when categories were set on a CF without using the "based on" feature. * Show reminders without due dates if $OnlyOverdue is set; this fixes a regression from RT 4.0 Email * Use "white-space: pre-wrap" when inserting plain-text into HTML templates. This preserves line breaks but allows clients to wrap lines if need be. Localization * Updated localizations from Launchpad; new Persian translation * Better cluing of pluralization and quantified terms for translators * Remove untranslatable locstrings (#29798) * Fix extra/missing numbers in Czech localization (#29741) * Remove no longer translated right names from PO files * Disambiguate "M" for "month" vs "megabyte" General web UI * Better splitting of phrases with numbers in ticket link autocompletion * Autocomplete email addresses in Forward page (#28441) * Allow non-ASCII characters in passwords (#28784) * Add a "Reset" button to revert homepage portlet formatting to the system default * Remove uninitialized value warnings for upgrades from RT 3.8 (#17505) * Allow downloading attachments whose filenames contain a leading dot (#29700) * Prevent uninitialized value warning on search result pages with no query (#29699) * Hide user summary links in mobile UI, as there is no user summary page for mobile (#28788) * Always add the trailing delimiter when autocompleting multiple-entry objects, such as email addresses * Compress PNG images to decrease initial page load times * Avoid "That is already the current value" warning when changing between two queues with differing lifecycles but a same-name mapping * Don't nest tags to User Summaries in queue watcher page * Require that saved searches have names in order to be created (#20210) * Give a proper error when attempting to merge a ticket into itself (#26407) * Searching for "ip version 6" no longer limits to ticket 6; the 6 is instead searched for in the subject. (#22470) * Give SystemError transactions their own CSS style * Fix ticket link autocompletion during ticket creation * Require that one or more addresses be provided to forward (#25308) * Respect the "color" attribute in HTML mail (#28389) * Rework the JS that prevented form resubmission; instead of disabling the submit button (which interacted poorly with the browser's back button), instead use an attribute on the form (#27489) * Squash warnings triggered by query builder when more than 50 different users had OwnTicket * Serve rich text editor JS with the rest of the compressed JS; this ensures that it is better cached Web administration * Allow external custom fields to have a "based on" category. * Hide the queue name, lifecycle, and disabled box on the edit page for the __Approvals queue; these must remain unchanged for Approvals functionality. * Correctly page user results in User Summary searches * Prevent warnings on Scrip edit pages if the user did not have global ShowTemplate rights Configuration options * Add a new option ($AllowLoginPasswordAutoComplete) to allow the browser to remember user passwords on RT's login screen (#29071) * Add new $DefaultSearchResultOrderBy and $DefaultSearchResultOrder options to control the global default ordering of tickets * When the stylesheet is set to an unknown style, default to rudder, not aileron (#29132) Server administration * Use one fewer database connections per rt-server process; this is most notable on FastCGI deployments, which spawn a number of rt-server processes * Default to connecting to sphinx via 127.0.0.1 instead of localhost on MySQL 5.5, due to http://sphinxsearch.com/bugs/view.php?id=1815 * rt-validator can now detect and fix links to Articles with the wrong $Organization set * Check that the version in sbin/rt-server matches the version in lib/RT/Generated.pm during server startup * Follow up to 3 HTTP redirects when POSTing to the mail gateway. This covers the common case of http: redirecting to https:, but the mail gateway referencing http: (#14114) * Return a status code 503 if we cannot connect to the database (#23332) Installation * When configuring, pull the primary group of the current user using perl, instead of `groups`, which may not list the primary group first. * Ensure that rt-test-dependencies re-execs itself using its full path, as module installations may have changed the directory (#29024) * Properly detect an existing database but missing schema in the web installer * On perl 5.19.3 and above, a more recent version of Symbol::Global::Name is required, due to core perl changes Upgrades * Bulletproof 4.0 Articles upgrade steps by dropping tables before attempting to create them * Correct documentation path in upgrade warning * In database upgrades, skip the "BACK UP BEFORE THIS STEP" warning if the --force option was provided, which gives no change to stop at that point. * Remove a warning in the optional time-worked-history.pl upgrade step REST * Allow arbitrary Content-Disposition in REST uploads (#19770) Developer * Add a comment warning about the use of the SetFieldsOnce callback in BuildFormatString; it will be removed in RT 4.4. * Fix behavior of RT::Date->AddDays when passed 0 days * Check POD of all files * Allow RT::Users->WhoBelongToGroups to optionally return unprivileged users * Provide hooks to implement a cache on MakeClicky * Document ExtractTicketId and ParseTicketId, as useful methods for local overrides * Update RT::CustomField->LoadByName, when called with a Queue argument, to return only ticket CFs; in 4.2, it also began finding queue CFs. This reverts to the behavior from 4.0. * The Articles URI implementation is now consistent with Ticket URIs; ->LocalURIPrefix does not contain /article/ * Allow @JSFiles to include files not under /static/js/ if they have a leading / * Add a generic style for reverse-color ticket titlebox tabs * Allow plugins to wrap the PSGI application in its entirety * Bulletproof role resolution for single-user roles * Win32 and IIS are not a supported platform; remove all lingering references to them * Allow ModifyAll.html's Default callback to change @results, like Modify.html * Make Widgets/Form/Select honor the Multiple flag (#12447) * Remove extraneous direct uses of Time::ParseDate (#24498) * Add a callback after Attachments on ticket display * Fix SetDisabled's return message on failure (#29802) * Refactor CSV export to allow its use by non-ticket collections Documentation * Updated parts of RT::StyleGuide * Document the --no-users and --no-groups options to rt-serializer more clearly * Add documentation for rt-validate-aliases * Remove misleading comment about "an rt-mailgate user" from rt-mailgate documentation * Remove ambiguity of direction of $CanonicalizeEmailAddressMatch and $CanonicalizeEmailAddressReplace * Update schema.dot for the ObjectScrips table, new in 4.2 * List SQLite in documentation as a possible database backend, for non-production use. * Update suggested backup strategy on MySQL to no longer require LOCK TABLES privileges (#22893) * Note that changing queue subject tags may require altering $EmailSubjectTagRegex * Suggest /etc/cron.d instead of root's crontab, for discoverability >From http://bestpractical.com/release-notes/rt/4.2.3 This release is primarily a bugfix release; notable changes include: Administrator tasks * Avoid starting a FastCGI process manager in the common case of the FastCGI process being started by the webserver, and communicating over STDIN. This restores the behavior from 4.0, where the process name is the full path to rt-server.fcgi, and not the static string "perl-fcgi-pm" or "perl-fcgi". * Automatically clean out Mason cache when updated HTML is installed during upgrades; this should prevent a common class of errors. * Fix paths in rt-importer when importing from a serialized dump which was written to an absolute path. * Additional optional upgrade script for users upgrading from RT 3.8 who previously used RT::Extension::CustomField::Checkbox. * Pass characters, not bytes, to _EncodeLOB during de-serialization; this prevents invalid UTF-8 from a serialized dump from entering the new database. * Catch and warn of additional common misconfigurations of GPG/SMIME integration. * Prevent a possible infinite loop in rt-validator --resolve if Principal records were missing; default to forcing their creation. Localization * Localization updates from Launchpad. General user UI * Date and DateTime customfields now pass "mandatory" validation if unchanged. * "1970-01-01" is now treated as "unset" for purposes of Date and DateTime validation. * Add Date and DateTime fields to bulk update. * Don't conduct a user search if no string was entered. * Signal if a user is disabled at the top of User Summary pages. * Resolve regression in 4.2, which caused warnings during ticket creation when transaction custom fields were applied. * Respect transaction squelching during GPG/SMIME signing and encryption. Lack of public key for a squelched user will no longer trigger errors, for instance. * Resolve regression in 4.2, where the recipient squelching checkboxes did not properly synchronize state between users who appeared multiple times. * Adjust the bottom edge of rolled-up tabs in ticket pages. * Sort data groupings in charts numerically, not ASCIIbetically, if they all appear to be numbers. * Ensure that Sidebar / Body panes in dashboard configuration display in a consistent order on perl 5.18 and above. * For strict DOM compliance, move a "name" attribute on
to "data-name". * Prevent "Can't call method "DependsOn" on an undefined value" error in bulk update if tickets were deleted. * Show links to tickets which are not readable by the user as numbers, not as blank titles. * Add a "ticket-active" class, as well as the current status as a class, to ticket links on ticket display page. * Fix a regression in 4.2 which caused an error when a user with only limited rights (Watch or WatchAsAdminCc) removed themselves as a watcher from a ticket or queue. * Allow SeeCustomField on a single queue to show its custom fields during search if the search is limited to that queue. Documentation * Remove obsolete wording mentioning CPAN 1.84, which we guaranteed to already have a more recent version of, by way of perl 5.10.1. * Correct reminders documentation to suggest RT::Action::Notify, not RT::Action::SendEmail. * Documentation on writing extensions for RT. Admin interface * Fix "Queue" and "QueueId" columns in admin Scrips listing to emulate their display in 4.0. * Additional ModifyDropdownLimit in SelectOwnerDropdown to allow sites to increase the previously-hardcoded limit of 50 users in the drop-down before it switched to autocompletion. * Correctly style warnings about Articles needing configuration. * Resolve regression in 4.2 in admin interface, where the current group and rights tab is not preserved across rights submission. * Show static content roots in System Configuration, alongside Mason content roots. * Catch and warn of template compilation errors, such as unbalanced braces. Database * Improve right-checking query plan (at least on PostgreSQL 9.3) by de-duplicating ACL equivalence objects, and using the RT::System's id. * Upgrade steps from RT 4.0 -> 4.2 now DROP IF EXISTS tables and sequences before attempting to create them, except on Oracle. This resolves the common case of testing an upgrade before re-importing a backup atop it for the final upgrade, leaving the new tables still in place. * Fix a regression in 4.2 which caused rt-server to hold extra database handles open. For FastCGI processes, this was one extra per FastCGI process; for standalone servers, only one overall. Callbacks * MassageDisplayHeaders callback in ShowTransactionAttachments is now passed $ShowHeaders. * Callbacks in EditTransactionCustomFields are now passed $InTable. * MassageCustomFields callback in EditCustomField is now correctly passed $CustomFields. * Correct a typo in the documentation for MakeClicky callbacks. Developer * Provide and use a GetCustomFieldInputName() function to programmatically determine form field names from custom field objects. * Resolve a bug when associating unknown users with single-user roles; this primarily only affects Assets. * Allow consumers of /Elements/SimpleSearch to provide the placeholder text. * Default Stage for Scrips to be TransactionCreate; primarily for initialdata, but affects all callers of RT::Scrip->AddToObject. * Adjust etc/upgrade/shrink_transactions_table.pl to avoid new deprecation warnings. * Fix precedence errors of "return ... or ..." found by perl 5.19. * Allow consumers of EditCustomField to specify undef $Rows or $Cols to omit the respective attributes during form element rendering. * Prevent warnings on perl 5.19 and above. * Allow members to be added to groups during group creation in initialdata. * Prevent race conditions in 99-policy.t by skipping t/tmp/ and other volatile directories. * Pass Ticket object to ShowAttachments on Ticket/Forward.html, to allow for greater extensibility by providing more context. >From http://bestpractical.com/release-notes/rt/4.2.2 This release is primarily a bugfix release; of particular note is that it contains schema changes for MySQL. Though the changes are limited, it is especially important to take, and verify you can recover from, a database backup prior to upgrading. Also notable is that this release fixes a bug in 4.2.0 and 4.2.1 where failures of the HTML-to-text conversion would silently cause mail to fail to be sent. When using the rich text editor, RT will also now quote the the HTML parts of email, and not simply their text equivalents. Other changes include: Documentation * Wording fixes in Shredder * Clean up examples in Lifecycles documentation * Document additional indexes that increase performance of Shredder * Replace a suggested GnuPG option with one which is not deprecated * Note that errors reported from the GnuPG infrastructure may be caused by GnuPG not being configured, but having been automatically enabled. Database * Ensure that even disabled scrips get the same id-to-name change that other scrips got during the 4.0 -> 4.2 upgrade. * On MySQL, alter the character set of all columns used to store email addresses to UTF-8 * Ensure that invalid byte sequences that may have snuck into the database previously (on earlier versions on MySQL, for instance) are not blindly interpreted as UTF-8 when retrieved from the database. As a result, invalid bytes will be returned from the API as the four characters "\xHH", where HH is the hexadecimal encoding of the byte. * Ensure that all data containing non-ASCII is quoted-printable encoded for PostgreSQL, instead of merely all data not claiming to be "text/plain" * Additional warnings prevention on Oracle; tests now pass cleanly * Allow fully-automated database upgrades using --upgrade-from and --upgrade-to options to rt-setup-database * Clean out any remaining traces of RTFM that lingered in custom fields and custom field values that were disabled at the time of the previous upgrade step. * Bullet-proof a 3.8 -> 4.0 upgrade step for Scrips with no Condition Serializer/importer * Install rt-serializer and rt-importer into sbin/ * Ensure that incremental upgrade steps only run on incremental serializations, not all exports * Fix a runtime error in the incremental upgrade path to 4.2 * Ensure that inflated Users and Groups are created with the same id as their Principal * Disable in-memory record caching when serializing and importing to improve performance * Only search non-Disabled custom fields when looking up BasedOn in initialdata files * Set up logging properly; warnings are now displayed during serialization and importing Email * Don't die if HTML -> text conversion throws an error, which would silently prevent outgoing mail from being sent. Instead, fall back to just sending text/html with no text/plain * Replying to an HTML mail with the rich text editor will now quote the HTML part, not the equivalent text version. * Set a transfer encoding on outgoing dashboards; this resolves issues with long lines when using the Sendmail MTA. * Cope with mangled and overly-quoted recipient headers occasionally generated by Outlook. General user UI * Stop localizing custom field names, for consistency * Show a useful error on "show outgoing mail" if the user has no rights to see the page, rather than displaying an empty page. * Adjust UI to not block header on "show outgoing email" page * Hide the Take and Steal menu items if you already own the ticket, closing a regression in 4.2.0 and above. * Autocompletion custom fields now properly autocomplete when placed in custom field groupings * Improve rendering on Internet Explorer 6 * Fix cascaded custom fields on Internet Explorer 8 and below. * Fix third-level cascading custom fields, broken in 4.2.1 * Minor rendering bugs with Charts placed on homepages and dashboards * Whitelist "show outgoing email" and chart results from CSRF protection * RT 4.0.7 introduced a performance regression when building ticket searches that query Links; switch back to a much better-indexed query. * Fix "Clone ticket" functionality with Select-multiple custom fields. * Show the queue ID for the current queue in the ticket edit page, even if the user does not have SeeQueue; this prevents the user from accidentally changing the queue. * Respect custom field groupings on user preferences page Query Builder * Warnings avoidance for searches with more than 1000 results. * Allow IS NULL to search for dates which are unset * Properly quote CF names containing non-ASCII characters in query builder, broken since 4.2.0 * Add "UpdatedBy" TicketSQL limit Admin * Correct a package load order problem which prevented the web installer from working since 4.2.0 * Report the correct setting name in rt-validate-aliases * Fix real-time updating of Theme CSS on Internet Explorer 8 and below * Fix a minor display bug in the CF Admin pages, where the queue number instead of queue name would be displayed in requests shortly after server startup. * Add "Extra Info" as a possible field for "More About Requestor" REST * Allow searching for users, queues, and groups in REST * Prevent a server error when attempting to guess content-type in the REST interface. Development * Allow running tests with an explicit set of plugins enabled. * Custom Action and Condition packages (as supplied by extensions; these are not the text entry boxes in the UI) are now loaded at server startup time, to catch compile-time errors in such classes early as well as reducing RT's memory footprint on mod_perl. Previously, these errors would have logged errors only when their Scrip failed to fire. This restores the behavior found in RT 3.8, which was mistakenly removed in RT 4.0.0. * Additional callbacks, including in charts, and on ticket reply pages * Remove an unused Makefile target module: pkgsrc subject: 'CVS commit: pkgsrc/devel/rt4' unixtime: '1404628352' user: ryoon