From 2e8c48c0048e386431d5c41cea733b6d95760d52 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Mon, 03 Dec 2012 17:05:49 -0500
Subject: [PATCH] Update to Jetty 7.6.8

---
 docs/04_releases.mkd |   56 +++++++++++++++++++++++++++++++++++++++++++++++++-------
 1 files changed, 49 insertions(+), 7 deletions(-)

diff --git a/docs/04_releases.mkd b/docs/04_releases.mkd
index 920ae38..2f35182 100644
--- a/docs/04_releases.mkd
+++ b/docs/04_releases.mkd
@@ -1,8 +1,9 @@
 ## Release History
 
-<div class="alert alert-error">
+<div class="alert alert-info">
 <h4>Update Note</h4>
-If you are updating from an earlier release AND you have indexed branches with the Lucene indexing feature, you need to be aware that this release will completely re-index your repositories.  Please be sure to provide ample heap resources as appropriate for your installation.
+The permissions model has changed in this release.
+<p>If you are updating your server, you must also update any Gitblit Manager and Federation Client installs to 1.2.0 as well.  The data model used by the RPC mechanism has changed slightly for the new permissions infrastructure.</p>
 </div>
 
 ### Current Release
@@ -11,6 +12,10 @@
 
 #### fixes
 
+- Set subjectAlternativeName on generated SSL cert if CN is an ip address (issue 170)
+- Fixed incorrect links on history page for files not in the current/active commit (issue 166)
+- Empty repository page failed to handle missing repository (issue 160)
+- Fixed broken ticgit urls (issue 157)
 - Exclude submodules from zip downloads (issue 151)
 - Fixed bug where repository ownership was not updated on rename user
 - Fixed bug in create/rename repository if you explicitly specified the alias for the root group (e.g. main/myrepo) (issue 143)
@@ -30,41 +35,78 @@
     - RWD (clone and push with ref creation, deletion)
     - RW+ (clone and push with ref creation, deletion, rewind)  
 While not as sophisticated as Gitolite, this does give finer access controls.  These permissions fit in cleanly with the existing users.conf and users.properties files.  In Gitblit <= 1.1.0, all your existing user accounts have RW+ access.   If you are upgrading to 1.2.0, the RW+ access is *preserved* and you will have to lower/adjust accordingly.
-- Implemented regex repository permission matching (issue 36)  
-This allows you to specify a permission like `RW:mygroup/[A-Za-z0-9-~_\\./]+` to grant push privileges to all repositories within the *mygroup* project/folder.
+- Implemented *case-insensitive* regex repository permission matching (issue 36)  
+This allows you to specify a permission like `RW:mygroup/.*` to grant push privileges to all repositories within the *mygroup* project/folder.
 - Added DELETE, CREATE, and NON-FAST-FORWARD ref change logging
 - Added support for personal repositories.  
 Personal repositories can be created by accounts with the *create* permission and are stored in *git.repositoriesFolder/~username*.  Each user with personal repositories will have a user page, something like the GitHub profile page.  Personal repositories have all the same features as common repositories, except personal repositories can be renamed by their owner.
 - Added support for server-side forking of a repository to a personal repository (issue 137)  
 In order to fork a repository, the user account must have the *fork* permission **and** the repository must *allow forks*.  The clone inherits the access list of its origin.  i.e. if Team A has clone access to the origin repository, then by default Team A also has clone access to the fork.  This is to facilitate collaboration.  The fork owner may change access to the fork and add/remove users/teams, etc as required <u>however</u> it should be noted that all personal forks will be enumerated in the fork network regardless of access view restrictions.  If you really must have an invisible fork, the clone it locally, create a new repository for your invisible fork, and push it back to Gitblit.
+- Added optional *create-on-push* support  
+    **New:** *git.allowCreateOnPush=true*  
+- Added **experimental** JGit-based garbage collection service.  This service is disabled by default.  
+    **New:** *git.allowGarbageCollection=false*  
+    **New:** *git.garbageCollectionHour = 0*  
+    **New:** *git.defaultGarbageCollectionThreshold = 500k*  
+    **New:** *git.defaultGarbageCollectionPeriod = 7 days*
+- Added support for X509 client certificate authentication (github/kevinanderson1).  (issue 106)  
+You can require all git servlet access be authenticated by a client certificate.  You may also specify the OID fingerprint to use for mapping a certificate to a username.  It should be noted that the user account MUST already exist in Gitblit for this authentication mechanism to work; this mechanism can not be used to automatically create user accounts from a certificate.  
+    **New:** *git.requireClientCertificates = false*  
+    **New:** *git.enforceCertificateValidity = true*  
+    **New:** *git.certificateUsernameOIDs = CN*
+- Revised clean install certificate generation to create a Gitblit GO Certificate Authority certificate; an SSL certificate signed by the CA certificate; and to create distinct server key and server trust stores.  <u>The store files have been renamed!</u>
+- Added support for Gitblit GO to require usage of client certificates to access the entire server.  
+This is extreme and should be considered carefully since it affects every https access.  The default is to **want** client certificates.  Setting this value to *true* changes that to **need** client certificates.  
+    **New:** *server.requireClientCertificates = false*
+- Added Gitblit Certificate Authority, an X509 certificate generation tool for Gitblit GO to encourage use of client certificate authentication.
+- Added setting to control length of shortened commit ids  
+    **New:** *web.shortCommitIdLength=8*  
+- Added alternate compressed download formats: tar.gz, tar.xz, tar.bzip2 (issue 174)  
+    **New:** *web.compressedDownloads = zip gz*
 - Added simple project pages.  A project is a subfolder off the *git.repositoriesFolder*.
 - Added support for X-Forwarded-Context for Apache subdomain proxy configurations (issue 135)
 - Delete branch feature (issue 121, Github/ajermakovics)
 - Added line links to blob view (issue 130)
+- Added HTML sendmail hook script and Gitblit.sendHtmlMail method (github/sauthieg)
 - Added RedmineUserService (github/mallowlabs)
-- Experimental support for committer verification.  Requires use of *--no-ff* when merging branches or pull requests.  See setup page for details.
+- Support for committer verification.  Requires use of *--no-ff* when merging branches or pull requests.  See setup page for details.
 
 #### changes
 
+- All access restricted servlets (e.g. DownloadZip, RSS, etc) will try to authenticate using X509 certificates, container principals, cookies, and BASIC headers, in that order.
+- Added *groovy* and *scala* to *web.prettyPrintExtensions*
+- Added short commit id column to log and history tables (issue 168)
+- Teams can now specify the *admin*, *create*, and *fork* roles to simplify user administration
 - Use https Gravatar urls to avoid browser complaints
+- Added frm to default pretty print extensions (issue 156)
 - Expose ReceivePack to Groovy push hooks (issue 125)
 - Redirect to summary page when refreshing the empty repository page on a repository that is not empty (issue 129)
 - Emit a warning in the log file if running on a Tomcat-based servlet container which is unfriendly to %2F forward-slash url encoding AND Gitblit is configured to mount parameters with %2F forward-slash url encoding (Github/jpyeron, issue 126)
 - LDAP admin attribute setting is now consistent with LDAP teams setting and admin teams list.  
 If *realm.ldap.maintainTeams==true* **AND** *realm.ldap.admins* is not empty, then User.canAdmin() is controlled by LDAP administrative team membership.  Otherwise, User.canAdmin() is controlled by Gitblit.
+- Support servlet container authentication for existing UserModels (issue 68)
 
 #### dependency changes
 
-- updated to Jetty 7.6.7
+- updated to Jetty 7.6.8
 - updated to JGit 2.1.0.201209190230-r
 - updated to Groovy 1.8.8
 - updated to Wicket 1.4.21
 - updated to Lucene 3.6.1
-
+- updated to BouncyCastle 1.47
+- updated to MarkdownPapers 1.3.2
+- added JCalendar 1.3.2
+- added Commons-Compress 1.4.1
+- added XZ for Java 1.0
 <hr/>
 
 ### Older Releases
 
+<div class="alert alert-error">
+<h4>Update Note</h4>
+If you are updating from an earlier release AND you have indexed branches with the Lucene indexing feature, you need to be aware that this release will completely re-index your repositories.  Please be sure to provide ample heap resources as appropriate for your installation.
+</div>
+
 **1.1.0** *released 2012-08-25*
 
 #### fixes

--
Gitblit v1.9.1