| <?xml version="1.0" encoding="utf-8"?> |
| <feed xmlns="http://www.w3.org/2005/Atom"><title>Apache Allura</title><link href="//allura.apache.org/" rel="alternate"></link><link href="//allura.apache.org/feeds/all.atom.xml" rel="self"></link><id>//allura.apache.org/</id><updated>2023-11-06T00:00:00+00:00</updated><entry><title>Apache Allura 1.16.0 released with critical security fix</title><link href="//allura.apache.org/posts/2023-allura-1.16.0.html" rel="alternate"></link><published>2023-11-06T00:00:00+00:00</published><updated>2023-11-06T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2023-11-06:/posts/2023-allura-1.16.0.html</id><summary type="html"><p>Version 1.16.0 of Allura released with critical security fix</p></summary><content type="html"><h4>What's New?</h4> |
| <p>Apache Allura 1.16.0 has been released. It has a critical security fix and also drops Python 3.7 support.</p> |
| <p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p> |
| <h4>Critical Security Fix</h4> |
| <p>CVE-2023-46851 sensitive information exposure via import </p> |
| <p>Severity: Critical<br> |
| Versions Affected: 1.0.1 through 1.15.0</p> |
| <p><strong>Description:</strong><br> |
| Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution.</p> |
| <p><strong>Mitigation:</strong><br> |
| Users of Allura should upgrade to Allura 1.16.0 immediately.</p> |
| <p>If you are unable to upgrade, set this in your .ini config file:</p> |
| <div class="highlight"><pre><span></span><code>disable_entry_points.allura.importers = forge-tracker, forge-discussion |
| </code></pre></div> |
| |
| <p>That same .ini setting is also recommend for users who want maximum security on their Allura instance and don't need those importers available.</p> |
| <p><strong>Credit:</strong><br> |
| This issue was discovered by Stefan Schiller (Sonar)</p> |
| <h4>Python 3.8 through 3.11 supported</h4> |
| <p>This release drops support for Python 3.7 and supports Python 3.8 through Python 3.11</p> |
| <h4>Upgrade Instructions</h4> |
| <p>To install updated dependencies, run: <code>pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed</code></p> |
| <p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p> |
| <p>If switching to a new version of Python, you will need to make a completely new python virtual environment, |
| and run <code>pip install ...</code> in it, and then use it to run Allura.</p> |
| <p>If using docker, rebuild the allura image and restart containers.</p> |
| <p>Feel free to ask any questions on the <a href="https://lists.apache.org/list.html?dev@allura.apache.org">dev mailing list</a>.</p> |
| <h4>Get 1.16.0</h4> |
| <p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.15.0 released</title><link href="//allura.apache.org/posts/2023-allura-1.15.0.html" rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><updated>2023-09-18T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2023-09-18:/posts/2023-allura-1.15.0.html</id><summary type="html"><p>Version 1.15.0 of Allura released</p></summary><content type="html"><h4>What's New?</h4> |
| <p>Apache Allura 1.15.0 has been released, after a long time since 1.14.0. This release adds support for more Python versions (see next section) and Content-Security-Policy headers. Many other fixes and improvements are also included, they relate to SEO, performance and different parts of Allura.</p> |
| <p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p> |
| <h4>Python 3.7 through 3.11 supported</h4> |
| <p>This release supports Python 3.7 through Python 3.11</p> |
| <p>The next release will drop support for Python 3.7 so please upgrade your Python version soon, to stay compatible with future Allura releases.</p> |
| <h4>Upgrade Instructions</h4> |
| <p>To install updated dependencies, run: <code>pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed</code></p> |
| <p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p> |
| <p>If switching to a new version of Python, you will need to make a completely new python virtual environment, |
| and run <code>pip install ...</code> in it, and then use it to run Allura.</p> |
| <p>If using docker, rebuild the allura image and restart containers.</p> |
| <p>Feel free to ask any questions on the <a href="https://lists.apache.org/list.html?dev@allura.apache.org">dev mailing list</a>.</p> |
| <h4>Get 1.15.0</h4> |
| <p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.14.0 released</title><link href="//allura.apache.org/posts/2022-allura-1.14.0.html" rel="alternate"></link><published>2022-09-23T00:00:00+00:00</published><updated>2022-09-23T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2022-09-23:/posts/2022-allura-1.14.0.html</id><summary type="html"><p>Version 1.14.0 of Allura released</p></summary><content type="html"><h4>What's New?</h4> |
| <p>Apache Allura 1.14.0 has been released, after a long time since 1.13.0. It includes a new app/tool, SEO improvements |
| and a huge list of small fixes and improvements. The highlights are:</p> |
| <ul> |
| <li>Added ForgeFiles app for uploading and managing file releases.</li> |
| <li>Many SEO improvements related to links, redirects, canonical and noindex tags.</li> |
| </ul> |
| <p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release notes</a>. </p> |
| <h4>Only Python 3.7 supported</h4> |
| <p>This release drops support for Python 2.7 and 3.6, and only supports Python 3.7.</p> |
| <h4>Upgrade Instructions</h4> |
| <p>To install updated dependencies, run: <code>pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed</code></p> |
| <p>Run: <code>./rebuild-all.bash</code> to get new ForgeFiles app available</p> |
| <p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p> |
| <p>If switching from Python 3.6 to 3.7, you will need to make a completely new python virtual environment, |
| and run <code>pip install ...</code> in it, and then use it to run Allura. If you're still on Python 2, you probably should upgrade |
| to the previous release 1.13.0 first, following its upgrade instructions, and then switch to Python 3 before doing the 1.14.0 upgrade.</p> |
| <p>If using docker, rebuild the allura image and restart containers.</p> |
| <p>Feel free to ask any questions on the <a href="https://lists.apache.org/list.html?dev@allura.apache.org">dev mailing list</a>.</p> |
| <h4>Get 1.14.0</h4> |
| <p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.13.0 released</title><link href="//allura.apache.org/posts/2021-allura-1.13.0.html" rel="alternate"></link><published>2021-05-17T00:00:00+00:00</published><updated>2021-05-17T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2021-05-17:/posts/2021-allura-1.13.0.html</id><summary type="html"><p>Version 1.13.0 of Allura released</p></summary><content type="html"><h4>What's New?</h4> |
| <p>Apache Allura 1.13.0 has been released, after over a year of development, it includes some major updates and a huge |
| list of small fixes and improvements. Some highlights are:</p> |
| <ul> |
| <li>Added ForgeFeedback app</li> |
| <li>textarea inputs work better on mobile devices, and use browser spellchecker</li> |
| <li>Forum importer for allura's own export format</li> |
| <li>Allow multiple site-wide notices to be active</li> |
| </ul> |
| <h4>Python 2 and 3 supported</h4> |
| <p>This release supports Python 2.7, 3.6, and 3.7. It is the last release planned to support Python 2. We recommend anyone |
| running Allura on Python 2 update to Allura 1.13 and then switch from Python 2 to Python 3. For more details, see |
| the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release notes</a> and feel free to ask questions |
| on the <a href="https://lists.apache.org/list.html?dev@allura.apache.org">dev mailing list</a>.</p> |
| <h4>Upgrade Instructions</h4> |
| <p>Due to supporting both Python 2 and 3, there are quite a few small things to be aware and to update, when upgrading |
| to 1.13.0. The <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release notes</a> has all the details |
| outlined.</p> |
| <h4>Get 1.13.0</h4> |
| <p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.12.0 released</title><link href="//allura.apache.org/posts/2019-allura-1.12.0.html" rel="alternate"></link><published>2019-10-07T00:00:00+00:00</published><updated>2019-10-07T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2019-10-07:/posts/2019-allura-1.12.0.html</id><summary type="html"><p>Version 1.12.0 of Allura released</p></summary><content type="html"><h4>What's New?</h4> |
| <p>Apache Allura 1.12.0 has been released. New features include user mention notifications. |
| Thanks to Shalitha and his Google Summer of Code project for implementing this and previous user-mention related functionality. |
| Read more about <a href="https://medium.com/@shalithasuranga/4e5e4df8b2db">Shalith's Summer of Code and the user-mention functionality here</a>.</p> |
| <p>An admin option to generate password reset link are also included, along with various performance improvements and bug fixes. |
| To see all the bugs fixed and the upgrade instructions, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Security Fix</h4> |
| <p>Limited information disclosure in generic search.</p> |
| <p>Versions Affected: 1.11.1 and earlier</p> |
| <p><strong>Mitigation:</strong><br> |
| Users of Allura should upgrade to Allura 1.12.0</p> |
| <h4>Get 1.12.0</h4> |
| <p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.11.1 released</title><link href="//allura.apache.org/posts/2019-allura-1.11.1.html" rel="alternate"></link><published>2019-07-16T00:00:00+00:00</published><updated>2019-07-16T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2019-07-16:/posts/2019-allura-1.11.1.html</id><summary type="html"><p>Version 1.11.1 of Allura released</p></summary><content type="html"><h4>What's New?</h4> |
| <p>Apache Allura 1.11.1 has been released. It is mostly a bugfix release, with one new feature being infotips for username mentions.</p> |
| <p>To see all the bugs fixed and the upgrade instructions, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Security Fix</h4> |
| <p>XSS vulnerability when adding another user to a project</p> |
| <p>Versions Affected: 1.11.0 and earlier</p> |
| <p><strong>Mitigation:</strong><br> |
| Users of Allura should upgrade to Allura 1.11.1</p> |
| <h4>Get 1.11.1</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.11.0 released</title><link href="//allura.apache.org/posts/2019-allura-1.11.0.html" rel="alternate"></link><published>2019-06-18T00:00:00+00:00</published><updated>2019-06-18T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2019-06-18:/posts/2019-allura-1.11.0.html</id><summary type="html"><p>Version 1.11.0 of Allura released, with many fixes &amp; improvements and a critical security fix.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.11.0 has been released, with new features including:</p> |
| <ul> |
| <li>Reaction support for comments:</li> |
| </ul> |
| <p><img alt="Reaction screenshot" src="//allura.apache.org/images/2019-reactions.png"></p> |
| <ul> |
| <li>Option to subscribe to forums and other types of threads, when posting</li> |
| </ul> |
| <p><img alt="Subscribe when posting screenshot" src="//allura.apache.org/images/2019-post-subscribe.png"></p> |
| <ul> |
| <li>@username mentions in markdown editor</li> |
| </ul> |
| <p><img alt="Username mentioning screenshot" src="//allura.apache.org/images/2019-usernames.png"></p> |
| <ul> |
| <li>Optional HaveIBeenPwned checks for password changes</li> |
| </ul> |
| <h4>Important Security Fix</h4> |
| <p>CVE-2019-10085 Apache Allura XSS vulnerability in ticket user dropdown selector</p> |
| <p>Severity: Important<br> |
| Versions Affected: 1.10.0 and earlier</p> |
| <p><strong>Description:</strong><br> |
| A vulnerability exists for stored XSS on the user dropdown selector when |
| creating or editing tickets. The XSS executes when a user engages with that |
| dropdown on that page.</p> |
| <p><strong>Mitigation:</strong><br> |
| Users of Allura should upgrade to Allura 1.11.0 immediately.</p> |
| <p><strong>Credit:</strong><br> |
| This issue was discovered by Bob "Wombat" Hogg</p> |
| <p>There are many smaller improvements and fixes as well. To see all the details and upgrade instructions, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Get 1.11.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.10.0 released</title><link href="//allura.apache.org/posts/2018-allura-1.10.0.html" rel="alternate"></link><published>2018-10-30T00:00:00+00:00</published><updated>2018-10-30T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2018-10-30:/posts/2018-allura-1.10.0.html</id><summary type="html"><p>Version 1.10.0 of Allura released, with many fixes &amp; improvements and a critical security fix.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.10.0 has been released, with new features including:</p> |
| <ul> |
| <li>interactive checkmark lists <code>* [x] done!</code></li> |
| <li>emoji shortcode support <code>:rocket:</code> 🚀</li> |
| <li>attachment support for blog posts, and new forum topics</li> |
| </ul> |
| <h4>Security Fix</h4> |
| <p>This release also includes a critical security fix, so upgrading is strongly encouraged.</p> |
| <p>There are many smaller improvements and fixes as well. To see all the details and upgrade instructions, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Get 1.10.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.9.0 released</title><link href="//allura.apache.org/posts/2018-allura-1.9.0.html" rel="alternate"></link><published>2018-09-25T00:00:00+00:00</published><updated>2018-09-25T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2018-09-25:/posts/2018-allura-1.9.0.html</id><summary type="html"><p>Version 1.9.0 of Allura released, with many fixes &amp; improvements and a critical security fix.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.9.0 has been released, with a brand new personal dashboard which shows your own tickets, merge requests, projects etc. |
| Another notable enhancement is automatic saving of content before form submission - no more lost text if you get logged out or disconnected. |
| Support is added for display of checkboxes lists from markdown, more search help, SVN snapshots of the current directory only, and bulk delete for tickets. |
| Of course there are also smaller improvements, fixes, and performances improvements as well. To see all the details, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Dashboard Details</h4> |
| <p>The personalized dashboard will show up at the index page for anyone who is logged in. This provides a comprehensive list of your own tickets and merge requests across all projects, and quick access to relevant projects and activity. It is extensible so 3rd-party sections can be developed as well, very similarly to the user profile sections.</p> |
| <p>Here's an example screenshot: |
| <img alt="Dashboard screenshot" src="//allura.apache.org/images/2018-dashboard.png"></p> |
| <h4>Get 1.9.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.8.1 released</title><link href="//allura.apache.org/posts/2018-allura-1.8.1.html" rel="alternate"></link><published>2018-03-14T00:00:00+00:00</published><updated>2018-03-14T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2018-03-14:/posts/2018-allura-1.8.1.html</id><summary type="html"><p>Version 1.8.1 of Allura released, with many fixes &amp; improvements and a critical security fix.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.8.1 has been released. |
| It contains a several improvements around spam prevention and content quality on discussions. It also includes a few performance optimizations, along with a number of fixes and smaller improvements. To see all the details, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Important Security Fix</h4> |
| <p>CVE-2018-1319 Apache Allura HTTP response splitting</p> |
| <p>Severity: Important<br> |
| Versions Affected: All</p> |
| <p><strong>Description:</strong><br> |
| Attackers may craft URLs that cause HTTP response splitting. If a victim goes |
| to a maliciously crafted URL, unwanted results may occur including XSS or |
| service denial for the victim's browsing session.</p> |
| <p><strong>Mitigation:</strong><br> |
| Users of Allura should upgrade to Allura 1.8.1 immediately.</p> |
| <p><strong>Credit:</strong><br> |
| This issue was discovered by Everardo Padilla Saca</p> |
| <h4>Get 1.8.1</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.8.0 released</title><link href="//allura.apache.org/posts/2018-allura-1.8.0.html" rel="alternate"></link><published>2018-02-06T00:00:00+00:00</published><updated>2018-02-06T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2018-02-06:/posts/2018-allura-1.8.0.html</id><summary type="html"><p>Version 1.8.0 of Allura released, with many fixes &amp; improvements and a critical security fix.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.8.0 has been released. |
| It contains a Docker setup for production environments, and improved security and auditing around user logins. |
| This release also contains a large number of fixes and smaller improvements. To see all the details, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Important Security Fix</h4> |
| <p>CVE-2018-1299 Apache Allura directory traversal vulnerability</p> |
| <p><strong>Versions Affected:</strong><br>Apache Allura 1.7.0 and earlier</p> |
| <p><strong>Description:</strong><br> |
| Unauthenticated attackers may retrieve arbitrary files through the Allura web |
| application. Some webservers used with Allura, such as Nginx, Apache/mod_wsgi |
| or paster may prevent the attack from succeeding. Others, such as gunicorn do |
| not prevent it and leave Allura vulnerable.</p> |
| <p><strong>Mitigation:</strong><br> |
| Users of vulnerable webservers with Allura should upgrade to Allura 1.8.0 |
| immediately.</p> |
| <p><strong>Credit:</strong><br> |
| This issue was discovered by Everardo Padilla Saca</p> |
| <h4>Get 1.8.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.7.0 released</title><link href="//allura.apache.org/posts/2017-allura-1.7.0.html" rel="alternate"></link><published>2017-06-28T00:00:00+00:00</published><updated>2017-06-28T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2017-06-28:/posts/2017-allura-1.7.0.html</id><summary type="html"><p>Version 1.7.0 of Allura: Multifactor authentication, git-http docker container, per-thread subscriptions in discussion forums, and more.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.7.0 has been released, with support for hi-res project logos, and better content control for "neighborhood" landing pages by using wiki pages.</p> |
| <p>This release also contains numerous small improvements and bug fixes. To see all the details, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/rel/1.7.0/~/tree/CHANGES">release changelog</a>.</p> |
| <h4>Get 1.7.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.6.0 released</title><link href="//allura.apache.org/posts/2016-allura-1.6.0.html" rel="alternate"></link><published>2016-12-15T00:00:00+00:00</published><updated>2016-12-15T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2016-12-15:/posts/2016-allura-1.6.0.html</id><summary type="html"><p>Version 1.6.0 of Allura: Multifactor authentication, git-http docker container, per-thread subscriptions in discussion forums, and more.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.6.0 has been released. Significant new features have been added in the project like the introduction of multifactor authentication and recovery codes, a git-http docker container, and per-thread subscriptions in discussion forums. </p> |
| <p>Also, see our recent post about the changes added in the <a href="//allura.apache.org/posts/2016-two-factor-auth.html">Two Factor Authentication</a> update for more details about it.</p> |
| <p>There are other fixes and improvements as well, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/rel/1.6.0/~/tree/CHANGES">changelog</a> for more details.</p> |
| <h4>Get 1.6.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Two Factor Authentication</title><link href="//allura.apache.org/posts/2016-two-factor-auth.html" rel="alternate"></link><published>2016-09-17T00:00:00+00:00</published><updated>2016-09-17T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2016-09-17:/posts/2016-two-factor-auth.html</id><summary type="html"><p>Support for Two Factor Authentication is now available</p></summary><content type="html"><p>Support for enabling Two Factor Authentication(2FA) for users is now available in Allura's master branch. </p> |
| <p>Users can enable 2FA by visiting their account preferences page and set it up.</p> |
| <p><img alt="Imgur" src="https://i.imgur.com/smRT9cL.png"></p> |
| <p>After clicking on the setup page, users will be asked for their password. </p> |
| <p><img alt="Imgur" src="https://i.imgur.com/u7HOXts.png"></p> |
| <p>Users then install the Google Authenticator App for their smartphones. The links to install it can also be emailed to their accounts so that the link can be accessed from their phone. </p> |
| <p><img alt="Imgur" src="https://i.imgur.com/0YQjvVP.png"></p> |
| <p>Users then scan the barcode and enter the time based six digit one time password generated by the mobile app in Allura. </p> |
| <p>After successfully setting up 2FA, users will be provided with recovery codes which can be used incase users get locked out of their account.</p> |
| <p><img alt="Imgur" src="https://i.imgur.com/ulSxcaY.png"></p> |
| <p>An email is also sent to the user. </p> |
| <p><img alt="Imgur" src="https://i.imgur.com/chi6a3H.png?2"></p> |
| <p>Users can also modify their settings and view the recovery codes as well as disable 2FA from their account preferences.</p> |
| <p><img alt="Imgur" src="https://i.imgur.com/BpDxbX3.png"></p></content><category term="misc"></category><category term="feature"></category></entry><entry><title>Apache Allura 1.5.0 released</title><link href="//allura.apache.org/posts/2016-allura-1.5.0.html" rel="alternate"></link><published>2016-08-23T00:00:00+00:00</published><updated>2016-08-23T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2016-08-23:/posts/2016-allura-1.5.0.html</id><summary type="html"><p>Version 1.5.0 of Allura: updated icons, editor enhancements, admin functionality, and more.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.5.0 has been released. Major new features include a guided tour after project registration, |
| improved design for discussions and their attachments, and various usability improvements for merge requests. Many |
| of the changes came from work done during Google Summer of Code.</p> |
| <p>See our <a href="//allura.apache.org/posts/2016-gsoc-16.html">Google Summer of Code Summary</a> for details on all those changes.</p> |
| <p>There are lots of other fixes and improvements, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/rel/1.5.0/~/tree/CHANGES">changelog</a> for details.</p> |
| <h4>Upgrade notes</h4> |
| <p>No changes are required unless you wish to use the new rate limiting config. If so, copy all the new |
| "rate_limits" settings from <code>development.ini</code> into your <code>.ini</code> file and configure appropriate values. Then run |
| <code>paster ensure_index development.ini</code>. Or if you are using Docker, run: |
| <code>docker-compose run taskd paster ensure_index docker-dev.ini</code></p> |
| <h4>Get 1.5.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura - GSoC 2016 Summary</title><link href="//allura.apache.org/posts/2016-gsoc-16.html" rel="alternate"></link><published>2016-08-09T00:00:00+00:00</published><updated>2016-08-09T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2016-08-09:/posts/2016-gsoc-16.html</id><summary type="html"><p>Apache Allura - GSoC 2016 Summary</p></summary><content type="html"><p>My name is <a href="http://rohanverma.net">Rohan Verma</a> and my nick is <a href="https://twitter.com/rhnvrm">rhnvrm</a>. During the past few month's I have been working on Apache Allura as a <a href="https://summerofcode.withgoogle.com/">Google Summer of Code (GSoC)</a> student. I am an undergraduate student and am currently based in India. I have been passionate about programming and software development since my school days. Being a GNU/Linux user I used to frequently use SourceForge and Github for downloading and exploring the source code published by various FLOSS communities. Through GitHub and SourceForge I gained interest in getting involved in contributing back to the community and Google Summer of Code was a great opportunity that came my way. I had found Allura to be amazing during my search for GSoC projects in terms of purpose, implementation and community. Therefore, I chose to work with my mentor for the project Dave Brondsema during this summer.</p> |
| <p>This post contains the summary of my work during Google Summer of Code 2016. Hopefully I was able to cover everything. You can also see my work on <a href="https://forge-allura.apache.org/p/allura/git">forge-allura</a>. Also, you can visually see a list of my commits made during GSoC that also contains the miscellaneous work commits <a href="https://github.com/apache/allura/commits/f403b8c4e44f2065e4d4529050d499252e914f25?author=rhnvrm">here</a>.</p> |
| <h3>Discussion Tool Changes</h3> |
| <p>The idea behind this change was to promote discussions on the platform. Most conversations on the web are now displayed in a similar format. The replies to a comment are also now anchored to the left, i.e. don't become shorter in length and are only shifted towards the left along with a smaller avatar. We have also moved away from shadows under the avatars since they do not match with the current design scheme.</p> |
| <p>The design enhances the username and avatar of the user to make it easier to recognize who has authored the comment. Also, the buttons used to interact in the discussion are now displayed on the upper right side. Also, there is now a unified design theme for all buttons including the moderation buttons. These set of buttons can easily be extendened in the future as well. This also makes more space available for the content. Images now do not overflow outside these bubbles and fit inside the bubbles.</p> |
| <p><img alt="Design Example of Discussion" src="https://i.imgur.com/4gmxwcL.png"></p> |
| <p>Another prominent change is how we now display attachments. There is now a dedicated download and delete button for all attachments and an icon beside the file name displaying the type of attachment.</p> |
| <p>Support for viewing the photo attachments has also been added by clicking on the image thumbnail inside the attachment box.</p> |
| <p><img alt="Preview Images" src="https://i.imgur.com/Qw2g7at.png"></p> |
| <p>There has also been a change in how we display meta posts which share information rather than conversational text that is generated by the interaction of the user with the tools. These are not highlighted and uses smaller fonts so it is easier for the eyes to find real content and also distinguish between meta information and the same.</p> |
| <p><img alt="Meta Posts" src="https://i.imgur.com/Ch77UNq.png"></p> |
| <p>You can also use Unicode Emoji's within the discussion tool and they will be rendered as Twitter Style Emoji. This is very useful since we now have support for displaying the emoji even if the user don't have the proper font's to render them in his browser. </p> |
| <p><img alt="Imgur" src="https://i.imgur.com/LoTab39.png"></p> |
| <p>Emoji Support enables users to use their devices emoji input keyboards and enter data. Also, now teams can use a simple Thumbs Up emoji instead of writing words to express themselves.</p> |
| <p>You can view the results live on <a href="https://sourceforge.net/p/texstudio/bugs/1872/">SourceForge</a> as well.</p> |
| <h3>Improved Landing Page</h3> |
| <p><img alt="Imgur" src="https://i.imgur.com/kvul0nB.png"></p> |
| <p>We now have a better landing page. A landing page is forms the first impression for the tool. Although, if you are probably using SourceForge, your landing page might be the Project Catalog. </p> |
| <p>Now we list all the neighborhoods in a block showing it's logo along with the name and number of projects it contains. </p> |
| <p>It makes it easier to digest the concept of neighborhoods for users who are used to something similar to Github or GitLab.</p> |
| <h3>Minor Improvements in Ticket Listing and Search</h3> |
| <p>Now you can resize the length of the columns in the ticket listing.</p> |
| <p><img alt="Resize" src="https://i.imgur.com/iC3fGex.gif"></p> |
| <p>Also you can now click on the username in the Owner column to view all tickets that have been assigned to that user directly from the ticket listing.</p> |
| <h3>Merge Request Flow Improvements</h3> |
| <p>Now we show a link to Merge Requests listing in the side panel in all tools that support them even if none have been created. </p> |
| <p><img alt="List if zero" src="https://i.imgur.com/tfTkcjR.png"></p> |
| <p>Also the filtering of merge requests have changed a bit. Now we have a new set of filter buttons that we use to filter the merge requests that are either open, rejected, merged. </p> |
| <p><img alt="Filter MRs" src="https://i.imgur.com/izu38m5.png"></p> |
| <p>Also, there are now dedicated buttons matching the Forge theme that you can use to manage your merge requests. We now have an array of buttons and a text message that displays the status of the merge conflicts and if a one click merge is possible if you have access to that information. Users with correct priveleges can also click on the Reject button to reject and close the MR in two clicks including a confirmation dialog. </p> |
| <p>Also, you can now Refresh the commits without having to manually edit the merge request, saving 4-5 clicks using the Refresh Commits button.</p> |
| <p><img alt="Imgur" src="https://i.imgur.com/rkjlglc.png"></p> |
| <h3>What could not be completed or was not done</h3> |
| <h4>Implement async loading of comments and allow them to be paginated.</h4> |
| <p>This was not implemented since there would be a loss in the traffic for the discussions. This would have a huge impact in search rankings for comments since crawlers don't index async loaded comments and searching for problems on the internet is a very important way to reach this content. Suppose you have a problem you have faced with TexStudio software and search about it on a search engine and someone else has also reported a problem on it's bug tracker then if it is not indexed in the search engine we will not be able to find it on the search results.</p> |
| <h4>Make Allura Responsive</h4> |
| <p>This is something which I worked on for atleast 2 weeks and trying to find the most optimal solution. Even before starting there was some doubt about the feasability. But my final decision was that it is not feasible to do. This was due to the fact that there is no way to move to a fully functional mobile experience without altering the current structure of the project. The best way forward would be to move to bootstrap or some similar project. Also, this way we would be able to have a good enough way to move forward with the project.</p> |
| <p>The first major problem I faced was keeping intact the design so that it does not break SourceForge. </p> |
| <p>My first approach was to change the current method of using viewport based widths instead of fixed pixel widths.</p> |
| <p>My next approach was to add media queries and then change the pixel values accordingly.</p> |
| <p>Next I tried to use the method suggested by mentor to detect if we have a mobile browser and display a different template. This works, but is of no use if all the templates are not modified. So for testing I edited the width of the holders to the viewport size but then I realized if the inside is not also properly updated it would be of no use. Also all tests relating to that component would fail.</p> |
| <p>So I moved on to work on other parts of the project.</p> |
| <h4>Extend the models in the threads to allow voting(express +1, LGTM etc.) on individual comments.</h4> |
| <p>There were two ways I tried to implement this. </p> |
| <p>First was to add a thumbs up button on the menu of the discussion bubble along side reply.</p> |
| <p><img alt="Imgur" src="https://i.imgur.com/LoTab39.png"></p> |
| <p>Clicking that button adds a meta post as a reply to the post. But it looks ugly and does not seem useful.</p> |
| <p><img alt="Plus 1" src="https://i.imgur.com/GycKCDW.png"></p> |
| <p>The other method was to try to make the artifact votable but here the problem was that I could not get it to work as per my thought of how it should look and work. In this way I wanted a menu on the bottom. </p> |
| <p>The code for all of these unimplemented work is available on my forked repo on forge-allura <a href="https://forge-allura.apache.org/u/rhnvrm/allura/ref/master/branches/">here</a>. You can find all the branches with the unimplemented work mentioned here as well as other experiments. (My Branches begin with <code>feature</code> or <code>rhnvrm/</code>)</p> |
| <h3>Other Cool Stuff I did related to Allura</h3> |
| <h4>Makefile to install Allura with one command</h4> |
| <p>You can now install Allura very easily if you don't have docker or are not able to use it due to some reason</p> |
| <p><a href="https://forge-allura.apache.org/u/rhnvrm/allura-install/">https://forge-allura.apache.org/u/rhnvrm/allura-install/</a></p> |
| <ol> |
| <li>Set up your <a href="http://digitalocean.com">digital ocean</a> account and spin up a new <code>Ubuntu 14.04</code> droplet.</li> |
| <li>SSH into your droplet's root <code>ssh root@&lt;DO_id&gt;</code> and |
| clone the repository using <code>git clone https://rhnvrm@forge-allura.apache.org/git/u/rhnvrm/allura-install</code></li> |
| <li>Change your working directory into the cloned repository. <code>cd allura-install</code></li> |
| <li>Install <code>git</code> and <code>make</code> using <code>apt-get install git make</code></li> |
| <li>Run <code>make install</code></li> |
| </ol> |
| <h4>Installed Allura on a RaspberryPi B</h4> |
| <p>To show how it can even be run on a low powered device I installed Allura for me and my friends on a RPi 3B model.</p> |
| <p>There were various problems that I faced during installation due to it being an ARM based device. I first tried to install using docker since it was easier but after installing docker and docker-compose from hyperiot I soon realized that it was not possible as it is ARM based and we don't provide docker support for that.</p> |
| <p>Here the makefile was very useful. Although I did not use it directly but I atleast had an idea how to install Allura step by step instead of having to re read the manual again and again.</p> |
| <p><img alt="Imgur" src="https://i.imgur.com/2VdVmnN.jpg"></p> |
| <h4>Deployed Allura for my University</h4> |
| <p>Using the Raspberry Pi I am planning to deploy it for my university for using it for our Coding Club and also for internal usage. I have emailed my department and am hoping for a positive response.</p> |
| <h4>Setup and hosted a small Allura Instance for testing on Digital Ocean</h4> |
| <p>During GSoC I ran Allura on a droplet for testing since my old laptop was having some issues with it's graphics card. I was able to use a netbook and vim to test my changes on the droplet until I got my new laptop.</p> |
| <h3>ShoutOut to tools that I used during GSoC</h3> |
| <ol> |
| <li>ZimWiki </li> |
| <li>PyCharm</li> |
| <li>Vim</li> |
| <li>Digital Ocean</li> |
| <li>Docker</li> |
| <li>Pomodoro Timer App for Gnome</li> |
| <li>Postman</li> |
| <li>HexChat</li> |
| <li>Imgur for hosting the <a href="https://imgur.com/a/r2oPI">image album</a></li> |
| </ol> |
| <p>(This blog was originally posted on my personal blog at <a href="https://rhnvrm.github.io/2016-08-09-apache-allura-gsoc-16-summary/">rhnvrm.github.io</a>. You can read more about me at <a href="http://rohanverma.net/">rohanverma.net</a>)</p></content><category term="misc"></category><category term="gsoc"></category></entry><entry><title>Apache Allura 1.4.0 released</title><link href="//allura.apache.org/posts/2016-allura-1.4.0.html" rel="alternate"></link><published>2016-04-12T00:00:00+00:00</published><updated>2016-04-12T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2016-04-12:/posts/2016-allura-1.4.0.html</id><summary type="html"><p>Version 1.4.0 of Allura: updated icons, editor enhancements, admin functionality, and more.</p></summary><content type="html"><p>Apache Allura 1.4.0 has been released. The biggest new feature is the Admin Nav Bar. |
| It's a complete overhaul of how you customize the tools in your project. |
| Read our <a href="//allura.apache.org/posts/2016-admin-toolbar.html">admin toolbar post</a> to see how much easier it is to access tool |
| configurations and add new tools.</p> |
| <p>Other significant improvements are:</p> |
| <ul> |
| <li>Config settings to show your custom logo and navigation links in the top header.</li> |
| <li>New interface to manage sitewide notifications. You can specify custom messages to show up on certain pages or page types, or to certain types of users.</li> |
| <li>Project exports now can include file attachments from all the tickets, wiki pages, comments, etc.</li> |
| <li>Standardized fence blocks in Markdown. In addition to <code>~~~</code> to mark off code blocks, you can use the more common <code>```</code>. |
| It also works to nest code block notation, and specify the formatting language in more ways. See <a href="http://spec.commonmark.org/0.25/#fenced-code-blocks">CommonMark spec for details</a>.</li> |
| </ul> |
| <p>There are also dozens of small fixes and improvements, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/rel/1.4.0/~/tree/CHANGES">changelog</a> for details.</p> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p> |
| <p><a href="https://forge-allura.apache.org/p/allura/git/ci/rel/1.4.0/~/tree/CHANGES">View the full 1.4.0 Changelog</a></p></content><category term="misc"></category><category term="release"></category></entry><entry><title>New admin mode now available!</title><link href="//allura.apache.org/posts/2016-admin-toolbar.html" rel="alternate"></link><published>2016-01-14T00:00:00+00:00</published><updated>2016-01-14T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2016-01-14:/posts/2016-admin-toolbar.html</id><summary type="html"><p>Updating your Allura projects has never been easier</p></summary><content type="html"><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;When you use the same tools everyday, it is easy to evaluate how you spend most of your time. Even more apparent are the steps and processes that slow you down. Since all of us on the development team use these tools ourselves, we spent the end of the year discussing what processes have been slowing us down. Have you ever tried to rename a repo or give a user permission to moderate your project’s discussions? Did you even know you could do these things?</p> |
| <p><em>Exactly</em>. </p> |
| <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;As we realized where the hitch in the workflow was, we knew there was a more elegant solution. So we set out to build a new admin mode for all projects’ navigation bars. It provides easy access to add new tools to your project, as well as rename, reorder, configure, and delete any tools.</p> |
| <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;To take this idea from concept to completion, we needed to modernize our frontend tooling. By leveraging Babel we were able to make use of the latest features of Javascript ES2015 and incorporate React and JSX into our workflow. We also wanted to ensure we maintained a clean, consistent style in our frontend code, so we started implementing ESLint. To tie it all together, we then chose Broccoli for our build system because of its incremental rebuilding and its incredibly fast compile times. By utilizing all these resources, we were able to create a new toolbar that approaches customization in a modern way and, as a byproduct, made future frontend endeavours more interesting to work on. </p> |
| <h4>Installing a New Tool</h4> |
| <p><img src="//allura.apache.org/images/toolbar/install.gif" class="drop-shadow" width="815" /></p> |
| <p>The new Admin Toolbar is easy to find and use. There is a “Add New” link on every page, letting you install a new tool from anywhere. With improved features like tooltips and real-time validation, the updated experience is more intuitive than ever.</p> |
| <h4>Tool Options</h4> |
| <p><img src="//allura.apache.org/images/toolbar/edit.gif" class="drop-shadow" width="815" /></p> |
| <p>To change any tool settings, use the Lock/Unlock button on the right side of the bar. This feature makes these options accessible when you need them and inconspicuous when you don’t. And the gear icon opens up a context menu to manage your tools right from the interface, such as renaming, deleting, or setting specific options. So you’re always only a few clicks away from all your tool settings.</p> |
| <h4>Reordering Tools</h4> |
| <p><img src="//allura.apache.org/images/toolbar/reorder.gif" class="drop-shadow" width="815" /></p> |
| <p>Some key tools are anchored in place, but many tools are movable by dragging and dropping to the desired location. Just the unlock button, and then drag and drop them into the order you want. You can even customize the order within sub-menu dropdowns using this method.</p> |
| <h4>Grouping Similar Tools into Dropdowns</h4> |
| <p><img src="//allura.apache.org/images/toolbar/grouping.gif" class="drop-shadow" width="815"/></p> |
| <p>When you have multiple tools of the same type, the Grouping Threshold option is available. It determines if they will all fit in the navigation bar, or automatically be grouped into a dropdown.</p> |
| <p>Go check it out!</p></content><category term="misc"></category><category term="feature"></category></entry><entry><title>Apache Allura 1.3.2 released</title><link href="//allura.apache.org/posts/2015-allura-1.3.2.html" rel="alternate"></link><published>2015-12-08T00:00:00+00:00</published><updated>2015-12-08T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2015-12-08:/posts/2015-allura-1.3.2.html</id><summary type="html"><p>Version 1.3.2 of Allura: updated icons, editor enhancements, admin functionality, and more.</p></summary><content type="html"><p>Apache Allura 1.3.2 has been released. It includes 2 security fixes and dozens of small fixes and improvements. The major |
| new features are:</p> |
| <ul> |
| <li><a href="//allura.apache.org/posts/2015-updated-icons.html">Updated icons and cleaner project navigation bar.</a></li> |
| <li>Enhancements to the <a href="//allura.apache.org/posts/2015-markdown-editor.html">Markdown editor added in 1.3.1</a>. We're talking button |
| tooltips, alternate header types, and buttons for section headers, code (works with blocks or inline code), horizontal |
| rule, and tables.</li> |
| <li>Admin options for any tool available directly in the left sidebar. No more digging through separate Admin navigation.</li> |
| <li>API documented in <a href="http://raml.org/">.raml</a> files. We <a href="//allura.apache.org/posts/2015-rest-api-docs.html">published the API docs already</a>, |
| which are generated from the .raml definition files.</li> |
| <li>A site admin (<code>/nf/admin</code>) page to permanently delete projects and their data.</li> |
| </ul> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p> |
| <p><a href="https://forge-allura.apache.org/p/allura/git/ci/asf_release_1.3.2/tree/CHANGES">View the full 1.3.2 Changelog</a></p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Updated Icons, Cleaner Nav Bar</title><link href="//allura.apache.org/posts/2015-updated-icons.html" rel="alternate"></link><published>2015-10-28T00:00:00+00:00</published><updated>2015-10-28T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2015-10-28:/posts/2015-updated-icons.html</id><summary type="html"><p>Updated icon set and cleaner project navigation bar</p></summary><content type="html"><p>Two big UI improvements have landed in Allura's master branch recently.</p> |
| <p>First, we've removed the icons for each tool (wiki, discussion, code, etc). The icons looked dated, and cluttered |
| the project navigation bar. They also presented challenges of what tool icon to use when a new tool was added. So now |
| they are gone, and the project nav bar in particular looks much cleaner:</p> |
| <p><img alt="Nav bar screenshot" src="//allura.apache.org/images/2015-updated-icons-nav.png"></p> |
| <p>Second, and even more exciting, is the use of Font Awesome icons throughout Allura. They replace a small custom icon set |
| that had limited choices and was fixed-size. Font Awesome has lots of choices and looks great on high resolution |
| screens:</p> |
| <p><img alt="Icons screenshot" src="//allura.apache.org/images/2015-updated-icons.png"></p> |
| <p>Hope you enjoy a nicer looking Allura!</p> |
| <style> |
| .pad-md img { |
| margin: 2em; |
| } |
| </style></content><category term="misc"></category><category term="feature"></category></entry><entry><title>REST API documentation</title><link href="//allura.apache.org/posts/2015-rest-api-docs.html" rel="alternate"></link><published>2015-08-20T00:00:00+00:00</published><updated>2015-08-20T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2015-08-20:/posts/2015-rest-api-docs.html</id><summary type="html"><p>New docs for Allura's REST API are now published</p></summary><content type="html"><p>We have just published new docs for Allura's REST API. The API is documented as |
| <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/Allura/docs/api-rest/">RAML files</a> including many examples |
| and schemas.</p> |
| <p><a href="https://anypoint.mulesoft.com/apiplatform/forge-allura/#/portals/organizations/86c00a85-31e6-4302-b36d-049ca5d042fd/apis/32370/versions/33732">View the API documentation here.</a> |
| This portal also lets you try the API live, so you can see exactly what each API endpoint does.</p></content><category term="misc"></category></entry><entry><title>Apache Allura 1.3.1 released</title><link href="//allura.apache.org/posts/2015-allura-1.3.1-release.html" rel="alternate"></link><published>2015-08-10T00:00:00+00:00</published><updated>2015-08-10T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2015-08-10:/posts/2015-allura-1.3.1-release.html</id><summary type="html"><p>Version 1.3.1 of Allura brings security fixes, new markdown editor, CORS, and more.</p></summary><content type="html"><p>Apache Allura 1.3.1 has been released. It includes 3 security fixes and many small fixes and improvements. The major |
| new features are:</p> |
| <ul> |
| <li><a href="//allura.apache.org/posts/2015-cors.html">CORS support</a>, allowing broader access to the REST APIs.</li> |
| <li>A <a href="//allura.apache.org/posts/2015-markdown-editor.html">brand new Markdown editor</a> with syntax highlighting and an editing toolbar.</li> |
| <li>New and updated docs for <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">Installation</a> and |
| <a href="https://forge-allura.apache.org/docs/getting_started/administration.html">Administration</a> </li> |
| <li>Ticket notifications include links to attachments.</li> |
| </ul> |
| <p><a href="https://forge-allura.apache.org/p/allura/git/ci/asf_release_1.3.1/tree/CHANGES">View the full Changelog</a></p></content><category term="misc"></category><category term="release"></category></entry><entry><title>New Markdown Editor</title><link href="//allura.apache.org/posts/2015-markdown-editor.html" rel="alternate"></link><published>2015-07-29T00:00:00+00:00</published><updated>2015-07-29T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2015-07-29:/posts/2015-markdown-editor.html</id><summary type="html"><p>New markdown editor provides live syntax highlighting and a helpful toolbar.</p></summary><content type="html"><p>Allura's markdown editor has been completely replaced. Previously a simple textarea with limited assistance, it now runs |
| the <a href="http://nextstepwebs.github.io/simplemde-markdown-editor/">SimpleMDE Markdown Editor</a> and includes live syntax highlighting and |
| a helpful toolbar. It will be included in the next release of Allura, or is available now by using the latest code from <code>git</code>.</p> |
| <p>Markdown is a core part of Allura and is used in every text area, including tickets, wiki pages, commenting, etc. Markdown |
| makes it easy to do simple formatting of your text, but not everyone is familiar with it. The existing formatting help |
| and preview mode was helpful, but we wanted to do more.</p> |
| <p>The new editor's live syntax highlighting makes it really easy |
| to get an idea of what your text is going to look like and avoid formatting mistakes. The preview mode is still there |
| to show you an exact rendering of the formatting. And then the toolbar makes common formatting operations very easy. |
| It's a time saver and allows people new to Markdown to format their text without reading the comprehensive formatting |
| reference page.</p></content><category term="misc"></category><category term="feature"></category></entry><entry><title>CORS support added to Allura</title><link href="//allura.apache.org/posts/2015-cors.html" rel="alternate"></link><published>2015-07-24T00:00:00+00:00</published><updated>2015-07-24T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2015-07-24:/posts/2015-cors.html</id><summary type="html"><p>Latest revision of Allura now supports CORS http headers.</p></summary><content type="html"><p>The latest Allura code now supports CORS http headers. It will be included in the next release of Allura, |
| or is available now by using the latest code from <code>git</code>.</p> |
| <p><a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS">CORS headers</a> allow JavaScript running on other sites |
| to access the Allura APIs. By default, browser's Same Origin Policy would prevent that. CORS is still secure, because Allura's |
| authenticate is in place. APIs that require authorization still require it. OAuth or OAuth tokens can be used, |
| cookies cannot be used - so nobody could be tricked into doing something accidentally.</p> |
| <p>To enable this and allow more sites to integrate with Allura, see the <code>cors.*</code> settings in your <code>development.ini</code> file.</p></content><category term="misc"></category><category term="feature"></category></entry></feed> |
