| <?xml version="1.0" encoding="utf-8"?> |
| <feed xmlns="http://www.w3.org/2005/Atom"><title>Apache Allura - release</title><link href="//allura.apache.org/" rel="alternate"></link><link href="//allura.apache.org/feeds/tag.release.atom.xml" rel="self"></link><id>//allura.apache.org/</id><updated>2023-11-06T00:00:00+00:00</updated><entry><title>Apache Allura 1.16.0 released with critical security fix</title><link href="//allura.apache.org/posts/2023-allura-1.16.0.html" rel="alternate"></link><published>2023-11-06T00:00:00+00:00</published><updated>2023-11-06T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2023-11-06:/posts/2023-allura-1.16.0.html</id><summary type="html"><p>Version 1.16.0 of Allura released with critical security fix</p></summary><content type="html"><h4>What's New?</h4> |
| <p>Apache Allura 1.16.0 has been released. It has a critical security fix and also drops Python 3.7 support.</p> |
| <p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p> |
| <h4>Critical Security Fix</h4> |
| <p>CVE-2023-46851 sensitive information exposure via import </p> |
| <p>Severity: Critical<br> |
| Versions Affected: 1.0.1 through 1.15.0</p> |
| <p><strong>Description:</strong><br> |
| Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution.</p> |
| <p><strong>Mitigation:</strong><br> |
| Users of Allura should upgrade to Allura 1.16.0 immediately.</p> |
| <p>If you are unable to upgrade, set this in your .ini config file:</p> |
| <div class="highlight"><pre><span></span><code>disable_entry_points.allura.importers = forge-tracker, forge-discussion |
| </code></pre></div> |
| |
| <p>That same .ini setting is also recommend for users who want maximum security on their Allura instance and don't need those importers available.</p> |
| <p><strong>Credit:</strong><br> |
| This issue was discovered by Stefan Schiller (Sonar)</p> |
| <h4>Python 3.8 through 3.11 supported</h4> |
| <p>This release drops support for Python 3.7 and supports Python 3.8 through Python 3.11</p> |
| <h4>Upgrade Instructions</h4> |
| <p>To install updated dependencies, run: <code>pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed</code></p> |
| <p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p> |
| <p>If switching to a new version of Python, you will need to make a completely new python virtual environment, |
| and run <code>pip install ...</code> in it, and then use it to run Allura.</p> |
| <p>If using docker, rebuild the allura image and restart containers.</p> |
| <p>Feel free to ask any questions on the <a href="https://lists.apache.org/list.html?dev@allura.apache.org">dev mailing list</a>.</p> |
| <h4>Get 1.16.0</h4> |
| <p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.15.0 released</title><link href="//allura.apache.org/posts/2023-allura-1.15.0.html" rel="alternate"></link><published>2023-09-18T00:00:00+00:00</published><updated>2023-09-18T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2023-09-18:/posts/2023-allura-1.15.0.html</id><summary type="html"><p>Version 1.15.0 of Allura released</p></summary><content type="html"><h4>What's New?</h4> |
| <p>Apache Allura 1.15.0 has been released, after a long time since 1.14.0. This release adds support for more Python versions (see next section) and Content-Security-Policy headers. Many other fixes and improvements are also included, they relate to SEO, performance and different parts of Allura.</p> |
| <p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">CHANGES file</a>. </p> |
| <h4>Python 3.7 through 3.11 supported</h4> |
| <p>This release supports Python 3.7 through Python 3.11</p> |
| <p>The next release will drop support for Python 3.7 so please upgrade your Python version soon, to stay compatible with future Allura releases.</p> |
| <h4>Upgrade Instructions</h4> |
| <p>To install updated dependencies, run: <code>pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed</code></p> |
| <p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p> |
| <p>If switching to a new version of Python, you will need to make a completely new python virtual environment, |
| and run <code>pip install ...</code> in it, and then use it to run Allura.</p> |
| <p>If using docker, rebuild the allura image and restart containers.</p> |
| <p>Feel free to ask any questions on the <a href="https://lists.apache.org/list.html?dev@allura.apache.org">dev mailing list</a>.</p> |
| <h4>Get 1.15.0</h4> |
| <p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.14.0 released</title><link href="//allura.apache.org/posts/2022-allura-1.14.0.html" rel="alternate"></link><published>2022-09-23T00:00:00+00:00</published><updated>2022-09-23T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2022-09-23:/posts/2022-allura-1.14.0.html</id><summary type="html"><p>Version 1.14.0 of Allura released</p></summary><content type="html"><h4>What's New?</h4> |
| <p>Apache Allura 1.14.0 has been released, after a long time since 1.13.0. It includes a new app/tool, SEO improvements |
| and a huge list of small fixes and improvements. The highlights are:</p> |
| <ul> |
| <li>Added ForgeFiles app for uploading and managing file releases.</li> |
| <li>Many SEO improvements related to links, redirects, canonical and noindex tags.</li> |
| </ul> |
| <p>For full details of all the changes and fixes, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release notes</a>. </p> |
| <h4>Only Python 3.7 supported</h4> |
| <p>This release drops support for Python 2.7 and 3.6, and only supports Python 3.7.</p> |
| <h4>Upgrade Instructions</h4> |
| <p>To install updated dependencies, run: <code>pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed</code></p> |
| <p>Run: <code>./rebuild-all.bash</code> to get new ForgeFiles app available</p> |
| <p>Run: <code>paster ensure_index development.ini</code> in Allura dir</p> |
| <p>If switching from Python 3.6 to 3.7, you will need to make a completely new python virtual environment, |
| and run <code>pip install ...</code> in it, and then use it to run Allura. If you're still on Python 2, you probably should upgrade |
| to the previous release 1.13.0 first, following its upgrade instructions, and then switch to Python 3 before doing the 1.14.0 upgrade.</p> |
| <p>If using docker, rebuild the allura image and restart containers.</p> |
| <p>Feel free to ask any questions on the <a href="https://lists.apache.org/list.html?dev@allura.apache.org">dev mailing list</a>.</p> |
| <h4>Get 1.14.0</h4> |
| <p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.13.0 released</title><link href="//allura.apache.org/posts/2021-allura-1.13.0.html" rel="alternate"></link><published>2021-05-17T00:00:00+00:00</published><updated>2021-05-17T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2021-05-17:/posts/2021-allura-1.13.0.html</id><summary type="html"><p>Version 1.13.0 of Allura released</p></summary><content type="html"><h4>What's New?</h4> |
| <p>Apache Allura 1.13.0 has been released, after over a year of development, it includes some major updates and a huge |
| list of small fixes and improvements. Some highlights are:</p> |
| <ul> |
| <li>Added ForgeFeedback app</li> |
| <li>textarea inputs work better on mobile devices, and use browser spellchecker</li> |
| <li>Forum importer for allura's own export format</li> |
| <li>Allow multiple site-wide notices to be active</li> |
| </ul> |
| <h4>Python 2 and 3 supported</h4> |
| <p>This release supports Python 2.7, 3.6, and 3.7. It is the last release planned to support Python 2. We recommend anyone |
| running Allura on Python 2 update to Allura 1.13 and then switch from Python 2 to Python 3. For more details, see |
| the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release notes</a> and feel free to ask questions |
| on the <a href="https://lists.apache.org/list.html?dev@allura.apache.org">dev mailing list</a>.</p> |
| <h4>Upgrade Instructions</h4> |
| <p>Due to supporting both Python 2 and 3, there are quite a few small things to be aware and to update, when upgrading |
| to 1.13.0. The <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release notes</a> has all the details |
| outlined.</p> |
| <h4>Get 1.13.0</h4> |
| <p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.12.0 released</title><link href="//allura.apache.org/posts/2019-allura-1.12.0.html" rel="alternate"></link><published>2019-10-07T00:00:00+00:00</published><updated>2019-10-07T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2019-10-07:/posts/2019-allura-1.12.0.html</id><summary type="html"><p>Version 1.12.0 of Allura released</p></summary><content type="html"><h4>What's New?</h4> |
| <p>Apache Allura 1.12.0 has been released. New features include user mention notifications. |
| Thanks to Shalitha and his Google Summer of Code project for implementing this and previous user-mention related functionality. |
| Read more about <a href="https://medium.com/@shalithasuranga/4e5e4df8b2db">Shalith's Summer of Code and the user-mention functionality here</a>.</p> |
| <p>An admin option to generate password reset link are also included, along with various performance improvements and bug fixes. |
| To see all the bugs fixed and the upgrade instructions, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Security Fix</h4> |
| <p>Limited information disclosure in generic search.</p> |
| <p>Versions Affected: 1.11.1 and earlier</p> |
| <p><strong>Mitigation:</strong><br> |
| Users of Allura should upgrade to Allura 1.12.0</p> |
| <h4>Get 1.12.0</h4> |
| <p><a href="//allura.apache.org/download.html">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.11.1 released</title><link href="//allura.apache.org/posts/2019-allura-1.11.1.html" rel="alternate"></link><published>2019-07-16T00:00:00+00:00</published><updated>2019-07-16T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2019-07-16:/posts/2019-allura-1.11.1.html</id><summary type="html"><p>Version 1.11.1 of Allura released</p></summary><content type="html"><h4>What's New?</h4> |
| <p>Apache Allura 1.11.1 has been released. It is mostly a bugfix release, with one new feature being infotips for username mentions.</p> |
| <p>To see all the bugs fixed and the upgrade instructions, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Security Fix</h4> |
| <p>XSS vulnerability when adding another user to a project</p> |
| <p>Versions Affected: 1.11.0 and earlier</p> |
| <p><strong>Mitigation:</strong><br> |
| Users of Allura should upgrade to Allura 1.11.1</p> |
| <h4>Get 1.11.1</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.11.0 released</title><link href="//allura.apache.org/posts/2019-allura-1.11.0.html" rel="alternate"></link><published>2019-06-18T00:00:00+00:00</published><updated>2019-06-18T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2019-06-18:/posts/2019-allura-1.11.0.html</id><summary type="html"><p>Version 1.11.0 of Allura released, with many fixes &amp; improvements and a critical security fix.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.11.0 has been released, with new features including:</p> |
| <ul> |
| <li>Reaction support for comments:</li> |
| </ul> |
| <p><img alt="Reaction screenshot" src="//allura.apache.org/images/2019-reactions.png"></p> |
| <ul> |
| <li>Option to subscribe to forums and other types of threads, when posting</li> |
| </ul> |
| <p><img alt="Subscribe when posting screenshot" src="//allura.apache.org/images/2019-post-subscribe.png"></p> |
| <ul> |
| <li>@username mentions in markdown editor</li> |
| </ul> |
| <p><img alt="Username mentioning screenshot" src="//allura.apache.org/images/2019-usernames.png"></p> |
| <ul> |
| <li>Optional HaveIBeenPwned checks for password changes</li> |
| </ul> |
| <h4>Important Security Fix</h4> |
| <p>CVE-2019-10085 Apache Allura XSS vulnerability in ticket user dropdown selector</p> |
| <p>Severity: Important<br> |
| Versions Affected: 1.10.0 and earlier</p> |
| <p><strong>Description:</strong><br> |
| A vulnerability exists for stored XSS on the user dropdown selector when |
| creating or editing tickets. The XSS executes when a user engages with that |
| dropdown on that page.</p> |
| <p><strong>Mitigation:</strong><br> |
| Users of Allura should upgrade to Allura 1.11.0 immediately.</p> |
| <p><strong>Credit:</strong><br> |
| This issue was discovered by Bob "Wombat" Hogg</p> |
| <p>There are many smaller improvements and fixes as well. To see all the details and upgrade instructions, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Get 1.11.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.10.0 released</title><link href="//allura.apache.org/posts/2018-allura-1.10.0.html" rel="alternate"></link><published>2018-10-30T00:00:00+00:00</published><updated>2018-10-30T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2018-10-30:/posts/2018-allura-1.10.0.html</id><summary type="html"><p>Version 1.10.0 of Allura released, with many fixes &amp; improvements and a critical security fix.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.10.0 has been released, with new features including:</p> |
| <ul> |
| <li>interactive checkmark lists <code>* [x] done!</code></li> |
| <li>emoji shortcode support <code>:rocket:</code> 🚀</li> |
| <li>attachment support for blog posts, and new forum topics</li> |
| </ul> |
| <h4>Security Fix</h4> |
| <p>This release also includes a critical security fix, so upgrading is strongly encouraged.</p> |
| <p>There are many smaller improvements and fixes as well. To see all the details and upgrade instructions, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Get 1.10.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.9.0 released</title><link href="//allura.apache.org/posts/2018-allura-1.9.0.html" rel="alternate"></link><published>2018-09-25T00:00:00+00:00</published><updated>2018-09-25T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2018-09-25:/posts/2018-allura-1.9.0.html</id><summary type="html"><p>Version 1.9.0 of Allura released, with many fixes &amp; improvements and a critical security fix.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.9.0 has been released, with a brand new personal dashboard which shows your own tickets, merge requests, projects etc. |
| Another notable enhancement is automatic saving of content before form submission - no more lost text if you get logged out or disconnected. |
| Support is added for display of checkboxes lists from markdown, more search help, SVN snapshots of the current directory only, and bulk delete for tickets. |
| Of course there are also smaller improvements, fixes, and performances improvements as well. To see all the details, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Dashboard Details</h4> |
| <p>The personalized dashboard will show up at the index page for anyone who is logged in. This provides a comprehensive list of your own tickets and merge requests across all projects, and quick access to relevant projects and activity. It is extensible so 3rd-party sections can be developed as well, very similarly to the user profile sections.</p> |
| <p>Here's an example screenshot: |
| <img alt="Dashboard screenshot" src="//allura.apache.org/images/2018-dashboard.png"></p> |
| <h4>Get 1.9.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.8.1 released</title><link href="//allura.apache.org/posts/2018-allura-1.8.1.html" rel="alternate"></link><published>2018-03-14T00:00:00+00:00</published><updated>2018-03-14T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2018-03-14:/posts/2018-allura-1.8.1.html</id><summary type="html"><p>Version 1.8.1 of Allura released, with many fixes &amp; improvements and a critical security fix.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.8.1 has been released. |
| It contains a several improvements around spam prevention and content quality on discussions. It also includes a few performance optimizations, along with a number of fixes and smaller improvements. To see all the details, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Important Security Fix</h4> |
| <p>CVE-2018-1319 Apache Allura HTTP response splitting</p> |
| <p>Severity: Important<br> |
| Versions Affected: All</p> |
| <p><strong>Description:</strong><br> |
| Attackers may craft URLs that cause HTTP response splitting. If a victim goes |
| to a maliciously crafted URL, unwanted results may occur including XSS or |
| service denial for the victim's browsing session.</p> |
| <p><strong>Mitigation:</strong><br> |
| Users of Allura should upgrade to Allura 1.8.1 immediately.</p> |
| <p><strong>Credit:</strong><br> |
| This issue was discovered by Everardo Padilla Saca</p> |
| <h4>Get 1.8.1</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.8.0 released</title><link href="//allura.apache.org/posts/2018-allura-1.8.0.html" rel="alternate"></link><published>2018-02-06T00:00:00+00:00</published><updated>2018-02-06T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2018-02-06:/posts/2018-allura-1.8.0.html</id><summary type="html"><p>Version 1.8.0 of Allura released, with many fixes &amp; improvements and a critical security fix.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.8.0 has been released. |
| It contains a Docker setup for production environments, and improved security and auditing around user logins. |
| This release also contains a large number of fixes and smaller improvements. To see all the details, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES">release changelog</a>.</p> |
| <h4>Important Security Fix</h4> |
| <p>CVE-2018-1299 Apache Allura directory traversal vulnerability</p> |
| <p><strong>Versions Affected:</strong><br>Apache Allura 1.7.0 and earlier</p> |
| <p><strong>Description:</strong><br> |
| Unauthenticated attackers may retrieve arbitrary files through the Allura web |
| application. Some webservers used with Allura, such as Nginx, Apache/mod_wsgi |
| or paster may prevent the attack from succeeding. Others, such as gunicorn do |
| not prevent it and leave Allura vulnerable.</p> |
| <p><strong>Mitigation:</strong><br> |
| Users of vulnerable webservers with Allura should upgrade to Allura 1.8.0 |
| immediately.</p> |
| <p><strong>Credit:</strong><br> |
| This issue was discovered by Everardo Padilla Saca</p> |
| <h4>Get 1.8.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.7.0 released</title><link href="//allura.apache.org/posts/2017-allura-1.7.0.html" rel="alternate"></link><published>2017-06-28T00:00:00+00:00</published><updated>2017-06-28T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2017-06-28:/posts/2017-allura-1.7.0.html</id><summary type="html"><p>Version 1.7.0 of Allura: Multifactor authentication, git-http docker container, per-thread subscriptions in discussion forums, and more.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.7.0 has been released, with support for hi-res project logos, and better content control for "neighborhood" landing pages by using wiki pages.</p> |
| <p>This release also contains numerous small improvements and bug fixes. To see all the details, check out the <a href="https://forge-allura.apache.org/p/allura/git/ci/rel/1.7.0/~/tree/CHANGES">release changelog</a>.</p> |
| <h4>Get 1.7.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.6.0 released</title><link href="//allura.apache.org/posts/2016-allura-1.6.0.html" rel="alternate"></link><published>2016-12-15T00:00:00+00:00</published><updated>2016-12-15T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2016-12-15:/posts/2016-allura-1.6.0.html</id><summary type="html"><p>Version 1.6.0 of Allura: Multifactor authentication, git-http docker container, per-thread subscriptions in discussion forums, and more.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.6.0 has been released. Significant new features have been added in the project like the introduction of multifactor authentication and recovery codes, a git-http docker container, and per-thread subscriptions in discussion forums. </p> |
| <p>Also, see our recent post about the changes added in the <a href="//allura.apache.org/posts/2016-two-factor-auth.html">Two Factor Authentication</a> update for more details about it.</p> |
| <p>There are other fixes and improvements as well, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/rel/1.6.0/~/tree/CHANGES">changelog</a> for more details.</p> |
| <h4>Get 1.6.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.5.0 released</title><link href="//allura.apache.org/posts/2016-allura-1.5.0.html" rel="alternate"></link><published>2016-08-23T00:00:00+00:00</published><updated>2016-08-23T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2016-08-23:/posts/2016-allura-1.5.0.html</id><summary type="html"><p>Version 1.5.0 of Allura: updated icons, editor enhancements, admin functionality, and more.</p></summary><content type="html"><h4>New Features</h4> |
| <p>Apache Allura 1.5.0 has been released. Major new features include a guided tour after project registration, |
| improved design for discussions and their attachments, and various usability improvements for merge requests. Many |
| of the changes came from work done during Google Summer of Code.</p> |
| <p>See our <a href="//allura.apache.org/posts/2016-gsoc-16.html">Google Summer of Code Summary</a> for details on all those changes.</p> |
| <p>There are lots of other fixes and improvements, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/rel/1.5.0/~/tree/CHANGES">changelog</a> for details.</p> |
| <h4>Upgrade notes</h4> |
| <p>No changes are required unless you wish to use the new rate limiting config. If so, copy all the new |
| "rate_limits" settings from <code>development.ini</code> into your <code>.ini</code> file and configure appropriate values. Then run |
| <code>paster ensure_index development.ini</code>. Or if you are using Docker, run: |
| <code>docker-compose run taskd paster ensure_index docker-dev.ini</code></p> |
| <h4>Get 1.5.0</h4> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.4.0 released</title><link href="//allura.apache.org/posts/2016-allura-1.4.0.html" rel="alternate"></link><published>2016-04-12T00:00:00+00:00</published><updated>2016-04-12T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2016-04-12:/posts/2016-allura-1.4.0.html</id><summary type="html"><p>Version 1.4.0 of Allura: updated icons, editor enhancements, admin functionality, and more.</p></summary><content type="html"><p>Apache Allura 1.4.0 has been released. The biggest new feature is the Admin Nav Bar. |
| It's a complete overhaul of how you customize the tools in your project. |
| Read our <a href="//allura.apache.org/posts/2016-admin-toolbar.html">admin toolbar post</a> to see how much easier it is to access tool |
| configurations and add new tools.</p> |
| <p>Other significant improvements are:</p> |
| <ul> |
| <li>Config settings to show your custom logo and navigation links in the top header.</li> |
| <li>New interface to manage sitewide notifications. You can specify custom messages to show up on certain pages or page types, or to certain types of users.</li> |
| <li>Project exports now can include file attachments from all the tickets, wiki pages, comments, etc.</li> |
| <li>Standardized fence blocks in Markdown. In addition to <code>~~~</code> to mark off code blocks, you can use the more common <code>```</code>. |
| It also works to nest code block notation, and specify the formatting language in more ways. See <a href="http://spec.commonmark.org/0.25/#fenced-code-blocks">CommonMark spec for details</a>.</li> |
| </ul> |
| <p>There are also dozens of small fixes and improvements, see the <a href="https://forge-allura.apache.org/p/allura/git/ci/rel/1.4.0/~/tree/CHANGES">changelog</a> for details.</p> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p> |
| <p><a href="https://forge-allura.apache.org/p/allura/git/ci/rel/1.4.0/~/tree/CHANGES">View the full 1.4.0 Changelog</a></p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.3.2 released</title><link href="//allura.apache.org/posts/2015-allura-1.3.2.html" rel="alternate"></link><published>2015-12-08T00:00:00+00:00</published><updated>2015-12-08T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2015-12-08:/posts/2015-allura-1.3.2.html</id><summary type="html"><p>Version 1.3.2 of Allura: updated icons, editor enhancements, admin functionality, and more.</p></summary><content type="html"><p>Apache Allura 1.3.2 has been released. It includes 2 security fixes and dozens of small fixes and improvements. The major |
| new features are:</p> |
| <ul> |
| <li><a href="//allura.apache.org/posts/2015-updated-icons.html">Updated icons and cleaner project navigation bar.</a></li> |
| <li>Enhancements to the <a href="//allura.apache.org/posts/2015-markdown-editor.html">Markdown editor added in 1.3.1</a>. We're talking button |
| tooltips, alternate header types, and buttons for section headers, code (works with blocks or inline code), horizontal |
| rule, and tables.</li> |
| <li>Admin options for any tool available directly in the left sidebar. No more digging through separate Admin navigation.</li> |
| <li>API documented in <a href="http://raml.org/">.raml</a> files. We <a href="//allura.apache.org/posts/2015-rest-api-docs.html">published the API docs already</a>, |
| which are generated from the .raml definition files.</li> |
| <li>A site admin (<code>/nf/admin</code>) page to permanently delete projects and their data.</li> |
| </ul> |
| <p><a href="https://www.apache.org/dyn/closer.cgi/allura/">Download Allura</a> and <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">install it</a> today.</p> |
| <p><a href="https://forge-allura.apache.org/p/allura/git/ci/asf_release_1.3.2/tree/CHANGES">View the full 1.3.2 Changelog</a></p></content><category term="misc"></category><category term="release"></category></entry><entry><title>Apache Allura 1.3.1 released</title><link href="//allura.apache.org/posts/2015-allura-1.3.1-release.html" rel="alternate"></link><published>2015-08-10T00:00:00+00:00</published><updated>2015-08-10T00:00:00+00:00</updated><author><name></name></author><id>tag:allura.apache.org,2015-08-10:/posts/2015-allura-1.3.1-release.html</id><summary type="html"><p>Version 1.3.1 of Allura brings security fixes, new markdown editor, CORS, and more.</p></summary><content type="html"><p>Apache Allura 1.3.1 has been released. It includes 3 security fixes and many small fixes and improvements. The major |
| new features are:</p> |
| <ul> |
| <li><a href="//allura.apache.org/posts/2015-cors.html">CORS support</a>, allowing broader access to the REST APIs.</li> |
| <li>A <a href="//allura.apache.org/posts/2015-markdown-editor.html">brand new Markdown editor</a> with syntax highlighting and an editing toolbar.</li> |
| <li>New and updated docs for <a href="https://forge-allura.apache.org/docs/getting_started/installation.html">Installation</a> and |
| <a href="https://forge-allura.apache.org/docs/getting_started/administration.html">Administration</a> </li> |
| <li>Ticket notifications include links to attachments.</li> |
| </ul> |
| <p><a href="https://forge-allura.apache.org/p/allura/git/ci/asf_release_1.3.1/tree/CHANGES">View the full Changelog</a></p></content><category term="misc"></category><category term="release"></category></entry></feed> |
