archiva-docs/src/site/apt/release-notes.apt.vm - archiva - Git at Google

  -----
  Release Notes for Archiva ${project.version}
  -----

 ~~ Licensed to the Apache Software Foundation (ASF) under one
 ~~ or more contributor license agreements.  See the NOTICE file
 ~~ distributed with this work for additional information
 ~~ regarding copyright ownership.  The ASF licenses this file
 ~~ to you under the Apache License, Version 2.0 (the
 ~~ "License"); you may not use this file except in compliance
 ~~ with the License.  You may obtain a copy of the License at
 ~~
 ~~   http://www.apache.org/licenses/LICENSE-2.0
 ~~
 ~~ Unless required by applicable law or agreed to in writing,
 ~~ software distributed under the License is distributed on an
 ~~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 ~~ KIND, either express or implied.  See the License for the
 ~~ specific language governing permissions and limitations
 ~~ under the License.

 Release Notes for Archiva ${project.version}

   The Apache Archiva team is pleased to announce the release of Archiva
   ${project.version}.  Archiva is {{{http://archiva.apache.org/download.html}
   available for download from the web site}}.

   Archiva is an application for managing one or more remote repositories,
   including administration, artifact handling, browsing and searching.

   If you have any questions, please consult:

     * the web site: {{http://archiva.apache.org/}}

     * the archiva-user mailing list: {{http://archiva.apache.org/mail-lists.html}}

 * New in Archiva ${project.version}

   Apache Archiva ${project.version} is a bug fix release:

   * Some fixes for the REST API were added to detect requests from unknown origin

   * Some bugfixes were added

 * Compatibility Changes

   * The REST services are now checking for the origin of the requests by analysing Origin
     and Referer header of the HTTP requests and adding an validation token to the Header.
     This prevents requests from malicious sites if they are open in the same browser. If you use
     the REST services from other clients you may change the behaviour with the new
     configuration properties for the redback security (rest.csrffilter.*, rest.baseUrl)
     For more information see {{{./adminguide/customising-security.html}Archiva Security Configuration}} and
     the {{{/redback/integration/rest.html}Redback REST documentation }}

   * Archiva uses redback for authentication and authorization in version ${redback.version}

 * Release Notes

   The Archiva ${project.version} features set can be seen in the {{{./tour/index.html} feature tour}}.

 * Changes in Archiva ${project.version}

   Released: <<${releaseDate}>>


 ** New Feature


 ** Improvement

      * [MRM-1925] - Make User-Agent header configurable for HTTP requests

      * [MRM-1861], [MRM-1924] - Increasing timeouts for repository check

      * [MRM-1937] - Prevent creating initial admin user with wrong name.

      * Adding origin header validation checks for REST requests

  ** Bugs fixed

      * [MRM-1859] - Error upon viewing 'Artifacts' tab when browsing an artifact

      * [MRM-1874] - Login Dialog triggers multiple events (+messages)

      * [MRM-1908] - Logged on users can write any repository

      * [MRM-1909] - Remote repository check fails for https://repo.maven.apache.org/maven2

      * [MRM-1923] - Fixing bind issue with certain ldap servers, when user not found

      * [MRM-1926] - Invalid checksum files in Archiva repository after download from remote repository

      * [MRM-1928] - Bad redirect URL when using Archiva through HTTP reverse proxy


  ** Task


 * History

   Archiva was started in November 2005, building a simple framework on top of some existing repository conversion
   tools within the Maven project. Initial development focused on repository conversion, error reporting, and indexing.
   From January 2006 a web application was started to visualise the information and to start incorporating
   functionality from the unmaintained maven-proxy project.

   Development continued through many stops and starts. Initial versions of Archiva were built from source by contributors,
   and the first alpha version was not released until April 2007. Some significant changes were made to improve
   performance and functionality in June 2007 and over the next 6 months and a series of alpha and beta releases, a concerted effort
   was made to release the 1.0 version.

   Archiva became an Apache "top level project" in March 2008.
	-----
	Release Notes for Archiva ${project.version}
	-----

	~~ Licensed to the Apache Software Foundation (ASF) under one
	~~ or more contributor license agreements. See the NOTICE file
	~~ distributed with this work for additional information
	~~ regarding copyright ownership. The ASF licenses this file
	~~ to you under the Apache License, Version 2.0 (the
	~~ "License"); you may not use this file except in compliance
	~~ with the License. You may obtain a copy of the License at
	~~
	~~ http://www.apache.org/licenses/LICENSE-2.0
	~~
	~~ Unless required by applicable law or agreed to in writing,
	~~ software distributed under the License is distributed on an
	~~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	~~ KIND, either express or implied. See the License for the
	~~ specific language governing permissions and limitations
	~~ under the License.

	Release Notes for Archiva ${project.version}

	The Apache Archiva team is pleased to announce the release of Archiva
	${project.version}. Archiva is {{{http://archiva.apache.org/download.html}
	available for download from the web site}}.

	Archiva is an application for managing one or more remote repositories,
	including administration, artifact handling, browsing and searching.

	If you have any questions, please consult:

	* the web site: {{http://archiva.apache.org/}}

	* the archiva-user mailing list: {{http://archiva.apache.org/mail-lists.html}}

	* New in Archiva ${project.version}

	Apache Archiva ${project.version} is a bug fix release:

	* Some fixes for the REST API were added to detect requests from unknown origin

	* Some bugfixes were added

	* Compatibility Changes

	* The REST services are now checking for the origin of the requests by analysing Origin
	and Referer header of the HTTP requests and adding an validation token to the Header.
	This prevents requests from malicious sites if they are open in the same browser. If you use
	the REST services from other clients you may change the behaviour with the new
	configuration properties for the redback security (rest.csrffilter.*, rest.baseUrl)
	For more information see {{{./adminguide/customising-security.html}Archiva Security Configuration}} and
	the {{{/redback/integration/rest.html}Redback REST documentation }}

	* Archiva uses redback for authentication and authorization in version ${redback.version}

	* Release Notes

	The Archiva ${project.version} features set can be seen in the {{{./tour/index.html} feature tour}}.

	* Changes in Archiva ${project.version}

	Released: <<${releaseDate}>>


	** New Feature


	** Improvement

	* [MRM-1925] - Make User-Agent header configurable for HTTP requests

	* [MRM-1861], [MRM-1924] - Increasing timeouts for repository check

	* [MRM-1937] - Prevent creating initial admin user with wrong name.

	* Adding origin header validation checks for REST requests

	** Bugs fixed

	* [MRM-1859] - Error upon viewing 'Artifacts' tab when browsing an artifact

	* [MRM-1874] - Login Dialog triggers multiple events (+messages)

	* [MRM-1908] - Logged on users can write any repository

	* [MRM-1909] - Remote repository check fails for https://repo.maven.apache.org/maven2

	* [MRM-1923] - Fixing bind issue with certain ldap servers, when user not found

	* [MRM-1926] - Invalid checksum files in Archiva repository after download from remote repository

	* [MRM-1928] - Bad redirect URL when using Archiva through HTTP reverse proxy


	** Task



	* History

	Archiva was started in November 2005, building a simple framework on top of some existing repository conversion
	tools within the Maven project. Initial development focused on repository conversion, error reporting, and indexing.
	From January 2006 a web application was started to visualise the information and to start incorporating
	functionality from the unmaintained maven-proxy project.

	Development continued through many stops and starts. Initial versions of Archiva were built from source by contributors,
	and the first alpha version was not released until April 2007. Some significant changes were made to improve
	performance and functionality in June 2007 and over the next 6 months and a series of alpha and beta releases, a concerted effort
	was made to release the 1.0 version.

	Archiva became an Apache "top level project" in March 2008.