changeset 2211:15196c833689

updated 1.5 changes in docs/CHANGES
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Mon, 14 May 2007 23:02:35 +0200
parents 316bbfb37f2b
children 1e0582fc064c
files docs/CHANGES
diffstat 1 files changed, 80 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/docs/CHANGES	Mon May 14 22:59:19 2007 +0200
+++ b/docs/CHANGES	Mon May 14 23:02:35 2007 +0200
@@ -512,8 +512,81 @@
     * Removed Lupy based indexed search code. If you were brave enough to
       use cfg.lupy_search, you maybe want to try cfg.xapian_search instead.
+Version 1.5.8:
+  New features:
+    * Added timing.log to help performance debugging. Use cfg.log_timing = True
+      to update <data_dir>/timing.log (default is False, meaning no logging).
-Version 1.5.current:
+      Example log entries:
+      Timestamp       PID   Timing Flag action     URL
+      -----------------------------------------------------------------------------
+      20070512 184401 22690 vvv         None
+      20070512 184401 22690 0.267s    - show
+      Timestamp: YYYYMMDD HHMMSS (UTC)
+      PID: the process ID of the moin process
+      Timing: when action starts, it will be "vvv"
+              when it ends, it logs the total time it needed for execution
+      Flag (some are only logged at end of action):
+      +   Page exists
+      -   Page does not exist
+      B   user agent was recognized as bot / spider
+      !x! Action took rather long (the higher the x, the longer it took - this
+          makes it easy to grep for problematic stuff).
+      Action: action name (None is when no action was specified, moin assumes
+              "show" for that case)
+      URL: the requested URL
+      For more information about tuning your moin setup, see:
+    * Added support for ircs, webcal, xmpp, ed2k and rootz protocols - we
+      moved all protocols to config.url_schemas, so this is not empty any more.
+      It is possible to use these protocols now on wiki pages and in the
+      navi_bar. We just generate the URLs, it is up to your browser what it
+      does when clicking on those links.
+    * cfg.traceback_show (default: 1) can be used to disable showing tracebacks.
+      cfg.traceback_log_dir (default: None) can be used to set a directory
+      that is used to dump traceback files to. Your users will get a notice to
+      which (random) file in that directory the traceback was been written.
+      NOTE: while you can feel free to set traceback_show = 0 and
+      traceback_log_dir = None, we will also feel free to reject bug reports
+      when you (or your site's users) don't give us enough information (like a
+      traceback file) to debug the problem. If you set traceback_show = 0,
+      we recommend pointing traceback_log_dir to a directory with reasonable
+      free space and putting a page onto your wiki that describes who has to
+      get contacted (usually the wiki server admin) in case a traceback happens.
+      The admin can then locate the traceback file and submit it to moin
+      development, if the bug is not already known (see MoinMoin:MoinMoinBugs).
+      Of course we will also need all the other details of a bug report, not
+      only the traceback file.
+  Other changes:
+    * Updated spider agents list.
+    * Reduce bot/spider cpu usage for SystemInfo, OrphanedPages, WantedPages,
+      PageHits, PageSize, WordIndex macros (we just return nothing for bots).
+  Bugfixes:
+    * XSS fixes, see (item 1 and 2).
+    * ACL security fixes:
+      * MonthCalendar respects ACLs of day pages now.
+      * Check the ACL for the rst markup include directive.
+    * Fixed cleaning of edit comments (control chars in there could damage
+      edit-log).
+    * Fixed in-process caching of antispam patterns (didn't update the cache
+      for multi-process, persistent servers).
+    * Correct encoding/decoding for surge-log data, fixes leftover
+      surge-logXXXXXXX.tmp files in data/cache/surgeprotect.
+    * Fixed mode of cache files (mkstemp creates them with 0600 mode).
+    * Symbolic entities with numbers (like &sup2;) did not work, fixed.
+    * We open data/error.log earlier now and we also use it for FastCGI.
+    * Fixed unicode cfg.page_group_regex.
+    * Fixed moin.spec to use english date format.
+    * GUI converter: fixed conversion of relative wiki links.
+    * Fixed NewPage macro button label to not be formatted as wiki text.
+Version 1.5.7:
   New features:
     * added url_prefix_local which is used for stuff that must be loaded from
       same site as the wiki engine (e.g. FCKeditor GUI editor applet), while
@@ -577,9 +650,10 @@
       * We support self-signed ssl certs for ldaps - completely untested.
       * New cfg.ldap_surname_attribute (usually 'sn'), was hardcoded before.
       * New cfg.ldap_givenname_attribute (usually 'givenName'), hardcoded before.
-      * New cfg.ldap_aliasname_attribute (usually 'displayName').
-      * For setting up moin's aliasname, we first try the ldap_aliasname_attribute
-        and in case that fails, we use givenname and surname to make it up.
+      * New cfg.ldap_aliasname_attribute (usually 'displayName') - if this
+        attribute is not there or empty (in the results of the ldap lookup for
+        the user), we just make up the aliasname from surname and givenname
+        attribute.
       * We only request the attributes we need from ldap (was: all attrs).
       * We deny user login (and break out of auth chain) for the following cases:
         * if a user is not found by ldap lookup
@@ -588,6 +662,8 @@
         * if some exception happens
       * Please note that there is an updated ldap sample config in directory
+      * Added experimental LDAP SSL/TLS support (untested, please help testing),
+        see also the sample config.
     * Work around a IE7 rendering problem with long pages getting more and
       more narrow. We just applied the same "fix" as we used for IE6, using
       "display: none" for span.anchor for IE browsers.