Next | Query returned 51 messages, browsing 21 to 30 | Previous

History of commit frequency

CVS Commit History:


   2015-12-05 22:26:09 by Adam Ciarcinski | Files touched by this commit (578)
Log message:
Extend PYTHON_VERSIONS_INCOMPATIBLE to 35
   2015-11-04 03:47:43 by Alistair G. Crooks | Files touched by this commit (758)
Log message:
Add SHA512 digests for distfiles for www category

Problems found locating distfiles:
	Package haskell-cgi: missing distfile haskell-cgi-20001206.tar.gz
	Package nginx: missing distfile array-var-nginx-module-0.04.tar.gz
	Package nginx: missing distfile encrypted-session-nginx-module-0.04.tar.gz
	Package nginx: missing distfile headers-more-nginx-module-0.261.tar.gz
	Package nginx: missing distfile nginx_http_push_module-0.692.tar.gz
	Package nginx: missing distfile set-misc-nginx-module-0.29.tar.gz
	Package nginx-devel: missing distfile echo-nginx-module-0.58.tar.gz
	Package nginx-devel: missing distfile form-input-nginx-module-0.11.tar.gz
	Package nginx-devel: missing distfile lua-nginx-module-0.9.16.tar.gz
	Package nginx-devel: missing distfile nginx_http_push_module-0.692.tar.gz
	Package nginx-devel: missing distfile set-misc-nginx-module-0.29.tar.gz
	Package php-owncloud: missing distfile owncloud-8.2.0.tar.bz2

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-06-12 12:52:19 by Thomas Klausner | Files touched by this commit (3152)
Log message:
Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.
   2014-05-30 01:38:20 by Thomas Klausner | Files touched by this commit (3049)
Log message:
Bump for perl-5.20.0.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
   2014-05-09 09:37:28 by Thomas Klausner | Files touched by this commit (553)
Log message:
Mark packages that are not ready for python-3.3 also not ready for 3.4,
until proven otherwise.
   2014-01-20 21:17:05 by Thomas Klausner | Files touched by this commit (3)
Log message:
Update to 1.9.7:

Version 1.9.7:
  SECURITY HINT: make sure you have allow_xslt = False (or just do not use
  allow_xslt at all in your wiki configs, False is the internal default).
  Allowing XSLT/4suite is very dangerous, see HelpOnConfiguration wiki page.

  HINT: Python >= 2.5 is maybe required! See docs/REQUIREMENTS for details.

  New features:
  * passlib support - enhanced password hash security. Special thanks go to
    the Python Software Foundation (PSF) for sponsoring development of this!

    Docs for passlib: http://packages.python.org/passlib/

    If cfg.passlib_support is True (default), we try to import passlib and set
    it up using the configuration given in cfg.passlib_crypt_context (default
    is to use sha512_crypt with default configuration from passlib).

    The passlib docs recommend 3 hashing schemes that have good security, but
    some of them have additional requirements:
    sha512_crypt needs passlib >= 1.3.0, no other requirements.
    pbkdf2_sha512 needs passlib >= 1.4.0, no other requirements.
    bcrypt has additional binary/compiled package requirements, please refer to
    the passlib docs.

    cfg.password_scheme should be '{PASSLIB}' (default) to tell that passlib is
    wanted for new password hash creation and also for upgrading existing
    password hashes.

    For the moin code as distributed in our download release archive, passlib
    support should just work, as we have passlib 1.6.1 bundled with MoinMoin
    as MoinMoin/support/passlib. If you use some other moin package, please
    first check if you have moin AND passlib installed (and also find out the
    passlib version you have installed).

    If you do NOT want to (not recommended!) or can't use (still using python
    2.4?) passlib, you can disable it your wiki config:

        passlib_support = False  # do not import passlib
        password_scheme = '{SSHA}'  # use best builtin hash (like moin < 1.9.7)

    Please note that after you have used moin with passlib support and have user
    profiles with passlib hashes, you can't just switch off passlib support,
    because if you did, moin would not be able to log in users with passlib
    password hashes. Password recovery would still work, though.

    password_scheme always gives the password scheme that is wanted for new or
    recomputed password hashes. The code is able to upgrade and downgrade hashes
    at login time and also when setting / resetting passwords for one or all
    users (via the wiki web interface or via moin account resetpw script
    command).

    So, if you want that everybody uses strong, passlib-created hashes,
    resetting the passwords for all users is strongly recommended:
    First have passlib support switched on (it is on by default), use
    password_scheme = '{PASSLIB}' (also default), then reset all passwords.

    Same procedure can be used to go back to weaker builtin hashes (not
    recommended): First switch off passlib support, use password_scheme =
    '{SSHA}', then reset all passwords.

    Wiki farm admins sharing the same user_dir between multiple wikis must use
    consistent password hashing / passlib configuration settings for all wikis
    sharing the same user_dir. Using the builtin defaults or doing the
    configuration in farmconfig.py is recommended.

    Admins are advised to read the passlib docs (especially when experiencing
    too slow logins or when running old passlib versions which may not have
    appropriate defaults for nowadays):
    http://packages.python.org/passlib/new_app_quickstart.html#choosing-a-hash
    \ 
http://packages.python.org/passlib/password_hash_api.html#choosing-the-right-rounds-value

  * Password mass reset/invalidation support, see docs/resetpw/.
    This is useful to make sure everybody sets a new password and moin computes
    the password hash using the current configuration.

  * Customizable default password checker:
    Moin's default password checker used and still uses min_length=6 (minimum pw
    length) and min_different=4 (minimum count of different chars in the password).
    If you feel that you need to require better passwords from your users, you
    can customize it now like that in your wiki config:

    password_checker = lambda cfg, request, name, pw: \ 
multiconfig._default_password_checker(cfg, request, name, pw, min_length=10, \ 
min_different=7)

  * Removing/disabling inactive users (moin ... account inactive)
    Many wikis have a lot of inactive users, that never ever made a single edit.
    See help of the command for more details, be careful.
  * SystemAdmin user browser: show disabled user accounts at the bottom of
    the list
  * At startup, announce moin version and code path in log output (makes
    support and debugging easier).
  * AttachList: introduced search_term parameter (optional) for listing
    attachments filtered by a regular expression on their name.
  * sign release archive using GnuPG with the key of tw@waldmann-edv.de
    ID 31A6CB60 (main key ID FAF7B393)

  Fixes:
  * logging: if the logging config file can't be read, give a helpful error msg
  * logging: use info loglevel (not warning) for telling about using the builtin
    default logging config
  * moin script commands: warn if someone gave ... to the moin script, avoids a
    strange and unhelpful 'empty module name' error message
  * reorder html input fields in recoverpass form, to help browsers remember
    the user name and password (not erroneously the recovery token and password)
  * don't try to send password recovery email to user if email address in
    user profile is empty
  * cache action: fix 304 http status
  * rst parser: fix safe_import for level param in __import__ call of docutils 0.10
  * moin maint cleancache: also kill the i18n cache 'meta' pickle file
  * sendmail: catch unicode errors when E-Mail addr has non-ascii chars
  * redirect last visited: if last visited page is on same wiki, use a local
    redirect, do not compute via interwiki map (fixes https: usage)
   2013-05-31 14:42:58 by Thomas Klausner | Files touched by this commit (2880)
Log message:
Bump all packages for perl-5.18, that
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package

Like last time, where this caused no complaints.
   2012-10-28 07:31:10 by Aleksej Saushev | Files touched by this commit (600)
Log message:
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
   2012-10-04 02:22:01 by Aleksey Cheusov | Files touched by this commit (34)
Log message:
Bump revision for packages with changed CONFLICTS (PYTHON_SELF_CONFLICT)
   2012-10-04 01:40:39 by Aleksey Cheusov | Files touched by this commit (35)
Log message:
CONFLICTS between python modules

Next | Query returned 51 messages, browsing 21 to 30 | Previous