./devel/ruby-redmine42, Flexible project management web application

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 4.2.7, Package name: ruby27-redmine42-4.2.7, Maintainer: pkgsrc-users

Redmine is a flexible project management web application using the
Ruby on Rails framework, it is cross-platform and cross-database.

Redmine 4.2 introduces these new features in these categories:

Authentication / User accounts
* two-factor authentication.
* email domains restriction for user accounts.

Notifications
* Notify users about high issues (only).

Issues
* Bulk addition of related issues.
* Query links for subtasks on issue page.

And more:

Watchers
Text formatting
Keyboard shortcuts
Activity improvements

DEINSTALL [+/-]


Package options: mysql, ruby-unicorn

Master sites:

Filesize: 2971.363 KB

Version history: (Expand)


CVS history: (Expand)


   2022-06-22 17:39:58 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
devel/ruby-redmin42: update to 4.2.7

From release announce on 2022-06-21:

Redmine 4.2.7 and 5.0.2 have been released and are available for download,
you can review the changes in the Changelog.

These maintenance releases fixes some important issues and multiple security
fixes that were found in the latest Redmine 4.2.* and 5.0.* versions.

Security:

1. Updates commonmark gem version to 0.23.4 when Ruby >= 2.6 is used in
   order to fix a remote code execution vulnerability.  Because the fixed
   version of the gem doesn't support Ruby 2.5, those instances that are
   using Redmine 5.0.*, Commonmark and Ruby 2.5, it is highly recommended to
   update Ruby version to at least 2.6 because it's the only way to get the
   update and the fix.  Also, the next major Redmine version (5.1.0) already
   dropped support for Ruby 2.5 (#37159).

2. Updates jQuery UI to 1.31.1 to fix 3 medium severity XSS vulnerabilities

3. Fixes unauthorised Information Leak in QueryAssociationColumn and
   QueryAssociationCustomFieldColumn when the user has no permission to view
   on the associated object

Many thanks to Liane Hampe and Felix Schäfer for reporting these security
issues and to Holger Just and Felix Schäfer for their work on fixing all
these issues.
   2022-06-15 16:22:55 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
devel/ruby-redmine42: update to 4.2.6

pkgsrc change: relax dependency to ruby-i18n package.

From release announce on 2022-05-16.

Redmine 4.2.6 and 5.0.1 have been released and are available for download,
you can review the changes in the Changelog.

These maintenance releases address some important issues that were found in
the latest Redmine 4.2.5 and 5.0.0 releases.

Security: these releases include two security fixes:

* an update to the latest Ruby on Rails 5.2.8 for 4.2.6 and Rails 6.1.6 for
  5.0.1 that fixes CVE-2022-22577 and CVS-2022-27777.

* an update to nokogiri gem that fixes another 2 CVEs: CVE-2021-41098 and
  CVE-2021-30560

Thanks to A Fora for reporting the nokogiri security issues and all the
contributors who worked on these releases!
   2022-05-04 19:34:05 by Jonathan Perkin | Files touched by this commit (1)
Log message:
ruby-redmine42: Various portability fixes.

Use pax for install rather than hand-crafted find -exec which wasn't working
correctly.  Don't find ".*" with -type d and then rm, you might end up
removing ".destdir/".  And fix REPLACE_RUBY which can't have worked due to
incorrect paths as well as coming after including modules.mk (so will have
been a NOP).
   2022-04-03 07:36:02 by Takahiro Kambe | Files touched by this commit (5) | Package updated
Log message:
devel/ruby-redmine42: update to 4.2.5

4.2.5 (2022-03-28)

[Attachments]

* Defect #36013: Paste image mixed with other DataTransferItem

[Database]

* Defect #36766: Database migration from Redmine 0.8.7 or earlier fails

[Documents]

* Defect #36686: Allow pasting screenshots from clipboard in documents

[Gems support]

* Patch #36795: Set the minimum required version of ROTP gem to 5.0.0

[Issues filter]

* Defect #30924: Filter on Target version's Status in subproject
  doesn't work on version from top project

[Projects]

* Defect #36593: User without permissions to view required project
  custom fields cannot create new projects

[Rails support]

* Patch #36757: Update Rails to 5.2.6.3

4.2.4 (2022-02-20)

[Gantt]

* Defect #35027: Gantt PNG export ignores imagemagick_convert_command
[Gems support]

* Defect #35435: Psych 4: aliases in database.yml cause
  Psych::BadAlias exception

* Defect #36226: Psych 4: Psych::DisallowedClass exception when
  unserializing a setting value

[Importers]

* Defect #35656: When importing issue relations, the validation
  messages are not shown in the UI

[Issues]

* Defect #36455: Text custom field values are not aligned with their
  labels when text formatting is enabled

[Rails support]

* Patch #36633: Update Rails to 5.2.6.2

[Time tracking]

* Defect #20018: Duplicate activities in time entry report when
  project-specific activies exist

* Defect #36248: Time entries of sub-projects are not listed when
  activity is specified in filters

[Translations]

* Defect #36517: Label error_can_not_execute_macro_html in Russian
  translation is broken

[UI]

* Defect #36446: Watchers autocomplete fails with 403 error when the
  search is made from multiple objects with different projects

* Patch #35215: Don't display "No Match Found!" when the inline
  autocomplete doesn't return any result

* Defect #35090: Permission check of the setting button on the issues
  page mismatches button semantics

* Defect #36363: Cannot select text in a table with a context menu
  available

* Patch #36378: Update copyright year in the footer to 2022

[Wiki]

* Defect #36494: WikiContentVersion API returns 500 if author is nil

* Defect #36561: Wiki revision page does not return 404 if revision
  does not exist
   2022-01-18 14:35:42 by Takahiro Kambe | Files touched by this commit (3)
Log message:
devel/ruby-redmine42: relax dependency

Relax dependency to ruby-csv.

Bump PKGREVISION.
   2021-12-19 16:22:15 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
devel/ruby-redmine42: update distinfo
   2021-12-19 15:03:57 by Takahiro Kambe | Files touched by this commit (2)
Log message:
devel/ruby-redmine42: fix dependency to ruby-rouge

Fix dependency to ruby-rouge, rouge gem in Gemfile.

Bump PKGREVISION.
   2021-12-19 14:49:30 by Nia Alarie | Files touched by this commit (1)
Log message:
ruby-redmine42: Remove unresolvable dependency to unbreak the pkgsrc tree.