diff options
Diffstat (limited to 'doc')
-rw-r--r-- | doc/CHANGES.md | 19 | ||||
-rw-r--r-- | doc/DEPLOY.md | 1 | ||||
-rw-r--r-- | doc/INSTALL.md | 6 | ||||
-rw-r--r-- | doc/TRANSLATE.md | 15 |
4 files changed, 34 insertions, 7 deletions
diff --git a/doc/CHANGES.md b/doc/CHANGES.md index b74e46248..2c8692bb5 100644 --- a/doc/CHANGES.md +++ b/doc/CHANGES.md @@ -1,3 +1,22 @@ +# Version 0.6.9 +## Highlighted features +* [Security] Fix for security issue where image files from HTML conversion on hidden/requester-only requests were accessible without authentication [issue #739](https://github.com/mysociety/alaveteli/issues/739). +* [Security] Fix for issue where the zip file download function was available for logged-in users even on hidden/requester-only requests [issue #743](https://github.com/mysociety/alaveteli/issues/743) +* [Security] Upgrades to Rails 2.3.15 to get fixes for Rails security flaws CVE-2012-5664 and CVE-2013-0156. In addition, switches to use Rails pulled from a clone in the mySociety github account, which has had the CVE-2013-0155 2.3 series patch applied to it. +* Isolation of mail handling code in the MailHandler module in lib/mail_handler +* Tests run under Ruby 1.9.3 - *running the app under 1.9 not yet advised*. +* Routes without a locale part can be enabled for the default locale - see upgrade notes +* Fixes to support themed error pages, and allow responsive themes (Matthew Landauer, Brendan Molloy) +* Migrations run under sqlite (Stefan Langenmaier) +* Time zone fixes (Henare Degan) +* Faster tests (Henare Degan) + +* [List of issues on github](https://github.com/mysociety/alaveteli/issues?milestone=25&state=closed) + +## Upgrade notes +* Note the new config variable INCLUDE_DEFAULT_LOCALE_IN_URLS (if not set defaults to true, which should replicate existing behaviour) +* Check out this version and run `rails-post-deploy` as usual. + # Version 0.6.8 ## Highlighted features diff --git a/doc/DEPLOY.md b/doc/DEPLOY.md index 767f720fd..f2e643ec5 100644 --- a/doc/DEPLOY.md +++ b/doc/DEPLOY.md @@ -20,7 +20,6 @@ These are the general steps required to get your staging server up and running: * SSH to the server, change to the `deploy_to` directory * `cp releases/[SOME_DATE]/config/general.yml-example shared/general.yml` * `cp releases/[SOME_DATE]/config/database.yml-example shared/database.yml` -* `cp releases/[SOME_DATE]/config/memcached.yml-example shared/memcached.yml` * Edit those files to match your required settings * Back on your machine run `cap deploy` and it should successfully deploy * Run the DB migrations `cap deploy:migrate` diff --git a/doc/INSTALL.md b/doc/INSTALL.md index 761121139..3a911cbc8 100644 --- a/doc/INSTALL.md +++ b/doc/INSTALL.md @@ -220,12 +220,6 @@ The default theme is the "Alaveteli" theme. When you run `rails-post-deploy` (see below), that theme gets installed automatically. -You'll also want to copy `config/memcached.yml-example` to -`config/memcached.yml`. The application is configured, via the -Interlock Rails plugin, to cache content using memcached. You -probably don't want this in your development profile; the example -`memcached.yml` file disables this behaviour. - Finally, copy `config/newrelic.yml-example` to `config/newrelic.yml`. This file contains configuration information for the New Relic performance management system. By default, monitoring is switched off diff --git a/doc/TRANSLATE.md b/doc/TRANSLATE.md index abf47add3..f8b4adbcb 100644 --- a/doc/TRANSLATE.md +++ b/doc/TRANSLATE.md @@ -39,6 +39,21 @@ The release manager will also give you a **translation deadline**. After this date, you can continue to contribute new translations, but they won't make it into the release. +## General notes on translation in Transifex + +Some bits of text will have comments attached to them from the Alaveteli +application developers about the context in which the text appears in the +application - these comments will appear under the 'Details' tab for the +text in Transifex. + +Some bits of text are in the form of two bits of text separated by a `|` +character e.g. `IncomingMessage|Subject`. These represent attribute names, so +`IncomingMessage|Subject` is the subject attribute of an incoming message on +the site. You should not prioritise these types of text when translating - +they do not appear on the site anywhere at the moment, and when they do, +they will only be used in the admin interface. If you do translate them, only +translate the text after the `|`. + # Translation process: release manager's view Before the Alaveteli release manager cuts a new release branch, they |