New year is just around the corner, can you feel the magic in the air? ✨ For the last release note of 2023, our R&D team has dropped some nice gifts for you, under the Christmas tree 🎄. Discover them all, hereunder.


Update Pull Request comments

Sometimes developers make typos in their code review comments as well. Sometimes a comment is written in a hurry and would benefit from a rewording to make it more helpful. Sometimes one forgot to add an emoji in a code related thing 😨🫨. There is a case for edition of pull request comments.

New « edit » button available on Pull Request overview screen
Edition of comments is also available in the comment threads on Changes screen

When a comment is modified, an email is sent to author & reviewers.

Calendar events in artifacts

Artifacts can carry information about time span (duration in days or in hours). This can be useful to define a period of time (like a release or an iteration). It can also be used to describe an intended event like a scheduled maintenance. In the latter case, this is the kind of information that can be convenient in your calendar.

That’s precisely the kind of scenario that are now supported in all trackers that have a Title and Timeframe semantic (more or less). Then email notifications associated to the mail carry the calendar event that can be added in your calendar directly from your email agent.

Calendar event sent by Tuleap seen in Gmail
Calendar event sent by Tuleap seen in Gmail

The option is disabled by default right now and can be enabled on a per-tracker basis in Notification panel.

Sidebar can be collapsed again

It came a bit as a surprise to us but there are a couples of usage of the collapsed sidebar. It’s mainly a combination of « a lot of things to display » and « rather small screen » (think laptop). As it’s not really carbon effective to send new laptops with bigger screens to impacted people, we decided to bring back the collapsed sidebar.

A Tuleap project dashboard with a collapsed sidbar that has no services
Collapsed sidebar is back, without services

As you can see something changed in between: the services are no longer displayed. The main motivation to remove the possibility to collapse the sidebar was that new stuff being added (Kanban, Trackers and soon Milestones) would not have distinctive icons. Without icons, impossible to know on what you are going to click, that’s not very user friendly. Granted that promoted elements are important for the navigation we decided that collapsed sidebar would be without services, hence when users want to navigate they expand and see everything.

MediaWiki 1.39

MediaWiki Standalone got an update to the latest LTS version of MediaWiki. Most of the improvement are not visible directly to the end users (see the official release note). It’s important however because it allows to remove usage of no longer supported version of PHP.

The upgrade is done automatically for all projects that already uses MediaWiki Standalone at Tuleap upgrade time.

Tuleap hardening, debut of Passkeys (Tuleap Enterprise)

Passkeys are the new hot technology in the authentication area that promise to eventually get rid of passwords (and all threats related to them). We are not yet there in Tuleap (mainly because it’s a bit tougher than expected to do it securely) but we can start playing. Beside authentication, another use case for the Passkeys is to harden verification on sensitive actions.

Before doing so, one will need to register its keys in user preferences:

Tuleap user preferences with two passkeys registred
Passkeys can be viewed, added & removed from user’s preferences

Then, when doing a sensitive action, you will be prompted to use the Passkey. For instance, when adding a new SSH key:

A popup of the web browser asking to verify user passkey when adding a new SSH key to the account
User is prompted to use its Passkey when attempting to add a new SSH key

The following actions are covered with Passkey verification:

  • Adding a new SSH key
  • Adding a new Access Key

Bugs and requests

There were 26 bugs fixed and requests implemented during the 15.3 release cycle. Bugs and security fixes were already back-ported on Tuleap Enterprise builds. You will find below a detailed list of fixes. The most notable ones are in bold.

Security

Tracker

  • #35142 Create artifact from a link field modal is broken

Git / Pull Requests

  • #35133 User should be able to abandon broken pull-requests
  • #35139 Git: 2.42.0 -> 2.43.0

ONLYOFFICE

  • #35057 Links in ONLYOFFICE document do not work

MediaWiki Standalone

  • #35154 Project export error with mediawiki standalone

Full text search

  • #35141 Meilisearch: 1.3.2 -> 1.5.0

System

  • #35106 Reply by mail feature should not be blocked when an email relayhost is used
  • #35156 Drop old unix_pw column in the user table
  • #35136 Some forgeupgrades cannot be run on MySQL 8.0
  • #35113 Gather harware information when collecting data with `tuleap collect-system-data`

Receive once a month the latest Tuleap updates