Complete Test Management steps API, switch to PHP 8.0 and more with Tuleap 12.12. Here’s a slim release since the team is working hard on the Next Big Thing… watch this space, September will be huge!
Complete Test Management steps API
The Test Management steps definition fields are now completely available in the artifact REST API. That means you can retrieve all the steps (
GET /artifacts/:id), you can create artifacts with steps (
POST /artifacts/) and you can add, reorder and delete steps (
Checkout the REST API documentation to get started.
Docker images immune from supply chain attacks
Tuleap Enterprise Edition as well as Tuleap Community Edition docker images are now cryptographically signed with Cosign. This is an important step forward in the supply chain security of docker images. This means that system administrators can verify that the docker images they pulled were built by us and that no one altered the images.
Supply chain attacks are rising, supply chain security should be one of the top priority of most information security organizations. However, the field of supply chain security is still young and tools are sparse. For instance Cosign (the tool we rely on) project kicked off in February 2021 and was officially released for production in July! So Tuleap is one of the first tools to leverage this new technology to strengthen your security.
Switch to PHP 8.0
A few months after the bump to PHP 7.4, and after 8 months of stabilization of PHP language itself, we decided to move the Tuleap runtime to PHP 8.0. For everyone but developers the change will be transparent. All upgrades are managed by the update tools as well as dependencies.
Bugs and Requests
There were 69 bugs fixed and requests implemented during the 12.12 release cycle. Bugs and security fixes were already back-ported on Tuleap Enterprise builds. You will find below a selection of the most notable fixes.
- Update mermaid: 8.10.2 -> 8.11.3
- Client denial of service via the syntax highlighting of ASCIIDoc content
- Add notification message when concurrent editing on modal
- HTML text formating can be broken after artefact update
- Remove steps in an artifact is not possible
- Last changeset is missing in certain cases on route GET /changesets
- Image added in a text field can not be added in attachment
- Button source is greyed after click on Html mode
- Concurrent notification no longer shows text field changes
- Remove specific handling of IE and Edge Legacy in features
- Memory limit is reached when uploading a large file via tus