Summer time kicks off with some good news! Here you have all the latest developments and enhancements of Tuleap. See what’s new in this month’s Tuleap 13.10 release.
Document is now part of the Community Edition
Since 2018, Tuleap Community Edition (TCE) users have benefited from a nice and slick user interface to deal with their project’s documentation. In addition to an UI aligned with the rest of Tuleap, the UX was also deeply re-thought as well as the technical foundations.
If you are a user of Tuleap Enterprise Edition (TEE), nothing changes that much, at least in the appearance, and “for now”. Jump to the “What’s next” section below to see what’s planned for the future.
What changed ?
If you run the Community Edition, basically everything 🙂
While the core concept of the management of documentation stays there, the interface has been re-written from scratch. The main gains are:
- UI consistency,
- modern look’n feel (as well as removal of clunky 2000’s oddities),
- drag’n drop of files is a primary feature plus the underlying usage of TUS makes it a breeze to manage big files.
For system administrators, there is nothing to do to get access to this new plugin. It is automatically deployed and replaces the old “docman” one. Just update and enjoy!
What’s next ?
The goal of making Document part of the Community Edition is to be able to sunset the venerable “Docman” that came to life in 2006. In order to prepare this transition, not only Document is the default interface for browsing documentation but it’s actually no longer possible to switch back to “old Docman”. As usual, this first step is there to confirm that Document is definitely ready to replace Docman (it means there is a cheat code to re-activate it in case of emergency). The actual removal will be done in Fall (2022).
You might identify that, while enjoying the usage of Document, some pages still rely on Docman (display of history, notifications & approval tables). These three pages won’t be deleted in Fall, they will stay with the legacy view.
All these changes are there to ease the development of new features on top of Document. Like the future integration with OnlyOffice for collaborative edition, for instance. Stay tuned!
Smooth usage of Document search
Actually, for Tuleap Enterprise Edition users, there are changes for you too in Tuleap 13.10 😉
The new search interface got polished after the first feedback from the fields, and the main changes are:
- Default search now displays all documents (previously, no search criteria meant empty list)
- Folders in “Location” column are clickable
- Dates can be typed by hand (in addition to the graphical date picker that was already there)
Create GitLab Merge Request from Tuleap artifacts
This is a common pattern in the GitLab & GitHub world. Whenever a new development is started, not only a dedicated branch is created but a Merge Request is also drafted. This is used to have a better overview of the work currently being done because it’s easier to have the list of open Merge Request than the list of “open” branches.
From Tuleap, the creation cab be easily done is the action menu of an artifact and the creation of Merge Request is selected by default.
Relax constraints on Tuleap Pull Requests creations
There is still work going on for Tuleap Git, the branch & pull request creation from artifacts (as we already do for GitLab repositories). In order to prepare that, we had to relax the constraints that existed on the creation of Pull Request.
Let’s take a quick example. Tuleap enforced that the source and destination of a Pull Request had to be different commit SHA-1. This was done because there was no sense in merging a commit on itself. However, as we will be able to create a Pull Request when a branch is started, this constraint cannot hold.
So, now, the only constraint that remains for Pull Request creation is that there cannot be more than one Pull Request with the same source and destination based on the branch names. The verification of the consistency is moved on the Pull Request themselves. They cannot be merged if the source and destination are the same.
Bugs and requests
There were 44 bugs fixed and requests implemented during the 13.10 release cycle. Bugs and security fixes were already back-ported on Tuleap Enterprise builds. You will find below a curated list of fixes. The most notable ones are in bold.
SQL injection via the field name of a tracker – CVE-2022-31058 – CVSSv3.1 score: 7.2 (High)
XSS via the title of a document – CVE-2022-31063 – CVSSv3.1 score: 5.4 (Medium)
Resources of private projects can be accessed by non project members – CVE-2022-31032 – CVSSv3.1 score: 4.3 (Medium)
- Naming a field “id” breaks the report
- In dashboards : tracker table reports are affected by report session when there are additional criteria
- Clear default values when form element is changed from a multiple list to a simple list
- Do not use unordered list to display followup comments
- homogenizes version’s field name in docman
- Chrome-based browsers fallback on filename in HTTP headers
- Git repository export is broken in project XML export
- Text in the user widget last Git pushes is scrambled together
- [TTM] dependency graph does not appear in modal
- Step definition format is automatically changed
- Artifact link types are not exported in document generated in TTM campaign
- Ease installation of plugins
- Project visibility should be display in admin templates view
- Allow to set sys_name setting via
- Allow to setup sys_plugins_that_can_not_be_disabled_from_the_web_ui setting via tuleap config-set
- Updating invitations generates an error
- Invitations section should not be listed in the siteadmin sidebar LDAP is active