Cosmetics

This commit is contained in:
Unrud 2020-04-27 12:29:29 +02:00
parent 9a5ba5aa1b
commit 1e6c89d11e

51
NEWS.md
View File

@ -2,45 +2,54 @@
## master ## master
This release is incompatible with previous releases. See the upgrade checklist below. This release is incompatible with previous releases.
See the upgrade checklist below.
* Common * Parallel write requests
* Parallel write requests * Support PyPy
* Support PyPy * Protect against XML denial-of-service attacks
* Protect against XML denial-of-service attacks * Check for duplicated UIDs in calendars/address books
* Check for duplicated UIDs in calendars/address books * Only add missing UIDs for uploaded whole calendars/address books
* Only add missing UIDs for uploaded whole calendars/address books * Switch from md5 to sha256 for UIDs and tokens
* Switch from md5 to sha256 for UIDs and tokens * Code cleanup:
* Code cleanup: * All plugin interfaces were simplified and are incompatible with
* All plugin interfaces were simplified and are incompatible with old plugins old plugins
* Major refactor * Major refactor
* Never sanitize paths multiple times (check if they are sanitized) * Never sanitize paths multiple times (check if they are sanitized)
* Config * Config
* Multiple configuration files separated by ``:`` (resp. ``;`` on Windows) * Multiple configuration files separated by ``:`` (resp. ``;``
on Windows)
* Optional configuration files by prepending file path with ``?`` * Optional configuration files by prepending file path with ``?``
* Check validity of every configuration file and command line arguments separately * Check validity of every configuration file and command line
* Report the source of invalid configuration parameters in error messages arguments separately
* Report the source of invalid configuration parameters in
error messages
* Code cleanup: * Code cleanup:
* Store configuration as parsed values * Store configuration as parsed values
* Use Schema that describes configuration and allow plugins to apply their own schemas * Use Schema that describes configuration and allow plugins to apply
their own schemas
* Mark internal settings with ``_`` * Mark internal settings with ``_``
* Internal server * Internal server
* Bind to IPv4 and IPv6 address, when both are available for hostname * Bind to IPv4 and IPv6 address, when both are available for hostname
* Set default address to ``localhost:5232`` * Set default address to ``localhost:5232``
* Remove settings for SSL ciphers and protocol versions (enforce safe defaults instead) * Remove settings for SSL ciphers and protocol versions (enforce safe
defaults instead)
* Remove settings for file locking because they are of little use * Remove settings for file locking because they are of little use
* Remove daemonization (should be handled by service managers) * Remove daemonization (should be handled by service managers)
* Logging * Logging
* Replace complex Python logger configuration with simple logging.level setting * Replace complex Python logger configuration with simple
``logging.level`` setting
* Write PID and ``threadName`` instead of cryptic id's in log messages * Write PID and ``threadName`` instead of cryptic id's in log messages
* Use ``wsgi.errors`` for logging (as required by the WSGI spec) * Use ``wsgi.errors`` for logging (as required by the WSGI spec)
* Code cleanup: * Code cleanup:
* Don't pass logger object around (use ``logging.getLogger()`` instead) * Don't pass logger object around (use ``logging.getLogger()``
instead)
* Auth * Auth
* Use ``md5`` as default for ``htpasswd_encryption`` setting * Use ``md5`` as default for ``htpasswd_encryption`` setting
* Move setting ``realm`` from section ``server`` to ``auth`` * Move setting ``realm`` from section ``server`` to ``auth``
* Rights * Rights
* Use permissions ``RW`` for non-leaf collections and ``rw`` for address books/calendars * Use permissions ``RW`` for non-leaf collections and ``rw`` for
address books/calendars
* New permission ``i`` that only allows access with HTTP method GET * New permission ``i`` that only allows access with HTTP method GET
(CalDAV/CardDAV is susceptible to expensive search requests) (CalDAV/CardDAV is susceptible to expensive search requests)
* Web * Web
@ -56,7 +65,7 @@ This release is incompatible with previous releases. See the upgrade checklist b
## Upgrade checklist ## Upgrade checklist
* Configuration * Config
* Some settings were removed * Some settings were removed
* The default of ``auth.htpasswd_encryption`` changed to ``md5`` * The default of ``auth.htpasswd_encryption`` changed to ``md5``
* The settings ``server.realm`` moved to ``auth.realm`` * The settings ``server.realm`` moved to ``auth.realm``