All Versions
30
Latest Version
Avg Release Cycle
157 days
Latest Release
154 days ago

Changelog History
Page 1

  • v6.5.0

    April 19, 2019

    17 April 2019

    🔒 Security

    🚀 This is an important security release which addresses two vulnerabilities, and users should upgrade immediately, particularly if they permit anonymous or low-trust users access to any repository.

    🚀 AD users who have been avoiding 6.2.2 or later versions because of problems introduced in that release ⬆️ should be safe to upgrade to this version, which removes that particular troublesome feature.

    🚀 We are grateful to the team at flab.cesnet.cz for the responsible disclosure of the vulnerabilities addressed by this release.

    🛠 Bugfixes

    • Sanitise service name in calls to Git services (CVE-2019-11217)
    • Prevent non-admin users maninpulating role membership (CVE-2019-11218)
  • v6.4.0

    🚀 13 November 2017 (unreleased)

    🛠 Bugfixes

    • ✂ Removed #710 feature introduced in 6.2.2 as it has proved unreliable

    Other improvements

    • ➕ Added IE-Edge meta tag #740 @CatStarwind
  • v6.3.0

    5 September 2017

    🔋 Features

    • 👍 Allow named users to browse anonymous repos for which they don't have explicit permission #708
    • 👍 Allow custom CSS files #705

    🛠 Bugfixes

    • 🛠 Fix regression in 6.2.2 for certain domain configurations #731/#733

    Other improvements

    • ⚡️ Update compiler used for pages #702
  • v6.2.2

    28 August 2017

    🔋 Features

    • 👍 Allow anonymous users to browse repos without credentials where permitted #710 / @jeffgaroutte

    🛠 Bugfixes

    • Don't unescape Git passwords/usernames unnecessarily #704
    • 👌 Improvements to AD domain handling #706

    Other improvements

    • Enable README display for all folders #713
    • 🌐 Turkish translation improvements #722
  • v6.2.1

    22 May 2017

    🏗 This is identical to 6.2.0, but with corrected version numbering in the appveyor build.

  • v6.2.0

    May 15, 2017

    15 May 2017

    🔋 Features

    • Broader search for AD domain #683
    • 🔧 Reintroduce ActiveDirectoryDefaultDomain configuration item (helps #683)

    🛠 Bugfixes

    • ⏪ Revert Jwt library to v4.x to repair ADFS login #681
    • 🔧 Reintroduce ActiveDirectoryDefaultDomain configuration item #685

    Other improvements

    • 🏁 Permissions for unknown Windows users are set more sensibly when using internal membership #687
    • 🌐 pt-BR translation improvements #678
    • 🚚 All logging now moved to new app_data\logs files
  • v6.1.0

    April 18, 2017
  • v6.0.0

    March 29, 2017

    29 March 2017

    Compatibility issues

    • This version adds column to several tables in the database. This makes it incompatible with previous versions of Bonobo. Please ensure that you have a ⚡️ backup of your App_Data folder before you update.

    🔋 Features

    • A new global option allows a repository to be created by pushing at a non-existent repo name #504
    • Repositories do not need to have an explicit repository administator #505
    • 👍 Allow push for anonymous user can now be set on a per repo basis
    • Repository details screen now has copy-to-clipboard buttons for Git URLs #453
    • 'Rescan' button on Repository index screen allows new file-system repos to be discovered without restarting application #454
    • *.ts and *.json formatting support for file display #455
    • 🆕 New diagnostic page at /home/diagnostics to help with support
    • Claims names are now more consistent with typical ADFS usage #488
    • 👉 Added following environment variables: AUTH_USER_TEAMS, AUTH_USER_ROLES, and AUTH_USER_DISPLAYNAME. See the FAQ for more information. #495
    • The linkify option for commit messages can now be set on a per repo basis
    • Verifies that username, repository and team names are unique as you type them
    • Verifies as you type regex entered for linkification
    • ➕ Added icons to repository listing indicating anonymous push/pull status

    🛠 Bugfixes

    • NullReferenceException in EFRepositoryPermissionService HasPermission #441
    • Inconsistent repo name case-sensitivity (now consistently case-insensitve) #443
    • Correct error reported to Git clients for access to non-existent repo #447
    • 🔧 Bonobo can start enough to allow access to settings if git directory is mis-configured #451
    • Bonobo doesn't run on systems with particular machine.config RoleManager settings #486
    • The repository logo was not visible in all views
    • 🛠 Fixed inability to browse folders in branches other then master #541

    Code improvements

    • ➕ Addition of automated test framework for testing web application
    • Rework of repository permissions Code #492
    • Abort startup if BinaryGUID=False is not set in Sqlite connections.
    • 👌 Improved exception handling in GitController #444
    • ⬆️ Upgrade all web.config files to MVC5 #457
    • ⚡️ Password salt now randomly generated at password update #462
    • 💅 Resharper settings provided so that Resharper suggested style matches project #465
    • 👉 UserModel and User entity class name properties made more consistent #470
    • Far fewer catch-all claueses silently swallowing exceptions
    • ⚡️ Updated jQuery and associated js code to 1.12.4 #586
  • v5.2

    March 16, 2016

    17 March 2016

    🔒 Security

    🚀 This is an important security release adding a CSRF protection to POST actions in the app. Also, it fixes a token validation on password reset function and adds the CSRF protection there as well.

    • ➕ add form antiforgery protection - Will Dean
  • v5.1.1

    March 09, 2016

    12 January 2016

    🐛 Bug Fixes

    • ➕ add Sqlite.Interop.dll to the project so it is part of the release