From 4cd012be501205ec1f9a17cb80d5b93964e6517a Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Aug 31 2016 11:27:02 +0000
Subject: Release 2.4


---

diff --git a/UPGRADING.rst b/UPGRADING.rst
index 697460b..cc38368 100644
--- a/UPGRADING.rst
+++ b/UPGRADING.rst
@@ -1,6 +1,26 @@
 Upgrading Pagure
 ================
 
+From 2.3 to 2.4
+---------------
+
+2.4 brings quite a few changes and some of them impacting the database scheme.
+
+Therefore when upgrading from 2.3.x to 2.4, you will have to:
+
+* Update the database schame using alembic: ``alembic upgrade head``
+
+
+This update also brings some new configuration keys:
+
+* ``VIRUS_SCAN_ATTACHMENTS`` allows turning on or off checking attachments for
+  virus using clamav. This requires pyclamd but is entirely optional (and off by
+  default)
+* ``PAGURE_CI_SERVICES`` allows specifying with which CI (Continuous
+  Integration) services this pagure instance can integrate with. Currently, only
+  `Jenkins` is supported, but this configuration key defaults to ``None``.
+
+
 From 2.2 to 2.3
 ---------------
 
diff --git a/doc/contributors.rst b/doc/contributors.rst
index e0e5ed8..8e1a974 100644
--- a/doc/contributors.rst
+++ b/doc/contributors.rst
@@ -3,21 +3,22 @@ Contributors to pagure
 
 Pagure would be nothing without its contributors.
 
-On July 15, 2016 (release 2.3.3), the list looks as follow:
+On Aug 31, 2016 (release 2.4), the list looks as follow:
 
 =================  ===========
 Number of commits  Contributor
 =================  ===========
-  4105              Pierre-Yves Chibon <pingou@pingoured.fr>
-   174              Ryan Lerch <rlerch@redhat.com>
-    61              farhaanbukhsh <farhaan.bukhsh@gmail.com>
+  4249              Pierre-Yves Chibon <pingou@pingoured.fr>
+   182              Ryan Lerch <rlerch@redhat.com>
+    89              farhaanbukhsh <farhaan.bukhsh@gmail.com>
     59              Johan Cwiklinski <johan@x-tnd.be>
     48              Clement Verna <cverna@tutanota.com>
-    36              Vivek Anand <vivekanand1101@gmail.com>
+    47              Vivek Anand <vivekanand1101@gmail.com>
+    27              Farhaan Bukhsh <farhaan.bukhsh@gmail.com>
     18              Sayan Chowdhury <sayan.chowdhury2012@gmail.com>
+    17              Lubomír Sedlář <lsedlar@redhat.com>
+    17              Patrick Uiterwijk <puiterwijk@redhat.com>
     15              Gaurav Kumar <aavrug@gmail.com>
-    15              Lubomír Sedlář <lsedlar@redhat.com>
-    15              Patrick Uiterwijk <puiterwijk@redhat.com>
     15              Ralph Bean <rbean@redhat.com>
     13              Ghost-script <subho.prp@gmail.com>
     13              Mathieu Bridon <bochecha@fedoraproject.org>
@@ -26,40 +27,46 @@ Number of commits  Contributor
      5              Oliver Gutierrez <ogutierrez@redhat.com>
      5              vanzhiganov <vanzhiganov@ya.ru>
      5              yangl1996 <yltt1234512@gmail.com>
+     4              Eric Barbour <ebarbour@redhat.com>
      4              Maciej Lasyk <maciek@lasyk.info>
      4              Paul W. Frields <stickster@gmail.com>
      3              Ankush Behl <cloudbehl@gmail.com>
      3              Anthony Lackey <alackey96@gmail.com>
      3              Dhriti Shikhar <dhriti.shikhar.rokz@gmail.com>
-     3              Eric Barbour <ebarbour@redhat.com>
      3              Jan Pokorný <jpokorny@redhat.com>
      3              Kushal Khandelwal <kushal124@gmail.com>
      3              Pedro Lima <pedro.lima@gmail.com>
+     3              skrzepto <shims506@gmail.com>
      2              Daniel Mach <dmach@redhat.com>
      2              Nuno Maltez <nuno@cognitiva.com>
      2              Richard Marko <rmarko@fedoraproject.org>
      2              Ricky Elrod <ricky@elrod.me>
      2              Simo Sorce <simo@redhat.com>
      2              Till Maas <opensource@till.name>
+     2              William Moreno Reyes <williamjmorenor@gmail.com>
      2              bruno <bruno@wolff.to>
      2              dhrish20 <dhrish20@gmail.com>
+     2              tenstormavi <avi.avinash3008@gmail.com>
      1              Anthony Lackey <alackey@localhost.localdomain>
      1              David Caro <dcaroest@redhat.com>
      1              Eric Barbour <emb4gu@virginia.edu>
+     1              Haikel Guemar <hguemar@fedoraproject.org>
+     1              Jason Tibbitts <tibbs@math.uh.edu>
      1              Kunaal Jain <kunaalus@gmail.com>
      1              Mathew Robinson <mathew.robinson3114@gmail.com>
      1              Pierre-YvesChibon <pingou@fedoraproject.org>
      1              Rahul Bajaj <rahulrb0509@gmail.com>
      1              Stanislav Ochotnicky <sochotnicky@redhat.com>
+     1              Tiago M. Vieira <tiago@tvieira.com>
      1              Vyacheslav Anzhiganov <vanzhiganov@ya.ru>
      1              Yves Martin <ymartin1040@gmail.com>
      1              abhishek <abhishekarora12@gmail.com>
+     1              abhishek goswami <abhishekg785@gmail.com>
      1              jcvicelli <jcvicelli@gmail.com>
      1              pingou <pingou@fedoraproject.org>
      1              ryanlerch <rlerch@redhat.com>
-     1              skrzepto <shims506@gmail.com>
      1              skrzepto <skrzepto@gmail.com>
-     1              tenstormavi <avi.avinash3008@gmail.com>
+     1              “AnjaliPardeshi” <“anjalipardeshi92@gmail.com”>
 =================  ===========
 
 This list is generated using
diff --git a/files/pagure.spec b/files/pagure.spec
index 95baf02..77135fe 100644
--- a/files/pagure.spec
+++ b/files/pagure.spec
@@ -2,7 +2,7 @@
 %distutils.sysconfig import get_python_lib; print (get_python_lib())")}
 
 Name:               pagure
-Version:            2.3.3
+Version:            2.4
 Release:            1%{?dist}
 Summary:            A git-centered forge
 
@@ -223,8 +223,8 @@ install -m 644 webhook-server/pagure_webhook.service \
 mkdir -p $RPM_BUILD_ROOT/%{_libexecdir}/pagure-ci
 install -m 755 pagure-ci/pagure_ci_server.py \
     $RPM_BUILD_ROOT/%{_libexecdir}/pagure-ci/pagure_ci_server.py
-install -m 644 pagure-ci/pagure-ci.service \
-    $RPM_BUILD_ROOT/%{_unitdir}/pagure-ci.service
+install -m 644 pagure-ci/pagure_ci.service \
+    $RPM_BUILD_ROOT/%{_unitdir}/pagure_ci.service
 
 
 %post milters
@@ -298,6 +298,61 @@ install -m 644 pagure-ci/pagure-ci.service \
 
 
 %changelog
+* Wed Aug 31 2016 Pierre-Yves Chibon <pingou@pingoured.fr> - 2.4-1
+- Update to 2.4
+- - [Security] Avoid all html related mimetypes and force the download if any
+  (CVE-2016-1000037) -- Fixed in 2.3.4 as well
+- Redirect the URL to projects <foo>.git to <foo> (Abhishek Goswami)
+- Allow creating projects with 40 chars length name on newer pagure instances
+- Fix @<user> and #<id> when editing a comment (Eric Barbour)
+- Display properly and nicely the ACLs of the API tokens (Lubomír Sedlář)
+- Removing html5lib so bleach installation finds what version is best (Tiago M.
+  Vieira)
+- Remove the branchchooser from the repoheader (again) (Ryan Lerch)
+- Fix hard-coded urls in the master template
+- Made the interaction with the watch button clearer (Ryan Lerch)
+- Introduce pagure-ci, a service allowing to integrate pagure with a jenkins
+  instance (Farhaan Bukhsh and I)
+- Accept Close{,s,d} in the same way as Merges and Fixes (Patrick Uiterwijk)
+- Avoid showing the 'New PR' button on the overview page is a PR already exists
+  for this branch, in the main project or a fork (Vivek Anand)
+- Fix presenting the readme file and display the readme in the tree page if
+  there is one in the folder displayed (Ryan Lerch)
+- Move the new issue button to be available on every page (AnjaliPardeshi)
+- Fix pagure for when an user enters a comment containing #<id> where the id
+  isn't found in the db
+- Make the bootstrap URLs configurable (so that they don't necessarily point to
+  the Fedora infra) (Farhaan Bukhsh)
+- Fix how the web-hook server determine the project and its username
+- Replace the login icon with plain text (Ryan Lerch)
+- Fix layout in the doc (Farhaan Bukhsh)
+- Improve the load_from_disk utility script
+- Fix our mardown processor to avoid crashing on #<text> (where we expect #<id>)
+- Fix the search for projects with a / in their names
+- Fix adding a file to a ticket when running pagure with `local` auth
+- Improve the grammar around the allowed prefix in our fake-namespaces (Jason
+  Tibbitts)
+- Implement scanning of attached files for viruses (Patrick Uiterwijk)
+- Document how to set-up multiple ssh keys per user (William Moreno Reyes)
+- Add display_name and description to groups, and allow editing them
+- Add the ability to run the post-receive hook after merging a PR in the UI
+- Fix showing the group page even when user management is turned off (Vivek
+  Anand)
+- Make explicit what the separators for tags is (Farhaan Bukhsh)
+- Include the word setting with icon (tenstormavi)
+- Fix the requirements.txt file (Vivek Anand)
+- Cleaned up the topbar a bit (Ryan Lerch)
+- Fix location of bottom pagination links on user page (Ryan Lerch)
+- Add user's project watch list in index page of the user (Vivek Anand)
+- Fix showing the reporter when listing the closed issues (Vivek Anand)
+- Fix accessing forks once the main repo has been deleted (Farhaan Bukhsh)
+
+* Wed Jul 27 2016 Pierre-Yves Chibon <pingou@pingoured.fr> - 2.3.4-1
+- Update to 2.3.4
+- Security fix release blocking all html related mimetype when displaying the
+  raw files in issues and forces the browser to download them instead (Thanks to
+  Patrick Uiterwijk for finding this issue) - CVE: CVE-2016-1000037
+
 * Fri Jul 15 2016 Pierre-Yves Chibon <pingou@pingoured.fr> - 2.3.3-1
 - Update to 2.3.3
 - Fix redering the release page when the tag message contain only spaces (Vivek
diff --git a/pagure/__init__.py b/pagure/__init__.py
index 1b76c0e..11692be 100644
--- a/pagure/__init__.py
+++ b/pagure/__init__.py
@@ -12,7 +12,7 @@
 __requires__ = ['SQLAlchemy >= 0.8', 'jinja2 >= 2.4']
 import pkg_resources
 
-__version__ = '2.3.3'
+__version__ = '2.4'
 __api_version__ = '0.7'