Security update

This release fixes a security vulnerability, all users of project 5.x-0.x-dev from before 2007-01-23 are urged to upgrade. For more details, see DRUPAL-SA-2007-004.

NOTE: The upgrade path from 4.7.x-1.* version of the Project issue tracking module is still very confusing, undocumented, and error prone. Sites that use the project module are strongly recommended to not upgrade to Drupal core 5.x until the official 5.x-1.0 release of this module is available.

This release fixes a security vulnerability, all users of project_issue 4.7.x-2.0 are urged to upgrade. For more details, see DRUPAL-SA-2006-031.

Other changes since project_issue-4.7.x-2.0:

Bugs fixed:

• #97944: fix broken pager links on filtered issue queries. This patch also fixes one of the main problems reported in #56200.
• #78595: fixing issue followup previews for php5
• #61453: fixing broken "Issues e-mail address" setting. The UI was mostly hidden unless you were a project administrator, and the code didn't match the descriptions. :( Now, if none of the filters are selected, you really do get the email (as the description has always said).
• #85788 by fgm: project comment id (project_cid) sequence needs DB prefix.
• #82619: blobs from comment bodies need to be decoded (for PostgreSQL).

New features:

• #94000: adding $Name$ tags for automated version identification
• #96971: make better use of tabs and subtabs on project nodes. Patch from comment #3
  by dww, to split up the project edit tab into subtabs for project, issues and releases.

This release fixes a security vulnerability, all users of project_issue (4.7.x-1.0 or 4.7.0 from before the new release system) are urged to upgrade. For more details, see DRUPAL-SA-2006-031.

Besides the security fix, the only other changes in this release are bug fixes since project-issue-4.7.x-1.0:

This release fixes a security vulnerability, all users of project 4.7.x-2.0 are urged to upgrade. For more details, see DRUPAL-SA-2006-031.

This release includes new database updates. After you upgrade, you should run update.php for your site:

• project_release_update_1(): Adds the {project_release_default_versions} table for branch-aware default versions and populates it the best it can. See #89538 for details.
• project_release_update_2(): Adds a new column to the {project_release_projects} table that determines if the development snapshot table should be shown on project nodes. See #101887 and #89539 for details.

Other changes since project 4.7.x-2.0:

Bugs fixed:

• #97173: Download link targets other project's tarball. We were missing an unset() from #93471 and that's causing the wrong download links to be used since we're always using the same project identifier.
• #96986: Minor bug in breadcrumb on releases (patch by Gurpartap, modified by dww to be slightly more clear, and to fix the $breadcumb[] element for the release itself, since we were using $node not $release).

This release fixes a security vulnerability, all users of project (4.7.x-1.0 or 4.7.0 from before the new release system) are urged to upgrade. For more details, see DRUPAL-SA-2006-031.

Besides the security fix, the only other changes in this release are bug fixes since project-4.7.x-1.0:

This release fixes a security vulnerability, all users of cvs.module (4.7.x-1.0 or 4.7.0 from before the new release system) are urged to upgrade. For more details, see DRUPAL-SA-2006-028.

This release includes a new database update: cvs_update_5() which removes a stale entry from the {variable} table. After you upgrade, you should run update.php for your site.

Other changes since cvslog 4.7.x-2.0:

• #94000 by dww: adding $Name$ tags for automated version identification.
• #97031 by Zen: CVS application form fixes + move all strings to the settings page.
• #97128 by dww: don't make the body field required when project administrators edit project releases.
• #97735 by AjK: Extra application status.
• #97789 by AjK, dww and Zen: numerous UI improvements for CVS account management:
  • Changes the status "pending response" to "queued"
  • Adds a new status "disabled"
  • You can now filter the account overview page by status
  • Paginates the list of cvs accounts on the accounts overview page
  • Lots of other minor string improvements
• #101034 by AjK: Two settings form element names not aligned with system variable name.