Security update

This release fixes a security vulnerability, all users of project-4.7.x-1.x (or 4.7.0 from before the new release system) are urged to upgrade. For more details, see DRUPAL-SA-2007-004.

Besides the security fix, the only other changes in this release are bug fixes since project-4.7.x-1.1:

• #11879: removing dead hook_content() code
• Reformatting menu item array declarations to be more readable.
• #105227: validation failing when project in URL doesn't match selected value in the form. This was due to bad logic in the form builder.
• #105704: foreach() warning if you do a completely empty advanced search.
• #105521: rip out bizzare "default version" behavior
• #105229: fix CSS to handle new behavior of FAPI #prefix/#suffix (#100787)
• Don't reuse the class="options" div, since that makes the "Publishing options" fieldset become inline, too. now, we use an "inline-options" div when we want everything floated and inline.
• #106783: "inline-table" messes up fieldsets on Opera. It's ignored by Firefox. Safari gets it right, but that's not enough reason to keep it.

This release fixes a security vulnerability, all users of project_issue-4.7.x-2.x are urged to upgrade. For more details, see DRUPAL-SA-2007-004.

Besides the security fix, the other changes since project_issue-4.7.x-2.1 in this release include:

• #11879: removing dead hook_content() code
• Reformatting menu item array declarations to be more readable.
• #97095: Issue tracker should not depend on project_release.module
• #104484: issue tracking not enabled by default for new projects (bug introduced via revision 1.4.2.3.2.2, for #96971).
• #105227: validation failing when project in URL doesn't match selected value in the form. This was due to bad logic in the form builder.
• #105704: foreach() warning if you do a completely empty advanced search.
• #105521: rip out bizzare "default version" behavior
• #105229: fix CSS to handle new behavior of FAPI #prefix/#suffix (#100787)

This release fixes a security vulnerability, all users of project 5.x-0.x-dev from before 2007-01-23 are urged to upgrade. For more details, see DRUPAL-SA-2007-004.

NOTE: The upgrade path from 4.7.x-1.* version of the Project issue tracking module is still very confusing, undocumented, and error prone. Sites that use the project module are strongly recommended to not upgrade to Drupal core 5.x until the official 5.x-1.0 release of this module is available.

This release fixes a security vulnerability, all users of project_issue 4.7.x-2.0 are urged to upgrade. For more details, see DRUPAL-SA-2006-031.

Other changes since project_issue-4.7.x-2.0:

Bugs fixed:

• #97944: fix broken pager links on filtered issue queries. This patch also fixes one of the main problems reported in #56200.
• #78595: fixing issue followup previews for php5
• #61453: fixing broken "Issues e-mail address" setting. The UI was mostly hidden unless you were a project administrator, and the code didn't match the descriptions. :( Now, if none of the filters are selected, you really do get the email (as the description has always said).
• #85788 by fgm: project comment id (project_cid) sequence needs DB prefix.
• #82619: blobs from comment bodies need to be decoded (for PostgreSQL).

New features:

• #94000: adding $Name$ tags for automated version identification
• #96971: make better use of tabs and subtabs on project nodes. Patch from comment #3
  by dww, to split up the project edit tab into subtabs for project, issues and releases.

This release fixes a security vulnerability, all users of project_issue (4.7.x-1.0 or 4.7.0 from before the new release system) are urged to upgrade. For more details, see DRUPAL-SA-2006-031.

Besides the security fix, the only other changes in this release are bug fixes since project-issue-4.7.x-1.0:

This release fixes a security vulnerability, all users of project 4.7.x-2.0 are urged to upgrade. For more details, see DRUPAL-SA-2006-031.

This release includes new database updates. After you upgrade, you should run update.php for your site:

• project_release_update_1(): Adds the {project_release_default_versions} table for branch-aware default versions and populates it the best it can. See #89538 for details.
• project_release_update_2(): Adds a new column to the {project_release_projects} table that determines if the development snapshot table should be shown on project nodes. See #101887 and #89539 for details.

Other changes since project 4.7.x-2.0:

Bugs fixed:

• #97173: Download link targets other project's tarball. We were missing an unset() from #93471 and that's causing the wrong download links to be used since we're always using the same project identifier.
• #96986: Minor bug in breadcrumb on releases (patch by Gurpartap, modified by dww to be slightly more clear, and to fix the $breadcumb[] element for the release itself, since we were using $node not $release).