General / Major Changes
=======================
- Blockquotes are now rendered with slightly darker text.
Security
========
- Resolved an issue where users with insufficient access could delete
repository mirrors. This issue was reported to us via HackerOne, and we
awarded a $300 bounty to the researcher who discovered it.
- Resolved an issue where Phame skins had insufficient correctness checking,
which could escalate into code execution if several other conditions
were also fulfilled. This issue was reported to us via HackerOne, and we
awarded a $500 bounty to the researcher who discovered it.
- We received about 25 additional reports via HackerOne in this period, but
none described actionable security issues.
- The `phabricator.show-prototypes` option is now locked, to raise the barrier
faced by an attacker who compromises an administrative account. This is a
general hardening measure.
- The `feed.public` and `feed.http-hooks` options are now locked, to raise
the barrier faced by an attacker who compromises an administrative account.
This is a general hardening measure.
- Fixed an issue where `ObjectQuery` might not perform all of the desired
access checks; in practice, this did not seem to impact anything meaningful.
Conduit
=======
- Conduit now supports standard token-based authentication, like most other
similar APIs. This will get better-documented in the future.
- Tokens can be managed in {nav Settings > Conduit API Tokens}.
Diffusion
=========
- Diffusion now (mostly) supports nonlocal repository storage for use in
cluster environments.
- Diffusion repository setup checks are now cluster-aware.
- `diffusion.readmequery` has been removed. Use `diffusion.filecontentquery`
instead.
- Most contexts now support `R<id>` as an alternative repository identifier,
supplementing `r<callsign>`.
Almanac
=======
- Almanac services now have service types and default properies.
- Almanac properties now use most CustomField features.
- Almanac services can now be locked.
- Devices show which services they are members of.
- Expanded the capabilities of `almanac.queryservices`.
- Almanac objects can now be destroyed with `bin/remove`.
Administrative
==============
- Added a `bin/worker` utility for task queue management.
- Added a setup warning for `ft_boolean_syntax`.
- Added `bin/search init` for initializing indexes. This is primarily relevant
for ElasticSearch.
- `bin/phd` will now attempt to start daemons as the `phd.user`.
- Added a setup check to suggest users install Pygments.
- Improved instructions for handling surplus schemata.
- The Config application now allows you to review a log of all configuration
changes.
- Made `phabricator.base-uri` warning more ominous.
Remarkup
========
- Code blocks are no longer highlighted as PHP by default.
- Bracketed numerals (like `[1]`) are no longer interpreted as checkbox ticks.
- Improved handling of adjacent `%%%` literal blocks.
- Improved handling of whitespace in `%%%` literal blocks.
Minor
=====
- Fixed an issue where the XHPAST linter would fail to warn about variable
names in functions which made static method calls.
- Fixed an issue where diffs could become indestructible.
- Fixed a performance issue with some edge queries.
- Fixed an issue where clicking the search icon with no query would execute
an empty search.
- Added more search options for Passphrase credentials.
- Improved some layout and rendering behaviors on narrow displays.
- Herald no longer executes when applying inverse edge transactions.
- Fixed some issues with skipping levels in the document hierarchy when
creating Phriction documents.
- Fixed some performance issues with homepage status queries for users with
a large number of active or assigned items.
- Fixed some issues with Maniphest mail not getting the correct mail tags.
- Fixed an issue with the worker queue on hosts with very long hostnames.
- Transactions now paginate when there are a large number of them.
- Various subscriber behaviors now work better in Maniphest.
- Improved ElasticSearch index construction.
- Improved feedback when users upload files which are too large.
- Owners now supports repositories alphabetically.
- Paste now supports edit policies.
Developer
=========
- The `Futures()` construct has been removed. Instead, use
`new FutureIterator()` explicitly.
- Fixed issues where ExecFuture could fail silently when given bad inputs.
- Fixed an issue where daemons could fail more quietly than they should.
- Introduced CIDR utilities to libphutil.
- Added `bin/auth cache-pkcs8` for caching PKCS8-format keys on OSX.
- Tasks can now be associated with an `objectPHID`.
- Fixed a lot of lint issues, improving the consistency of the codebase.
- Translations now ignore `null` values, so they can be used as placeholders.