Summary of changes from May 14, 2018 to May 18, 2018.
|Instances (SAAS)||rSAAS||rSAASfdd4cee||0 commits|
|Services (SAAS)||rSERVICES||rSERVICES0b2b879||0 commits|
|Core (SAAS)||rCORE||rCOREd1ff2e4||0 commits|
- These changes were promoted to stable.
-  In Differential, when you view a diff-of-diffs, files which have not been further modified in the updated diff are no longer shown. This is intended to make it easier to review changes which affect many files but tend to receive only small tweaks during review, like changes which refactor several dozen callsites of some method. See T13137 for some discussion.
- (Via HackerOne) Fixed a bypassable MFA check on the user creation flow. See T13138 for some context and discussion.
- See T13143 for some largely theoretical discussion around attackers using very large changes to bypass security-focused Herald rules which examine file content.
- No migrations in this period.
-  Viewing a dashboard you don't have permission to see now raises a proper permission error rather than fataling.
-  Recent versions of Subversion add one extra legal but unusual space character to one hard-coded command on the wire protocol. We now handle this extra space properly. See T13140.
-  Changeset metadata can now be rebuilt with bin/differential rebuild-changes. This is mostly useful while developing Phabricator.
- Some database exceptions raise more helpful text during initial setup.
- Pushing large changes to servers with little available memory should now succeed more often.
The  icon indicates a change backed by support mana.