Summary of changes from April 14, 2022 to May 27, 2022.
|Instances (SAAS)||rSAAS||rSAAS4c4f477||0 commits|
|Services (SAAS)||rSERVICES||rSERVICES866e0bb||0 commits|
|Core (SAAS)||rCORE||rCORE5fe60b2||12 commits|
- These changes were promoted to stable.
IMPORTANT: This release mitigates a significant security issue and all installs are strongly advised to upgrade. See T13683: Security Guidance: References to Files in Remarkup for details.
- Fixed a severe issue with file permissions and references, see above.
- Fixed an issue where global default settings were too broadly editable. This is not generally concerning. This was reported via HackerOne in https://hackerone.com/reports/1563139.
- Removed the feed.publish API for being old, bad, and technically policy-violating. This is not generally concerning. See T13681. This was reported via HackerOne in https://hackerone.com/reports/1566325.
"Duration" is the duration for this install, and may not be representative.
- bin/drydock lease now supports --count N, to acquire multiple identical leases.
- bin/drydock release-lease and bin/drydock release-resource now accept --all. (This is for resetting things in development, and could make a huge mess in a production environment!)
- Drydock now properly makes resources that were created or leased in the last 3 minutes exempt from reclamation.
- Drydock no longer throttles pool growth rates to 25% of active resources, and now tracks leases and pending resources more competently. In general, bursty requests for resources should be satisfied far more effectively now.
- Continued to improve PHP 8.1 compatibility.
- Continued to improve support for whitelabeling (i.e., changing the software product names from "Phabricator" to something else) to support forks.
- The Releeph application has been removed. This application was a minimally functional prototype with no known users in the wild.
- The Phragment application has been removed. This application was a minimally functional prototype with no known users in the wild.
- Fixed an issue with viewing revisions with no changesets (usually arising from automatic updates triggered by empty commits).
- Fixed an issue where Herald could fail to properly extract the (empty) content from an empty commit.
- Fixed an issue where certain object references could form a cycle and break object pages. This was reported via HackerOne in https://hackerone.com/reports/1563142.
The  icon indicates a change that supports a customer.
The  icon indicates a contributed change.