@@ -6,14 +6,26 @@ individual releases of the MiG project code.
66== News ==
77A short description of changes
88
9+ === January 22nd, 2021 ===
10+ After almost two years of further development it's about time to make a new
11+ release. Again we've implemented a load of new features with bug fixes and
12+ security improvements as well. Some feature highlights include a brand new
13+ stream-lined user interface with in-line help, personal Cloud instances,
14+ additions and improvements to the sensitive data mode, a Peers system for
15+ inviting external collaboration partners, Jupyter recipe-based workflows with
16+ provenance support, authlog email notifications about login errors, several 2FA
17+ improvements, account expiry+status control and experimental OpenID Connect
18+ support.
19+
20+
921=== February 27th, 2019 ===
1022Long due new release with plenty of added features especially in four
1123areas, namely an OpenSSH-based SFTP service, Jupyter integration, DOI
1224integration for archives and a new site mode to host EU GDPR data with
1325the associated strict access and logging requirements.
1426In relation to that work we've a.o. added 2FA support, import from sharelinks
1527and archives, added helpers to ease use of Jupyter as an interactive
16- course infrastructure. Additionally ithe release includes a number of
28+ course infrastructure. Additionally the release includes a number of
1729security improvements across the board.
1830
1931
@@ -194,6 +206,57 @@ More detailed changelogs for the public releases.
194206The full changelog is available from the repository:
195207https://sourceforge.net/p/migrid/code/commit_browser
196208
209+ == 1.9.0 ==
210+ - Experimental OpenID Connect support
211+ - Improved sign up input validation with user guidance
212+ - Transfer sensitive data project ownership
213+ - Full provenance in Jupyter workflows
214+ - A Peers system for inviting e.g. external collaboration partners
215+ - Events service tuning to fit new-style VGrids
216+ - SECURITY: Forced HTTPS for various anonymous pages like front page
217+ - Configurable max concurrent SFTP sessions
218+ - SECURITY: Harden Apache and SFTP/WebDAVS/FTPS security settings
219+ - SECURITY: Harden against inadvertent ssh command access through sftpsubsys
220+ - Python 3 preparations
221+ - System notification daemon to inform users about login errors and reason
222+ - Unified auth logging system for IO services
223+ - VGrid/Workgroup, Archives, Resources and People lazy-load AJAX optimizations
224+ - Flexible system storage support
225+ - JQuery dependency updates and security fixes
226+ - SECURITY: account expiry and account status with account suspend etc.
227+ - SECURITY: Sign up authenticity verification fixes
228+ - Project information interface for sensitive data projects
229+ - Optimize various concurrent components by replacing locks with file markers
230+ - WSGI robustness fixes for security scanner corner cases
231+ - 2FA setup polish and (re)set shared key helper scripts
232+ - User-selected start page
233+ - User script support for OpenID access and 2FA session init
234+ - Quick Tips integration
235+ - Memory leak fixes in PAM/NSS modules
236+ - Jupyter recipe-based workflows e.g. for parameter sweeps
237+ - Python griddaemon hooks in PAM module for shared rate limit, notify, etc.
238+ - Gravatar and more user profile support
239+ - GDB breakpoint support in PAM/NSS
240+ - Rework integrated status messages for improved sharing
241+ - Personal Cloud instances through OpenStack
242+ - Brand new web user interface with inline docs and help
243+ - AJAXification on several web pages where actions may be slow
244+ - 2FA tweaks to better handle tokens and clients with limited clock skew
245+ - Expose more functionality through RPC
246+ - SECURITY: support for strict 2FA source IP enforcement
247+ - SECURITY: reworked rate-limit handler for persistence and fail2ban use
248+ - Remote Seafile integration with proxy support
249+ - OpenID socket tweaks to avoid client queue filling up due to stale clients
250+ - Apache variable to quickly switch between minimal and production mode
251+ - Multiple conf generator additions for more flexibility
252+ - Integrate privacy and policy notices on web to allow e.g. GDPR compliance
253+ - Archives extended to provide file checksums and improved concurrent access
254+ - Flexible sensitive data categories with custom fields and actions
255+ - Update Jupyter authentication and data post to new HeaderAuthenticator
256+ - Mandatory token verification in wizard before actual 2FA activation
257+ - DOI import to dynamically show upstream registered DOI metadata in Archives
258+
259+
197260== 1.8.0 ==
198261- Configurable password strength policy
199262- New JSONRPC interface similar to the existing XMLRPC one
0 commit comments