Kallithea 0.5.0 released

We are pleased to announce Kallithea 0.5.0, with as most important feature support for SSH repository access. This feature means:

• repository URLs like ssh://kallithea@example.com/name/of/repository

• when using SSH, all network traffic for both read and write happens over the SSH protocol on port 22, without using HTTPS nor the Kallithea WSGI application

• encryption and authentication protocols are handled by ssh on the client using the user's public key to connect and authenticate to the server's sshd system service.

• users can upload their public SSH key (e.g. .ssh/id_rsa.pub) through the Kallithea web UI, where it is put in the Kallithea system user's .ssh/authorized_keys file, locked down to Kallithea only providing protocol access as that user.

• in their SSH client configuration, users can configure how the client should control access to their SSH key - without passphrase, with passphrase, and optionally with passphrase caching in the local shell session (ssh-agent). This is standard SSH functionality, not something Kallithea provides or interferes with.

• network communication between client and server happens in a bidirectional stateful stream, and will in some cases be faster than HTTPS with several stateless round-trips.

In addition to adding SSH repository access, there have been improvements and fixes in several areas.

Support for Mercurial 5.2 was added.

The handling of the feature Admin > Settings > Visual > (HTTP) Clone URL was refactored. For most users this should not have any effect, but in case you are using a custom Clone URL, it is now explicitly checked that it contains either the string {repo} or _{repoid}.

The permission system was cleaned up. It is now ensured that all permissions are additive and that every user has at least the same permissions as the 'default' user.

In the .ini file, the api_access_controllers_whitelist has been removed. Authentication via API key will now automatically give access to all APIs that the corresponding user has access to.

With this release we dropped support for Python 2.6. Currently only Python 2.7 is supported, and we are working towards full support for Python 3.x.

Support for the 'repository locking' feature (pull-to-lock, push-to-unlock) was removed.

See 'Changes' below for a more detailed list of changes most relevant to users.

Upgrading from 0.4.x

Please refer to the upgrade instructions in the documentation for detailed steps: https://kallithea.readthedocs.io/en/stable/upgrade.html. Below are just some specific notes.

As mentioned in the upgrade instructions, generate a new configuration file and apply the necessary changes to fit your installation. There have been changes in the configuration file; starting from the old one would be a source of errors or confusion.

To enable SSH repository access, first follow the normal upgrade procedure, then refer to the instructions at: https://kallithea.readthedocs.io/en/stable/setup.html#using-kallithea-with-ssh

Changes

Below are the most relevant changes between 0.4.1 and 0.5.0. Note that it is not a complete list: many changes are purely internal refactoring. Please refer to the source repository if you are interested in full details.

Authentication

• cleanup of permission system, making all permissions additive, and with everybody inheriting from the default user
• drop api_access_controllers_whitelist and give API key auth same access as other kinds of auth ^cs
• allow LDAP users with non-ASCII characters in the DN ^cs

CLI commands

• introduce -h alias for --help ^cs

Cache system

• various preparatory changes to improve the caching system
• invalidate repository cache of README and RSS based on latest revision hash ^cs

Configuration file (ini)

• change default .ini to always include trace_errors settings and thus avoid deprecation warnings ^cs
• rename .ini settings to avoid beaker-session deprecation warnings ^cs
• create separate log handlers for color and null, and add comments hinting how they can be used ^cs
• drop explicit propagate = 1 from logger configuration - that is already the default ^cs

Database

• drop unused Ui settings for hgweb ^cs

Documentation

• fix documentation regarding theme.less file ^cs
• document official method for beaker cache cleanup ^cs
• various updates and fixes

Hooks

• drop server_url parameter ^cs
• make sure push and pull hooks are always enabled ^cs

Middleware

• reintroduce the optional wrapper middleware for logging request timing and memory usage ^cs

SSH repository access

• add support for SSH repository access

User interface functionality

Admin

• in advanced settings, only show repos of same type in the select list for "Parent" ^cs
• refactor handling of Admin > Settings > Visual > (HTTP) Clone URL
• clone_url: introduce {system_user} and {hostname} variables that will be used for SSH clone URL ^cs
• always show permanent URL on repo settings page - the click-to-display functionality was confusing ^cs

Front-end

• track package-lock.json ^cs
• update various external dependencies

Pull requests

• in PR update list, only show first line of commit messages ^cs

Search

• fix '' is not unicode when searching for wildcards ^cs
• avoid crash when making (odd) search for * ^cs

Version control systems support

Git

• exit early if Git is found but too old (Issue #342) ^cs

Mercurial

• fix pull requests between repositories by using the makeunionrepository factory with Mercurial 4.8 ^cs
• add support for Mercurial 5.2

Other changes

• helpers: replace webhelpers.flash with own implementation ^cs
• helpers: use WebHelpers2 as much as possible - it supports Python3, and WebHelpers is dead ^cs
• i18n: internal rework of how translations are imported into the source repository
• i18n: update translations for Bulgarian, Dutch/Flemish, German, Greek, Japanese, Norwegian Bokmål, Polish, Simplified Chinese, Ukrainian.
• i18n: add translations for Bulgarian and Turkish.
• locking: drop the pull-to-lock / push-to-unlock functionality ^cs
• setup: drop support for Python 2.6 ^cs
• setup: various version bumps of external dependencies
• setup: set explicit minimum version for all dependencies ^cs
• various changes related to proper closing of resources and connections

Thanks

We would like to thank everyone that contributed to the Kallithea repository (directly or by updating translations in Weblate) since release 0.4.1 (the numbers are the amount of commits)...

221 Mads Kiilerich
 37 Thomas De Schampheleire
  8 Christian Oyarzun
  2 Dominik Ruf
  2 Allan Nordhøy
  2 ssantos
  2 Tim Freund
  2 THANOS SIOURDAKIS
  2 Oleksandr Shtalinberg
  2 Elizabeth Sherrock
  1 Nathan
  1 Христо Станев
  1 Hüseyin Tunç
  1 Mateusz Mendel
  1 leela

... as well as everyone contributing in other ways, e.g. by reporting issues, discussing via mail or IRC, etc.