Next-20260224

This is mainly a bugfix release:

• Fill in 'peers' fields from userdb if available on authenticated ext account access renewal (#443)
• Fix mapping to backend data in (lustre) quota (#457)
• Fix a regression in transparent compression of event files (#459 #460)
• Refactor and migrate events to FHSesque location with more cron+event service helpers (#464)
• Adjust wsgi to handle Fieldstorage str vs bytes issue and log errors (#462 #463)
• Enable TracTags module (#468)
• Consistently use the injected user for containerised operations (#469)
• Fix leading zero removal of cron_match (#470)

Additional details are available in the complete changelog since last release for further elaboration in the real release.

Next-20260213

This is a minor bugfix release:

• Fix cron and events task isolation (#458)
• Clean up various debug in general javascript and on Home (#451 #456)
• Use more sphinx user-docs on Support pop-up on user pages (#452)

Additional details are available in the complete changelog since last release for further elaboration in the real release.

Next-20260211

This is a minor bugfix release:

• Fix mangled layout of accounting info on user Account page (#447)
• Fix lustre quota failure on systems without gocryptfs (#449)
• Fix crash if accounting info doesn't load and log error (#450)

Additional details are available in the complete changelog since last release for further elaboration in the real release.

Next-20260209

This is a bugfix and feature release:

• Support exotic characters in user names (#35)
• Only monitor logs from enabled services in migerrors (#381)
• Fix logout from gdp project page (#346)
• Add a significant number of unit tests for several of our core modules
• Automatic compression of event records in events_home (#345)
• Add helper to reset vgrid/user/resource caches (workaround for #121)
• Allow site admins to sign up for oid/cert access despite site_signup_prefilter (#358)
• Fix the check for correct password in access renewal requests (#355)
• A number of python 3 function adjustments and python 2 legacy eliminations (#353)
• Fix various lint warning and errors
• Unit test framework extension and tuning
• Retired various old unused components like the ARC wrapper
• Fix unintialized system_filter variable in vgridworkflows backend (#396)
• Use 'End date' rather than 'Expire' on Peers to limit confusion with account expire (#398)
• Re-implement storage quota support as a daemon (#393)
• Refactor HTTP put handler and disable unless explicitly enabled (#339)
• Run unit test as unprivileged user inside containers to avoid subtle errors and surprises (#403)
• Adjusted our SSH algorithm tuning to better fit the ssh-audit hardening (#279)
• Prevent concurrent edit user account interference (#401, #406)
• Disable graphviz integration in Trac as it currently a.o. breaks wiki macros (#415)
• Begin updating web front page to use sphinxs generated user-docs (#416)
• Fix recursive removal to address issue in vgrid removal (#423)
• Address twofactor redirect failures for Trac URLs with @ in them (#418)
• Fix mode constants used in fileio read+write access helpers (#378)
• Fix fileio get size return value for missing files (#378)
• Provide context manager in fileio for use in protecting e.g. twofactor files (#407)
• Eliminate legacy py2 workarounds for slow listdir, scandir and walk (#424)
• Fix PatternMatchingEventHandler constructor calls on watchdog 5.0+ (#145)
• Allow removing already deleted site account users from vgrids (#195, #427)
• Implement storage accounting support as a daemon (#420)
• Ensure that every jupyter host node can be selected (#437, #438)
• Address web render issue with a workaround for a known bootstrap/jquery-ui conflict (#205)
• Fix sharelink link to open newly created directories inside R+W sharelinks (#373)
• Display storage usage on user Account page (#440)
• Integrate apache mod reqtimeout use if requested to battle 'slowloris' style sieges (#388)
• Fix the janitor accountreq function calls to actually act on the return value (#441)
• Add an apache Alias entry for /letsencrypt/ to finally address symlink to self issue (#4)
• Extend Janitor to handle authenticated external account renewals with peer (#364)

Additional details are available in the complete changelog since last release for further elaboration in the real release.

Next-20250926

This is a bugfix and feature release:

• Fix old issue with only showing Server Admin app for actual admins (#40)
• Expanded sftp access to also cover read-only and write-only sharelinks (#284)
• Various obsolete python2 leftover cleanups (#301)
• Update quicktips with entries about Apps and site Status page (#304)
• Add common local disk file systems to migstat and prevent output on success (#305)
• Retire obsolete inline image preview support (#306)
• Fix theoretical PAM/NSS string handling overflow issues (#307, #308, #309, #310, #311, #312, #313)
• Polish DeIC storage helpers (#216, #314)
• Silence migimportdoi and migindexdoi in cronjobs unless actually in use (#315)
• Integrate QR code on sharelink invite page to ease direct visual sharing (#316, #317)
• Limit GDP log noise from configured known security scanners (#319)
• Port old paramiko scan noise silencer to modern platforms and versions (#320)
• New janitor service to do recurring background cleanup and automate trivial operator tasks (#322)
• Remove recursive directory loops from obsolete legacy symlinks (#323)
• Increased unit test coverage (#324, #326, #327)
• More migration of scripts and code to mig/lib/, bin/ and sbin/ (#329)
• Fix failures from utf-8 interpretation of path strings in chkXroot logging (#331)
• Fix a corner-case in make_hash helper (#333)
• Remove all cleverness from unit test filesystem cleanup for consistency (#334)
• Reduce noise from harmless issues in monitoring of sftp/webdavs/ftps logs (#278, #337)
• Filtering of peers email and email during external user sign up (#321, #325 , #339)

Additional details are available in the complete changelog since last release for further elaboration in the real release.

Note: since v1.25.0 we only release the Next branch which is suitable for all modern deployments using python3. We leave the legacy-python2 branch around but it will neither receive further support nor releases.

Next-20250724

This is a bugfix and feature release:

• Fix another issue with show vgrid/workgroup private file rendering (PR #275, issue #258 )
• HTTP header hardening as recommended by W3C and security scans (PR #276, #277)
• Selenium helper updates to support screenshooter with Firefox from snap (PR #280)
• Prevent concurrent migverifyarchives cronjobs and resulting interference (PR #282)
• HSTS tweaks for hardening of BASE_FQDN and PUBLIC_ALIAS_FQDN vhosts (PR #283)
• Address pylint warnings/errors (PR #285, #286, #287)
• Fix python3 issue in usagestats.py helper (PR #288, #289)
• Add simple migstats weekly cronjob using usagestats.py (PR #290)
• Fix python3 issue when using subprocess output (PR #291 - #298)

Additional details are available in the complete changelog since last release for further elaboration in the real release.

Note: since v1.25.0 we only release the Next branch which is suitable for all modern deployments using python3. We leave the legacy-python2 branch around but it will neither receive further support nor releases.

Next-20250702-rc1

This is a bugfix and feature pre-release:

• fix another issue with show vgrid/workgroup private file rendering (PR #275, issue #258 )
• HTTP header hardening as recommended by W3C and security scans (PR #276, #277)

Additional details are available in the complete changelog since last release for further elaboration in the real release.

Note: since v1.25.0 we only release the Next branch which is suitable for all modern deployments using python3. We leave the legacy-python2 branch around but it will neither receive further support nor releases.

Next-20250625

This is a bugfix and feature release:

• fix Server Admin page crash on py3 with existing sitestats (PR #256, issue #257)
• fix show vgrid/workgroup private file rendering (PR #270, issue #269)
• preparation for the eventual merge of PR116 with Archives update (PR #271)
• fix regression from PR233 to allow hyphen in sftpsubsys usernames (PR #272, issue #263)
• add profile Xgi helper (PR #273)
• switch verifyarchives to use our serializer helpers for py3 support (PR #274)
• add state check to verifyarchives helper and use to verify FINAL Archives (PR #268)
• drop svn repo, old py2 and legacy alias branches and complete the move to python3

Additional details are available in the complete changelog since last release for further elaboration in the real release.

Note: with this release we at least temporarily dropped the old Stable-YYYYMMDD release series specifically pointing to the master branch, which was strictly in lock-step with the now retired SourceForge repo. The same applies for the matching Main-YYYYMMDD releases pointing to the corresponding main python2 branch. We also dropped the old edge and experimental alias branches replaced by main and next.
Thus, we now only release the Next branch which is suitable for all modern deployments using python3. We leave the legacy-python2 branch around but it will neither receive further support nor releases.

Next-20250606

This is a bugfix and feature release:

• Point OIDC logout back to proper login page (PR #245)
• Support include_sections in config e.g. for separate SITE and CLOUD section files (PR #244, #249)
• Fix Jupyter sftp port discovery (PR #247)
• Upgrade to Jupyter 4.x support and expose full proxy TLS support (PR #254)

Additional details are available in the complete changelog since last release for further elaboration in the real release.

Note: the Stable-YYYYMMDD release series specifically refers to the master branch, which is strictly in lock-step with the old SourceForge repo and about to be phased out. The matching Main-YYYYMMDD and Next-YYYYMMDD releases refer to the corresponding main and next (previously edge and experimental) branches used in production. Thus, we recommend using Next for all modern deployments using python3 and Main for any remaining legacy python2 deployments until phased out.

Main-20250606

This is a bugfix and feature release:

• Point OIDC logout back to proper login page (PR #245)
• Support include_sections in config e.g. for separate SITE and CLOUD section files (PR #244, #249)
• Fix Jupyter sftp port discovery (PR #247)
• Upgrade to Jupyter 4.x support and expose full proxy TLS support (PR #254)

Additional details are available in the complete changelog since last release for further elaboration in the real release.

Note: the Stable-YYYYMMDD release series specifically refers to the master branch, which is strictly in lock-step with the old SourceForge repo and about to be phased out. The matching Main-YYYYMMDD and Next-YYYYMMDD releases refer to the corresponding main and next (previously edge and experimental) branches used in production. Thus, we recommend using Next for all modern deployments using python3 and Main for any remaining legacy python2 deployments until phased out.