Commit Graph

239 Commits

Author SHA1 Message Date
Tim Abbott 88873138ac Update version following 6.0 release. 2022-11-17 16:42:36 -08:00
Tim Abbott f0e5f69c01 Release Zulip Server 6.0. 2022-11-17 11:44:45 -08:00
Tim Abbott d488ca42e6 docs: Update changelog with commits staged for 6.0. 2022-11-16 22:21:18 -08:00
Alex Vandiver c4e5ddd67f version: Update version and changelog after 5.7 release. 2022-11-16 16:03:05 +00:00
Tim Abbott 426c806a87 docs: Document docker-zulip postgres upgrade requirement.
Since this is a hard requirement for upgrading the Docker image, it's
worth highlighting here.
2022-11-04 15:19:57 -07:00
Tim Abbott b62450c7b3 docs: Update changelog for changes merged for 6.0. 2022-10-31 17:10:13 -07:00
Lauryn Menard 20282f8bdf changelog: Make references to "Recent topics" consistent.
Updates the current 6.0 release notes to include information about
the rename to "Recent conversations", and updates past references
to "recent topics" to be consistently formatted as "Recent topics".
2022-10-21 10:28:19 -07:00
Alya Abbott 2ff4143aa4 docs: Copy-edit changelog for clarity. 2022-10-12 22:37:33 -07:00
Tim Abbott 51f59e9c41 docs: Improve a few changelog descriptions. 2022-10-12 17:38:56 -07:00
Tim Abbott c4a527fedf docs: Update changelog with changes staged for 6.0. 2022-10-12 15:01:45 -07:00
Mateusz Mandera 16829bd84b auth: Fix up AzureAD Oauth2 docs and config.
This commit brings AzureAD config in line with other backends:
- SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET gets fetched in computed_settings.py
  instead of default_settings, consistent with github/gitlab/etc.
- SOCIAL_AUTH_AZUREAD_OAUTH2_KEY gets fetched in default_settings via
  get_secret(..., development_only=True) like other social backends, to
  allow easier set up in dev environment, in the dev-secrets.conf file.
- The secret gets renamed from azure_oauth2_secret to
  social_auth_azuread_oauth2_secret to have a consistent naming scheme with
  other social backends and with the SOCIAL_AUTH_AZUREAD_OAUTH2_KEY
  name. This is backwards-incompatible.

The instructions for setting it up are updated to fit how this is
currently done in AzureAD.
2022-09-06 11:58:08 -07:00
Tim Abbott 5d3e4d3e56 version: Update version and changelog after 5.6 release. 2022-08-24 16:36:50 -07:00
Tim Abbott 5ae0b08b6c docs: Fix codespell linter error. 2022-07-30 10:10:07 -07:00
Tim Abbott 6682c2a427 docs: Update changelog with changes staged for 6.0.
We'll be merging a lot more features for the 6.0 release, but this
should cover everything merged since 5.0 and not backported to 5.x
and thus already released.
2022-07-30 09:57:55 -07:00
Matt Keller 9ce900f2b4 version: Update version after 5.5 release. 2022-07-21 19:30:30 -07:00
Alex Vandiver 760420b3bb version: Update version and changelog after 5.4 release. 2022-07-12 06:23:28 +00:00
Anders Kaseorg 25f6b53e90 docs: Capitalize Handlebars consistently.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-06-27 13:35:10 -07:00
Alex Vandiver 1ff30bba7c changelog: Use consistent date format. 2022-06-24 18:15:19 -07:00
Alex Vandiver 6ac3104b10 changelog: Make Zulip 4.8 - 4.11 headings consistent. 2022-06-24 18:15:19 -07:00
Alex Vandiver 9ad74739aa version: Update version and changelog after 5.3 release. 2022-06-21 20:48:24 +00:00
Alex Vandiver 625ff57450 version: Update version and changelog after 5.2 release. 2022-05-03 18:00:01 -07:00
Alex Vandiver 104e11c4fd version: Update version and changelog after 5.1 release. 2022-04-01 23:17:11 -07:00
Anders Kaseorg 7de1e7c477 changelog: Remove broken link.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-30 20:37:31 -07:00
Tim Abbott c8dba33408 docs: Fix broken link in changelog. 2022-03-29 09:52:07 -07:00
Tim Abbott 6ea9947991 docs: Run prettier on changelog. 2022-03-29 09:24:06 -07:00
Tim Abbott 12e8f0f5ea version: Update version following 5.0 release. 2022-03-29 08:36:41 -07:00
Tim Abbott d308c694ba Release Zulip Server 5.0. 2022-03-29 08:13:34 -07:00
Tim Abbott 219e213c60 docs: Update changelog with changes since 5.0-rc1. 2022-03-24 17:44:58 -07:00
Tim Abbott bcbba0b20d docs: Fix changelog typo. 2022-03-15 22:17:53 -07:00
Tim Abbott 63cac121ba docs: Update changelog for changes merged in recent months. 2022-03-15 22:12:59 -07:00
Alex Vandiver f77204be14 version: Update version and changelog after 4.11 release. 2022-03-15 14:24:53 -07:00
Anders Kaseorg 75525f5b53 docs: Convert .html#fragment links to .md#fragment.
This uses the myst_heading_anchors option to automatically generate
header anchors and make Sphinx aware of them.  See
https://myst-parser.readthedocs.io/en/latest/syntax/optional.html#auto-generated-header-anchors.

Note: to be compatible with GitHub, MyST-Parser uses a slightly
different convention for .md fragment links than .html fragment links
when punctuation is involved.  This does not affect the generated
fragment links in the HTML output.

Fixes #13264.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-28 16:28:31 -08:00
Alex Vandiver 2e435d2e9a version: Update version and changelog after 4.10 release. 2022-02-25 14:10:20 -08:00
Anders Kaseorg c19d6fb3ef docs: Clean redundant relative links.
We previously had a convention of redundantly including the directory
in relative links to reduce mistakes when moving content from one file
to another.  However, these days we have a broken link checker in
test-documentation, and after #21237, MyST-Parser will check relative
links (including fragments) when you run build-docs.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-24 16:12:18 -08:00
Anders Kaseorg 21cd1c10b3 docs: Add missing space in “time zone”.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-24 14:05:12 -08:00
Anders Kaseorg b3260bd610 docs: Use Debian and Ubuntu version numbers over development codenames.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-23 12:04:24 -08:00
Anders Kaseorg 1fa2761790 upgrade-zulip-stage-2: Remove create_large_indexes optimization.
This was only used for upgrading from Zulip < 1.9.0, which is no
longer possible because Zulip < 2.1.0 had no common supported
platforms with current main.

If we ever want this optimization for a future migration, it would be
better implemented using Django merge migrations.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-23 11:59:45 -08:00
Anders Kaseorg b0ce4f1bce docs: Fix many spelling mistakes.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-07 18:51:06 -08:00
Anders Kaseorg d8f4e0ffb9 webhooks: Correct OpsGenie to Opsgenie.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-07 18:51:06 -08:00
Alex Vandiver 7ec2a2cde7 version: Update version and changelog after 4.9 release. 2022-01-24 18:46:46 -08:00
Alex Vandiver a5496f4098 CVE-2021-43799: Set a secure Erlang cookie.
The RabbitMQ docs state ([1]):

    RabbitMQ nodes and CLI tools (e.g. rabbitmqctl) use a cookie to
    determine whether they are allowed to communicate with each
    other. [...] The cookie is just a string of alphanumeric
    characters up to 255 characters in size. It is usually stored in a
    local file.

...and goes on to state (emphasis ours):

    If the file does not exist, Erlang VM will try to create one with
    a randomly generated value when the RabbitMQ server starts
    up. Using such generated cookie files are **appropriate in
    development environments only.**

The auto-generated cookie does not use cryptographic sources of
randomness, and generates 20 characters of `[A-Z]`.  Because of a
semi-predictable seed, the entropy of this password is thus less than
the idealized 26^20 = 94 bits of entropy; in actuality, it is 36 bits
of entropy, or potentially as low as 20 if the performance of the
server is known.

These sizes are well within the scope of remote brute-force attacks.

On provision, install, and upgrade, replace the default insecure
20-character Erlang cookie with a cryptographically secure
255-character string (the max length allowed).

[1] https://www.rabbitmq.com/clustering.html#erlang-cookie
2022-01-25 02:13:53 +00:00
Alex Vandiver a46f6df91e CVE-2021-43799: Write rabbitmq configuration before starting.
Zulip writes a `rabbitmq.config` configuration file which locks down
RabbitMQ to listen only on localhost:5672, as well as the RabbitMQ
distribution port, on localhost:25672.

The "distribution port" is part of Erlang's clustering configuration;
while it is documented that the protocol is fundamentally
insecure ([1], [2]) and can result in remote arbitrary execution of
code, by default the RabbitMQ configuration on Debian and Ubuntu
leaves it publicly accessible, with weak credentials.

The configuration file that Zulip writes, while effective, is only
written _after_ the package has been installed and the service
started, which leaves the port exposed until RabbitMQ or system
restart.

Ensure that rabbitmq's `/etc/rabbitmq/rabbitmq.config` is written
before rabbitmq is installed or starts, and that changes to that file
trigger a restart of the service, such that the ports are only ever
bound to localhost.  This does not mitigate existing installs, since
it does not force a rabbitmq restart.

[1] https://www.erlang.org/doc/apps/erts/erl_dist_protocol.html
[2] https://www.erlang.org/doc/reference_manual/distributed.html#distributed-erlang-system
2022-01-25 01:48:05 +00:00
Alex Vandiver 43d63bd5a1 puppet: Always set the RabbitMQ nodename to zulip@localhost.
This is required in order to lock down the RabbitMQ port to only
listen on localhost.  If the nodename is `rabbit@hostname`, in most
circumstances the hostname will resolve to an external IP, which the
rabbitmq port will not be bound to.

Installs which used `rabbit@hostname`, due to RabbitMQ having been
installed before Zulip, would not have functioned if the host or
RabbitMQ service was restarted, as the localhost restrictions in the
RabbitMQ configuration would have made rabbitmqctl (and Zulip cron
jobs that call it) unable to find the rabbitmq server.

The previous commit ensures that configure-rabbitmq is re-run after
the nodename has changed.  However, rabbitmq needs to be stopped
before `rabbitmq-env.conf` is changed; we use an `onlyif` on an `exec`
to print the warning about the node change, and let the subsequent
config change and notify of the service and configure-rabbitmq to
complete the re-configuration.
2022-01-25 01:48:02 +00:00
Anders Kaseorg 1d3520db12 webhooks: Remove space from UptimeRobot.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-22 14:05:17 -08:00
Anders Kaseorg 68c99511a2 webhooks: Fix TeamCity capitalization.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-22 14:05:17 -08:00
Anders Kaseorg 65868b09eb webhooks: Add missing space in Review Board.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-22 14:05:17 -08:00
Anders Kaseorg c02c053ec3 webhooks: Fix Mailchimp capitalization.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-22 14:05:17 -08:00
Anders Kaseorg cd8a01587b webhooks: Fix Jotform capitalization.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-22 14:05:17 -08:00
Anders Kaseorg 3ca2f8ca1e webhooks: Fix Clubhouse capitalization.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-12-22 14:05:17 -08:00
Tim Abbott ee77c6365a portico: Use /help/ style pages for displaying policies.
This replaces the TERMS_OF_SERVICE and PRIVACY_POLICY settings with
just a POLICIES_DIRECTORY setting, in order to support settings (like
Zulip Cloud) where there's more policies than just those two.

With minor changes by Eeshan Garg.
2021-12-10 17:56:12 -08:00
Alex Vandiver 54d037f24a version: Update version and changelog after 4.8 release. 2021-12-01 23:42:11 +00:00
Alex Vandiver c33562f0a8 puppet: Default to installing smokescreen on application frontends.
This is an additional security hardening step, to make Zulip default
to preventing SSRF attacks.  The overhead of running Smokescreen is
minimal, and there is no reason to force deployments to take
additional steps in order to secure themselves against SSRF attacks.

Deployments which already have a different external proxy configured
will not gain a local Smokescreen installation, and running without
Smokescreen is supported by explicitly unsetting the `host` or `port`
values in `/etc/zulip/zulip.conf`.
2021-11-19 15:29:28 -08:00
Alex Vandiver 3922b171a8 version: Update version and changelog after 4.7 release. 2021-10-04 21:52:52 +00:00
Tim Abbott 10c47b5d6c version: Update version and changelog after 4.6 release. 2021-09-23 16:19:57 -07:00
Tim Abbott ea6a40661c migrations: Add progress output to confirmation backfill.
This makes it a lot easier to estimate how long this migration will
take to run. Additionally, document this migration in the upgrade notes.
2021-09-17 11:23:32 -07:00
Anders Kaseorg a4dbc1edd4 docs: Format Markdown with Prettier.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-08 12:06:24 -07:00
Anders Kaseorg 35c1c8d41b docs: Apply sentence single-spacing from Prettier.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-08 12:06:24 -07:00
Anders Kaseorg 915884bff7 docs: Apply bullet style changes from Prettier.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-08 12:06:24 -07:00
Anders Kaseorg 6145fdf678 docs: Rewrap to avoid line breaks in inline code spans.
This works around https://github.com/prettier/prettier/issues/11372.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-08 12:06:24 -07:00
Anders Kaseorg f4d2d199e2 docs: Display `main` branch name as inline code.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-06 12:56:35 -07:00
Anders Kaseorg 646c04eff2 Rename default branch to ‘main’.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-06 12:56:35 -07:00
Anders Kaseorg b29b6f6526 docs: Add syntax highlighting languages to code blocks.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-20 06:14:47 -07:00
Alex Vandiver ec354ee013 changelog: Add 2.1.8 release notes. 2021-08-12 01:06:15 +00:00
Tim Abbott 665f479f4d docs: Update changelog since 4.0 release. 2021-07-29 14:54:17 -07:00
Tim Abbott 361112a08f version: Update version and changelog after 4.5 release. 2021-07-25 16:05:22 -07:00
Alex Vandiver 34833aa795 version: Update version and changelog after 4.4 release. 2021-07-22 17:12:36 -07:00
Tim Abbott 84c7c8cc0d version: Update version and changelog after 4.3 release. 2021-06-02 12:55:50 -07:00
Anders Kaseorg e015f3ed7d docs: Correct “webapp” to “web app”.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-05-14 13:15:38 -07:00
Tim Abbott ed04966f79 version: Update version and changelog following 4.2 release. 2021-05-13 22:09:48 -07:00
Tim Abbott 6d4e7aa307 version: Update version and changelog following 4.1 release. 2021-05-13 18:58:11 -07:00
Tim Abbott bf4f6544e7 version: Update version following 4.0 release. 2021-05-13 15:48:15 -07:00
Tim Abbott 825192a051 Release Zulip Server 4.0. 2021-05-13 15:37:37 -07:00
Tim Abbott 4fd9a971ed lint: Allow changelog link to latest changelog. 2021-05-13 12:36:56 -07:00
Tim Abbott 49e076e01c changelog: Fix link to release lifecycle. 2021-05-12 22:51:15 -07:00
Tim Abbott df2e8fd047 docs: Update changelog in preparation for 4.0 release.
We drop the 4.0-rc1 label, since the changelog now has things not
present in that release candidate.
2021-05-12 22:38:25 -07:00
Alex Vandiver a9ced1d228 smokescreen: Capitalize Smokescreen in documentation. 2021-05-12 12:32:39 -07:00
Tim Abbott 07a2e91688 docs: Update changelog heading for new release lifecycle page.
Also update the release checklist to make sure we don't forget to
update the top-heading section when we publish a new major release.
2021-05-05 17:45:11 -07:00
Tim Abbott d002035856 docs: Clarify how changelog is updated.
This should help avoid anyone being confused that Zulip may not be
actively developed when viewing our ReadTheDocs.
2021-05-05 17:20:19 -07:00
Mateusz Mandera 684908bdce docs: Update changelog the mention user may get logged out.
This is due to the mechanism described in
https://docs.djangoproject.com/en/3.2/topics/auth/default/#session-invalidation-on-password-change
combined with the changes introduced in
76ae6ccf85
2021-05-04 14:56:17 -07:00
Tim Abbott d5559e1e7b docs: Fix link to roles-and-permissions. 2021-05-03 17:44:36 -07:00
Tim Abbott 4fd0725678 version: Update for 4.0-rc1 release. 2021-05-03 17:37:01 -07:00
Tim Abbott a1f543f605 docs: Update changelog with changes present in 4.0-rc1. 2021-05-03 17:27:22 -07:00
Alex Vandiver bc9d20eaa2 docs: Describe the process of upgrading settings.py files.
Fixes #17782.
2021-04-27 18:01:28 -07:00
Anders Kaseorg 6060d0d364 docs: Add missing space to compound verbs “log in”, “set up”, etc.
Noun: backup, checkout, cleanup, login, logout, setup, shutdown, signup,
timeout.

Verb: back up, check out, clean up, log in, log out, set up, shut
down, sign up, time out.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-04-26 09:31:08 -07:00
Alex Vandiver ce0a90da37 docs: Update changelog for 3.3/3.4 releases. 2021-04-14 12:23:55 -07:00
Tim Abbott 87c50b1f0a docs: Update changelog through current master.
This likely still needs work on updating the list of highlights, as
well as an editing pass, but we shouldn't need to read the whole
`git log --stat` again.
2021-03-29 00:06:16 -07:00
smit_patel 5ddb5fc534 popovers: Change "Delete all messages in topic" to "Delete topic".
This cleans up the copy a bit to be more readable.

Documentation changes cleaned up by tabbott.

Fixes #16856.
2021-03-23 15:46:00 -07:00
Aman Agrawal 961d1d0a68 community_topic_edit: Increase time limit to 3 days.
24hrs is a small time in an asynchronous conversation. Increased
time limit of topic editing for non-admins to 3 days.
2021-01-25 14:55:33 -08:00
Aman Agrawal c685d36821 hipchat_import: Remove tool from codebase.
Remove functions and scripts used by HipChat import tool and
those which will no longer be required in future.
2020-12-23 08:28:49 -08:00
Tim Abbott 909b484d64 docs: Improve headings for changelog. 2020-11-06 16:50:28 -08:00
Alex Vandiver 1f7132f50d docs: Standardize on PostgreSQL, not Postgres. 2020-10-28 11:55:16 -07:00
Anders Kaseorg 72d6ff3c3b docs: Fix more capitalization issues.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-10-23 11:46:55 -07:00
Anders Kaseorg 6564540d15 docs: Fix some spelling errors.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-10-13 15:47:13 -07:00
Tim Abbott a3285d4568 docs: Update changelog since 3.0 release.
Changes through 456b0dd258 are recorded here.
2020-09-18 11:36:43 -07:00
Tim Abbott 456b0dd258 docs: Update changelog for 3.1/3.2 releases. 2020-09-17 16:54:08 -07:00
Anders Kaseorg 6dea085187 docs: Correct “login” as a verb to “log in”.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-11 10:25:53 -07:00
Anders Kaseorg 64b2212c23 docs: Correct “setup” as a verb to “set up”.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-11 10:25:53 -07:00
Anders Kaseorg fb2e56e3c9 docs: Fix capitalization of keyboard keys.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-11 10:25:53 -07:00
Anders Kaseorg c155403884 docs: Fix various capitalization errors.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-11 10:25:52 -07:00
Anders Kaseorg 768f9f93cd docs: Capitalize Markdown consistently.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-11 10:23:06 -07:00