newsSavane - News: Release 1.3: data export, documentation manager (cookbook), bugfixes, cosmetics

Show feedback again
Latest News
Security fix: scp restricted shell bypass posted by beuc, Thu Feb 2 22:02:09 2017 - 0 replies
New Savane release fixes symlink attack and privilege escalation posted by beuc, Wed Dec 2 22:24:18 2009 - 0 replies
Release 3.0: markup language and anti-spam tools posted by yeupou, Mon Dec 4 09:38:30 2006 - 2 replies
Release 2.0: interface heavy improvements, bugfixes and cosmetics posted by yeupou, Tue Oct 3 08:06:29 2006 - 2 replies
We need packagers! posted by yeupou, Tue Sep 19 18:09:45 2006 - 2 replies
[Submit News]
[23 news in archive]

Release 1.3: data export, documentation manager (cookbook), bugfixes, cosmetics

Item posted by Mathieu Roy <yeupou> on Tue Dec 6 09:27:09 2005.

I'm glad to announce savane 1.3 public release. Thanks a lot to anyone involved in release, especially Yves Perrin from CERN.

The cookbook (documentation manager) and data export new features are described at <>

The release tracking has been made with the task #2370.

Moved to SVN:
Savane development moved from CVS to SVN. If you obtained Savane via CVS, to update your copy, you will have to:
- move the current savane directory, with CVS stuff, into somethingelse
- downloading anonymously the SVN into savane, exactly where the previous was (see the SVN page)
- copying configure.cache from the previous savane directory, with CVS stuff, "somethingelse", into the new savane directory
- in the new savane directory, running ./configure && make to regenerate things that requires it.

Obtaining it:
- The GPG-signed tarball is available at <>
- You can use apt-get with Debian, adding "deb stable/" (without quotes) in your /etc/apt/sources.list

Upgrading a running installation:
If you are running Savane 1.2, you should run sql and perl scripts included in savane/update/1.3, as described in savane/update/README (or shipped with the debian package savane-update).
These scripts will handle the trivial changes on the database needed. They are supposedly safe but you should, indeed, do a backup of your database first, just in case (using mysqldump, for instance).

If you are running an older version than 1.2, you should run the scripts in savane/update for each release you missed.

Also, you need to update your configuration following these instructions:

------ configuration update instructions ------
Note that in the following, you must replace
/usr/share/savane-frontend-php/ by the path to the root of your
savane frontend installation (where index.php is).

  • To improve security, you should add the following in your

apache configuration file:

# Restrict access into include/
<Directory /usr/share/savane-frontend-php/include>
Order Allow,Deny
Deny from all

In the main section <Directory /usr/share/savane-frontend-php>
you should also add:

# PHP conf
# to improve security
php_admin_flag allow_url_fopen off
php_admin_flag display_errors off

  • Still for security improvement, you should add in your php.ini, if

you are sure that no PHP installation on your server require these:

disable_functions = exec, passthru, popen, shell_exec, system

This would greatly improve the overal security, making potential flaws
in Savane unexploitable.

  • $sys_datefmt syntax is now exactly the one of strftime(), see
This is a deprecated option, you should use it only if you want to
enforce a specific syntax for dates.
------------ end ------------

Installing it from scratch:
Just follow INSTALL.verbose. You will probably want to take a look at more completes guides available at <>

If you encounter undocumented troubles, please fill a support request at <>

Release ChangeLog:


  • Cosmetics:

- review icons position (bug #4577).
- review Gna! theme: lighter colors to help the eye to
- add emeraud theme (based on Gna! theme and KDE "emerald"
color theme) propose it as default during install.
- new CSS guidelines, version 1.12 + 1.13.
- use "blocks" css element in several places to make it
easier to follow links.

  • Fix some XHTML errors (bug #4692).
  • The selected theme is now honoured when logging in while no cookie

exists but a database setting (bug #4449)

  • Show only user modifiable fields in the "additional constraint"

form, as it makes only sense to check whether this field have changed
since a date if they can be changed (bug #4452).

  • Order alphabetically "additional constraint" fields names. Using

the order configured for the whole form does not make sense inside
a select box, it's not user friendly.

  • For conveniency, CanUse() now interpret both "bugs" and "bug"

as valid argument (bug #4571).

  • Make possible to set automatic transition caused by the field

Open/Closed on item creation (bug #4517).

  • Avoid swarming backslashes to appears in items reports when a form

is reposted several times due to mandatory field not filled
(bug #4618).

  • Users GPG keys are now provided as download, not included in an

HTML page, so it easier to load the key. This way, modern desktop
environment like KDE are able to automatically import the key,
without requiring excessive user interaction (bug #4414).

  • Improve testconfig.php tests: fix a typo in the name of the

variable register_long_arrays, mention that an unset variable may as
well be set to off, add a Securing PHP config section (bug #4538,
bug #4537).

  • When a project is approved, the patch tracker is not activated

by default: this tracker is deprecated.

  • User permissions page, when project admins set users rights, no

longer shows unused features (bug #2205).

  • Makes text area for item details or comments bigger.
  • Links will now be build when the string "file #nnn" appears in

comments/text, like for "bug #nnn".

  • Feature a new tracker: the cookbook manager (task #2369,

bug #4690, bug #2256).

  • FAQ tool was removed, the Cookbook should be used instead.
  • "Status" field is now shown by default to project members when

posting new item for most trackers (bug #4689).

  • Various code cleanups.
  • Cleanup date formatting (bug #4570, task #2614).
  • Internal changes: Add a context guess library that will come

handy for the coobook to know whatis appropriate to suggest to users.
Using the old hand-filled top-tab was implying to many issues,
especially because we would have to fill by hand subcontext info
(main context : which tracker for example ; subcontext : what action
is being done, posting new item for instance).
This implementation deprecates a lot of old things. Most notably,
in all *_header() calls will remains context parameters, aka toptabs,
that will actually never be used any longer).
The new library provide context_title() and context_icon() that should
be used to know which title and icon is appropriate for a given page
(if a parameter title is provided in a *_header() call, it will still
be appended to the icon). Also CONTEXT and SUBCONTEXT constant are
defined and available.

  • Reorganize project administration pages so they look alike other

pages, (mimic My Account Conf, for example), avoid using h3 to put
links but only to put real titles.

  • Remove admin/groupedit-add.php, deprecated function to create

groups. Groups should always be registered in the usual way, even
by site admins, it is cleaner and easier to debug.

  • Show attached files mimetype (ie: image/png) along with size


  • Fix a bug causing "Same a new item" comment post restriction to

always refer to the restriction for new item post of the group type,
instead of the group one if any (bug #4794).

  • Fix a bug causing items in "My Items" and "My Incoming Items" to

look unpredictably ordered and making the page layout slow to be
printed on screen (bug #4808).

  • Incorporate Savane User Guide as "In Depth Guide" into Savane

(task #2598).

  • By default, all items corresponding to the query form are

selected for the Digest.

  • While browsing item, use Item Id in reverse order, from the

latest to the older, as default sorting criteria (bug #4447).

  • Implement interface to select items to export in xml files,

put in a queue handled by the backend (task #2564).


  • Implement export to xml files according to queue generated

via the frontend (task #2565).


  • Add GetDBHash that returns a clean hash. Useful to grab data

which may contain ',', in which case GetDB should not be used.


  • Add tables necessary to make the cookbook manager running.
  • Fusion content of trackers tables *_file into trackers_file.


That's all, folks!


Repackaged once (posted by Mathieu Roy, Tue Dec 6 14:02:18 2005)

Due to bug #4843, it has been already repackaged once.

[ Reply ]

Also about the cookbook (posted by Mathieu Roy, Tue Dec 6 09:36:14 2005)

You may want to read to announce of the cookbook at Gna!:

[ Reply ]



Start a New Thread:

You could post if you were logged in
Show feedback again

Back to the top

Powered by Savane 3.1-cleanup