Kiwi TCMS 11.7

security updates, improvements, bug fixes and new translations

Posted by Kiwi TCMS Team on Tue 03 January 2023 under releases

We're happy to announce Kiwi TCMS version 11.7 and Happy New Year!

IMPORTANT: this is a small release which contains security updates, general improvements, bug fixes and new translations!

You can explore everything at https://public.tenant.kiwitcms.org!

Supported upgrade paths:

5.3   (or older) -> 5.3.1
5.3.1 (or newer) -> 6.0.1
6.0.1            -> 6.1
6.1              -> 6.1.1
6.1.1            -> 6.2 (or newer)

---

Upstream container images (x86_64):

kiwitcms/kiwi   latest  316d5d4865a1    572MB

IMPORTANT: version tagged and multi-arch container images are available only to subscribers!

Changes since Kiwi TCMS 11.6

Security

  • Update bootstrap, bootstrap-select, eonasdan-bootstrap-datetimepicker, jquery and moment-timezone Node.js packages

  • Enable password validators to avoid users choosing weak passwords:

    • password can’t be too similar to other personal information
    • password must contain at least 10 characters
    • password can’t be a commonly used password
    • password can’t be entirely numeric

    Warning:

    Existing users are advised to reset their passwords! For more information see GHSA-496x-2jqf-hp7g

Improvements

  • Update django from 4.1.3 to 4.1.5
  • Update django-colorfield from 0.7.2 to 0.8.0
  • Update django-grappelli from 3.0.3 to 3.0.4
  • Update django-simple-history from 3.0.0 to 3.2.0
  • Update django-tree-queries from 0.11.0 to 0.13.0
  • Update pygments from 2.13.0 to 2.14.0
  • Update python-gitlab from 3.11.0 to 3.12.0
  • Update tzdata from 2022.6 to 2022.7
  • Make navigation menu more compact by moving it into the header
  • Don't install development dependencies for Node.js packages when building the container image

Database

  • Add migrations to reflect indexing changes in django-simple-history 3.1.0. On large databases these will take a while to complete!

Bug fixes

  • Trigger on-change handler for Test Case Search pop-up. Fixes Issue #2679
  • Fix the + Build button on Bug and TestRun pages which didn't properly select Product & Version
  • Editing TestRun page now properly saves all datetime fields instead of reverting them to None
  • Initialize planned_start and planned_stop fields when cloning a TestRun

Refactoring and testing

  • Start using webpack for JavaScript assets. Closes Issue #1262
  • Refactor duplicated setup in Telemetry pages. Closes Issue #1118
  • Add CodeQL workflow for GitHub code scanning
  • Make it possible to override attachments card title
  • Remove useless tooltip from Telemetry pages
  • Define page ID for each page that has a .ready() function
  • Replace deprecated jQuery syntax for .ready()
  • Remove duplicate populateProductVersion() function
  • Resolve all of the remaining eslint issues
  • Use more precise assert methods in tests

Translations

Kiwi TCMS Enterprise v11.7-mt

  • Based on Kiwi TCMS v11.7

  • Update dj-database-url from 1.0.0 to 1.2.0

  • Update django-python3-ldap from 0.15.3 to 0.15.4

  • Update django-ses from 3.2.2 to 3.3.0

  • Update kiwitcms-tenants from 2.3.2 to 2.4.0 to allow customization of tenant logo in navigation

  • Update python3-saml from 1.14.0 to 1.15.0

  • Add CodeQL workflow for GitHub code scanning

  • Adjust ldap commands for Ubuntu 22.04.1 during testing in CI

    Private images:

    quay.io/kiwitcms/version            11.7 (aarch64)          54ca241ac5ca    02 Jan 2023     595MB
quay.io/kiwitcms/version            11.7 (x86_64)           316d5d4865a1    02 Jan 2023     571MB
quay.io/kiwitcms/enterprise         11.7-mt (aarch64)       6657a3c197e8    02 Jan 2023     802MB
quay.io/kiwitcms/enterprise         11.7-mt (x86_64)        80f6d959d90a    02 Jan 2023     778MB

IMPORTANT: version tagged, multi-arch and Enterprise container images are available only to subscribers!

How to upgrade

Backup first! Then execute the commands:

cd path/containing/docker-compose/
docker-compose down
docker-compose pull
docker-compose up -d
docker exec -it kiwi_web /Kiwi/manage.py upgrade

Refer to our documentation for more details!

Happy testing!

---

If you like what we're doing and how Kiwi TCMS supports various communities please help us grow!