Posted on 2022-01-24 by Eduard Heimbuch
Hey SCM-Manager Community,
you may have read our last blog post warning you about a Path Traversal vulnerability in SCM-Manager. If you haven't already, please update your instance to the latest SCM-Manager version as soon as possible to fix this issue.
We have already been working on an alert system that will warn you directly in your instance when a vulnerability is found that affects your installed SCM-Manager core and plugin versions. To make sure you don't miss any important patches, each user is notified of existing security vulnerabilities. These alerts in the header will only appear if there are known vulnerabilities that affect your installed versions.
Another code related feature we have added is 'Compare'. You can now create diffs and list changesets between two branches, tags or revisions. This function can be found on the branch/tag detail page and at the top of the source viewer.
Note: For revisions you can use the shortened version, but it must be a unique identifier.
0b4c742 instead of
SCM-Manager uses the autocomplete component in several forms. We have taken into account the feedback we have received about this component over the past few months and have revised it. The biggest change for you should be that we now use autocomplete for repository namespaces in the creation form.
Are you still missing an important feature? How can SCM-Manager help you improve your work processes? We would love to hear from you about what you need most!