Releases for Update Status

Changes since 5.x-2.1:

• #216750 by dww: Fixed an important bug where releases from higher branches than the currently installed version were not ignored in all cases. This resulted in bogus security warnings and faulty information being printed about development snapshot releases (#216309).
• #216366 by dww: Restored ability to ignore projects that are missing security updates or have been unpublished/revoked. This bug was introduced in version 5.x-2.1 via #197186.
• #216632 by webernet, dww: Improved accessibility of the available updates report by adding alt tags and title attributes to the icons.
• #217771 by dww: Added some CSS to prevent wrapping of release dates when viewing the available updates report with a narrow window.

This release fixes some critical bugs and includes the final changes to the update.module that is now part of Drupal core 6.x.

Please note that the API between Update status and the CVS deploy module has changed with this release. Any sites that are deploying Drupal modules via CVS that wish to use this release must upgrade to CVS deploy version 5.x-1.1.

Bugs fixed since version 5.x-2.0:

• #208687 by dww: Fixed major bug that printed bogus results and recommended that users downgrade to an older version when a site upgraded a module or Drupal core but did not manually refresh the available update data. Now, before using the cached available update data, the code ensures that none of the .info files have been changed since the last time it fetched data.
• #197186 by dww: Backport of major update.module patch from D6 core:
  • Fixed bug where update_status would not warn sites when a currently installed release or an entire project being used has been unpublished.
  • Added support for project maintainers that want to support multiple major versions (branches) for one version of core.
  • Added support for flagging both individual releases and projects as "unsupported" or "insecure", to pave the way for new workflows (instead of just unpublishing things) for the Drupal security team and project maintainers.
  • Reorganized and simplified some code to avoid duplication and needless complications.
• #184900 by webernet: Fixed bug where email wasn't getting sent in some cases when it should have been.
• #196775 by dww: Fixed a bug that caused truncated error messages to be displayed when the site is running an insecure version of core.
• #168352: Fixed small typo in settings description text.

Other changes since version 5.x-2.0:

• #200028 by agentrickard, dww: Significantly enhanced performance of the admin/* pages by adding DB caching for the list of installed modules and their current status. The cache is cleared every time new available release data is fetched, every time the admin visits the modules page, status report, or available updates report, or every hour if nothing else clears it before that.
• #158526 by dww: Changed the hook_version_alter() API exposed by update_status to be hook_system_info_alter() so that all attributes in the .info files can be altered. This API change is required to fix some bugs in the http://drupal.org/cvs_deploy module, which is the only known user of this API.
• #178892 by webchick: Use an API function to get the private key.
• #212813 by dww: Project status information on the status report is now linked to the admin/logs/updates page (usability enhancement).
• #211403 by dww: Removed fallback code for determining the project based on the directory. This code only matters if you deploy from CVS, and doesn't work if you install into subdirectories of the 'modules' folder (for example, sites/all/modules/contrib/foo). For cvs_deploy to fix this problem (#184664) correctly, the heuristic code here must go.
• #168828 by dww: Added note to README.txt about the requirement that httpd needs to be able to initiate outbound network connections.

This is the first official, stable release of the the 5.x-2.* series. This is very similar to the code that is now in the 6.x series of Drupal core. This contains numerous improvements over the 5.x-1.* series:

• Security releases are flagged on the available updates report, and every administrative page on the site will warn the site administrator when a security update is missing.
• Added the ability to only warn if the site is missing security updates, instead of warning if there are any new official releases available.
• Added optional e-mail notifications when the site is out of date.
• Improved support for modules with more than one branch for a given version of Drupal core.
• More information is now presented on the available updates report, such as available beta releases or releases from other branches, what modules on the site are included in each project, and so on. See the screenshot for some examples.
• The available update report now performs date-based comparisons for development snapshots.
• Anonymous usage statistics are now reported to drupal.org (see #128827 and #165380 for more information).
• Added an uninstall method. It is important that when sites are getting ready to upgrade to Drupal core 6.x that they disable and uninstall the 5.x-2.* version of update_status before upgrading. This will prevent any conflicts or problems, since this functionality is now included in Drupal core's update.module.
• All logic involving sites that deploy directly from CVS has been moved into the CVS deploy module.
• Added fine-grained settings to ignore newer releases of certain projects. This also includes the ability to specify a note as to why a given project or release is being ignored, and the note will be displayed on the available updates report.

For a complete list of changes in the 5.x-2.* series, please see the CHANGELOG.

The specific changes since 5.x-2.0-rc2 are:

• #165695: Added another database update to completely rebuild the menu since the "Check manually" path moved to "admin/logs/updates/check".
• #165638: Improved usability for the "Check manually" link on the update report by wrapping it in () and adding some padding.
• #155483: Simplified the description of the email notification setting.
• #155878: Re-use the same t() string for both the watchdog() and drupal_set_message() when fetching information about available updates.
• Added or updated translations:
  • Czech (cs)
  • German (de)
  • Greek (el)
  • Hungarian (hu)
  • Italian (it)
  • Norwegian (nb)

Note: for the first few hours of its existance, this release had a minor problem where database update 5202 would generate some warning messages on sites using PHP5. These warnings are harmless, and can be safely ignored. However, to avoid confusion and support requests, this problem has been fixed in the tarball with "7a529169eae6cc8b2a1a610157695ca5" as the md5sum.

Changes since 5.x-2.0-rc:

• #155483: Backported numerous improvements from update.module in D6 core:
  • General:
    • The module now nags site administrators on admin/* if the site is missing a security update.
    • Added a drupal_set_message() when fetching data manually (success or failure) and cleaned up wording of watchdog().
    • Added watchdog() error message when you can't fetch any data.
    • The menu callback for manually checking is now at 'admin/logs/updates/check'.
    • Lots of internal improvements to the code to improve clarity.
  • Available updates report:
    • Used format_interval() for the "Last checked:" date and time.
    • Removed the "Ignored" part whenever a row on the update report is yellow, except for when something is ignored because of the settings.
    • Changed the wording when the "Notification threshold" is set to "Only security updates", and you have a non-security update available. Now, it just says "Update available".
    • Added support for a variable to override the default fetch URL.
  • Settings page:
    • Moved the email notification setting to the top of the page.
    • Renamed "Error threshold" to "Notification threshold" and improved the description.
    • Fixed t() bug in form_set_error() during email validation.
    • Removed the setting to opt out of the usage reporting. No one who's willing to run this module in the first place could possibly complain about the random string appended as a query arg on the fetch URL, and the extra setting needlessly complicates the settings page.
• Fixed a notice on the status report page when the available update cache is empty: we were generating a 1/2 constructed line for core and a full line for contrib. Now, if the cache is empty, we just generate the warning line for core and nothing for contrib.
• Fixed minor bug: the status report text was missing a space.
• Fixed bug caused by variable name typo: $base_util vs. $base_url.
• Made the status report table all 100% wide for a more consistent UI.
• #155281: Use flexible path for serving/fetching release history.
• #155428: Removed the human-readable menu path from the notification email since it was considered a burden to translate.
• Added an implementation of hook_uninstall() to purge variables. It's important that when sites running this want to upgrade to D6 that they first uninstall this module, or they'll be left with stale variables.
• Updated README.txt to reflect recent changes and to mention uninstalling the module before upgrading to 6.x core.

This is a (hopefully final) release candidate (RC) before the official 5.x-2.0 release. At this point, no new features will be added. Changes since 5.x-2.0-beta2:

• #124715: Added setting for email notifications when updates are available.
• #154868: Fixed bugs and inconsistencies with security update warnings.
• #153757: Renamed the "Warning threshold" setting to "Error threshold".
• #149079: A few CSS tweaks and fixes for recommended version:
  • Renamed the CSS class to "version-recommended-strong" to indicate it's the strongly recommended version among many (the old name, "version-recommended-not-latest" isn't good since "Latest" isn't the only possible thing we're distinguishing against).
  • Fixed classes so that if we're recommending a security release, it gets the subtle "zebra" stripe, too.
• #154689: Restored the CSS classes on the per-project settings table, (and made them consistent across all rows), but made them more specific to avoid name conflicts.
• Fixed minor glitch in the logic for when to display the 'Development version'.
• Fixed bug in hook_version_alter() invocation for CVS deploy integration.
• Updated screenshot to show off recent UI and functionality improvements.

Changes since 5.x-2.0-beta

Bugs fixed:

• #153756: Fixed math bug when comparing the timestamps of development snapshots.
• #153798: Fixed warning logic for development snapshots and flag security updates.
• #153502: Made update_status E_ALL compliant.
• #154540: Minor wording fixes for the UI and help texts.
• #153569: Fixed obscure CSS problem for Firefox 2.0.0.4 on Windows XP.
• #154689: Settings page looked bad in marvin theme due to CSS class conflict.
• Don't clear the update_status cache when an admin saves the system themes page, since in 5.x, there is no information about theme updates.

New features and enhancements:

• #153741: Added support for optionally reporting anonymous usage statistics.
• #153757: Added a setting to only warn when there are security updates.
• #154049: Added a setting to control how frequently to check for updates.
• #146564: Major performance gain for fetching available update data: directly fetch the .xml files instead of going through the Drupal menu callback inside project_release.module.
• #153783: Don't hard-code dark black (#000) in update_status.css, use theme's default foreground color.
• #149079: Further visual clarity about the recommended version: use a subtle "zebra stripe" with a slightly lighter shade of the status color for the entire recommended version line.
• Completely re-wrote the README to match 5.x-2.* reality.

Changes since update_status 5.x-1.2

• Major re-write to use a whole new system for finding available updates.
• Lots of improvements to the user interface and internals of the code.
• #125742: The status report indicates updates involving security issues.
• #149918: Add support for "Also available" entries in the status report.
• #150316: All CVS-specific code has been moved into the CVS Deploy module (http://drupal.org/project/cvs_deploy)
• #144694: Available update data now stored in the {cache} table instead of the {variables} table for better performance and functionality.
• #149921: Clear update_status cache when you enable/disable modules.
• #145095: Core modules were not always considered part of Drupal core.
• #141507: Fixed bug in the links to manually run cron to find updates.
• #151734: Display the administrator's note when a project is ignored due to the settings.
• #149079: Highlight the 'Recommended' version if there are other things listed ('Latest version', 'Also available', etc).

Development snapshot for the 5.x-2.* series, based on the new .xml file protocol instead of the older XML-RPC interface.

To see a complete list of changes made in this release series, please read the CHANGELOG.txt file from the DRUPAL-5--2 branch.

Version 1.1 of the update status module will try to guess at the project your modules from CVS come from (as well as very old modules from drupal.org); it also allows you to turn off notification for particular modules. It also fixes some UI bugs and adds functionality to the interface.

Version 1.2 fixes the notification part of this, which was a little bit broken.

Version 1.1 of the update status module will try to guess at the project your modules from CVS come from (as well as very old modules from drupal.org); it also allows you to turn off notification for particular modules. It also fixes some UI bugs and adds functionality to the interface.

Initial release