project 5.x-1.0

This release addresses an access bypass security issue, DRUPAL-SA-2007-020. Sites that try to restrict access to projects based on the 'access projects' or 'access own projects' permissions should upgrade immediately.

Other changes since 5.x-0.1-beta:

• #101292 by webchick and dww: Reorganize 'support' section of project page, make cleaner place to post support requests (phase 1: comment 11)
• #111902: add argument for packaging script to restrict to a single project
• #111323: allow maintainers to see unpublished release nodes (also related to #109181)
• #111658: module browsing pages ignores release publish status and 'enable releases' settings.
• #48580: provide module version info via xmlrpc by nedjo, merlinofchaos, dww, and much help from others.
• Correct typo in serialize
• #115756 by Arthaey (with minor cleanup by dww): project_release.install doesn't work for PostgreSQL (you can't create indexes inside CREATE TABLE statements on pgsql).
• #115625: browse-by-date has no pager when filtering by version. Thanks to merlinofchaos for helping to find the bug in the count_query SQL.
• #128718: faulter headers in merged .po files (we were missing the --use-first argument to msgcat).
• #126346: improper use of $may_cache in hook_menu() -- no links for project.module or project_release.module in admin/by-module pages.
• #105223: optimizing packaging script by removing excessive watchdog() calls (2 for *every* development snapshot release, even if we didn't repackage anything). Now, we only log a message when we do something.
• #141687 by Shiny: removing stray call to undefined function project_release_db_table_exists() under pgsql.
• Adding simple caching to project_release_compatibility_list(). This has the side-effect of fixing a potential E_ALL warning. ;)
• #143144: Add packaging datestamp to .info files.
• #136172: Fix protocol for update_status.module. We now use .xml files with the entire release history for each project, instead of XML-RPC. Adding a project-release-history.php script to generate the .xml files (meant to be run from cron, outside of Drupal), and a patch against project_release.module to add a new menu callback to serve the files. See also #124661, #125742, #128827, #136525, and #142120.
• removing silly, redundant descriptions for each set of checkboxes in the "Enabled sorting options" fieldset @ admin/project/project-settings.
• Adding a useful description for "Enabled sorting options" fieldset. ;)
• #143954: make packaging script more robust regarding file permissions
• #144569 by Andrew Sterling Hanenkamp: Project settings page missing help about the Projects vocabulary due to old settings URL.
• #149963 by dww and aclight: Projects overview page has bad links to taxonomy terms that don't belong to the "Projects" vocabulary, and the links don't include other goodness from taxonomy_link(), for example, mouse-over link titles for term descriptions, etc.
• #146910: Add the right Drupal core compatibility attribute to all .info files during packaging of releases, since D6 core now requires this attribute to run any modules or themes.
• #151490 by aclight: View CVS Messages should not be available if project has no repository set.
• #151342: removing version from .info in CVS in favor of cvs_deploy.module
• #151923: Project-generated vocabulary should be called "Project types".
• #151772 by aclight: field length in project_release form is too short.
• #152918: Project browsing pages don't honor the "active compatibility terms" setting, nor the published bit on release nodes. The totals for each category are wrong on the "Browse by category" summary page, and projects are displayed that have no published release nodes.
• #58630 by aclight: Fixing project breadcrumbs on the "View CVS messages" and "Developers" pages, along with a better version of project_project_set_breadcrumb() to make it easier to get breadcrumbs right in other places in the project* codebase.
• #151923: Fixing help text at admin/project/project-settings to use the current name of the project vocabulary instead of hard-coding it.
• #155281: Register the menu callback for serving up .xml release history files at /release-history/[project-name]/[core-version] so that we have lots of flexibility to use a thin php wrapper etc. instead of full Drupal.
• Updated POT for translation
• #153973: Require admins to publish security update releases.
• Updated POT including all fixes in #155727
• #155996 by hass and drewish: Removed MyISAM settings from MySQL statements.
• #145755 by aclight: Fixed array_merge() error in releases subtab of project edit tab by unnecessary definition of $form['#validate'].
• #151892 by aclight: Use per-project logic to determine handling of certain CVS-related things by introducing a project_use_cvs() function that checks both that cvs.module is enabled, _and_ that the particular project node you pass in is configured to point to a CVS repository. This will need to be refactored for versioncontrol_api in the near future, but this is an important bug fix in the mean time.
• #154280 by aclight and dww: Project edit access not revoked if user has cvs privilages disabled. Also, immediately revoke CVS access in this case instead of waiting for the passwd file to be regenerated.
• #157691 by hass: ancestors() is deprecated in jQuery 1.1.* and later, and parents() works even in jQuery 1.0.*.
• #159321: "Automatically generated path..." on project edit form needs a div.
• #155727 by hass: "Project" should be capitalized in project_node_info() for D5 and beyond.
• #155727: "Go" button should be called "Filter" on the version filter form for the download browsing pages.
• Fixing a place where a t() placeholder was using ! and doing check_plain() manually, instead of just using @.
• Fixing code style for string concatenations.
• #155727 by dww: Fixing improper use of dynamic content inside t().
• #155727 by hass and dww: Fixing some minor t() and XHTML validation bugs.
• #105224 by aclight, bonzinip and dww: The download table is broken if a release has no file attached (bogus date, size, and download link).
• #158446 by aclight: Converted project_release_download_link() into a theme function so that sites can easily modify link attributes, appearance, or anything else they can't change via the admin UI.
• #150485 by aclight and dww: You can now theme the output of download tables.
• #58630 by aclight and dww (slightly modified version of patch 7): Fixing breadcrumbs on release nodes for the 'add' and 'edit' forms.
• #157769 by aclight: Print a "Login or register to create an issue" link for anonymous users when viewing a project node (see #102395).
• #157769 by dww: Fixed critical bug from #151892 where the "Restrict project creation to users with CVS accounts" setting was being ignored due to over-zealous use of project_use_cvs() on a node that doesn't exist yet instead of simply testing module_exists('cvs').
• #161552 by dww: Fixed another bug from #151892 where people with CVS access couldn't add or edit release nodes for projects they didn't own.
• #163464 by hunmonk -- make project select query SQL compliant.
• #163288 by pwolanin and dww: Added caching for project_release_table().
• #163574 by pwolanin and dww: Added better blacklist for project names.
• #163865 by dww: Fixed a PHP5 warning on the project browsing pages.
• #163865 by dww: Additional cleanup of the PHP5 warning for project browsing.
• #163865 by dww: Fixed PHP 5.2 error in package-release-nodes.php.
• #162456 by dww: Fixed title on browse by category pages.
• #159334 by dww: Fixed translation bugs and improved help text about the project vocabulary on the settings page. The text is now displayed at admin/content/taxonomy if you view the "Project type" vocabulary.
• #57667 by dww: Removed the code trying to display help text about using the "Project type" vocabulary when adding or editing project nodes. The code didn't work, so it wasn't displaying anyway, and the UI has been so majorly improved (#64221) that the help isn't needed.
• #127875 by dww: Fixed SQL syntax error when viewing a release download table on a site with no active "Project release API compatibility" terms.
• #162531 by dww: Removed inappropriate implementation of hook_link(). It was buggy, too (there was no link) so there's no visible change.
• #164615: Fixed typo in project_release_project_edit_form()
• #119860 by swood, drewish, dww, CSCharabaruk, et al: Added an implementation of hook_file_download() so that files attached to release nodes can be downloaded on sites with private file handling.
• #163586 by dww: Fixed bug in the SQL queries that generate the project browsing pages were releases without a file were needlessly filtered out.
• #164592: To aid debugging of packaging cron runs, always echo everything to the screen that we log in watchdog(). This makes it easier to spot problems when running the script interactively, and
  doesn't hurt in the cron case, since std(out|err) go to /dev/null.
• #159892 by dww: Ripped out menu callback for serving release .xml files. See project-release-serve-history.php in this directory, instead.
• #164846: Ripped out XML-RPC server code for update_status 5.x-1.* clients. (This code has been moved into a legacy module only for use on d.o).
• #159892 by dww: Enhanced project_release_update_5001() to print queries.
• Adding Chad as a co-maintainer and other minor cleanup
• Re-adding the Name RCS keyword
• Adding link to TODO list: http://groups.drupal.org/node/5489
• #165410 by killes: Removed some dead code in project_page_overview() (added via #99759 in revision 1.259 during the 5.x port, only in HEAD).
• #133052: Added explicit dependency on taxonomy, since project_release requires it (at least for now).
• #167105 by dww: Added hook_uninstall() for project and project_release.
• #168431 by aclight and dww: Projects that don't use CVS had misleading text on the "View all releases" page if there were no published releases. Now, the text makes sense whether or not CVS is being used.
• #114281 and #168760 (SA-2007-020) by dww: Fixed numerous access bugs.