Date: Mon, 15 Nov 2021 10:36:50 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 259850] www/matomo: update 4.2.1 --> 4.5.0 Message-ID: <bug-259850-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D259850 Bug ID: 259850 Summary: www/matomo: update 4.2.1 --> 4.5.0 Product: Ports & Packages Version: Latest Hardware: Any URL: https://matomo.org/changelog OS: Any Status: New Keywords: patch Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: joneum@FreeBSD.org Reporter: andrej@ebert.su CC: andrej@ebert.su Assignee: joneum@FreeBSD.org Flags: maintainer-feedback?(joneum@FreeBSD.org) Attachment #229506 maintainer-approval?(andrej@ebert.su) Flags: CC: andrej@ebert.su Flags: maintainer-feedback+ Created attachment 229506 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D229506&action= =3Dedit git diff Update to 4.5.0 I also added a patch to supress the file integrity warning caused by the shebangfix to misc/log-analytics/import_logs.py and changed the pkg-message (change to the recommended apache config + upgrade message) Major Changes: ## Matomo 4.4.0 ### Breaking Changes * The `logme` method for [automatic logins](https://matomo.org/faq/how-to/faq_30/) is now disabled by default f= or new installations. For existing installations it will be enabled automatica= lly on update. If you do not need it please consider disabling it again for security reasons by setting `login_allow_logme =3D 0` in `General` section = of `config.ini.php`. * The redirect using the `url` param for the automatic login action `logme`, will no longer do redirects to untrusted hosts. If you need to do redirects= to other URLs on purpose, please add the according hosts as `trusted_hosts` en= try in `config.ini.php` ### New config.ini.php settings * When determining the client IP address from proxy headers like X-Forwarded-For, Matomo will by default look at the first IP in the list. If you need to read the last IP instead, the new INI config option `[General] proxy_ip_read_last_in_list` be set to `1`. Using the last IP can be more se= cure when you are using proxy headers in combination with a load balancer. * Matomo logs can now be written into "errorlog" (logs using the error_log() php function) and "syslog" (logs to the syslog service) (to complement exis= ting log writers: "screen", "file", "database"). [Learn more.](https://matomo.org/faq/troubleshooting/faq_115/) ### New commands * Added new command `core:version` which returns the Matomo version number. ## Matomo 4.3.1 ### New commands * Added new command `core:create-security-files` which creates some web ser= ver security files if they haven't existed previously (useful when using for example Apache or IIS web server). ## Matomo 4.3.0 ### JavaScript Tracker #### Breaking changes in Matomo JS tracker * Before the JS tracker method, `enableLinkTracking` did not follow the DOM changes, from this version when the DOM updates, Matomo automatically adds event listeners for new links on the page. It makes it easier to track clic= ks on links in SPAs. From this version, if we use the `addListener` method to = add event listener manually after the DOM has changed and the `enableLinkTracki= ng` is turned on we will track the click event for that element twice. ### Breaking Changes * Before every JS error was tracked, from this version the same JS error wi= ll be only tracked once per page view. If the very same error is happening multiple times, then it will be tracked only once within the same page view= . If another page view is tracked or when the page reloads, then the error will = be tracked again. * It's no longer possible to store any class instances directly in the sess= ion object. Please use arrays or plain data instead. ### Upcoming Breaking Changes * In Matomo 4.3.0 we have added a 'passwordConfirmation' parameter to the CorePluginsAdmin.setSystemSettings API method. It is currently optional, but will become mandatory in version 4.4.0. Plugin developers and users of the = API should make sure to update their plugins and apps before this happens. ### New config.ini.php settings * The `password_hash_algorithm`, `password_hash_argon2_threads`, `password_hash_argon2_memory_cost` and `password_hash_argon2_time_cost` INI config options have been added to allow using specific `password_hash` algorithms and options if desired. * The `enable_php_profiler` INI config option was added. This must now be s= et to 1 before profiling is allowed in Matomo. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-259850-7788>