From nobody Mon Nov 15 10:36:50 2021 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 56A2718473A4 for ; Mon, 15 Nov 2021 10:36:51 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ht5GW0nDWz4XFc for ; Mon, 15 Nov 2021 10:36:51 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E10A01824A for ; Mon, 15 Nov 2021 10:36:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 1AFAaoPm067577 for ; Mon, 15 Nov 2021 10:36:50 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 1AFAao9i067576 for ports-bugs@FreeBSD.org; Mon, 15 Nov 2021 10:36:50 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 259850] www/matomo: update 4.2.1 --> 4.5.0 Date: Mon, 15 Nov 2021 10:36:50 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: andrej@ebert.su X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: joneum@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? maintainer-feedback+ X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform bug_file_loc op_sys bug_status keywords bug_severity priority component assigned_to reporter cc flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D259850 Bug ID: 259850 Summary: www/matomo: update 4.2.1 --> 4.5.0 Product: Ports & Packages Version: Latest Hardware: Any URL: https://matomo.org/changelog OS: Any Status: New Keywords: patch Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: joneum@FreeBSD.org Reporter: andrej@ebert.su CC: andrej@ebert.su Assignee: joneum@FreeBSD.org Flags: maintainer-feedback?(joneum@FreeBSD.org) Attachment #229506 maintainer-approval?(andrej@ebert.su) Flags: CC: andrej@ebert.su Flags: maintainer-feedback+ Created attachment 229506 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D229506&action= =3Dedit git diff Update to 4.5.0 I also added a patch to supress the file integrity warning caused by the shebangfix to misc/log-analytics/import_logs.py and changed the pkg-message (change to the recommended apache config + upgrade message) Major Changes: ## Matomo 4.4.0 ### Breaking Changes * The `logme` method for [automatic logins](https://matomo.org/faq/how-to/faq_30/) is now disabled by default f= or new installations. For existing installations it will be enabled automatica= lly on update. If you do not need it please consider disabling it again for security reasons by setting `login_allow_logme =3D 0` in `General` section = of `config.ini.php`. * The redirect using the `url` param for the automatic login action `logme`, will no longer do redirects to untrusted hosts. If you need to do redirects= to other URLs on purpose, please add the according hosts as `trusted_hosts` en= try in `config.ini.php` ### New config.ini.php settings * When determining the client IP address from proxy headers like X-Forwarded-For, Matomo will by default look at the first IP in the list. If you need to read the last IP instead, the new INI config option `[General] proxy_ip_read_last_in_list` be set to `1`. Using the last IP can be more se= cure when you are using proxy headers in combination with a load balancer. * Matomo logs can now be written into "errorlog" (logs using the error_log() php function) and "syslog" (logs to the syslog service) (to complement exis= ting log writers: "screen", "file", "database"). [Learn more.](https://matomo.org/faq/troubleshooting/faq_115/) ### New commands * Added new command `core:version` which returns the Matomo version number. ## Matomo 4.3.1 ### New commands * Added new command `core:create-security-files` which creates some web ser= ver security files if they haven't existed previously (useful when using for example Apache or IIS web server). ## Matomo 4.3.0 ### JavaScript Tracker #### Breaking changes in Matomo JS tracker * Before the JS tracker method, `enableLinkTracking` did not follow the DOM changes, from this version when the DOM updates, Matomo automatically adds event listeners for new links on the page. It makes it easier to track clic= ks on links in SPAs. From this version, if we use the `addListener` method to = add event listener manually after the DOM has changed and the `enableLinkTracki= ng` is turned on we will track the click event for that element twice. ### Breaking Changes * Before every JS error was tracked, from this version the same JS error wi= ll be only tracked once per page view. If the very same error is happening multiple times, then it will be tracked only once within the same page view= . If another page view is tracked or when the page reloads, then the error will = be tracked again. * It's no longer possible to store any class instances directly in the sess= ion object. Please use arrays or plain data instead. ### Upcoming Breaking Changes * In Matomo 4.3.0 we have added a 'passwordConfirmation' parameter to the CorePluginsAdmin.setSystemSettings API method. It is currently optional, but will become mandatory in version 4.4.0. Plugin developers and users of the = API should make sure to update their plugins and apps before this happens. ### New config.ini.php settings * The `password_hash_algorithm`, `password_hash_argon2_threads`, `password_hash_argon2_memory_cost` and `password_hash_argon2_time_cost` INI config options have been added to allow using specific `password_hash` algorithms and options if desired. * The `enable_php_profiler` INI config option was added. This must now be s= et to 1 before profiling is allowed in Matomo. --=20 You are receiving this mail because: You are the assignee for the bug.=