1
.. Licensed under the Apache License, Version 2.0 (the "License"); you may not
2
.. use this file except in compliance with the License. You may obtain a copy of
5
.. http://www.apache.org/licenses/LICENSE-2.0
7
.. Unless required by applicable law or agreed to in writing, software
8
.. distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
9
.. WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
10
.. License for the specific language governing permissions and limitations under
25
.. _release/1.2.x/upgrade:
32
This version drops support for the database format that was introduced in
33
version 0.9.0. Compact your older databases (that have not been compacted
34
for a long time) before upgrading, or they will become inaccessible.
38
:ref:`release/1.2.1` contains important security fixes. Previous `1.2.x`
39
releases are not recommended for regular usage.
44
The interface to the ``_users`` and ``_replicator`` databases have been
45
changed so that non-administrator users can see less information:
47
* In the ``_users`` database:
49
* User documents can now only be read by the respective users, as well as
50
administrators. Other users cannot read these documents.
51
* Views can only be defined and queried by administrator users.
52
* The ``_changes`` feed can only be queried by administrator users.
54
* In the ``_replicator`` database:
56
* Documents now have a forced ``owner`` field that corresponds to the
57
authenticated user that created them.
58
* Non-owner users will not see confidential information like passwords or
59
OAuth tokens in replication documents; they can still see the other
60
contents of those documents. Administrators can see everything.
61
* Views can only be defined and queried by administrators.
66
The new optional (but enabled by default) compression of disk files requires
67
an upgrade of the on-disk format (5 -> 6) which occurs on creation for new
68
databases and views, and on compaction for existing files. This format is not
69
supported in previous releases, so rollback would require replication to the
70
previous CouchDB release or restoring from backup.
72
Compression can be disabled by setting ``compression = none`` in your
73
``local.ini`` ``[couchdb]`` section, but the on-disk format will still be
85
* Fixed issue in `couchdb` script where stopped status returns before process
91
* Reset rewrite counter on new request, avoiding unnecessary request failures
92
due to bogus rewrite limit reports.
103
* Fix couchdb start script.
104
* Win: fix linker invocations.
109
* Disable buttons that aren't available for the logged-in user.
114
* No longer rewrites the ``X-CouchDB-Requested-Path`` during recursive
115
calls to the rewriter.
116
* Limit recursion depth in the URL rewriter. Defaults to a maximum
117
of 100 invocations but is configurable.
122
* Fixed :ref:`cve/2012-5641`
123
* Fixed :ref:`cve/2012-5649`
124
* Fixed :ref:`cve/2012-5650`
129
* Fix potential timeouts.
134
* Change use of signals to avoid broken view groups.
145
* Fix use of OAuth with VHosts and URL rewriting.
146
* OAuth secrets can now be stored in the users system database
147
as an alternative to key value pairs in the .ini configuration.
148
By default this is disabled (secrets are stored in the .ini)
149
but can be enabled via the .ini configuration key `use_users_db`
150
in the `couch_httpd_oauth` section.
151
* Documents in the _users database are no longer publicly
153
* Confidential information in the _replication database is no
154
longer publicly readable.
155
* Password hashes are now calculated by CouchDB. Clients are no
156
longer required to do this manually.
157
* Cookies used for authentication can be made persistent by enabling
158
the .ini configuration key `allow_persistent_cookies` in the
159
`couch_httpd_auth` section.
164
* cURL is no longer required to build CouchDB as it is only
165
used by the command line JS test runner. If cURL is available
166
when building CouchJS you can enable the HTTP bindings by
167
passing -H on the command line.
168
* Temporarily made `make check` pass with R15B. A more thorough
169
fix is in the works (:issue:`1424`).
170
* Fixed --with-js-include and --with-js-lib options.
171
* Added --with-js-lib-name option.
176
* The `Status` screen (active tasks) now displays two new task status
177
fields: `Started on` and `Updated on`.
178
* Futon remembers view code every time it is saved, allowing to save an
179
edit that amounts to a revert.
184
* Added a native JSON parser.
185
* The _active_tasks API now offers more granular fields. Each
186
task type is now able to expose different properties.
187
* Added built-in changes feed filter `_view`.
188
* Fixes to the `_changes` feed heartbeat option which caused
189
heartbeats to be missed when used with a filter. This caused
190
timeouts of continuous pull replications with a filter.
191
* Properly restart the SSL socket on configuration changes.
196
* Updated bundled `erlang_oauth` library to the latest version.
201
* A new replicator implementation. It offers more performance and
202
configuration options.
203
* Passing non-string values to query_params is now a 400 bad
204
request. This is to reduce the surprise that all parameters
205
are converted to strings internally.
206
* Added optional field `since_seq` to replication objects/documents.
207
It allows to bootstrap a replication from a specific source sequence
209
* Simpler replication cancellation. In addition to the current method,
210
replications can now be canceled by specifying the replication ID
211
instead of the original replication object/document.
216
* Added optional database and view index file compression (using Google's
217
snappy or zlib's deflate). This feature is enabled by default, but it
218
can be disabled by adapting local.ini accordingly. The on-disk format
219
is upgraded on compaction and new DB/view creation to support this.
220
* Several performance improvements, most notably regarding database writes
222
* Computation of the size of the latest MVCC snapshot data and all its
223
supporting metadata, both for database and view index files. This
224
information is exposed as the `data_size` attribute in the database and
225
view group information URIs.
226
* The size of the buffers used for database and view compaction is now
228
* Added support for automatic database and view compaction. This feature
229
is disabled by default, but it can be enabled via the .ini configuration.
230
* Performance improvements for the built-in changes feed filters `_doc_ids`
236
* Add CoffeeScript (http://coffeescript.org/) as a first class view server
238
* Fixed old index file descriptor leaks after a view cleanup.
239
* The requested_path property keeps the pre-rewrite path even when no VHost
240
configuration is matched.
241
* Fixed incorrect reduce query results when using pagination parameters.
242
* Made icu_driver work with Erlang R15B and later.