Releases: Kozea/Radicale
3.5.8 Features+Fixes+Extensions
Extensions
- Extend [auth]: re-factor & overhaul LDAP authentication, especially for Python's ldap module
Fixes
- Fix: out-of-range timestamp on 32-bit systems
- Fix: format_ut problem on 32-bit systems
Features
- Feature: extend logging with response size in bytes and flag served as plain or gzip
- Feature: [storage] strict_preconditions: new config option to enforce strict preconditions check on PUT in case item already exists [RFC6352#9.2]
Documentation
- Doc: Telugu translation
3.5.7 for PyPI
3.5.7 for PyPI, extra published because of a glitch in release process did publish too early :-(
3.5.7 Fixes+Extensions+Adjustments
Extensions
- Extend: [auth] dovecot: add support for version >= 2.4
Fixes
- Fix: report/getetag with enabled expand
Adjustments
- Adjust: use of option [auth] ldap_ignore_attribute_create_modify_timestamp for support of Authentik LDAP server
3.5.6 Improvements+Fixes+Features
Fixes:
- Fix: broken start when UID does not exist (potential container startup case)
Improvements:
- Improve: user/group retrievement for running service and directories
Extensions:
- Extend/Improve: [auth] ldap: group membership lookup
Features:
- Add: [auth] remote_ip_source: set the remote IP source for auth algorithms
RPMs for Enterprise Linux and Fedora: https://koji.fedoraproject.org/koji/packageinfo?packageID=16893
EL10 build is only available in "epel10" ("epel10_2") and "epel10.1" ("epel10_1") as "epel10_0" misses build of python3-passlib still (see https://bugzilla.redhat.com/show_bug.cgi?id=2321338)
3.5.5 Improvements+Fixes+Features
Improvements
- Improve: [auth] ldap: do not read server info by bind to avoid needless network traffic
- Improve: add details about platform and effective user on startup
- Improve: display owner+permissions on directories on startup, extend error message in case of missing permissions
- Improve: add options [logging] trace_on_debug and trace_filter for supporting trace logging
- Improve: catch items having tzinfo only on dtstart or dtend set for whatever reason, overtake tzinfo from the other one
- Improve: conditional log level for base_prefix strip action depending on auth and web type
Fixes
- Fix: [storage] broken support of 'folder_umask'
- Fix: logging ignores not retrievable get_native_id if not supported by OS
- Fix: report with enabled expand honors now provided filter proper
- Fix: catch case where getpwuid is not returning a username
- Fix: add support for query without comp-type
- Fix: expanded event with dates are missing VALUE=DATE
- Fix: storage hook path now added to DELETE, MKCOL, MKCALENDAR, MOVE, and PROPPATCH
Features
- Feature: add hook for server-side e-mail notification
- Add: [hook] dryrun: option to disable real hook action for testing, add tests for email+rabbitmq
- Add: storage hook placeholder now supports "request" and "to_path" (MOVE only)
RPMs for Enterprise Linux and Fedora: https://koji.fedoraproject.org/koji/packageinfo?packageID=16893
EL10 build is only available in "epel10" ("epel10_1") as "epel10_0" misses build of python3-passlib still (see https://bugzilla.redhat.com/show_bug.cgi?id=2321338)
3.5.4 Improvements+Enhancements (Minor)
Improvement
- item filter enhanced for 3rd level supporting VALARM and honoring TRIGGER (offset or absolute)
Enhancement
- add Caddy config file example (see contrib directory)
RPMs for Enterprise Linux and Fedora: https://koji.fedoraproject.org/koji/packageinfo?packageID=16893
EL10 build done 2025-05-28 as all dependencies were resolved now: https://bugzilla.redhat.com/show_bug.cgi?id=2318480
3.5.3 Adjustments/Improvements
Extensions
- Add: [auth] htpasswd: support for Argon2 hashes
- Add: [auth] urldecode_username: optional decode provided username (e.g. encoded email address)
Improvements
- Improve: catch error on calendar collection upload and display problematic item content on debug level
RPMs for Enterprise Linux and Fedora: https://koji.fedoraproject.org/koji/packageinfo?packageID=16893
EL10 build still pending build of dependencies https://bugzilla.redhat.com/show_bug.cgi?id=2318480
3.5.2 Fixes/Adjustments/Extensions
Adjustments
- Adjust: [auth] ldap: use ldap_user_attr either first element of list or directly
Fixes
- Fix: use value of property for time range filter
- Fix: return 204 instead of 201 in case PUT updates an item
Extensions
- Add: [auth] ldap: option ldap_security (none, startls, tls) for additional support of STARTTLS, deprecate ldap_use_ssl
- Extend: log PYTHONPATH on startup if found in environment
RPMs for Enterprise Linux and Fedora: https://koji.fedoraproject.org/koji/packageinfo?packageID=16893
(sine 3.5.0 with new sub-packages for bundled "InfCloud")
EL10 build still pending build of dependencies https://bugzilla.redhat.com/show_bug.cgi?id=2318480
3.5.1 Extensions/Fixes
Extensions
- Add: option [auth] ldap_ignore_attribute_create_modify_timestamp for support of Authentik LDAP server
- Extend: [storage] hook supports now placeholder for "cwd" and "path" (and catches unsupported placeholders)
- Extend: log and create base folders if not existing during startup
Fixes
- Fix: auth/htpasswd related to detection and use of bcrypt
- Fix: location of lock file for in case of dedicated cache folder is activated
Adjustments
- Adjust: [auth] ldap: use _ldap_user_attr as string
RPMs for Enterprise Linux and Fedora: https://koji.fedoraproject.org/koji/packageinfo?packageID=16893
(sine 3.5.0 with new sub-packages for bundled "InfCloud")
EL10 build still pending build of dependencies https://bugzilla.redhat.com/show_bug.cgi?id=2318480
3.5.0 Features/Adjustments/Improvements/Fixes
Attention
- Default type for authentication changed from "none" to "denyall" to prevent unexpected access after initial installation (secure-by-default)
- Reverse proxy base prefix stripping was adjusted/fixed, in case of issues check new option and your reverse proxy configuration
- InfCloud WebUI can be now be served "bundled", see https://github.com/Kozea/Radicale/wiki/Client-InfCloud
Features
- Add: option [auth] type oauth2 by code migration from https://gitlab.mim-libre.fr/alphabet/radicale_oauth/-/blob/dev/oauth2/
- Add: option [auth] type pam by code migration from v1, add new option pam_serivce
- Add: option [server] script_name for reverse proxy base_prefix handling
- Add: on-the-fly link activation and default content adjustment in case of bundled InfCloud (tested with 0.13.1)
- Add: warning in case of started standalone and not listen on loopback interface but trusting external authentication
Adjustments
- Adjust: [auth] imap: use AUTHENTICATE PLAIN instead of LOGIN towards remote IMAP server
- Adjust: Change default [auth] type from "none" to "denyall" for secure-by-default
Improvements
- Improve: relax mtime check on storage filesystem, change test file location to "collection-root" directory
- Improve: WebUI
- Improve: log client IP on SSL error and SSL protocol+cipher if successful
- Improve: catch htpasswd hash verification errors
- Improve: add support for more bcrypt algos on autodetection, extend logging for autodetection fallback to PLAIN in case of hash length is not matching
Fixes
- Fix: catch OS errors on PUT MKCOL MKCALENDAR MOVE PROPPATCH (insufficient storage, access denied, internal server error)
- Test: skip bcrypt related tests if module is missing
- Fix: proper base_prefix stripping if running behind reverse proxy
Cosmetics
- Cosmetics: extend list of used modules with their version on startup
Reviews
- Review: Apache reverse proxy config example
RPMs for Enterprise Linux and Fedora: https://koji.fedoraproject.org/koji/packageinfo?packageID=16893
(now with new sub-packages for bundled "InfCloud")
EL10 build still pending build of dependencies https://bugzilla.redhat.com/show_bug.cgi?id=2318480