From 22543397b60fea604f0b89247c57976cfa426520 Mon Sep 17 00:00:00 2001 From: Nicolas CARPi Date: Wed, 6 Nov 2024 17:00:20 +0100 Subject: [PATCH 1/6] improve faq 21 CFR Part 11 --- doc/faq.rst | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/doc/faq.rst b/doc/faq.rst index 8fadaf0..cfdf66e 100644 --- a/doc/faq.rst +++ b/doc/faq.rst @@ -172,17 +172,17 @@ Is it compliant to 21CFR Part 11? 1. Closed system: eLabFTW requires unique credentials to access the system. A system of permissions and roles allow fine control of what can be seen by whom. -2. Experiments and database items (protocols, reagents, cell lines...) are considered signable by the locking mechanism that timestamps and locks an entity in place. +2. Experiments and resources (protocols, reagents, cell lines...) can be signed with cryptographic signatures, verifiable outside the system, and stored in an immutable archive. -3. Trusted timestamping: RFC3161 Trusted Timestamping is available for experiments. A specific PDF is generated and timestamped cryptographically to prove anteriority if needed in a court of law. +3. Trusted timestamping: RFC3161 Trusted Timestamping is available for experiments. When using a qualified TSA such as Universign, this makes the process compliant with ETSI EN 319 42 (eIDAS european regulation). -4. Audit trail: changes to entries are internally recorded and cannot be tampered with by users. A version history is available. +4. Audit trail: changes to entries are internally recorded and cannot be tampered with by users. A version history is available, with adjustable granularity. -5. Retention of records: a setting allows to disable the possibility to delete records entirely. +5. Retention of records: a soft-delete mechanism prevents destructive actions on data. -6. Copies of records: you can export your data in PDF, ZIP archives or CSV files very easily. +6. Copies of records: you can export your data in PDF, ZIP archives or CSV files very easily. This can also be automated via the API. -7. Password policy: passwords are securely stored in the database and security mechanisms such as preventing too many authentication tries are in place. +7. Password policy: passwords are securely stored in the database and security mechanisms such as preventing too many authentication tries are in place. Password policies can also be enforced, and centralized authentication mechanisms can be setup. What about compliance to standards? =================================== From 1babe929449e73716dc01de0faaf82f0d99091c4 Mon Sep 17 00:00:00 2001 From: Nicolas CARPi Date: Sun, 17 Nov 2024 14:24:08 +0100 Subject: [PATCH 2/6] changelog --- doc/changelog.rst | 21 +++++++++++++++++++++ doc/conf.py | 2 +- 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/doc/changelog.rst b/doc/changelog.rst index 6771bf3..95f84a2 100644 --- a/doc/changelog.rst +++ b/doc/changelog.rst @@ -3,6 +3,27 @@ Changelog ========= +Version 5.1.11 +-------------- + +* bug/medium: eln import: prevent duplication of resources categories. fix #5349. fix #5285 +* bug/medium: eln import: fix status and categories for templates + The bug was that experiments never timestamped would have the condition + always evaluate to false because you can't compare NULL with something like + that. The feature is adding -t option to target specific teams. fix #5319 +* bug/medium + feat: cli timestamp: fix and improve sql query +* bug/minor: admin panel: fix newcomer banner message not correctly displayed +* bug/minor: eln: make .eln valid ro-crate +* bug/minor: listing: improve behavior with always show owned parameter +* feat: tinymce image upload code revamp, add image plugin/upload-with-drop to templates (#5353) +* feat: uploads api: allow filtering archived uploads with api. fix #5323 +* feat: import eln: display error instead of aborting if file shasum fails +* feat: import eln: display checksums of failed imported files +* feat: eln export: allow restricting users or resources categories when + exporting with export:eln, you can now add -u and -r to include only these + users and these resource categories id. + + Version 5.1.10 -------------- diff --git a/doc/conf.py b/doc/conf.py index b4faaf3..cb4751a 100644 --- a/doc/conf.py +++ b/doc/conf.py @@ -62,7 +62,7 @@ # The short X.Y version. version = '5.1' # The full version, including alpha/beta/rc tags. -release = '5.1.10' +release = '5.1.11' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. From b957ee178e1293ee987536f4b81bb63070d530a4 Mon Sep 17 00:00:00 2001 From: Nicolas CARPi Date: Wed, 18 Dec 2024 17:43:12 +0100 Subject: [PATCH 3/6] changelog for 5.1.12 --- doc/changelog.rst | 14 ++++++++++++++ doc/conf.py | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/doc/changelog.rst b/doc/changelog.rst index 95f84a2..10ced2c 100644 --- a/doc/changelog.rst +++ b/doc/changelog.rst @@ -3,6 +3,20 @@ Changelog ========= +Version 5.1.12 +-------------- + +* bug/medium: eln import: fix issue with resources categories import. fix #5356 +* bug/minor: eln import: honor userid setting. fix #5382 +* bug/minor: teamgroups: fix issue with comma in username. fix #5406 +* bug/minor: templates: fix steps not being duplicated. fix #5404 +* bug/minor: extra fields builder: fix number type field missing units (fix #5398) +* bug/minor: extra fields: fix issue with incorrect groups definition. fix #5369 +* feat: minor: mask colon (:) for autocomplete searches (PR #5383 by Marcel Bolten) fix #5376 +* chore: composer: upgrade league/commonmark. fix vuln https://github.com/elabftw/elabftw/security/dependabot/64 +* chore: set min cross-spawn version to 7.0.5. fix for CVE-2024-21538 + + Version 5.1.11 -------------- diff --git a/doc/conf.py b/doc/conf.py index cb4751a..5c51374 100644 --- a/doc/conf.py +++ b/doc/conf.py @@ -62,7 +62,7 @@ # The short X.Y version. version = '5.1' # The full version, including alpha/beta/rc tags. -release = '5.1.11' +release = '5.1.12' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. From ed3c8ca8e9f16e64f1da19bbaf64e53670ec01a0 Mon Sep 17 00:00:00 2001 From: Nicolas CARPi Date: Sat, 11 Jan 2025 19:55:43 +0100 Subject: [PATCH 4/6] add -u nginx:nginx in docker exec commands for import fix elabftw/elabftw#5416 --- doc/import-export.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/import-export.rst b/doc/import-export.rst index 6c7ae42..bcdb447 100644 --- a/doc/import-export.rst +++ b/doc/import-export.rst @@ -56,7 +56,7 @@ If you wish to import a rather large `.eln` archive (such as a full team export) .. code-block:: bash - docker exec -it elabftw bin/console import:eln -h + docker exec -it -u nginx:nginx elabftw bin/console import:eln -h As you can see, there are two mandatory arguments, the path to the file, and the Team ID where the import will be performed. The first thing to do is to copy the file in the right place in the container. It must be in `/elabftw/cache/elab` folder. Copy it with a command similar to this: @@ -69,11 +69,11 @@ Figure out the Team ID by looking at the Team from the Sysconfig panel, where th .. code-block:: bash # import in team 12 and be verbose - docker exec -it elabftw bin/console import:eln -vv your.eln 12 + docker exec -it -u nginx:nginx elabftw bin/console import:eln -vv your.eln 12 # import in team 25, force everything to be owned by user 5 and be extra verbose - docker exec -it elabftw bin/console import:eln -vvv your.eln 12 --userid 5 + docker exec -it -u nginx:nginx elabftw bin/console import:eln -vvv your.eln 25 --userid 5 # import in team 42, force everything to be of type "Resources" with category "6" - docker exec -it elabftw bin/console import:eln --type items --category 6 your.eln 42 + docker exec -it -u nginx:nginx elabftw bin/console import:eln --type items --category 6 your.eln 42 .. _csvimport: From 86a72e55c94cc434f1429fbfc37680f084c0413e Mon Sep 17 00:00:00 2001 From: Nicolas CARPi Date: Sat, 11 Jan 2025 20:33:44 +0100 Subject: [PATCH 5/6] changelog for 5.1.13 --- doc/changelog.rst | 14 ++++++++++++++ doc/conf.py | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/doc/changelog.rst b/doc/changelog.rst index 10ced2c..4877589 100644 --- a/doc/changelog.rst +++ b/doc/changelog.rst @@ -3,6 +3,20 @@ Changelog ========= +Version 5.1.13 +-------------- + +* bug/medium: fix steps not imported from template +* bug/minor: import eln: actually use provided permissions + + The user interface to import .eln files allow to set read and write + permissions, but they were not taken into account. + fix #5420 +* feat: allow setting persistent mode for PDO. Set ``USE_PERSISTENT_MYSQL_CONN`` to ``false`` as an environment variable to disable persistent connections to MySQL. Currently the MySQL connections are persistent. This change was made to avoid the overhead of establishing a TCP connection for SQL requests, but it can cause resources exhaustion on big instances, and in rare cases some firewalls cause improper severance leading to issues for the PHP workers. + + + + Version 5.1.12 -------------- diff --git a/doc/conf.py b/doc/conf.py index 5c51374..1d0a463 100644 --- a/doc/conf.py +++ b/doc/conf.py @@ -62,7 +62,7 @@ # The short X.Y version. version = '5.1' # The full version, including alpha/beta/rc tags. -release = '5.1.12' +release = '5.1.13' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. From 085b7d4f8f6a2a4f0a0ddf2f798fa3a49595e488 Mon Sep 17 00:00:00 2001 From: Nicolas CARPi Date: Mon, 13 Jan 2025 21:36:44 +0100 Subject: [PATCH 6/6] changelog --- doc/changelog.rst | 6 ++++++ doc/conf.py | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/doc/changelog.rst b/doc/changelog.rst index 4877589..7b52169 100644 --- a/doc/changelog.rst +++ b/doc/changelog.rst @@ -3,6 +3,12 @@ Changelog ========= +Version 5.1.14 +-------------- + +No changes in eLabFTW, this is a re-release with a missing commit in elabimg repository for the new ``USE_PERSISTENT_MYSQL_CONN`` parameter. + + Version 5.1.13 -------------- diff --git a/doc/conf.py b/doc/conf.py index 1d0a463..0f126dc 100644 --- a/doc/conf.py +++ b/doc/conf.py @@ -62,7 +62,7 @@ # The short X.Y version. version = '5.1' # The full version, including alpha/beta/rc tags. -release = '5.1.13' +release = '5.1.14' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages.