PyPi: Kiwitcms

CVE-2017-18214

Transitive

Safety vulnerability ID: 39074

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Mar 04, 2018 Updated at Dec 05, 2024
Scan your Python projects for vulnerabilities →

Advisory

Kiwitcms 4.2 updates its NPM dependency 'moment' to include security fixes.

Affected package

kiwitcms

Latest version: 12.4

Test Case Management System

Affected versions

Fixed versions

Vulnerability changelog

which fixes the following vulnerabilities:
- https://snyk.io/vuln/npm:moment:20161019
- https://snyk.io/vuln/npm:moment:20170905

Settings
~~~~~~~~

- ``BUGZILLA_AUTH_CACHE_DIR`` is a new setting that may be specified to control
where Bugzilla auth cookies are saved! It is not specified by default and
Kiwi TCMS uses a temporary directory each time we try to login into Bugzilla!

Enhancements
~~~~~~~~~~~~

- Upgrade to Python 3.6. Fixes
`Issue 91 <https://github.com/kiwitcms/Kiwi/issues/91>`_
- Upgrade to `Django 2.0.6 <https://docs.djangoproject.com/en/2.0/releases/2.0.6/>`_
- Fix around 100 pylint issues (Anton Sankov)
- Update email confirmation template for newly registered users and make the
text translatable
- Display ``Last login`` column in User admin page
- Add tests for ``tcms.management.views`` (Anton Sankov)
- Remove unused CSS selectors
- Remove unnecessary ``templates/comments/comments.html``

Bug fixes
~~~~~~~~~

- Remove unused deferred field ``product_version``. Fixes
`Sentry KIWI-TCMS-1C <https://sentry.io/open-technologies-bulgaria-ltd/kiwi-tcms/issues/523948048/>`_
- Rename left-over ``get_url()`` to ``get_full_url()``. Fixes
`Sentry KIWI-TCMS-1B <https://sentry.io/open-technologies-bulgaria-ltd/kiwi-tcms/issues/523855781/>`_
- Fix empty TestPlan url and Product fields in TestRun email notification. Fixes
`Issue 353 <https://github.com/kiwitcms/Kiwi/issues/353>`_ (Matt Porter, Konsulko Group)

Translations
~~~~~~~~~~~~

- Updated translations for Chinese Simplified
- Updated translations for Chinese Traditional
- New language and translations for Slovenian

Documentation
~~~~~~~~~~~~~

- Added ``git clone`` command to documentation. Fixes
`Issue 344 <https://github.com/kiwitcms/Kiwi/issues/344>`_ (Anton Sankov)

Models and database migrations
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

- Increase checksum fields size to hold the new checksum values
- Increase ``activation_key`` field size to 64 chars

GDPR related
~~~~~~~~~~~~

- Allow users to delete their accounts. Link is present on ``My profile`` page.
This will also delete any related objects using cascade delete
- Try not to be so obvious when it comes to displaying email addresses across
the web interface. Instead show username and link to profile


tcms-api 4.2 (23 June 2018)
---------------------------

- Remove coloring. Fixes
`Issue 185 <https://github.com/kiwitcms/Kiwi/issues/185>`_
- Fix using the API client against https URLs (Adam Łoszyn, Samsung)



Kiwi TCMS 4.1.4 (April 8 2018)
------------------------------


Enhancements
~~~~~~~~~~~~

- Upgrade to `Django 2.0.4 <https://docs.djangoproject.com/en/2.0/releases/2.0.4/>`_
- Enable pylint and fix around 700 issues (Anton Sankov)
- Add pylint plugin to check docstrings for triple double quotes. Fixes
`Issue 296 <https://github.com/kiwitcms/Kiwi/issues/296>`_
- Add pylint plugin to check for list comprehensions. Fixes
`Issue 270 <https://github.com/kiwitcms/Kiwi/issues/270>`_
- Add pylint plugin to check for class attributes enclosed with double underscores.
These are dunders and are reserved for Python!


Signals
~~~~~~~

**BREAKING CHANGES**:

Renamed ``user_registered`` to ``USER_REGISTERED_SIGNAL`` and
``post_update`` to ``POST_UPDATE_SIGNAL``!


Bug fixes
~~~~~~~~~

- Change util function to default to https. Fixes
`Issue 220 <https://github.com/kiwitcms/Kiwi/issues/220>`_
- Fix
`Sentry KIWI-TCMS-17 <https://sentry.io/open-technologies-bulgaria-ltd/kiwi-tcms/issues/495015101/>`_
- Cast iterator to list. Fixes
`Sentry KIWI-TCMS-19 <https://sentry.io/open-technologies-bulgaria-ltd/kiwi-tcms/issues/501200394/>`_
- Don't crash in Custom Report. Fixes
`Sentry KIWI-TCMS-18 <https://sentry.io/open-technologies-bulgaria-ltd/kiwi-tcms/issues/499389305/>`_
- Better handling of TestPlan documents. Fixes
`Sentry KIWI-TCMS-1A <https://sentry.io/open-technologies-bulgaria-ltd/kiwi-tcms/issues/501695244/>`_
- Fix sorting of entries in TestPlan -> Runs tab. Fixes
`Sentry KIWI-TCMS-E <https://sentry.io/open-technologies-bulgaria-ltd/kiwi-tcms/issues/472757670/>`_


Refactoring
~~~~~~~~~~~

- Move Bugzilla and Kerberos backends code into their own repositories. Fixes
`Issue 239 <https://github.com/kiwitcms/Kiwi/issues/239>`_
- Remove cache from TestCaseRunStatus. Fixes
`Issue 279 <https://github.com/kiwitcms/Kiwi/issues/279>`_
- Rewrite ``UrlMixin``. Fixes
`Issue 157 <https://github.com/kiwitcms/Kiwi/issues/157>`_ (Chenxiong Qi)
- Remove unused ``split_as_option`` template tag
- Internal refactoring and more tests in ``tcms/core/ajax.py``
- Delete unused file ``tcms/core/forms/widgets.py``
- Merge ``case/form/filter.html`` into ``plan/get_cases.html``
- Remove unused ``TestCaseStatus.id_to_string()``



Kiwi TCMS 4.1.3 (Mar 15 2018)
-----------------------------


Enhancements
~~~~~~~~~~~~

- Upgrade to `Django 2.0.3 <https://docs.djangoproject.com/en/2.0/releases/2.0.3/>`_
- Show ``date_joined`` column for user admin
- Expose httpd logs to the host running docker. Fixes
`Issue 191 <https://github.com/kiwitcms/Kiwi/issues/191>`_


Bug fixes
~~~~~~~~~

- Move SSL keys under common directory in the container. Fixes
`Issue 231 <https://github.com/kiwitcms/Kiwi/issues/231>`_

- Always select active builds for TestRun. Fixes
`Issue 245 <https://github.com/kiwitcms/Kiwi/issues/245>`_
- Swap ``escape`` and ``escapejs`` filters. Fixes
`Issue 234 <https://github.com/kiwitcms/Kiwi/issues/234>`_
- Globally disable ``delete_selected`` action in Admin, this removes the
drop down selection widget! Fixes
`Issue 221 <https://github.com/kiwitcms/Kiwi/issues/221>`_
- Fix error in TestCase view when ``from_plan`` is empty string. Fixes
`Sentry KIWI-TCMS-Z <https://sentry.io/open-technologies-bulgaria-ltd/kiwi-tcms/issues/474369640/>`_
- Fix sorting issue when None is compared to int. Fixes
`Sentry KIWI-TCMS-V <https://sentry.io/open-technologies-bulgaria-ltd/kiwi-tcms/issues/473996504/>`_
- Validate form field as integer, not char. Fixes
`Sentry KIWI-TCMS-W <https://sentry.io/open-technologies-bulgaria-ltd/kiwi-tcms/issues/474058623/>`_
- [docs] Remove information about importing test cases via XML. This functionality
was removed in version 3.49



Refactoring
~~~~~~~~~~~

- Refactor inner class ``CaseActions``. Fixes
`Issue 21 <https://github.com/kiwitcms/Kiwi/issues/21>`_ (Chenxiong Qi)
- Only use ``get_cases.html`` template. Fixes
`Issue 176 <https://github.com/kiwitcms/Kiwi/issues/176>`_
- Unify ``get_details_review.html`` and ``get_details.html`` templates
- Remove internal ``Prompt.render`` class and replace with Django messages
- Remove ``mail/delete_plan.txt`` template
- Remove ``handle_emails_pre_plan_delete`` signal handler
- Remove the ``Export`` button from TestPlan view, use Case->Export sub-menu
item in the Cases tab. Also remove the export buttons from search and advanced
search result templates. If you'd like to export the cases from a given
plan you have to open it in a new browser window and use the menu
- Remove the ``Print`` button from plan search form
- Remove TestRun cloning from search results and plan details, use sub-menu
- Remove unnecessary JavaScript handling for EnvGroup edit view


Settings
~~~~~~~~

- Remove ``PLAN_DELELE_EMAIL_TEMPLATE`` setting (not used)


Models and database migrations
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

- Use Django's own DurationField, instead of custom one. Fixes
`Issue 183 <https://github.com/kiwitcms/Kiwi/issues/183>`_.
API clients must now send values for ``estimated_time`` which must be in a
format that ``parse_duration()`` understands, for example 'DD HH:MM:SS'! See
https://docs.djangoproject.com/en/2.0/ref/utils/django.utils.dateparse.parse_duration

**IMPORTANT:** this release introduces new database migrations!



Kiwi TCMS 4.1.0 (Feb 21 2018)
-----------------------------

Enhancements and bug fixes
~~~~~~~~~~~~~~~~~~~~~~~~~~

- Add tests for ``tcms.core.ajax.tag`` (Anton Sankov)
- Remove unused code from ``tcms.core.ajax.tag`` (Anton Sankov)
- Refactor ``tcms.core.ajax.tag`` to work with only one object. Fixes
`Issue 135 <https://github.com/kiwitcms/Kiwi/issues/135>`_ (Anton Sankov)
- Add test for tcms_api.TestRun. Closes
`Issue 194 <https://github.com/kiwitcms/Kiwi/issues/194>`_
- Send the ``user_registered`` signal when new users are registered
- Add signal handler to notify admins on new users. Fixes
`Issue 205 <https://github.com/kiwitcms/Kiwi/issues/205>`_
- Add ``is_superuser`` column to User admin. Fixes
`Issue 206 <https://github.com/kiwitcms/Kiwi/issues/206>`_
- Properly pass variables to blocktrans tag. Fixes
`Issue 225 <https://github.com/kiwitcms/Kiwi/issues/225>`_
- Minor documentation updates

Refactoring
~~~~~~~~~~~

- Remove double thread when sending email on ``post_save`` signal
- Remove unused ``EmailBackend`` authentication backend
- Remove unused ``tcms.core.models.signals``
- Consolidate all signals and handlers in ``tcms.signals``
- Make use of ``django_messages`` during account registration

Settings
~~~~~~~~

- Remove ``LISTENING_MODEL_SIGNAL`` (internal setting)
- New setting ``AUTO_APPROVE_NEW_USERS``. Fixes
`Issue 203 <https://github.com/kiwitcms/Kiwi/issues/203>`_


Models and database migrations
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

- Remove unused fields from ``Product`` model:
``disallow_new``, ``max_vote_super_bug``, ``vote_super_user``,
``field votes_to_confirm``, ``default_milestone``, ``milestone_url``
- Remove unused ``Milestone`` model


**IMPORTANT:** this release introduces new database migrations!



Kiwi TCMS 4.0.0 (Feb 10 2018)
-----------------------------

Enhancements and bug fixes
~~~~~~~~~~~~~~~~~~~~~~~~~~

- Upgrade to Django 2.0.2
- Pin JIRA client version to 1.0.10. Fixes
`Issue 195 <https://github.com/kiwitcms/Kiwi/issues/195>`_
- Generate api-docs for model classes
- Updated documentation for all RPC methods
- Use Grappelli jQuery initialization, fixes popup windows
- Unify RPC namespaces, API client class names and server-side model names.
Fixes `Issue 153 <https://github.com/kiwitcms/Kiwi/issues/153>`_

Settings
~~~~~~~~

- Remove ``ADMIN_PREFIX`` setting

RPC methods refactoring
~~~~~~~~~~~~~~~~~~~~~~~

.. warning::

This is not compatible with older tcms-api releases!

- Remove ``Build.check_build``, use ``Build.filter``
- Remove ``Build.get``, use ``Build.filter``
- Remove ``Build.get_caseruns``, use ``TestCaseRun.filter``
- Remove ``Build.get_runs``, use ``TestRun.filter``

- Rename ``Env.filter_groups``, use ``Env.Group.filter``
- Rename ``Env.filter_properties``, use ``Env.Property.filter``
- Rename ``Env.filter_values``, use ``Env.Value.filter``

- Remove ``Product.add_component``, use ``Component.create``
- Remove ``Product.add_version``, use ``Version.create``
- Remove ``Product.check_category``, use ``Category.filter``
- Remove ``Product.check_component``, use ``Component.filter``
- Remove ``Product.check_product``, use ``Product.filter``
- Remove ``Product.filter_categories``, use ``Category.filter``
- Remove ``Product.filter_components``, use ``Component.filter``
- Remove ``Product.filter_versions``, use ``Version.filter``
- Remove ``Product.get``, use ``Product.filter``
- Remove ``Product.get_builds``, use ``Build.filter``
- Remove ``Product.get_cases``, use ``TestCase.filter``
- Remove ``Product.get_categories``, use ``Category.filter``
- Remove ``Product.get_category``, use ``Category.filter``
- Remove ``Product.get_component``, use ``Component.filter``
- Remove ``Product.update_component``, use ``Component.update``

- Rename ``Tag.get_tags`` to ``Tag.filter``



- Remove ``TestCase.add_comment``
- Update signature for ``TestCase.add_component``
- Update signature for ``TestCase.add_tag``
- Remove ``TestCase.add_to_run``, use ``TestRun.add_case``
- Remove ``TestCase.attach_bug``, use ``Bug.create``
- Remove ``TestCase.calculate_average_estimated_time``
- Remove ``TestCase.calculate_total_estimated_time``
- Remove ``TestCase.check_case_status``, use ``TestCaseStatus.filter``
- Remove ``TestCase.check_priority``, use ``Priority.filter``
- Update signature for ``TestCase.create``, no longer accepts ``plan``,
``component`` and ``bug`` dict attributes. Instead use
``TestPlan.add_case``, ``TestCase.add_component`` and ``Bug.create``
- Remove ``TestCase.detach_bug``, use ``Bug.remove``
- Remove ``TestCase.filter_count``
- Remove ``TestCase.get``, use ``TestCase.filter``
- Remove ``TestCase.get_bugs``, use ``Bug.filter({'case': ?})``
- Remove ``TestCase.get_bug_systems``
- Remove ``TestCase.get_case_status``, use ``TestCaseStatus.filter``
- Update signature for ``TestCase.get_components``
- Remove ``TestCase.get_plans``, use ``TestPlan.filter({'case': ?})``
- Remove ``TestCase.get_priority``, use ``Priority.filter``
- Remove ``TestCase.get_tags``, use ``Tag.filter({'case': ?})``
- Remove ``TestCase.get_text``, use ``TestCase.filter``
- Remove ``TestCase.link_plan``, use ``TestPlan.add_case``
- Rename ``TestCase.notification_add_cc`` to ``TestCase.add_notification_cc``
and update signature
- Rename ``TestCase.notification_get_cc_list`` to ``TestCase.get_notification_cc``
and update signature
- Rename ``TestCase.notification_remove_cc`` to ``TestCase.remove_notification_cc``
and update signature
- Update signature for ``TestCase.remove_component``
- Update signature for ``TestCase.remove_tag``
- Remove ``TestCase.store_text``, use ``TestCase.update`` with
``setup``, ``breakdown``, ``action`` and ``effect`` attributes in the parameter dict
- Remove ``TestCase.unlink_plan``, use ``TestPlan.remove_case``

- Remove ``TestCasePlan.get``
- Remove ``TestCasePlan.update``

- Update ``TestCaseRun.add_comment`` to accept a single ID as first parameter
- Remove ``TestCaseRun.attach_bug``, use ``Bug.create``
- Rename ``TestCaseRun.attach_log`` to ``TestCaseRun.add_log``
- Remove ``TestCaseRun.detach_bug``, use ``Bug.remove``
- Rename ``TestCaseRun.detach_log`` to ``TestCaseRun.remove_log``
- Remove ``TestCaseRun.get``, use ``TestCaseRun.filter``
- Remove ``TestCaseRun.get_bugs``, use ``Bug.filter({'case_run': ?})``
- Remove ``TestCaseRun.get_case_run_status_by_name``
- Update signature for ``TestCaseRun.update``

- Remove ``TestPlan.add_component``
- Update signature for ``TestPlan.add_tag``
- Remove ``TestPlan.check_plan_type``, use ``PlanType.filter``
- Remove ``TestPlan.filter_count``
- Remove ``TestPlan.get``, use ``TestPlan.filter``
- Remove ``TestPlan.get_all_cases_tags``
- Remove ``TestPlan.get_components``
- Remove ``TestPlan.get_env_groups``, use ``Env.Group.filter({'testplan': ?})``
- Remove ``TestPlan.get_plan_type``, use ``PlanType.filter``
- Remove ``TestPlan.get_product``, use ``Product.filter({'plan': ?})``
- Remove ``TestPlan.get_tags``, use ``Tag.filter({'plan': ?})``
- Remove ``TestPlan.get_test_cases``, use ``TestCase.filter({'plan': ?})``
- Remove ``TestPlan.get_test_runs``, use ``TestRun.filter({'plan': ?})``
- Remove ``TestPlan.get_text``, use ``TestPlan.filter``
- Rename ``TestPlan.link_env_value`` to ``TestPlan.add_env_value``
and update signature
- Remove ``TestPlan.remove_component``
- Update signature for ``TestPlan.remove_tag``
- Remove ``TestPlan.store_text``, use ``TestPlan.update`` with
a ``text`` attribute in the parameter values
- Rename ``TestPlan.unlink_env_value`` to ``TestPlan.remove_env_value``
and update signature

- Rename ``TestRun.add_cases`` to ``TestRun.add_case`` and update signature
- Update signature for ``TestRun.add_tag``
- Update signature for ``TestRun.create``, no longer accepts ``case``
dict attribute. Instead use ``TestRun.add_case``
- Remove ``TestRun.filter_count``
- Remove ``TestRun.get``, use ``TestRun.filter``
- Remove ``TestRun.get_bugs``
- Remove ``TestRun.get_env_values``, use ``Env.Value.filter({'testrun': ?})``
- Remove ``TestRun.get_tags``, use ``Tag.filter({'run': ?})``
- Rename ``TestRun.get_test_cases`` to ``TestRun.get_cases``
- Remove ``TestRun.get_test_case_runs``, use ``TestCaseRun.filter({'run': ?})``
- Remove ``TestRun.get_test_plan``, use ``TestPlan.filter({'run': ?})[0]``
- Rename ``TestRun.remove_cases`` to ``TestRun.remove_case`` and update signature
- Update signature for ``TestRun.remove_tag``
- Update signature for ``TestRun.update``

- Rename ``User.get`` to ``User.filter``
- Rename ``User.join`` to ``User.join_group``
- Update signature for ``User.update``


Models and database migrations
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

- Remove model ``TestEnvironment``
- Remove model ``TestEnvironmentCategory``
- Remove model ``TestEnvironmentElement``
- Remove model ``TestEnvironmentMap``
- Remove model ``TestEnvironmentProperty``
- Remove model ``TestPlanComponent``
- Remove ``TestPlan.get_text_with_version()``
- Remove ``TestRun.get_previous_or_next()``

**IMPORTANT:** this release introduces new database migrations!


tcms-api 4.0.0 (Feb 10 2018)
----------------------------

.. warning::

This is not compatible with older XML-RPC versions!

- **Make the code compatible with Kiwi TCMS XML-RPC v4.0.0**
- Rename ``Status`` to ``TestCaseRunStatus``
- Rename ``CaseRun`` to ``TestCaseRun``
- Remove ``PlanStatus``, use ``TestPlan.is_active``
- Remove ``RunStatus``, use ``TestRun.finished``
- Remove ``TestPlan.components`` container
- Update signature for ``TestPlan``. Now accept ``text`` kwarg in constructor
instead of ``document``.



Kiwi TCMS 3.50 (Jan 24 2018)
----------------------------

Enhancements and bug fixes
~~~~~~~~~~~~~~~~~~~~~~~~~~

- Update documentation for XML-RPC and positional arguments, translations,
environment groups
- Enable translations. Fixes
`Issue 129 <https://github.com/kiwitcms/Kiwi/issues/129>`_
- Register models for DB translations. Fixes
`Issue 182 <https://github.com/kiwitcms/Kiwi/issues/182>`_
- New German translations (xbln)
- Require django-attachments>=1.3 and restore attachments count in tabs
- Fix missing tag names in TestPlan page
- Hide admin forms for some models not supposed to be editted by users. Fixes
`Issue 174 <https://github.com/kiwitcms/Kiwi/issues/174>`_
- Use django-grappelli for the admin templates: modern look and feel and
less template files overriden by Kiwi TCMS
- Load values for default property in TestRun 'Add Property' dialog. Fixes
`Issue 142 <https://github.com/kiwitcms/Kiwi/issues/142>`_
- Correctly find property ID when renaming environment properties. Fixes
`Issue 167 <https://github.com/kiwitcms/Kiwi/issues/167>`_
- Convert request body to string. Fixes
`Issue 177 <https://github.com/kiwitcms/Kiwi/issues/177>`_

Refactoring
~~~~~~~~~~~

- Remove batch tag Add/Remove sub-menu in TestPlan view (Anton Sankov)
- Remove Edit tag button in Tag tab (Anton Sankov)
- Remove template functions. Fixes
`Issue 107 <https://github.com/kiwitcms/Kiwi/issues/107>`_
- Remove custom HttpJSONResponse classes
- Remove unused and duplicate code


tcms-api 1.5.1 (Jan 24 2018)
----------------------------

- [api] Fix order of TestCaseRun statuses. Fixes 184


Kiwi TCMS 3.49 (Jan 02 2018)
----------------------------

Enhancements and bug fixes
~~~~~~~~~~~~~~~~~~~~~~~~~~

- Upgrade to Django 2.0.1
- Don't log passwords sent via RPC
- Log XML-RPC requests from anonymous users. Fixes
`Issue 126 <https://github.com/kiwitcms/Kiwi/issues/126>`_
- Order ``TCMSEnvValue`` records by property name and value. Fixes
`Issue 155 <https://github.com/kiwitcms/Kiwi/issues/155>`_
- flake8 fixes (Anton Sankov)
- Start building source code documentation from Python doc strings
- Properly urlencode emails in personal menu links
- Remove test case import via XML files
- Use django-attachments for user uploaded files. Fixes
`Issue 160 <https://github.com/kiwitcms/Kiwi/issues/160>`_
As part of this change we no longer copy Plan and Case attachments when
cloning these objects.

NOTE: Since django-attachments introduces new permission objects
you will have to adjust default permissions for existing users!
In order for them to be able to upload/delete their own files they
need to have ``attachments.add_attachment`` and ``atachments.delete_attachment``
permissions.

These same permissions are added by default to the 'Tester' group.
If you are running an existing installation registering a new user
with Kiwi TCMS will update the default permissions for this group!

Refactoring
~~~~~~~~~~~

- Remove unused class EditCaseNotifyThread (Chenxiong Qi)
- Remove model TestPlanActivity (Chenxiong Qi)
- Remove many unused models and classes
- Execute tests via ``manage.py test`` and drop py.test dependency
- Remove useless ``TestTag.string_to_list`` method. Fixes
`Issue 106 <https://github.com/kiwitcms/Kiwi/issues/106>`_
- Use ``settings.AUTH_USER_MODEL`` in ForeignKey definitions. Fixes
`Issue 143 <https://github.com/kiwitcms/Kiwi/issues/143>`_

Settings
~~~~~~~~

- Rename ``EMAIL_FROM`` to ``DEFAULT_FROM_EMAIL``. Fixes
`Issue 128 <https://github.com/kiwitcms/Kiwi/issues/128>`_
- Rename ``FILE_UPLOAD_DIR`` to ``MEDIA_ROOT``
- Rename ``MAX_UPLOAD_SIZE`` to ``FILE_UPLOAD_MAX_SIZE``
- New setting ``DELETE_ATTACHMENTS_FROM_DISK``
- Remove unused ``XMLRPC_TEMPLATE`` and ``TESTOPIA_XML_VERSION``

Server side API
~~~~~~~~~~~~~~~

- Migrate to ``django-modern-rpc`` and remove home-grown XML-RPC handling code.
As part of this change the XML-RPC endpoint has been changed to ``/xml-rpc/``.
There's also a new JSON-RPC endpoint at ``/json-rpc/``!
- ``Auth.login`` method now accepts positional parameters ``username, password``
instead of dict
- ``TestCaseRun.get`` method now accepts a query dict as parameter
- ``TestCaseRun.get_bugs`` method now accepts a query dict as parameter

- Remove ``Build.lookup_id_by_name``, ``Build.lookup_name_by_id`` RPC methods
- Remove ``Product.lookup_name_by_id``, ``Product.lookup_id_by_name`` RPC methods
- Remove ``Product.get_components``, use ``Product.filter_components`` instead
- Remove ``Product.get_plans``, use ``TestPlan.filter`` instead
- Remove ``Product.get_runs``, use ``TestRun.filter`` instead
- Remove ``Product.get_tag``, use ``Tag.get_tags`` instead
- Remove ``Product.get_versions``, use ``Product.filter_versions`` instead
- Remove ``TestCaseRun.filter_count``, use ``TestCaseRun.filter`` instead
- Remove ``TestCaseRun.get_s``, use ``TestCaseRun.get`` instead
- Remove ``TestCaseRun.get_bugs_s``, use ``TestCaseRun.get_bugs`` instead
- Remove ``TestCaseRun.get_case_run_status``, use
``TestCaseRun.get_case_run_status_by_name`` instead
- Remove ``TestCaseRun.get_completion_time``, ``TestCaseRun.get_completion_time_s``
RPC methods. Instead calculate them on the client side
- Rename ``TestCaseRun.check_case_run_status`` to ``TestCaseRun.get_case_run_status_by_name``
- ``TestCaseRun.detach_log`` will not raise exceptions when deleting logs from
non-existing TestCaseRun objects.
- Remove ``User.get_me``, instead use ``User.get`` without parameters
- Remove ``Version.`` and ``Testopia.`` RPC modules
- Update documentation for RPC methods in ``Auth``, ``Build`` and ``Env`` namespaces.
Unformatted documentation is also available for the rest of the RPC methods

**IMPORTANT:** this release introduces new database migrations!


tcms-api 1.5.0 (Jan 02 2018)
----------------------------

- Update endpoint configuration, compatible with Kiwi TCMS 3.49
- Drop support for Python 2
- Remove the internal ``do_command`` method which eliminates use of ``eval()``
- Remove ``TCMSXmlrpc.get_me()`` and ``TCMSXmlrpc.build_get()`` methods

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

HIGH 7.5

CVSS v3 Details

HIGH 7.5
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
NONE
Scope (S)
UNCHANGED
Confidentiality Impact (C)
NONE
Integrity Impact (I)
NONE
Availability Availability (A)
HIGH

CVSS v2 Details

MEDIUM 5.0
Access Vector (AV)
NETWORK
Access Complexity (AC)
LOW
Authentication (Au)
NONE
Confidentiality Impact (C)
NONE
Integrity Impact (I)
NONE
Availability Impact (A)
PARTIAL