===============================
Welcome to the new Pootle 2.7.3
===============================

*Released on 27 April 2016*

Bugfix release for 2.7.2.


Major Changes
=============

- Several critical security fixes that prevent potential XSS attacks
- Pootle no longer supports the MySQL's MyISAM database backend, users are
  strongly encouraged to convert their database to InnoDB.
- The editor for static pages now highlights the content's markup and displays
  a live preview.
- Added support for Elasticsearch-based external Translation Memory servers.
- Changed connection logic and added checks for misconfigured Translation
  Memory servers.
- Significant speed up when importing files.


Below we provide much more detail. These are by no means exhaustive, view the
`git log <https://github.com/translate/pootle/compare/2.7.2...2.7.3>`_ for
complete information.


Changes not reported on previous releases
=========================================

There are some changes that haven't being reported on their corresponding
release notes at the time:

- In release 2.7.0 support was dropped for allowing to allow users to specify
  their preferred UI language on Pootle. Pootle now uses the preferred
  languages as reported by the user's browser and falls back to English if the
  specified languages can't be used. See `Setting language preferences in a
  browse <https://www.w3.org/International/questions/qa-lang-priorities.en>`_
  for more information. The ability to specify Pootle UI language will be added
  back (:issue:`4230`).


Details of changes
==================

- Several critical security fixes that prevent potential XSS attacks
- Store update has been refactored which has brought a significant speed up
  when importing files.
- Static pages and announcements:

  - The editor for static pages now highlights the content's markup and
    displays a live preview of the rendered contents (:issue:`3346`,
    :issue:`3766`).
  - Project and language announcements are now also displayed on their
    respective overview pages.

- Translation memory:

  - :djadmin:`update_tmserver`:

    - Renamed ``--overwrite`` to :option:`--refresh <update_tmserver --refresh>`.
    - Translations from disabled projects must be explicitly included with
      :option:`--include-disabled-projects <update_tmserver --include-disabled-projects>`.
    - Added support for Elasticsearch-based external Translation Memory
      servers, which can be populated from translation files or directories on
      disk. This effectively brings the ability to display TM results from
      different TM servers, sorting them by their score.
    - Translations saved from Pootle now include a timestamp.
    - Fixed missing index error :issue:`4120`.

  - :setting:`POOTLE_TM_SERVER`:

    - The ``default`` TM server has been renamed to ``local``. Make sure to
      adjust your settings.
    - Added a new :setting:`WEIGHT <POOTLE_TM_SERVER-WEIGHT>` option to raise
      or lower the TM results score for each specific TM server.
    - Added several checks to ensure this setting is not misconfigured.

  - Changed connection logic for Translation Memory servers to handle
    connection issues and misconfigurations on the settings.

- Database:

  - `InnoDB <https://dev.mysql.com/doc/refman/5.6/en/innodb-storage-engine.html>`_
    is the supported MySQL backend. Deployments using MyISAM must
    :doc:`migrate to either MySQL (InnoDB) or PostgreSQL </server/database_migration>`.
  - Close a database connection before and after each rqworker job once it.
    exceeds the maximum age to imitate Django's request/response cycle
    :issue:`4094`.

- Editor:

  - Non-critical checks can once again be muted/unmuted.
  - Fixed units sorting issue for admin users :issue:`4116`.

- Import/export and upload/download:

  - Fixed running :djadmin:`export` command without options.
  - Added a new :option:`--user <import --user>` to :djadmin:`import` to
    attribute changes to specified user on file import.
  - Ignore non project filetypes when uploading zip files :issue:`4124`.
  - Only authenticated users with translate rights can upload translations.
  - Any authenticated user can now download translations.
  - Translations from `Terminology` project can now also be downloaded.

- :djadmin:`initdb`:

  - Now has an :option:`--no-projects <initdb --no-projects>` option to prevent
    creating the default projects at set up.
  - Now loads the translations for the default projects and languages and
    triggers their stats calculation.
  - Doesn't throw errors when accidentally being run more than once.

- The Apertium MT backend has been dropped.
- Report string errors form subject and body can be overriden.
- Language managers can now edit their language's special characters by using
  the `Special Characters` page accessible through the browse dropdown in the
  language overview page.
- Added extra data to reports.
- Added more languages for Yandex machine translation.
- Fixed :djadmin:`test_checks` errors when being run with no options and
  without the :option:`--check <test_checks --check>` option.
- Pulled latest translations.


...and lots of refactoring, new tests, cleanups, improved documentation and of
course, loads of bugs were fixed.


Credits
=======

This release was made possible by the following people:

Julen Ruiz Aizpuru, Leandro Regueiro, Ryan Northey, Dwayne Bailey, Taras
Semenenko.

And to all our bug finders, testers and translators, a Very BIG Thank You.
