PageRenderTime 48ms CodeModel.GetById 12ms app.highlight 13ms RepoModel.GetById 1ms app.codeStats 1ms

/contrib/cvs/NEWS

https://bitbucket.org/freebsd/freebsd-head/
#! | 1905 lines | 1423 code | 482 blank | 0 comment | 0 complexity | 4757c658c84975a79a2bc2338854851d MD5 | raw file

Large files files are truncated, but you can click here to view the full file

   1Changes since 1.11.22:
   2**********************
   3
   4NEW FEATURES
   5
   6* A new log option -n reverts the -N option which may be in a .cvsrc
   7  file.
   8
   9* The `cvs blame' command is now a synonym for the `cvs annotate' command.
  10
  11* The :extssh: method will use $CVS_SSH if set, or fall back on "ssh"
  12  by default (but may be explicitly set using the --with-ssh flag to
  13  configure).
  14
  15* There is a new IgnoreUnknownConfigKeys option available for
  16  CVSROOT/config to aid in the transition to newer versions of CVS.
  17
  18BUG FIXES
  19
  20* Merges of file removals using -j options are a little smarter.
  21
  22* `cvs add' checks more thoroughly for `CVS' directories in the argument list.
  23
  24* `cvs server' now accepts `--allow-root=PATH' options.
  25
  26* `cvs import' no longer attempts to send CVS metadata to the server.
  27
  28* `cvs import' makes more of an effort not to import paths containing files
  29  and directories named `CVS'.
  30
  31* The CVS server will no longer allow clients to run `cvs init'.
  32
  33* Applying diffs when checking out very old revisions has been reduced from an
  34  O(n^2) operation to an O(n) thanks to a patch from Michael J. Smith
  35  <msmith@ideorlando.org> and additional touch-up work from the CVS team.
  36
  37* Thanks to report from Paul Eggert <eggert@CS.UCLA.EDU>, an assertion failure
  38  that could occur when "." was in the path (e.g. `cvs co /cvsroot/./module')
  39  has been removed.
  40
  41* Thanks to a report from Peter Toft <pto@linuxbog.dk>, CVS server now sends
  42  correct patch files more often when the RCS `Name' keyword is present in
  43  a working file (bug #17302).
  44
  45* Thanks to a report from Dan Peterson <dbpete@aol.com>, clients now send the
  46  right set of commands to the server when asked to update directories with
  47  trailing slashes on their name.
  48
  49* Thanks to a report and patch from <mbarabas@redhat.com>, potential stack
  50  corruption during pserver login is avoided (bug #16961).
  51
  52* The :extssh: method is now properly recognized as an alias for :ext:.
  53
  54DEVELOPER ISSUES
  55
  56* We've standardized on Autoconf version 2.61 to get a bug fix that notes
  57  that the AIX C compiler's default mode isn't quite C89 and sets the
  58  correct mode instead.
  59
  60* We've standardized on Autoconf version 1.10 because it lets us simplify our
  61  sources.
  62
  63Changes from 1.11.21 to 1.11.22:
  64********************************
  65
  66BUG FIXES
  67
  68* The CVS client again correctly reports files with conflicts when using
  69  servers running CVS 1.11.20/1.12.12, or earlier (and maybe 3rd party
  70  servers).
  71
  72* The GSSAPI server should now build under HP-UX.
  73
  74* `cvs rtag' now correctly tags files that have been removed from the trunk.
  75
  76* Code efficiency has been improved slightly.
  77
  78* A rare race condition that could leave a lock on the val-tags file has been
  79  avoided.
  80
  81* A potential buffer overflow in the history command has been fixed.
  82
  83* Thanks to a report and patch from Garrett Rooney <grooney@collab.net>, paused
  84  trigger processes no longer cause the CVS server to consume 100% CPU.
  85
  86* Thanks to a suggestion from Joseph P. Skudlarek <Jskud@Jskud.com>, an
  87  :extssh: has been added as a synonym of the :ext: access method, as a
  88  kindness to users of old version of Eclipse.
  89
  90* Misc documentation updates and minor bug fixes.
  91
  92Changes from 1.11.20 to 1.11.21:
  93********************************
  94
  95BUG FIXES
  96
  97* Thanks to Serguei E. Leontiev <lse@CryptoPro.ru>, CVS with Kerberos 5 GSSAPI
  98  should automatically link on FreeBSD 5.x. (bug #14639).
  99
 100* Thanks to Rahul Bhargava <rahul@wandisco.com>, heavily loaded systems
 101  suffering from a disk crash or power failure will not lose data they claimed
 102  to have committed.
 103
 104* CVS server now handles conflict markers in Entry requests as documented.
 105
 106* CVS now remembers that binary file merge conflicts occurred until the
 107  timestamp of the updated binary file changes.
 108
 109* CVS client now saves some bandwidth by not sending the contents of files
 110  with conflicts to the server when it isn't needed.
 111
 112* CVS now does correct locking during import.
 113
 114* A problem where the server could block indefinitely waiting for an EOF from
 115  the client when compression was enabled has been fixed.
 116
 117* `cvs diff' no longer splits its arguments on spaces.
 118
 119* Thanks to an old report and patch from Stewart Brodie <stewart@eh.org>, a
 120  potential crash in response to a corrupt RCS file has been fixed.
 121
 122* CVS now locks the history and val-tags files before writing to them.
 123  Especially with large repositories, users should no longer see new warnings
 124  about corrupt history records when using the `cvs history' command.  Existing
 125  corrupt history records will still need to be removed manually.  val-tags
 126  corruption should have had less obvious effects, but removing the
 127  CVSROOT/val-tags file and allowing a 1.11.21 or later version of CVS to
 128  regenerate it may eliminate a few odd behaviors and possibly cause a slight
 129  speed up of read transactions in large repositories over time.
 130
 131BUILD ISSUES
 132
 133* The RPM spec file works again with the most modern versions of `rpm'.
 134
 135DEVELOPER ISSUES
 136
 137* We've standardized on Automake 1.9.6 to get some at new features that make
 138  our jobs easier.  See the HACKING file for more on using the autotools with
 139  CVS.
 140
 141Changes from 1.11.19 to 1.11.20:
 142********************************
 143
 144SERVER SECURITY FIXES
 145
 146* Thanks to a report from Alen Zukich <alen.zukich@klocwork.com>, several minor
 147  security issues have been addressed.  One was a buffer overflow that is
 148  potentially serious but which may not be exploitable, assigned CAN-2005-0753
 149  by the Common Vulnerabilities and Exposures Project
 150  <http://www.cve.mitre.org>.  Other fixes resulting from Alen's report include
 151  repair of an arbitrary free with no known exploit and several plugged memory
 152  leaks and potentially freed NULL pointers which may have been exploitable for
 153  a denial of service attack.
 154
 155* Thanks to a report from Craig Monson <craig@malachiarts.com>, minor
 156  potential vulnerabilities in the contributed Perl scripts have been fixed.
 157  The confirmed vulnerability could allow the execution of arbitrary code on
 158  the CVS server, but only if a user already had commit access and if one of
 159  the contrib scripts was installed improperly, a condition which should have
 160  been quickly visible to any administrator.  The complete description of the
 161  problem is here: <https://ccvs.cvshome.org/issues/show_bug.cgi?id=224>.  If
 162  you were making use of any of the contributed trigger scripts on a CVS
 163  server, you should probably still replace them with the new versions, to be
 164  on the safe side.
 165
 166  Unfortunately, our fix is incomplete.  Taint-checking has been enabled in all
 167  the contributed Perl scripts intended to be run as trigger scripts, but no
 168  attempt has been made to ensure that they still run in taint mode.  You will
 169  most likely have to tweak the scripts in some way to make them run.  Please
 170  send any patches you find necessary back to <bug-cvs@nongnu.org> so that we
 171  may again ship fully enabled scripts in the future.
 172
 173  You should also make sure that any home-grown Perl scripts that you might
 174  have installed as CVS triggers also have taint-checking enabled.  This can be
 175  done by adding `-T' on the scripts' #! lines.  Please try running
 176  `perldoc perlsec' if you would like more information on general Perl security
 177  and taint-checking.
 178
 179BUG FIXES
 180
 181* Thanks to a report and a patch from Georg Scwharz <georg.scwarz@freenet.de>
 182  CVS now builds without error on IRIX 5.3
 183
 184DEVELOPER ISSUES
 185
 186* We've standardized on Automake 1.9.5 to get some at new features that make
 187  our jobs easier.  See the HACKING file for more on using the autotools with
 188  CVS.
 189
 190Changes from 1.11.18 to 1.11.19:
 191********************************
 192
 193BUG FIXES
 194
 195* Thanks to a patch from Jim Hyslop <jhyslop@ieee.org>, issuing
 196  'cvs watch on' or 'cvs watch off' in an empty directory no longer
 197  clears any watchers in that directory.
 198
 199* An intermittant assertion failure in checkout has been fixed.
 200
 201* Thanks to a report from Chris Bohn <cbohn@rrinc.com>, all the source files
 202  needed for the Windows "red file" fix are actually included in the
 203  distribution.
 204
 205* Misc bug and documentation fixes.
 206
 207Changes from 1.11.17 to 1.11.18:
 208********************************
 209
 210BUG FIXES
 211
 212* Thanks to a report from Gottfried Ganssauge <gotti@cvshome.org>, CVS no
 213  longer exits when it encounters links pointing to paths containing more
 214  than 128 characters.
 215
 216* Thanks to a report from Dan Peterson <dbpete@aol.com>, error messages from
 217  GSSAPI servers are no longer truncated.
 218
 219* Thanks to a report from Dan Peterson <dbpete@aol.com>, attempts to resurrect
 220  a file on the trunk that was added on a branch no longer causes an assertion
 221  failure.
 222
 223* Thanks to a report from Dan Peterson <dbpete@aol.com>, imports to branches
 224  like "1.1." no longer create corrupt RCS archives.
 225
 226* Thanks to a report from Chris Bohn <cbohn@rrinc.com>, links from J.C. Hamlin
 227  <jchamlin@ibsys.com>, and code posted by Jonathan Gilligan, we think we have
 228  finally corrected the Windows "red-file" (daylight savings time) bug once and
 229  for all.
 230
 231* Thanks to a patch from Jeroen Ruigrok/asmodai <asmodai@wxs.nl>, the
 232  log_accum.pl script should no longer elicit warnings from Perl 5.8.5.
 233
 234* The r* commands (rlog, rls, etc.) can once again handle requests to run
 235  against the entire repository (e.g. `cvs rlog .').  Thanks go to Dan Peterson
 236  <dbpete@aol.com> for the report.
 237
 238* A problem where the attempted access of files via tags beginning with spaces
 239  could cause the CVS server to hang has been fixed.  This was a particular
 240  problem with WinCVS clients because users would sometimes accidentally
 241  include spaces in tags pasted into a dialog box.  This fix also altered some
 242  of the error messages generated by the use of invalid tags.  Thanks go to Dan
 243  Peterson <dbpete@aol.com> for the report.
 244
 245* Thanks to James E Wilson <wilson@specifixinc.com> for a bug fix to
 246  modules processing "gcc-core -a !gcc/f gcc" will no longer exclude
 247  gcc/fortran by mistake.
 248
 249* Thanks to Conrad Pino <conrad@pino.com>, the Windows build works once again.
 250
 251* Misc updates to the manual.
 252
 253DEVELOPER ISSUES
 254
 255* We've standardized on Automake 1.9.3 to get some at new features that make
 256  our jobs easier.  See the note below on the Autoconf upgrade for more
 257  details.
 258
 259* We've standardized on Autoconf version 2.59 to get presumed bug fixes and
 260  features, but nothing specific.  Mostly, once we decide to upgrade one of the
 261  autotools we just figure it'll save time later to grab the most current
 262  versions of the others too.  See the HACKING file for more on using the
 263  autotools with CVS.
 264
 265Changes from 1.11.16 to 1.11.17:
 266********************************
 267
 268SERVER SECURITY FIXES
 269
 270* Thanks to Stefan Esser & Sebastian Krahmer, several potential security
 271  problems have been fixed.  The ones which were considered dangerous enough
 272  to catalogue were assigned issue numbers CAN-2004-0416, CAN-2004-0417, &
 273  CAN-2004-0418 by the Common Vulnerabilities and Exposures Project.  Please
 274  see <http://www.cve.mitre.org> for more information.
 275
 276* A potential buffer overflow vulnerability in the server has been fixed.
 277  This addresses the Common Vulnerabilities and Exposures Project's issue
 278  #CAN-2004-0414.  Please see <http://www.cve.mitre.org> for more information.
 279
 280Changes from 1.11.15 to 1.11.16:
 281********************************
 282
 283SERVER SECURITY FIXES
 284
 285* A potential buffer overflow vulnerability in the server has been fixed.
 286  Prior to this patch, a malicious client could potentially use carefully
 287  crafted server requests to run arbitrary programs on the CVS server machine.
 288  This addresses the Common Vulnerabilities and Exposures Project's issue
 289  #CAN-2004-0396.  Please see <http://www.cve.mitre.org> for more information.
 290
 291BUG FIXES
 292
 293* The Microsoft Visual C++ workspace and project files have been repaired and
 294  regenerated with MSVC++ 6.0.
 295
 296* The cvs.1 man page is now generated automatically from a section of the CVS
 297  Manual.
 298
 299* Thanks to a report from Mark Andrews at the Internet Systems Consortium, the
 300  :ext: connection method no longer relies on a transparent transport that uses
 301  an argument processor that can handle arbitrary ordering of options and other
 302  arguments when using a username other than the caller's.
 303
 304* Thanks to Ken Raeburn at MIT, directory deletion, whether via `cvs release'
 305  or empty directory pruning, now works on network shares under Windows XP.
 306
 307Changes from 1.11.14 to 1.11.15:
 308********************************
 309
 310SERVER SECURITY ISSUES
 311
 312* Piped checkouts of paths above $CVSROOT no longer work.  Previously, clients
 313  could have requested the contents of RCS archive files anywhere on a CVS
 314  server.  This addresses CVE issue CAN-2004-0405.  Please see
 315  <http://www.cve.mitre.org> for more information.
 316
 317CLIENT SECURITY ISSUES
 318
 319* Clients now check paths from the server to verify that they are within one of
 320  the sandboxes the user requested be updated.  Previously, a trojan server
 321  could have written or overwritten files anywhere the user had access,
 322  presenting a serious security risk.  This addresses CVE issue CAN-2004-1080.
 323  Please see <http://www.cve.mitre.org> for more information.
 324
 325GENERAL USER ISSUES
 326
 327* Method options (used by WinCVS & CVS 1.12.7+) in CVSROOTs are ignored.
 328
 329* Configure no longer checks the $TMPDIR, $TMP, & $TEMP variables to set the
 330  default temporary directory.
 331
 332* CVS on Cygwin correctly handles X:\ style paths.
 333
 334* Import now uses backslash rather than slash on Windows when checking for
 335  "CVS" directories to ignore in import commands.
 336
 337* Relative paths containing up-references (`..') should now work in
 338  client/server mode (client fix).
 339
 340* A race condition between the ordering of messages from CVS and messages from
 341  called scripts in client/server mode has been removed (server fix).
 342
 343* Resurrected files now get their modes and timestamps set correctly and a
 344  longstanding bug involving resurrection of an uncommitted removal has been
 345  fixed (server fix).
 346
 347* Some resurrection (cvs add) status messages have changed slightly.
 348
 349* `cvs release' now works with Kerberos or GSSAPI encryption enabled (server
 350  fix).
 351
 352* File resurrection from a previously existing revision no longer just reports
 353  that it works (server fix).
 354
 355* Misc error & status message corrections.
 356
 357* Diffing of locally added files against arbitrary revisions in an RCS archive
 358  is now allowed when a file of the same name exists or used to exist on some
 359  branch (server fix).
 360
 361* Misc documentation fixes.
 362
 363Changes from 1.11.13 to 1.11.14:
 364********************************
 365
 366GENERAL USER ISSUES
 367
 368* Imports will now always ignore directories and files named `CVS' to avoid
 369  violating assumptions made by other parts of CVS.
 370
 371* A problem with `cvs release' of subdirs that could corrupt CVS/Entries files
 372  has been fixed (client/server).
 373
 374* The CVS server's protocol check for unused data from the client is no longer
 375  called automatically at program exit in order to avoid potential recursive
 376  calls to error when the first close is due to memory allocation or similar
 377  problems that cause calls to error() to fail.  The check is still made when
 378  the server program exits normally.
 379
 380* The spec file has been updated to work with more recent versions of RPM.
 381
 382* Several memory leaks have been plugged (client/server).
 383
 384DEVELOPER ISSUES
 385
 386* Misc cosmetic, readability, and commenting fixes.
 387
 388Changes from 1.11.12 to 1.11.13:
 389********************************
 390
 391GENERAL USER ISSUES
 392
 393* Several memory leaks have been plugged.
 394
 395* Thanks to Ville Skyttä the man page has a few less spelling errors and is
 396  slightly more accurate.
 397
 398* An unlikely potential segfault when using the :fork: connection method has
 399  been fixed.
 400
 401* The CVS server has had the protocol check for unused data from the client
 402  partially restored.
 403
 404* A fix has been included that should avoid a very rare race condition that
 405  could cause a CVS server to exit with a "broken pipe" message.
 406
 407* A minor problem with the nmake build file that was preventing the source from
 408  compiling under Windows has been fixed.
 409
 410* Tests have been added to the test suite.
 411
 412DEVELOPER ISSUES
 413
 414* Misc cosmetic, readability, and commenting fixes.
 415
 416Changes from 1.11.11 to 1.11.12:
 417********************************
 418
 419GENERAL USER ISSUES
 420
 421* Infinite alias loops in the modules file are now checked for and avoided.
 422
 423* Clients on case insensitive systems now preserve the case of directories in
 424  CVS/Entries, in addition to files, for use in communications with the CVS
 425  server.
 426
 427* Some previously untested behavior is now being tested.
 428
 429* Server support for case insensitive clients has been removed in favor of the
 430  server relying on the client to preserve the case of checked out files, as
 431  per the CVS client/server protocol spec.  This is not as drastic as it may
 432  sound, as all of the current tests still pass without modification when run
 433  from a case insensitive client to a case sensitive server.  This change
 434  disables little previous functionality, enables access to more of the
 435  possible namespace to users on systems with case insensitive file systems,
 436  fixes a few bugs, and in the end this should provide a major stability
 437  improvement.
 438
 439* Thanks to Ville Skyttä the man page is a bit more accurate.
 440
 441* Thanks to Ville Skyttä some unused variables were removed from the log_accum
 442  Perl script in contrib.
 443
 444* Thanks to Alexey Mahotkin, a bug that prevented CVS from being compiled with
 445  Kerberos 4 authentication enabled has been fixed.
 446
 447* A minor bug that caused CVS to fail to report an inifinte alias loop in the
 448  modules file when portions of the alias definition contained trailing slashes
 449  has been fixed.
 450
 451* A bug in the gzip code that could cause heap corruption and segfaults in CVS
 452  servers talking to clients less than 1.8 and some modern third-party CVS
 453  clients has been fixed.
 454
 455* mktemp.sh is now included with the source distribution so that the rcs2log
 456  and cvsbug executables may be run on systems which do not contain an
 457  implementation of mktemp.
 458
 459* Misc documentation fixes.
 460
 461Changes from 1.11.10 to 1.11.11:
 462********************************
 463
 464SERVER SECURITY ISSUES
 465
 466* pserver can no longer be configured to run as root via the
 467  $CVSROOT/CVSROOT/passwd file, so if your passwd file is compromised, it no
 468  longer leads directly to a root hack.  Attempts to root will also be logged
 469  via the syslog.
 470
 471Changes from 1.11.9 to 1.11.10:
 472*******************************
 473
 474SERVER SECURITY ISSUES
 475
 476* Malformed module requests could cause the CVS server to attempt to create
 477  directories and possibly files at the root of the filesystem holding the CVS
 478  repository.  Filesystem permissions usually prevent the creation of these
 479  misplaced directories, but nevertheless, the CVS server now rejects the
 480  malformed requests.
 481
 482GENERAL USER ISSUES
 483
 484* Case insensitive clients using a case sensitive server can now use a
 485  `cvs rm -f file; cvs add FILE' command sequence to add a file with the same
 486  name in a new case.
 487
 488* CVSROOTs which contain a symlink to a real repository should work.
 489
 490* The configure script now tests whether it is building CVS on a case
 491  insensitive file system.  If it is, CVS assumes that all file systems on this
 492  platform will be case insensitive.  This is useful for getting the case
 493  insensitivity flag set correctly when compiling on Mac OS X and under Cygwin
 494  on Windows.  Autodetection can be overridden using the
 495  --disable-case-sensitivity and --enable-case-sensitivity arguments to
 496  configure.
 497
 498* A behavior change in `cvs up -jrev1 -jrev2' for modified files with a base
 499  revision of rev2 (ie, checked-out version matches rev2 and file has been
 500  modified).  The operation is no longer ignored and instead is passed to
 501  diff3.  This will potentially re-apply the diffs between the two revisions to
 502  a modified local file.  Status messages like from a standard merge have also
 503  been added when the file would not or does not change due to this merge
 504  request ("[file] already contains the changes between [revisions]...").
 505
 506* A bug which could stop `cvs admin -mTAG:message' from recursing has been
 507  fixed.
 508
 509* Misc documentation cleanup and fixes.
 510
 511* Some of the contrib scripts, some of the documentation, and sanity.sh were
 512  modified to use and recommend more portable commands rather than using and
 513  recommending commands which were not compatible with the POSIX 1003.1-2001
 514  specification.
 515
 516DEVELOPER ISSUES
 517
 518* A new set of tests to test issues specific to case insensitive clients and
 519  servers has also been added.
 520
 521* Support has been added to the test suite to support testing over a :ext: link
 522  to another machine, subject to some stringent requirements.  This support can
 523  be used, for instance, to test the operation of a case insensitive client
 524  against a case sensitive server.  Please see the comments in TEST and the
 525  src/sanity.sh test script itself for more.
 526
 527* We've standardized on Automake 1.7.9 to get a bug fix.  See the note below
 528  on the Autoconf upgrade for more details.
 529
 530* We've standardized on Autoconf version 2.58 to avoid a bug and get at a few
 531  new macros.  Again, this should only really affect developers, though it is
 532  possible that CVS will now compile on a few new platforms.  Please see the
 533  section of the INSTALL file about using the autotools if you are compiling
 534  CVS yourself.
 535
 536Changes from 1.11.8 to 1.11.9:
 537
 538* CVS now knows how to report, as well as record, `P' record types.
 539
 540* When running the `cvs history' command, clients will now send the
 541  long-accepted `-e' option, for all records, rather than explicitly requesting
 542  `P' record types, a request which servers prior to 1.11.7 will reject with a
 543  fatal error message.
 544
 545* A problem with locating files requested by case insensitive clients which was
 546  accidentally introduced in 1.11.6 as part of a fix for a data loss problem
 547  involving `cvs add's from case insensitive clients has been fixed.  The
 548  relevant error message was `cvs [<command> aborted]: filE,v is ambiguous;
 549  could mean FILE,v or file,v'.
 550
 551* Attempts to use the global `-l' option, removed from both client and server
 552  as of version 1.11.6, will now elicit a warning rather than a fatal error
 553  from the server.
 554
 555Changes from 1.11.7 to 1.11.8:
 556
 557* A problem in the CVS getpass library that could cause passwords to echo on
 558  some systems has been fixed.
 559
 560Changes from 1.11.6 to 1.11.7:
 561
 562* A segfault that could occur in very rare cases where the stat of a file
 563  failed during a diff has been fixed.
 564
 565* Any user with write privleges to the CVSROOT/checkoutlist file could pass
 566arbitrary format strings directly through to a printf function.  This was
 567probably bad and has been fixed.  White space at the beginning of error strings
 568in checkoutlist is now ignored properly.
 569
 570* In client/server mode, most messages from CVS now contain the actual
 571command name rather than the generic "server".
 572
 573* A long-standing bug that prevented most client/server updates from being
 574logged in the history file has been fixed.
 575
 576* Updates done via a patch ("P" status) are now logged in the history file
 577by default and the corresponding "P" history record type is now documented.
 578If you're setting the LogHistory option in your CVSROOT/config file, you may
 579want to add "P" to the list of record types.
 580
 581* CVS now will always compile and its own getpass() function (originally from
 582GNULIB) in favor of any system one that may exist.  This avoids some problems
 583with long passwords on some systems and updates us to POSIX.2 compliance, since
 584getpass() was removed from the POSIX.2 specification.
 585
 586* A bug that allowed a write lock to be created in a directory despite
 587there being existing read locks when using LockDir in CVSROOT/config has
 588been fixed.
 589
 590* A bug with short patches (`rdiff -s') which caused rdiff to sometimes report
 591differences that did not exist has been fixed.
 592
 593* Some minor corrections were made to the diff code to keep diff & rdiff from
 594printing diff headers with empty change texts when two files have different
 595revision numbers but the same content.
 596
 597* The global '-l' option, which suppressed history logging, has been removed
 598from both client and server.
 599
 600Changes from 1.11.5 to 1.11.6:
 601
 602* A warning message is now issued if an administrative file contains
 603more than one DEFAULT entry.
 604
 605* An error running a verifymsg script (such as referencing an unset user
 606variable or the script not existing) now causes the verification to
 607fail.
 608
 609* Errors in administrative files commands (like unset user variables)
 610are no longer reported unless the command is actually executed.
 611
 612* When a file is initially checked out, its last access time is now set
 613to the current time rather than being set to the time the file was last
 614checked in like the modification time is.
 615
 616* The Checkin.prog and Update.prog functionality has been removed.  This
 617fuctionality previously allowed executables to be specified in the modules file
 618to be run at update and checkin time, but users could edit these files on a per
 619workspace basis, creating a security hole.
 620
 621* contrib/rcs2log and src/cvsbug now use the BSD mktemp program to create
 622their temp files and directories on systems which provide it.
 623
 624* Corrected the path in a failed write error message.
 625
 626* Autoconf and Automake are no longer run automatically unless you run
 627configure with --enable-maintainer-mode.  Accordingly, noautomake.sh is
 628no longer needed and has been removed.
 629
 630* We've standardized on Automake version 1.7.5 and Autoconf version 2.57 to get
 631at a few new macros.  Again, this should only really affect developers.  See
 632the section of the INSTALL file about using the autotools if you are compiling
 633CVS yourself.
 634
 635Changes from 1.11.4 to 1.11.5:
 636
 637* Fixed a security hole in the CVS server by which users with read only access
 638could gain write access.  This issue does not affect client builds.  The
 639Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
 640name CAN-2003-0015 to this issue.  See
 641<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0015> for more
 642information.
 643
 644* Fixed some bugs where revision numbers starting with 0 (like 0.3)
 645weren't correctly handled.  (CVS doesn't normally use such revision
 646numbers, but users may be able to force it to do so and old RCS files
 647might.)
 648
 649Changes from 1.11.3 to 1.11.4:
 650
 651* Some minor changes to allow the code to compile on Windows platforms.
 652
 653Changes from 1.11.2 to 1.11.3:
 654
 655* The tag/rtag code has been fixed to once again lock just a single
 656directory at a time.
 657
 658* There was a bug where certain error conditions could cause the server
 659to go into an infinite loop.  There was also a bug that caused a
 660compressed connection from an older client to hang on shutdown.  These
 661bugs have been fixed.
 662
 663* Fixed a bug that caused the server to reject most watch commands.
 664
 665* When waiting for another user's lock, the message timestamps are now
 666in UTC rather than the server's local time.
 667
 668* The options.h file is no longer used.  This fixes a bug that occurred when
 6691.11.2 was compiled on Windows platforms.
 670
 671* We've standardized on Automake version 1.6.3 and Autoconf version 2.53.
 672They are cleaner, less bug prone, and will hopfully allow me to start updating
 673sanity.sh to use Autotest and Autoshell.  Again, this should only really affect
 674developers.  See the section of the INSTALL file about using the autotools if
 675you are compiling CVS yourself.
 676
 677* Fixed a bug in the log/rlog code when a revision range crosses a
 678branch point.
 679
 680* Fixed a bug where filenames starting with - would be misinterpreted as
 681options when using client/server mode.
 682
 683Changes from 1.11.1p1 to 1.11.2:
 684
 685* There is a new feature, enabled by RereadLogAfterVerify in CVSROOT/config,
 686which tells CVS to reread the log message after running the verifymsg
 687script.  This allows the verifymsg script to reformat or otherwise
 688modify the log message.
 689
 690* The interpretation of revision ranges using :: in "log" and "rlog"
 691has changed: a::b now excludes the log message from revision a but
 692includes the log message from revision b.  Also, revision ranges that
 693cross branch points should now work.
 694
 695* zlib has been updated to version 1.4.  There is a security advisory
 696out in regards to 1.3.  This should fix that problem.
 697
 698* The "log" and "rlog" commands now have a -S option to suppress the
 699header information when no revisions are selected.
 700
 701* A serious error that allowed read-only users to tag files has been
 702corrected.
 703
 704* The "annotate" command will no longer annotate binary files unless
 705you specify the new -F option.
 706
 707* The "tag" and "rtag" commands will no longer move or delete branch
 708tags unless you use the new -B option.  (This prevents accidental
 709changes to branch tags that are hard to undo.)
 710
 711* We've standardized on the 1.5 Automake release for the moment.  Again, this
 712should only really affect developers.  See the section of the INSTALL file
 713about using the autotools if you are compiling CVS yourself.
 714
 715Changes from 1.11.1 to 1.11.1p1:
 716
 717* Read only access was broken - now fixed.
 718
 719Changes from 1.11 to 1.11.1:
 720
 721* There was a locking bug in the tag/rtag code that could lose changes
 722made to a file while the tag operation was in progress.  This has been
 723fixed, but all of the directories being tagged are now locked for the
 724entire duration of the tag operation rather than only one directory at a
 725time.
 726
 727* The "cvs diff" command now accepts the -y/--side=by-side and -T/
 728--initial-tab options.  (To use these options with a remote repository,
 729both the client and the server must support them.)
 730
 731* The expansion of the loginfo format string has changed slightly. 
 732Previously, the expansion was surrounded by single quotes ('); if a file
 733name contained a single quote character, the string would not be parsed
 734as a single entity by the Unix shell (and it would not be possible to
 735parse it unambiguously).  Now the expansion is surrounded by double
 736quotes (") and any embedded dollar signs ($), backticks (`), backslashes
 737(\), and double quotes are preceded by a backslash.  This is parsed as a
 738single entity by the shell reguardless of content.  This change should
 739not be noticable unless you're not using a Unix shell or you have
 740embedded the format string inside a double quoted string.
 741
 742* There was a bug in the diff code which sometimes caused conflicts to
 743be flagged which shouldn't have been.  This has been fixed.
 744
 745* New "cvs rlog" and "cvs rannotate" commands have been added to get log
 746messages and annotations without having to have a checked-out copy.
 747
 748* Exclusive revision ranges have been added to "cvs log" using ::
 749(similar to "cvs admin -o").
 750
 751* The VMS client now accepts wildcards if you're running VMS 7.x.
 752
 753* ZLIB has been updated to version 1.1.3, the most current version.  This
 754includes mostly some optimizations and minor bug fixes.
 755
 756* The ~/.cvspass file has a slightly modified format.  CVSROOTs are now
 757stored in a new canonical form - hostnames are now case insensitive and
 758port numbers are always stored in the new format.  Until a new login for
 759a particular CVSROOT is performed with the new version of CVS, new and
 760old versions of CVS should interoperate invisibly.  After that point, an
 761extra login using the old version of CVS may be necessary to continue to
 762allow the new and old versions of CVS to interoperate using the same
 763~/.cvspass file and CVSROOT. The exception to this rule occurs when the
 764CVSROOTs used with the different versions use case insensitively
 765different hostnames, for example, "empress", and "empress.2-wit.com".
 766
 767* A password and a port number may now be specified in CVSROOT for
 768pserver connections.  The new format is:
 769
 770    :pserver:[[user][:password]@]host[:[port]]/path
 771
 772Note that passwords specified in a checkout command will be saved in the
 773clear in the CVS/Root file in each created directory, so this is not
 774recommended, except perhaps when accessing anonymous repositories or the
 775like.
 776
 777* The distribution has been converted to use Automake.  This shouldn't
 778affect most users except to ease some portability concerns, but if you
 779are building from the repository and encounter problems with the
 780makefiles, you might try running ./noautomake.sh after a fresh update
 781-AC.
 782
 783Changes from 1.10 to 1.11:
 784
 785* The "cvs update" command has a new -C option to get clean copies from
 786the repository, abandoning any local changes.
 787
 788* The new "cvs version" command gives a short version message.  If
 789the repository is remote, both the client and server versions are
 790reported.
 791
 792* "cvs admin -t" now works correctly in client/server mode.
 793
 794* The "cvs history" command output format has changed -- the date
 795now includes the year and is given is ISO 8601 format (yyyy-mm-dd).
 796Also, the new LogHistory option in CVSROOT/config can be used to
 797control what information gets recorded in the log file and code has
 798been added to record file removals.
 799
 800* The buggy PreservePermissions code has been disabled.
 801
 802* Anonymous read-only access can now be done without requiring a
 803password.  On the server side, simply give that user (presumably
 804`anonymous') an empty password in the CVSROOT/passwd file, and then
 805any received password will authenticate successfully.
 806
 807* There is a new access method :fork: which is similar to :local:
 808except that it is implemented via the CVS remote protocol, and thus
 809has a somewhat different set of quirks and bugs.
 810
 811* The -d command line option no longer updates the CVS/Root file.  For
 812one thing, the CVS 1.9/1.10 behavior never had updated CVS/Root in
 813subdirectories, and for another, it didn't seem that popular in
 814general.  So this change restores the CVS 1.8 behavior (which is also
 815the CVS 1.9/1.10 behavior if the environment variable
 816CVS_IGNORE_REMOTE_ROOT is set; with this change,
 817CVS_IGNORE_REMOTE_ROOT no longer has any effect).
 818
 819* It is now possible for a single CVS command to recurse into several
 820CVS roots.  This includes roots which are located on several servers,
 821or which are both remote and local.  CVS will make connections to as
 822many servers as necessary.
 823
 824* It is now possible to put the CVS lock files in a directory
 825set by the new LockDir option in CVSROOT/config.  The default
 826continues to be to put the lock files in the repository itself.
 827
 828Changes from 1.9 to 1.10:
 829
 830* A bug was discovered in the -t/-f wrapper support that can cause
 831serious data loss.  Because of this (and also the fact that it doesn't
 832work at all in client/server mode), the -t/-f wrapper code has been
 833disabled until it can be fixed.
 834
 835* There is a new feature, enabled by TopLevelAdmin in CVSROOT/config,
 836which tells CVS to modify the behavior of the "checkout" command.  The
 837command now creates a CVS directory at the top level of the new
 838working directory, in addition to CVS directories created within
 839checked-out directories.  See the Cederqvist for details.
 840
 841* There is an optional set of features, enabled by PreservePermissions
 842in CVSROOT/config, which allow CVS to store unix-specific file
 843information such as permissions, file ownership, and links.  See the
 844Cederqvist for details.
 845
 846* One can now authenticate and encrypt using the GSSAPI network
 847security interface.  For details see the Cederqvist's description of
 848specifying :gserver: in CVSROOT, and the -a global option.
 849
 850* All access to RCS files is now implemented internally rather than by
 851calling RCS programs.  The main user-visible consequence of this is
 852that there is no need to worry about making sure that CVS finds the
 853correct version of RCS.  The -b global option and the RCSBIN setting
 854in CVSROOT/config are still accepted but don't do anything.  The
 855$RCSBIN internal variable in administrative files is no longer
 856accepted.
 857
 858* There is a new syntax, "cvs admin -orev1::rev2", which collapses the
 859revisions between rev1 and rev2 without deleting rev1 or rev2
 860themselves.
 861
 862* There is a new administrative file CVSROOT/config which allows one
 863to specify miscellaneous aspects of CVS configuration.  Currently
 864supported here:
 865
 866  - SystemAuth, allows you to prevent pserver from checking for system
 867  usernames/passwords.
 868
 869For more information see the "config" section of cvs.texinfo.
 870
 871* When setting up the pserver server, one now must specify the
 872allowable CVSROOT directories in inetd.conf.  See the Password
 873authentication server section of cvs.texinfo for details.  Note that
 874this implies that everyone who is running a pserver server must edit
 875inetd.conf when upgrading their CVS.
 876
 877* The client no longer needs an external patch program (assuming both
 878the client and the server have been updated to the new version).
 879
 880* "cvs admin [options]" will now recurse.  In previous versions of
 881CVS, it was an error and one needed to specify "cvs admin [options] ."
 882to recurse.  This change brings admin in line with the other CVS
 883commands.
 884
 885* New "logout" command to remove the password for a remote cvs
 886repository from the cvspass file.
 887
 888* Read-only repository access is implemented for the
 889password-authenticated server (other access methods are just governed
 890by Unix file permissions, since they require login access to the
 891repository machine anyway).  See the "Repository" section of
 892cvs.texinfo for details, including a discussion of security issues.
 893Note that the requirement that read-only users be able to create locks
 894and write the history file still applies.
 895
 896* There is a new administrative file verifymsg which is like editinfo
 897but merely validates the message, rather than also getting it from the
 898user.  It therefore works with client/server CVS or if one uses the -m
 899or -F options to commit.  See the verifymsg section of cvs.texinfo for
 900details.
 901
 902* The %s format formerly accepted in loginfo has been extended to
 903formats such as %{sVv}, so that loginfo scripts have access to the
 904version numbers being changed.  See the Loginfo section of cvs.texinfo
 905for details.
 906
 907* The postscript documentation (doc/cvs.ps) shipped with CVS is now
 908formatted for US letter size instead of A4.  This is not because we
 909consider this size "better" than A4, but because we believe that the
 910US letter version will print better on A4 paper than the other way
 911around.
 912
 913* The "cvs export" command is now logged in the history file and there
 914is a "cvs history -x E" command to select history file entries
 915produced by export.
 916
 917* CVS no longer uses the CVS_PASSWORD environment variable.  Storing
 918passwords in cleartext in an environment variable is a security risk,
 919especially since (on BSD variants) any user on the system can display
 920any process's environment using 'ps'.  Users should use the 'cvs
 921login' command instead.
 922
 923
 924Changes from 1.8 to 1.9:
 925
 926* Windows NT client should now work on Windows 95 as well.
 927
 928* New option "--help-synonyms" prints a list of all recognized command
 929synonyms.
 930
 931* The "log" command is now implemented internally rather than via the
 932RCS "rlog" program.  The main user-visible consequence is that
 933symbolic branch names now work (for example "cvs log -rbranch1").
 934Also, the date formats accepted by -d have changed.  They previously
 935had been a bewildering variety of poorly-documented date formats.  Now
 936they are the same as the date formats accepted by the -D options to
 937the other CVS commands, which is also a (different) bewildering
 938variety of poorly-documented date formats, but at least we are
 939consistently bewildering :-).
 940
 941* Encryption is now supported over a Kerberos client/server
 942connection.  The new "-x" global option requests it.  You must
 943configure with the --enable-encryption option in order to enable
 944encryption.
 945
 946* The format of the CVS commit message has changed slightly when
 947committing changes on a branch.  The tag on which the commit is
 948ocurring is now reported correctly in all cases.
 949
 950* New flag -k in wrappers allows you to specify the keyword expansion
 951mode for added files based on their name.  For example, you can
 952specify that files whose name matches *.exe are binary by default.
 953See the Wrappers section of cvs.texinfo for more details.
 954
 955* Remote CVS with the "-z" option now uses the zlib library (included
 956with CVS) to compress all communication between the client and the
 957server, rather than invoking gzip on each file separately.  This means
 958that compression is better and there is no need for an external gzip
 959program (except to interoperate with older version of CVS).
 960
 961* The "cvs rlog" command is deprecated and running it will print a
 962warning; use the synonymous "cvs log" command instead.  It is
 963confusing for rlog to mean the same as log because some other CVS
 964commands are in pairs consisting of a plain command which operates on
 965a working directory and an "r" command which does not (diff/rdiff;
 966tag/rtag).
 967
 968* "cvs diff" has a bunch of new options, mostly long options.  Most of
 969these work only if rcsdiff and diff support them, and are named the
 970same as the corresponding options to diff.
 971
 972* The -q and -Q command options to "cvs diff" were removed (use the
 973global options instead).  This brings "cvs diff" into line with the
 974rest of the CVS commands.
 975
 976* The "annotate" command can now be used to annotate a revision other
 977than the head revision on the trunk (see the -r, -D, and -f options in
 978the annotate node of cvs.texinfo for details).
 979
 980* The "tag" command has a new option "-c" which checks that all files
 981  are not locally modified before tagging.
 982
 983* The -d command line option now overrides the cvsroot setting stored
 984in the CVS/Root file in each working directory, and specifying -d will
 985cause CVS/Root to be updated.
 986
 987* Local (non-client/server) CVS now runs on Windows NT.  See
 988windows-NT/README for details.
 989
 990* The CVSROOT variable specification has changed to support more
 991access methods.  In addition to "pserver," "server" (internal rsh
 992client), "ext" (external rsh client), "kserver" (kerberos), and
 993"local" (local filesystem access) can now be specified.  For more
 994details on each method, see cvs.texinfo (there is an index entry for
 995:local: and each of the other access methods).
 996
 997* The "login" command no longer prompts the user for username and
 998hostname, since one will have to provide that information via the `-d'
 999flag or by setting CVSROOT.
1000
1001Changes from 1.7 to 1.8:
1002
1003* New "cvs annotate" command to display the last modification for each
1004line of a file, with the revision number, user checking in the
1005modification, and date of the modification.  For more information see
1006the `annotate' node in cvs.texinfo.
1007
1008* The cvsinit shell script has been replaced by a cvs init command.
1009The cvs init command creates some example administrative files which
1010are similar to the files found in the examples directory (and copied
1011by cvsinit) in previous releases.
1012
1013* Added the patterns *.olb *.exe _$* *$ to default ignore list.
1014
1015* There is now a $USER internal variable for *info files.
1016
1017* There is no longer a separate `mkmodules' program; the functionality
1018is now built into `cvs'.  If upgrading an old repository, it is OK to
1019leave in the lines in the modules file which run mkmodules (the
1020mkmodules actions will get done twice, but that is harmless); you will
1021probably want to remove them once you are no longer using the old CVS.
1022
1023* One can now specify user variables in *info files via the
1024${=varname} syntax; there is a -s global option to set them.  See the
1025Variables node in cvs.texinfo for details.
1026
1027Changes from 1.6 to 1.7:
1028
1029* The default ignore list has changed slightly: *.obj has been added
1030and CVS* has been changed to CVS CVS.adm.
1031
1032* CVS now supports password authentication when accessing remote
1033repositories; this is useful for sites that can't use rsh (because of
1034a firewall, for example), and also don't have kerberos.  See node
1035"Password authenticated" (in "Remote repositories", in
1036doc/cvs.texinfo) for more details.  Note: This feature requires both
1037the client and server to be upgraded.
1038
1039* Using the -kb option to specify binary files now works--most cases
1040did not work before.  See the "Binary files" section of
1041doc/cvs.texinfo for details.
1042
1043* New developer communication features.  See the "Watches" section of
1044doc/cvs.texinfo for details.
1045
1046* RCS keyword "Name" supported for "cvs update -r <tag>" and "cvs
1047checkout -r <tag>".
1048
1049* If there is a group whose name matches a compiled in value which
1050defaults to "cvsadmin", only members of that group can use "cvs
1051admin".  This replaces the CVS_NOADMIN option.
1052
1053* CVS now sets the modes of files in the repository based on the
1054CVSUMASK environment variable or a compiled in value defaulting to
1055002.  This way other developers will be able to access the files in
1056the repository regardless of the umask of the developer creating them.
1057
1058* The command names in .cvsrc now match the official name of the
1059command, not the one (possibly an alias) by which it was invoked.  If
1060you had previously relied on "cvs di" and "cvs diff" using different
1061options, instead use a shell function or alias (for example "alias
1062cvsdi='cvs diff -u'").  You also can specify global CVS options (like
1063"-z") using the command name "cvs".
1064
1065Changes from 1.5 to 1.6:
1066
1067* Del updated the man page to include all of the new features
1068of CVS 1.6.
1069
1070* "cvs tag" now supports a "-r | -D" option for tagging an already
1071tagged revision / specific revision of a file.
1072
1073* There is a "taginfo" file in CVSROOT that supports filtering and
1074recording of tag operations.
1075
1076* Long options support added, including --help and --version options.
1077
1078* "cvs release" no longer cares whether or not the directory being
1079released has an entry in the `modules' file.
1080
1081* The modules file now takes a -e option which is used instead of -o
1082for "cvs export".  If your modules file has a -o option which you want
1083to be used for "cvs export", change it to specify -e as well as -o.
1084
1085* "cvs export" now takes a -k option to set RCS keyword expansion.
1086This way you can export binary files.  If you want the old behavior,
1087you need to specify -kv.
1088
1089* "cvs update", "cvs rdiff", "cvs checkout", "cvs import", "cvs
1090release", "cvs rtag", and "cvs tag" used to take -q and -Q options
1091after the command name (e.g. "cvs update -q").  This was confusing
1092because other commands, such as "cvs ci", did not.  So the options
1093after the command name have been removed and you must now specify, for
1094example, "cvs -q update", which has been supported since CVS 1.3.
1095
1096* New "wrappers" feature.  This allows you to set a hook which
1097transforms files on their way in and out of cvs (apparently on the
1098NeXT there is some particular usefulness in tarring things up in the
1099repository).  It also allows you to declare files as merge-by-copy
1100which means that instead of trying to merge the file, CVS will merely
1101copy the new version.  There is a CVSROOT/cvswrappers file and an
1102optionsl ~/.cvswrappers file to support this feature.
1103
1104* You can set CVSROOT to user@host:dir, not just host:dir, if your
1105username on the server host is different than on the client host.
1106
1107* VISUAL is accepted as well as EDITOR.
1108
1109* $CVSROOT is expanded in *info files.
1110
1111Changes from 1.4A2 to 1.5:
1112
1113* Remote implementation.  This is very helpful when collaborating on a
1114project with someone across a wide-area network.  This release can
1115also be used locally, like other CVS versions, if you have no need for
1116remote access.
1117
1118Here are some of the features of the remote implementation:
1119- It uses reliable transport protocols (TCP/IP) for remote repository
1120  access, not NFS.  NFS is unusable over long distances (and sometimes
1121  over short distances)
1122- It transfers only those files that have changed in the repository or
1123  the working directory.  To save transmission time, it will transfer
1124  patches when appropriate, and can compress data for transmission.
1125- The server never holds CVS locks while waiting for a reply from the client;
1126  this makes the system robust when used over flaky networks.
1127
1128The remote features are documented in doc/cvsclient.texi in the CVS
1129distribution, but the main doc file, cvs.texinfo, has not yet been
1130updated to include the remote features.
1131
1132* Death support.  See src/README-rm-add for more information on this.
1133
1134* Many speedups, especially from jtc@cygnus.com.
1135
1136* CVS 1.2 compatibility code has been removed as a speedup.  If you
1137have working directories checked out by CVS 1.2, CVS 1.3 or 1.4A2 will
1138try to convert them, but CVS 1.5 and later will not (if the working
1139directory is up to date and contains no extraneous files, you can just
1140remove it, and then check out a new working directory).  Likewise if
1141your repository contains a CVSROOT.adm directory instead of a CVSROOT
1142directory, you need to rename it.
1143
1144Fri Oct 21 20:58:54 1994  Brian Berliner  <berliner@sun.com>
1145
1146	* Changes between CVS 1.3 and CVS 1.4 Alpha-2
1147
1148	* A new program, "cvsbug", is provided to let you send bug reports
1149	directly to the CVS maintainers.  Please use it instead of sending
1150	mail to the info-cvs mailing list.  If your build fails, you may
1151	have to invoke "cvsbug" directly from the "src" directory as
1152	"src/cvsbug.sh".
1153
1154	* A new User's Guide and Tutorial, written by Per Cederqvist
1155	<ceder@signum.se> of Signum Support.  See the "doc" directory.  A
1156	PostScript version is included as "doc/cvs.ps".
1157
1158	* The Frequesntly Asked Questions file, FAQ, has been added to the
1159	release.  Unfortunately, its contents are likely out-of-date.
1160
1161	* The "cvsinit" shell script is now installed in the $prefix/bin
1162	directory like the other programs.  You can now create new
1163	CVS repositories with great ease.
1164
1165	* Index: lines are now printed on output from 'diff' and 'rdiff',
1166	in order to facilitate application of patches to multiple subdirs.
1167
1168	* Support for a ~/.cvsrc file, which allows you to specify options
1169	that are always supposed to be given to a specific command.  This
1170	feature shows the non-orthogonality of the option set, since while
1171	there may be an option to turn something on, the option to turn
1172	that same thing off may not exist.
1173
1174	* You can now list subdirectories that you wish to ignore in a
1175	modules listing, such as:
1176
1177		gcc  -a gnu/gcc, !gnu/gcc/testsuites
1178
1179	which will check out everything underneath gnu/gcc, except
1180	everything underneath gnu/gcc/testsuites.
1181
1182	* It is now much harder to accidentally overwrite an existing tag
1183	name, since attempting to move a tag name will result in a error,
1184	unless the -F (forc…

Large files files are truncated, but you can click here to view the full file