From: Dave Miller <justdave@bugzilla.org>
Date: Tue, 3 Sep 2024 11:18:29 +0000 (-0400)
Subject: Bug 1786717: Release notes for Bugzilla 5.2 (#138)
X-Git-Tag: bugzilla-5.2~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=909319a6ea4fde711c6b64c0f3f04ce0322fb890;p=thirdparty%2Fbugzilla.git

Bug 1786717: Release notes for Bugzilla 5.2 (#138)
---

diff --git a/template/en/default/pages/release-notes.html.tmpl b/template/en/default/pages/release-notes.html.tmpl
index e8b46ff87..f94cfc180 100644
--- a/template/en/default/pages/release-notes.html.tmpl
+++ b/template/en/default/pages/release-notes.html.tmpl
@@ -6,7 +6,7 @@
   # defined by the Mozilla Public License, v. 2.0.
   #%]
 
-[% SET title = "Bugzilla 5.0 Release Notes" %]
+[% SET title = "Bugzilla 5.2 Release Notes" %]
 [% INCLUDE global/header.html.tmpl
   title = title
   bodyclasses = ['narrow_page']
@@ -16,7 +16,7 @@
 
 <ul class="bz_toc">
   <li><a href="#introduction">Introduction</a></li>
-  <li><a href="#point">Updates in this 5.0.x Release</a></li>
+  <li><a href="#point">Updates since 5.0.4</a></li>
   <li><a href="#req">Minimum Requirements</a></li>
   <li><a href="#feat">New Features and Improvements</a></li>
   <li><a href="#issues">Outstanding Issues</a></li>
@@ -29,9 +29,27 @@
 
 <h2 id="introduction">Introduction</h2>
 
-<p>Welcome to Bugzilla 5.0! It has been slightly over two years since we released
-  Bugzilla 4.4 in May of 2013. This new major release comes with many new features
-  and improvements to WebServices and performance.</p>
+<p>Welcome to [% terms.Bugzilla %] 5.2! This is kind of a weird release to explain. Back in
+early 2019, versions 5.0.5 and 5.0.6 were released for the 5.0.x branch,
+however, these releases contained invasive database schema and code
+reformatting changes that technically should not have been allowed to land on a
+stable branch. Some people noticed this, and never upgraded from 5.0.4 since
+5.0.5 and 5.0.6 did not contain any security fixes. To fix this situation, 5.2
+is picking up where 5.0.6 left off, since 5.0.5 technically should have been
+5.2. Those still on 5.0.4 can upgrade to 5.0.4.1 if they're not ready to go a
+full version release yet.</p>
+
+<p><strong>NOTE:</strong> Because of the above situation, version 5.1.x
+(development release) is actually NEWER code than 5.2, and you cannot "upgrade"
+to 5.2 from 5.1.x. The 5.1.x series has been retroactively renamed to
+5.3.x.</p>
+
+<p>[% terms.Bugzilla %] is making an attempt to be 100% accessible. We're not
+there yet. We have made accessibilty improvements but we're quite sure that
+we've missed a lot. If you find any accessibility issues such as fields missing
+labels, poor contrast, or things that don't play well with screen readers,
+please file a new [% terms.bug %] which blocks our
+<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=bugzilla-section508">Section 508 Compliance [% terms.bug %]</a>.</p>
 
 <p>If you're upgrading, make sure to read
   <a href="https://bugzilla.readthedocs.org/en/latest/installing/upgrading.html">
@@ -41,150 +59,24 @@
   your version and this one, <strong>particularly the Upgrading section of each
   version's release notes</strong>.</p>
 
-<h2 id="point">Updates in this 5.0.x Release</h2>
+<h2 id="point">Updates in this 5.2.x Release</h2>
 
-<h3>5.0.6</h3>
-<p>This release contains a schema change to the flagtypes table, allowing for many more flagtypes.</p>.
-<p>The flagtypes table should have been using a mediumint for several releases, but due to [% terms.abug %] in the schema migration code this never happened.</p>
-
-<h3>5.0.5</h3>
-
-<p>This release reformats the code according to the same conventions as the popular Mojolicious product and includes a <code>.perltidyrc</code> to do the same.
-You may use whatever coding style you want, but all files commited to the repo must be reformatted according to those rules.</p>
-
-<p>Additionally, we no longer follow the same release process as before. Releases will be more frequent.</p>
-
-<p>As it is now 2019, the bugs_fulltext table is now InnoDB instead of MyISAM. This may cause upgrade headaches.</p>
-
-<h3>5.0.4</h3>
-
-<p>This release fixes one security issue. See the
-  <a href="https://www.bugzilla.org/security/4.4.12/">Security Advisory</a>
-  for details.</p>
-
-<p>This release also contains the following [% terms.bug %] fixes:</p>
-
-<ul>
-  <li><kbd>checksetup.pl</kbd> would fail to update Chart storage during pre-3.6 to 5.0 upgrade.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1273846">[% terms.Bug %] 1273846</a>)</li>
-  <li><kbd>editflagtypes.cgi</kbd> would crash when classifications are enabled and
-    the user did not have global <kbd>editcomponents</kbd> privileges.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1310728">[% terms.Bug %] 1310728</a>)</li>
-  <li>The <kbd>File::Slurp</kbd> would trigger warnings on perl 5.24.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1301887">[% terms.Bug %] 1301887</a>)</li>
-  <li>All the time entries in the 'when' column had the correct date but the time
-    was fixed to 00:00 when using Sqlite.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1303702">[% terms.Bug %] 1303702</a>)</li>
-</ul>
-
-<h3>5.0.3</h3>
-
-<p>This release fixes one security issue. See the
-  <a href="https://www.bugzilla.org/security/4.4.11/">Security Advisory</a>
-  for details.</p>
-
-<p>This release also contains the following [% terms.bug %] fixes:</p>
+<p>Future releases on this branch will contain a list of the updates since the
+last point release in this section.</p>
 
-<ul>
-  <li>A regression in Bugzilla 5.0.2 caused <kbd>whine.pl</kbd> to be unable
-    to send emails due to a missing subroutine.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1235395">[% terms.Bug %] 1235395</a>)</li>
-  <li>The <kbd>Encode</kbd> module changed the way it encodes strings, causing
-    email addresses in emails sent by [%terms.Bugzilla %] to be encoded,
-    preventing emails from being correctly delivered to recipients.
-    We now encode email headers correctly.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1246228">[% terms.Bug %] 1246228</a>)</li>
-  <li>Fix additional taint issues with Strawberry Perl.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=987742">[% terms.Bug %] 987742</a> and
-    <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1089448">[% terms.bug %] 1089448</a>)</li>
-  <li>When exporting a buglist as a CSV file, fields starting with either
-    "=", "+", "-" or "@" are preceded by a space to not trigger formula
-    execution in Excel.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1259881">[% terms.Bug %] 1259881</a>)</li>
-  <li>An extension which allows user-controlled data to be used as a link in
-    tabs could trigger XSS if the data is not correctly sanitized.
-    [%+ terms.Bugzilla %] no longer relies on the extension to do the sanity
-    check. A vanilla installation is not affected as no tab is user-controlled.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1250114">[% terms.Bug %] 1250114</a>)</li>
-  <li>Extensions can now easily override the favicon used for the
-    [%+ terms.Bugzilla %] website.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1250264">[% terms.Bug %] 1250264</a>)</li>
-</ul>
-
-<h3>5.0.2</h3>
-
-<p>This release fixes two security issues. See the
-  <a href="https://www.bugzilla.org/security/4.2.15/">Security Advisory</a>
-  for details.</p>
-
-<p>This release also contains the following [% terms.bug %] fixes:</p>
-
-<ul>
-  <li>mod_perl now works correctly with mod_access_compat turned off on
-    Apache 2.4. To regenerate the <kbd>.htaccess</kbd> files, you must first
-    delete all existing ones in subdirectories:
-    <pre>find . -mindepth 2 -name .htaccess -exec rm -f {} \;</pre>
-    You must then run <kbd>checksetup.pl</kbd> again to recreate them with
-    the correct syntax.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1223790">[% terms.Bug %] 1223790</a>)</li>
-  <li>Emails sent by [% terms.Bugzilla %] are now correctly encoded as UTF-8.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=714724">[% terms.Bug %] 714724</a>)</li>
-  <li>Strawberry Perl is now fully supported on Windows.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1089448">[% terms.Bug %] 1089448</a>
-    and <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=987742">[% terms.bug %] 987742</a>)</li>
-  <li>The XML-RPC API now works with IIS on Windows.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=708252">[% terms.Bug %] 708252</a>)</li>
-  <li>Some queries should now be faster on PostgreSQL.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1184431">[% terms.Bug %] 1184431</a>)</li>
-</ul>
-
-<h3>5.0.1</h3>
-
-<p>This release fixes one security issue. See the
-  <a href="https://www.bugzilla.org/security/4.2.14/">Security Advisory</a>
-  for details.</p>
-
-<p>This release also contains the following [% terms.bug %] fixes:</p>
-
-<ul>
-  <li>Users whose login name is not an email address could not log in on
-    installations which use LDAP to authenticate users.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1179160">[% terms.Bug %] 1179160</a>)</li>
-  <li>If a mandatory custom field was hidden, it was not possible to create
-    a new [% terms.bug %] or to edit existing ones.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1183398">[% terms.Bug %] 1183398</a>
-    and <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1196969">[% terms.bug %] 1196969</a>)</li>
-  <li>A user editing his login name to point to a non-existent email address
-    could cause Bugzilla to stop working, causing a denial of service.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1194987">[% terms.Bug %] 1194987</a>)</li>
-  <li>Emails generated during a transaction made PostgreSQL stop working.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1186700">[% terms.Bug %] 1186700</a>)</li>
-  <li>[% terms.Bugs %] containing a comment with a reference to a [% terms.bug %]
-    ID larger than 2^31 could not be displayed anymore using PostgreSQL.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1191937">[% terms.Bug %] 1191937</a>)</li>
-  <li>The date picker in the "Time Summary" page was broken.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1181649">[% terms.Bug %] 1181649</a>)</li>
-  <li>If <kbd>Test::Taint</kbd> or any other Perl module required to use the
-    JSON-RPC API was not installed or was too old, the UI to tag comments was
-    displayed anyway, you could tag comments, but tags were not persistent
-    (they were lost on page reload). Now the UI to tag comments is not displayed
-    at all until the missing Perl modules are installed and up-to-date.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1183227">[% terms.Bug %] 1183227</a>)</li>
-  <li>Custom fields of type <kbd>INTEGER</kbd> now accept negative integers.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1198659">[% terms.Bug %] 1198659</a>)</li>
-  <li>On Windows, the <kbd>checksetup.pl</kbd> installation script no longer
-    asks for a SMTP server. It can be set after the installation is complete.
-    (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1191255">[% terms.Bug %] 1191255</a>)</li>
-</ul>
+<p>Because of the weird way versions 5.0.5 and 5.0.6 were released, changes
+from those releases are included <a href="#point504">below</a> in case you're upgrading from the
+5.0.4.x branch.</p>
 
 <h2 id="req">Minimum Requirements</h2>
 
-<p>Any requirements that are new since 4.4 will look like
+<p>Any requirements that are new since 5.0 will look like
   <span class="req_new">this</span>.</p>
 
 <ul>
   <li><a href="#req_perl">Perl</a></li>
   <li><a href="#req_mysql">For MySQL Users</a></li>
+  <li><a href="#req_mariadb">For MariaDB Users</a></li>
   <li><a href="#req_pg">For PostgreSQL Users</a></li>
   <li><a href="#req_oracle">For Oracle Users</a></li>
   <li><a href="#req_sqlite">For SQLite Users</a></li>
@@ -195,7 +87,9 @@ You may use whatever coding style you want, but all files commited to the repo m
 
 <h3 id="req_perl">Perl</h3>
 
-<p>Perl <span class="req_new">v5.10.1</span></p>
+<p>Perl <span class="req_new">v5.14</span></p>
+
+[% INCLUDE db_req db='mariadb' %]
 
 [% INCLUDE db_req db='mysql' %]
 
@@ -215,7 +109,7 @@ You may use whatever coding style you want, but all files commited to the repo m
 <h3 id="req_optional_mod">Optional Perl Modules</h3>
 
 <p>The following perl modules, if installed, enable various
-  features of Bugzilla:</p>
+  features of [% terms.Bugzilla %]:</p>
 
 [% INCLUDE req_table reqs = OPTIONAL_MODULES
                      new  = ['Cache-Memcached','File-Copy-Recursive']
@@ -224,7 +118,7 @@ You may use whatever coding style you want, but all files commited to the repo m
 
 <h3 id="req_apache">Optional Apache Modules</h3>
 
-<p>If you are using Apache as your webserver, Bugzilla can
+<p>If you are using Apache as your webserver, [% terms.Bugzilla %] can
   take advantage of some Apache features if you have the below Apache
   modules installed and enabled.</p>
 
@@ -239,244 +133,149 @@ You may use whatever coding style you want, but all files commited to the repo m
   you.</p>
 
 
-<a name="v50_feat"></a>
+<a name="v52_feat"></a>
 <h2 id="feat">New Features and Improvements</h2>
 
 <ul>
-  <li><a href="#feat_webservices">Improved WebServices</a></li>
-  <li><a href="#feat_caching_performance">Improved Caching using Memcached</a></li>
-  <li><a href="#feat_comment_tags">Abililty to Tag [% terms.Bug %] Comments</a></li>
-  <li><a href="#feat_bug_groups">Improved [% terms.Bug %] Group Membership Checking</a></li>
-  <li><a href="#feat_documentation">Improved Documentation for Users and Administrators</a></li>
+  <li><a href="#feat_mobilerender">Improved Mobile Rendering</a></li>
+  <li><a href="#feat_mariadb">Explicit MariaDB Support</a></li>
+  <li><a href="#feat_mysql8">MySQL 8+ Support</a></li>
+  <li><a href="#feat_utf8mb4">Better Unicode support on MySQL and MariaDB</a></li>
+  <li><a href="#feat_docker">Demo Docker Configuration</a></li>
   <li><a href="#feat_other">Other Enhancements and Changes</a></li>
 </ul>
 
-<h3 id="feat_webservices">Improved WebServices</h3>
+<h3 id="feat_mobilerender">Improved Mobile Rendering</h3>
 
 <p>
-  This release has major improvements in the WebServices interface. One big
-  addition is a new REST-like endpoint alongside the existing XML-RPC and JSON-RPC
-  endpoints. This will allow clients to access Bugzilla data using standard HTTP
-  calls for easy development. <strong>Note:</strong> XML-RPC and JSON-RPC are
-  deprecated in favor of REST and will likely be removed in the Bugzilla 7.0 release.
-</p>
-<p>
-  Also API key support has been added so that API calls will no longer need to use
-  cookies or a user's login and password. Users can create a different API key for
-  each application and revoke API keys that have been compromised or are no longer
-  needed. The API key will simply be passed to each call as credentials.
-</p>
-<p>
-  Several methods have been added and existing ones improved to allow returning
-  data that was not available before such as <kbd>Group.get</kbd>. <kbd>B[%%]ug.search</kbd>
-  is now as full featured as the Advanced Query UI allowing for the same searches
-  to be executed. Attachment data such as flags and other metadata can now be
-  updated through the API. Other WebService changes are detailed
-  <a href="#feat_webservices_other">below</a>.
+Metadata to assist browsers in properly rendering [% terms.Bugzilla %] on mobile browsers was added. Without this metadata Google Search tools would report [% terms.Bugzilla %] pages as not suitable for mobile devices. [% terms.Bugzilla %] still needs work to actually look nice on mobile devices but this is a good start. (<a href="https://github.com/bugzilla/bugzilla/pull/78">PR #78</a>)
 </p>
 
-<h3 id="feat_caching_performance">Improved Caching using Memcached</h3>
+<h3 id="feat_mariadb">Explicit MariaDB Support</h3>
 
-<p>
-  Bugzilla now has the ability to connect to a Memcached server running either
-  locally or on the network to allow fast access to different types of data.
-  This cuts down on the amount of database hits and can improve performance. Other
-  areas have been improved as well to take advantage of caching in memory for
-  objects that are retrieved multiple times during a request such as user data, etc.
-</p>
+<p>Newer versions of MariaDB (10.6 and newer) have diverged from MySQL
+sufficiently that you can't really call it a drop-in replacement for MySQL
+anymore. We new have a 'mariadb' database driver for all versions of MariaDB.
+<code>checksetup.pl</code> will prompt you to switch to it if it detects that you are connected to a MariaDB database server.
+[%+ INCLUDE buglink id=1467006 %]</p> 
 
-<h3 id="feat_comment_tags">Ability to Tag [% terms.Bug %] Comments</h3>
+<h3 id="feat_mysql8">MySQL 8+ Support</h3>
 
-<p>
-  Users can add tags, visible to other users, to [% terms.bug %] comments. This
-  gives the users the ability to thread conversations, mark comments as spam,
-  identify important comments, etc. Users can hide comments that contain specific
-  tags if desired. The tag input field also supports autocompletion so commonly
-  used tags can be selected. Administrators can make specifically tagged comments
-  be automatically hidden from view.
-</p>
+<p>Bugzilla previously did not work on MySQL 8 or newer. Now it does.
+[%+ INCLUDE buglink id=1592129 %]</p>
 
-<h3 id="feat_bug_groups">Improved [% terms.Bug %] Group Membership Checking</h3>
+<h3 if="feat_utf8mb4">Better Unicode support on MySQL and MariaDB</h3>
 
-<p>
-  In the past, Bugzilla restricted who can view [% terms.abug %] to everyone
-  who was a member of ALL the groups the [% terms.bug %] was in. That is, the
-  groups were ANDed together. This made some access control scenarios rather
-  difficult to achieve. So now, Bugzilla defaults to (and can be switched to,
-  in existing installations) a mode where the [% terms.bug %] can be viewed by
-  everyone who is a member of ANY group the [% terms.bug %] is in. That is, the
-  groups are ORed together. This give more flexibility in the way [% terms.bugs %]
-  are made private to specific groups of users.
-</p>
-<p>
-  <strong>Note:</strong> Group memberships for [% terms.bugs %] and users are
-  not changed at all when this setting is switched. When switching from AND to
-  OR, this means that [% terms.bugs %] may be more widely viewable than previously.
-  It is the responsibility of the administrator to make sure that no [% terms.bugs %]
-  are accidentally revealed to the wrong people when changing this setting.
-</p>
+<p>The <b>utf8mb4</b> character set is now used by default on new installs making use of either MariaDB or MySQL. This should resolve many issues related to character encoding found in older versions.
+[%+ INCLUDE buglink id=1891882 %]</p>
 
-<h3 id="feat_documentation">Improved Documentation for Users and Administrators</h3>
+<h3 id="feat_docker">Demo Docker Configuration</h3>
 
-<p>
-  The standard documentation that is shipped along with the Bugzilla code has been
-  rewritten and improved using the reStructuredText format. This allows the
-  documentation to be easily hosted at sites such as ReadTheDocs.org and can
-  also be more easily converted into different formats such as HTML and PDF.
-  A new section dedicated to the new REST WebService API has also been added,
-  significantly improving on the old WebService documentation.
-</p>
+<p>[% terms.Bugzilla %] now ships with a Docker Compose configuration which
+provides an out-of-the-box [% terms.Bugzilla %] with a default configuration to
+test with. Type <code>docker compose up</code> in the root [% terms.bugzilla %]
+directory to start it up. You will be prompted on the console with how to
+connect to it once it comes up. Requires that you have Docker already
+installed. This configuration is not suitable for production use, and is just
+for playing around with it and testing it without needing to do a full
+installation.
+[%+ INCLUDE buglink id=1888068 %]</p>
 
 <h3 id="feat_other">Other Enhancements and Changes</h3>
 
 <h4>Enhancements for Users</h4>
 
 <ul>
-  <li><strong>[% terms.Bugs %]:</strong> The deadline field is now visible to users
-    not in the the <kbd>timetracking</kbd> group.</li>
-  <li><strong>[% terms.Bugs %]:</strong> There is now a "Preview" mode when
-    creating a new comment that allows you to see how the comment will look
-    before committing to the database.</li>
-  <li><strong>[% terms.Bugs %]:</strong> The reporter is now allowed to enter
-    keywords at time of [% terms.bug %] creation.</li>
-  <li><strong>[% terms.Bugs %]:</strong> "See Also" now allows spaces as well as
-    commas to delimit multiple values.</li>
-  <li><strong>[% terms.Bugs %]:</strong> Auto linkification in comments of [% terms.bug %]
-    IDs and comment IDs has been improved.</li>
-  <li><strong>[% terms.Bugs %]:</strong> [% terms.Bugs %] can now have multiple
-    aliases assigned to them. Before each [% terms.bug %] could only have a single
-    value. Also, aliases are now visible in the browser's title bar.</li>
-  <li><strong>[% terms.Bugs %]:</strong> Users can now change the flags of multiple
-    [%+ terms.bugs %] at once using the mass-edit form.</li>
-  <li><strong>Charts and Reports:</strong> UTF-8 characters are now correctly
-    displayed in "New Charts" and graphical reports.</li>
-  <li><strong>Charts and Reports:</strong> Custom multi-select fields are now
-    available as report axis options. This makes them usable for categorizing
-    [%+ terms.bugs %] in reports.</li>
-  <li><strong>Email:</strong> You can now choose to not receive any mail at all
-    about a particular [% terms.bug %], even if you continue to have a role on
-    that [% terms.bug %] (e.g. reporter).</li>
-  <li><strong>Email:</strong> When adding or removing [% terms.abug %] as a
-    dependency, the summary of the [% terms.bug %] is included in the email
-    notification.</li>
-  <li><strong>Requests:</strong> <kbd>request.cgi</kbd> can now output results in
-    CSV format.</li>
-  <li><strong>Requests:</strong><kbd> X-Bugzilla-*</kbd> headers are now included
-    in flag notification emails.</li>
-  <li><strong>Searches:</strong> Some useful searches have been added to the
-    Bugzilla home page.</li>
-  <li><strong>Searches:</strong> Quicksearch now allows for use of comparison
-    operators such as !=, >=, >, &lt;, etc., in addition to substring searches.</li>
-  <li><strong>Searches:</strong> The "Blocks" and "Depends On" values can now be
-    displayed as columns in [% terms.abug %] list.</li>
-  <li><strong>Searches:</strong> The "is empty" and "is not empty" search operators
-    have been added to the Advanced Search UI. This allows searching for null
-    and not null values for certain fields.</li>
+  <li><strong>UI:</strong> WineHQ Forum links are now accepted in the See Also field on [% terms.bugs %]. [% INCLUDE buglink id=1523814 %]</li>
+  <li><strong>Accessibility:</strong> Color contrast in the default theme was adjusted to comply with WCAG AA 2.0 recommendations. [% INCLUDE buglink id=1798166 %]</li>
+  <li><strong>Email:</strong> Emails about [% terms.bugs %] now include an <code>X-Bugzilla-ID</code> header which lists the [% terms.Bug %] ID, for potential use in filtering. [% INCLUDE buglink id=1403169 %]</li>
 </ul>
 
 <h4>Enhancements for Administrators and Developers</h4>
 
 <ul>
-  <li><strong>Administration:</strong> There are now <kbd>INTEGER</kbd> and
-    <kbd>DATE</kbd> custom field types.</li>
-  <li><strong>Administration:</strong> Filenames used to store product data for
-    "Old Charts" are now based on product IDs to avoid data loss when changing
-    product names.</li>
-  <li><strong>Administration:</strong> JavaScript and CSS files are now minified
-    and concatenated to improve page load performance. When changes are made,
-    <kbd>checksetup.pl</kbd> should be run to regenerate the combined files.</li>
-  <li><strong>[% terms.Bugs %]:</strong> Bugzilla now keeps track of the last
-    time each user visited (that is, loaded the show_bug page in a web browser)
-    each [% terms.bug %]. This could be useful for dashboards or API clients.</li>
-  <li><strong>Database:</strong> Text that contained unicode
-    supplementary characters (outside BMP) was cut off when using MySQL as backend.
-    This has been fixed to prevent data loss.</li>
-  <li><strong>Database:</strong> SSL connections are now possible when using
-    MySQL as backend.</li>
-  <li><strong>Database:</strong> For version 8.x of PostgreSQL, <kbd>plpgsql</kbd>
-    was not always installed by default and <kbd>checksetup.pl</kbd> would
-    generate an error. This has been fixed.</li>
-  <li><strong>Development:</strong> Bugzilla is now HTML5 compliant. As a
-    consequence, Internet Explorer 6 and 7 are no longer supported.</li>
-  <li><strong>Email:</strong> Email generation originally was done before the
-    jobqueue job was inserted. This is now delayed and done by
-    <kbd>jobqueue.pl</kbd> right before sending the email which can improve
-    responsiveness when processing [% terms.bug %] changes.</li>
-  <li><strong>Email:</strong> When a site administrator creates a new user, an
-    email is sent to the user.</li>
-  <li><strong>Email:</strong> For dependency email notifications, the header
-    <kbd>X-B[%%]ugzilla-Type: dep_changed</kbd> is set.</li>
-  <li><strong>Email:</strong> <kbd>whine.pl</kbd> emails now use
-    <kbd>DEFAULT_COLUMN_LIST</kbd> (the same default columns seen in the buglist
-    page) instead of hard coded column list.</li>
-  <li><strong>Security:</strong> Support for increased values for
-    <kbd>PASSWORD_SALT_LENGTH</kbd> without breaking compatibility with old
-    hashes.</li>
+  <li><strong>Database:</strong> <strong>UTF8 data encoding is now
+    enforced.</strong> Older version of [% terms.Bugzilla %] made the
+    conversion of older data to UTF8 optional. Converting your existing data to
+    UTF8 is now mandatory. Your data will be converted when you run
+    <kbd>checksetup.pl</kbd>. If you are not already encoding your data in UTF8
+    you may want to verify that it will correctly convert on a backup copy of
+    your database before upgrading.</li>
+  <li><strong>Database:</strong>If you are using MySQL, the majority of the
+    database tables will also be converted to the InnoDB storage engine. This
+    makes searching more efficent and allows for real referential
+    integrity.</li>
+  <li><strong>Installation:</strong> [% terms.Bugzilla %] now supports
+    Email::MIME version 1.949 and newer, which previously would crash
+    [%+ terms.Bugzilla %] when it tried to send email.
+    [%+ INCLUDE buglink id=1657496 %]</li>
+  <li><strong>Installation:</strong> The <code>testserver.pl</code> script will
+    now work with self-signed SSL certificates if you pass the
+    <code>--self-signed</code> option on the command line. [% INCLUDE buglink id=1851398 %]</li>
+  <li><strong>Installation:</strong> An foreign key error when upgrading from
+    versions prior to 3.0 to 5.0.6 or newer was fixed. [% INCLUDE buglink id=1902375 %]</li>
 </ul>
 
 <h4 id="feat_webservices_other">WebService Changes</h4>
 
 <ul>
-  <li><kbd>B[%%]ug.search</kbd> now allows for full search functionality
-    similar to what is possible using the Advanced Query UI.</li>
-  <li>Basic support for eTag headers has been added to all WebServices
-    to allow for better network performance.</li>
-  <li>Administrators can now change a parameter that filters all email
-    addresses returned in WebService calls similar to filtering that
-    happens in the web UI.</li>
-  <li>WebService calls now support use of API keys for authentication.
-    Usernames and passwords remain supported.</li>
-  <li>Invalid or expired authentication cookies and tokens now throw
-    errors instead of being silently ignored. <kbd>User.valid_login</kbd>
-    can be used to determine if they are still valid or not.</li>
-  <li>WebService calls that are used to create and update [% terms.bugs %]
-    and attachments now support setting and updating of flags.</li>
-  <li><kbd>B[%%]ug.update_attachment</kbd> can update an attachment's
-    metadata as well as its flags.</li>
-  <li>The <kbd>product</kbd> parameter for <kbd>B[%%]ug.possible_duplicates</kbd>
-    has been renamed to <kbd>products</kbd>.</li>
-  <li>Some compatibility fields included in returned data that were marked
-    to be removed in this release are now gone.</li>
-  <li><kbd>Group.get</kbd> has been added to get information about a group and
-    its members.</li>
-  <li><kbd>FlagType.get</kbd> has been added to get information about valid
-    flag types for a given product and component.</li>
-  <li>The deprecated <kbd>B[%%]ug.get_bugs</kbd>, <kbd>B[%%]ug.get_history</kbd>
-    and <kbd>Product.get_products</kbd> methods are no longer supported.
-    They have been renamed to <kbd>B[%%]ug.get</kbd>, <kbd>B[%%]ug.history</kbd>
-    and <kbd>Product.get</kbd> respectively.</li>
+  <li><strong>Group.get</strong> method is now properly marked as Read Only. [% INCLUDE buglink id=1584477 %]</li>
+</ul>
+
+<h4 id="code_changes">Code Changes Which May Affect Customizations and Extensions</h4>
+
+<ul>
+  <li>The Bugzilla::DB object now has a qi attribute which returns a special
+    hashref that can be used inside double-quoted strings to quote database
+    identifiers.<br>
+    <code>
+  my $q = Bugzilla-&gt;dbh-&gt;qi;
+  Bugzilla-&gt;dbh-&gt;do("SELECT COUNT(*) FROM $q-&gt;{groups}");
+    </code><br>
+    [% INCLUDE buglink id=1592129 %]
+  </li>
+  <li>[% terms.Bugzilla %] now uses Email::Address::XS instead of Email::Address for managing email address parsing. If you made use of Email::Address directly you should update to use Email::Address::XS instead. [% INCLUDE buglink id=1853138 %]</li>
 </ul>
 
-<h2 id="code_changes">Code Changes Which May Affect Customizations and Extensions</h2>
+<h3 id="point504">Changes since Version 5.0.4</h3>
+
+<p>Because of the weird way we branched to fix the 5.0.5 numbering problem, the
+changes from 5.0.5 and 5.0.6 are included here in case you're upgrading from
+the 5.0.4.x branch.</p>
+
+<h3>5.0.6</h3>
 
 <ul>
-  <li>Support for CVS, Bonsai and LXR has been removed entirely when viewing
-    attachments. This means that the <kbd>cvsroot</kbd>, <kbd>cvsroot_get</kbd>,
-    <kbd>bonsai_url</kbd>, <kbd>lxr_url</kbd> and <kbd>lxr_root</kbd> parameters
-    are all gone, as well as <kbd>cvsbin</kbd> from the <kbd>localconfig</kbd>
-    file.</li>
-  <li>The <kbd>docs_urlbase</kbd> parameter has been removed. If documentation
-    has not been compiled locally, the "Help" links and other documentation links
-    will redirect to <a href="https://bugzilla.readthedocs.org">bugzilla.readthedocs.org</a>
-    automatically.</li>
-  <li>The <kbd>mostfreqthreshold</kbd> parameter has also been removed.</li>
-  <li>All extensions which define new public WebService methods must list them
-    in a <kbd>PUBLIC_METHODS</kbd> constant. Methods which are not listed there
-    will not be accessible remotely.</li>
-  <li><kbd>JSON::XS</kbd> is now used instead of <kbd>Data::Dumper</kbd> for
-    storage on configuration values in <kbd>data/params</kbd>. This should
-    improve performance when loading the file.</li>
-  <li>A new test has been added to check for reserved words in SQL schema.</li>
-  <li><kbd>Pod::Coverage</kbd> is now used to ensure subroutines are documented.</li>
-  <li>Bugzilla code now uses <kbd>use parent</kbd> instead of <kbd>use base</kbd>
-    in all places applicable.</li>
-  <li>A new hook called <kbd>cgi_headers</kbd> has been added to allow
-    customization of the HTTP headers returned.</li>
-  <li>A new hook called <kbd>user_check_account_creation</kbd> has been added
-    to add extra checks before accepting the creation of a new user account.</li>
+<li><strong>Adminstration:</strong> It is now possible to create more than 255
+flags (up to 65535) [% INCLUDE buglink id=1526703 %]</li>
 </ul>
 
-[% INCLUDE global/footer.html.tmpl %]
+<h3>5.0.5</h3>
+
+<ul>
+<li><strong>User Interface:</strong> Email addresses with apostrophes (yes,
+that's legal) no longer break the "Send Mail to [% terms.Bug %] Assignees"
+button on [% terms.bug %] lists. [% INCLUDE buglink id=1226123 %]</li>
+<li><strong>Installation/Upgrading:</strong> If using MySQL, the
+<code>bugs_fulltext</code> table is now InnoDB instead of MyISAM. This may
+cause your upgrade to take a while. [% INCLUDE buglink id=981487 %]</li>
+<li><strong>Developers:</strong> This release reformats the code according to
+the same conventions as the popular Mojolicious product and includes a
+<code>.perltidyrc</code> to do the same.  You may use whatever coding style you
+want, but all files commited to the repo must be reformatted according to those
+rules.</li>
+<li><strong>Developers:</strong> A new hook <code>template_after_create</code>
+was added, which can be used to manipulate the template object before it gets
+rendered. You can use this to define new Template Toolkit virtual methods or
+filters in extensions.
+(<a href="https://github.com/bugzilla/bugzilla/pull/60">PR #60</a>)</li>
+</ul>
+
+<ul>[% INCLUDE global/footer.html.tmpl %]
+
+[% BLOCK buglink %]
+(<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=[%- id FILTER html -%]">[% terms.Bug %] [%+ id FILTER html -%]</a>)
+[% END %]
 
 [% BLOCK db_req %]
   [% SET m = DB_MODULE.$db %]
@@ -487,9 +286,16 @@ You may use whatever coding style you want, but all files commited to the repo m
        [%+ '<span class="req_new">' IF db_new %]v[% m.db_version FILTER html %]
        [% '</span>' IF db_new %]
        </li>
+    [% IF m.db_blklst_str %]
+    <li><strong>but not versions:</strong> [% m.db_blklst_str FILTER html %]</li>
+    [% END %]
     <li><strong>perl module:</strong>
       [%+ m.dbd.module FILTER html %]
-      [%+ '<span class="req_new">' IF dbd_new %]v[% m.dbd.version FILTER html %]
+      [%+ '<span class="req_new">' IF dbd_new %]
+        [% SWITCH m.dbd.version -%]
+        [%   CASE '' %]any version
+        [%   CASE DEFAULT %]v[% m.dbd.version FILTER html %]
+        [% END %]
       [% '</span>' IF dbd_new %]</li>
   </ul>
 [% END %]