1. 21 Jan, 2009 1 commit
  2. 16 Jan, 2009 1 commit
  3. 08 Jan, 2009 1 commit
  4. 22 Dec, 2008 1 commit
  5. 05 Dec, 2008 2 commits
  6. 25 Nov, 2008 1 commit
  7. 23 Nov, 2008 1 commit
  8. 20 Nov, 2008 1 commit
  9. 11 Nov, 2008 1 commit
  10. 02 Nov, 2008 1 commit
  11. 19 Oct, 2008 1 commit
  12. 12 Oct, 2008 1 commit
  13. 09 Oct, 2008 2 commits
  14. 01 Oct, 2008 1 commit
  15. 27 Sep, 2008 2 commits
  16. 19 Sep, 2008 1 commit
  17. 25 Aug, 2008 1 commit
  18. 21 Aug, 2008 1 commit
  19. 16 Aug, 2008 1 commit
  20. 03 Aug, 2008 1 commit
  21. 17 Jul, 2008 1 commit
  22. 16 Jul, 2008 1 commit
  23. 05 Jul, 2008 1 commit
    • Dries's avatar
      - Patch #261882 by catch: the beginning of some more install profiles. · 00593022
      Dries authored
        The "expert" will be a minimalistic profile for developers.  This opens
        the doors to add more things to the default profile and/or to create
        additional install profiles for core. It also helps set an example for
        more install profiles in the contributed modules repository.
      00593022
  24. 03 Jul, 2008 1 commit
  25. 20 May, 2008 1 commit
  26. 15 May, 2008 1 commit
  27. 07 May, 2008 1 commit
  28. 06 May, 2008 1 commit
  29. 22 Apr, 2008 1 commit
  30. 20 Apr, 2008 2 commits
    • Dries's avatar
      - Added a test framework to Drupal along with a first batch of tests for · af474609
      Dries authored
        Drupal core!  This is an important milestone for the project so enable
        the module and check it out ... :)
      
        Thanks to Rok Žlender, Károly Négyesi, Jimmy Berry, Kevin Bridges, Charlie
        Gordon, Douglas Hubler, Miglius Alaburda, Andy Kirkham, Dimitri13, Kieran
        Lal, Moshe Weitzman, and the many other people that helped with testing
        over the past years and that drove this home.
      
        It all works but it is still rough around the edges (i.e. documentation
        is still being written, the coding style is not 100% yet, a number of
        tests still fail) but we spent the entire weekend working on it in Paris
        and made a ton of progress.  The best way to help and to get up to speed,
        is to start writing and contributing some tests ... as well as fixing
        some of the failures.
      
        For those willing to help with improving the test framework, here are
        some next steps and issues to resolve:
      
          - How to best approach unit tests and mock functions?
          - How to test drupal_mail() and drupal_http_request()?
          - How to improve the admin UI so we have a nice progress bar?
          - How best to do code coverage?
          - See http://g.d.o/node/10099 for more ...
      af474609
    • Dries's avatar
  31. 16 Apr, 2008 1 commit
  32. 08 Apr, 2008 1 commit
    • Dries's avatar
      - Patch #228594 by catch et al: removed access rule functionality from core. · 08aa2322
      Dries authored
        The access rules capability of user module has been stripped down to a
        simple method for blocking IP addresses. E-mail and username restrictions
        are now available in a contributed module. IP address range blocking is
        no longer supported and should be done at the server level.
      
        This patch is partly motiviated by the fact that at the usability testing,
        it frequently came up that users went to "access rules" when trying to
        configure their site settings.
      08aa2322
  33. 31 Mar, 2008 1 commit
    • Dries's avatar
      - Patch #29706 by pwolanin, solardiz, et al: more secure password hashing. · ed59911f
      Dries authored
        This is a big and important patch for Drupal's security.  We are switching
        to much stronger password hashes that are also compatible with the Portable
        PHP password hashing framework.
      
        The new password hashes defeat a number of attacks, including:
      
        - The ability to try candidate passwords against multiple hashes at once.
        - The ability to use pre-hashed lists of candidate passwords.
        - The ability to determine whether two users have the same (or different)
          password without actually having to guess one of the passwords.
      
        Also implemented a pluggable password hashing API (similar to how an alternate
        cache mechanism can be used) to allow developers to readily substitute an
        alternative hashing and authentication scheme.
      
        Thanks all!
      ed59911f
  34. 17 Mar, 2008 1 commit
  35. 11 Mar, 2008 1 commit
  36. 20 Feb, 2008 1 commit