Buildbot

Highlights
----------

- Worker to Master protocol can now be encrypted via TLS.

Bug fixes
---------

- To avoid database corruption, the ``upgrade-master`` command now ignores all
signals except ``SIGKILL``. It cannot be interrupted with ``ctrl-c``
(:issue:`4600`).
- Fixed incorrect tracking of latent worker states that could sometimes result
in duplicate ``stop_instance`` calls and so on.
- Fixed a race condition that could manifest in cancelled substantiations if
builds were created during insubstantiation of a latent worker.
- Perforce CLI Rev. 2018.2/1751184 (2019/01/21) is now supported
(:issue:`4574`).
- Fix encoding issues with Forcescheduler parameters error management code.

Improved Documentation
----------------------

- fix grammar mistakes and use Uppercase B for Buildbot

Features
--------

- :py:class:`~buildbot-worker.buildbot_worker.bot.Worker` now have
`connection_string` kw-argument which can be used to connect to a master
over TLS.
- Adding 'expand_logs' option for LogPreview related settings.
- Force schedulers buttons are now sorted by their name. (:issue:`4619`)
- :bb:cfg:`workers` now have a new ``defaultProperties`` parameter.

Deprecations and Removals
-------------------------

- Removed support for Python 2.7 in the buildbot master code.
Buildbot worker remains compatible with python2.7, and interoperability tests are run continuously.
- APIs that are not documented in the official Buildbot documentation have been
made private. Users of these undocumented APIs are encouraged to file bugs to
get them exposed.
- Removed support of old slave APIs from pre-0.9 days. Using old APIs may fail
silently. To avoid weird errors when upgrading a Buildbot installation that
may use old APIs, first upgrade to to 1.8.0 and make sure there are no
deprecated API warnings.
- Remove deprecated default value handling of the ``keypair_name`` and
``security_name`` attributes of ``EC2LatentWorker``.
- Support for ``Hyper.sh`` containers cloud provider has been removed as this
service has shutdown.

Bug fixes
---------

- Fix CRLF injection vulnerability with validating user provided redirect parameters (https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code)
Thanks to ``mik317`` and ``mariadb`` for reporting it.

- Fix lockup during master shutdown when there's a build with unanswered ping
from the worker and the TCP connection to worker is severed (issue:`4575`).
- Fix RemoteUserAuth.maybeAutLogin consumes bytes object as str leading to
TypeError during JSON serialization. (:issue:`4402`)
- Various database integrity problems were fixed. Most notably, it is now
possible to delete old changes without wiping all "child" changes in cascade
(:issue:`4539`, :pull:`4536`).
- The GitLab change hook secret is now rendered correctly. (:issue:`4118`).

Features
--------

- Identifiers can now contain UTF-8 characters which are not ASCII. This
includes worker names, builder names, and step names.

Bug fixes
---------

- Fix vulnerability in OAuth where user-submitted authorization token was used for authentication
(https://github.com/buildbot/buildbot/wiki/OAuth-vulnerability-in-using-submitted-authorization-token-for-authentication). Thanks to Phillip Kuhrt for reporting it.

Bug fixes
---------

- Fix CRLF injection vulnerability with validating user provided redirect parameters (https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code)
Thanks to ``mik317`` and ``mariadb`` for reporting it.

Bug fixes
---------

- Fix a regression present in v1.7.0 which caused buildrequests waiting for a
lock that got released by an unrelated build not be scheduled (:issue:`4491`)
- Don't run builds that request an instance with incompatible properties on
Docker, Marathon and OpenStack latent workers.
- Gitpoller now fetches only branches that are known to exist on remote.
Non-existing branches are quietly ignored.
- The demo repo in sample configuration files and the tutorial is now fetched
via ``https:`` instead of ``git:`` to make life easier for those behind
firewalls and/or using proxies.
- `buildbot sendchange` has been fixed on Python 3 (:issue:`4138`)

Features
--------

- Add a :py:class:`~buildbot.worker.kubernetes.KubeLatentWorker` to launch
workers into a kubernetes cluster
- Simplify/automate configuration of worker as Windows service - eliminate
manual configuration of Log on as a service

Deprecations and Removals
-------------------------

- The deprecated ``BuildMaster.addBuildset`` method has been removed. Use
``BuildMaster.data.updates.addBuildset`` instead.
- The deprecated ``BuildMaster.addChange`` method has been removed. Use
``BuildMaster.data.updates.addChange`` instead.
- ``buildbot`` package now requires Twisted versions >= 17.9.0. This is
required for Python 3 support. Earlier versions of Twisted are not supported.