allocPSA 1.9.0 includes 2 changes, 10 bug fixes, and a few improvements for encouraging new contributors.
Changelog for 1.9.0:
Security:
* Replace vulnerable 'phpass' lib with builtin PHP password library. See
CVE-2013-2173, CVE-2014-9016, CVE-2014-9034 and
https://www.openwall.com/phpass/
Changes:
* Change the default action to save when you press enter on the edit person
page - 22745
* Hidden comment text is now only shown/hidden when you press a link to show or
hide it. Previously you could click anywhere on a comment and it would
show/hide, causing frustration if you tried to select text.
General Bug Fixes:
* Fix duplication of comments received via email - 5373809e
* Fix for apache2 segfault with PHP 7.3 - 33407
* Fix client URLs pointing to the alloc instance if they didn't have a URL
scheme - 25059
* Fix duplicate entries in the RSS feed - 25025
* Fix RSS not reporting the project nickname - 25062
* Fix non-human readable sort order for the percent column in task lists -
25171
* Fix broken buttons in transactions table - 25038
* Fix traceback when pressing 'delete transactions' - bed0eb35
Fix Potential Bugs:
* Fix already defined/out of scope variables in zz_allox.js
Improvements For Developers:
* Reformat zz_alloc.js with esformatter for consistency
* Write a Dockerfile for easy development with docker
* Reformat all allocPSA PHP to follow the PSR-2 guide lines as close as is
possible at this time. This make the codebase easier to read because the
style is consistent. PHP libraries in the codebase were not changed
* Write a DEVELOPERS.md file to help new contributors