On Fri, Aug 15, 2014 at 12:49 AM, Robert Kowalski <r...@kowalski.gd> wrote: > I might be wrong, I think that according to semver this would raise the > version number to 1.7 , http://semver.org/ says: "Given a version number > MAJOR.MINOR.PATCH, increment the: [...] MINOR version when you add > functionality in a backwards-compatible manner."
>From commit message: https://github.com/apache/couchdb/commit/3bcf664b2f46750bf64bf970da07f9b133f98047 > Add Experimental Content-Security-Policy-Support (CSP) for Fauxton > >Like every web application, Fauxton is vulnerable against XSS and > CSP is a technology that tries to help against that. > >The patch makes it possible to enable CSP for the /_utils path and > allows configuration of the sent header. > > The default setting for the value of the header breaks the old > Futon, when CSP is enabled there. The old Futon has alot of > inline-JavaScript which is not allowed in the setting I have > chosen as default. So while this is an experimental feature made for another experimental feature, it's still a new feature which brings a new functionality which is able to break behavior of existed one (Futon). Minor version bump is required. How about move it for 1.7 release? -- ,,,^..^,,,
