We deliver updates and improvements to Hub on a continuous basis. Here's an overview of changes that are available in Hub 2018.2.
|Per-user Password Change Requests|
A new action on the user profile lets an administrator request that users change the password for their Hub accounts. Use this feature to keep your installation secure when you believe that a user account may have been compromised.
|Built-in TLS Support|
Hub installation packages now provide out-of-the-box support for secure connections over TLS. Upload your server certificate during installation or upgrade and encrypt data in transit without setting up a reverse proxy.
This authentication module lets you configure Hub as a SAML service provider. This lets users log in to Hub and the services that are connected to it with credentials from a third-party SAML identity provider.
|Throttling by Login|
The IP-based throttling feature has been replaced with the option to apply rate limits to failed login attempts per login. When used together with a reCAPTCHA challenge, this feature protects your installation from brute-force attacks without blocking users who have simply forgotten their passwords.
|Personal Data Management|
Updates and Enhancements
|Updated Permission Scheme|
We've made minor adjustments that reduce the total number of permissions that restrict access to operations in Hub. New permissions allow restricted access to user accounts and projects.
|Project Overview Enhancements|
Project Overview pages now show widgets and README files on separate tabs. This means that you can view widgets without scrolling to the bottom of the page.
|Groups and Teams|
New views on the Groups page show you a list of project teams and a mixed mode that shows both groups and teams. We also added an action on this page that lets you merge a group into a team. Use this operation to eliminate group assignments that duplicate permissions that are granted to a project team.
Create a role that is similar but not identical to an existing role with just a few clicks. Use this action to create a new role with a set of permissions that is identical to an existing role, then add or remove permissions as desired.
|Common Settings for Auth Modules|
All authentication-related settings have moved from the System Settings page to a new Common Settings page for all authentication modules. This page also contains configuration options for the new login-based throttling feature and the input fields for connecting to Google reCAPTCHA.
|Attribute Configuration for SAML Service Providers|
When using Hub as a SAML identity provider, you now have the option to specify the attributes that the SAML service provider uses to store the user login, full name, and email address.
|Custom Login Message|
Whether you use the User Agreement feature to track the acceptance of an information notice or not, you now have the ability to add a custom message to your login page. Use this feature to provide links to legal documents that describe how you manage personal data that is stored in Hub.
Removed in Version
Throttling by IP Address
The option to apply rate limits to failed authentication requests based on IP address has been removed from the Hub auth module. In the 2018.2 release, this feature is replaced with the option to apply rate limits per login across all authentication modules. For more information, see Throttling by Login Settings.