Conversation
17-2-release-notes-draft
Deploying openproject with ⚡ PullPreview
|
|
@ulferts @NobodysNightmare @HDinger @mrmir could you please review your respective parts of the release notes? or the whole thing if you feel like it of course. |
NobodysNightmare
left a comment
NobodysNightmare
left a comment
There was a problem hiding this comment.
I left some feedback on MCP and other adjacent changes, most of the time including a proposal of my own. I also added one comment not related to one of my changes, giving feedback on how one can read it wrong.
|
|
||
| For more details, please refer to the [Meetings documentation](../../user-guide/meetings/one-time-meetings/). | ||
|
|
||
| ### Increased security for external links (Enterprise add-on) |
There was a problem hiding this comment.
Red flag when reading this:
Increased security [is an] Enterprise add-on
I think it's a fair limitation for the feature in question, but it could be misread as "if you really want to have a secure product, you have to pay".
Maybe Oliver or Klaus can refresh my memory on how the login actually improves the security here, but I think the intent was to make sure that users are aware that they receive an email generated by OpenProject that directs them to an external destination. The login requirement probably makes spamming links less effective, because only logged in users will see them, but not search engines / anonymous users? (I am not entirely sure about the attack vector here)
There was a problem hiding this comment.
It is not so much a question about the attack vector directly but about the value of a server that sends out emails. Without the feature, there is value in using the server to send out mails to a lot of people (that don't have to be users). With the feature, the value decreases as only members can be targeted.
For phishing and spamming that can make a lot of difference. With the feature, spammers might be less encouraged to use an OpenProject instance for this purpose. Of course, with the feature only being available on Enterprise, somebody could still set up their own instance to use it for the purpose. But that is quite a lot of work for that goal. So it protects instances not controlled by a spammer.
HDinger
left a comment
HDinger
left a comment
There was a problem hiding this comment.
Lgtm 👍 I just have some minor remarks
Co-authored-by: Jan Sandbrink <j.sandbrink@openproject.com> Co-authored-by: Henriette Darge <h.darge@openproject.com>
|
|
||
| [feature: mcp_server ] | ||
|
|
||
| OpenProject 17.2 introduces the **MCP Server**, a new Enterprise add-on that lays the foundation for robust integrations between OpenProject and systems that use the Model Context Protocol (MCP), such as large language models or automation tools. This server exposes OpenProject’s APIv3 resources as MCP-compatible endpoints and enables secure, authenticated access for clients such as large language models or other MCP clients, opening the door to richer contextual interactions with your project data. |
There was a problem hiding this comment.
I would:
- Add the abbreviation (LLMs) behind 'large language models' as this is what more people know.
- Mention AI in this first paragraph. The integration between OP and an AI is where the value is in for the users.
|
|
||
| [feature: meeting_templates ] | ||
|
|
||
| Preparing meetings often involves recreating the same agenda structure again and again. With OpenProject 17.2, administrators can now define reusable meeting templates that provide a predefined agenda layout for their teams. These templates help ensure that important discussion points are consistently covered and that project meetings follow a clear, standardized structure. |
There was a problem hiding this comment.
To me it would help to even more highlight the idea behind this:
Even if the meeting is not necessarily a recurring one (but it might reoccur - just not regularly), it helps to propose a structure for meetings that can be reused. That way, best practices can find their way into meetings where a lot of people spend a lot of time.
|
|
||
| For more details, please refer to the [Meetings documentation](../../user-guide/meetings/one-time-meetings/). | ||
|
|
||
| ### Increased security for external links (Enterprise add-on) |
There was a problem hiding this comment.
It is not so much a question about the attack vector directly but about the value of a server that sends out emails. Without the feature, there is value in using the server to send out mails to a lot of people (that don't have to be users). With the feature, the value decreases as only members can be targeted.
For phishing and spamming that can make a lot of difference. With the feature, spammers might be less encouraged to use an OpenProject instance for this purpose. Of course, with the feature only being available on Enterprise, somebody could still set up their own instance to use it for the purpose. But that is quite a lot of work for that goal. So it protects instances not controlled by a spammer.
|
|
||
| #### Updated Overview widget for Budgets | ||
|
|
||
| Project, program, and portfolio managers can now see key financial indicators at a glance. New budget widgets displays planned budget, actual costs, spent ratio, and remaining budget, along with visual breakdowns by cost type and recent monthly actuals. Data is automatically aggregated across subprojects where applicable, giving stakeholders a consolidated financial snapshot without leaving the Overview page. |
There was a problem hiding this comment.
"New budget widgets displays" - this should read "New budget widgets display"
|
|
||
| Project, program, and portfolio managers can now see key financial indicators at a glance. New budget widgets displays planned budget, actual costs, spent ratio, and remaining budget, along with visual breakdowns by cost type and recent monthly actuals. Data is automatically aggregated across subprojects where applicable, giving stakeholders a consolidated financial snapshot without leaving the Overview page. | ||
|
|
||
| These widgets helps teams better understand financial status and trends directly within their project context. Keep in mind that both the Budgets and Time & Costs modules need to be enabled for the widget to work. |
There was a problem hiding this comment.
"These widgets helps" -> "These widgets help"
|
|
||
| Project, program, and portfolio managers can now see key financial indicators at a glance. New budget widgets displays planned budget, actual costs, spent ratio, and remaining budget, along with visual breakdowns by cost type and recent monthly actuals. Data is automatically aggregated across subprojects where applicable, giving stakeholders a consolidated financial snapshot without leaving the Overview page. | ||
|
|
||
| These widgets helps teams better understand financial status and trends directly within their project context. Keep in mind that both the Budgets and Time & Costs modules need to be enabled for the widget to work. |
There was a problem hiding this comment.
" enabled for the widget to work". Is it one widget or multiple. I am confused.
|
|
||
| #### Editable project description and project status widgets on a Project view tab | ||
|
|
||
| The project description and project status widgets on the Overview tab are now editable inline. Based on your feedback, we’ve streamlined the experience so authorized users can update content directly where they view it, without switching to another tab. |
There was a problem hiding this comment.
"view it, without" (extra white space)
|
|
||
| OpenProject 17.2 introduces optional comment fields for project attributes, giving portfolio and project managers additional context behind selected values. Administrators can now enable a dedicated comment field for individual project attributes. This allows users to document the reasoning, assumptions, or background information related to a specific attribute value directly where it is maintained. | ||
|
|
||
| Comments are displayed and edited alongside the respective attribute on the Project overview page and follow the same permission logic as the attribute itself. Changes are tracked in the project activity, included in exports, and available via the API. By adding structured context to project metadata, this enhancement improves transparency and supports better governance and decision-making across projects and teams. |
|
|
||
| ### PDF export improvements | ||
|
|
||
| OpenProject 17.2 enhances PDF exports to provide more complete and reliable reporting. |
There was a problem hiding this comment.
"more complete" sounds weird. Maybe "exhaustive" or "thorough"?
5 participants
17-2-release-notes-draft
Ticket
What are you trying to accomplish?
Screenshots
What approach did you choose and why?
Merge checklist