That's right! It's finally here, delayed by the site redesign and a week's worth of work to make sure you and your customers are more secure. We're excited about this release and are knocking on wood with our fingers crossed (it kind of hurts) while we hope that this represents the final release candidate. TR pointed out before how we'll never get to a 1.0 if the code base is a moving target, and I agree. We're looking to let the code mellow and fix any remaining bugs that pop up and move on with development. Exciting stuff. Please review the information below carefully if you're using the credit card payment method on your site right now. Furthermore, don't forget to make a back-up of your current site and run update.php after you bring on the RC5! If you need to, you can reference our updating FAQ. (On a side note, Lyle fixed the statistics page that shows our installation count. It needs to be cleaned up, with alphas, betas, and release candidate versions grouped together, but it's fun to see that total climbing. )
From the release notes on drupal.org: This version brings with it the many bug fixes and UI improvements reported and/or patched by community users and core developers since the April 23rd RC 4 release. It also contains a clean-up and simplification of the reporting features such that version information is now all that gets reported to Ubercart.org when enabled, and a full preview of the data sent is now shown. A functional bug that has been fixed involves sweeping changes to credit card settings and processing. This means any site accepting credit card payments should update carefully, making sure to setup the Ubercart encryption and to ensure the new settings don't disrupt your current checkout process. If at all possible, you should demo the update on a development site before rolling the change into your production site so you are the most comfortable with the new settings. The changes were made to address the fact that it was difficult for store owners in the past to ensure their checkout process was fully PCI compliant. As of this release, if you're accepting credit card payments through the Ubercart checkout form over HTTPS, you will be fully compliant and most secure with the default settings. Read through this post to get the full scoop on the changes. I will be updating the documentation to reflect the changes as soon as possible.
I just updated to rc5, but the Update Status module seems to think that 5.x-1.0-rc4 is newer, and want's me to update to it. I guess the versioning database on the drupal main site hasn't been updated yet?
Odd... I'd just ignore it. For me, it says RC 5 is the recommended version but does mention RC 4 as a security release. Maybe you're seeing that? Otherwise, it might be you have more than one copy of Ubercart in your modules directory.
First congratulations on the new release and on the new direction towards bugfixes only. That's a hard thing to do but obviously important at some point. Then the question becomes - port to 6.x first? New features on 5.x-2.x branch? My "vote" would be to port to 6.x first and create a 6.x-2.x branch where crazy new features can happen. But obviously it's a complex decision.
The release problem is probably an infamous bug related to releases: update(_status) results stale for up to 6 hours. If it's still a problem after a few days then that's a concern, but if it looks ok now then I'd blame it on that problem.
The Ubercart team is awesome. Congrats to all the people who got us to this point.
I am waiting until 1.0 to ugrade the site. I can't wait.
Thank you to everyone who has contributed!
Tutus for Toddlers
@greggles - Agreed on the upgrade path... we want to change as little as possible porting from 5.x to 6.x, the only exception being to lose a couple of dependencies instead of spending time trying to port them to/maintain them on 6.
does ubercart still store the CVV security code? That was my concern regarding PCI compliance. Even encrypted you are not allowed to store the CVV code.
Correct. Ubercart no longer stores the CVV (unless you're in a specific debug mode which has warnings beside it).