explicitly mentioned; a version number like 1.1 implicitly includes
all 1.1.x versions.
-* 2.0 -> 2.1
+If you install from .deb files then much of this work is automated.
+
+* 4.x -> 5.0
+
+** Web Confirmation Strings
+
+The syntax of confirmation strings for online registrations has changed and old
+ones no longer work. This only affects users who registered before the upgrade
+but have not yet confirmed their login. You can delete such half-created users
+with 'disorder deluser USERNAME' (as an administrative user, for instance as
+root on the server) and they can start the registration process again.
+
+** Handling Of Configuration Changes
+
+There is a new mechanism to ensure that the search database and aliases are
+reconstructed if any options that affect them change. Unfortunately this means
+that the reconstruction step always takes place on upgrade from 4.3 or earlier,
+as those versions don't record sufficient information for the server to tell
+whether it needs to reconstruct or not.
+
+The result will be a log message of the form:
+
+new database parameter string dbparams-0-sha256:61609f3e6395ec8dee317ee216fe2848d70c249d347dd03c6a219441a13dd456 - removing old data
+
+...and a slower rescan on startup. Subsequent restarts should not have this
+problem (unless of course you change a relevant option).
+
+** Deprecation Notices
+
+The player --wait-for-device option is deprecated and will be removed in a
+future version.
+
+The 'lock' option no longer does anything. You must delete it from any
+configuration files that contain it. The full set of deprecated options is:
+ allow
+ gap
+ lock
+ prefsync
+ restrict
+ trust
+
+* 3.0 -> 4.x
+
+If you customized any of the templates, you will pretty much have to start from
+scratch as the web interface has been rewritten. See disorder.cgi(8) for a
+starting point.
+
+The 'gap' directive will no longer work. You must delete it from any
+configuration files that contain it.
+
+You may prefer to remove any 'smtp_server' directive you have, as the web
+interface will now use the local sendmail executable if available.
+
+If you want to be able to do use management over non-local connections (thereby
+potentially exposing passwords!) you must set 'remote_userman' to 'yes'.
+
+* 2.0 -> 3.0
** Authentication
'default_rights' directive.
'allow', 'restrict' and 'trust' will stop working entirely in a future version
-but for now they will generate harmless error messages.
+but for now they will generate harmless error messages. Remove them and the
+error messages will go away.
+
+See README for new setup instructions for the web interface.
+
+** Other Server Configuration
+
+Sensible defaults for 'stopword', 'player' and 'tracklength' are now built into
+the server. If you haven't modified the values from the example or Debian
+configuration files then you can remove them.
+
+'gap' now defaults to 0 seconds instead of 2.
+
+The sound output API is now configured with the 'api' command although
+'speaker_backend' still works. If you use 'api alsa' then you may need to
+change your 'mixer' and 'channel' settings.
** Web Interface
The web interface no longer uses HTTP basic authentication and the web server
configuration imposing access control on it should be removed. Users now log
in using their main DisOrder password and the one in the htpassed file is now
-obsolete.
+obsolete. You should revisit the web interface setup instructions in README
+from scratch.
+
+As part of this, the DisOrder URL has changed from (e.g.)
+
+ http://yourserver/cgi-bin/disorder/disorder
+
+to just
+
+ http://yourserver/cgi-bin/disorder
+
+** Checklist
+
+ * delete default 'stopword', 'player' and 'tracklength' directives
+ * set 'gap' if you want a non-0 inter-track gap
+ * set 'api' and maybe 'mixer' and 'channel'
+ * perhaps add 'default_rights' directive
+ * delete 'allow', 'restrict' and 'trust' directives after first run
+ * follow new web interface setup in README
* 1.4/1.5 -> 2.0
~mdw / disorder / blobdiff