changelog

priviledge -> privilege

Fixes #3697

The existing code and test case only covered the leader behavior. When
querying against non-leaders the error has an "rpc error: " prefix.

To provide consistency in HTTP error response I also strip the "rpc
error: " prefix for 403 responses as they offer no beneficial additional
information (and in theory disclose a tiny bit of data to unauthorized
users, but it would be a pretty weird bit of data to use in a malicious
way).

It was never really implemented to begin with

There was a bug in jobspec parsing, a bug in CheckRestart merging, and a
bug in CheckRestart canonicalization. All are now tested.

Fixes #3702

Added missing chown call and made it conditional on running as root and
not on Windows as we do with files.

Priviledge -> privilege

Fixes #3701

Relevant spec section:
https://fetch.spec.whatwg.org/#concept-request-credentials-mode

Mentions min CPU limit change in backward incompatibilities section.

code review fixups; add changelog

Fixes #3620

Previously we concatenated tags into task service IDs. This could break
deregistration of tag names that contained double //s like some Fabio
tags.

This change breaks service ID backward compatibility so on upgrade all
users services and checks will be removed and re-added with new IDs.

This change has the side effect of including all service fields in the
ID's hash, so we no longer have to track PortLabel and AddressMode
changes independently.