RedHatTraining/pyramid.git

Chris McDonough

2015-04-15 3fa1b7412139be9247c84b7393c6b15690408dfe

commit \| author \| age
3fa1b7	1	1.4.7 (2015-04-14)
CM	2	==================
	3
	4	- The JSONP renderer created JavaScript code in such a way that a callback
	5	variable could be used to arbitrarily inject javascript into the response
	6	object. https://github.com/Pylons/pyramid/pull/1626
	7
01138a	8	1.4.6 (2014-05-31)
MM	9	==================
c5ccaf	10
DH	11	Bug Fixes
	12	---------
01138a	13
55560c	14	- Allow ``config.add_route_predicate`` and ``config.add_view_predicate`` to
MM	15	accept an importable dotted-string for the ``factory`` argument.
	16
c5ccaf	17	- Fix an exception in ``package_name()`` when resolving the package
DH	18	name for namespace packages.
	19
28f6e9	20	1.4.5 (2013-08-30)
MJ	21	==================
0cc839	22
c455ea	23	Bug Fixes
CM	24	---------
	25
595034	26	- The ``alchemy`` scaffold would break when the database was MySQL during
CM	27	tables creation. See https://github.com/Pylons/pyramid/pull/1049. Backport
	28	from master.
	29
c455ea	30	- It was not possible to use ``pyramid.httpexceptions.HTTPException`` as
CM	31	the ``context`` of an exception view as very general catchall for
	32	http-related exceptions when you wanted that exception view to override the
	33	default exception view. See https://github.com/Pylons/pyramid/issues/985.
	34	Backport from master.
	35
0cc839	36	- When the ``pyramid.reload_templates`` setting was true, and a Chameleon
CM	37	template was reloaded, and the renderer specification named a macro
	38	(e.g. ``foo#macroname.pt``), renderings of the template after the template
	39	was reloaded due to a file change would produce the entire template body
	40	instead of just a rendering of the macro. See
c455ea	41	https://github.com/Pylons/pyramid/issues/1013. Backport from master.
0cc839	42
ae6135	43	- Fixed a Mako renderer bug returning a tuple with a previous defname value
BL	44	in some circumstances. See https://github.com/Pylons/pyramid/issues/1037 for
	45	more information. Backport from master.
	46
6aabdd	47	- Make ``pserve.cherrypy_server_runner`` Python 3 compatible. See
TL	48	https://github.com/Pylons/pyramid/issues/718. Backport from master.
	49
e20c7c	50	1.4.4 (2013-08-27)
CM	51	==================
458095	52
CM	53	Bug Fixes
	54	---------
	55
	56	- Fix an obscure problem when combining a virtual root with a route with a
	57	``*traverse`` in its pattern. Now the traversal path generated in
	58	such a configuration will be correct, instead of an element missing
	59	a leading slash.
	60
0a842c	61	1.4.3 (2013-07-18)
CM	62	==================
	63
	64	Bug Fixes
	65	---------
b54f6d	66
CM	67	- ``pyramid.testing.DummyResource`` didn't define ``__bool__``, so code under
0cc839	68	Python 3 would use ``__len__`` to find truthiness; this usually caused an
9c2424	69	instance of DummyResource to be "falsy" instead of "truthy". See
CM	70	https://github.com/Pylons/pyramid/pull/1032
b54f6d	71
e63bda	72	1.4.2 (2013-05-21)
CM	73	==================
	74
	75	Bug Fixes
	76	---------
bdc928	77
bcecb6	78	- ``mako_templating``: added defensive workaround for non-importability of
CM	79	``mako`` due to upstream ``markupsafe`` dropping Python 3.2 support. Mako
	80	templating will no longer work under the combination of MarkupSafe 0.17 and
	81	Python 3.2 (although the combination of MarkupSafe 0.17 and Python 3.3 or any
	82	supported Python 2 version will work OK).
bdc928	83
8ebdc0	84	- Make the ``pyramid.config.assets.PackageOverrides`` object implement the API
TS	85	for ``__loader__`` objects specified in PEP 302. Proxies to the
	86	``__loader__`` set by the importer, if present; otherwise, raises
	87	``NotImplementedError``. This makes Pyramid static view overrides work
	88	properly under Python 3.3 (previously they would not). See
	89	https://github.com/Pylons/pyramid/pull/1015 for more information.
	90
17d80b	91	1.4.1 (2013-04-23)
39695d	92	==================
MM	93
	94	Bug Fixes
	95	---------
	96
	97	- Spaces and dots may now be in mako renderer template paths. This was
	98	broken when support for the new makodef syntax was added in 1.4a1.
	99	See https://github.com/Pylons/pyramid/issues/950
	100
f89644	101	- ``pyramid.debug_authorization=true`` will now correctly print out
MM	102	``Allowed`` for views registered with ``NO_PERMISSION_REQUIRED`` instead
	103	of invoking the ``permits`` method of the authorization policy.
	104	See https://github.com/Pylons/pyramid/issues/954
	105
0f1f51	106	- Pyramid failed to install on some systems due to being packaged with
MM	107	some test files containing higher order characters in their names. These
	108	files have now been removed. See
	109	https://github.com/Pylons/pyramid/issues/981
	110
96ab9f	111	1.4 (2012-12-18)
CM	112	================
758fa2	113
CM	114	Docs
	115	----
	116
	117	- Fix functional tests in the ZODB tutorial
	118
e609e1	119	1.4b3 (2012-12-10)
CM	120	==================
	121
	122	- Packaging release only, no code changes. 1.4b2 was a brownbag release due to
	123	missing directories in the tarball.
	124
a7e0e6	125	1.4b2 (2012-12-10)
CM	126	==================
	127
	128	Docs
	129	----
	130
	131	- Scaffolding is now PEP-8 compliant (at least for a brief shining moment).
	132
	133	- Tutorial improvements.
ed1419	134
MM	135	Backwards Incompatibilities
	136	---------------------------
	137
	138	- Modified the ``_depth`` argument to ``pyramid.view.view_config`` to accept
	139	a value relative to the invocation of ``view_config`` itself. Thus, when it
	140	was previously expecting a value of ``1`` or greater, to reflect that
	141	the caller of ``view_config`` is 1 stack frame away from ``venusian.attach``,
	142	this implementation detail is now hidden.
	143
a078e1	144	- Modified the ``_backframes`` argument to ``pyramid.util.action_method`` in a
CM	145	similar way to the changes described to ``_depth`` above. This argument
	146	remains undocumented, but might be used in the wild by some insane person.
	147
1608b2	148	1.4b1 (2012-11-21)
CM	149	==================
0ccdc2	150
71cd93	151	Features
CM	152	--------
	153
	154	- Small microspeed enhancement which anticipates that a
	155	``pyramid.response.Response`` object is likely to be returned from a view.
	156	Some code is shortcut if the class of the object returned by a view is this
	157	class. A similar microoptimization was done to
	158	``pyramid.request.Request.is_response``.
	159
9132f6	160	- Make it possible to use variable arguments on ``p*`` commands (``pserve``,
CM	161	``pshell``, ``pviews``, etc) in the form ``a=1 b=2`` so you can fill in
	162	values in parameterized ``.ini`` file, e.g. ``pshell etc/development.ini
6ba0fc	163	http_port=8080``. See https://github.com/Pylons/pyramid/pull/714
9132f6	164
f700d3	165	- A somewhat advanced and obscure feature of Pyramid event handlers is their
CM	166	ability to handle "multi-interface" notifications. These notifications have
	167	traditionally presented multiple objects to the subscriber callable. For
	168	instance, if an event was sent by code like this::
28fc3d	169
CM	170	registry.notify(event, context)
	171
	172	In the past, in order to catch such an event, you were obligated to write and
	173	register an event subscriber that mentioned both the event and the context in
	174	its argument list::
	175
	176	@subscriber([SomeEvent, SomeContextType])
f700d3	177	def asubscriber(event, context):
28fc3d	178	pass
CM	179
f700d3	180	In many subscriber callables registered this way, it was common for the logic
CM	181	in the subscriber callable to completely ignore the second and following
	182	arguments (e.g. ``context`` in the above example might be ignored), because
	183	they usually existed as attributes of the event anyway. You could usually
a3810e	184	get the same value by doing ``event.context`` or similar.
f700d3	185
CM	186	The fact that you needed to put an extra argument which you usually ignored
	187	in the subscriber callable body was only a minor annoyance until we added
a3810e	188	"subscriber predicates", used to narrow the set of circumstances under which
CM	189	a subscriber will be executed, in a prior 1.4 alpha release. Once those were
	190	added, the annoyance was escalated, because subscriber predicates needed to
	191	accept the same argument list and arity as the subscriber callables that they
	192	were configured against. So, for example, if you had these two subscriber
	193	registrations in your code::
28fc3d	194
CM	195	@subscriber([SomeEvent, SomeContextType])
f700d3	196	def asubscriber(event, context):
CM	197	pass
	198
	199	@subscriber(SomeOtherEvent)
	200	def asubscriber(event):
	201	pass
ae6135	202
f700d3	203	And you wanted to use a subscriber predicate::
CM	204
	205	@subscriber([SomeEvent, SomeContextType], mypredicate=True)
a3810e	206	def asubscriber1(event, context):
f700d3	207	pass
CM	208
	209	@subscriber(SomeOtherEvent, mypredicate=True)
a3810e	210	def asubscriber2(event):
f700d3	211	pass
CM	212
a3810e	213	If an existing ``mypredicate`` subscriber predicate had been written in such
CM	214	a way that it accepted only one argument in its ``__call__``, you could not
	215	use it against a subscription which named more than one interface in its
	216	subscriber interface list. Similarly, if you had written a subscriber
	217	predicate that accepted two arguments, you couldn't use it against a
	218	registration that named only a single interface type.
	219
	220	For example, if you created this predicate::
f700d3	221
CM	222	class MyPredicate(object):
	223	# portions elided...
	224	def __call__(self, event):
	225	return self.val == event.context.foo
	226
a3810e	227	It would not work against a multi-interface-registered subscription, so in
CM	228	the above example, when you attempted to use it against ``asubscriber1``, it
	229	would fail at runtime with a TypeError, claiming something was attempting to
	230	call it with too many arguments.
f700d3	231
a3810e	232	To hack around this limitation, you were obligated to design the
CM	233	``mypredicate`` predicate to expect to receive in its ``__call__`` either a
	234	single ``event`` argument (a SomeOtherEvent object) or a pair of arguments
	235	(a SomeEvent object and a SomeContextType object), presumably by doing
	236	something like this::
f700d3	237
CM	238	class MyPredicate(object):
	239	# portions elided...
	240	def __call__(self, event, context=None):
	241	return self.val == event.context.foo
	242
	243	This was confusing and bad.
	244
	245	In order to allow people to ignore unused arguments to subscriber callables
	246	and to normalize the relationship between event subscribers and subscriber
	247	predicates, we now allow both subscribers and subscriber predicates to accept
	248	only a single ``event`` argument even if they've been subscribed for
	249	notifications that involve multiple interfaces. Subscribers and subscriber
	250	predicates that accept only one argument will receive the first object passed
	251	to ``notify``; this is typically (but not always) the event object. The
	252	other objects involved in the subscription lookup will be discarded. You can
	253	now write an event subscriber that accepts only ``event`` even if it
	254	subscribes to multiple interfaces::
	255
	256	@subscriber([SomeEvent, SomeContextType])
	257	def asubscriber(event):
28fc3d	258	# this will work!
CM	259
f700d3	260	This prevents you from needing to match the subscriber callable parameters to
CM	261	the subscription type unnecessarily, especially when you don't make use of
	262	any argument in your subscribers except for the event object itself.
	263
	264	Note, however, that if the event object is not the first
	265	object in the call to ``notify``, you'll run into trouble. For example, if
	266	notify is called with the context argument first::
28fc3d	267
CM	268	registry.notify(context, event)
	269
f700d3	270	You won't be able to take advantage of the event-only feature. It will
CM	271	"work", but the object received by your event handler won't be the event
	272	object, it will be the context object, which won't be very useful::
28fc3d	273
CM	274	@subscriber([SomeContextType, SomeEvent])
f700d3	275	def asubscriber(event):
ae6135	276	# bzzt! you'll be getting the context here as ``event``, and it'll
28fc3d	277	# be useless
CM	278
	279	Existing multiple-argument subscribers continue to work without issue, so you
	280	should continue use those if your system notifies using multiple interfaces
	281	and the first interface is not the event interface. For example::
	282
	283	@subscriber([SomeContextType, SomeEvent])
f700d3	284	def asubscriber(context, event):
28fc3d	285	# this will still work!
CM	286
	287	The event-only feature makes it possible to use a subscriber predicate that
	288	accepts only a request argument within both multiple-interface subscriber
f700d3	289	registrations and single-interface subscriber registrations. You needn't
CM	290	make slightly different variations of predicates depending on the
	291	subscription type arguments. Instead, just write all your subscriber
	292	predicates so they only accept ``event`` in their ``__call__`` and they'll be
	293	useful across all registrations for subscriptions that use an event as their
	294	first argument, even ones which accept more than just ``event``.
28fc3d	295
f700d3	296	However, the same caveat applies to predicates as to subscriber callables: if
CM	297	you're subscribing to a multi-interface event, and the first interface is not
	298	the event interface, the predicate won't work properly. In such a case,
	299	you'll need to match the predicate ``__call__`` argument ordering and
	300	composition to the ordering of the interfaces. For example, if the
	301	registration for the subscription uses ``[SomeContext, SomeEvent]``, you'll
	302	need to reflect that in the ordering of the parameters of the predicate's
	303	``__call__`` method::
28fc3d	304
CM	305	def __call__(self, context, event):
	306	return event.request.path.startswith(self.val)
	307
f700d3	308	tl;dr: 1) When using multi-interface subscriptions, always use the event type
CM	309	as the first subscription registration argument and 2) When 1 is true, use
	310	only ``event`` in your subscriber and subscriber predicate parameter lists,
	311	no matter how many interfaces the subscriber is notified with. This
	312	combination will result in the maximum amount of reusability of subscriber
	313	predicates and the least amount of thought on your part. Drink responsibly.
28fc3d	314
0ccdc2	315	Bug Fixes
CM	316	---------
	317
	318	- A failure when trying to locate the attribute ``__text__`` on route and view
	319	predicates existed when the ``debug_routematch`` setting was true or when the
	320	``pviews`` command was used. See https://github.com/Pylons/pyramid/pull/727
	321
b5e444	322	Documentation
CM	323	-------------
	324
	325	- Sync up tutorial source files with the files that are rendered by the
	326	scaffold that each uses.
	327
948068	328	1.4a4 (2012-11-14)
CM	329	==================
c7337b	330
CM	331	Features
	332	--------
	333
19b820	334	- ``pyramid.authentication.AuthTktAuthenticationPolicy`` has been updated to
MM	335	support newer hashing algorithms such as ``sha512``. Existing applications
39ef68	336	should consider updating if possible for improved security over the default
CM	337	md5 hashing.
19b820	338
c7337b	339	- Added an ``effective_principals`` route and view predicate.
CM	340
07c9ee	341	- Do not allow the userid returned from the ``authenticated_userid`` or the
CM	342	userid that is one of the list of principals returned by
	343	``effective_principals`` to be either of the strings ``system.Everyone`` or
	344	``system.Authenticated`` when any of the built-in authorization policies that
	345	live in ``pyramid.authentication`` are in use. These two strings are
	346	reserved for internal usage by Pyramid and they will not be accepted as valid
	347	userids.
	348
ca4656	349	- Slightly better debug logging from
MM	350	``pyramid.authentication.RepozeWho1AuthenticationPolicy``.
47146e	351
39ef68	352	- ``pyramid.security.view_execution_permitted`` used to return ``True`` if no
926fb6	353	view could be found. It now raises a ``TypeError`` exception in that case, as
CM	354	it doesn't make sense to assert that a nonexistent view is
	355	execution-permitted. See https://github.com/Pylons/pyramid/issues/299.
cb745b	356
a8d71c	357	- Allow a ``_depth`` argument to ``pyramid.view.view_config``, which will
CM	358	permit limited composition reuse of the decorator by other software that
	359	wants to provide custom decorators that are much like view_config.
	360
170124	361	- Allow an iterable of decorators to be passed to
MM	362	``pyramid.config.Configurator.add_view``. This allows views to be wrapped
	363	by more than one decorator without requiring combining the decorators
	364	yourself.
	365
a007a4	366	Bug Fixes
CM	367	---------
	368
	369	- In the past if a renderer returned ``None``, the body of the resulting
	370	response would be set explicitly to the empty string. Instead, now, the body
	371	is left unchanged, which allows the renderer to set a body itself by using
	372	e.g. ``request.response.body = b'foo'``. The body set by the renderer will
	373	be unmolested on the way out. See
	374	https://github.com/Pylons/pyramid/issues/709
	375
34d4cd	376	- In uncommon cases, the ``pyramid_excview_tween_factory`` might have
CM	377	inadvertently raised a ``KeyError`` looking for ``request_iface`` as an
	378	attribute of the request. It no longer fails in this case. See
	379	https://github.com/Pylons/pyramid/issues/700
048754	380
267dbd	381	- Be more tolerant of potential error conditions in ``match_param`` and
CM	382	``physical_path`` predicate implementations; instead of raising an exception,
	383	return False.
	384
39ef68	385	- ``pyramid.view.render_view`` was not functioning properly under Python 3.x
CM	386	due to a byte/unicode discrepancy. See
f89cfc	387	http://github.com/Pylons/pyramid/issues/721
MM	388
ca3df8	389	Deprecations
MM	390	------------
	391
39ef68	392	- ``pyramid.authentication.AuthTktAuthenticationPolicy`` will emit a warning if
CM	393	an application is using the policy without explicitly passing a ``hashalg``
	394	argument. This is because the default is "md5" which is considered
	395	theoretically subject to collision attacks. If you really want "md5" then you
	396	must specify it explicitly to get rid of the warning.
	397
	398	Documentation
	399	-------------
	400
	401	- All of the tutorials that use
	402	``pyramid.authentication.AuthTktAuthenticationPolicy`` now explicitly pass
	403	``sha512`` as a ``hashalg`` argument.
	404
ca3df8	405
66fe1d	406	Internals
CM	407	---------
	408
	409	- Move ``TopologicalSorter`` from ``pyramid.config.util`` to ``pyramid.util``,
	410	move ``CyclicDependencyError`` from ``pyramid.config.util`` to
	411	``pyramid.exceptions``, rename ``Singleton`` to ``Sentinel`` and move from
ca4656	412	``pyramid.config.util`` to ``pyramid.util``; this is in an effort to
048754	413	move that stuff that may be an API one day out of ``pyramid.config.util``,
66fe1d	414	because that package should never be imported from non-Pyramid code.
CM	415	TopologicalSorter is still not an API, but may become one.
	416
39ef68	417	- Get rid of shady monkeypatching of ``pyramid.request.Request`` and
CM	418	``pyramid.response.Response`` done within the ``__init__.py`` of Pyramid.
	419	Webob no longer relies on this being done. Instead, the ResponseClass
	420	attribute of the Pyramid Request class is assigned to the Pyramid response
	421	class; that's enough to satisfy WebOb and behave as it did before with the
	422	monkeypatching.
	423
4a6cca	424	1.4a3 (2012-10-26)
CM	425	==================
d6fb00	426
CM	427	Bug Fixes
	428	---------
	429
06a904	430	- The match_param predicate's text method was fixed to sort its values.
CM	431	Part of https://github.com/Pylons/pyramid/pull/705
	432
d6fb00	433	- 1.4a ``pyramid.scripting.prepare`` behaved differently than 1.3 series
CM	434	function of same name. In particular, if passed a request, it would not
	435	set the ``registry`` attribute of the request like 1.3 did. A symptom
	436	would be that passing a request to ``pyramid.paster.bootstrap`` (which uses
	437	the function) that did not have a ``registry`` attribute could assume that
	438	the registry would be attached to the request by Pyramid. This assumption
	439	could be made in 1.3, but not in 1.4. The assumption can now be made in
	440	1.4 too (a registry is attached to a request passed to bootstrap or
	441	prepare).
	442
66d277	443	- When registering a view configuration that named a Chameleon ZPT renderer
CM	444	with a macro name in it (e.g. ``renderer='some/template#somemacro.pt``) as
043ccd	445	well as a view configuration without a macro name in it that pointed to the
9937a4	446	same template (e.g. ``renderer='some/template.pt'``), internal caching could
66d277	447	confuse the two, and your code might have rendered one instead of the
CM	448	other.
	449
1273d5	450	Features
CM	451	--------
	452
c25a8f	453	- Allow multiple values to be specified to the ``request_param`` view/route
CM	454	predicate as a sequence. Previously only a single string value was allowed.
	455	See https://github.com/Pylons/pyramid/pull/705
	456
	457	- Comments with references to documentation sections placed in scaffold
	458	``.ini`` files.
	459
	460	- Added an HTTP Basic authentication policy
	461	at ``pyramid.authentication.BasicAuthAuthenticationPolicy``.
	462
1273d5	463	- The Configurator ``testing_securitypolicy`` method now returns the policy
CM	464	object it creates.
	465
	466	- The Configurator ``testing_securitypolicy`` method accepts two new
	467	arguments: ``remember_result`` and ``forget_result``. If supplied, these
	468	values influence the result of the policy's ``remember`` and ``forget``
	469	methods, respectively.
	470
	471	- The DummySecurityPolicy created by ``testing_securitypolicy`` now sets a
	472	``forgotten`` value on the policy (the value ``True``) when its ``forget``
	473	method is called.
	474
	475	- The DummySecurityPolicy created by ``testing_securitypolicy`` now sets a
	476	``remembered`` value on the policy, which is the value of the ``principal``
	477	argument it's called with when its ``remember`` method is called.
	478
c25a8f	479	- New ``physical_path`` view predicate. If specified, this value should be a
CM	480	string or a tuple representing the physical traversal path of the context
	481	found via traversal for this predicate to match as true. For example:
	482	``physical_path='/'`` or ``physical_path='/a/b/c'`` or ``physical_path=('',
	483	'a', 'b', 'c')``. This is not a path prefix match or a regex, it's a
	484	whole-path match. It's useful when you want to always potentially show a
	485	view when some object is traversed to, but you can't be sure about what kind
	486	of object it will be, so you can't use the ``context`` predicate. The
	487	individual path elements inbetween slash characters or in tuple elements
	488	should be the Unicode representation of the name of the resource and should
	489	not be encoded in any way.
	490
072cbf	491	1.4a2 (2012-09-27)
CM	492	==================
68c25d	493
d27bc7	494	Bug Fixes
CM	495	---------
	496
4388d3	497	- When trying to determine Mako defnames and Chameleon macro names in asset
CM	498	specifications, take into account that the filename may have a hyphen in
	499	it. See https://github.com/Pylons/pyramid/pull/692
d27bc7	500
68c25d	501	Features
CM	502	--------
	503
	504	- A new ``pyramid.session.check_csrf_token`` convenience function was added.
	505
80cd0b	506	- A ``check_csrf`` view predicate was added. For example, you can now do
CM	507	``config.add_view(someview, check_csrf=True)``. When the predicate is
	508	checked, if the ``csrf_token`` value in ``request.params`` matches the CSRF
	509	token in the request's session, the view will be permitted to execute.
	510	Otherwise, it will not be permitted to execute.
68c25d	511
098599	512	- Add ``Base.metadata.bind = engine`` to alchemy template, so that tables
CM	513	defined imperatively will work.
	514
	515	Documentation
	516	-------------
	517
	518	- update wiki2 SQLA tutorial with the changes required after inserting
	519	``Base.metadata.bind = engine`` into the alchemy scaffold.
	520
ce1e86	521	1.4a1 (2012-09-16)
CM	522	==================
f6bd88	523
a39dd2	524	Bug Fixes
CM	525	---------
	526
1794b4	527	- Forward port from 1.3 branch: When no authentication policy was configured,
CM	528	a call to ``pyramid.security.effective_principals`` would unconditionally
	529	return the empty list. This was incorrect, it should have unconditionally
	530	returned ``[Everyone]``, and now does.
8782de	531
3074e7	532	- Explicit url dispatch regexes can now contain colons.
CM	533	https://github.com/Pylons/pyramid/issues/629
	534
e65251	535	- On at least one 64-bit Ubuntu system under Python 3.2, using the
CM	536	``view_config`` decorator caused a ``RuntimeError: dictionary changed size
	537	during iteration`` exception. It no longer does. See
	538	https://github.com/Pylons/pyramid/issues/635 for more information.
	539
8b2675	540	- In Mako Templates lookup, check if the uri is already adjusted and bring
BL	541	it back to an asset spec. Normally occurs with inherited templates or
	542	included components.
	543	https://github.com/Pylons/pyramid/issues/606
	544	https://github.com/Pylons/pyramid/issues/607
	545
ae6135	546	- In Mako Templates lookup, check for absolute uri (using mako directories)
7853bc	547	when mixing up inheritance with asset specs.
BL	548	https://github.com/Pylons/pyramid/issues/662
	549
75a8ff	550	- HTTP Accept headers were not being normalized causing potentially
MM	551	conflicting view registrations to go unnoticed. Two views that only
	552	differ in the case ('text/html' vs. 'text/HTML') will now raise an error.
	553	https://github.com/Pylons/pyramid/pull/620
	554
a9289d	555	- Forward-port from 1.3 branch: when registering multiple views with an
CM	556	``accept`` predicate in a Pyramid application runing under Python 3, you
	557	might have received a ``TypeError: unorderable types: function() <
	558	function()`` exception.
	559
de797c	560	Features
CM	561	--------
a39dd2	562
d24659	563	- Configurator.add_directive now accepts arbitrary callables like partials or
CM	564	objects implementing ``__call__`` which dont have ``__name__`` and
	565	``__doc__`` attributes. See https://github.com/Pylons/pyramid/issues/621
	566	and https://github.com/Pylons/pyramid/pull/647.
	567
95f766	568	- Third-party custom view, route, and subscriber predicates can now be added
CM	569	for use by view authors via
	570	``pyramid.config.Configurator.add_view_predicate``,
	571	``pyramid.config.Configurator.add_route_predicate`` and
	572	``pyramid.config.Configurator.add_subscriber_predicate``. So, for example,
0196b2	573	doing this::
CM	574
	575	config.add_view_predicate('abc', my.package.ABCPredicate)
	576
	577	Might allow a view author to do this in an application that configured that
	578	predicate::
	579
	580	@view_config(abc=1)
	581
95f766	582	Similar features exist for ``add_route``, and ``add_subscriber``. See
CM	583	"Adding A Third Party View, Route, or Subscriber Predicate" in the Hooks
	584	chapter for more information.
0196b2	585
735abf	586	Note that changes made to support the above feature now means that only
CM	587	actions registered using the same "order" can conflict with one another.
	588	It used to be the case that actions registered at different orders could
	589	potentially conflict, but to my knowledge nothing ever depended on this
	590	behavior (it was a bit silly).
	591
de797c	592	- Custom objects can be made easily JSON-serializable in Pyramid by defining
CM	593	a ``__json__`` method on the object's class. This method should return
	594	values natively serializable by ``json.dumps`` (such as ints, lists,
	595	dictionaries, strings, and so forth).
077fa3	596
e012aa	597	- The JSON renderer now allows for the definition of custom type adapters to
CM	598	convert unknown objects to JSON serializations.
	599
360f25	600	- As of this release, the ``request_method`` predicate, when used, will also
CM	601	imply that ``HEAD`` is implied when you use ``GET``. For example, using
	602	``@view_config(request_method='GET')`` is equivalent to using
561a44	603	``@view_config(request_method=('GET', 'HEAD'))``. Using
360f25	604	``@view_config(request_method=('GET', 'POST')`` is equivalent to using
CM	605	``@view_config(request_method=('GET', 'HEAD', 'POST')``. This is because
	606	HEAD is a variant of GET that omits the body, and WebOb has special support
	607	to return an empty body when a HEAD is used.
15c40a	608
023c88	609	- ``config.add_request_method`` has been introduced to support extending
2c2534	610	request objects with arbitrary callables. This method expands on the
MM	611	previous ``config.set_request_property`` by supporting methods as well as
	612	properties. This method now causes less code to be executed at
	613	request construction time than ``config.set_request_property`` in
	614	version 1.3.
fcb209	615
2c2534	616	- Don't add a ``?`` to URLs generated by ``request.resource_url`` if the
fcb209	617	``query`` argument is provided but empty.
CM	618
2c2534	619	- Don't add a ``?`` to URLs generated by ``request.route_url`` if the
fcb209	620	``_query`` argument is provided but empty.
988035	621
CM	622	- The static view machinery now raises (rather than returns) ``HTTPNotFound``
	623	and ``HTTPMovedPermanently`` exceptions, so these can be caught by the
	624	NotFound view (and other exception views).
ea009a	625
54d3e3	626	- The Mako renderer now supports a def name in an asset spec. When the def
8b55a6	627	name is present in the asset spec, the system will render the template def
CM	628	within the template and will return the result. An example asset spec is
	629	``package:path/to/template#defname.mako``. This will render the def named
54d3e3	630	``defname`` inside the ``template.mako`` template instead of rendering the
CM	631	entire template. The old way of returning a tuple in the form
	632	``('defname', {})`` from the view is supported for backward compatibility,
8b55a6	633
CM	634	- The Chameleon ZPT renderer now accepts a macro name in an asset spec. When
	635	the macro name is present in the asset spec, the system will render the
	636	macro listed as a ``define-macro`` and return the result instead of
	637	rendering the entire template. An example asset spec:
	638	``package:path/to/template#macroname.pt``. This will render the macro
	639	defined as ``macroname`` within the ``template.pt`` template instead of the
	640	entire templae.
61a57e	641
CM	642	- When there is a predicate mismatch exception (seen when no view matches for
	643	a given request due to predicates not working), the exception now contains
	644	a textual description of the predicate which didn't match.
6b180c	645
CM	646	- An ``add_permission`` directive method was added to the Configurator. This
	647	directive registers a free-standing permission introspectable into the
	648	Pyramid introspection system. Frameworks built atop Pyramid can thus use
08c221	649	the ``permissions`` introspectable category data to build a
6b180c	650	comprehensive list of permissions supported by a running system. Before
CM	651	this method was added, permissions were already registered in this
	652	introspectable category as a side effect of naming them in an ``add_view``
	653	call, this method just makes it possible to arrange for a permission to be
	654	put into the ``permissions`` introspectable category without naming it
	655	along with an associated view. Here's an example of usage of
	656	``add_permission``::
	657
	658	config = Configurator()
	659	config.add_permission('view')
2c2534	660
45b6e1	661	- The ``UnencryptedCookieSessionFactoryConfig`` now accepts
MM	662	``signed_serialize`` and ``signed_deserialize`` hooks which may be used
	663	to influence how the sessions are marshalled (by default this is done
	664	with HMAC+pickle).
	665
28dba0	666	- ``pyramid.testing.DummyRequest`` now supports methods supplied by the
CM	667	``pyramid.util.InstancePropertyMixin`` class such as ``set_property``.
735987	668
CM	669	- Request properties and methods added via ``config.set_request_property`` or
	670	``config.add_request_method`` are now available to tweens.
	671
	672	- Request properties and methods added via ``config.set_request_property`` or
	673	``config.add_request_method`` are now available in the request object
	674	returned from ``pyramid.paster.bootstrap``.
	675
dc8b49	676	- ``request.context`` of environment request during ``bootstrap`` is now the
CM	677	root object if a context isn't already set on a provided request.
	678
07cb8f	679	- The ``pyramid.decorator.reify`` function is now an API, and was added to
CM	680	the API documentation.
	681
97150c	682	- Added the ``pyramid.testing.testConfig`` context manager, which can be used
CM	683	to generate a configurator in a test, e.g. ``with testing.testConfig(...):``.
	684
64452e	685	- Users can now invoke a subrequest from within view code using a new
CM	686	``request.invoke_subrequest`` API.
37d2c2	687
2c2534	688	Deprecations
MM	689	------------
	690
9cdb28	691	- The ``pyramid.config.Configurator.set_request_property`` has been
CM	692	documentation-deprecated. The method remains usable but the more
023c88	693	featureful ``pyramid.config.Configurator.add_request_method`` should be
9cdb28	694	used in its place (it has all of the same capabilities but can also extend
CM	695	the request object with methods).
ebcdc7	696
CM	697	Backwards Incompatibilities
	698	---------------------------
	699
25d3dd	700	- The Pyramid router no longer adds the values ``bfg.routes.route`` or
ebcdc7	701	``bfg.routes.matchdict`` to the request's WSGI environment dictionary.
CM	702	These values were docs-deprecated in ``repoze.bfg`` 1.0 (effectively seven
	703	minor releases ago). If your code depended on these values, use
	704	request.matched_route and request.matchdict instead.
	705
	706	- It is no longer possible to pass an environ dictionary directly to
	707	``pyramid.traversal.ResourceTreeTraverser.__call__`` (aka
	708	``ModelGraphTraverser.__call__``). Instead, you must pass a request
	709	object. Passing an environment instead of a request has generated a
	710	deprecation warning since Pyramid 1.1.
	711
	712	- Pyramid will no longer work properly if you use the
	713	``webob.request.LegacyRequest`` as a request factory. Instances of the
	714	LegacyRequest class have a ``request.path_info`` which return a string.
	715	This Pyramid release assumes that ``request.path_info`` will
	716	unconditionally be Unicode.
	717
3d4272	718	- The functions from ``pyramid.chameleon_zpt`` and ``pyramid.chameleon_text``
CM	719	named ``get_renderer``, ``get_template``, ``render_template``, and
	720	``render_template_to_response`` have been removed. These have issued a
	721	deprecation warning upon import since Pyramid 1.0. Use
	722	``pyramid.renderers.get_renderer()``,
	723	``pyramid.renderers.get_renderer().implementation()``,
	724	``pyramid.renderers.render()`` or ``pyramid.renderers.render_to_response``
	725	respectively instead of these functions.
	726
94a6f3	727	- The ``pyramid.configuration`` module was removed. It had been deprecated
CM	728	since Pyramid 1.0 and printed a deprecation warning upon its use. Use
	729	``pyramid.config`` instead.
	730
b274d0	731	- The ``pyramid.paster.PyramidTemplate`` API was removed. It had been
CM	732	deprecated since Pyramid 1.1 and issued a warning on import. If your code
	733	depended on this, adjust your code to import
	734	``pyramid.scaffolds.PyramidTemplate`` instead.
	735
ef2e51	736	- The ``pyramid.settings.get_settings()`` API was removed. It had been
CM	737	printing a deprecation warning since Pyramid 1.0. If your code depended on
	738	this API, use ``pyramid.threadlocal.get_current_registry().settings``
	739	instead or use the ``settings`` attribute of the registry available from
	740	the request (``request.registry.settings``).
	741
69e0aa	742	- These APIs from the ``pyramid.testing`` module were removed. They have
CM	743	been printing deprecation warnings since Pyramid 1.0:
	744
	745	* ``registerDummySecurityPolicy``, use
	746	``pyramid.config.Configurator.testing_securitypolicy`` instead.
	747
	748	* ``registerResources`` (aka ``registerModels``, use
	749	``pyramid.config.Configurator.testing_resources`` instead.
	750
	751	* ``registerEventListener``, use
	752	``pyramid.config.Configurator.testing_add_subscriber`` instead.
	753
	754	* ``registerTemplateRenderer`` (aka `registerDummyRenderer``), use
	755	``pyramid.config.Configurator.testing_add_template`` instead.
	756
	757	* ``registerView``, use ``pyramid.config.Configurator.add_view`` instead.
	758
	759	* ``registerUtility``, use
	760	``pyramid.config.Configurator.registry.registerUtility`` instead.
	761
	762	* ``registerAdapter``, use
	763	``pyramid.config.Configurator.registry.registerAdapter`` instead.
	764
ae6135	765	* ``registerSubscriber``, use
69e0aa	766	``pyramid.config.Configurator.add_subscriber`` instead.
CM	767
ae6135	768	* ``registerRoute``, use
69e0aa	769	``pyramid.config.Configurator.add_route`` instead.
CM	770
ae6135	771	* ``registerSettings``, use
69e0aa	772	``pyramid.config.Configurator.add_settings`` instead.
CM	773
64452e	774	- In Pyramid 1.3 and previous, the ``__call__`` method of a Response object
CM	775	was invoked before any finished callbacks were executed. As of this
	776	release, the ``__call__`` method of a Response object is invoked after
	777	finished callbacks are executed. This is in support of the
	778	``request.invoke_subrequest`` feature.
	779
b72ba1	780	Documentation
CM	781	-------------
	782
	783	- Added an "Upgrading Pyramid" chapter to the narrative documentation. It
07cb8f	784	describes how to cope with deprecations and removals of Pyramid APIs and
CM	785	how to show Pyramid-generated deprecation warnings while running tests and
	786	while running a server.
b72ba1	787
37d2c2	788	- Added a "Invoking a Subrequest" chapter to the documentation. It describes
64452e	789	how to use the new ``request.invoke_subrequest`` API.
37d2c2	790
ebcdc7	791	Dependencies
CM	792	------------
	793
	794	- Pyramid now requires WebOb 1.2b3+ (the prior Pyramid release only relied on
	795	1.2dev+). This is to ensure that we obtain a version of WebOb that returns
	796	``request.path_info`` as text.
	797