commit | author | age
|
a6ff46
|
1 |
unreleased |
MM |
2 |
========== |
|
3 |
|
|
4 |
- Fix ``pyramid.scripting.get_root`` which was broken by the execution policy |
|
5 |
feature added in the 1.9 release. |
|
6 |
See https://github.com/Pylons/pyramid/pull/3265 |
|
7 |
|
d1969a
|
8 |
.. _changes_1.9.1: |
MM |
9 |
|
|
10 |
1.9.1 (2017-07-13) |
|
11 |
================== |
7ecf62
|
12 |
|
4ed714
|
13 |
- Add a ``_depth`` and ``_category`` arguments to all of the venusian |
MM |
14 |
decorators. The ``_category`` argument can be used to affect which actions |
|
15 |
are registered when performing a ``config.scan(..., category=...)`` with a |
|
16 |
specific category. The ``_depth`` argument should be used when wrapping |
|
17 |
the decorator in your own. This change affects ``pyramid.view.view_config``, |
|
18 |
``pyramid.view.exception_view_config``, |
|
19 |
``pyramid.view.forbidden_view_config``, ``pyramid.view.notfound_view_config``, |
|
20 |
``pyramid.events.subscriber`` and ``pyramid.response.response_adapter`` |
|
21 |
decorators. See https://github.com/Pylons/pyramid/pull/3121 and |
|
22 |
https://github.com/Pylons/pyramid/pull/3123 |
7ecf62
|
23 |
|
7987e8
|
24 |
- Fix a circular import which made it impossible to import |
MM |
25 |
``pyramid.viewderivers`` before ``pyramid.config``. |
|
26 |
See https://github.com/Pylons/pyramid/pull/3124 |
|
27 |
|
d08255
|
28 |
- Improve documentation to show the ``pyramid.config.Configurator`` being |
MM |
29 |
used as a context manager in more places. |
|
30 |
See https://github.com/Pylons/pyramid/pull/3126 |
|
31 |
|
d826df
|
32 |
1.9 (2017-06-26) |
MM |
33 |
================ |
|
34 |
|
|
35 |
- No major changes from 1.9b1. |
|
36 |
|
|
37 |
- Updated documentation links for ``docs.pylonsproject.org`` to use HTTPS. |
|
38 |
|
bd124a
|
39 |
1.9b1 (2017-06-19) |
MM |
40 |
================== |
37d887
|
41 |
|
MM |
42 |
- Add an informative error message when unknown predicates are supplied. The |
|
43 |
new message suggests alternatives based on the list of known predicates. |
|
44 |
See https://github.com/Pylons/pyramid/pull/3054 |
|
45 |
|
50d216
|
46 |
- Added integrity attributes for JavaScripts in cookiecutters, scaffolds, and |
SP |
47 |
resulting source files in tutorials. |
|
48 |
See https://github.com/Pylons/pyramid/issues/2548 |
|
49 |
|
d179ce
|
50 |
- Update RELEASING.txt for updating cookiecutters. Change cookiecutter URLs to |
SP |
51 |
use shortcut. |
cc8ce5
|
52 |
See https://github.com/Pylons/pyramid/issues/3042 |
MM |
53 |
|
|
54 |
- Ensure the correct threadlocals are pushed during view execution when |
|
55 |
invoked from ``request.invoke_exception_view``. |
|
56 |
See https://github.com/Pylons/pyramid/pull/3060 |
d179ce
|
57 |
|
7b3249
|
58 |
- Fix a bug in which ``pyramid.security.ALL_PERMISSIONS`` failed to return |
MM |
59 |
a valid iterator in its ``__iter__`` implementation. |
|
60 |
See https://github.com/Pylons/pyramid/pull/3074 |
|
61 |
|
b54a70
|
62 |
- Normalize the permission results to a proper class hierarchy. |
MM |
63 |
``pyramid.security.ACLAllowed`` is now a subclass of |
975b02
|
64 |
``pyramid.security.Allowed`` and ``pyramid.security.ACLDenied`` is now a |
b54a70
|
65 |
subclass of ``pyramid.security.Denied``. |
MM |
66 |
See https://github.com/Pylons/pyramid/pull/3084 |
|
67 |
|
5c437a
|
68 |
- Add a ``quote_via`` argument to ``pyramid.encode.urlencode`` to follow |
MM |
69 |
the stdlib's version and enable custom quoting functions. |
|
70 |
See https://github.com/Pylons/pyramid/pull/3088 |
|
71 |
|
983216
|
72 |
- Support `_query=None` and `_anchor=None` in ``request.route_url`` as well |
MM |
73 |
as ``query=None`` and ``anchor=None`` in ``request.resource_url``. |
|
74 |
Previously this would cause an `?` and a `#`, respectively, in the url |
53cfb8
|
75 |
with nothing after it. Now the unnecessary parts are dropped from the |
MM |
76 |
generated URL. See https://github.com/Pylons/pyramid/pull/3034 |
983216
|
77 |
|
5aa1af
|
78 |
- Revamp the ``IRouter`` API used by ``IExecutionPolicy`` to force |
MM |
79 |
pushing/popping the request threadlocals. The |
|
80 |
``IRouter.make_request(environ)`` API has been replaced by |
|
81 |
``IRouter.request_context(environ)`` which should be used as a context |
|
82 |
manager. See https://github.com/Pylons/pyramid/pull/3086 |
|
83 |
|
1fc7ee
|
84 |
1.9a2 (2017-05-09) |
MM |
85 |
================== |
|
86 |
|
|
87 |
Backward Incompatibilities |
|
88 |
-------------------------- |
|
89 |
|
|
90 |
- ``request.exception`` and ``request.exc_info`` will only be set if the |
|
91 |
response was generated by the EXCVIEW tween. This is to avoid any confusion |
|
92 |
where a response was generated elsewhere in the pipeline and not in |
|
93 |
direct relation to the original exception. If anyone upstream wants to |
|
94 |
catch and render responses for exceptions they should set |
|
95 |
``request.exception`` and ``request.exc_info`` themselves to indicate |
|
96 |
the exception that was squashed when generating the response. |
|
97 |
|
|
98 |
Similar behavior occurs with ``request.invoke_exception_view`` in which |
|
99 |
the exception properties are set to reflect the exception if a response |
|
100 |
is successfully generated by the method. |
|
101 |
|
|
102 |
This is a very minor incompatibility. Most tweens right now would give |
|
103 |
priority to the raised exception and ignore ``request.exception``. This |
|
104 |
change just improves and clarifies that bookkeeping by trying to be |
|
105 |
more clear about the relationship between the response and its squashed |
|
106 |
exception. See https://github.com/Pylons/pyramid/pull/3029 and |
|
107 |
https://github.com/Pylons/pyramid/pull/3031 |
|
108 |
|
c84904
|
109 |
1.9a1 (2017-05-01) |
MM |
110 |
================== |
bdb8e0
|
111 |
|
fa8a9d
|
112 |
Major Features |
MM |
113 |
-------------- |
|
114 |
|
|
115 |
- The file format used by all ``p*`` command line scripts such as ``pserve`` |
|
116 |
and ``pshell``, as well as the ``pyramid.paster.bootstrap`` function |
|
117 |
is now replaceable thanks to a new dependency on |
19d341
|
118 |
`plaster <https://docs.pylonsproject.org/projects/plaster/en/latest/>`_. |
fa8a9d
|
119 |
|
MM |
120 |
For now, Pyramid is still shipping with integrated support for the |
fdd77d
|
121 |
PasteDeploy INI format by depending on the |
fbfd81
|
122 |
`plaster_pastedeploy <https://github.com/Pylons/plaster_pastedeploy>`_ |
fdd77d
|
123 |
binding library. This may change in the future. |
fa8a9d
|
124 |
|
MM |
125 |
See https://github.com/Pylons/pyramid/pull/2985 |
5f4649
|
126 |
|
4c3971
|
127 |
- Added an execution policy hook to the request pipeline. An execution |
MM |
128 |
policy has the ability to control creation and execution of the request |
f454b8
|
129 |
objects before they enter the rest of the pipeline. This means for a single |
fa8a9d
|
130 |
request environ the policy may create more than one request object. |
MM |
131 |
|
|
132 |
The first library to use this feature is |
|
133 |
`pyramid_retry |
19d341
|
134 |
<https://docs.pylonsproject.org/projects/pyramid-retry/en/latest/>`_. |
fa8a9d
|
135 |
|
MM |
136 |
See https://github.com/Pylons/pyramid/pull/2964 |
|
137 |
|
6419a3
|
138 |
- CSRF support has been refactored out of sessions and into its own |
MM |
139 |
independent API in the ``pyramid.csrf`` module. It supports a pluggable |
|
140 |
``pyramid.interfaces.ICSRFStoragePolicy`` which can be used to define your |
|
141 |
own mechanism for generating and validating CSRF tokens. By default, |
|
142 |
Pyramid continues to use the ``pyramid.csrf.LegacySessionCSRFStoragePolicy`` |
|
143 |
that uses the ``request.session.get_csrf_token`` and |
|
144 |
``request.session.new_csrf_token`` APIs under the hood to preserve |
|
145 |
compatibility. Two new policies are shipped as well, |
|
146 |
``pyramid.csrf.SessionCSRFStoragePolicy`` and |
|
147 |
``pyramid.csrf.CookieCSRFStoragePolicy`` which will store the CSRF tokens |
|
148 |
in the session and in a standalone cookie, respectively. The storage policy |
|
149 |
can be changed by using the new |
|
150 |
``pyramid.config.Configurator.set_csrf_storage_policy`` config directive. |
|
151 |
|
|
152 |
CSRF tokens should be used via the new ``pyramid.csrf.get_csrf_token``, |
|
153 |
``pyramid.csrf.new_csrf_token`` and ``pyramid.csrf.check_csrf_token`` APIs |
|
154 |
in order to continue working if the storage policy is changed. Also, the |
|
155 |
``pyramid.csrf.get_csrf_token`` function is injected into templates to be |
|
156 |
used conveniently in UI code. |
|
157 |
|
682a9b
|
158 |
See https://github.com/Pylons/pyramid/pull/2854 and |
MM |
159 |
https://github.com/Pylons/pyramid/pull/3019 |
a2c7c7
|
160 |
|
2b9b6c
|
161 |
Minor Features |
MM |
162 |
-------------- |
9028c9
|
163 |
|
MM |
164 |
- Support an ``open_url`` config setting in the ``pserve`` section of the |
|
165 |
config file. This url is used to open a web browser when ``pserve --browser`` |
|
166 |
is invoked. When this setting is unavailable the ``pserve`` script will |
|
167 |
attempt to guess the port the server is using from the |
|
168 |
``server:<server_name>`` section of the config file but there is no |
|
169 |
requirement that the server is being run in this format so it may fail. |
|
170 |
See https://github.com/Pylons/pyramid/pull/2984 |
|
171 |
|
87af11
|
172 |
- The ``pyramid.config.Configurator`` can now be used as a context manager |
MM |
173 |
which will automatically push/pop threadlocals (similar to |
|
174 |
``config.begin()`` and ``config.end()``). It will also automatically perform |
|
175 |
a ``config.commit()`` and thus it is only recommended to be used at the |
|
176 |
top-level of your app. See https://github.com/Pylons/pyramid/pull/2874 |
a2c7c7
|
177 |
|
847fb7
|
178 |
- The threadlocals are now available inside any function invoked via |
MM |
179 |
``config.include``. This means the only config-time code that cannot rely |
|
180 |
on threadlocals is code executed from non-actions inside the main. This |
|
181 |
can be alleviated by invoking ``config.begin()`` and ``config.end()`` |
|
182 |
appropriately or using the new context manager feature of the configurator. |
|
183 |
See https://github.com/Pylons/pyramid/pull/2989 |
|
184 |
|
1cf132
|
185 |
Bug Fixes |
BJR |
186 |
--------- |
45f882
|
187 |
|
564b63
|
188 |
- HTTPException's accepts a detail kwarg that may be used to pass additional |
BJR |
189 |
details to the exception. You may now pass objects so long as they have a |
169155
|
190 |
valid __str__ method. See https://github.com/Pylons/pyramid/pull/2951 |
MM |
191 |
|
|
192 |
- Fix a reference cycle causing memory leaks in which the registry |
|
193 |
would keep a ``Configurator`` instance alive even after the configurator |
|
194 |
was discarded. Another fix was also added for the ``global_registries`` |
|
195 |
object in which the registry was stored in a closure preventing it from |
|
196 |
being deallocated. See https://github.com/Pylons/pyramid/pull/2967 |
564b63
|
197 |
|
38294e
|
198 |
- Fix a bug directly invoking ``pyramid.scripts.pserve.main`` with the |
MM |
199 |
``--reload`` option in which ``sys.argv`` is always used in the subprocess |
|
200 |
instead of the supplied ``argv``. |
|
201 |
See https://github.com/Pylons/pyramid/pull/2962 |
|
202 |
|
1cf132
|
203 |
Deprecations |
BJR |
204 |
------------ |
cb98a9
|
205 |
|
2b9b6c
|
206 |
- Pyramid currently depends on ``plaster_pastedeploy`` to simplify the |
MM |
207 |
transition to ``plaster`` by maintaining integrated support for INI files. |
|
208 |
This dependency on ``plaster_pastedeploy`` should be considered subject to |
2aebc6
|
209 |
Pyramid's deprecation policy and may be removed in the future. |
2b9b6c
|
210 |
Applications should depend on the appropriate plaster binding to satisfy |
MM |
211 |
their needs. |
d2f0fe
|
212 |
|
2b9b6c
|
213 |
- Retrieving CSRF token from the session has been deprecated in favor of |
MM |
214 |
equivalent methods in the ``pyramid.csrf`` module. The CSRF methods |
|
215 |
(``ISession.get_csrf_token`` and ``ISession.new_csrf_token``) are no longer |
|
216 |
required on the ``ISession`` interface except when using the default |
|
217 |
``pyramid.csrf.LegacySessionCSRFStoragePolicy``. |
a2c7c7
|
218 |
|
2b9b6c
|
219 |
Also, ``pyramid.session.check_csrf_token`` is now located at |
MM |
220 |
``pyramid.csrf.check_csrf_token``. |
|
221 |
|
|
222 |
See https://github.com/Pylons/pyramid/pull/2854 and |
|
223 |
https://github.com/Pylons/pyramid/pull/3019 |
3213e2
|
224 |
|
785088
|
225 |
Documentation Changes |
MM |
226 |
--------------------- |
|
227 |
|
|
228 |
- Added the execution policy to the routing diagram in the Request Processing |
840508
|
229 |
chapter. See https://github.com/Pylons/pyramid/pull/2993 |