| commit | author | age | ||
| 7ecf62 | 1 | unreleased |
| MM | 2 | ========== |
| 3 | ||
| 4ed714 | 4 | - Add a ``_depth`` and ``_category`` arguments to all of the venusian |
| MM | 5 | decorators. The ``_category`` argument can be used to affect which actions |
| 6 | are registered when performing a ``config.scan(..., category=...)`` with a | |
| 7 | specific category. The ``_depth`` argument should be used when wrapping | |
| 8 | the decorator in your own. This change affects ``pyramid.view.view_config``, | |
| 9 | ``pyramid.view.exception_view_config``, | |
| 10 | ``pyramid.view.forbidden_view_config``, ``pyramid.view.notfound_view_config``, | |
| 11 | ``pyramid.events.subscriber`` and ``pyramid.response.response_adapter`` | |
| 12 | decorators. See https://github.com/Pylons/pyramid/pull/3121 and | |
| 13 | https://github.com/Pylons/pyramid/pull/3123 | |
| 7ecf62 | 14 | |
| 7987e8 | 15 | - Fix a circular import which made it impossible to import |
| MM | 16 | ``pyramid.viewderivers`` before ``pyramid.config``. |
| 17 | See https://github.com/Pylons/pyramid/pull/3124 | |
| 18 | ||
| d826df | 19 | 1.9 (2017-06-26) |
| MM | 20 | ================ |
| 21 | ||
| 22 | - No major changes from 1.9b1. | |
| 23 | ||
| 24 | - Updated documentation links for ``docs.pylonsproject.org`` to use HTTPS. | |
| 25 | ||
| bd124a | 26 | 1.9b1 (2017-06-19) |
| MM | 27 | ================== |
| 37d887 | 28 | |
| MM | 29 | - Add an informative error message when unknown predicates are supplied. The |
| 30 | new message suggests alternatives based on the list of known predicates. | |
| 31 | See https://github.com/Pylons/pyramid/pull/3054 | |
| 32 | ||
| 50d216 | 33 | - Added integrity attributes for JavaScripts in cookiecutters, scaffolds, and |
| SP | 34 | resulting source files in tutorials. |
| 35 | See https://github.com/Pylons/pyramid/issues/2548 | |
| 36 | ||
| d179ce | 37 | - Update RELEASING.txt for updating cookiecutters. Change cookiecutter URLs to |
| SP | 38 | use shortcut. |
| cc8ce5 | 39 | See https://github.com/Pylons/pyramid/issues/3042 |
| MM | 40 | |
| 41 | - Ensure the correct threadlocals are pushed during view execution when | |
| 42 | invoked from ``request.invoke_exception_view``. | |
| 43 | See https://github.com/Pylons/pyramid/pull/3060 | |
| d179ce | 44 | |
| 7b3249 | 45 | - Fix a bug in which ``pyramid.security.ALL_PERMISSIONS`` failed to return |
| MM | 46 | a valid iterator in its ``__iter__`` implementation. |
| 47 | See https://github.com/Pylons/pyramid/pull/3074 | |
| 48 | ||
| b54a70 | 49 | - Normalize the permission results to a proper class hierarchy. |
| MM | 50 | ``pyramid.security.ACLAllowed`` is now a subclass of |
| 975b02 | 51 | ``pyramid.security.Allowed`` and ``pyramid.security.ACLDenied`` is now a |
| b54a70 | 52 | subclass of ``pyramid.security.Denied``. |
| MM | 53 | See https://github.com/Pylons/pyramid/pull/3084 |
| 54 | ||
| 5c437a | 55 | - Add a ``quote_via`` argument to ``pyramid.encode.urlencode`` to follow |
| MM | 56 | the stdlib's version and enable custom quoting functions. |
| 57 | See https://github.com/Pylons/pyramid/pull/3088 | |
| 58 | ||
| 983216 | 59 | - Support `_query=None` and `_anchor=None` in ``request.route_url`` as well |
| MM | 60 | as ``query=None`` and ``anchor=None`` in ``request.resource_url``. |
| 61 | Previously this would cause an `?` and a `#`, respectively, in the url | |
| 53cfb8 | 62 | with nothing after it. Now the unnecessary parts are dropped from the |
| MM | 63 | generated URL. See https://github.com/Pylons/pyramid/pull/3034 |
| 983216 | 64 | |
| 5aa1af | 65 | - Revamp the ``IRouter`` API used by ``IExecutionPolicy`` to force |
| MM | 66 | pushing/popping the request threadlocals. The |
| 67 | ``IRouter.make_request(environ)`` API has been replaced by | |
| 68 | ``IRouter.request_context(environ)`` which should be used as a context | |
| 69 | manager. See https://github.com/Pylons/pyramid/pull/3086 | |
| 70 | ||
| 1fc7ee | 71 | 1.9a2 (2017-05-09) |
| MM | 72 | ================== |
| 73 | ||
| 74 | Backward Incompatibilities | |
| 75 | -------------------------- | |
| 76 | ||
| 77 | - ``request.exception`` and ``request.exc_info`` will only be set if the | |
| 78 | response was generated by the EXCVIEW tween. This is to avoid any confusion | |
| 79 | where a response was generated elsewhere in the pipeline and not in | |
| 80 | direct relation to the original exception. If anyone upstream wants to | |
| 81 | catch and render responses for exceptions they should set | |
| 82 | ``request.exception`` and ``request.exc_info`` themselves to indicate | |
| 83 | the exception that was squashed when generating the response. | |
| 84 | ||
| 85 | Similar behavior occurs with ``request.invoke_exception_view`` in which | |
| 86 | the exception properties are set to reflect the exception if a response | |
| 87 | is successfully generated by the method. | |
| 88 | ||
| 89 | This is a very minor incompatibility. Most tweens right now would give | |
| 90 | priority to the raised exception and ignore ``request.exception``. This | |
| 91 | change just improves and clarifies that bookkeeping by trying to be | |
| 92 | more clear about the relationship between the response and its squashed | |
| 93 | exception. See https://github.com/Pylons/pyramid/pull/3029 and | |
| 94 | https://github.com/Pylons/pyramid/pull/3031 | |
| 95 | ||
| c84904 | 96 | 1.9a1 (2017-05-01) |
| MM | 97 | ================== |
| bdb8e0 | 98 | |
| fa8a9d | 99 | Major Features |
| MM | 100 | -------------- |
| 101 | ||
| 102 | - The file format used by all ``p*`` command line scripts such as ``pserve`` | |
| 103 | and ``pshell``, as well as the ``pyramid.paster.bootstrap`` function | |
| 104 | is now replaceable thanks to a new dependency on | |
| 19d341 | 105 | `plaster <https://docs.pylonsproject.org/projects/plaster/en/latest/>`_. |
| fa8a9d | 106 | |
| MM | 107 | For now, Pyramid is still shipping with integrated support for the |
| fdd77d | 108 | PasteDeploy INI format by depending on the |
| fbfd81 | 109 | `plaster_pastedeploy <https://github.com/Pylons/plaster_pastedeploy>`_ |
| fdd77d | 110 | binding library. This may change in the future. |
| fa8a9d | 111 | |
| MM | 112 | See https://github.com/Pylons/pyramid/pull/2985 |
| 5f4649 | 113 | |
| 4c3971 | 114 | - Added an execution policy hook to the request pipeline. An execution |
| MM | 115 | policy has the ability to control creation and execution of the request |
| f454b8 | 116 | objects before they enter the rest of the pipeline. This means for a single |
| fa8a9d | 117 | request environ the policy may create more than one request object. |
| MM | 118 | |
| 119 | The first library to use this feature is | |
| 120 | `pyramid_retry | |
| 19d341 | 121 | <https://docs.pylonsproject.org/projects/pyramid-retry/en/latest/>`_. |
| fa8a9d | 122 | |
| MM | 123 | See https://github.com/Pylons/pyramid/pull/2964 |
| 124 | ||
| 6419a3 | 125 | - CSRF support has been refactored out of sessions and into its own |
| MM | 126 | independent API in the ``pyramid.csrf`` module. It supports a pluggable |
| 127 | ``pyramid.interfaces.ICSRFStoragePolicy`` which can be used to define your | |
| 128 | own mechanism for generating and validating CSRF tokens. By default, | |
| 129 | Pyramid continues to use the ``pyramid.csrf.LegacySessionCSRFStoragePolicy`` | |
| 130 | that uses the ``request.session.get_csrf_token`` and | |
| 131 | ``request.session.new_csrf_token`` APIs under the hood to preserve | |
| 132 | compatibility. Two new policies are shipped as well, | |
| 133 | ``pyramid.csrf.SessionCSRFStoragePolicy`` and | |
| 134 | ``pyramid.csrf.CookieCSRFStoragePolicy`` which will store the CSRF tokens | |
| 135 | in the session and in a standalone cookie, respectively. The storage policy | |
| 136 | can be changed by using the new | |
| 137 | ``pyramid.config.Configurator.set_csrf_storage_policy`` config directive. | |
| 138 | ||
| 139 | CSRF tokens should be used via the new ``pyramid.csrf.get_csrf_token``, | |
| 140 | ``pyramid.csrf.new_csrf_token`` and ``pyramid.csrf.check_csrf_token`` APIs | |
| 141 | in order to continue working if the storage policy is changed. Also, the | |
| 142 | ``pyramid.csrf.get_csrf_token`` function is injected into templates to be | |
| 143 | used conveniently in UI code. | |
| 144 | ||
| 682a9b | 145 | See https://github.com/Pylons/pyramid/pull/2854 and |
| MM | 146 | https://github.com/Pylons/pyramid/pull/3019 |
| a2c7c7 | 147 | |
| 2b9b6c | 148 | Minor Features |
| MM | 149 | -------------- |
| 9028c9 | 150 | |
| MM | 151 | - Support an ``open_url`` config setting in the ``pserve`` section of the |
| 152 | config file. This url is used to open a web browser when ``pserve --browser`` | |
| 153 | is invoked. When this setting is unavailable the ``pserve`` script will | |
| 154 | attempt to guess the port the server is using from the | |
| 155 | ``server:<server_name>`` section of the config file but there is no | |
| 156 | requirement that the server is being run in this format so it may fail. | |
| 157 | See https://github.com/Pylons/pyramid/pull/2984 | |
| 158 | ||
| 87af11 | 159 | - The ``pyramid.config.Configurator`` can now be used as a context manager |
| MM | 160 | which will automatically push/pop threadlocals (similar to |
| 161 | ``config.begin()`` and ``config.end()``). It will also automatically perform | |
| 162 | a ``config.commit()`` and thus it is only recommended to be used at the | |
| 163 | top-level of your app. See https://github.com/Pylons/pyramid/pull/2874 | |
| a2c7c7 | 164 | |
| 847fb7 | 165 | - The threadlocals are now available inside any function invoked via |
| MM | 166 | ``config.include``. This means the only config-time code that cannot rely |
| 167 | on threadlocals is code executed from non-actions inside the main. This | |
| 168 | can be alleviated by invoking ``config.begin()`` and ``config.end()`` | |
| 169 | appropriately or using the new context manager feature of the configurator. | |
| 170 | See https://github.com/Pylons/pyramid/pull/2989 | |
| 171 | ||
| 1cf132 | 172 | Bug Fixes |
| BJR | 173 | --------- |
| 45f882 | 174 | |
| 564b63 | 175 | - HTTPException's accepts a detail kwarg that may be used to pass additional |
| BJR | 176 | details to the exception. You may now pass objects so long as they have a |
| 169155 | 177 | valid __str__ method. See https://github.com/Pylons/pyramid/pull/2951 |
| MM | 178 | |
| 179 | - Fix a reference cycle causing memory leaks in which the registry | |
| 180 | would keep a ``Configurator`` instance alive even after the configurator | |
| 181 | was discarded. Another fix was also added for the ``global_registries`` | |
| 182 | object in which the registry was stored in a closure preventing it from | |
| 183 | being deallocated. See https://github.com/Pylons/pyramid/pull/2967 | |
| 564b63 | 184 | |
| 38294e | 185 | - Fix a bug directly invoking ``pyramid.scripts.pserve.main`` with the |
| MM | 186 | ``--reload`` option in which ``sys.argv`` is always used in the subprocess |
| 187 | instead of the supplied ``argv``. | |
| 188 | See https://github.com/Pylons/pyramid/pull/2962 | |
| 189 | ||
| 1cf132 | 190 | Deprecations |
| BJR | 191 | ------------ |
| cb98a9 | 192 | |
| 2b9b6c | 193 | - Pyramid currently depends on ``plaster_pastedeploy`` to simplify the |
| MM | 194 | transition to ``plaster`` by maintaining integrated support for INI files. |
| 195 | This dependency on ``plaster_pastedeploy`` should be considered subject to | |
| 2aebc6 | 196 | Pyramid's deprecation policy and may be removed in the future. |
| 2b9b6c | 197 | Applications should depend on the appropriate plaster binding to satisfy |
| MM | 198 | their needs. |
| d2f0fe | 199 | |
| 2b9b6c | 200 | - Retrieving CSRF token from the session has been deprecated in favor of |
| MM | 201 | equivalent methods in the ``pyramid.csrf`` module. The CSRF methods |
| 202 | (``ISession.get_csrf_token`` and ``ISession.new_csrf_token``) are no longer | |
| 203 | required on the ``ISession`` interface except when using the default | |
| 204 | ``pyramid.csrf.LegacySessionCSRFStoragePolicy``. | |
| a2c7c7 | 205 | |
| 2b9b6c | 206 | Also, ``pyramid.session.check_csrf_token`` is now located at |
| MM | 207 | ``pyramid.csrf.check_csrf_token``. |
| 208 | ||
| 209 | See https://github.com/Pylons/pyramid/pull/2854 and | |
| 210 | https://github.com/Pylons/pyramid/pull/3019 | |
| 3213e2 | 211 | |
| 785088 | 212 | Documentation Changes |
| MM | 213 | --------------------- |
| 214 | ||
| 215 | - Added the execution policy to the routing diagram in the Request Processing | |
| 840508 | 216 | chapter. See https://github.com/Pylons/pyramid/pull/2993 |
