.. _changes_1.9.1:
|
|
1.9.1 (2017-07-13)
|
==================
|
|
- Add a ``_depth`` and ``_category`` arguments to all of the venusian
|
decorators. The ``_category`` argument can be used to affect which actions
|
are registered when performing a ``config.scan(..., category=...)`` with a
|
specific category. The ``_depth`` argument should be used when wrapping
|
the decorator in your own. This change affects ``pyramid.view.view_config``,
|
``pyramid.view.exception_view_config``,
|
``pyramid.view.forbidden_view_config``, ``pyramid.view.notfound_view_config``,
|
``pyramid.events.subscriber`` and ``pyramid.response.response_adapter``
|
decorators. See https://github.com/Pylons/pyramid/pull/3121 and
|
https://github.com/Pylons/pyramid/pull/3123
|
|
- Fix a circular import which made it impossible to import
|
``pyramid.viewderivers`` before ``pyramid.config``.
|
See https://github.com/Pylons/pyramid/pull/3124
|
|
- Improve documentation to show the ``pyramid.config.Configurator`` being
|
used as a context manager in more places.
|
See https://github.com/Pylons/pyramid/pull/3126
|
|
1.9 (2017-06-26)
|
================
|
|
- No major changes from 1.9b1.
|
|
- Updated documentation links for ``docs.pylonsproject.org`` to use HTTPS.
|
|
1.9b1 (2017-06-19)
|
==================
|
|
- Add an informative error message when unknown predicates are supplied. The
|
new message suggests alternatives based on the list of known predicates.
|
See https://github.com/Pylons/pyramid/pull/3054
|
|
- Added integrity attributes for JavaScripts in cookiecutters, scaffolds, and
|
resulting source files in tutorials.
|
See https://github.com/Pylons/pyramid/issues/2548
|
|
- Update RELEASING.txt for updating cookiecutters. Change cookiecutter URLs to
|
use shortcut.
|
See https://github.com/Pylons/pyramid/issues/3042
|
|
- Ensure the correct threadlocals are pushed during view execution when
|
invoked from ``request.invoke_exception_view``.
|
See https://github.com/Pylons/pyramid/pull/3060
|
|
- Fix a bug in which ``pyramid.security.ALL_PERMISSIONS`` failed to return
|
a valid iterator in its ``__iter__`` implementation.
|
See https://github.com/Pylons/pyramid/pull/3074
|
|
- Normalize the permission results to a proper class hierarchy.
|
``pyramid.security.ACLAllowed`` is now a subclass of
|
``pyramid.security.Allowed`` and ``pyramid.security.ACLDenied`` is now a
|
subclass of ``pyramid.security.Denied``.
|
See https://github.com/Pylons/pyramid/pull/3084
|
|
- Add a ``quote_via`` argument to ``pyramid.encode.urlencode`` to follow
|
the stdlib's version and enable custom quoting functions.
|
See https://github.com/Pylons/pyramid/pull/3088
|
|
- Support `_query=None` and `_anchor=None` in ``request.route_url`` as well
|
as ``query=None`` and ``anchor=None`` in ``request.resource_url``.
|
Previously this would cause an `?` and a `#`, respectively, in the url
|
with nothing after it. Now the unnecessary parts are dropped from the
|
generated URL. See https://github.com/Pylons/pyramid/pull/3034
|
|
- Revamp the ``IRouter`` API used by ``IExecutionPolicy`` to force
|
pushing/popping the request threadlocals. The
|
``IRouter.make_request(environ)`` API has been replaced by
|
``IRouter.request_context(environ)`` which should be used as a context
|
manager. See https://github.com/Pylons/pyramid/pull/3086
|
|
1.9a2 (2017-05-09)
|
==================
|
|
Backward Incompatibilities
|
--------------------------
|
|
- ``request.exception`` and ``request.exc_info`` will only be set if the
|
response was generated by the EXCVIEW tween. This is to avoid any confusion
|
where a response was generated elsewhere in the pipeline and not in
|
direct relation to the original exception. If anyone upstream wants to
|
catch and render responses for exceptions they should set
|
``request.exception`` and ``request.exc_info`` themselves to indicate
|
the exception that was squashed when generating the response.
|
|
Similar behavior occurs with ``request.invoke_exception_view`` in which
|
the exception properties are set to reflect the exception if a response
|
is successfully generated by the method.
|
|
This is a very minor incompatibility. Most tweens right now would give
|
priority to the raised exception and ignore ``request.exception``. This
|
change just improves and clarifies that bookkeeping by trying to be
|
more clear about the relationship between the response and its squashed
|
exception. See https://github.com/Pylons/pyramid/pull/3029 and
|
https://github.com/Pylons/pyramid/pull/3031
|
|
1.9a1 (2017-05-01)
|
==================
|
|
Major Features
|
--------------
|
|
- The file format used by all ``p*`` command line scripts such as ``pserve``
|
and ``pshell``, as well as the ``pyramid.paster.bootstrap`` function
|
is now replaceable thanks to a new dependency on
|
`plaster <https://docs.pylonsproject.org/projects/plaster/en/latest/>`_.
|
|
For now, Pyramid is still shipping with integrated support for the
|
PasteDeploy INI format by depending on the
|
`plaster_pastedeploy <https://github.com/Pylons/plaster_pastedeploy>`_
|
binding library. This may change in the future.
|
|
See https://github.com/Pylons/pyramid/pull/2985
|
|
- Added an execution policy hook to the request pipeline. An execution
|
policy has the ability to control creation and execution of the request
|
objects before they enter the rest of the pipeline. This means for a single
|
request environ the policy may create more than one request object.
|
|
The first library to use this feature is
|
`pyramid_retry
|
<https://docs.pylonsproject.org/projects/pyramid-retry/en/latest/>`_.
|
|
See https://github.com/Pylons/pyramid/pull/2964
|
|
- CSRF support has been refactored out of sessions and into its own
|
independent API in the ``pyramid.csrf`` module. It supports a pluggable
|
``pyramid.interfaces.ICSRFStoragePolicy`` which can be used to define your
|
own mechanism for generating and validating CSRF tokens. By default,
|
Pyramid continues to use the ``pyramid.csrf.LegacySessionCSRFStoragePolicy``
|
that uses the ``request.session.get_csrf_token`` and
|
``request.session.new_csrf_token`` APIs under the hood to preserve
|
compatibility. Two new policies are shipped as well,
|
``pyramid.csrf.SessionCSRFStoragePolicy`` and
|
``pyramid.csrf.CookieCSRFStoragePolicy`` which will store the CSRF tokens
|
in the session and in a standalone cookie, respectively. The storage policy
|
can be changed by using the new
|
``pyramid.config.Configurator.set_csrf_storage_policy`` config directive.
|
|
CSRF tokens should be used via the new ``pyramid.csrf.get_csrf_token``,
|
``pyramid.csrf.new_csrf_token`` and ``pyramid.csrf.check_csrf_token`` APIs
|
in order to continue working if the storage policy is changed. Also, the
|
``pyramid.csrf.get_csrf_token`` function is injected into templates to be
|
used conveniently in UI code.
|
|
See https://github.com/Pylons/pyramid/pull/2854 and
|
https://github.com/Pylons/pyramid/pull/3019
|
|
Minor Features
|
--------------
|
|
- Support an ``open_url`` config setting in the ``pserve`` section of the
|
config file. This url is used to open a web browser when ``pserve --browser``
|
is invoked. When this setting is unavailable the ``pserve`` script will
|
attempt to guess the port the server is using from the
|
``server:<server_name>`` section of the config file but there is no
|
requirement that the server is being run in this format so it may fail.
|
See https://github.com/Pylons/pyramid/pull/2984
|
|
- The ``pyramid.config.Configurator`` can now be used as a context manager
|
which will automatically push/pop threadlocals (similar to
|
``config.begin()`` and ``config.end()``). It will also automatically perform
|
a ``config.commit()`` and thus it is only recommended to be used at the
|
top-level of your app. See https://github.com/Pylons/pyramid/pull/2874
|
|
- The threadlocals are now available inside any function invoked via
|
``config.include``. This means the only config-time code that cannot rely
|
on threadlocals is code executed from non-actions inside the main. This
|
can be alleviated by invoking ``config.begin()`` and ``config.end()``
|
appropriately or using the new context manager feature of the configurator.
|
See https://github.com/Pylons/pyramid/pull/2989
|
|
Bug Fixes
|
---------
|
|
- HTTPException's accepts a detail kwarg that may be used to pass additional
|
details to the exception. You may now pass objects so long as they have a
|
valid __str__ method. See https://github.com/Pylons/pyramid/pull/2951
|
|
- Fix a reference cycle causing memory leaks in which the registry
|
would keep a ``Configurator`` instance alive even after the configurator
|
was discarded. Another fix was also added for the ``global_registries``
|
object in which the registry was stored in a closure preventing it from
|
being deallocated. See https://github.com/Pylons/pyramid/pull/2967
|
|
- Fix a bug directly invoking ``pyramid.scripts.pserve.main`` with the
|
``--reload`` option in which ``sys.argv`` is always used in the subprocess
|
instead of the supplied ``argv``.
|
See https://github.com/Pylons/pyramid/pull/2962
|
|
Deprecations
|
------------
|
|
- Pyramid currently depends on ``plaster_pastedeploy`` to simplify the
|
transition to ``plaster`` by maintaining integrated support for INI files.
|
This dependency on ``plaster_pastedeploy`` should be considered subject to
|
Pyramid's deprecation policy and may be removed in the future.
|
Applications should depend on the appropriate plaster binding to satisfy
|
their needs.
|
|
- Retrieving CSRF token from the session has been deprecated in favor of
|
equivalent methods in the ``pyramid.csrf`` module. The CSRF methods
|
(``ISession.get_csrf_token`` and ``ISession.new_csrf_token``) are no longer
|
required on the ``ISession`` interface except when using the default
|
``pyramid.csrf.LegacySessionCSRFStoragePolicy``.
|
|
Also, ``pyramid.session.check_csrf_token`` is now located at
|
``pyramid.csrf.check_csrf_token``.
|
|
See https://github.com/Pylons/pyramid/pull/2854 and
|
https://github.com/Pylons/pyramid/pull/3019
|
|
Documentation Changes
|
---------------------
|
|
- Added the execution policy to the routing diagram in the Request Processing
|
chapter. See https://github.com/Pylons/pyramid/pull/2993
|