1.2.2 (2011-11-20)
|
==================
|
|
Features
|
--------
|
|
- Backport from master: a ``mako.directories`` setting is no longer required
|
to use Mako templates. Rationale: Mako template renderers can be specified
|
using an absolute asset spec. An entire application can be written with
|
such asset specs, requiring no ordered lookup path.
|
|
Bug Fixes
|
---------
|
|
- Backport from master: The ``pryamid.view.view_config`` decorator did not
|
accept a ``match_params`` predicate argument. See
|
https://github.com/Pylons/pyramid/pull/308
|
|
- Backport fixes from master regarding URL decoding. URL segments are
|
no-longer "double-decoded" during traversal and when encountered in a route
|
subpath (or other star-arg pattern). As a result, a new API named
|
``pyramid.traversal.traversal_path_info`` was added to the system. This
|
function accepts an already-URL-decoded string and returns a tuple of
|
Unicode objects. This API is used internally by Pyramid in all places that
|
``pyramid.traversal.traversal_path`` used to be used. The
|
``traversal_path`` function remains for backwards compatibility, however,
|
and can still be used when a path is encoded. See
|
https://github.com/Pylons/pyramid/issues/349 for more information.
|
|
- Backport fix from master: ``request.static_url`` now generates URL-quoted
|
URLs when fed a ``path`` argument which contains characters that are
|
unsuitable for URLs. See https://github.com/Pylons/pyramid/issues/349 for
|
more information.
|
|
- Backport from master: fix ``request.json_body`` to deal with alternate
|
request charsets.
|
|
- Backport from master: the AuthTktCookieHelper could potentially generate
|
Unicode headers inappropriately when the ``tokens`` argument to remember
|
was used. See https://github.com/Pylons/pyramid/pull/314.
|
|
- Backport from master: the AuthTktAuthenticationPolicy did not use a
|
timing-attack-aware string comparator. See
|
https://github.com/Pylons/pyramid/pull/320 for more info.
|
|
- Backport from master: the DummySession in ``pyramid.testing`` now generates
|
a new CSRF token if one doesn't yet exist.
|
|
Testing
|
-------
|
|
- Make tox use WebOb 1.1 for Python 2.5-based systems (WebOb 1.2 is 2.6+).
|
|
1.2.1 (2011-09-28)
|
==================
|
|
Features
|
--------
|
|
- Lone instance methods can now be treated as view callables (see
|
https://github.com/Pylons/pyramid/pull/283).
|
|
Bug Fixes
|
---------
|
|
- Update auth_tkt authentication policy to accept unicode tokens as long as
|
they only contain ASCII content. See
|
https://github.com/Pylons/pyramid/issues/293.
|
|
Documentation
|
-------------
|
|
- Fix ``..note`` and ``..warning`` directives to run properly under newer
|
Sphinx.
|
|
1.2 (2011-09-12)
|
================
|
|
Features
|
--------
|
|
- Route pattern replacement marker names can now begin with an underscore.
|
See https://github.com/Pylons/pyramid/issues/276.
|
|
1.2b3 (2011-09-11)
|
==================
|
|
Bug Fixes
|
---------
|
|
- The route prefix was not taken into account when a static view was added in
|
an "include". See https://github.com/Pylons/pyramid/issues/266 .
|
|
1.2b2 (2011-09-08)
|
==================
|
|
Bug Fixes
|
---------
|
|
- The 1.2b1 tarball was a brownbag (particularly for Windows users) because
|
it contained filenames with stray quotation marks in inappropriate places.
|
We depend on ``setuptools-git`` to produce release tarballs, and when it
|
was run to produce the 1.2b1 tarball, it didn't yet cope well with files
|
present in git repositories with high-order characters in their filenames.
|
|
Documentation
|
-------------
|
|
- Minor tweaks to the "Introduction" narrative chapter example app and
|
wording.
|
|
1.2b1 (2011-09-08)
|
==================
|
|
Bug Fixes
|
---------
|
|
- Sometimes falling back from territory translations (``de_DE``) to language
|
translations (``de``) would not work properly when using a localizer. See
|
https://github.com/Pylons/pyramid/issues/263
|
|
- The static file serving machinery could not serve files that started with a
|
``.`` (dot) character.
|
|
- Static files with high-order (super-ASCII) characters in their names could
|
not be served by a static view. The static file serving machinery
|
inappropriately URL-quoted path segments in filenames when asking for files
|
from the filesystem.
|
|
- Within ``pyramid.traversal.traversal_path`` , canonicalize URL segments
|
from UTF-8 to Unicode before checking whether a segment matches literally
|
one of ``.``, the empty string, or ``..`` in case there's some sneaky way
|
someone might tunnel those strings via UTF-8 that don't match the literals
|
before decoded.
|
|
Documentation
|
-------------
|
|
- Added a "What Makes Pyramid Unique" section to the Introduction narrative
|
chapter.
|
|
1.2a6 (2011-09-06)
|
==================
|
|
Bug Fixes
|
---------
|
|
- AuthTktAuthenticationPolicy with a ``reissue_time`` interfered with logout.
|
See https://github.com/Pylons/pyramid/issues/262.
|
|
Internal
|
--------
|
|
- Internalize code previously depended upon as imports from the
|
``paste.auth`` module (futureproof).
|
|
- Replaced use of ``paste.urlparser.StaticURLParser`` with a derivative of
|
Chris Rossi's "happy" static file serving code (futureproof).
|
|
- Fixed test suite; on some systems tests would fail due to indeterminate
|
test run ordering and a double-push-single-pop of a shared test variable.
|
|
Behavior Differences
|
--------------------
|
|
- An ETag header is no longer set when serving a static file. A
|
Last-Modified header is set instead.
|
|
- Static file serving no longer supports the ``wsgi.file_wrapper`` extension.
|
|
- Instead of returning a ``403 Forbidden`` error when a static file is served
|
that cannot be accessed by the Pyramid process' user due to file
|
permissions, an IOError (or similar) will be raised.
|
|
Scaffolds
|
---------
|
|
- All scaffolds now send the ``cache_max_age`` parameter to the
|
``add_static_view`` method.
|
|
1.2a5 (2011-09-04)
|
==================
|
|
Bug Fixes
|
---------
|
|
- The ``route_prefix`` of a configurator was not properly taken into account
|
when registering routes in certain circumstances. See
|
https://github.com/Pylons/pyramid/issues/260
|
|
Dependencies
|
------------
|
|
- The ``zope.configuration`` package is no longer a dependency.
|
|
1.2a4 (2011-09-02)
|
==================
|
|
Features
|
--------
|
|
- Support an ``onerror`` keyword argument to
|
``pyramid.config.Configurator.scan()``. This onerror keyword argument is
|
passed to ``venusian.Scanner.scan()`` to influence error behavior when
|
an exception is raised during scanning.
|
|
- The ``request_method`` predicate argument to
|
``pyramid.config.Configurator.add_view`` and
|
``pyramid.config.Configurator.add_route`` is now permitted to be a tuple of
|
HTTP method names. Previously it was restricted to being a string
|
representing a single HTTP method name.
|
|
- Undeprecated ``pyramid.traversal.find_model``,
|
``pyramid.traversal.model_path``, ``pyramid.traversal.model_path_tuple``,
|
and ``pyramid.url.model_url``, which were all deprecated in Pyramid 1.0.
|
There's just not much cost to keeping them around forever as aliases to
|
their renamed ``resource_*`` prefixed functions.
|
|
- Undeprecated ``pyramid.view.bfg_view``, which was deprecated in Pyramid
|
1.0. This is a low-cost alias to ``pyramid.view.view_config`` which we'll
|
just keep around forever.
|
|
Dependencies
|
------------
|
|
- Pyramid now requires Venusian 1.0a1 or better to support the ``onerror``
|
keyword argument to ``pyramid.config.Configurator.scan``.
|
|
1.2a3 (2011-08-29)
|
==================
|
|
Bug Fixes
|
---------
|
|
- Pyramid did not properly generate static URLs using
|
``pyramid.url.static_url`` when passed a caller-package relative path due
|
to a refactoring done in 1.2a1.
|
|
- The ``settings`` object emitted a deprecation warning any time
|
``__getattr__`` was called upon it. However, there are legitimate
|
situations in which ``__getattr__`` is called on arbitrary objects
|
(e.g. ``hasattr``). Now, the ``settings`` object only emits the warning
|
upon successful lookup.
|
|
Internal
|
--------
|
|
- Use ``config.with_package`` in view_config decorator rather than
|
manufacturing a new renderer helper (cleanup).
|
|
1.2a2 (2011-08-27)
|
==================
|
|
Bug Fixes
|
---------
|
|
- When a ``renderers=`` argument is not specified to the Configurator
|
constructor, eagerly register and commit the default renderer set. This
|
permits the overriding of the default renderers, which was broken in 1.2a1
|
without a commit directly after Configurator construction.
|
|
- Mako rendering exceptions had the wrong value for an error message.
|
|
- An include could not set a root factory successfully because the
|
Configurator constructor unconditionally registered one that would be
|
treated as if it were "the word of the user".
|
|
Features
|
--------
|
|
- A session factory can now be passed in using the dotted name syntax.
|
|
1.2a1 (2011-08-24)
|
==================
|
|
Features
|
--------
|
|
- The ``[pshell]`` section in an ini configuration file now treats a
|
``setup`` key as a dotted name that points to a callable that is passed the
|
bootstrap environment. It can mutate the environment as necessary for
|
great justice.
|
|
- A new configuration setting named ``pyramid.includes`` is now available.
|
It is described in the "Environment Variables and ``.ini`` Files Settings"
|
narrative documentation chapter.
|
|
- Added a ``route_prefix`` argument to the
|
``pyramid.config.Configurator.include`` method. This argument allows you
|
to compose URL dispatch applications together. See the section entitled
|
"Using a Route Prefix to Compose Applications" in the "URL Dispatch"
|
narrative documentation chapter.
|
|
- Added a ``pyramid.security.NO_PERMISSION_REQUIRED`` constant for use in
|
``permission=`` statements to view configuration. This constant has a
|
value of the string ``__no_permission_required__``. This string value was
|
previously referred to in documentation; now the documentation uses the
|
constant.
|
|
- Added a decorator-based way to configure a response adapter:
|
``pyramid.response.response_adapter``. This decorator has the same use as
|
``pyramid.config.Configurator.add_response_adapter`` but it's declarative.
|
|
- The ``pyramid.events.BeforeRender`` event now has an attribute named
|
``rendering_val``. This can be used to introspect the value returned by a
|
view in a BeforeRender subscriber.
|
|
- New configurator directive: ``pyramid.config.Configurator.add_tween``.
|
This directive adds a "tween". A "tween" is used to wrap the Pyramid
|
router's primary request handling function. This is a feature may be used
|
by Pyramid framework extensions, to provide, for example, view timing
|
support and as a convenient place to hang bookkeeping code.
|
|
Tweens are further described in the narrative docs section in the Hooks
|
chapter, named "Registering Tweens".
|
|
- New paster command ``paster ptweens``, which prints the current "tween"
|
configuration for an application. See the section entitled "Displaying
|
Tweens" in the Command-Line Pyramid chapter of the narrative documentation
|
for more info.
|
|
- The Pyramid debug logger now uses the standard logging configuration
|
(usually set up by Paste as part of startup). This means that output from
|
e.g. ``debug_notfound``, ``debug_authorization``, etc. will go to the
|
normal logging channels. The logger name of the debug logger will be the
|
package name of the *caller* of the Configurator's constructor.
|
|
- A new attribute is available on request objects: ``exc_info``. Its value
|
will be ``None`` until an exception is caught by the Pyramid router, after
|
which it will be the result of ``sys.exc_info()``.
|
|
- ``pyramid.testing.DummyRequest`` now implements the
|
``add_finished_callback`` and ``add_response_callback`` methods.
|
|
- New methods of the ``pyramid.config.Configurator`` class:
|
``set_authentication_policy`` and ``set_authorization_policy``. These are
|
meant to be consumed mostly by add-on authors.
|
|
- New Configurator method: ``set_root_factory``.
|
|
- Pyramid no longer eagerly commits some default configuration statements at
|
Configurator construction time, which permits values passed in as
|
constructor arguments (e.g. ``authentication_policy`` and
|
``authorization_policy``) to override the same settings obtained via an
|
"include".
|
|
- Better Mako rendering exceptions via
|
``pyramid.mako_templating.MakoRenderingException``
|
|
- New request methods: ``current_route_url``, ``current_route_path``, and
|
``static_path``.
|
|
- New functions in ``pyramid.url``: ``current_route_path`` and
|
``static_path``.
|
|
- The ``pyramid.request.Request.static_url`` API (and its brethren
|
``pyramid.request.Request.static_path``, ``pyramid.url.static_url``, and
|
``pyramid.url.static_path``) now accept an asbolute filename as a "path"
|
argument. This will generate a URL to an asset as long as the filename is
|
in a directory which was previously registered as a static view.
|
Previously, trying to generate a URL to an asset using an absolute file
|
path would raise a ValueError.
|
|
- The ``RemoteUserAuthenticationPolicy ``, ``AuthTktAuthenticationPolicy``,
|
and ``SessionAuthenticationPolicy`` constructors now accept an additional
|
keyword argument named ``debug``. By default, this keyword argument is
|
``False``. When it is ``True``, debug information will be sent to the
|
Pyramid debug logger (usually on stderr) when the ``authenticated_userid``
|
or ``effective_principals`` method is called on any of these policies. The
|
output produced can be useful when trying to diagnose
|
authentication-related problems.
|
|
- New view predicate: ``match_param``. Example: a view added via
|
``config.add_view(aview, match_param='action=edit')`` will be called only
|
when the ``request.matchdict`` has a value inside it named ``action`` with
|
a value of ``edit``.
|
|
Internal
|
--------
|
|
- The Pyramid "exception view" machinery is now implemented as a "tween"
|
(``pyramid.tweens.excview_tween_factory``).
|
|
- WSGIHTTPException (HTTPFound, HTTPNotFound, etc) now has a new API named
|
"prepare" which renders the body and content type when it is provided with
|
a WSGI environ. Required for debug toolbar.
|
|
- Once ``__call__`` or ``prepare`` is called on a WSGIHTTPException, the body
|
will be set, and subsequent calls to ``__call__`` will always return the
|
same body. Delete the body attribute to rerender the exception body.
|
|
- Previously the ``pyramid.events.BeforeRender`` event *wrapped* a dictionary
|
(it addressed it as its ``_system`` attribute). Now it *is* a dictionary
|
(it inherits from ``dict``), and it's the value that is passed to templates
|
as a top-level dictionary.
|
|
- The ``route_url``, ``route_path``, ``resource_url``, ``static_url``, and
|
``current_route_url`` functions in the ``pyramid.url`` package now delegate
|
to a method on the request they've been passed, instead of the other way
|
around. The pyramid.request.Request object now inherits from a mixin named
|
pyramid.url.URLMethodsMixin to make this possible, and all url/path
|
generation logic is embedded in this mixin.
|
|
- Refactor ``pyramid.config`` into a package.
|
|
- Removed the ``_set_security_policies`` method of the Configurator.
|
|
- Moved the ``StaticURLInfo`` class from ``pyramid.static`` to
|
``pyramid.config.views``.
|
|
- Move the ``Settings`` class from ``pyramid.settings`` to
|
``pyramid.config.settings``.
|
|
- Move the ``OverrideProvider``, ``PackageOverrides``, ``DirectoryOverride``,
|
and ``FileOverride`` classes from ``pyramid.asset`` to
|
``pyramid.config.assets``.
|
|
Deprecations
|
------------
|
|
- All Pyramid-related deployment settings (e.g. ``debug_all``,
|
``debug_notfound``) are now meant to be prefixed with the prefix
|
``pyramid.``. For example: ``debug_all`` -> ``pyramid.debug_all``. The
|
old non-prefixed settings will continue to work indefinitely but supplying
|
them may eventually print a deprecation warning. All scaffolds and
|
tutorials have been changed to use prefixed settings.
|
|
- The ``settings`` dictionary now raises a deprecation warning when you
|
attempt to access its values via ``__getattr__`` instead of
|
via ``__getitem__``.
|
|
Backwards Incompatibilities
|
---------------------------
|
|
- If a string is passed as the ``debug_logger`` parameter to a Configurator,
|
that string is considered to be the name of a global Python logger rather
|
than a dotted name to an instance of a logger.
|
|
- The ``pyramid.config.Configurator.include`` method now accepts only a
|
single ``callable`` argument (a sequence of callables used to be
|
permitted). If you are passing more than one ``callable`` to
|
``pyramid.config.Configurator.include``, it will break. You now must now
|
instead make a separate call to the method for each callable. This change
|
was introduced to support the ``route_prefix`` feature of include.
|
|
- It may be necessary to more strictly order configuration route and view
|
statements when using an "autocommitting" Configurator. In the past, it
|
was possible to add a view which named a route name before adding a route
|
with that name when you used an autocommitting configurator. For example::
|
|
config = Configurator(autocommit=True)
|
config.add_view('my.pkg.someview', route_name='foo')
|
config.add_route('foo', '/foo')
|
|
The above will raise an exception when the view attempts to add itself.
|
Now you must add the route before adding the view::
|
|
config = Configurator(autocommit=True)
|
config.add_route('foo', '/foo')
|
config.add_view('my.pkg.someview', route_name='foo')
|
|
This won't effect "normal" users, only people who have legacy BFG codebases
|
that used an autommitting configurator and possibly tests that use the
|
configurator API (the configurator returned by ``pyramid.testing.setUp`` is
|
an autocommitting configurator). The right way to get around this is to
|
use a non-autocommitting configurator (the default), which does not have
|
these directive ordering requirements.
|
|
- The ``pyramid.config.Configurator.add_route`` directive no longer returns a
|
route object. This change was required to make route vs. view
|
configuration processing work properly.
|
|
Documentation
|
-------------
|
|
- Narrative and API documentation which used the ``route_url``,
|
``route_path``, ``resource_url``, ``static_url``, and ``current_route_url``
|
functions in the ``pyramid.url`` package have now been changed to use
|
eponymous methods of the request instead.
|
|
- Added a section entitled "Using a Route Prefix to Compose Applications" to
|
the "URL Dispatch" narrative documentation chapter.
|
|
- Added a new module to the API docs: ``pyramid.tweens``.
|
|
- Added a "Registering Tweens" section to the "Hooks" narrative chapter.
|
|
- Added a "Displaying Tweens" section to the "Command-Line Pyramid" narrative
|
chapter.
|
|
- Added documentation for the ``pyramid.tweens`` and ``pyramid.includes``
|
configuration settings to the "Environment Variables and ``.ini`` Files
|
Settings" chapter.
|
|
- Added a Logging chapter to the narrative docs (based on the Pylons logging
|
docs, thanks Phil).
|
|
- Added a Paste chapter to the narrative docs (moved content from the Project
|
chapter).
|
|
- Added the ``pyramid.interfaces.IDict`` interface representing the methods
|
of a dictionary, for documentation purposes only (IMultiDict and
|
IBeforeRender inherit from it).
|
|
- All tutorials now use - The ``route_url``, ``route_path``,
|
``resource_url``, ``static_url``, and ``current_route_url`` methods of the
|
request rather than the function variants imported from ``pyramid.url``.
|
|
- The ZODB wiki tutorial now uses the ``pyramid_zodbconn`` package rather
|
than the ``repoze.zodbconn`` package to provide ZODB integration.
|
|
Dependency Changes
|
------------------
|
|
- Pyramid now relies on PasteScript >= 1.7.4. This version contains a
|
feature important for allowing flexible logging configuration.
|
|
Scaffolds
|
----------
|
|
- All scaffolds now use the ``pyramid_tm`` package rather than the
|
``repoze.tm2`` middleware to manage transaction management.
|
|
- The ZODB scaffold now uses the ``pyramid_zodbconn`` package rather than the
|
``repoze.zodbconn`` package to provide ZODB integration.
|
|
- All scaffolds now use the ``pyramid_debugtoolbar`` package rather than the
|
``WebError`` package to provide interactive debugging features.
|
|
- Projects created via a scaffold no longer depend on the ``WebError``
|
package at all; configuration in the ``production.ini`` file which used to
|
require its ``error_catcher`` middleware has been removed. Configuring
|
error catching / email sending is now the domain of the ``pyramid_exclog``
|
package (see https://docs.pylonsproject.org/projects/pyramid_exclog/dev/).
|
|
Bug Fixes
|
---------
|
|
- Fixed an issue with the default renderer not working at certain times. See
|
https://github.com/Pylons/pyramid/issues/249
|
