2015-02-14 Release 6.13
Karen Etheridge (1):
- fixed Makefile.PL compatibility with older ExtUtils::MakeMaker (from
release 6.12)
_______________________________________________________________________________
2015-02-13 Release 6.12
Karen Etheridge (1):
- fixed prereq declarations in release 6.11
_______________________________________________________________________________
2015-02-13 Release 6.11
Graham Knop (1):
- cleanup of the test running mechanism; allowing greater flexibility and
should also resolve RT#102083
_______________________________________________________________________________
2015-02-12 Release 6.10
Karen Etheridge (1):
- lower runtime prereqs recommendation on LWP::Protocol::https to suggests,
to work around a circular dependency in CPAN clients when the 'install
recommendations' option is enabled (RT#101732)
_______________________________________________________________________________
2015-02-09 Release 6.09
Steffen Ullrich (1):
- checks for EINTR now also check EWOULDBLOCK (they sometimes differ on
MSWin32)
Daina Pettit (1):
- fixed pod syntax
Jason A Fesler (2):
- Fixed checking the % character in address regex
- Improved regex for literal IPv6 addresses
Changelog:
2014-12-07 Sebastien DIAZ <sebastien.diaz@gmail.com>
Patches on 3.2.16
patch #7845: HTTP PUT method support from Yury Knigin
patch #8581: Added HTML5 Support from Tim O'Neil
* Include Calendar and Contacts apps
Changelog:
Version 8.0.0 Feb 9th 2015
Favorites
Federated cloud (Server 2 Server Sharing, Version 2)
Improved apps management page
Improved updater app
Improved search
Direct download support, Broker
More fine grain storage configuration
Provisioning API will be released as part of the community edition
Apps can now specify their dependencies in info.xml
Accessibility improvements
Improved Documents
LDAP/AD: command line functions for creating and deleting LDAP configurations.
LDAP/AD: subtle configuration wizard improvements, including user name attribute detection.
PDF viewer has been updated to a new version of PDF.js
Sharing links are now shorter and "look better"
Usermanagement improvements
Better structured settings and admin page
Performance improvements
App container can now automatically resolve dependencies
Various app API deprecations and features
Improved import for contacts
App development tutorial for building a notes app
Changelog:
What's New in SeaMonkey 2.32.1
Mostly regression fixes, including:
MailNews feeds not updating
Selected profile in Profile Manager not remembered
Opening a bookmark folder in tabs on Linux
Troubleshooting Information (about:support) with the Modern theme
What's New in SeaMonkey 2.32
SeaMonkey 2.32 contains the following major changes relative to SeaMonkey 2.31:
SeaMonkey-specific changes
The Spell Check dialog is now resizable.
Generational Garbage Collection has been enabled.
Mozilla platform changes
Improved handling of dynamic styling changes to increase responsiveness.
Implemented HTTP Public Key Pinning Extension (for enhanced authentication of encrypted connections).
Reduced resource usage for scaled images.
Also see Firefox 35 for Developers.
Fixed several stability issue
Fixed in SeaMonkey 2.32
2015-09 XrayWrapper bypass through DOM objects
2015-08 Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension
2015-06 Read-after-free in WebRTC
2015-05 Read of uninitialized memory in Web Audio
2015-04 Cookie injection through Proxy Authenticate responses
2015-03 sendBeacon requests lack an Origin header
2015-02 Uninitialized memory use during bitmap rendering
2015-01 Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)
Bugs Fixed
1. The eviction timeout was not being correctly applied when request timeout wasn’t being applied at the same time. It may have partly worked if any of inactivity or graceful timeout were also specified, but the application of the timeout may still have been delayed.
New Features
1. Added the --error-log-name option to mod_wsgi-express to allow the name of the file used for the error log, when being written to the log directory, to be overridden.
2. Added the --access-log-name option to mod_wsgi-express to allow the name of the file used for the access log, when being written to the log directory, to be overridden.
3. Added the --startup-log-name option to mod_wsgi-express to allow the name of the file used for the startup log, when being written to the log directory, to be overridden.
Version 3.4.4 (2015-02-12)
--------------------------
### Fixed
Fixed a directory traversal vulnerability discovered by Arnaud Buchoux. See
CVE-2015-0269 for more information.
Version 3.2.19 (2015-02-12)
---------------------------
### Fixed
Fixed a directory traversal vulnerability discovered by Arnaud Buchoux. See
CVE-2015-0269 for more information.
* Reactive DOM elements (thanks to a contribution by besport.com)
* PUT and DELETE services for RESTful Eliom Applications
Contribution by Domoco)
* EXPERIMENTAL: Mobile apps with Eliom. By making it possible to start
he application from client-side.
* Documentation improvements
* Improvements in typing of services (Contribution by Jacques-Pascal Deplaix)
* Filtering data from Eliom buses
* "caml" in value or type names now replaced by "OCaml" everywhere
* New module {{{Eliom_registration.File_ct}}} to make easier to send files with
heir content type
* Now possible to define services in shared sections
* Adding function {{{Eliom_client.change_url}}} to change the URL without doing a request
* Adding function {{{Eliom_service.attach_coservice'}}} to attach a non-attached coservice to an URL
* Improving comet configurations: now possible to stay idle instead of being completely inactive
* Now using defaultprotocol option (from ocsigenserver) to compute URLs
* The default expiration date for cookies on client side is now 10 years
* Now possible to send files in {{{Eliom_client.call_ocaml_service}}}
* Various additions and bugfixes in {{{Manip}}}, {{{Eliom_request_info}}},
{{Eliom_content.html5}}} (events) (contributions by besport.com)
* eliom-destillery renamed into eliom-distillery
* Templates for eliom-distillery
* New programs: eliomdoc and eliompp
* Ocamlbuild package
* Various bugfixes
* Use ipaddr
* Support "Expect: 100-continue"
* fix PID file
* fix VERSION
* Support for DELETE and PUT http method
* Support syslog logs
* option for ipv4/v6 in ocsigen_http_client
* Prevent exit when an Lwt.async task raise an exception
* fix HTTP bytes range (#8)
0.9.1 (2015-02-07)
* Added support for Requests transport adapter plugins to enable plugin-provided features such as unix socket communication and HTTP/2.
0.9.0 (2015-01-31)
* Added --cert and --cert-key parameters to specify a client side certificate and private key for SSL
* Improved unicode support.
* Improved terminal color depth detection via curses.
* To make it easier to deal with Windows paths in request items, \ now only escapes special characters (the ones that are used as key-value separators by HTTPie).
* Switched from unittest to pytest.
* Added Python wheel support.
* Various test suite improvements.
* Added CONTRIBUTING.
* Fixed User-Agent overwriting when used within a session.
* Fixed handling of empty passwords in URL credentials.
* Fixed multiple file uploads with the same form field name.
* Fixed --output=/dev/null on Linux.
* Miscellaneous bugfixes.
Upstream says that this patch is no longer necessary because an
equivalent change was applied elsewhere in the code. Until we're
sure, park the patch by dropping from distinfo and commenting out the
patch contents, leaving a note in the patchfile about why.
Highlights
If a Future contains an exception but that exception is never
examined or re-raised (e.g. by yielding the Future), a stack
trace will be logged when the Future is garbage-collected.
New class tornado.gen.WaitIterator provides a way to iterate
over Futures in the order they resolve.
The tornado.websocket module now supports compression via the
âpermessage-deflateâ extension. Override
WebSocketHandler.get_compression_options to enable on the server
side, and use the compression_options keyword argument to
websocket_connect on the client side.
When the appropriate packages are installed, it is possible to
yield asyncio.Future or Twisted Defered objects in Tornado
coroutines.
Backwards-compatibility notes
HTTPServer now calls start_request with the correct arguments.
This change is backwards-incompatible, afffecting any application
which implemented HTTPServerConnectionDelegate by following
the example of Application instead of the documented method
signatures.
tornado.concurrent
If a Future contains an exception but that exception is never
examined or re-raised (e.g. by yielding the Future), a stack
trace will be logged when the Future is garbage-collected.
Future now catches and logs exceptions in its callbacks.
tornado.curl_httpclient
tornado.curl_httpclient now supports request bodies for PATCH
and custom methods.
tornado.curl_httpclient now supports resubmitting bodies after
following redirects for methods other than POST.
curl_httpclient now runs the streaming and header callbacks on
the IOLoop.
tornado.curl_httpclient now uses its own logger for debug output
so it can be filtered more easily.
tornado.gen
New class tornado.gen.WaitIterator provides a way to iterate
over Futures in the order they resolve.
When the singledispatch library is available (standard on Python
3.4, available via pip install singledispatch on older versions),
the convert_yielded function can be used to make other kinds
of objects yieldable in coroutines.
New function tornado.gen.sleep is a coroutine-friendly analogue
to time.sleep.
gen.engine now correctly captures the stack context for its
callbacks.
tornado.httpclient
tornado.httpclient.HTTPRequest accepts a new argument
raise_error=False to suppress the default behavior of raising
an error for non-200 response codes.
tornado.httpserver
HTTPServer now calls start_request with the correct arguments.
This change is backwards-incompatible, afffecting any application
which implemented HTTPServerConnectionDelegate by following
the example of Application instead of the documented method
signatures.
HTTPServer now tolerates extra newlines which are sometimes
inserted between requests on keep-alive connections.
HTTPServer can now use keep-alive connections after a request
with a chunked body.
HTTPServer now always reports HTTP/1.1 instead of echoing the
request version.
tornado.httputil
New function tornado.httputil.split_host_and_port for parsing
the netloc portion of URLs.
The context argument to HTTPServerRequest is now optional, and
if a context is supplied the remote_ip attribute is also
optional.
HTTPServerRequest.body is now always a byte string (previously
the default empty body would be a unicode string on python 3).
Header parsing now works correctly when newline-like unicode
characters are present.
Header parsing again supports both CRLF and bare LF line
separators.
Malformed multipart/form-data bodies will always be logged
quietly instead of raising an unhandled exception; previously
the behavior was inconsistent depending on the exact error.
tornado.ioloop
The kqueue and select IOLoop implementations now report
writeability correctly, fixing flow control in IOStream.
When a new IOLoop is created, it automatically becomes âcurrentâ
for the thread if there is not already a current instance.
New method PeriodicCallback.is_running can be used to see
whether the PeriodicCallback has been started.
tornado.iostream
IOStream.start_tls now uses the server_hostname parameter for
certificate validation.
SSLIOStream will no longer consume 100% CPU after certain error
conditions.
SSLIOStream no longer logs EBADF errors during the handshake
as they can result from nmap scans in certain modes.
tornado.options
parse_config_file now always decodes the config file as utf8
on Python 3.
tornado.options.define more accurately finds the module defining
the option.
tornado.platform.asyncio
It is now possible to yield asyncio.Future objects in coroutines
when the singledispatch library is available and
tornado.platform.asyncio has been imported.
New methods tornado.platform.asyncio.to_tornado_future and
to_asyncio_future convert between the two librariesâ Future
classes.
tornado.platform.twisted
It is now possible to yield Deferred objects in coroutines when
the singledispatch library is available and tornado.platform.twisted
has been imported.
tornado.tcpclient
TCPClient will no longer raise an exception due to an ill-timed
timeout.
tornado.tcpserver
TCPServer no longer ignores its read_chunk_size argument.
tornado.testing
AsyncTestCase has better support for multiple exceptions.
Previously it would silently swallow all but the last; now it
raises the first and logs all the rest.
AsyncTestCase now cleans up Subprocess state on tearDown when
necessary.
tornado.web
The asynchronous decorator now understands concurrent.futures.Future
in addition to tornado.concurrent.Future.
StaticFileHandler no longer logs a stack trace if the connection
is closed while sending the file.
RequestHandler.send_error now supports a reason keyword argument,
similar to tornado.web.HTTPError.
RequestHandler.locale now has a property setter.
Application.add_handlers hostname matching now works correctly
with IPv6 literals.
Redirects for the Application default_host setting now match
the request protocol instead of redirecting HTTPS to HTTP.
Malformed _xsrf cookies are now ignored instead of causing
uncaught exceptions.
Application.start_request now has the same signature as
HTTPServerConnectionDelegate.start_request.
tornado.websocket
The tornado.websocket module now supports compression via the
âpermessage-deflateâ extension. Override
WebSocketHandler.get_compression_options to enable on the server
side, and use the compression_options keyword argument to
websocket_connect on the client side.
WebSocketHandler no longer logs stack traces when the connection
is closed.
WebSocketHandler.open now accepts *args, **kw for consistency
with RequestHandler.get and related methods.
The Sec-WebSocket-Version header now includes all supported
versions.
websocket_connect now has a on_message_callback keyword argument
for callback-style use without read_message().
=== 2.11.0 / 2015-01-20
* 9 bug fixes:
* Add mode as an additional bind option to unix sockets. Fixes#630
* Advertise HTTPS properly after a hot restart
* Don't write lowlevel_error_handler to state
* Fix phased restart with stuck requests
* Handle spaces in the path properly. Fixes#622
* Set a default REMOTE_ADDR to avoid using peeraddr on unix sockets. Fixes#583
* Skip device number checking on jruby. Fixes#586
* Update extconf.rb to compile correctly on OS X
* redirect io right after daemonizing so startup errors are shown. Fixes#359
* 6 minor features:
* Add a configuration option that prevents puma from queueing requests.
* Add reload_worker_directory
* Add the ability to pass environment variables to the init script (for Jungle).
* Add the proctitle tag to the worker. Fixes#633
* Infer a proctitle tag based on the directory
* Update lowlevel error message to be more meaningful.
* 10 PRs merged:
* Merge pull request #478 from rubencaro/master
* Merge pull request #610 from kwilczynski/master
* Merge pull request #611 from jasonl/better-lowlevel-message
* Merge pull request #616 from jc00ke/master
* Merge pull request #623 from raldred/patch-1
* Merge pull request #628 from rdpoor/master
* Merge pull request #634 from deepj/master
* Merge pull request #637 from raskhadafi/patch-1
* Merge pull request #639 from ebeigarts/fix-phased-restarts
* Merge pull request #640 from codehotter/issue-612-dependent-requests-deadlock
=== 2.10.2 / 2014-11-26
* 1 bug fix:
* Conditionalize thread local cleaning, fixes perf degradation fix
The code to clean out all Thread locals adds pretty significant
overhead to a each request, so it has to be turned on explicitly
if a user needs it.
=== 2.10.1 / 2014-11-24
* 1 bug fix:
* Load the app after daemonizing because the app might start threads.
This change means errors loading the app are now reported only in the redirected
stdout/stderr.
If you're app has problems starting up, start it without daemon mode initially
to test.
=== 2.10.0 / 2014-11-23
* 3 minor features:
* Added on_worker_shutdown hook mechanism
* Allow binding to ipv6 addresses for ssl URIs
* Warn about any threads started during app preload
* 5 bug fixes:
* Clean out a threads local data before doing work
* Disable SSLv3. Fixes#591
* First change the directory to use the correct Gemfile.
* Only use config.ru binds if specified. Fixes#606
* Strongish cipher suite with FS support for some browsers
* 2 doc changes:
* Change umask examples to more permissive values
* fix typo in README.md
* 9 Merged PRs:
* Merge pull request #560 from raskhadafi/prune_bundler-bug
* Merge pull request #566 from sheltond/master
* Merge pull request #593 from andruby/patch-1
* Merge pull request #594 from hassox/thread-cleanliness
* Merge pull request #596 from burningTyger/patch-1
* Merge pull request #601 from sorentwo/friendly-umask
* Merge pull request #602 from 1334/patch-1
* Merge pull request #608 from Gu1/master
* Merge remote-tracking branch 'origin/pr/538'
=== 2.9.2 / 2014-10-25
* 8 bug fixes:
* Fix puma-wild handling a restart properly. Fixes#550
* JRuby SSL POODLE update
* Keep deprecated features warnings
* Log the current time when Puma shuts down.
* Fix cross-platform extension library detection
* Use the correct Windows names for OpenSSL.
* Better error logging during startup
* Fixing sexist error messages
* 6 PRs merged:
* Merge pull request #549 from bsnape/log-shutdown-time
* Merge pull request #553 from lowjoel/master
* Merge pull request #568 from mariuz/patch-1
* Merge pull request #578 from danielbuechele/patch-1
* Merge pull request #581 from alexch/slightly-better-logging
* Merge pull request #590 from looker/jruby_disable_sslv3
=== 2.9.1 / 2014-09-05
* 4 bug fixes:
* Cleanup the SSL related structures properly, fixes memory leak
* Fix thread spawning edge case.
* Force a worker check after a worker boots, don't wait 5sec. Fixes#574
* Implement SIGHUP for logs reopening
* 2 PRs merged:
* Merge pull request #561 from theoldreader/sighup
* Merge pull request #570 from havenwood/spawn-thread-edge-case
=== 2.9.0 / 2014-07-12
* 1 minor feature:
* Add SSL support for JRuby
* 3 bug fixes:
* Typo BUNDLER_GEMFILE -> BUNDLE_GEMFILE
* Use fast_write because we can't trust syswrite
* pumactl - do not modify original ARGV
* 4 doc fixes:
* BSD-3-Clause over BSD to avoid confusion
* Deploy doc: clarification of the GIL
* Fix typo in DEPLOYMENT.md
* Update README.md
* 6 PRs merged:
* Merge pull request #520 from misfo/patch-2
* Merge pull request #530 from looker/jruby-ssl
* Merge pull request #537 from vlmonk/patch-1
* Merge pull request #540 from allaire/patch-1
* Merge pull request #544 from chulkilee/bsd-3-clause
* Merge pull request #551 from jcxplorer/patch-1
=== 2.8.2 / 2014-04-12
* 4 bug fixes:
* During upgrade, change directory in main process instead of workers.
* Close the client properly on error
* Capistrano: fallback from phased restart to start when not started
* Allow tag option in conf file
* 4 doc fixes:
* Fix Puma daemon service README typo
* `preload_app!` instead of `preload_app`
* add preload_app and prune_bundler to example config
* allow changing of worker_timeout in config file
* 11 PRs merged:
* Merge pull request #487 from ckuttruff/master
* Merge pull request #492 from ckuttruff/master
* Merge pull request #493 from alepore/config_tag
* Merge pull request #503 from mariuz/patch-1
* Merge pull request #505 from sammcj/patch-1
* Merge pull request #506 from FlavourSys/config_worker_timeout
* Merge pull request #510 from momer/rescue-block-handle-servers-fix
* Merge pull request #511 from macool/patch-1
* Merge pull request #514 from edogawaconan/refactor_env
* Merge pull request #517 from misfo/patch-1
* Merge pull request #518 from LongMan/master
=== 2.7.3
* New Features
* Allow net-http-persistent instance to be named. #324, John Weir.
* #save and #save! return filename #340
* Updated mime-types requirement to 2.x versions. #348 by Jeff Nyman.
* Bug fix
* Ensure Download#save! defaults back to original filename if
none is provided (#300)
* Raise exception for syscall errors. rb_sys_fail can't be catched in
ruby, but there is no reason to terminate the process.
* ruby references to FCGX_Stream must keep the FCGX_Request alive.
finshing the request must invalidate the streams.
* fix memory and fd leaks
* [ruby20] switch from rb_thread_select() to select() to avoid breakage
in the future.
## 0.7.1 (2015-01-03)
* Gemspec fixups
* Remove superfluous space in HTTP::Response inspection
## 0.7.0 (2015-01-02)
* Fix handling of EOF which caused infinite loop. See #163, #166 and #152. (@mickm, @ixti)
* Drop Ruby 1.8.7 support. (@ixti)
* Fix default Host header value. See #150. (@ixti)
* Remove BearerToken authorization header. (@ixti)
* `#auth` sugar now accepts only string value of Authorization header.
Calling `#auth(:basic, opts)` is deprecated, use `#basic_auth(opts)` instead.
(@ixti)
* Fix handling of chunked responses without Content-Length header. (@ixti)
* Remove `HTTP::Request#method` and deprecate `HTTP::Request#__method__`
(@sferik)
* Deprecate `HTTP::Response::STATUS_CODES`,
use `HTTP::Response::Status::REASONS` instead (@ixti)
* Deprecate `HTTP::Response::SYMBOL_TO_STATUS_CODE` (@ixti)
* Deprecate `HTTP::Response#status_code` (@ixti)
* `HTTP::Response#status` now returns `HTTP::Response::Status`. (@ixti)
* `HTTP::Response#reason` and `HTTP::Response#code` are proxies them
to corresponding methods of `HTTP::Response#status` (@ixti)
* Rename `HTTP.with_follow` to `HTTP.follow` and mark former one as being
deprecated (@ixti)
* Delegate `HTTP::Response#readpartial` to `HTTP::Response::Body` (@ixti)
## 0.6.3 (2014-11-14)
* Backported EOF fix from master branch. See #166. (@ixti)
## 0.6.2 (2014-08-06)
* Fix default Host header value. See #150. (@ixti)
* Deprecate BearerToken authorization header. (@ixti)
* Fix handling of chunked responses without Content-Length header. (@ixti)
* Rename `HTTP.with_follow` to `HTTP.follow` and mark former one as being
deprecated (@ixti)
== 4.0.3
* New Features
* Support unicode-range
* Bugfixes
* Blank stylesheet is now considered valid
* Fix long parsing times on certain unusual comment constructs
* Reduce memory usage when parsing long (data:) URIs
== 4.0.2
* Bugfixes
* Allow @font-face in places where it should be allowed
== 4.0.1
* Bugfixes
* Update parsing for calc
* Update parsing for Mozilla-specific pseudo elements
== 4.0.0
* New Features
* Support for parsing many new CSS features, including `:not`, `calc`, and `@supports`.
* Line number and context in parser error messages
* Some nodes types will remember their start and end positions, allowing developers to retrieve their original code.
* Bugfixes
* Updated parsing for unusual syntax.
### Version 1.3.6
* Fix bug not setting general rules after media query @jievans.
* We doesn't support Ruby 1.8 anymore.
* Run tests on Ruby 2.0 and Ruby 2.1.
* Respect the :import option.
#Version 2.4.4
Release data: 2014-10-13
###Fixed
* Test for visit behavior updated [Phil Baker]
* Removed concurrency prevention in favor of a note in the README - due to load order issues
# Version 2.4.3
Relase date: 2014-09-21
###Fixed
* Update concurrency prevention to match Rails 4.2 behavior
# Version 2.4.2
Release date: 2014-09-20
### Fixed
* Prevent concurrency issue when testing Rails app with default test environment [Thomas Walpole]
* Tags for windows API tests fixed [Dmitry Vorotilin]
* Documentation Fixes [Andrey Botalov]
* Always convert visit url to string, fixes issue with visit when always_include_port was enabled [Jake Goulding]
* Check correct rspec version before including ::RSpec::Matchers::Composable in Capybara RSpec matchers [Thomas Walpole, Justin Ko]
= 1.4.5 / 2014-04-08
* Improve tests and documentation. (Seiichi Yonezawa, Mike Gehard, Andrew
Deitrick, Matthew Nicholas Bradley, GoGo tanaka, Carlos Lazo, Shim Tw,
kyoendo, Roman Kuznietsov, Stanislav Chistenko, Ryunosuke SATO, Ben Lewis,
wuleicanada, Patricio Mac Adden, Thais Camilo)
* Fix Ruby warnings. (Vipul A M, Piotr Szotkowski)
* Fix template cache memory leak. (Scott Holden)
* Work around UTF-8 bug in JRuby. (namusyaka)
* Don't set charset for JSON mime-type (Sebastian Borrazas)
* Fix bug in request.accept? that might trigger a NoMethodError. (sbonami)
