Replace and simplify the versions section. Drop notion of
supported/deprecated. Explain why people run specific old versions.
Assert that there are no 10.4 pkgsrc users, and very few 10.5. Keep
notion that PRs for <= 10.5 without fixes can be closed without
fixing.
Explain Darwin vs OS X. Point to PureDarwin. Explain that pkgsrc for
Darwin is really for OSX and invite doc patches.
Make a few minor edits.
It remains for someone to explain more clearly the issue of
broken/missing SDKs in 10.11 and command line tools.
As discussed on tech-pkg, with input from jperkin and tron.
2.8.1 (2015-10-13)
++++++++++++++++++
**Bugfixes**
- Update certificate bundle to match ``certifi`` 2015.9.6.2's weak certificate
bundle.
- Fix a bug in 2.8.0 where requests would raise ``ConnectTimeout`` instead of
``ConnectionError``
- When using the PreparedRequest flow, requests will now correctly respect the
``json`` parameter. Broken in 2.8.0.
- When using the PreparedRequest flow, requests will now correctly handle a
Unicode-string method name on Python 2. Broken in 2.8.0.
2.8.0 (2015-10-05)
++++++++++++++++++
**Minor Improvements** (Backwards Compatible)
- Requests now supports per-host proxies. This allows the ``proxies``
dictionary to have entries of the form
``{'<scheme>://<hostname>': '<proxy>'}``. Host-specific proxies will be used
in preference to the previously-supported scheme-specific ones, but the
previous syntax will continue to work.
- ``Response.raise_for_status`` now prints the URL that failed as part of the
exception message.
- ``requests.utils.get_netrc_auth`` now takes an ``raise_errors`` kwarg,
defaulting to ``False``. When ``True``, errors parsing ``.netrc`` files cause
exceptions to be thrown.
- Change to bundled projects import logic to make it easier to unbundle
requests downstream.
- Changed the default User-Agent string to avoid leaking data on Linux: now
contains only the requests version.
**Bugfixes**
- The ``json`` parameter to ``post()`` and friends will now only be used if
neither ``data`` nor ``files`` are present, consistent with the
documentation.
- We now ignore empty fields in the ``NO_PROXY`` enviroment variable.
- Fixed problem where ``httplib.BadStatusLine`` would get raised if combining
``stream=True`` with ``contextlib.closing``.
- Prevented bugs where we would attempt to return the same connection back to
the connection pool twice when sending a Chunked body.
- Miscellaneous minor internal changes.
- Digest Auth support is now thread safe.
**Updates**
- Updated urllib3 to 1.12.
- Remove information about older versions of pkgsrc.
- Note that /usr/include is gone and that there are SDKs
- Add hazy explanation of the missing SDK/command-line-tools issue.
- Add 10.11 (but do not change deprecation status of anything).
- Clarify (but do not try to update for current reality) the 10.6/10.9
bulk build descriptions.
* The error message from "git blame --contents --reverse" incorrectly
talked about "--contents --children".
* "git merge-file" tried to signal how many conflicts it found, which
obviously would not work well when there are too many of them.
* The name-hash subsystem that is used to cope with case insensitive
filesystems keeps track of directories and their on-filesystem
cases for all the paths in the index by holding a pointer to a
randomly chosen cache entry that is inside the directory (for its
ce->ce_name component). This pointer was not updated even when the
cache entry was removed from the index, leading to use after free.
This was fixed by recording the path for each directory instead of
borrowing cache entries and restructuring the API somewhat.
* When the "git am" command was reimplemented in C, "git am -3" had a
small regression where it is aborted in its error handling codepath
when underlying merge-recursive failed in some ways.
* The synopsis text and the usage string of subcommands that read
list of things from the standard input are often shown as if they
only take input from a file on a filesystem, which was misleading.
* A couple of commands still showed "[options]" in their usage string
to note where options should come on their command line, but we
spell that "[<options>]" in most places these days.
* The submodule code has been taught to work better with separate
work trees created via "git worktree add".
* When "git gc --auto" is backgrounded, its diagnosis message is
lost. It now is saved to a file in $GIT_DIR and is shown next time
the "gc --auto" is run.
* Work around "git p4" failing when the P4 depot records the contents
in UTF-16 without UTF-16 BOM.
* Recent update to "rebase -i" that tries to sanity check the edited
insn sheet before it uses it has become too picky on Windows where
CRLF left by the editor is turned into a trailing CR on the line
read via the "read" built-in command.
* "git clone --dissociate" runs a big "git repack" process at the
end, and it helps to close file descriptors that are open on the
packs and their idx files before doing so on filesystems that
cannot remove a file that is still open.
* Correct "git p4 --detect-labels" so that it does not fail to create
a tag that points at a commit that is also being imported.
* The internal stripspace() function has been moved to where it
logically belongs to, i.e. strbuf API, and the command line parser
of "git stripspace" has been updated to use the parse_options API.
* Prepare for Git on-disk repository representation to undergo
backward incompatible changes by introducing a new repository
format version "1", with an extension mechanism.
* "git gc" used to barf when a symbolic ref has gone dangling
(e.g. the branch that used to be your upstream's default when you
cloned from it is now gone, and you did "fetch --prune").
* The normalize_ceiling_entry() function does not muck with the end
of the path it accepts, and the real world callers do rely on that,
but a test insisted that the function drops a trailing slash.
* "git gc" is safe to run anytime only because it has the built-in
grace period to protect young objects. In order to run with no
grace period, the user must make sure that the repository is
quiescent.
* A recent "filter-branch --msg-filter" broke skipping of the commit
object header, which is fixed.
* "git --literal-pathspecs add -u/-A" without any command line
argument misbehaved ever since Git 2.0.
* Merging a branch that removes a path and another that changes the
mode bits on the same path should have conflicted at the path, but
it didn't and silently favoured the removal.
* "git imap-send" did not compile well with older version of cURL library.
* The linkage order of libraries was wrong in places around libcurl.
* It was not possible to use a repository-lookalike created by "git
worktree add" as a local source of "git clone".
* When "git send-email" wanted to talk over Net::SMTP::SSL,
Net::Cmd::datasend() did not like to be fed too many bytes at the
same time and failed to send messages. Send the payload one line
at a time to work around the problem.
* We peek objects from submodule's object store by linking it to the
list of alternate object databases, but the code to do so forgot to
correctly initialize the list.
* "git status --branch --short" accessed beyond the constant string
"HEAD", which has been corrected.
* "git daemon" uses "run_command()" without "finish_command()", so it
needs to release resources itself, which it forgot to do.
Also contains typofixes, documentation updates and trivial code
clean-ups.
The Clang Static Analyzer is a source code analysis tool that finds
bugs in C, C++, and Objective-C programs.
The standalone tool is invoked from the command line, and is intended
to be run in tandem with a build of a codebase.
The analyzer is 100% open source and is part of the Clang project.
Like the rest of Clang, the analyzer is implemented as a C++ library
that can be used by other tools and applications
libopenmpt 0.2-beta15 (2015-10-31)
[Change] openmpt123: SDL2 is now supported and preferred to
SDL1 if available.
[Bug] Emscripten support for older emscripten versions broke
in -beta14. These are now supported again when using make
CONFIG=emscripten-old.
[Bug] Fixed crashes in MED loader.
Playback improvements and loader fixes for MOD, MT2 and MED.
No shlib major bump despite the big version bump.
* What is new in gsl-2.0:
** fixed bug #43258 for hypergeometric functions (Raymond Rogers)
** added L-curve analysis routines for linear Tikhonov regression
** add running statistics module
** added bilinear and bicubic interpolation (David Zaslavsky)
** added function gsl_multifit_robust_residuals to compute robust
fit residuals
** added Steffen monotonic interpolation method (Jean-François Caron)
** added new nonlinear least squares solver 'lmniel' suitable for
systems with large numbers of data
** nonlinear least squares solver now tracks the number of function
and Jacobian evaluations, see example program for details
** the 'fdf' field of gsl_multifit_function_fdf is now deprecated
and does not need to be specified for nonlinear least squares
problems
** added extensive test suite to nonlinear least squares module,
resulting in a few minor bug fixes; the routine
gsl_multifit_fdfsolver_driver has been rewritten (with API change)
to handle the various error codes of the lmsder iterate
routine, resulting in a high level caller which is highly robust
for a wide class of problems
** added support for sparse matrices, including a GMRES
iterative linear solver
** added routines gsl_linalg_givens and gsl_linalg_givens_gv
for Givens rotations
** added Tikhonov (ridge) regularization to least squares module
(linear and nonlinear)
** removed unused argument 'n' from gsl_sf_ellint_D
** merged bspline_deriv_workspace into bspline_workspace to simplify
bspline API; the functions
gsl_bspline_deriv_alloc
gsl_bspline_deriv_free
are now deprecated and will be removed in a future release.
** merged ALF extension into GSL for associated Legendre functions;
api has changed; consequently the functions:
gsl_sf_legendre_Plm_array
gsl_sf_legendre_Plm_deriv_array
gsl_sf_legendre_sphPlm_array
gsl_sf_legendre_sphPlm_deriv_array
gsl_sf_legendre_array_size
are now deprecated and will be removed in a future release.
** added function gsl_multifit_robust_weights to allow user to
access the various weighting functions
Changes between 1.0.15 and 1.0.16
Support for XDG_CONFIG_HOME (thanks Zhiming Wang), fewer deps for cdiff.sh and
fixes for diffy and diff-type specification (thanks Peter Wu).
Release 1.14.4 (2015-10-28 Bryce Harrington <bryce@osg.samsung.com>)
========================================================================
Just in time for Halloween we see another bug-fix release for Cairo.
This brings a few dozen straightforward bug fixes with no API changes.
In addition, this includes a typical assortment of fixes to tests,
cleanup of warnings and memory leaks, correction of misspellings,
updates to documentation, etc.
For a complete log of changes since 1.14.2, please see:
http://cairographics.org/releases/ChangeLog.1.14.4
Features
--------
None
API Changes
-----------
None
Dependency Changes
------------------
None
Performance Optimizations
-------------------------
None
Bug Fixes
---------
* Avoid appending empty slots to user data arrays. Fixes a memory
consumption regression since commit 9341c254a.
* Return a better error (file-not-found) when setting up pango on
devices where the font files don't have read permissions.
* Fix regression in the font size of canvas text in Inkscape when
compiled with the Quartz backend. (Bug #84324)
* Fix _cairo_gl_shader_bind_matrix() to maintain compatibility with
OpenGL ES 2.0. Manually transpose the matrix.
* Fix incorrect font descriptor conversion when the font matrix yy is
negative. (Bug #90538)
* Fix crash when using a complex path for clip and stroke due to
discarding the intersection exactly at the top edge.
(Bug #74779)
* Fix cairo_get_locale_decimal_point() on Android
* Fix compilation problem on AIX due to conflicting usage of symbol
'jmpbuf'. (Bug #89339)
* Fix broken rendering with XCB due to snapshotting of uploaded part of
surfaces. (Bug #67505)
* Fix loss of alpha when copying a mask for a cairo recording surface,
resulting in a double copy. (Bugs #73038, #73901)
* Fix incorrect recording of certain paths with script surfaces.
(Bug #91054)
* Fix typo in definition of MAYBE_WARN in configure script.
(Bug #89750)
* Fix use of filename variable after it's been freed.
(Bug #91206)
* Fix out of bounds access when printing pattern.
(Bug #91266)
* Fix incorrect size calculation in glyph cache unlocking for Cairo GL
compositor.
(Bug #91321)
* Fix memory leak in _cairo_gl_pattern_texture_setup()
(Bug #91537)
* Fix transparent images in win32-print.
(Bug #91835)
* Fix _put_shm_image_boxes and _put_image_boxes when no SHM available
with XCB.
Version 0.7.3
=============
*released on 05 November 2015*
- Make remotestorage-dependencies actually optional.
Version 0.7.2
=============
*released on 05 November 2015*
- Un-break testsuite.
Version 0.7.1
=============
*released on 05 November 2015*
- **Packagers:** The setuptools extras ``keyring`` and ``remotestorage`` have
been added. They're basically optional dependencies. See ``setup.py`` for
more details.
- Highly experimental remoteStorage support has been added. It may be
completely overhauled or even removed in any version.
- Removed mentions of old ``password_command`` in documentation.
Version 0.7.0
=============
*released on 27 October 2015*
- **Packagers:** New dependencies are ``click_threading``, ``click_log`` and
``click>=5.0``.
- ``password_command`` is gone. Keyring support got completely overhauled. See
:doc:`keyring`.
v0.5.0 (4 May 2015)
+++++++++++++++++++
- Fix ``TypeError`` being raised instead of ``TokenMissing`` error.
- Raise requests exceptions on 4XX and 5XX responses in the OAuth2 flow.
- Avoid ``AttributeError`` when initializing the ``OAuth2Session`` class
without complete client information.
v0.4.2
++++++
- New ``authorized`` property on OAuth1Session and OAuth2Session, which allows
you to easily determine if the session is already authorized with OAuth tokens
or not.
- New ``TokenMissing`` and ``VerifierMissing`` exception classes for OAuth1Session:
this will make it easier to catch and identify these exceptions.
v0.4.1 (6 June 2014)
++++++++++++++++++++
- New install target ``[rsa]`` for people using OAuth1 RSA-SHA1 signature
method.
- Fixed bug in OAuth2 where supplied state param was not used in auth url.
- OAuth2 HTTPS checking can be disabled by setting environment variable
``OAUTHLIB_INSECURE_TRANSPORT``.
- OAuth1 now re-authorize upon redirects.
- OAuth1 token fetching now raise a detailed error message when the
response body is incorrectly encoded or the request was denied.
- Added support for custom OAuth1 clients.
- OAuth2 compliance fix for Sina Weibo.
- Multiple fixes to facebook compliance fix.
- Compliance fixes now re-encode body properly as bytes in Python 3.
- Logging now properly done under ``requests_oauthlib`` namespace instead
of piggybacking on oauthlib namespace.
- Logging introduced for OAuth1 auth and session.
1.0.3 (2015-08-16)
(Fix) Changed the documented return type of the `invalidate_request_token()` method from the RSA key to None since nobody is using the return type.
(Enhancement) Added a validator log that will store what the endpoint has computed for debugging and logging purposes (OAuth 1 only for now).
1.0.2 (2015-08-10)
(Fix) Allow client secret to be null for public applications that do not mandate it's specification in the query parameters.
(Fix) Encode request body before hashing in order to prevent encoding errors in Python 3.
1.0.1 (2015-07-27)
(Fix) Added token_type_hint to the list of default Request parameters.
1.0.0 (2015-07-19)
(Breaking Change) Replace pycrypto with cryptography from https://cryptography.io
(Breaking Change) Update jwt to 1.0.0 (which is backwards incompatible) no oauthlib api changes were made.
(Breaking Change) Raise attribute error for non-existing attributes in the Request object.
(Fix) Strip whitespace off of scope string.
(Change) Don't require to return the state in the access token response.
(Change) Hide password in logs.
(Fix) Fix incorrect invocation of prepare_refresh_body in the OAuth2 client.
(Fix) Handle empty/non-parsable query strings.
(Fix) Check if an RSA key is actually needed before requiring it.
(Change) Allow tuples for list_to_scope as well as sets and lists.
(Change) Add code to determine if client authentication is required for OAuth2.
(Fix) Fix error message on invalid Content-Type header for OAtuh1 signing.
(Fix) Allow ! character in query strings.
(Fix) OAuth1 now includes the body hash for requests that specify any content-type that isn't x-www-form-urlencoded.
(Fix) Fixed error description in oauth1 endpoint.
(Fix) Revocation endpoint for oauth2 will now return an empty string in the response body instead of 'None'.
Increased test coverage.
Performance improvements.
Documentation improvements and fixes.
0.7.2 (2014-11-13)
(Quick fix) Unpushed locally modified files got included in the PyPI 0.7.1 release. Doing a new clean release to address this. Please upgrade quickly and report any issues you are running into.
0.7.1 (2014-10-27)
(Quick fix) Add oauthlib.common.log object back in for libraries using it.
0.7.0 (2014-10-27)
(Change) OAuth2 clients will not raise a Warning on scope change if the environment variable OAUTHLIB_RELAX_TOKEN_SCOPE is set. The token will now be available as an attribute on the error, error.token. Token changes will now also be announced using blinker.
(Fix/Feature) Automatic fixes of non-compliant OAuth2 provider responses (e.g. Facebook).
(Fix) Logging is now tiered (per file) as opposed to logging all under oauthlib.
(Fix) Error messages should now include a description in their message.
(Fix/Feature) Optional support for jsonp callbacks after token revocation.
(Feature) Client side preparation of OAuth 2 token revocation requests.
(Feature) New OAuth2 client API methods for preparing full requests.
(Feature) OAuth1 SignatureOnlyEndpoint that only verifies signatures and client IDs.
(Fix/Feature) Refresh token grant now allow optional refresh tokens.
(Fix) add missing state param to OAuth2 errors.
(Fix) add_params_to_uri now properly parse fragment.
(Fix/Feature) All OAuth1 errors can now be imported from oauthlib.oauth1.
(Fix/Security) OAuth2 logs will now strip client provided password, if present.
Allow unescaped @ in urlencoded parameters.
0.6.3 (2014-06-10)
Quick fix. OAuth 1 client repr in 0.6.2 overwrote secrets when scrubbing for print.
0.6.2 (2014-06-06)
Numerous OAuth2 provider errors now suggest a status code of 401 instead of 400 (#247.
Added support for JSON web tokens with oauthlib.common.generate_signed_token. Install extra dependency with oauthlib[signedtoken] (#237).
OAuth2 scopes can be arbitrary objects with __str__ defined (#240).
OAuth 1 Clients can now register custom signature methods (#239).
Exposed new method oauthlib.oauth2.is_secure_transport that checks whether the given URL is HTTPS. Checks using this method can be disabled by setting the environment variable OAUTHLIB_INSECURE_TRANSPORT (#249).
OAuth1 clients now has __repr__ and will be printed with secrets scrubbed.
OAuth1 Client.get_oauth_params now takes an oauthlib.Request as an argument.
urldecode will now raise a much more informative error message on incorrectly encoded strings.
Plenty of typo and other doc fixes.
