SpiderMonkey makes assumptions about memory layout that break in a 64-bit SunOS
environment, so limit mmap() to the lower 32-bit address space. Provides a
workaround for https://bugzilla.mozilla.org/show_bug.cgi?id=577056
Vala 0.40.3
===========
* Various bug fixes:
- vala: Fix return-type of BasicBlock.get_successors()
* Bindings:
- gstreamer: Update from 1.15+ git master
- gtk+-3.0: Fix regression of StatusIcon.position_menu() [#891629]
- gtk+-4.0: Update to 3.93.0+ff738269
- libgsf-1: Update to 1.14.42+ [#794777]
Vala 0.40.2
===========
* Various bug fixes:
- gdbus: Fix missing declaration of _fd_list for async methods [#794566]
* Bindings:
- glib-2.0: Use g_value_*et_schar instead of deprecated g_value_*et_char
- gobject-2.0: Add ParamSpecGType
- gtk+-*.0: Hide dedicated constructors of compact classes bound as structs
[#794733]
Vala 0.40.1
===========
* Various bug fixes:
- codegen: Don't add target fields for captured delegates without target
- codegen: Don't add length fields for captured fixed-length array variables
- valadoc: Bump VALA_0_xx defines and glib_minor to match 0.40 series
* Bindings:
- Add libgeoclue-2.0 bindings [#794376]
- gobject-2.0: Cherry-pick some changes from 0.42
- gdk-3.0,gtk+-3.0: Update to 3.22.29
- gtk+-4.0: Update to 3.93.0+433517fd
- gtk+-*.0: Fix iter parameter of TextView.backward*/forward*/move_visually()
[#794345]
- gstreamer-1.0: Update to 1.13.91 and add gstreamer-webrtc-1.0 bindings
- libgsf-1: Switch to GIR and update to 1.14.42
- linux: Add various symbols
- posix: Add various symbols
- posix: Include sys/sysmacros.h for major(), minor() and makedev() [#794651]
- webkit-1.0: Update to 2.4.11
- webkit2gtk-4.0: Update to 2.20.0
- Update GIR-based bindings
Vala 0.40.0
===========
* Various bug fixes:
- compiler: Fix critical when vala is called without run args [#793657]
* Bindings:
- alsa: Add the major part of the ALSA Sequencer API [#763127]
- gstreamer-1.0: Update to 1.13.90
- gtk+-4.0: Update to 3.93.0+527d265b
- linux: Add various symbols
- posix: Add various symbols [#663633]
- Update GIR-based bindings
Vala 0.39.92
============
* Highlights
- Add support for feature test macros [#793444]
e.g. [CCode (feature_test_macro = "_GNU_SOURCE")]
* Various bug fixes:
- codegen:
+ Use pointers when accessing constant multi-dimensional arrays [#604371]
+ Add valid support for const multi-dimensional arrays [#604371]
+ Don't append fixed-length of array fields in initializers
+ Add source_reference to some store_local/_field() calls
- Properly handle array-initializers inside struct-initializers [#622178]
- The rank of an array-initializer should match the target's rank [#744923]
- Make SemanticAnalyzer.check_arguments() independent of context
- Check with same rules for dbus compatibility as in GBusModule [#793859]
- Fix recursive declaration in generic base type [#688732]
- Prevent WITH_CGRAPH conditional having an impact on generated sources
- Update manual from wiki.gnome.org
* Bindings:
- glib-2.0, posix: Add feature test macro _GNU_SOURCE for pow10(3),
pow10f(3), exp10(3) and exp10f(3) [#614788]
- gstreamer-1.0: Update from 1.13.1+ git master
- linux: Add dup3 [#729803]
- linux: Add feature_test_macros to non-POSIX file control constants and dup3
- posix: Fix sig*set and sigprocmask parameters to be out/ref [#727425]
- posix: Add feature_test_macro _GNU_SOURCE to sighandler_t [#761975]
- libgnome-menu-3.0: Add deps file
- Update GIR-based bindings
Vala 0.39.91
============
* Various bug fixes:
- Fix GDestroyNotify of delegate parameters in delegate declaration [#639059]
- Avoid critical when connecting dynamic signals
- valac: Always use the given "pkg-config" and respect PKG_CONFIG envar
- compiler: Prefix headers for set_cheader_override() if includedir is given
[#793299]
- vala: Issue a warning on DBus methods which are not throwing an Error
- Don't warn about unused internal methods which are meant to be visible
on DBus [#593902]
- Don't install vapicheck [#793370]
* Bindings:
- glib-2.0: Add KeyFile.get_locale_for_key()
- gstreamer-1.0: Update from 1.13+ git master
- gtk+-4.0: Update to 3.93.0+d07b14f4
- purple: Update to 2.12.0
- Update GIR-based bindings
Vala 0.39.7
===========
* Regression fix:
- codegen: Don't try to infer error argument on async begin methods [#793158]
This was a regression introduced by [#614294]
Vala 0.39.6
===========
* Highlights
- Add --abi-stability option for ABI stability of libraries
It ensures that the order of class/interface members in Vala sources will
be preserved in generated C source (instance/type structs) [#789069]
* Various bug fixes:
- girparser:
+ Set NoAccessorMethod for non-readable and construct-only properties
+ Ignore conflicting closure/destroy indexes
+ Don't accept methods as property-accessor which throw errors [#792998]
- codegen:
+ Infer error parameter from abstract/virtual base methods [#614294]
+ Internally generated delegates don't require a typedef [#787521]
+ Fix return-type for cancelled async creation methods of classes [#792942]
+ Use G_PARAM_STATIC_STRINGS
- vala: Variadic constructors without a real first parameter are not allowed
- libvaladoc: Keep bootstrap-support with valac >= 0.16.1
* Bindings:
- gtk+-3.0: Fix cheader_filename of Plug and Socket
- gtk+-4.0: Update to 3.93.0+4d36a0bf
- gtk+-4.0: Only override type of "event" parameters
- posix: Add ctime(3) and fix binding of struct hostent and gethostbyname(3)
Vala 0.39.5
===========
* Various bug fixes:
- libvaladoc: Allow @link tags to be split over multiple lines [#646982]
- libvaladoc: Add support for single line documentation comments [#736483]
- girparser: Improve instance method detection [#732460]
- codegen: Add support for abstract/virtual methods and properties in
compact classes [#741465]
- vala: Fix parameter type inference of overridden async methods [#792660]
- codewriter: Don't use string.replace() to apply header_to_override [#731322]
* Bindings:
- gio-unix-2.0: Update to 2.55.1
- gtk+-4.0: Update to 3.93.0+60d3378d
- libwnck-3.0: Update to 3.24.1
- webkit2gtk-4.0: Update to 2.19.5
- webkit2gtk-web-extension-4.0: Fix DOM.EventTarget interface
Vala 0.39.4
===========
* Various improvements and bug fixes:
- codegen
+ Only add property-enum and GParamSpec-array for GObject classes
+ Use g_enum/flags_to_string while targeting glib >= 2.54
+ Add destroy param when invoking delegate returned by delegate [#792077]
- Don't write trailing space in function declarations/definitions [#688447]
- vala: Add pkgdatadir and pkglibdir to pkg-config file
- gidlparser: Update type qualifiers
* Bindings:
- gtk+-2.0/3.0: Don't hide user_data in Clipboard.set_with_data() [#792237]
- gtk+-3.0: Update to 3.22.26+6f26d0dc
- gtk+-4.0: Update to 3.93.0+6aeae2c8
Vala 0.39.3
===========
* Various bug fixes:
- Fix chain-up regression with real non-null struct parameters [#791785]
- Release taken references to CodeContext after using it [#712694] and keep
custom invocations of parse_file() possible [#791936]
- parser: Accept comma-separated list in case-statements of switchs [#614015]
* Bindings:
- Remove bindings which are shipped upstream for some years
+ gedit 3 [#776021], libgnome-keyring [#776022],
gtksourceview-3.0 [#776023], libgdata [#776024], librsvg-2.0 [#776025]
- glib-2.0: Add GLib.OPTION_REMAINING and GLib.OptionFlags.NONE
- gstreamer-1.0: Update from 1.13+ git master
- gtk+-2.0: Mark MessageDialog constructor parameter, message_format, as
nullable [#791570]
- gtk+-4.0: Update to 3.93.0+6aeae2c8
- webkit2gtk-4.0: Update to 2.19.3
Vala 0.39.2
===========
* Various bug fixes:
- vala: Don't transform an explicit "null" into valid format-string [#791215]
- codegen: Don't create null-safe destroy-wrapper for GenericType [#791283]
- Improve error message for missing type-parameter on enclosing type [#587905]
* GIR parser:
- Allow change of parameter names
- Handle metadata for fields inside a transparent union
- Accept setters with boolean return-type as valid property-accessor
- Don't mark simple-type out-parameters with '?' as nullable
* Valadoc
- libvaladoc: Actually resolve "percnt;" to '%'
* Bindings:
- glib-2.0: Fix potential null pointer dereference in string.joinv() [#791257]
- gobject-2.0: Add missing GType constants for fundamentals [#791023]
- gstreamer-1.0: Update from 1.13+ git master
- gtk+-3.0: Switch to GIR [#730746]
- gtk+-4.0: Update to 3.93.0+6af4947e
- posix: Move signal constants to an enum and add few missing ones [#790958]
Vala 0.39.1
===========
* Highlights
- Report warning if property-type is not compatible with GLib.Object [#693932]
- Allow to pass compatible delegates to signal.connect() [#787521]
- Allow unscoped enum values where possible
- Avoid use of temp-var for some callables returning ValueType
and to access in/ref parameters [#789071]
- Reformat generated source declarations and definitions for better
readability [#688447]
* Various bug fixes:
- Use array_length_cexpr to support fixed-arrays for return-values [#784691]
- Properly parse arguments for vala interpeter-mode [#663070]
- Enforce name-length >= 3 for structs using GType [#764041]
- Report error for missing type-parameter on enclosing type [#587905]
- Add boolean "use_inplace" ccode-attribute for methods [#750840]
- Improve handling of unowned/owned keyword occurrences
- Methods need to throw compatible error if target delegate throws one
- Discover invalid member access to instance field [#790903]
- Improve error output of mismatching overriding methods
* Valadoc
- Acknowledge possible properties in structs [#784705]
- Fix fatal typo in GtkdocRenderer.visit_symbol_link() [#790266]
* Bindings:
- glib-2.0: Use type-id/marshaller-type for (u)int16/(u)short from (u)int32
[#693932]
- glib-2.0: Add optional 'unparsed' parameter to *.try_parse () [#774124]
- gobject-2.0: Add some missing symbols
- gstreamer-1.0: Bind GST_TIME_ARGS, GST_STIME_ARGS macros [#750840]
- gstreamer-1.0: Bind GST_DEBUG_BIN_TO_DOT_FILE/*_WITH_TS [#785215]
- gstreamer-1.0: Update from 1.13+ git master
- gtk+-3.0: Update to 3.22.26+9ce824d3
- gtk+-4.0: Split Gsk.RenderNode into several classes
- gtk+-4.0: Update to 3.93.0+2d797dd8
- webkit2gtk-4.0: Update to 2.19.2
- deps: Updated ICU to 61.1
- fs: Emit 'ready' event for ReadStream and WriteStream
- n-api: Bump version of n-api supported
- net: Emit 'ready' event for Socket
Upstream changes:
Version 2.78.5, April 3, 2018
Within a bound yabasic-programs the name is correctly set (as returned by peeking "program_name")
Introduced new string-peeks "program_name" and "program_file_name"
Bugfixes regarding bound programs and libraries
Version 2.78.4, March 2118, 2018
Fixed a problem with bound yabasic-programs, that include more than three libraries
Introduced new peek "secondsrunning"
Changelog:
Version 1.25.0 (2018-03-29)
Language
Stabilised #[repr(align(x))]. RFC 1358
You can now use nested groups of imports. e.g. use std::{fs::File, io::Read, path::{Path, PathBuf}};
You can now have | at the start of a match arm. e.g.
enum Foo { A, B, C }
fn main() {
let x = Foo::A;
match x {
| Foo::A
| Foo::B => println!("AB"),
| Foo::C => println!("C"),
}
}
Compiler
Upgraded to LLVM 6.
Added -C lto=val option.
Added i586-unknown-linux-musl target
Libraries
Impl Send for process::Command on Unix.
Impl PartialEq and Eq for ParseCharError.
UnsafeCell::into_inner is now safe.
Implement libstd for CloudABI.
Float::{from_bits, to_bits} is now available in libcore.
Implement AsRef<Path> for Component
Implemented Write for Cursor<&mut Vec<u8>>
Moved Duration to libcore.
Stabilized APIs
Location::column
ptr::NonNull
The following functions can now be used in a constant expression. eg. static MINUTE: Duration = Duration::from_secs(60);
Duration::new
Duration::from_secs
Duration::from_millis
Cargo
cargo new no longer removes rust or rs prefixs/suffixs.
cargo new now defaults to creating a binary crate, instead of a library crate.
Misc
Rust by example is now shipped with new releases
Compatibility Notes
Deprecated net::lookup_host.
rustdoc has switched to pulldown as the default markdown renderer.
The borrow checker was sometimes incorrectly permitting overlapping borrows around indexing operations (see #47349). This has been fixed (which also enabled some correct code that used to cause errors (e.g. #33903 and #46095).
Removed deprecated unstable attribute #[simd].
- No code changes
nodejs 9.10.0
Fixes for the following CVEs are included in this release:
- CVE-2018-7158
- CVE-2018-7159
- CVE-2018-7160
Notable Changes
- Fix for inspector DNS rebinding vulnerability (CVE-2018-7160): A
malicious website could use a DNS rebinding attack to trick a web
browser to bypass same-origin-policy checks and allow HTTP connections
to localhost or to hosts on the local network, potentially to an open
inspector port as a debugger, therefore gaining full code execution
access. The inspector now only allows connections that have a browser
Host value of localhost or localhost6.
- Fix for 'path' module regular expression denial of service
(CVE-2018-7158): A regular expression used for parsing POSIX paths
could be used to cause a denial of service if an attacker were able to
have a specially crafted path string passed through one of the
impacted 'path' module functions.
- Reject spaces in HTTP Content-Length header values (CVE-2018-7159):
The Node.js HTTP parser allowed for spaces inside Content-Length
header values. Such values now lead to rejected connections in the
same way as non-numeric values.
- Update root certificates: 5 additional root certificates have been
added to the Node.js binary and 30 have been removed.
- cluster: Add support for NODE_OPTIONS="--inspect"
- crypto: Expose the public key of a certificate
- n-api: Add napi_fatal_exception to trigger an uncaughtException in
JavaScript
- path: Fix regression in posix.normalize
- stream: Improve stream creation performance
nodejs 9.9.0
assert:
- From now on all error messages produced by assert in strict mode will
produce a error diff.
- From now on it is possible to use a validation object in throws instead
of the other possibilities.
crypto:
- allow passing null as IV unless required
fs:
- support as and as+ flags in stringToFlags()
tls:
- expose Finished messages in TLSSocket
tty:
- Add getColorDepth function to determine if terminal supports colors.
util:
- add util.inspect compact option
Fixes for the following CVEs are included in this release:
- CVE-2018-7158
- CVE-2018-7159
- CVE-2018-7160
Notable Changes
- Fix for inspector DNS rebinding vulnerability (CVE-2018-7160): A
malicious website could use a DNS rebinding attack to trick a web
browser to bypass same-origin-policy checks and allow HTTP connections
to localhost or to hosts on the local network, potentially to an open
inspector port as a debugger, therefore gaining full code execution
access. The inspector now only allows connections that have a browser
Host value of localhost or localhost6.
- Fix for 'path' module regular expression denial of service
(CVE-2018-7158): A regular expression used for parsing POSIX paths
could be used to cause a denial of service if an attacker were able to
have a specially crafted path string passed through one of the
impacted 'path' module functions.
- Reject spaces in HTTP Content-Length header values (CVE-2018-7159):
The Node.js HTTP parser allowed for spaces inside Content-Length
header values. Such values now lead to rejected connections in the
same way as non-numeric values.
- Update root certificates: 5 additional root certificates have been
added to the Node.js binary and 30 have been removed.
Fixes for the following CVEs are included in this release:
- CVE-2018-7158
- CVE-2018-7159
- CVE-2018-7160
Notable Changes
- Fix for inspector DNS rebinding vulnerability (CVE-2018-7160): A
malicious website could use a DNS rebinding attack to trick a web
browser to bypass same-origin-policy checks and allow HTTP connections
to localhost or to hosts on the local network, potentially to an open
inspector port as a debugger, therefore gaining full code execution
access. The inspector now only allows connections that have a browser
Host value of localhost or localhost6.
- Fix for 'path' module regular expression denial of service
(CVE-2018-7158): A regular expression used for parsing POSIX paths
could be used to cause a denial of service if an attacker were able to
have a specially crafted path string passed through one of the
impacted 'path' module functions.
- Reject spaces in HTTP Content-Length header values (CVE-2018-7159):
The Node.js HTTP parser allowed for spaces inside Content-Length
header values. Such values now lead to rejected connections in the
same way as non-numeric values.
- Update root certificates: 5 additional root certificates have been
added to the Node.js binary and 30 have been removed.
Changelog:
0.18.0:
Changes affecting backwards compatibility
Breaking changes in the standard library
The [] proc for strings now raises an IndexError exception when the specified slice is out of bounds. See issue #6223 for more details. You can use substr(str, start, finish) to get the old behaviour back, see this commit for an example.
strutils.split and strutils.rsplit with an empty string and a separator now returns that empty string. See issue #4377.
Arrays of char cannot be converted to cstring anymore, pointers to arrays of char can! This means $ for arrays can finally exist in system.nim and do the right thing. This means $myArrayOfChar changed its behaviour! Compile with -d:nimNoArrayToString to see where to fix your code.
reExtended is no longer default for the re constructor in the re module.
The behavior of $ has been changed for all standard library collections. The collection-to-string implementations now perform proper quoting and escaping of strings and chars.
newAsyncSocket taking an AsyncFD now runs setBlocking(false) on the fd.
mod and bitwise and do not produce range subtypes anymore. This turned out to be more harmful than helpful and the language is simpler without this special typing rule.
formatFloat/formatBiggestFloat now support formatting floats with zero precision digits. The previous precision = 0 behavior (default formatting) is now available via precision = -1.
Moved from stdlib into Nimble packages:
basic2d deprecated: use glm, arraymancer, neo, or another package instead
basic3d deprecated: use glm, arraymancer, neo, or another package instead
gentabs
libuv
polynumeric
pdcurses
romans
libsvm
joyent_http_parser
Proc toCountTable now produces a CountTable with values correspoding to the number of occurrences of the key in the input. It used to produce a table with all values set to 1.
Counting occurrences in a sequence used to be:
let mySeq = @[1, 2, 1, 3, 1, 4]
var myCounter = initCountTable[int]()
for item in mySeq:
myCounter.inc item
Now, you can simply do:
let
mySeq = @[1, 2, 1, 3, 1, 4]
myCounter = mySeq.toCountTable()
If you use --dynlibOverride:ssl with OpenSSL 1.0.x, you now have to define openssl10 symbol (-d:openssl10). By default OpenSSL 1.1.x is assumed.
newNativeSocket is now named createNativeSocket.
newAsyncNativeSocket is now named createAsyncNativeSocket and it no longer raises an OS error but returns an osInvalidSocket when creation fails.
The securehash module is now deprecated. Instead import std / sha1.
The readPasswordFromStdin proc has been moved from the rdstdin to the terminal module, thus it does not depend on linenoise anymore.
Breaking changes in the compiler
\n is now only the single line feed character like in most other programming languages. The new platform specific newline escape sequence is written as \p. This change only affects the Windows platform.
The overloading rules changed slightly so that constrained generics are preferred over unconstrained generics. (Bug #6526)
We changed how array accesses “from backwards” like a[^1] or a[0..^1] are implemented. These are now implemented purely in system.nim without compiler support. There is a new “heterogenous” slice type system.HSlice that takes 2 generic parameters which can be BackwardsIndex indices. BackwardsIndex is produced by system.^. This means if you overload [] or []= you need to ensure they also work with system.BackwardsIndex (if applicable for the accessors).
The parsing rules of if expressions were changed so that multiple statements are allowed in the branches. We found few code examples that now fail because of this change, but here is one:
t[ti] = if exp_negative: '-' else: '+'; inc(ti)
This now needs to be written as:
t[ti] = (if exp_negative: '-' else: '+'); inc(ti)
The experimental overloading of the dot . operators now take an untyped parameter as the field name, it used to be a static[string]. You can use when defined(nimNewDot) to make your code work with both old and new Nim versions. See special-operators for more information.
yield (or await which is mapped to yield) never worked reliably in an array, seq or object constructor and is now prevented at compile-time.
Library additions
Added sequtils.mapLiterals for easier construction of array and tuple literals.
Added system.runnableExamples to make examples in Nim’s documentation easier to write and test. The examples are tested as the last step of nim doc.
Implemented getIoHandler proc in the asyncdispatch module that allows you to retrieve the underlying IO Completion Port or Selector[AsyncData] object in the specified dispatcher.
For string formatting / interpolation a new module called strformat has been added to the stdlib.
The ReadyKey type in the selectors module now contains an errorCode field to help distinguish between Event.Error events.
Implemented an accept proc that works on a SocketHandle in nativesockets.
Added algorithm.rotateLeft.
Added typetraits.$ as an alias for typetraits.name.
Added system.getStackTraceEntries that allows you to access the stack trace in a structured manner without string parsing.
Added parseutils.parseSaturatedNatural.
Added macros.unpackVarargs.
Added support for asynchronous programming for the JavaScript backend using the asyncjs module.
Added true color support for some terminals. Example:
import colors, terminal
const Nim = "Efficient and expressive programming."
var
fg = colYellow
bg = colBlue
int = 1.0
enableTrueColors()
for i in 1..15:
styledEcho bgColor, bg, fgColor, fg, Nim, resetStyle
int -= 0.01
fg = intensity(fg, int)
setForegroundColor colRed
setBackgroundColor colGreen
styledEcho "Red on Green.", resetStyle
Library changes
echo now works with strings that contain \0 (the binary zero is not shown) and nil strings are equal to empty strings.
JSON: Deprecated getBVal, getFNum, and getNum in favour of getBool, getFloat, getBiggestInt. A new getInt procedure was also added.
rationals.toRational now uses an algorithm based on continued fractions. This means its results are more precise and it can’t run into an infinite loop anymore.
os.getEnv now takes an optional default parameter that tells getEnv what to return if the environment variable does not exist.
The random procs in random.nim have all been deprecated. Instead use the new rand procs. The module now exports the state of the random number generator as type Rand so multiple threads can easily use their own random number generators that do not require locking. For more information about this rename see issue #6934
writeStackTrace is now proclaimed to have no IO effect (even though it does) so that it is more useful for debugging purposes.
db_mysql module: DbConn is now a distinct type that doesn’t expose the details of the underlying PMySQL type.
parseopt2 is now deprecated, use parseopt instead.
Language additions
It is now possible to forward declare object types so that mutually recursive types can be created across module boundaries. See package level objects for more information.
Added support for casting between integers of same bitsize in VM (compile time and nimscript). This allows to, among other things, reinterpret signed integers as unsigned.
Custom pragmas are now supported using pragma pragma, please see language manual for details.
Standard library modules can now also be imported via the std pseudo-directory. This is useful in order to distinguish between standard library and nimble package imports:
import std / [strutils, os, osproc]
import someNimblePackage / [strutils, os]
Language changes
The unary < is now deprecated, for .. < use ..< for other usages use the pred proc.
Bodies of for loops now get their own scope:
# now compiles:
for i in 0..4:
let i = i + 1
echo i
To make Nim even more robust the system iterators .. and countup now only accept a single generic type T. This means the following code doesn’t die with an “out of range” error anymore:
var b = 5.Natural
var a = -5
for i in a..b:
echo i
atomic and generic are no longer keywords in Nim. generic used to be an alias for concept, atomic was not used for anything.
The memory manager now uses a variant of the TLSF algorithm that has much better memory fragmentation behaviour. According to http://www.gii.upv.es/tlsf/ the maximum fragmentation measured is lower than 25%. As a nice bonus alloc and dealloc became O(1) operations.
The compiler is now more consistent in its treatment of ambiguous symbols: Types that shadow procs and vice versa are marked as ambiguous (bug #6693).
codegenDecl pragma now works for the JavaScript backend. It returns an empty string for function return type placeholders.
Extra semantic checks for procs with noreturn pragma: return type is not allowed, statements after call to noreturn procs are no longer allowed.
Noreturn proc calls and raising exceptions branches are now skipped during common type deduction in if and case expressions. The following code snippets now compile:
import strutils
let str = "Y"
let a = case str:
of "Y": true
of "N": false
else: raise newException(ValueError, "Invalid boolean")
let b = case str:
of nil, "": raise newException(ValueError, "Invalid boolean")
elif str.startsWith("Y"): true
elif str.startsWith("N"): false
else: false
let c = if str == "Y": true
elif str == "N": false
else:
echo "invalid bool"
quit("this is the end")
Pragmas now support call syntax, for example: {.exportc"myname".} and {.exportc("myname").}
The deprecated pragma now supports a user-definable warning message for procs.
proc bar {.deprecated: "use foo instead".} =
return
bar()
Tool changes
The nim doc command is now an alias for nim doc2, the second version of the documentation generator. The old version 1 can still be accessed via the new nim doc0 command.
Nim’s rst2html command now supports the testing of code snippets via an RST extension that we called :test:::
.. code-block:: nim
:test:
# shows how the 'if' statement works
if true: echo "yes"
0.17.0:
Changes affecting backwards compatibility
There are now two different HTTP response types, Response and AsyncResponse. AsyncResponse’s body accessor returns a Future[string]!
Due to this change you may need to add another await in your code.
httpclient.request now respects the maxRedirects option. Previously redirects were handled only by get and post procs.
The IO routines now raise EOFError for the “end of file” condition. EOFError is a subtype of IOError and so it’s easier to distinguish between “error during read” and “error due to EOF”.
A hash procedure has been added for cstring type in hashes module. Previously, hash of a cstring would be calculated as a hash of the pointer. Now the hash is calculated from the contents of the string, assuming cstring is a null-terminated string. Equal string and cstring values produce an equal hash value.
Macros accepting varargs arguments will now receive a node having the nkArgList node kind. Previous code expecting the node kind to be nkBracket may have to be updated.
memfiles.open now closes file handles/fds by default. Passing allowRemap=true to memfiles.open recovers the old behavior. The old behavior is only needed to call mapMem on the resulting MemFile.
posix.nim: For better C++ interop the field sa_sigaction*: proc (x: cint, y: var SigInfo, z: pointer) {.noconv.} was changed to sa_sigaction*: proc (x: cint, y: ptr SigInfo, z: pointer) {.noconv.}.
The compiler doesn’t infer effects for .base methods anymore. This means you need to annotate them with .gcsafe or similar to clearly declare upfront every implementation needs to fullfill these contracts.
system.getAst templateCall(x, y) now typechecks the templateCall properly. You need to patch your code accordingly.
macros.getType and macros.getTypeImpl for an enum will now return an AST that is the same as what is used to define an enum. Previously the AST returned had a repeated EnumTy node and was missing the initial pragma node (which is currently empty for an enum).
macros.getTypeImpl now correctly returns the implementation for a symbol of type tyGenericBody.
If the dispatcher parameter’s value used in multi method is nil, a NilError exception is raised. The old behavior was that the method would be a nop then.
posix.nim: the family of ntohs procs now takes unsigned integers instead of signed integers.
In Nim identifiers en-dash (Unicode point U+2013) is not an alias for the underscore anymore. Use underscores instead.
When the requiresInit pragma is applied to a record type, future versions of Nim will also require you to initialize all the fields of the type during object construction. For now, only a warning will be produced.
The Object construction syntax now performs a number of additional safety checks. When fields within case objects are initialiazed, the compiler will now demand that the respective discriminator field has a matching known compile-time value.
On posix, the results of waitForExit, peekExitCode, execCmd will return 128 + signal number if the application terminates via signal.
ospaths.getConfigDir now conforms to the XDG Base Directory specification on non-Windows OSs. It returns the value of the XDG_CONFIG_DIR environment variable if it is set, and returns the default configuration directory, “~/.config/”, otherwise.
Renamed the line info node parameter for newNimNode procedure.
The parsing rules of do changed.
foo bar do:
baz
Used to be parsed as:
foo(bar(do:
baz))
Now it is parsed as:
foo(bar, do:
baz)
Library Additions
Added system.onThreadDestruction.
Added dial procedure to networking modules: net, asyncdispatch, asyncnet. It merges socket creation, address resolution, and connection into single step. When using dial, you don’t have to worry about the IPv4 vs IPv6 problem. httpclient now supports IPv6.
Added to macro which allows JSON to be unmarshalled into a type.
import json
type
Person = object
name: string
age: int
let data = """
{
"name": "Amy",
"age": 4
}
"""
let node = parseJson(data)
let obj = node.to(Person)
echo(obj)
Tool Additions
The finish tool can now download MingW for you should it not find a working MingW installation.
Compiler Additions
The name mangling rules used by the C code generator changed. Most of the time local variables and parameters are not mangled at all anymore. This improves the debugging experience.
The compiler produces explicit name mangling files when --debugger:native is enabled. Debuggers can read these .ndi files in order to improve debugging Nim code.
Language Additions
The try statement’s except branches now support the binding of a caught exception to a variable:
try:
raise newException(Exception, "Hello World")
except Exception as exc:
echo(exc.msg)
This replaces the getCurrentException and getCurrentExceptionMsg() procedures, although these procedures will remain in the stdlib for the foreseeable future. This new language feature is actually implemented using these procedures.
In the near future we will be converting all exception types to refs to remove the need for the newException template.
A new pragma .used can be used for symbols to prevent the “declared but not used” warning. More details can be found here.
The popular “colon block of statements” syntax is now also supported for let and var statements and assignments:
template ve(value, effect): untyped =
effect
value
let x = ve(4):
echo "welcome to Nim!"
This is particularly useful for DSLs that help in tree construction.
Language changes
The .procvar annotation is not required anymore. That doesn’t mean you can pass system.$ to map just yet though.
This fixes a security issue (https://github.com/golang/go/issues/23867).
Also:
These releases include fixes to the compiler, runtime, go command, and the
archive/zip, crypto/tls, crypto/x509, encoding/json, net, net/http, and
net/http/pprof packages.
ok wiz@ for committing during freeze
Python 3.6.5:
Security
* Minimal fix to prevent buffer overrun in os.symlink on Windows
* Regexes in difflib and poplib were vulnerable to catastrophic backtracking. These regexes formed potential DOS vectors (REDOS). They have been refactored. This resolves CVE-2018-1060 and CVE-2018-1061.
Core and Builtins
* Fixed jumping out of “with” block by setting f_lineno.
* Prevent jumps from ‘return’ and ‘exception’ trace events.
* Update Valgrind suppression list to account for the rename of Py_ADDRESS_IN_RANG to address_in_range.
* Pdb and other debuggers dependent on bdb.py will correctly step over (next command) native coroutines.
* Improve suggestion when the Python 2 form of print statement is either present on the same line as the header of a compound statement or else terminated by a semi-colon instead of a newline.
* Fix possible crashing in builtin Unicode decoders caused by write out-of- bound errors when using customized decode error handlers.
* Improved frozenset() hash to create more distinct hash values when faced with datasets containing many similar values.
* The __debug__ constant is now optimized out at compile time. This fixes also bpo-22091.
* sys.flags.hash_randomization is now properly set to 0 when hash randomization is turned off by PYTHONHASHSEED=0.
* The optimizer is now protected from spending much time doing complex calculations and consuming much memory for creating large constants in constant folding.
* repr() on a dict containing its own values() or items() no longer raises RecursionError; OrderedDict similarly. Instead, use ..., as for other recursive structures.
* Leading whitespace is now correctly ignored when generating suggestions for converting Py2 print statements to Py3 builtin print function calls.
* The repr of deeply nested dict now raises a RecursionError instead of crashing due to a stack overflow.
Library
* lib2to3 now properly supports trailing commas after *args and **kwargs in function signatures.
* Avoid failing in multiprocessing.Process if the standard streams are closed or None at exit.
* Skip sending/receiving data after SSL transport closing.
* Fix ctypes pass-by-value for structs on 64-bit Cygwin/MinGW.
* Fix inspect.signature() for single-parameter partialmethods.
* Expose several missing constants in zlib and fix corresponding documentation.
* Fixed tarfile.itn handling of out-of-bounds float values.
* The ssl module now detects missing NPN support in LibreSSL.
* dbm.open() now encodes filename with the filesystem encoding rather than default encoding.
* In os.dup2, don’t check every call whether the dup3 syscall exists or not.
* Rewrite confusing message from setup.py upload from “No dist file created in earlier command” to the more helpful “Must create and upload files in one command”.
* In tkinter, after_cancel(None) now raises a ValueError instead of canceling the first scheduled function.
* Make sure sys.argv remains as a list when running trace.
* Fixed asyncio.Condition issue which silently ignored cancellation after notifying and cancelling a conditional lock.
* Fixed refleaks of __init__() methods in various modules. (Contributed by Oren Milman)
* Fixed guessing quote and delimiter in csv.Sniffer.sniff() when only the last field is quoted.
* socket: Remove TCP_FASTOPEN, TCP_KEEPCNT flags on older version Windows during run-time.
* Fix a rare but potential pre-exec child process deadlock in subprocess on POSIX systems when marking file descriptors inheritable on exec in the child process. This bug appears to have been introduced in 3.4.
* The ctypes module used to depend on indirect linking for dlopen. The shared extension is now explicitly linked against libdl on platforms with dl.
* Fixed asyncio.Lock() safety issue which allowed acquiring and locking the same lock multiple times, without it being free.
* Do not include name field in SMTP envelope from address.
* Fix email address header parsing error when the username is an empty quoted string.
* distutils’ upload command no longer corrupts tar files ending with a CR byte, and no longer tries to convert CR to CRLF in any of the upload text fields.
* uuid.uuid1 no longer raises an exception if a 64-bit hardware address is encountered.
* Fix the error handling in Aifc_read.initfp() when the SSND chunk is not found.
* On FreeBSD and Solaris, os.strerror() now always decode the byte string from the current locale encoding, rather than using ASCII/surrogateescape in some cases.
* The nis module is now compatible with new libnsl and headers location.
* Improve ABCMeta._dump_registry() output readability
* glibc has removed Sun RPC. Use replacement libtirpc headers and library in nis module.
* Ensure that truncate() preserves the file position (as reported by tell()) after writes longer than the buffer size.
* Don’t unsubscribe signals in asyncio UNIX event loop on interpreter shutdown.
* The SSL module no longer sends IP addresses in SNI TLS extension on platforms with OpenSSL 1.0.2+ or inet_pton.
* urllib.parse.urlsplit() does not convert zone-id (scope) to lower case for scoped IPv6 addresses in hostnames now.
* Fix bdist_wininst of distutils for CRT v142: it binary compatible with CRT v140.
* A single empty field is now always quoted when written into a CSV file. This allows to distinguish an empty row from a row consisting of a single empty field.
* Raise NotImplementedError instead of SystemError on platforms where chmod(..., follow_symlinks=False) is not supported.
* The getnode() ip getter now uses ‘ip link’ instead of ‘ip link list’.
* Ensure TCP_NODELAY is set on Linux. Tests by Victor Stinner.
* The locale.localeconv() function now sets temporarily the LC_CTYPE locale to the LC_NUMERIC locale to decode decimal_point and thousands_sep byte strings if they are non-ASCII or longer than 1 byte, and the LC_NUMERIC locale is different than the LC_CTYPE locale. This temporary change affects other threads.
Same change for the str.format() method when formatting a number (int, float, float and subclasses) with the n type (ex: '{:n}'.format(1234)).
* Importing native path module (posixpath, ntpath) now works even if the os module still is not imported.
Ruby 2.2.10 Released Posted by usa on 28 Mar 2018
Ruby 2.2.10 has been released. This release includes several security
fixes. Please check the topics below for details.
* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
traversal in tempfile and tmpdir
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems
Ruby 2.2 is under the state of the security maintenance phase, until the end
of the March of 2018. After the date, maintenance of Ruby 2.2 will be ended.
So, this release is expected to be the last release of Ruby 2.2. We will
never make a new release of Ruby 2.2 unless Ruby 2.2.10 has a serious
regression bug. We recommend you migrating to newer versions of Ruby, such as
2.5.
Ruby 2.3.7 Released Posted by usa on 28 Mar 2018
Ruby 2.3.7 has been released.
This release includes about 70 bug fixes after the previous release, and also
includes several security fixes. Please check the topics below for details.
* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
traversal in tempfile and tmpdir
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems
See the ChangeLog for details.
After this release, we will end the normal maintenance phase of Ruby 2.3, and
start the security maintenance phase of it. This means that after the release
of 2.3.7 we will never backport any bug fixes to 2.3 except security fixes.
The term of the security maintenance phase is scheduled for 1 year. By the
end of this term, official support of Ruby 2.3 will be over. Therefore, we
recommend that you start planning to upgrade to Ruby 2.5 or 2.4.
Ruby 2.5.1 Released Posted by naruse on 28 Mar 2018
Ruby 2.5.1 has been released.
This release includes some bug fixes and some security fixes.
* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
traversal in tempfile and tmpdir
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems
There are also some bug fixes. See commit logs for more details.
Ruby 2.4.4 Released Posted by nagachika on 28 Mar 2018
Ruby 2.4.4 has been released.
This release includes some bug fixes and some security fixes.
* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
traversal in tempfile and tmpdir
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems
There are also some bug fixes. See commit logs for more details.
[5.0.0] - 2017-10-13
Added
* Ability to specify an initial language for the parser, so that the #
language header isn't required (#288 by charlierudolph and aslakhellesoy)
* A better wording for the Greek translation of Scenario Outline
(¦°¦Å¦Ñ¦ô¦Ã¦Ñ¦Á¦Ì¦Ì¦Á ¦²¦Å¦Í¦Á¦Ñ¦ô¦Ï¦Ô) (#185 by pmatsinopoulos)
* Added female, singular Given in Romanian (Dat«¥ fiind) (#202 by tsundberg)
* (C) CMake support (#2#3 by Pwera)
Changed
* Compile empty scenarios to empty pickles (#249#264 by brasmusson)
ssl:
- Added new API functions to facilitate cipher suite
handling
erts, observer:
- More crash dump info such as: process binary virtual
heap stats, full info for process causing out-of-mem
during GC, more port related info, and dirty scheduler
info.
inets:
- Add support for unix domain sockets in the http client.
