- Fixed a bug when user clicking confirmation link after confirmation
and expiration causes confirmation email to resend.
- Added support for I18N.
- Added options `SECURITY_EMAIL_PLAINTEXT` and `SECURITY_EMAIL_HTML`
for sending respecively plaintext and HTML version of email.
- Fixed validation when missing login information.
- Fixed condition for token extraction from JSON body.
- Better support for universal bdist wheel.
- Added port of CLI using Click configurable using options
`SECURITY_CLI_USERS_NAME` and `SECURITY_CLI_ROLES_NAME`.
- Added new configuration option `SECURITY_DATETIME_FACTORY` which can
be used to force default timezone for newly created datetimes.
- Better IP tracking if using Flask 0.12.
- Renamed deprecated Flask-WFT base form class.
- Added tests for custom forms configured using app config.
- Added validation and tests for next argument in logout endpoint.
- Bumped minimal required versions of several packages.
- Extended test matric on Travis CI for minimal and released package
versions.
- Added of .editorconfig and forced tests for code style.
- Fixed a security bug when validating a confirmation token, also checks
if the email that the token was created with matches the user's current
email.
- Replaced token loader with request loader.
- Changed trackable behavior of `login_user` when IP can not be detected
from a request from 'untrackable' to `None` value.
- Use ProxyFix instead of inspecting X-Forwarded-For header.
- Fix identical problem with app as with datastore.
- Removed always-failing assertion.
- Fixed failure of init_app to set self.datastore.
- Changed to new style flask imports.
- Added proper error code when returning JSON response.
- Changed obsolete Required validator from WTForms to DataRequired. Bumped
Flask-WTF to 0.13.
- Fixed missing `SECURITY_SUBDOMAIN` in config docs.
- Added cascade delete in PeeweeDatastore.
- Added notes to docs about `SECURITY_USER_IDENTITY_ATTRIBUTES`.
- Inspect value of `SECURITY_UNAUTHORIZED_VIEW`.
- Send password reset instructions if an attempt has expired.
- Added "Forgot password?" link to LoginForm description.
- Upgraded passlib, and removed bcrypt version restriction.
- Removed a duplicate line ('retype_password': 'Retype Password') in
forms.py.
- Various documentation improvement.
Changes:
Version 9.26 (2018-11-20)
Highlights in this release include:
- Security issues have been the primary focus of this release,
including solving several (well publicised) real and potential
exploits.
PLEASE NOTE: We strongly urge users to upgrade to this latest
release to avoid these issues.
- IMPORTANT: We are in the process of forking LittleCMS. LCMS2
is not thread safe, and cannot be made thread safe without breaking
the ABI. Our fork will be thread safe, and include performance
enhancements (these changes have all be been offered and rejected
upstream). We will maintain compatibility between Ghostscript
and LCMS2 for a time, but not in perpetuity. Our fork will be
available as its own package separately from Ghostscript (and
MuPDF).
- Thanks to Man Yue Mo of Semmle Security Research Team, Jens
Mu:ller of Ruhr-Universita:t Bochum and Tavis Ormandy of Google's
Project Zero for their help to identify specific security
issues.
- The usual round of bug fixes, compatibility changes,
and incremental improvements.
For a list of open issues, or to report problems, please visit
bugs.ghostscript.com.
pkgsrc changes:
- Remove patches/patch-aa, no longer needed (config.h is now
included and HAVE_DECL_BSWAP64 is now properly checked)
- perl is needed in the test phase and at runtime, add it to USE_TOOLS
- Remove no longer needed dependency to p5-IO-tty
- Add support for the test target (and REPLACE_PERL test target scripts)
Changes:
1.3.2
-----
* Platform support:
* Explicitly enable binding to both IPv4 and IPv6 addresses.
(Giel van Schijndel)
* Restore perl 5.8.8 support for RHEL5. (Alexander Chernyakhovsky)
* Make tests detect UTF-8 locale with a helper executable. (John Hood)
* Don't print /etc/motd on IllumOS. (John Hood)
* Print {,/var}/run/motd.dynamic on Ubuntu. (John Hood)
* Fix build on Haiku. (Adrien Destugues)
* Disable unicode-later-combining.test for tmux 2.4.
This fixes build failures. (John Hood)
* Bug fixes:
* In tests, explicitly set 80x24 tmux window, for newer versions
of tmux. (John Hood)
* Work around JuiceSSH rendering bug. (John Hood)
* Do not move cursor for SCROLL UP and SCROLL DOWN--
fixes an issue with tmux 2.4. (John Hood)
Discussed with <agc>, thanks!
Changes:
=================
WebKitGTK+ 2.22.4
=================
What's new in WebKitGTK+ 2.22.4?
- Expose ENABLE_MEDIA_SOURCE as a public build option.
- Fix a crash when using Cairo versions between 1.15 and 1.16.0
- Fix the build with -DLOG_DISABLED=0.
- Fix the build with ENABLE_VIDEO=OFF and ENABLE_WEB_AUDIO=OFF.
- Fix debug builds of JavaScriptCore.
- Fix several crashes and rendering issues.
- NOFIXSMTPIO: new environment variable to perform no filtering.
- FIXSMTPIODEBUG: prefix program name to log messages.
- Compile as C99.
- Have die_nomem() log two levels of call stack.
- Have get_one() log one caller further.
- Avoid extern in declarations.
- Empty next_pile and free event when done.
- Use acceptutils' stralloc wrappers in tls_info().
- Don't call tls_info(): no point setting TLS connection environment
variables when our child has already forked.
IPython 7.1.0
IPython 7.1.0 is the first minor release after 7.0.0 and mostly bring fixes to new feature, internal refactor and regressions that happen during the 6.x->7.x transition. It also bring Compatibility with Python 3.7.1, as were unwillingly relying on a bug in CPython.
New Core Dev:
We welcome Jonathan Slenders to the commiters. Jonathan has done a fantastic work on Prompt toolkit, and we’d like to recognise his impact by giving him commit rights.
Notables Changes
Major update of “latex to unicode” tab completion map (see below)
Notable New Features:
Restore functionality and documentation of the sphinx directive, which is now stricter (fail on error by default), gained configuration options, have a brand new documentation page IPython Sphinx Directive, which need some cleanup. It is also now tested so we hope to have less regressions.
IPython.display.Video now supports width and height arguments, allowing a custom width and height to be set instead of using the video’s width and height.
Warn when using HTML('<iframe>') instead of IFrame
Allow Dynamic switching of editing mode between vi/emacs and show normal/input mode in prompt when using vi. Use %config TerminalInteractiveShell.editing_mode = 'vi' or %config TerminalInteractiveShell.editing_mode = 'emacs' to dynamically spwitch
Notable Fixes:
Fix entering of multi-line block in terminal IPython, and various crashes in the new input transformation machinery
Fix moving through generator stack in ipdb
Magics arguments now support quoting.
Re-add rprint and rprinte aliases.
Remove implicit dependency to ipython_genutils
Make nonlocal raise SyntaxError instead of silently failing in async mode.
Fix mishandling of magics and = ! assignment just after a dedent in nested code blocks
Fix instructions for custom shortcuts
Notable Internals improvements:
Use of os.scandir (Python 3 only) to speedup some file system operations.
use perf_counter instead of clock for more precise timing result with %time
2.0.7:
Bug fixes:
- Fixed assertion in PromptSession: the style_transformation check was wrong.
- Removed 'default' attribute in PromptSession. Only ask for it in the
prompt() method. This fixes the issue that passing default once, will
store it for all consequent calls in the PromptSession.
- Ensure that __pt_formatted_text__ always returns a FormattedText
instance. This fixes an issue with print_formatted_text.
New features:
- Improved handling of situations where stdin or stdout are not a terminal.
(Print warning instead of failing with an assertion.)
- Added print_container utility.
- Sound bell when attempting to edit read-only buffer.
- Handle page-down and page-up keys in RadioList.
- Accept any collections.abc.Sequence for HSplit/VSplit children (instead of
lists only).
- Improved Vi key bindings: return to navigation mode when Insert is pressed.
2.0.6:
Bug fixes:
- Don't use the predefined ANSI colors for colors that are defined as RGB.
(Terminals can assign different color schemes for ansi colors, and we don't
want use any of those for colors that are defined like #aabbcc for instance.)
- Fix in handling of CPRs when patch_stdout is used.
Backwards incompatible changes:
- Change to the Buffer class. Reset the buffer unless the accept_handler
returns True (which means: "keep_text"). This doesn't affect applications
that use PromptSession.
New features:
- Added AdjustBrightnessStyleTransformation. This is a simple style
transformation that improves the rendering on terminals with light or dark
background.
- Improved performance (string width caching and line height calculation).
- Improved TextArea:
* Exposed focus_on_click.
* Added attributes: auto_suggest, complete_while_typing, history,
get_line_prefix, input_processors.
* Made attributes writable: lexer, completer, complete_while_typing,
accept_handler, read_only, wrap_lines.
2.0.5:
Bug fixes:
- Fix in DynamicContainer. Return correct result for get_children. This
fixes a bug related to focusing.
- Properly compute length of start, end and sym_b characters of
progress bar.
- CPR (cursor position request) fix.
Backwards incompatible changes:
- Stop restoring PromptSession attributes when exiting prompt.
New features:
- Added get_line_prefix attribute to window. This opens many
possibilities:
* Line wrapping (soft and hard) can insert whitespace in front
of the line, or insert some symbols in front. Like the Vim "breakindent"
option.
* Single line prompts also support line continuations now.
* Line continuations can have a variable width.
- For VI mode: implemented temporary normal mode (control-O in insert mode).
- Added style transformations API. Useful for swapping between light and
dark color schemes. Added swap_light_and_dark_colors parameter to
prompt() function.
- Added format() method to ANSI formatted text.
- Set cursor position for Button widgets.
- Added pre_run argument to PromptSession.prompt() method.
2.0.4:
Bug fixes:
- Fix render height for rendering full screen applications in Windows.
- Fix in TextArea. Set accept_handler to None if not given.
- Go to the beginning of the next line when enter is pressed in Vi navigation
mode, and the buffer doesn't have an accept handler.
- Fix the default argument of the prompt function when called multiple
times.
- Display decomposed multiwidth characters correctly.
- Accept history in prompt() function again.
Backwards incompatible changes:
- Renamed PipeInput to PosixPipeInput. Added Win32PipeInput and
create_input_pipe.
- Pass buffer argument to the accept_handler of TextArea.
New features:
- Added accept_default argument to prompt().
- Make it easier to change the body/title of a Frame/Dialog.
- Added DynamicContainer.
- Added merge_completers for merging multiple completers together.
- Add vt100 data to key presses in Windows.
- Handle left/right key bindings in Vi block insert mode.
2.0.3:
Bug fixes:
- Fix in 'x' and 'X' Vi key bindings. Correctly handle line endings and args.
- Fixed off by one error in Vi line selection.
- Fixed bugs in Vi block selection. Correctly handle lines that the selection
doesn't cross.
- Python 2 bugfix. Handle str/unicode correctly.
- Handle option+left/right in iTerm.
2.0.2:
Bug fixes:
- Python 3.7 support: correctly handle StopIteration in asynchronous generator.
- Fixed off-by-one bug in Vi visual block mode.
- Bugfix in TabsProcessor: handle situations when the cursor is at the end of
the line.
0.12.0
Drop support for Python 3.3
ca_certs from environment HTTPLIB2_CA_CERTS or certifi
PROXY_TYPE_HTTP with non-empty user/pass raised TypeError: bytes required
Revert http:443->https workaround
eliminate connection pool read race
cache: stronger safename
1.0.0:
* Added --style=auto which follows the terminal ANSI color styles.
* Added support for selecting TLS 1.3 via --ssl=tls1.3
(available once implemented in upstream libraries).
* Added true/false as valid values for --verify
(in addition to yes/no) and the boolean value is case-insensitive.
* Changed the default --style from solarized to auto (on Windows it stays fruity).
* Fixed default headers being incorrectly case-sensitive.
* Removed Python 2.6 support.
CHANGES IN 5.2.5
NEW "set pm3d depthorder base" sorts pm3d quadrangles by projecting to z=0
NEW "set jitter vertical" displaces y coordinate rather than x coordinate
NEW array size can be determined automatically from the initializer
CHANGE place titles along x axis in plots with columnstacked histograms
CHANGE equivalent slope constraint for mcs splines at both ends of the range
CHANGE treat imaginary values plotted from a using spec as UNDEFINED (NaN)
CHANGE allow "reset" between plots in a multiplot layout
CHANGE Deprecate linux and vgagl terminals (to be removed in 5.3)
CHANGE placement of axis and tic labels in 3D projections on to xz or yz plane
CHANGE default to ./configure --without-wx-multithreading
FIX parametric function plots did not work with logscale x (regression in 5.2.0-4)
FIX polar mode "set trange" was assumed to use radians, now it tracks "set angle"
FIX clip polar grid lines and ticks to x/y range limits
FIX clipping of plot "with lines" when axes are nonlinear (regression from 5.0)
FIX clipping of all elements in finanacebars/candlesticks/boxplots
FIX clipping of 3D splot "with labels"
FIX strange interaction of "noautoscale" with blank data lines
FIX alignment of boxed text to center for eps/cairolatex
FIX incompatibility of "pm3d depthorder" and rgb color taken from data column
FIX aqua terminal font changes in enhanced text mode
libcerf-1.7:
- Option -DCERF_CPP allows to choose C++ compilation, which is useful
because MS VisualStudio supports C++14, but not yet C99, and in
particular does not suppotr complex.h under C.
libcerf-1.6:
- Migrated from automake to CMake.
- Corrected typos in man pages.
CMake 3.13.0:
The Visual Studio Generators for VS 2010 and above learned to
support the “INTERPROCEDURAL_OPTIMIZATION” target property and
supporting “CheckIPOSupported” module.
The “Green Hills MULTI” generator has been updated to include
support for platform, architecture, and toolset selection.
The “cmake” command gained the “-S <source_dir>” command line
option to specify the location of the source directory. This option
can be used independently of “-B”.
The “cmake” command gained the “-B <build_dir>” command line
option to specify the location of the build directory. This option
can be used independently of “-S”.
The “cmake” “-E create_symlink” command can now be used on
Windows.
The “target_link_directories()” command was created to specify
link directories for targets and their dependents.
The “target_link_options()” command was created to specify link
options for targets and their dependents.
The “target_link_libraries()” command may now be called to modify
targets created outside the current directory. See policy “CMP0079”.
The “install(TARGETS)” command learned to install targets created
outside the current directory.
A “VS_DEBUGGER_COMMAND_ARGUMENTS” target property was created to
set the debugging command line arguments with Visual Studio
Generators for VS 2010 and above.
A “VS_DEBUGGER_ENVIRONMENT” target property was created to set the
debugging environment with Visual Studio Generators for VS 2010 and
above.
The “option()” command now honors an existing normal variable of
the same name and does nothing instead of possibly creating a cache
entry (or setting its type) and removing the normal variable. See
policy “CMP0077”.
The “target_sources()” command now interprets relative source file
paths as relative to the current source directory. This simplifies
incrementally building up a target’s sources from subdirectories.
The “CMP0076” policy was added to provide backward compatibility
with the old behavior where required.
This allows users to simply install a "go" package and pull in the latest
version available for their host operating system without having to figure
out the name for the correct suffixed package.
v4.7.4:
Bug Fixes
- Raise an explicit exception in set_, set_with, update, and update_with when an object cannot be updated due to that object or one of its nested objects not being subscriptable.
unidecode 1.0.23
* Improve transliteration of Hebrew letters
* Add transliterations for the phonetic block U+1D00 - U+1D7F
* Transliterate SI "micro" prefix as "u" instead of "micro" in the
U+33xx block.
* Add U+33DE SQUARE V OVER M and U+33DF SQUARE A OVER M.
* Drop support for Python 2.6 and 3.3
pkgsrc changes:
- Update MASTER_SITES to avoid MASTER_SITE_DEBIAN
Changes:
2018-11-19 torsocks 2.3.0
* Fix a bunch of stuff in the wrapper script, #24967
* gethostbyaddr_r: always assign result
* log: Remove log line when logging is stopped
* gethostbyaddr_r: Don't put garbage in data->hostname
* gethostbyaddr_r: Populate h_addrtype field
* log: Avoid crash or file corruption when closing logs
* connect: Always pass .onion IP cookie to connection object
* Merge remote-tracking branch 'yawning/bug23715'
* Make torsocks always connect to the configured Tor port
* test: Make getpeername test connect to moria1
* socks5: Always use ATYP 0x03 for CONNECT command
* Merge remote-tracking branch 'upstream/master'
* doc: Clarify the libc limitation in README
* accept4: Initialize libc symbol early
* Bug 23715: Support memfd_create(2).
* test: Detect if tor is running in test_fd_passing
* No tab in the README
* Merge remote-tracking branch 'debian/bugfix/typo-subsytem'
* Merge remote-tracking branch 'debian/bugfix/typo-catched'
* Merge remote-tracking branch 'debian/bugfix/typo-conect'
* doc: Add autogen.sh step to README
* Add a -q/--quiet to torsocks
* tests: Add a check for a running Tor
* Make cpp conditional for definition of handle_mmap match use
* utils: Add useful function for later use
* man: Some words were missing
* Remove clang warnings
* Add missing quotes to variable in torsocks.in
* Fix check_addr() to return either 0 or 1
* Ignore stderr for getcap command
* syscall: Add seccomp, gettimeofday, clock_gettime, fork
* Fix typo: conect -> connect.
* Fix typo: subsytem -> subsystem.
* Fix typo: catched -> caught.
- [#6750] Gradle fails to resolve project dependencies against Scala projects
- [#6747] Candidate set provided to `AttributeDisambiguationRule` contains null entry
- [#6735] Dependent module Scala compilation in test context fails for 4.10.1
2.1.0:
Removed support for Django 1.8, 1.9, 1.10
2.0.5:
Deal with missing context from aldryn-search
Add support for newer Django versions
Add parameters for embed_link
Fix swappable filer image model support
2.0.4:
Added URL parsing for the embed url. It now accepts various versions of YouTube urls and converts them to an embed link.
Added the python3.5 test env
2.0.3:
Prevent changes to DJANGOCMS_VIDEO_XXX settings from requiring new migrations
Changed naming of Aldryn to Divio Cloud
Adapted testing infrastructure (tox/travis) to incorporate django CMS 3.4 and dropped 3.2
Updated translations
2.0.2:
Fixed an issues with migrations where Null values caused IntegrityError
2.0.1:
Removed base.html for performance reasons
Fixed faulty settings parsing in aldryn_config.py
Fixed an issue where ValidationError wasn't imported
Adapted private get_template method
Updated translations
2.0.0:
Dropped flash support
Dropped django CMS <3.3.1 support
Dropped Django <1.8 support
Renamed Video to VideoPlayer
Added Video Source Plugin
Added Video Track Plugin
Adapted files to resemble best practices
Updated translations
2.1.0:
Fixed a validation issue with attributes
Added support for Django 1.11, 2.0 and 2.1
Removed support for Django 1.8, 1.9, 1.10
Adapted testing infrastructure (tox/travis) to incorporate django CMS 3.5 and 4.0
2.0.2:
Ensure class ordering is maintained
2.0.1:
Prevent changes to DJANGOCMS_STYLE_XXX settings from requiring new migrations
Changed naming of Aldryn to Divio Cloud
Adapted testing infrastructure (tox/travis) to incorporate django CMS 3.4 and dropped 3.2
Updated translations
