Python LiveReload is a web server library and command line utility, designed
for web developers who know Python. It comes with the livereload command for
starting up a server in an arbitrary directory, serving up files inside that
directory, and watching for changes to files which trigger regeneration.
[ Amitai Schlair ]
* meta: Fix [[!meta name=foo]] by closing the open quote.
* Avoid unescaped "{" in regular expressions
* meta test: Add tests for many behaviors of the directive.
* img test: Bail gracefully when ImageMagick is not present.
[ Joey Hess ]
* emailauth: Added emailauth_sender config.
* Modified page.tmpl to to set html lang= and dir= when
values have been specified for them, which the po plugin does.
* Specifically license the javascript underlay under the permissive
basewiki license.
[ Simon McVittie ]
* git: if no committer identity is known, set it to
"IkiWiki <ikiwiki.info>" in .git/config. This resolves commit errors
in versions of git that require a non-trivial committer identity.
* inline, trail: rename show, feedshow parameters to limit, feedlimit
(with backwards compatibility)
* pagestats: add "show" option to show meta fields. Thanks, Louis
* inline: force RSS <comments> to be a fully absolute URL as required
by the W3C validator. Please use Atom feeds if relative URLs are
desirable on your site.
* inline: add <atom:link rel="self"> to RSS feeds as recommended by
the W3C validator
* inline: do not produce links containing /./ or /../
* syslog: accept and encode UTF-8 messages
* syslog: don't fail to log if the wiki name contains %s
* Change dependencies from transitional package perlmagick
to libimage-magick-perl (Closes: #789221)
* debian/copyright: update for the rename of openid-selector to
login-selector
* d/control: remove leading article from Description
(lintian: description-synopsis-starts-with-article)
* d/control: Standards-Version: 3.9.6, no changes required
* Wrap and sort control files (wrap-and-sort -abst)
* Silence "used only once: possible typo" warnings for variables
that are part of modules' APIs
* Run autopkgtest tests using autodep8 and the pkg-perl team's
infrastructure
* Add enough build-dependencies to run all tests, except for
non-git VCSs
* tests: consistently use done_testing instead of no_plan
* t/img.t: do not spuriously skip
* img test: skip testing PDFs if unsupported
* img test: use the right filenames when testing that deletion occurs
-- Simon McVittie <smcv@debian.org> Thu, 21 Jan 2016 09:53:07 +0000
Changes:
- Disable DNS prefetch when a proxy is configured.
- Reduce the maximum simultaneous network connections to match other browsers.
- Make WebKitWebView always propagate motion-notify-event signal.
- Add a way to force accelerating compositing mode at runtime using an environment variable.
- Fix input elements and scrollbars rendering with GTK+ 3.19.
- Fix rendering of lines when using solid colors.
- Fix UI process crashes related to not having a main resource response when the load is
committed for pages restored from the history cache.
- Fix a WebProcess crash when loading large contents with custom URI schemes API.
- Fix a crash in the UI process when the WebView is destroyed while the screensaver DBus proxy
is being created.
- Fix WebProcess crashes due to BadDrawable X errors in accelerated compositing mode.
- Fix crashes on PPC64 due to mprotect() on address not aligned to the page size.
- Fix std::bad_function_call exception raised in dispatchDecidePolicyForNavigationAction.
- Fix downloads of data URLs.
- Fix runtime critical warnings when closing a page containing windowed plugins.
- Fix several crashes and rendering issues.
- Translation updates: French, German, Italian, Turkish.
- Security fixes: CVE-2015-7096, CVE-2015-7098.
Upstream changes:
6.41 2016-01-20
- Added support for validation filters.
- Added filters attribute to Mojolicious::Validator.
- Added add_filter method to Mojolicious::Validator.
- Added filter arguments to optional and required methods in
Mojolicious::Validator::Validation.
- Fixed MOJO_WEBSOCKET_DEBUG environment variable. (jberger)
6.40 2016-01-13
- Removed client_challenge, client_handshake, server_handshake and server_open
methods from Mojo::Transaction::WebSocket. (batman, sri)
- Removed is_writing method from Mojo::Transaction.
- Removed upgrade event from Mojo::Transaction::HTTP.
- Deprecated Mojo::Transaction::WebSocket::build_frame and
Mojo::Transaction::WebSocket::parse_frame in favor of
Mojo::WebSocket::build_frame and Mojo::WebSocket::parse_frame. (batman)
- Replaced deprecated proxy method in Mojo::Message::Request with an
attribute.
- Added SNI support to all built-in web servers. (bpmedley, sri)
- Added module Mojo::WebSocket. (batman)
- Added established attribute to Mojo::Transaction::WebSocket.
- Added completed method to Mojo::Transaction.
- Updated jQuery to version 2.2.0.
- Improved performance of Mojo::Server::Daemon and Mojo::UserAgent slightly.
- Improved mtime attribute in Mojo::Asset::Memory to default to the value of
$^T.
- Improved app generator command to generate more portable scripts.
- Fixed a few timing bugs.
- Fixed url_for to handle fragments correctly.
This goes as far back as 2001 (mk.conf.example) but there should not be any
reason to explicitly set CFLAGS for specific packages. In practice this
even fixes support for global CFLAGS in www/apache{22,24}.
ok gdt@
pkgsrc changes:
o Update MASTER_SITES and HOMEPAGE (libproxy migrated to GitHub)
o Delete patches/patch-libproxy_modules_config__macosx.cpp, now present in the
stable release.
Changes:
New in version 0.4.12
==============================
* Move development to github.com/libproxy/libproxy
* Fix fd leak in get_pac (Bug #185)
* Detect running MATE session (Bug #186, Part1).
* Fix linking of perl bindings to pthread (Bug #182)
* Correctly detect spidermonky (mozjs185) (Bug #188)
* Stop pxgsettings from segfaulting on exit (Bug #192)
* Fix test #10 (Bug #189)
* Fix build on Mac OS X (Bug #183)
* Add a generic KDE Config module (fix crashes of Qt5 based
apps) (issue#4)
- Add following line for make test
BUILD_DEPENDS+= p5-Test-Exception-[0-9]*:../../devel/p5-Test-Exception
(upstream)
Update to 0.25
--------------
0.25 2015-04-21T23:39:33Z
Author: Yanick Champoux <yanick at babyl.dyndns.org>
silence warnings
... as the arguments can be undefined
Fixes#10
- Drop PERL5_MODULE_TYPE statement to be default
- Add three lines for make test
BUILD_DEPENDS+= p5-Test-Stream-[0-9]*:../../devel/p5-Test-Stream
BUILD_DEPENDS+= p5-Capture-Tiny-[0-9]*:../../devel/p5-Capture-Tiny
BUILD_DEPENDS+= p5-File-Slurper-[0-9]*:../../devel/p5-File-Slurper
(upstream)
Update 1.05 to 1.09
-------------------
1.09 2015-11-29T10:08:00
- Replace "\t" with \s{4} in scripts/synopsis.pl and t/synopsis.html
in an attempt to fix the large number of failures reported by CPAN
Testers.
- Patch t/test.t to use File::Spec to join a dir to a file name.
- Use $^X rather than 'perl' to invoke Perl in t/test.t.
- Make some pre-req version #s explicit.
1.08 2015-11-26T14:26:00
- In V 1.07 I patched t/test.t to use Test::Stream instead of Test::More,
but did not patch Makefile.PL to match. Test::More is still used for
xt/author/pod.t.
1.07 2015-11-24T08:47:00
- Apologies: Forgot to release V 1.06 to CPAN.
- Add scripts/synopsis.pl and its output t/synopsis.html.
- Copy scripts/synopsis.pl into docs.
- Add t/test.t to run scripts/synopsis.pl and compare the output
to t/synopsis.html.
- Update pre-reqs to add Capture::Tiny and File::Slurper,
which are used in t/test.t.
- Add .gitignore to MANIFEST.SKIP.
- Remove Build.PL.
- Remove t/load.t.
- Reformat the dates in this file.
1.06 2015-02-18T16:32:00
- Add use strict and use warnings to Build.PL and Makefile.PL.
- Add github repo to Build.PL, Makefile.PL and docs.
- Move t/pod.t to xt/author/.
- Patch Build.PL to handle xt/author/*.t.
-------------------------
5.90035 - Tue Mar 31 09:57:18 EDT 2015
Updates the deprecation message to reflect the fact that this module
has been dropped from Catalyst::Runtime.
[No meaningful code changes. No need to upgrade.]
5.90034 - Tue Mar 31 09:47:32 EDT 2015
Adds Catalyst::Runtime to list of prereqs.
- Catalyst::Runtime was not previously included as prereq as it caused
circular dependencies. As of v5.90060, Catalyst::Runtime no longer
includes this module as a prereq. Since that was released 14 months ago,
it should be relatively safe to include Catalyst::Runtime as a prereq.
Adds travis.ci integration.
[No code changes. No need to upgrade.]
---------------
0.005 18 Nov 2015
- two_args_POST now defers to model to indicate support for
$model->create_related
- refactor tests to set explicit content-type for PUT requests
(https://rt.cpan.org/Ticket/Display.html?id=108962)
--------------
0.36 Wed Nov 25 12:00:00 CT 2015
- POD updates, improved warning messages, strictness (andyjack++)
- Make the default BOM added for safari optional. Possible breaking
change, please file issues if this causes trouble.
- New render method to let you just get a JSON encoded version of
some data (Added to make compatible with the unofficial Catalyst
View API that has a render method).
--------------
0.40 2015-01-26
- Add a flag so that a storage can finalize during finalize_header rather
than finalize_body. This is to enable storages that need to write to the
HTTP header (such as the cookie based store).
--------------
0.21 2016-01-01 13:13:10 PST
- fix warnings with non-numeric return values (rkitover) #18
- fix uninitialized value in open warning on perl 5.8 (rkitover)
--------------
3.24 2016-01-13
- Update Apache 2.4 README, flesh out guts of Authz Provider notes.
- Improve Apache 2.4 README's AuthzProvider documentation
- Add POD to Apache2_4::AuthCookie
- Add FAQ to Apache2_4::AuthCookie documenation
- 2.4: document that PerlAddAuthzProvider is only needed for *custom* Requires directives.
- 2.4: make authz_handler recognize multiple usernames in the directive like
mod_authz_user does.
- add test case for internal authz_handler
- explicitly require Apache::Test 1.39 so that APACHE2_4 defines are set
Move the line of ${SED} from do-install to post-patch, to pet pkglint
Upstream change:
Releases > Moodle 3.0.2 release notes
Release date: 11 January 2016
Here is the full list of fixed issues in 3.0.2.
Security issues
A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
Fixes and improvements
This is a very quiet release since Moodle 3.0.1 has only come out recently and lots of developers and users took Christmas holidays after that. Additional interesting issues included in 3.0.2 are:
MDL-49473 - Logs export contains year
MDL-52078 - Fixed error in grade totals when using natural grading and excluding hidden items that appeared only when viewed by students
MDL-52354, MDL-52355 - Database module now allows to set dates in a broader range and respects calendar type plugin
MDL-51257 - Messaging screen now indicates when a message is not sent
MDL-52194 - Fixed Flowplayer not working with insecure configuration of request_order
* Ssl::CertValidationHelper::sslSubmit: Assure that the callback->getDialer()
* Fix build error with ICC
* Fix GnuTLS detection via pkg-config
* Reflect the [ugly] reality in external_acl_type cache=n documentation.
* Avoid memory leaks when a certificate validator is used with SslBump
* Support Ephemeral Elliptic Curve Diffie-Hellman (EECDH) key exchange
* Fix clang build error after rev.13961
* Bug 4397: DragonFly BSD, POSIX shared memory is implemented as filepath
* Fix startup crash with a misconfigured (too-small) shared memory cache
* Fix connection retry and fallback after failed server TLS connections
* Complete certificate chains using external intermediate certificates
* Bug 4387: Kerberos build errors on Solaris
Package changes:
- follow upstream with the rule what's installed of the files
- use newly added -DGEOIPDIR in the place of older string replace function
- stop installing an example output as a configuration file
Upstream changelog:
Logswan 1.04 (2016-01-10)
- Moving global variables into main
- Using 'size_t' instead of 'int' for array indexes in for loops
- Using 'uint32_t' for all non 'uint64_t' integers
- Do not increment hits and processed lines counter for each parsed line,
compute total only once when everything is parsed
- Setting 'CMAKE_BUILD_TYPE' to 'Release' and formatting fixes
- Sanitize CMake script to build under NetBSD (Thanks Kamil Rytarowski)
- Initializing some uninitialized variables
- Renaming 'DATADIR' variables to 'GEOIPDIR'
Logswan 1.03 (2016-01-01)
- Remove header display and do not print name of processed file
- Print results to stderr instead of stdout
- Output JSON data to stdout instead of creating a new file
- Define GeoIP databases path in CMakeLists.txt
- Adding log file name in the JSON output
- Removing some hardcoded values and replacing them with constants
defined in config.h
- Breaking the loop when a match is found in the request parser
- Using enumeration constants instead of macros
- Process GeoIP continent information
- Re-ordering protocols and methods with more common occurences on top of
the list, allowing to break earlier when iterating through the array
- Adding support for reading logs from standard input
- Renaming 'definitions' files to 'config'
- Increasing countries array size, as an attempt to be future-proof
- Initial support for using pledge() on OpenBSD
- Documentation updates (HLL precision, Features list, GeoIP databases)
- Updated JSON output example
- Added a manual page
Logswan 1.02 (2015-11-02)
- Renaming 'resource' variable to 'request' in the 'logLine' struct
- Do not attempt to parse empty date tokens
- Do not attempt to parse empty request tokens (Thanks Brian Carpenter for
reporting the issue)
This module implements a www-like shell above WWW::Mechanize and also has the
capability to output crude Perl code that recreates the recorded session.
Its main use is as an interactive starting point for automating a session
through WWW::Mechanize.
The cookie support is there, but no cookies are read from your existing browser
sessions. See HTTP::Cookies on how to implement reading/writing your current
browsers cookies.
From DESCR:
This module is intended as a simple way to fill out HTML forms from a set
of predetermined values. You set up the form filler with value elements,
retrieve the HTML form, and let the form filler loose on that form.
There are value classes provided for many tasks - fixed values, values to
be queried interactively from the user, values taken randomly from a list
of values and values specified through a callback to some Perl code.
This module abstracts the task of displaying HTML to the user. The displaying
is done by launching a browser and navigating it to either a temporary file
with the HTML stored in it, or, if possible, by pushing the HTML directly
into the browser window.
Changelog:
Fixed: Fix for startup crash for users of a third party antivirus tool (Bug 1235537)
Fixed: Multi-user GNU/Linux download folders can be created (Bug 1233434)
Changed: Re-enable SHA-1 certificates (Bug 1236975)
Upstream changes:
0.165000 2015-12-17 09:19:13+01:00 Europe/Amsterdam
[ BUG FIXES ]
* Revert session_name change, as this would invalidate all existing
changes. We will need to rethink this change.
(Stefan @racke Hornburg, Sawyer X)
0.164000 2015-12-16 23:42:24+01:00 Europe/Amsterdam
[ DOCUMENTATION ]
* Update core team members and contributors list. (Russell Jenkins)
* GH #1066: Fix typo in Cookbook. (gertvanoss)
* Correct typo. It's "query_parameters", not "request_parameters".
Thanks to mst for letting me know and making sure I fix it!
(Sawyer X)
[ BUG FIXES ]
* GH #1040: Forward with a post body no longer tries to re-read body
filehandle. (Bas Bloemsaat)
* GH #1042: Add Diggest::SHA as explicit prequisite for installs on
perl < v5.9.3. (Russell Jenkins)
* GH #1071, #1070: HTML escape the message in the default error page.
(Peter Mottram)
* GH #1062, #1063: Command line interface didn't support
"-s SKELETON_DIRECTORY" in any order.
(Nuno Carvalho)
* GH #1052, #1053: Always call before_serializer hook when serializer
is set.
(Mickey Nasriachi)
* GH #1034: Correctly use different session cookie name for Dancer2.
(Jason A. Crome)
* GH #1060: Remove trailing slashes when providing skeleton
directory.
(Gabor Szabo)
[ ENHANCEMENTS ]
* Use Plack 1.0035 to make sure you only have HTTP::Headers::Fast
in the Plack::Request object internally.
* GH #951#1037: Dancer2::Template::TemplateToolkit no longer sets TT2
INCLUDE_PATH directive, allowing `views` setting to be non-absolute
paths. (Russell Jenkins)
* GH #1032#1043: Add .dancer file to new app scaffolding.
(Jason A. Crome)
* GH #1045: Small cleanups to Request class. (Russell Jenkins)
* GH #1033: strict && warnings in Dancer2::CLI. (Mohammad S Anwar)
* GH #1052, #1053: Allow before_serializer hook to change the content
using @_.
(Mickey Nasriachi)
* GH #1060: Ignore .git directory when using an external skeleton
directory.
(Gabor Szabo)
* GH #1060: Support more asset file extensions. (Gabor Szabo)
* GH #1072: Add request->is_options(). (Theo van Hoesel)
Version 1.7.5
-------------
Released December 2nd 2015
- Added `SECURITY_TOKEN_MAX_AGE` configuration setting
- Fixed calls to `SQLAlchemyUserDatastore.get_user(None)` (this now returns
`False` instead of raising a `TypeError`
- Fixed URL generation adding extra slashes in some cases (see GitHub #343)
- Fixed handling of trackable IP addresses when the `X-Forwarded-For`
header contains multiple values
- Include WWW-Authenticate headers in `@auth_required` authentication
checks
- Fixed error when `check_token` function is used with a json list
- Added support for custom `AnonymousUser` classes
- Restricted `forgot_password` endpoint to anonymous users
- Allowed unauthorized callback to be overridden
- Fixed issue where passwords cannot be reset if currently set to `None`
- Ensured that password reset tokens are invalidated after use
- Updated `is_authenticated` and `is_active` functions to support
Flask-Login changes
- Various documentation improvements
No changelog provided; includes several structural updates including the
switch from package to module, and a change in maintainer.
Backwards Compatibility
=======================
Version 0.2.0
-------------
* The `patch_request_class` function was removed as it's unnecessary from
Flask 0.6 onward.
* Filenames without extensions are no longer lowercased by `lowercase_ext`,
only the extension is returned in lowercase, if an extension exists.
1.4.0
-----
* Updated and reworked documentation
* FileAdmin went through minor refactoring and now supports remote
file systems. Comes with the new, optional, AWS S3 file management
interface
* Configurable CSV export for model views
* Added overridable URL generation logic. Allows using custom URLs with
parameters for administrative views
* Added column_display_actions to ModelView control visibility of the
action column without overriding the template
* Added support for the latest MongoEngine
* New SecureForm base class for easier CSRF validation
* Lots of translation-related fixes and updated translations
* Bug fixes
Version 2.1
-----------
Released December 15, 2015
- Added `render_kw` to allow default rendering time options.
- Updated / added a number of localizations
- Updated docs
- Allow widgets to set flags
Upstream changes:
6.39 2016-01-03
- Updated links to Mojolicious website.
- Fixed small html_unescape bug in Mojo::Util.
- Fixed handling of invalid max age in Mojo::UserAgent::CookieJar.
6.38 2015-12-19
- Updated prettify.js to version 8-Dec-2015.
- Improved form generation in Mojo::UserAgent::Transactor to use UTF-8 as the
default charset.
6.37 2015-12-14
- Added protocol and with_protocols methods to Mojo::Transaction::WebSocket.
- Fixed a few reference encoding bugs in Mojo::JSON.
- Fixed a few form generation bugs in Mojo::UserAgent::Transactor.
Upstream changes:
2016-01-08 Karen Etheridge <ether@cpan.org>
Release 1.71
No changes since 1.70_001
2015-12-29 Karen Etheridge <ether@cpan.org>
Release 1.70_001
Kaitlyn Parkhurst:
- Localize $@ when attempting to load URI subclasses (PR#30)
Karen Etheridge:
- speed up construction time by not attempting to load the same
non-existent URI subclass twice
Version 0.11.3
--------------
Released on December 20th 2015.
- Fixed an issue with copy operations not working against
proxies.
- Changed the logging operations of the development server to
correctly log where the server is running in all situations
again.
- Fixed another regression with SSL wrapping similar to the
fix in 0.11.2 but for a different code path.
This is a mantenance release to fix an overlaping bug on bytes charts with
last versions of browsers like firefox, iceweasel and chrome.
- Fix height of bytes graphs that was overlaping on third graph.
- Update russian translation.
- Update copyright year.
Upstream changes since 0.9.08:
added initial support for spell checking;
added support for selecting allowed and rejected domains for third-party cookies;
added support for customizing visible columns and their order in most of views;
added support for customizing text and icon of toolbar entries;
added support for adding arbitrary menus to toolbars;
some other fixes and minor improvements.
Cherry-picked changes suggested by upstream:
Always mark dialogs as restored (67c2ae72cc57c)
Fallback to QItemDelegate::paint() if type is unknown (fd7380a9eec7)
Try to return first address field from the list if none was matched (d1a1b0bbc8d80d0)
What's New
General
* Developer reference - Improvements to inline code documentation.
* i18n support - Improvements to translation strings all over the core.
* Admin page headings were adjusted from H3 to H2 tags to reinforce page hierarchy
* Improvements to how list tables are displayed on all size screens
Posts
* The post/page permalink UI was simplified, linking the permalink and removing the "View" button
Comments
* The "View Comment" link was relocated from the Status meta box in the comment-editing screen
* Many comment functions can now accept a full object instead of 'comment_ID' to reduce cache/db lookups
* Orphaned comments now fall back to the 'edit_posts' capability
Appearance
* Site icons will now fall back to the 'full' size URL when the 'thumbnail' size doesn't exist
Multisite
* The language chooser was added to the new site form on wp-signup.php
* Sites may no longer be created with the following reserved slugs: wp-admin, wp-content, wp-includes, or wp-json
Fixed incorrect unique_together field name generation by inspectdb.
Corrected __len query lookup on ArrayField for empty arrays.
Restored the ability to use custom formats from formats.py with django.utils.formats.get_format() and the date template filter.
Fixed a state bug when migrating a SeparateDatabaseAndState operation backwards.
Fixed missing varchar/text_pattern_ops index on CharField and TextField respectively when using AlterField on PostgreSQL.
Fixed a state bug when using an AlterModelManagers operation.
Fixed a regression which prevented using a language not in Django’s default language list (LANGUAGES).
django.views.decorators.cache.never_cache() now sends more persuasive headers (added no-cache, no-store, must-revalidate to Cache-Control) to better prevent caching. This fixes a problem where a page refresh in Firefox cleared the selected entries in the admin’s filter_horizontal and filter_vertical widgets, which could result in inadvertent data loss if a user didn’t notice that and then submitted the form.
Fixed a regression in the admin which ignored line breaks in read-only fields instead of converting them to <br>.
Made loaddata skip disabling and enabling database constraints when it doesn’t load any fixtures.
Fixed a crash in QuerySet.values()/values_list() after an annotate() and order_by() when values()/values_list() includes a field not in the order_by()
=== 2.7.4
* New Features
* Accept array-like and hash-like values as query/parameter value.
A new utility method Mechanize::Util.each_parameter is added, and Mechanize::Util.build_query_string is enhanced
for this feature.
* Allow passing a `Form::FileUpload` instance to `#post`. #350 by Sam
Rawlins.
* Capture link when scheme is unsupported. #362 by Jon Rowe.
* Pre-defined User-Agent stings are updated to those of more recent versions, and new aliases for IE 10/11 and Edge are added.
* Support for mime-types 1.x is restored while keeping compatible with mime-types 2.x and adding support for 3.0.
* Mechanize::Page now responds to #xpath, #css, #at_xpath, #at_css, and #%.
* element(s)_with methods now accept :xpath and :css options for doing xpath/css
selector searching.
* Pass URI information to Nokogiri where applicable. #405 @lulalala
* Bug fix
* Don't raise an exception if a connection has set a {read,open}_timeout and
a `file://` request is made. (#397)
* Fix whitespace bug in WWW-Authenticate. #451, #450, by Rasmus Bergholdt
* Don't allow redirect from a non-file URL to a file URL for security reasons. (#455)
1.4.0 / 2015-12-25
Minor Enhancements
Bump Sass to v3.4 and above. (#40)
Strip byte order mark from generated compressed Sass/SCSS (#39)
Strip BOM by default, but don't add in the @charset by default (#42)
Development Fixes
Add Jekyll 2 & 3 to test matrix (#41)
pkgsrc changes:
* Add completely support for pkg_alternatives (adding ALTERNATIVES).
* Remove ruby18 specific description in Makefile.
Changes in 2.7.1
Jan 1, 2016 - version 2.7.1
* Changes
- Symbol aware header key comparison
Normalizes symbol to String for header key.
https://github.com/nahi/httpclient/issues/278
- Show warning message only once
Added HTTPClient::Util.warning that cached warning message and supress
the message if it's already dumped.
- Use Timeout.timeout instead of Kernel.timeout that is deprecated from
ruby 2.3.0.
* Bug fixes
- [JRuby] Set ssl_version properly
## 1.0.1 (2015-12-27)
* [#283](https://github.com/httprb/http/pull/283):
Use io/wait on supported platforms.
([@tarcieri])
## 1.0.0 (2015-12-25)
* [#265](https://github.com/httprb/http/pull/265/):
Remove deprecations ([@tarcieri]):
- HTTP::Chainable#with_follow (use #follow)
- HTTP::Chainable#with, #with_headers (use #headers)
- HTTP::Chainable#auth(:basic, ...) (use #basic_auth)
- HTTP::Chainable#default_headers (use #default_options[:headers])
- HTTP::Headers#append (use #add)
- HTTP::Options#[] hash-like API deprecated in favor of explicit methods
- HTTP::Request#request_header (use #headline)
- HTTP::Response::STATUS_CODES (use HTTP::Status::REASONS)
- HTTP::Response::SYMBOL_TO_STATUS_CODE (no replacement)
- HTTP::Response#status_code (use #status or #code)
- HTTP::Response::Status#symbolize (use #to_sym)
* [#269](https://github.com/httprb/http/pull/273/):
Close connection in case of error during request.
([@ixti])
* [#271](https://github.com/httprb/http/pull/273/):
High-level exception wrappers for low-level I/O errors.
([@ixti])
* [#273](https://github.com/httprb/http/pull/273/):
Add encoding option.
([@connorhd])
* [#275](https://github.com/httprb/http/pull/273/):
Support for disabling Nagle's algorithm with `HTTP.nodelay`.
([@nerdrew])
* [#276](https://github.com/httprb/http/pull/276)
Use Encoding::BINARY as the default encoding for HTTP::Response::Body.
([@tarcieri])
* [#278](https://github.com/httprb/http/pull/278)
Use an options hash for HTTP::Request initializer API.
([@ixti])
* [#279](https://github.com/httprb/http/pull/279)
Send headers and body in one write if possible.
This avoids a pathological case in Nagle's algorithm.
([@tarcieri])
* [#281](https://github.com/httprb/http/pull/281)
Remove legacy 'Http' constant alias to 'HTTP'.
([@tarcieri])
Quote from commit logs:
* Reset and close connection on duplicate response.
* Rescue from StandardError instead of Exception.
* Handle redirects on keep-alive connections.
* Fix the issue when redirect url is triggered only after inactivity timeout.
* ignore query option when redirecting.
* Use Base64.strict_encode64 to not add line feeds.
* Cleanup header annotations for rubydocs, closes#281.
* Use inferred_port, port can be nil causing connection failures.
* Don't modify header for CONNECT style proxies.
* fixing specs, cleaning up deprecation warning.
* Don't memoize status; http_status may change.
httpbin is an amazing web service for testing HTTP libraries. It
has several great endpoints that can test pretty much everything
you need in a HTTP library. The only problem is: maybe you don't
want to wait for your tests to travel across the Internet and back
to make assertions against a remote web service (speed), and maybe
you want to work offline (convenience).
Enter pytest-httpbin. Pytest-httpbin creates a pytest fixture that
is dependency-injected into your tests. It automatically starts up
a HTTP server in a separate thread running httpbin and provides
your test with the URL in the fixture.
Testing an HTTP Library can become difficult sometimes. RequestBin
is fantastic for testing POST requests, but doesn't let you control
the response. This exists to cover all kinds of HTTP scenarios.
Additional endpoints are being considered.
All endpoint responses are JSON-encoded.
1.14 (2015-12-29)
+++++++++++++++++
* contrib: SOCKS proxy support! (Issue #762)
* Fixed AppEngine handling of transfer-encoding header and bug
in Timeout defaults checking. (Issue #763)
1.13.1 (2015-12-18)
+++++++++++++++++++
* Fixed regression in IPv6 + SSL for match_hostname. (Issue #761)
1.13 (2015-12-14)
+++++++++++++++++
* Fixed ``pip install urllib3[secure]`` on modern pip. (Issue #706)
* pyopenssl: Fixed SSL3_WRITE_PENDING error. (Issue #717)
* pyopenssl: Support for TLSv1.1 and TLSv1.2. (Issue #696)
* Close connections more defensively on exception. (Issue #734)
* Adjusted ``read_chunked`` to handle gzipped, chunk-encoded bodies without
repeatedly flushing the decoder, to function better on Jython. (Issue #743)
* Accept ``ca_cert_dir`` for SSL-related PoolManager configuration. (Issue #758)
1.12 (2015-09-03)
+++++++++++++++++
* Rely on ``six`` for importing ``httplib`` to work around
conflicts with other Python 3 shims. (Issue #688)
* Add support for directories of certificate authorities, as supported by
OpenSSL. (Issue #701)
* New exception: ``NewConnectionError``, raised when we fail to establish
a new connection, usually ``ECONNREFUSED`` socket error.
1.11 (2015-07-21)
+++++++++++++++++
* When ``ca_certs`` is given, ``cert_reqs`` defaults to
``'CERT_REQUIRED'``. (Issue #650)
* ``pip install urllib3[secure]`` will install Certifi and
PyOpenSSL as dependencies. (Issue #678)
* Made ``HTTPHeaderDict`` usable as a ``headers`` input value
(Issues #632, #679)
* Added `urllib3.contrib.appengine <https://urllib3.readthedocs.org/en/latest/contrib.html#google-app-engine>`_
which has an ``AppEngineManager`` for using ``URLFetch`` in a
Google AppEngine environment. (Issue #664)
* Dev: Added test suite for AppEngine. (Issue #631)
* Fix performance regression when using PyOpenSSL. (Issue #626)
* Passing incorrect scheme (e.g. ``foo://``) will raise
``ValueError`` instead of ``AssertionError`` (backwards
compatible for now, but please migrate). (Issue #640)
* Fix pools not getting replenished when an error occurs during a
request using ``release_conn=False``. (Issue #644)
* Fix pool-default headers not applying for url-encoded requests
like GET. (Issue #657)
* log.warning in Python 3 when headers are skipped due to parsing
errors. (Issue #642)
* Close and discard connections if an error occurs during read.
(Issue #660)
* Fix host parsing for IPv6 proxies. (Issue #668)
* Separate warning type SubjectAltNameWarning, now issued once
per host. (Issue #671)
* Fix ``httplib.IncompleteRead`` not getting converted to
``ProtocolError`` when using ``HTTPResponse.stream()``
(Issue #674)
1.10.4 (2015-05-03)
+++++++++++++++++++
* Migrate tests to Tornado 4. (Issue #594)
* Append default warning configuration rather than overwrite.
(Issue #603)
* Fix streaming decoding regression. (Issue #595)
* Fix chunked requests losing state across keep-alive connections.
(Issue #599)
* Fix hanging when chunked HEAD response has no body. (Issue #605)
1.10.3 (2015-04-21)
+++++++++++++++++++
* Emit ``InsecurePlatformWarning`` when SSLContext object is missing.
(Issue #558)
* Fix regression of duplicate header keys being discarded.
(Issue #563)
* ``Response.stream()`` returns a generator for chunked responses.
(Issue #560)
* Set upper-bound timeout when waiting for a socket in PyOpenSSL.
(Issue #585)
* Work on platforms without `ssl` module for plain HTTP requests.
(Issue #587)
* Stop relying on the stdlib's default cipher list. (Issue #588)
1.10.2 (2015-02-25)
+++++++++++++++++++
* Fix file descriptor leakage on retries. (Issue #548)
* Removed RC4 from default cipher list. (Issue #551)
* Header performance improvements. (Issue #544)
* Fix PoolManager not obeying redirect retry settings. (Issue #553)
1.10.1 (2015-02-10)
+++++++++++++++++++
* Pools can be used as context managers. (Issue #545)
* Don't re-use connections which experienced an SSLError. (Issue #529)
* Don't fail when gzip decoding an empty stream. (Issue #535)
* Add sha256 support for fingerprint verification. (Issue #540)
* Fixed handling of header values containing commas. (Issue #533)
Changes:
* Fixes Github #194: Add source dialog visually broken
(reported by k0377)
* Fixes Github #195: Out-dated documentation on enclosure download
(reported by brian-in-crawford)
* Fixes Github #223: Search folder dialog don't show rules
(reported by Guido Masella)
* Fixes Github #227: Preference dialog fails to load with latest
GtkBuilder (patch by Yanko Kaneti)
* Fixes Github #234: Segmentation fault upon attempting to add an OPML
(reported by GreenLunar)
* Fixes compilation error when there is no libnotify
* Added debugging for #258: Dialog loading issues
(patch by glitsj16)
* Fix alsa option build, fix PR pkg/50427
Changelog:
Fix: Fix network issue when using Nvidia's Network Access Manager (1233237)
Fix: On some Windows configurations, improve the decoding of some videos on YouTube (1233970)
written in Ruby, but this version is meant for efficiency and portability.
This library strives to be light, simple, and easy to build and integrate with
a variety of platforms and languages.
Fri Dec 18 15:54:50 CET 2015
Releasing libmicrohttpd 0.9.48. -CG
Tue Dec 15 18:35:55 CET 2015
Improved compatibility with VS2010 and other older
compilers. -EG
Tue Dec 8 21:48:44 CET 2015
Default backlog size for listen socket was changed from
32 to SOMAXCONN, added new option MHD_OPTION_LISTEN_BACKLOG_SIZE
to override default backlog size.
If not all connections can be handled by MHD_select() than
at least some of connections will be processed instead of
failing without any processing.
Fixed redefenition of FD_SETSIZE on W32 so select() will
work with 2000 connections instead of 64.
Better handled redefenition of FD_SETSIZE on all
platforms. -EG
Sat Dec 5 17:30:45 CET 2015
Close sockets more aggressively in multi-threaded
mode (possibly relevant for idle servers). -CG
----------------------
- 1.4.38 - 2015-12-05
* [stat-cache] fix handling of collisions, might have returned wrong
data (fixes#2669)
* [core] allocate at least 4k buffer for incoming data
* [core] fix search for header end if split across chunks (fixes#2670)
* [core] check configparserAlloc() result with force_assert
* [mod_auth] implement and use safe_memclear, using memset_s or
explicit_bzero if available (thx loganaden)
* [core] don't buffer request bodies smaller than 64k on disk
* add force_assert for many allocations and function results
* [mod_secdownload] use a hopefully constant time comparison to check
hash (fixes#2679)
* [config] check config option scope; warn if server option is given
in conditional
* [core] revert increase of temp file size back to 1MB, provide a
configure option "server.upload-temp-file-size" instead (fixes
#2680)
* [core] add '~' to safe characters in
ENCODING_REL_URI/ENCODING_REL_URI_PART encoding
* [core] encode path with ENCODING_REL_URI in redirect to directory
(fixes#2661, thx gstrauss)
* [mod_secdownload] add required algorithm option; old behaviour
available as "md5", new options "hmac-sha1" and "hmac-sha256"
* [mod_fastcgi/mod_scgi] zero sockaddr structs before use (fixes
#2691, thx Kyle J. McKay)
* [network] add darwin-sendfile backend (fixes#2687, thx Kyle J. McKay)
* [core] show correct crypt support result (fixes#2690, thx Kyle J. McKay)
4.25 2015-12-17
[ DOCUMENTATION ]
- fix link to CONTRIBUTING file (thanks to Manwar for the fix)
- clarify that "soft" deprecation means that the HTML functions
are deprecated but will not raise any deprecation warnings
[ SPEC / BUG FIXES ]
- make the list context warning only happen once per process (or
thread) to prevent excessive log noise in long running or in
persistent processes (thanks to @dadamail for the suggestion)
4.23 2015-12-17
[ DOCUMENTATION ]
- add LICENSE file and LICENSE info to Makefile.PL
Changelog:
On December 8, 2015, WordPress Version 4.4, named for jazz musician Clifford Brown, was released to the public. For more information on this enhancement and bug-fix release, read the WordPress Blog, and see the Changelog for 4.4.
For Version 4.4, the database version (db_version in wp_options) changed to 35700, and the Trac revision was 35842.
Highlights
twenty-sixteen-white-desktop-1x.png
New Default Theme - Twenty Sixteen
Modern take on the classic blog design
Flexible header and fun color schemes will make your content shine
Mobile-first and responsive
The Finer Points
responsive-devices-desktop-1x.png
Responsive images:
WordPress now takes a smarter approach to displaying appropriate image sizes on any device, ensuring a perfect fit every time. You don’t need to do anything to your theme, it just works.
wp embed preview.png
Embed your WordPress content:
Now you can embed your posts on other sites, even other WordPress sites. Simply drop a post URL into the editor and see an instant embed preview, complete with the title, excerpt, and featured image if you’ve set one. We’ll even include your site icon and links for comments and sharing.
reverbnation embed.png
Even more embed providers:
In addition to post embeds, WordPress 4.4 also adds support for five new oEmbed providers: Cloudup, Reddit Comments, ReverbNation, Speaker Deck, and VideoPress.
For Developers
REST API infrastructure: Infrastructure for the REST API has been integrated into core, the first part of a multi-stage rollout. Inclusion of core endpoints is targeted for an upcoming release. To get a sneak peek of the core endpoints, and for more information on extending the REST API, check out the official WordPress REST API plugin.
Term meta: Terms now support metadata, just like posts. See add_term_meta(), get_term_meta(), and update_term_meta() for more information.
Comment query improvements: Comment queries now have cache handling to improve performance. New arguments in WP_Comment_Query make crafting robust comment queries simpler.
Term, comment, and network objects: New WP_Term, WP_Comment, and WP_Network objects make interacting with terms, comments, and networks more predictable and intuitive in code.
What's New
General
Developer reference - Improvements to inline code documentation.
i18n support - Improvements to translation strings all over the core.
Admin page headings were adjusted from H3 to H2 tags to reinforce page hierarchy
Improvements to how list tables are displayed on all size screens
Posts
The post/page permalink UI was simplified, linking the permalink and removing the "View" button
Media
Comments
The "View Comment" link was relocated from the Status meta box in the comment-editing screen
Many comment functions can now accept a full object instead of 'comment_ID' to reduce cache/db lookups
Orphaned comments now fall back to the 'edit_posts' capability
Appearance
Site icons will now fall back to the 'full' size URL when the 'thumbnail' size doesn't exist
Users
Install Process
Multisite
The language chooser was added to the new site form on wp-signup.php
Sites may no longer be created with the following reserved slugs: wp-admin, wp-content, wp-includes, or wp-json
Accessibility
Under The Hood
General
Unclosed HTML elements in shortcode attributes were disallowed
HTML was removed from all translatable text strings
Rewrite rules are now flushed on theme switch
Most core classes were moved to their own files
Embeds
Add oEmbed support for Cloudup.
Add oEmbed support for Reddit Comments.
Add oEmbed support for ReverbNation.
Add oEmbed support for Speaker Deck.
Add oEmbed support for VideoPress.
Remove oEmbed support for Blip.
JavaScript
Customizer: Ensure persistence of unchanged active state for controls, sections, and panels
Customizer: Fixed logic for determining the container element when focusing on a panel, section, or control
Customizer: Fixed clearing of a color control's setting by using proper empty value
Bug Fixes
Fail gracefully when checking mapped capabilities against unregistered post types
Visibility was restored for the Tags auto-suggest tooltip in Quick Edit
The $public_only parameter was added to count_user_posts()
Cron: Events are now rejected when the provided $timestamp value is not a valid timestamp
Users with no role are now redirected to the home page on login instead of their profile-editing screen
Multisite
A network can now be retrieved by its ID through WP_Network::get_instance()
A network can now be created or completed by passing arguments to WP_Network
Network-level capabilities were clarified and some long-time bugs were fixed
Classes
What's New
WP_Comment
WP_Comment_Query->$found_comments
WP_Comment_Query->$max_num_pages
WP_Comment_Query->$meta_query_clauses
WP_Comment_Query->$sql_clauses
WP_Comment_Query::fill_descendants()
WP_Comment_Query::get_comment_ids()
WP_Customize_Manager->$autofocus
WP_Customize_Manager->$preview_url
WP_Customize_Manager->$return_url
WP_Customize_Manager::customize_pane_settings()
WP_Customize_Manager::get_autofocus()
WP_Customize_Manager::get_document_title_template()
WP_Customize_Manager::get_preview_url()
WP_Customize_Manager::get_return_url()
WP_Customize_Manager::is_ios()
WP_Customize_Manager::set_autofocus()
WP_Customize_Manager::set_preview_url()
WP_Customize_Manager::set_return_url()
WP_Customize_Setting->$is_multidimensional_aggregated
WP_Customize_Setting->$is_previewed
WP_Customize_Setting::$aggregated_multidimensionals
WP_Customize_Setting::_multidimensional_preview_filter()
WP_Customize_Setting::aggregate_multidimensional()
get_root_value/ WP_Customize_Setting::get_root_value()
id_data/ WP_Customize_Setting::id_data()
set_root_value/ WP_Customize_Setting::set_root_value()
WP_Customize_Widgets::get_widget_control_parts()
WP_Customize_Widgets::is_panel_active()
WP_Filesystem_SSH2::sftp_path()
WP_HTTP_Response
WP_List_Table::get_primary_column()
WP_Locale->$start_of_week
WP_MS_Sites_List_Table::column_id()
WP_MS_Users_List_Table::column_id()
WP_Media_List_Table->$comment_pending_count
WP_Network
WP_Posts_List_Table::get_edit_link()
WP_Query->$is_embed
WP_Query->$updated_comment_meta_cache
WP_Query->$updated_term_meta_cache
WP_Query::is_embed()
WP_Query::lazyload_comment_meta()
WP_Query::lazyload_term_meta()
WP_REST_Request
WP_REST_Response
WP_REST_Server
WP_Screen->$_screen_reader_content
WP_Screen::get_screen_reader_content()
WP_Screen::get_screen_reader_text()
WP_Screen::remove_screen_reader_content()
WP_Screen::render_list_table_columns_preferences()
WP_Screen::render_meta_boxes_preferences()
WP_Screen::render_screen_reader_content()
WP_Screeb::render_view_mode()
WP_Screen::set_screen_reader_content()
WP_Term
>$update WP_Theme
WP_User::__unset()
>$request WP_User_Query
WP_User_Query::fill_query_vars()
WP_Users_List_Table::get_role_list()
WP_Widget_Calendar::$instance
WP_Widget_Tag_Cloud::_get_current_taxonomy()
WP_oEmbed_Controller
wpdb->$termmeta
Deprecated
Functions
What's New
_prime_comment_caches()
add_network_option()
add_term_meta()
delete_network_option()
delete_term_meta()
enqueue_embed_scripts()
get_header_image_tag()
get_html_split_regex()
get_network_option()
get_oembed_endpoint_url()
get_oembed_response_data()
get_oembed_response_data_rich()
get_password_reset_key()
get_post_embed_html()
get_post_embed_url()
get_preview_post_link()
get_rest_url()
get_shortcode_atts_regex()
get_subdirectory_reserved_names()
get_term_meta()
get_the_author_posts_link()
get_the_comments_navigation()
get_the_comments_pagination()
get_the_post_thumbnail_url()
is_embed()
is_post_type_viewable()
is_registered_sidebar()
map_deep()
print_embed_comments_button()
print_embed_scripts()
print_embed_sharing_button()
print_embed_sharing_dialog()
print_embed_styles()
register_rest_route()
rest_api_default_filters()
rest_api_init()
rest_api_loaded()
rest_api_register_rewrites()
rest_cookie_check_errors()
rest_cookie_collect_status()
rest_do_request()
rest_ensure_request()
rest_ensure_response()
rest_get_date_with_gmt()
rest_get_url_prefix()
rest_handle_deprecated_argument()
rest_handle_deprecated_function()
rest_handle_options_request()
rest_output_link_header()
rest_output_link_wp_head()
rest_output_rsd()
rest_parse_date()
rest_send_allow_header()
rest_send_cors_headers()
rest_url()
signup_get_available_languages()
strip_fragment_from_url()
stripslashes_from_strings_only()
the_comments_navigation()
the_comments_pagination()
the_excerpt_embed()
the_header_image_tag()
the_post_thumbnail_url()
update_network_option()
update_term_meta()
update_termmeta_cache()
urldecode_deep()
wp_ajax_delete_inactive_widgets()
wp_ajax_generate_password()
wp_ajax_save_wporg_username()
wp_calculate_image_sizes()
wp_calculate_image_srcset()
wp_embed_excerpt_attachment()
wp_embed_excerpt_attachment()
wp_filter_oembed_result()
wp_get_attachment_image_sizes()
wp_get_attachment_image_srcset()
wp_get_attachment_image_url()
wp_get_document_title()
wp_get_server_protocol()
wp_get_users_with_no_role()
wp_handle_comment_submission()
wp_image_add_srcset_and_sizes()
wp_installing()
wp_is_numeric_array()
wp_make_content_images_responsive()
wp_maybe_decline_date()
wp_new_comment_notify_moderator()
wp_new_comment_notify_postauthor()
wp_oembed_add_discovery_links()
wp_oembed_add_host_js()
wp_oembed_ensure_format()
wp_oembed_register_route()
wp_parse_url()
wp_remote_retrieve_cookie()
wp_remote_retrieve_cookie_value()
wp_remote_retrieve_cookies()
wp_removable_query_args()
wp_rest_server_class()
wp_send_new_user_notifications()
wp_term_is_shared()
Deprecated
wp_get_http()
Actions & Filters
New Actions
after_password_reset
after_signup_site
after_signup_user
attachment_updated
before_signup_header
clean_user_cache
customize_post_value_set
customize_post_value_set_{$setting_id}
delete_plugin
delete_widget
deleted_plugin
edit_user_created_user
embed_content
embed_content_meta
embed_footer
embed_head
enqueue_embed_scripts
invite_user
manage_posts_extra_tablenav
ms_network_not_found
network_site_new_created_user
network_site_users_created_user
network_user_new_created_user
page_attributes_meta_box_template
post_submitbox_minor_actions
pre_auto_update
register_new_user
rest_api_init
wp_add_nav_menu_item
wp_mail_failed
wp_verify_nonce_failed
New Filters
admin_post_thumbnail_size
comment_excerpt_length
comment_form_fields
content_pagination
customize_loaded_components
dashboard_recent_drafts_query_args
dashboard_secondary_items
default_hidden_columns
document_title_parts
document_title_separator
duplicate_comment_id
embed_html
embed_oembed_discover
embed_site_title_html
embed_template
embed_thumbnail_image_shape
embed_thumbnail_image_size
enclosure_links
expiration_of_site_transient_{$transient}
expiration_of_transient_{$transient}
export_wp_filename
feed_links_show_comments_feed
feed_links_show_posts_feed
found_comments_query
get_header_image_tag
get_page_of_comment
get_page_uri
get_post_status
get_role_list
get_sample_permalink
get_terms_defaults
get_{$adjacent}_post_excluded_terms
hidden_columns
illegal_user_logins
image_get_intermediate_size
insert_user_meta
max_srcset_image_width
mejs_settings
nav_menu_item_args
nav_menu_item_title
navigation_markup_template
network_admin_plugin_action_links
network_admin_plugin_action_links_{$plugin_file}
notify_moderator
notify_post_author
oembed_discovery_links
oembed_endpoint_url
oembed_min_max_width
oembed_response_data
old_slug_redirect_url
plugin_action_links
plugin_action_links_{$plugin_file}
post_edit_category_parent_dropdown_args
post_embed_url
postmeta_form_keys
pre_delete_post
pre_get_document_title
pre_get_lastpostmodified
register_post_type_args
register_taxonomy_args
respond_link
rest_url
rest_url_prefix
screen_options_show_submit
show_network_active_plugins
signup_get_available_languages
subdirectory_reserved_names
submenu_file
taxonomy_labels_{$taxonomy}
the_category_list
the_excerpt_embed
update_right_now_text
user_profile_picture_description
users_list_table_query_args
view_mode_post_types
wp_calculate_image_sizes
wp_calculate_image_srcset
wp_dropdown_users_args
wp_http_ixr_client_headers
wp_post_revision_title_expanded
wp_prepare_revision_for_js
wp_theme_editor_filetypes
xmlrpc_chunk_parsing_size
*) mod_ssl: for all ssl_engine_vars.c lookups, fall back to master connection
if conn_rec itself holds no valid SSLConnRec*. Fixes 58666.
*) mod_http2: connection level window for flow control is set to protocol
maximum of 2GB-1, preventing window exhaustion when sending data on many
streams with higher cumulative window size.
Reducing write frequency unless push promises need to be flushed.
*) mod_http2: required minimum version of libnghttp2 is 1.2.1
*) mod_proxy_fdpass: Fix AH01153 error when using the default configuration.
In earlier version of httpd, you can explicitelly set the 'flusher' parameter
to 'flush' as a workaround. (i.e. flusher=flush)
Add documentation for the 'flusher' parameter when defining a proxy worker.
*) mod_ssl: For the "SSLStaplingReturnResponderErrors off" case, make sure
to only staple responses with certificate status "good".
*) mod_http2: new directive 'H2PushPriority' to allow priority specifications
on server pushed streams according to their content-type.
*) mod_http2: fixes crash on connection abort for a busy connection.
fixes crash on a request that did not produce any response.
*) mod_http2: trailers are sent after reponse body if set in request_rec
trailers_out before the end-of-request bucket is sent through the
output filters.
*) mod_http2: incoming trailers (headers after request body) are properly
forwarded to the processing engine.
*) mod_http2: new directive 'H2Push' to en-/disable HTTP/2 server
pushes a server/virtual host. Pushes are initiated by the presence
of 'Link:' headers with relation 'preload' on a response.
*) mod_http2: write performance of http2 improved for larger resources,
especially static files.
*) core: if the first HTTP/1.1 request on a connection goes to a server that
prefers different protocols, these protocols are announced in a Upgrade:
header on the response, mentioning the preferred protocols.
*) mod_http2: new directives 'H2TLSWarmUpSize' and 'H2TLSCoolDownSecs'
to control TLS record sizes during connection lifetime.
*) mod_http2: new directive 'H2ModernTLSOnly' to enforce security
requirements of RFC 7540 on TLS connections.
*) core: add ap_get_protocol_upgrades() to retrieve the list of protocols
that a client could possibly upgrade to. Use in first request on a
connection to announce protocol choices.
*) mod_http2: reworked deallocation on connection shutdown and worker
abort. Separate parent pool for all workers. worker threads are joined
on planned worker shutdown.
*) mod_ssl: when receiving requests for other virtual hosts than the handshake
server, the SSL parameters are checked for equality. With equal
configuration, requests are passed for processing. Any change will trigger
the old behaviour of "421 Misdirected Request".
SSL now remembers the cipher suite that was used for the last handshake.
This is compared against for any vhost/directory cipher specification.
Detailed examination of renegotiation is only done when these do not
match.
Renegotiation is 403ed when a master connection is present. Exact reason
is given additionally in a request note.
*) core: Fix scoreboard crash (SIGBUS) on hardware requiring strict 64bit
alignment (SPARC64, PPC64).
*) mod_cache: Accept HT (Horizontal Tab) when parsing cache related header
fields as described in RFC7230.
*) core/util_script: making REDIRECT_URL a full URL is now opt-in
via new 'QualifyRedirectURL' directive.
*) core: Limit to ten the number of tolerated empty lines between request,
and consume them before the pipelining check to avoid possible response
delay when reading the next request without flushing.
*) mod_ssl: Extend expression parser registration to support ssl variables
in any expression using mod_rewrite syntax "%{SSL:VARNAME}" or function
syntax "ssl(VARNAME)".
This release fixes heap-use-after-free bug in idle stream handling code. We strongly recommend to upgrade the older installation to this latest version as soon as possible. Other than that we have minor polish up in libnghttp2 code base, and some new features to asio library, and h2load.
Upstream changes:
MediaWiki 1.26.2
This is a maintenance release of the MediaWiki 1.26 branch.
Changes since 1.26.1
(bug T121892) Various special pages resulted in fatal errors.
* Remove databases/php-mysql dependency, it is not used
Changelog:
Version 8.2.2 December 22 2015
Sharing improvements
Passing an empty base in this diagnosis call will not result in LDAP errors
Send sharing link to more than one recipient
Cannot share at all when share with link is disabled globally
Delete share hotspot not wide enough
Can't access a shared folder on external storage
Fix S2S error handling, making WebDAV work and get rid of undeletable files
Files/folders created while the users group was included in 'Exclude groups from sharing' cannot be shared even if the group is removed from the excluded groups.
"unshare" action should be called "unshare" in the action menu and not "delete"
Fix shared files of deleted users, detect DN change when checking for existence on LDAP
Etag isn't propagated to the root of the share owner if the file is uploaded to a group reshare
Empty etag after moving shared file into a commonly received share
The ajax code path unshares a link share when updating the password
Other fixes
MySQL file socket not working during initial setup
Multiple PUT requests to new DAV backend results in locked file
Dont output paths in scan.php
Activity oracle sql error for favorites
Check the expiration date for null
Stray locks not being cleaned: server replied: Locked
Login attributes tab. Other attributes combobox does not keep the selection if the users click away
Fix trashbin wrapper when no user is logged in
Handle non existing files in version previews
Properly preserve home folder naming enforcement setting
User details not saved unless click Enter
User management: Password change error display behavior
Add listener for URL change and then close the PDF viewer - files_pdfviewer
Remove white area below pdf viewer on public page - files_pdfviewer
Unable to move /srv/http/owncloud/_oc-upgrade/8.2.1.4/core/resources to /srv/http/owncloud/resources - updater
Fix minification quirks - updater
Accessibility Bug for 8.2 UI
Several UI improvements
Security improvements
Many small improvements
Version 8.2.1 November 18 2015
Sharing improvements:
Show path to file in error message about sharing with owner
Replaced error numbers with details in the sharing error message
Fix pagination on public link share page
Deal with NoUserException in sharing code
Fix cannot change share info after switching sections
Fix changing expiration date of shared link breaks password
Various other fixes
Performance improvements:
Optimize multiple shared locks for a single process
Don't lock if we're only reading cache metadata
Escape like parameter in cache operations
Storage improvements:
Improve dealing with Dropbox and Google Drive
Moving files makes them disappear (SWIFT object store)
Transactional file locking database backend warning is only shown when there is another warning.
Don't lock /$user/files
Include the final update in the transaction when moving a folder in the cache
WebDAV MOVE on a non existing file results in Internal Server Error #20069
Catch all exception if table doesn't exist #19884#19893
Various other objectstore fixes
Usability and UI:
Made error message about file not found more specific in federated sharing
Improved CSS, fonts, text color on various buttons, login screen, menu and settings
Hide strength indication after password change and hide notifications after time-out or on delete
Fixes to inconsistent language and translation support, show language code for unknown languages
Fix icons for share/public folders, fix spinner positions in share tab
Close user menu when clicking on other menus
Sidebar fixes and hiding sidebar for trashbin view
Move alt text for favorite action to image
Sidebar should not open, when renaming a file on mobile
Do not register sidebar panels when no sidebar
Update process: state which step we are going to start and warn if it might be slow
User Management and LDAP fixes:
LDAP fixes for quota, user mapper, initial user creation and connectivity
Fix group admin settings, group assignment when group name is a number
Enable proper CardDAV cookie authentication
Documentation, reliability and stability fixes:
Expose syslog tag in the configuration
Update list of deprecated methods (documentation)
Fixes to text editor
Fixes to activity app
Create several repair steps in update process to clean up shares
Update certificate bundle
Fix multiple issues for IE 8 and 9
Memcache warning with memcached
Fix File versioning with encryption
Update the unencrypted size for versions
Fix mtime PROPPATCH to be "lastmodified" instead of "getlastmodified"
Make sure that remote shares use the correct uid casing
Variables don't have a class, so we can't use toString() on it
Use IRequest's `getScriptName` functionality instead of $_SERVER
Don't trigger the scroll event of every single item we filter in the file list
Changelog:
Tomcat 8.0.30 (markt)
Catalina
Fix: 34319: Only load those keys in StoreBase.processExpire from JDBCStore, that are old enough, to be expired. Based on a patch by Tom Anderson. (fschumacher)
Add: 56917: As per RFC7231 (HTTP/1.1), allow HTTP/1.1 and later redirects to use relative URIs. This is controlled by a new attribute useRelativeRedirects on the Context and defaults to true. (markt)
Fix: 58629: Allow an embedded Tomcat instance to start when the Service has no Engine configured. (markt)
Fix: 58635: Enable break points to be set within agent code when running Tomcat with a Java agent. Based on a patch by Huxing Zhang. (markt)
Fix: 58660: Correct a regression in 8.0.29 caused by the change that moved the redirection for context roots from the Mapper to the Default Servlet. (markt)
Fix: Fixed potential NPE in HostConfig while deploying an application. Issue reported by coverity scan. (violetagg)
Fix: 58655: Fix an IllegalStateException when calling HttpServletResponse.sendRedirect() with the RemoteIpFilter. This was caused by trying to correctly generate the absolute URI for the redirect. With the fix for 56917, redirects may now be relative making the sendRedirect() implementation for the RemoteIpFilter much simpler. This also addresses issues where the redirect may not have behaved as expected when redirecting from http to https to from https to http. (markt)
Fix: 58657: Exceptions in a Servlet 3.1 ReadListener or WriteListener do not need to be immediately fatal to the connection. Allow an error response to be written. (markt)
Coyote
Fix: Improve upgrade context classloader handling by using Context.bind and unbind. (remm)
Jasper
Fix: 57136#c25: Change default value of quoteAttributeEL setting in Jasper to be true for better compatibility with other implementations and older versions of Tomcat (8.0.26/7.0.64 and earlier). Add command line option -no-quoteAttributeEL in JspC. (kkolinko)
Cluster
Fix: Fix potential integer overflow in DeltaSession. Reported by coverity scan. (fschumacher)
WebSocket
Add: 55006: The WebSocket client now honors the java.net.java.net.ProxySelector configuration (using the HTTP type) when establishing WebSocket connections to servers. Based on a patch by Niki Dokovski. (markt)
Fix: 58624: Correct a thread safety issue that meant that blocking message writes could block indefinitely if the WebSocket connection was closed while a message write was in progress. (markt)
Web Applications
Fix: 58631: Correct the continuation character use in the Windows Service How-To page of the documentation web application. (markt)
Tribes
Fix: Ensure that the static member is registered to the add suspect list even if the static member that is registered to the remove suspect list has disappeared. (kfujino)
Fix: Correct the warning log of when the member that is not registered in the membership is detected. (kfujino)
Fix: When using a static cluster, add the members that have been cached in the membership service to the map members list in order to ensure that the map member is a static member. (kfujino)
jdbc-pool
Fix: Correct evaluation of system property org.apache.tomcat.jdbc.pool.onlyAttemptCurrentClassLoader. It was basically ignored before. Reported by coverity scan. (fschumacher)
Fix: Fix potential integer overflow in ConnectionPool and PooledConnection. Reported by coverity scan. (fschumacher)
Other
Update: Update optional Checkstyle library to 6.13. (kkolinko)
2015-11-24 Tomcat 8.0.29 (markt)
General
Update: 58596: Clarify the description in RUNNING.txt of how environment variables are used. (markt)
Catalina
Add: Extend the fix for 57136 to provide a JSP Servlet initialisation parameter per web application that controls whether or not EL in JSP attributes is processed as if it uses JSP attribute quoting. By default, EL does not use JSP attribute quoting. (markt)
Fix: 57799: InputStream.available() was causing an IO operation to occur even in blocking mode, which caused problems with NIO2. (remm)
Add: Extend the fix for 58228 to include ServletContext.getRealPath(). (markt)
Add: 58486: Protect against two further possible memory leaks associated with XML parsing. (markt)
Fix: 58490: Fixed NPE thrown when scanning for javax.servlet.ServletContainerInitializer in case the web application is not extracted. (violetagg)
Code: 58497: Make AbstractHttp11Processor easy to extend. (markt)
Fix: 58508: Escape role names when generating associated MBeans in case the role name contains characters not permitted in an MBean name. (markt)
Fix: 58518: Correct a regression in the fix for 56777 that added support for URIs in config file locations. File paths on Windows could previously be specified with \ or / as the separator. 56777 broke that. (markt)
Fix: 58519: Fix ISE thrown by web application classloader in some error conditions due to trying to call initCause() on a ClassNotFoundException which is not permitted. (markt)
Fix: 58534: Removed repeated conditional tests in o.a.tomcat.websocket.pojo.PojoMethodMapping and o.a.tomcat.util.net.AprEndpoint Patch provided by Anthony Whitford. (violetagg)
Fix: 58535: Use Collections.reverseOrder when a reverse ordering is needed. (violetagg)
Fix: 58537, 58546: Some of the inner classes in o.a.catalina.valves.ExtendedAccessLogValve and o.a.tomcat.util.net.SecureNio2Channel are made static. Patch provided by Anthony Whitford. (violetagg)
Fix: 58540: Removed unused code from o.a.catalina.connector.Request. Patch provided by Anthony Whitford. (violetagg)
Fix: 58541, 58544: It is more efficient to call Integer.toString(int) instead of Integer.valueOf(int).toString() when only a string representation of a primitive is needed. Based on a patch provided by Anthony Whitford. (violetagg)
Fix: 58541, 58547: It is more efficient to call valueOf(...) instead of Number constructor. Based on a patch provided by Anthony Whitford. (violetagg)
Fix: 58545: In some use cases it is more efficient to use Map.entrySet() instead of Map.keySet() Based on a patch provided by Anthony Whitford. (violetagg)
Fix: Ensure that ServletRequest.getContentLengthLong is used instead of ServletRequest.getContentLength for servlets and valves provided by Tomcat. The API is available since Servlet specification 3.1. (violetagg)
Add: Add a new RestCsrfPreventionFilter that provides basic CSRF protection for REST APIs. (violetagg)
Fix: 58578: Avoid NPE accessing cookies during access logging for request that had no context mapping. (remm)
error page fails, fall back to the standard error page rather than throwing an NPE. Based on a patch by Huxing Zhang. (markt)
Fix: 58582: Combined realm should perform background processing on its sub-realms. Based upon a patch provided by Aidan. (schn additional check that a client provided session ID is in use in at least one other web application before allowing it to be used as the ID for a new session in the current web application. (markt)
Add: Add support for DIGEST authentication to the JN
Fix: Ensure that in an embedded Tomcat the logging configuration is not lost during garbage collection. (violetagg)
Add: Move the functionality that provides redirects for context roots and directories where a trailing / is added from the Mapper to the DefaultServlet. This enables such requests to be processed by any configured Valves and Filters before the redirect is made. This behaviour is configurable via the mapperContextRootRedirectEnabled and mapperDirectoryRedirectEnabled attributes of the Context which may be used to restore the previous behaviour. (markt)
Coyote
Fix: Cancel pending blocking IO operation following a timeout in the NIO2 connector. (remm)
Fix: Add instance manager support for upgrade handlers, and set context class loader. (remm)
Update: Synchronize OpenSSL to JSSE cipher mapping to recent OpenSSL changes. In particular, TLSv1.0 is now an alias for those ciphers that require TLSv1 and will not work with SSLv3. TLSv1 remains an alias for SSLv3. (markt)
Jasper
Add: Deprecate the STRICT_QUOTE_ESCAPING system property and replace it with an initialisation parameter for the JSP Servlet. This enables per web application control of this configuration setting. (markt)
Cluster
Fix: Optimize the session lock range in DeltaManager.requestCompleted. (kfujino)
Fix: Enable an explicit configuration of local member in the static cluster membership. (kfujino)
Tribes
Code: Distinguish the handling of the shutdown payload and member verification clearly. When handling shutdown payload, verification completion message is not required. (kfujino)
Fix: When starting the StaticMembershipInterceptor, StaticMembershipInterceptor checks the required Interceptors. If the required Interceptor does not exist, it issues warning logs. (kfujino)
WebSocket
Fix: Use instance manager for server endpoint instances. (remm)
Web applications
Add: Make it clear in the documentation for the CGI servlet that the debug page is not considered secure and should not be used in production. (markt)
Fix: The domain attribute of StaticMember is not required but optional. (kfujino)
jdbc-pool
Fix: 58489: Correct QueryStatsComparator to hold up the general contract for Comparator. (fschumacher)
Fix: When creating a QueryStats object, ensure that maxQueries is checked. If maxQueries is a value less than or equal to 0, QueryStats are never created. (kfujino)
Other
Update: Update optional Checkstyle library to 6.12.1. (kkolinko)
Add: Add support for creating a FindBugs report when building Tomcat. It is disabled by default. (violetagg)
2015-10-12 Tomcat 8.0.28 (markt)
Catalina
Add: Add support for the custom classpath protocol in URLs. It an be used anywhere Tomcat accepts a URL for a configuration parameter. (markt)
Fix: 56777: Allow file based configuration resources (user database, certificate revocation lists, keystores and trust stores) to be configured using URLs as well as files. (markt)
Fix: Perform null-checking on input and stored credentials in all Realms before passing credentials off to CredentialHandlers for matching. (schultz)
Coyote
Update: Add the new ciphers from RFC6655 and RFC7251 to the OpenSSL to JSSE cipher mapping. (markt)
Update: Remove DES, RC2 and RC4 from DEFAULT for the OpenSSL to JSSE cipher mapping to align with the OpenSSL development branch. (markt)
Jasper
Fix: Improve the error message when JSP parser encounters an error parsing an attribute value. (markt)
Web applications
Update: 58474: Provide a reference to the differences between CATALINA_HOME and CATALINA_BASE in the sample application that is part of the documentation web application. (markt)
Extras
Fix: Ensure JULI adapters does not include the LogFactoryImpl class. Patch provided by Benjamin Gandon. (markt)
2015-10-01 Tomcat 8.0.27 (markt)
Catalina
Fix: 58187: Correct a regression in the fix for 57765 that meant that deployment of web applications deployed via the Manager application was delayed until the next execution of the automatic deployment background process. (markt)
Fix: 58284: Correctly implement session serialization so non-serializable attributes are skipped with a warning. Patch provided by Andrew Shore. (markt)
Fix: 58313: Fix concurrent access of encoders map when clearing encoders prior to switch to async. (markt)
Fix: 58320: Fix concurrent access of request attributes which is possible during asynchronous processing. (markt)
Fix: 58352: Always trigger a thread dump if Tomcat fails to stop gracefully from catalina.sh even if using -force. Patch provided by Alexandre Garnier. (markt)
Fix: 58368: Fix a rare data race in the code that obtains the ApplicationFilterFactory instance. (markt)
Fix: 58369: Fix a rare data race in the code that obtains the CookieProcessor for a StandardContext instance. (markt)
Fix: Ensure the JAASRealm uses the configured CredentialHandler. (markt)
Fix: 58372: Fix rare data races closed and suspended flags that could be triggered by async and/or comet processing. (markt)
Fix: 58373: Fix rare data race with the application event listeners for StandardContext. (markt)
Fix: 58374: Fix a rare data race in the AsyncContext implementation for access to the internal Tomcat request object to which it holds a reference. (markt)
Fix: 58380: Fix two rare data races in the standard session implementation on the flag that tracks if the session is new and on the field that tracks the maximum inactive period. (markt)
Fix: 58385: Fix a rare data race in the internal flag Tomcat uses to keep track of whether or not a request is being used for Comet processing. (markt)
Fix: 58394: Fix a rare data race in Mapper when adding or removing a host. (markt)
Fix: 58398: Fix a rare data race in LifecycleSupport. (markt)
Fix: 58412: Ensure that the AsyncFileHandler has the source class and method name available for logging. (fschumacher)
Fix: 58416: Correctly detect when a forced stop fails to stop Tomcat because the Tomcat process is waiting on some system call or is uninterruptible. (markt)
Fix: 58436: Fix some rare data races in JULI's ClassLoaderLogManager during shutdown. (markt)
Fix: 58845: Fix off-by one error in calculation of valid characters in a cookie domain. Patch provided by Thorsten Ehlers. (markt)
Coyote
Fix: Correct some edge cases in RequestUtil.normalize(). (markt)
Fix: 58275: The IBM JREs accept cipher suite names starting with TLS_ or SSL_ but when listing the supported cipher suites only the SSL_ version is reported. This can break Tomcat's check that at least one requested cipher suite is supported. Tomcat now includes a work-around so either form of the cipher suite name can be used when running on an IBM JRE. (markt)
Fix: 58357: For reasons not currently understood when the APR/native connector is used with OpenSSL reads can return an error code when there is no apparent error. This was work-around for HTTP upgrade connections by treating this as EAGAIN. The same fix has now been applied to the standard HTTP connector. (markt)
Code: Minor clean-up in NIO2 SSL handshake code to address some theoretical concurrency issues. (markt)
Fix: 58367: Fix a rare data race in the code that obtains the reason phrase for a given HTTP response code. (markt)
Fix: 58370: Fix a rare data race in the connector shutdown code. (markt)
Fix: 58371: Fix a rare data race when accessing request URI in String form when switching from non-async to async due to early triggering of the gathering of request statistics. (markt)
Fix: 58375: Fix a rare data race on the internal flag Tomcat uses to mark a response as committed. (markt)
Fix: 58377: Fix a rare data race on the internal flag Tomcat uses to mark a request as using HTTP keep-alive when switching to asynchronous processing. (markt)
Fix: 58379: Fix a rare data race on the internal reference Tomcat retains to the socket when switching to asynchronous processing. (markt)
Fix: 58387: Fix a rare data race when closing Comet connections. (markt)
Fix: 58388: Fix a data race when determining if Comet processing is occurring on a container or non-container thread. (markt)
Fix: 58389: Fix a rare data race while shutting down the thread pools on Connector stop. (markt)
Code: Clean up use of error flag on socket wrapper prompted by 58390. (markt)
Code: Remove some unnecessary code from the NIO Poller and fix 58396 as a side-effect. (markt)
Fix: 57799: Remove useless sendfile check for NIO SSL. (remm)
Jasper
Fix: 57136: Correct a regression in the previous fix for this issue. \${ should only be an escape for ${ within an EL expression. Within a JSP page \$ should be an escape for $. The EL specification applies when parsing the expression delimited by ${ and }. Parsing of the delimiting ${ and } is the responsibility of the JSP specification. (markt)
Fix: 58296: Fix a memory leak in the JSP unloading feature that meant that using a value other than -1 for maxLoadedJsps triggered a memory leak once the limit was reached. (markt)
Fix: 58327: Cache the expression string for value expression literals since it is frequently used and may be expensive to evaluate. Patch provided by Andreas Kohn. (markt)
Fix: 58340: Improve error reporting for tag files packaged in JARs. (markt)
Fix: 58424: When parsing TLD files, allow whitespace around boolean configuration values. (schultz)
Fix: Fix a possible resource leak reported by coverity scan. (fschumacher)
Fix: 58427: Enforce the JSP specification defined limitations of which elements are allowed in an implicit.tld file. (markt)
Fix: 58444: Ensure that JSPs work with any custom base class that meets the requirements defined in the JSP specification without requiring that base class to implement Tomcat specific code. (markt)
Cluster
Fix: Fix a default clusterListeners in SimpleTcpCluster. The optimal default value is different for each session manager. ClusterSessionListener is never used in BackupManager. (kfujino)
Fix: Correct log messages in case of using BackupManager. (kfujino)
WebSocket
Fix: 58342: Fix a copy and paste error that meant MessageHandler removal could fail for binary and pong MessageHandlers. Patch provided by DJ. (markt)
Fix: Data races detected by RV-Predict, mostly caused by completion handlers running in separate threads. (markt)
Fix: 58414: Correctly handle sending zero length messages when using per message deflate. (markt)
Web applications
Fix: Correct documentation for cluster-howto. (kfujino)
Fix: Add missing documentation for property alwaysAddExpires for the LegacyCookieProcessor. (markt)
Tribes
Add: Add support for configurations of ChannelListener and MembershipListener in server.xml. (kfujino)
Fix: Correct log messages in case of using ReplicatedMap. (kfujino)
Fix: 58381: Fix a rare data race in the NioReceiver. (markt)
Fix: 58382: Fix multiple rare data races in the default membership implementation. (markt)
Fix: 58383: Fix a data race in SenderState. (markt)
Fix: 58386: Fix a data race in ObjectReader. (markt)
Fix: 58391: Fix multiple data races in NonBlockingCoordinator, most of which were associated with ensuring that log messages contained the correct information. (markt)
Fix: 58392: Fix a data race in DomainFilterInterceptor. (markt)
Fix: 58393: Fix a data race on the listener in McastService. (markt)
Fix: 58395: Fix multiple data races in MemberImpl that were likely to cause issues if certain properties were updated concurrently (such updates are unlikely in normal usage). (markt)
Code: Remove some unnecessary code from PooledParallelSender and fix 58397. (markt)
jdbc-pool
Fix: Make sure the pool has been properly configured when attributes that related to the pool size are changed via JMX. (kfujino)
Other
Fix: Ensure logging works for all tests in a class rather than just the first one executed. (markt)
Add: 58344: Add build properties to enable tests to be executed against alternative binaries. Based on a patch by Petr Sumbera. (markt)
Changelog:
Tomcat 7.0.67 (violetagg)
Catalina
add 56917: As per RFC7231 (HTTP/1.1), allow HTTP/1.1 and later redirects to use relative URIs. This is controlled by a new attribute useRelativeRedirects on the Context and defaults to true. (markt)
fix 58660: Correct a regression in 7.0.66 caused by the change that moved the redirection for context roots from the Mapper to the Default Servlet. (markt)
fix Fixed potential NPE in HostConfig while deploying an application. Issue reported by coverity scan. (violetagg)
fix 58655: Fix an IllegalStateException when calling HttpServletResponse.sendRedirect() with the RemoteIpFilter. This was caused by trying to correctly generate the absolute URI for the redirect. With the fix for 56917, redirects may now be relative making the sendRedirect() implementation for the RemoteIpFilter much simpler. This also addresses issues where the redirect may not have behaved as expected when redirecting from http to https to from https to http. (markt)
WebSocket
fix 58658: Correct a regression in 7.0.66 that prevented Tomcat from starting on Java 6 unless the WebSocket JARs (that require Java 7) were removed. (markt)
Web Applications
add Add a description of the default value of heartbeatSleeptime attribute and optionCheck attribute in the cluster channel docs. (kfujino)
Tribes
fix Fix potential NPE in AbstractReplicatedMap.breakdown(). (kfujino)
Tomcat 7.0.66 (violetagg) not released
General
update 58596: Clarify the description in RUNNING.txt of how environment variables are used. (markt)
Catalina
fix 34319: Only load those keys in StoreBase.processExpire from JDBCStore, that are old enough, to be expired. Based on a patch by Tom Anderson. (fschumacher)
fix 56777: Allow file based configuration resources (user database, certificate revocation lists, keystores and trust stores) to be configured using URLs as well as files. Back-port provided by Huxing Zhang. (markt/violetagg)
add 57741: Enable the CGI servlet to use the standard error page mechanism. Note that if the CGI servlet's debug init parameter is set to 10 or higher then the standard error page mechanism will be bypassed and a debug response generated by the CGI servlet will be returned instead. (markt)
add 58486: Protect against two further possible memory leaks associated with XML parsing. (markt)
code 58497: Make AbstractHttp11Processor easy to extend. (markt)
fix 58508: Escape role names when generating associated MBeans in case the role name contains characters not permitted in an MBean name. (markt)
fix 58522: Fixed concurrency issue when iterating web application's resources. (violetagg)
fix 58534: Removed repeated conditional tests in o.a.tomcat.websocket.pojo.PojoMethodMapping and o.a.tomcat.util.net.AprEndpoint Patch provided by Anthony Whitford. (violetagg)
fix 58535: Use Collections.reverseOrder when a reverse ordering is needed. (violetagg)
fix 58537: Some of the inner classes in o.a.catalina.valves.ExtendedAccessLogValve are made static. Patch provided by Anthony Whitford. (violetagg)
fix 58540: Removed unused code from o.a.catalina.connector.Request. Patch provided by Anthony Whitford. (violetagg)
fix 58541, 58544: It is more efficient to call Integer.toString(int) instead of Integer.valueOf(int).toString() when only a string representation of a primitive is needed. Based on a patch provided by Anthony Whitford. (violetagg)
fix 58541, 58547: It is more efficient to call valueOf(...) instead of Number constructor. Based on a patch provided by Anthony Whitford. (violetagg)
fix 58545: In some use cases it is more efficient to use Map.entrySet() instead of Map.keySet() Based on a patch provided by Anthony Whitford. (violetagg)
add Add a new RestCsrfPreventionFilter that provides basic CSRF protection for REST APIs. (violetagg)
fix 58581: If a custom error page fails, fall back to the standard error page rather than throwing an NPE. Based on a patch by Huxing Zhang. (markt)
fix 58582: Combined realm should perform background processing on its sub-realms. Based upon a patch provided by Aidan. (kkolinko)
fix Handle the unlikely case where different versions of a web application are deployed with different session settings. (markt)
add Add a new Context option, enabled by default, that enables an additional check that a client provided session ID is in use in at least one other web application before allowing it to be used as the ID for a new session in the current web application. (markt)
add Add support for DIGEST authentication to the JNDIRealm. Based on a patch by Alexis Hassler. (markt)
fix 58603: Ensure that HttpServletRequest.getRequestURL() returns the correct value when using the RemoteIpFilter. (markt)
fix Ensure that in an embedded Tomcat the logging configuration is not lost during garbage collection. (violetagg)
add Move the functionality that provides redirects for context roots and directories where a trailing / is added from the Mapper to the DefaultServlet. This enables such requests to be processed by any configured Valves and Filters before the redirect is made. This behaviour is configurable via the mapperContextRootRedirectEnabled and mapperDirectoryRedirectEnabled attributes of the Context which may be used to restore the previous behaviour. (markt)
fix 58635: Enable break points to be set within agent code when running Tomcat with a Java agent. Based on a patch by Huxing Zhang. (markt)
Jasper
fix 57136#c25: Implement a setting that controls what quoting rule is used when parsing EL expressions in attributes on a JSP page (chapter JSP.1.6 of specification). The setting name is quoteAttributeEL and it is configured as initialisation parameter of JSP Servlet (per web application configuration is possible) and as a command line option for JspC. The default value was changed to true, which restores behaviour implemented in Tomcat 7.0.64. It means that attribute quoting is applied on top of EL quoting. This provides better compatibility with older versions of Tomcat and other implementations. (kkolinko)
Cluster
fix Optimize the session lock range in DeltaManager.requestCompleted. (kfujino)
fix Enable an explicit configuration of local member in the static cluster membership. (kfujino)
fix Fix potential integer overflow in DeltaSession. Reported by coverity scan. (fschumacher)
Tribes
code Distinguish the handling of the shutdown payload and member verification clearly. When handling shutdown payload, verification completion message is not required. (kfujino)
fix When starting the StaticMembershipInterceptor, StaticMembershipInterceptor checks the required Interceptors. If the required Interceptor does not exist, it issues warning logs. (kfujino)
fix Ensure that the static member is registered to the add suspect list even if the static member that is registered to the remove suspect list has disappeared. (kfujino)
fix Correct the warning log of when the member that is not registered in the membership is detected. (kfujino)
fix When using a static cluster, add the members that have been cached in the membership service to the map members list in order to ensure that the map member is a static member. (kfujino)
WebSocket
fix Use instance manager for server endpoint instances. (remm)
add 55006: The WebSocket client now honors the java.net.java.net.ProxySelector configuration (using the HTTP type) when establishing WebSocket connections to servers. Based on a patch by Niki Dokovski. (markt)
fix 58624: Correct a thread safety issue that meant that blocking message writes could block indefinitely if the WebSocket connection was closed while a message write was in progress. (markt)
Web applications
add Make it clear in the documentation for the CGI servlet that the debug page is not considered secure and should not be used in production. (markt)
fix The domain attribute of StaticMember is not required but optional. (kfujino)
fix 58631: Correct the continuation character use in the Windows Service How-To page of the documentation web application. (markt)
jdbc-pool
fix 58489: Correct QueryStatsComparator to hold up the general contract for Comparator. (fschumacher)
fix When creating a QueryStats object, ensure that maxQueries is checked. If maxQueries is a value less than or equal to 0, QueryStats are never created. (kfujino)
fix Fix potential integer overflow in ConnectionPool and PooledConnection. Reported by coverity scan. (fschumacher)
Tomcat 7.0.65 (violetagg) released 2015-10-19
Catalina
add 57681: Add a web application class loader implementation that supports the parallel loading of web application classes. Use of this feature requires a Java 7 or later JRE. Based on a patch by Huxing Zhang. (markt)
fix 58187: Correct a regression in the fix for 57765 that meant that deployment of web applications deployed via the Manager application was delayed until the next execution of the automatic deployment background process. (markt)
fix 58284: Correctly implement session serialization so non-serializable attributes are skipped with a warning. Patch provided by Andrew Shore. (markt)
fix 58313: Fix concurrent access of encoders map when clearing encoders prior to switch to async. (markt)
fix 58320: Fix concurrent access of request attributes which is possible during asynchronous processing. (markt)
code In preparation for implementing enhancement 57681, replace the use of the StandardClassLoader with URLClassLoader. This removes the server class loader from JMX. (markt)
fix 58352: Always trigger a thread dump if Tomcat fails to stop gracefully from catalina.sh even if using -force. Patch provided by Alexandre Garnier. (markt)
fix 58416: Correctly detect when a forced stop fails to stop Tomcat because the Tomcat process is waiting on some system call or is uninterruptible. (markt)
fix 58436: Fix some rare data races in JULI's ClassLoaderLogManager during shutdown. (markt)
Coyote
fix Correct some edge cases in RequestUtil.normalize(). (markt)
fix 58275: The IBM JREs accept cipher suite names starting with TLS_ or SSL_ but when listing the supported cipher suites only the SSL_ version is reported. This can break Tomcat's check that at least one requested cipher suite is supported. Tomcat now includes a work-around so either form of the cipher suite name can be used when running on an IBM JRE. (markt)
fix 58357: For reasons not currently understood when the APR/native connector is used with OpenSSL reads can return an error code when there is no apparent error. This was work-around for HTTP upgrade connections by treating this as EAGAIN. The same fix has now been applied to the standard HTTP connector. (markt)
fix 57799: Remove useless sendfile check for NIO SSL. (remm)
Jasper
fix 57136: Correct a regression in the previous fix for this issue. \${ should only be an escape for ${ within an EL expression. Within a JSP page \$ should be an escape for $. The EL specification applies when parsing the expression delimited by ${ and }. Parsing of the delimiting ${ and } is the responsibility of the JSP specification. (markt)
fix 58296: Fix a memory leak in the JSP unloading feature that meant that using a value other than -1 for maxLoadedJsps triggered a memory leak once the limit was reached. (markt)
fix 58340: Improve error reporting for tag files packaged in JARs. (markt)
fix 58444: Ensure that JSPs work with any custom base class that meets the requirements defined in the JSP specification without requiring that base class to implement Tomcat specific code. (markt)
Cluster
fix Fix a default clusterListeners in SimpleTcpCluster. The optimal default value is different for each session manager. ClusterSessionListener is never used in BackupManager. (kfujino)
fix Correct log messages in case of using BackupManager. (kfujino)
WebSocket
fix 58342: Fix a copy and paste error that meant MessageHandler removal could fail for binary and pong MessageHandlers. Patch provided by DJ. (markt)
fix 58414: Correctly handle sending zero length messages when using per message deflate. (markt)
Web applications
fix Correct documentation for cluster-howto. (kfujino)
Extras
fix Ensure JULI adapters does not include the LogFactoryImpl class. Patch provided by Benjamin Gandon. (markt)
Tribes
add Add support for configurations of ChannelListener and MembershipListener in server.xml. (kfujino)
fix Correct log messages in case of using ReplicatedMap. (kfujino)
jdbc-pool
fix Make sure the pool has been properly configured when attributes that related to the pool size are changed via JMX. (kfujino)
Upstream changes:
MediaWiki 1.26.1
This is a security and bug fix release of the MediaWiki 1.26 branch.
Changes since 1.26
(bug T117899) SECURITY: $wgArticlePath can no longer be set to relative paths that do not begin with a slash. This enabled trivial XSS attacks. Configuration values such as "http://my.wiki.com/wiki/$1" are fine, as are "/wiki/$1". A value such as "$1" or "wiki/$1" is not and will now throw an error
(bug T119309) SECURITY: Use hash_compare() for edit token comparison
(bug T118032) SECURITY: Don't allow cURL to interpret POST parameters starting with '@' as file uploads
(bug T115522) SECURITY: Passwords generated by User::randomPassword() can no longer be shorter than $wgMinimalPasswordLength
(bug T97897) SECURITY: Improve IP parsing and trimming. Previous behavior could result in improper blocks being issued
(bug T109724) SECURITY: Special:MyPage, Special:MyTalk, Special:MyContributions and related pages no longer use HTTP redirects and are now redirected by MediaWiki
Fixed ConfigException in ExpandTemplates due to AlwaysUseTidy.
Fixed stray literal \n in Special:Search.
Fix issue that breaks HHVM Repo Authorative mode.
(bug T120267) Work around APCu memory corruption bug
Changelog:
Fixed Various security fixes
Fixed Improved stability with Java (1221448)
Fixed in Firefox ESR 38.5
2015-149 Cross-site reading attack through data and view-source URIs
2015-147 Integer underflow and buffer overflow processing MP4 metadata in libstagefright
2015-146 Integer overflow in MP4 playback in 64-bit versions
2015-145 Underflow through code inspection
2015-139 Integer overflow allocating extremely large textures
2015-138 Use-after-free in WebRTC when datachannel is used after being destroyed
2015-134 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
Changelog:
New Private Browsing with Tracking Protection offers choice of blocking additional trackers
New Improved API support for m4v video playback
New Firefox 64-bit for Windows is now available via the Firefox download page
New Users can choose search suggestions from the Awesome Bar
New On-screen keyboard displayed on selecting input field on devices running Windows 8 or greater
New Firefox Health Report has switched to use the same data collection mechanism as telemetry
Developer Markup view shows indicators for pseudo-classes locked for elements
Developer Bind F1 key to open the settings when the toolbox is focused
Developer New 'Use in Console' context menu item in Inspector to store selected element in a temporary variable
Developer Search button next to overridden CSS properties to find similar properties in the rules view
Developer Ability to filter styles from their property names in the rules view
Developer Stack traces are now shown for exceptions inside the console
Developer Added ability to display server-side logs in the console
Developer Ability to choose resolution for the GCLI screenshot command
Developer Subresource integrity allows developers to make their sites more secure
Developer Network requests in Console now link to Network panel instead of opening in a popup
Developer Unprefixed 'hyphens' property is now supported
Developer WebIDE now has a sidebar-based UI
Developer The 'transform-origin' property is now supported on SVG elements
Developer Animation inspector now displays animations in a timeline
Developer Single-process mode is no longer supported for NPAPI plugins
Fixed Eyedropper tool does not work as expected when page is zoomed
Fixed Various security fixes
Fixed in Firefox 43
2015-149 Cross-site reading attack through data and view-source URIs
2015-148 Privilege escalation vulnerabilities in WebExtension APIs
2015-147 Integer underflow and buffer overflow processing MP4 metadata in libstagefright
2015-146 Integer overflow in MP4 playback in 64-bit versions
2015-145 Underflow through code inspection
2015-144 Buffer overflows found through code inspection
2015-143 Linux file chooser crashes on malformed images due to flaws in Jasper library
2015-142 DOS due to malformed frames in HTTP/2
2015-141 Hash in data URI is incorrectly parsed
2015-140 Cross-origin information leak through web workers error events
2015-139 Integer overflow allocating extremely large textures
2015-138 Use-after-free in WebRTC when datachannel is used after being destroyed
2015-137 Firefox allows for control characters to be set in cookies
2015-136 Same-origin policy violation using perfomance.getEntries and history navigation
2015-135 Crash with JavaScript variable assignment with unboxed objects
2015-134 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
which got reverted in the 0.11.2 update, despite being documented
in the log:
> Due to a change in packaging the docs themes are currently excluded
> from the pypi distribution, breaking the -docs package. Issue
> ``#761`` should address this upstream; we'll being using GitHub as
> the master site for the time being.
(Also, when touching the base package, make sure the -docs package
still builds. Makefile.common quite visibly mentions it.)
Bump PKGREVISION, and temporarily invent a DIST_SUBDIR so the
different distfile gets picked up until the next update.
Jetty provides a Web server and javax.servlet container, plus support for
HTTP/2, WebSocket, OSGi, JMX, JNDI, JAAS and many other integrations. These
components are open source and available for commercial use and distribution.
This package builds on the existing www/jetty7 package which is retained for
users of that maintenance release, simplifies the packaging, and adds SMF
support.
# Liquid Version History
## 3.0.5 / 2015-07-23 / branch "3-0-stable"
* Fix test failure under certain timezones [Dylan Thacker-Smith]
## 3.0.4 / 2015-07-17
* Fix chained access to multi-dimensional hashes [Florian Weingarten]
## 3.0.3 / 2015-05-28
* Fix condition parse order in strict mode (#569) [Justin Li, pushrax]
## 3.0.2 / 2015-04-24
* Expose VariableLookup private members (#551) [Justin Li, pushrax]
* Documentation fixes
## 3.0.1 / 2015-01-23
* Remove duplicate `index0` key in TableRow tag (#502) [Alfred Xing]
## 3.0.0 / 2014-11-12
* Removed Block#end_tag. Instead, override parse with `super` followed by your code. See #446 [Dylan Thacker-Smith, dylanahsmith]
* Fixed condition with wrong data types, see #423 [Bogdan Gusiev]
* Add url_encode to standard filters, see #421 [Derrick Reimer, djreimer]
* Add uniq to standard filters [Florian Weingarten, fw42]
* Add exception_handler feature, see #397 and #254 [Bogdan Gusiev, bogdan and Florian Weingarten, fw42]
* Optimize variable parsing to avoid repeated regex evaluation during template rendering #383 [Jason Hiltz-Laforge, jasonhl]
* Optimize checking for block interrupts to reduce object allocation #380 [Jason Hiltz-Laforge, jasonhl]
* Properly set context rethrow_errors on render! #349 [Thierry Joyal, tjoyal]
* Fix broken rendering of variables which are equal to false, see #345 [Florian Weingarten, fw42]
* Remove ActionView template handler [Dylan Thacker-Smith, dylanahsmith]
* Freeze lots of string literals for new Ruby 2.1 optimization, see #297 [Florian Weingarten, fw42]
* Allow newlines in tags and variables, see #324 [Dylan Thacker-Smith, dylanahsmith]
* Tag#parse is called after initialize, which now takes options instead of tokens as the 3rd argument. See #321 [Dylan Thacker-Smith, dylanahsmith]
* Raise `Liquid::ArgumentError` instead of `::ArgumentError` when filter has wrong number of arguments #309 [Bogdan Gusiev, bogdan]
* Add a to_s default for liquid drops, see #306 [Adam Doeler, releod]
* Add strip, lstrip, and rstrip to standard filters [Florian Weingarten, fw42]
* Make if, for & case tags return complete and consistent nodelists, see #250 [Nick Jones, dntj]
* Prevent arbitrary method invocation on condition objects, see #274 [Dylan Thacker-Smith, dylanahsmith]
* Don't call to_sym when creating conditions for security reasons, see #273 [Bouke van der Bijl, bouk]
* Fix resource counting bug with respond_to?(:length), see #263 [Florian Weingarten, fw42]
* Allow specifying custom patterns for template filenames, see #284 [Andrei Gladkyi, agladkyi]
* Allow drops to optimize loading a slice of elements, see #282 [Tom Burns, boourns]
* Support for passing variables to snippets in subdirs, see #271 [Joost Hietbrink, joost]
* Add a class cache to avoid runtime extend calls, see #249 [James Tucker, raggi]
* Remove some legacy Ruby 1.8 compatibility code, see #276 [Florian Weingarten, fw42]
* Add default filter to standard filters, see #267 [Derrick Reimer, djreimer]
* Add optional strict parsing and warn parsing, see #235 [Tristan Hume, trishume]
* Add I18n syntax error translation, see #241 [Simon Hørup Eskildsen, Sirupsen]
* Make sort filter work on enumerable drops, see #239 [Florian Weingarten, fw42]
* Fix clashing method names in enumerable drops, see #238 [Florian Weingarten, fw42]
* Make map filter work on enumerable drops, see #233 [Florian Weingarten, fw42]
* Improved whitespace stripping for blank blocks, related to #216 [Florian Weingarten, fw42]
## 2.6.3 / 2015-07-23 / branch "2-6-stable"
* Fix test failure under certain timezones [Dylan Thacker-Smith]
## 1.4.0 / 2015-12-01
* Allow `noscript` fallback to be disabled (#29)
* Use Octokit to fetch Gist content when passed `JEKYLL_GITHUB_TOKEN`
in env(#28)
## 1.3.5 / 2015-10-23
* Fix encoding error for `noscript` code (#23)
* Test against Jekyll 3, 2, and the github-pages gem (#19)
=== unicorn 5.0.0.pre2 - another prerelease! / 2015-07-06 21:37 UTC
There is a minor TCP socket options are now applied to inherited
sockets, and we have native support for inheriting sockets from
systemd (by emulating the sd_listen_fds(3) function).
Dynamic changes in the application to Rack::Utils::HTTP_STATUS
codes is now supported, so you can use your own custom status
lines.
Ruby 2.2 and later is now favored for performance.
Optimizations by using constants which made sense in earlier
versions of Ruby are gone: so users of old Ruby versions
will see performance regressions. Ruby 2.2 users should
see the same or better performance, and we have less code
as a result.
* doc: update some invalid URLs
* apply TCP socket options on inherited sockets
* reflect changes in Rack::Utils::HTTP_STATUS_CODES
* reduce constants and optimize for Ruby 2.2
* http_response: reduce size of multi-line header path
* emulate sd_listen_fds for systemd support
* test/unit/test_response.rb: compatibility with older test-unit
This also includes all changes in unicorn 5.0.0.pre1:
http://bogomips.org/unicorn-public/m/20150615225652.GA16164@dcvr.yhbt.net.html
=== unicorn 5.0.0.pre1 - incompatible changes! / 2015-06-15 22:49 UTC
This release finally drops Ruby 1.8 support and requires Ruby 1.9.3
or later. The horrible "Status:" header in our HTTP response is
finally gone, saving at least 16 precious bytes in every single HTTP
response.
Under Ruby 2.1 and later, the monotonic clock is used for timeout
handling for better accuracy.
Several experimental, unused and undocumented features are removed.
There's also tiny, minor performance and memory improvements from
dropping 1.8 compatibility, but probably nothing noticeable on a
typical real-life (bloated) app.
The biggest performance improvement we made was to our website by
switching to olddoc. Depending on connection speed, latency, and
renderer performance, it typically loads two to four times faster.
Finally, for the billionth time: unicorn must never be exposed
to slow clients, as it will never ever use new-fangled things
like non-blocking socket I/O, threads, epoll or kqueue. unicorn
must be used with a fully-buffering reverse proxy such as nginx
for slow clients.
* ISSUES: update with mailing list subscription
* GIT-VERSION-GEN: start 5.0.0 development
* http: remove xftrust options
* FAQ: add entry for Rails autoflush_log
* dev: remove isolate dependency
* unicorn.gemspec: depend on test-unit 3.0
* http_response: remove Status: header
* remove RubyForge and Freecode references
* remove mongrel.rubyforge.org references
* http: remove the keepalive requests limit
* http: reduce parser from 72 to 56 bytes on 64-bit
* examples: add run_once to before_fork hook example
* worker: remove old tmp accessor
* http_server: save 450+ bytes of memory on x86-64
* t/t0002-parser-error.sh: relax test for rack 1.6.0
* remove SSL support
* tmpio: drop the "size" method
* switch docs + website to olddoc
* README: clarify/reduce references to unicorn_rails
* gemspec: fixup olddoc migration
* use the monotonic clock under Ruby 2.1+
* http: -Wshorten-64-to-32 warnings on clang
* remove old inetd+git examples and exec_cgi
* http: standalone require + reduction in binary size
* GNUmakefile: fix clean gem build + reduce build cruft
* socket_helper: reduce constant lookups and caching
* remove 1.8, <= 1.9.1 fallback for missing IO#autoclose=
* favor IO#close_on_exec= over fcntl in 1.9+
* use require_relative to reduce syscalls at startup
* doc: update support status for Ruby versions
* fix uninstalled testing and reduce require paths
* test_socket_helper: do not depend on SO_REUSEPORT
* favor "a.b(&:c)" form over "a.b { |x| x.c }"
* ISSUES: add section for bugs in other projects
* http_server: favor ivars over constants
* explain 11 byte magic number for self-pipe
* const: drop constants used by Rainbows!
* reduce and localize constant string use
* Links: mark Rainbows! as historical, reference yahns
* save about 200 bytes of memory on x86-64
* http: remove deprecated reset method
* http: remove experimental dechunk! method
* socket_helper: update comments
* doc: document UNICORN_FD in manpage
* doc: document Etc.nprocessors for worker_processes
* favor more string literals for cold call sites
* tee_input: support for Rack::TempfileReaper middleware
* support TempfileReaper in deployment and development envs
* favor kgio_wait_readable for single FD over select
* Merge tag 'v4.9.0'
* http_request: support rack.hijack by default
* avoid extra allocation for hijack proc creation
* FAQ: add note about ECONNRESET errors from bodies
* process SIGWINCH unless stdin is a TTY
* ISSUES: discourage HTML mail strongly, welcome nyms
* http: use rb_hash_clear in Ruby 2.0+
* http_response: avoid special-casing for Rack < 1.5
* www: install NEWS.atom.xml properly
* http_server: remove a few more accessors and constants
* http_response: simplify regular expression
* move the socket into Rack env for hijacking
* http: move response_start_sent into the C ext
* FAQ: reorder bit on Rack 1.1.x and Rails 2.3.x
* ensure body is closed during hijack
3.4.20 (09 December 2015)
* Fix a bug with the rounding changes from 3.4.14 and 3.4.15 where some
negative numbers would incorrectly be rounded up instead of down.
* Better compression for :nth pseudoselectors with subtraction. Issue #1650
* Add support for the new supports() clause for CSS @import directives.
* Rounding numbers now respects Sass’s precision setting for numbers very
close to half an integer.
* Add support for the q unit, representing one quarter of a millimeter.
* Mitigate a race condition when multiple threads are using the same
Sass::Plugin object at once.
* In compressed mode, numbers between -1 and 1 now have the leading 0 omitted.
* Source maps now include source ranges for comments.
Deprecation – Must Read!
Certain ways of using #{} without quotes in property and variable values have
been deprecated in order to simplify the feature.
Currently, #{} behaves unpredictably. If it’s used near operators, it will
cause those operators to become part of an unquoted string instead of having
their normal meaning. This isn’t an especially useful feature, and it makes
it hard to reason about some code that includes #{}, so we’re getting rid of
it.
In the new world, #{} just returns an unquoted string that acts like any other
unquoted string. For example, foo + #{$var} will now do the same thing as foo
+ $var, instead of doing the same thing as unquote("foo + #{$var}").
In order to ease the transition, Sass will now emit deprecation warnings for
all uses of #{} that will change behavior in 4.0. We don’t anticipate many
warnings to appear in practice, and you can fix most of them automatically by
running sass-convert --in-place on the affected files.
For more details, see the blog post on the deprecation and the GitHub issue in
which it was planned.
## 1.5.0
* only catch StandardError and not Exception
## 1.4.3
* After overriding the REQUEST_METHOD, store the original request method in "rack.methodoverride.original_method"
## 1.4.1
* Ignore invalid Expires date as per RFC
## 1.4.0
* Not invalidating the cache for preflight CORS request
## 1.3.1 / October 2015
* Support Ruby 1.9
## 1.3 / Octorber 2015
* Ruby 2.0 only
* Gracefully degrade when cache store goes offline
* allow_reload/revalidate is not enabled by default
* Make Rack::Cache multithread friendly
Welcome to Mustermann. Mustermann is your personal string matching expert.
As an expert in the field of strings and patterns, Mustermann keeps its
runtime dependencies to a minimum and is fully covered with specs and
documentation.
Given a string pattern, Mustermann will turn it into an object that behaves
like a regular expression and has comparable performance characteristics.
[105060c | 2015-10-28 17:15:55 UTC] Michael Fellinger <m.fellinger@gmail.com>
* update dependencies and gem setup
[cde6b36 | 2013-10-16 14:59:44 UTC] Patrik Rak <patrik@raxoft.cz>
* Use correct session class in Current.setup.
Current.setup should honor the passed in arguments even for session.
Faraday 0.9.2
Adapters:
* Enable gzip compression for httpclient
* Fixes default certificate store for httpclient not having default paths.
* Make excon adapter compatible with 0.44 excon version
* Add compatibility with Patron 0.4.20
* Determine default port numbers in Net::HTTP adapters (Addressable
compatibility)
* em-http: wrap "connection closed by server" as ConnectionFailed type
* Wrap Errno::ETIMEDOUT in Faraday::Error::TimeoutError
Utils:
* Add Rack-compatible support for parsing a[][b]=c nested queries
* Encode nil values in queries different than empty strings. Before: a=; now:
a.
* Have Faraday::Utils::Headers#replace clear internal key cache
* Dup the internal key cache when a Headers hash is copied
Env and middleware:
* Ensure env stored on middleware response has reference to the response
* Ensure that Response properties are initialized during on_complete (VCR
compatibility)
* Copy request options in Faraday::Connection#dup
* Env custom members should be copied by Env.from(env)
* Honour per-request request.options.params_encoder
* Fix interval_randomness data type for Retry middleware
* Add maximum interval option for Retry middleware
2.3.3a (2015-11-18)
-------------------
Bug fixes
- expanded mail folders list is not saved (#3386)
- cleanup translations
2.3.3 (2015-11-11)
------------------
New features
- initial S/MIME support for EAS (#3327)
- now possible to choose which folders to sync over EAS
Enhancements
- we no longer always entirely rewrite messages for Outlook 2013 when using EAS
- support for ghosted elements on contacts over EAS
- added Macedonian (mk_MK) translation - thanks to Miroslav Jovanovic
- added Portuguese (pt) translation - thanks to Eduardo Crispim
Bug fixes
- numerous EAS fixes when connections are dropped before the EAS client receives the response (#3058, #2849)
- correctly handle the References header over EAS (#3365)
- make sure English is always used when generating Date headers using EAS (#3356)
- don't escape quoted strings during versit generation
- we now return all cards when we receive an empty addressbook-query REPORT
- avoid crash when replying to a mail with no recipients (#3359)
- inline images sent from SOGo webmail are not displayed in Mozilla Thunderbird (#3271)
- prevent postal address showing on single line over EAS (#2614)
- display missing events when printing working hours only
- fix corner case making server crash when syncing hard deleted messages when clear offline items was set up (Zentyal)
- avoid infinite Outlook client loops trying to set read flag when it is already set (Zentyal)
- avoid crashing when calendar metadata is missing in the cache (Zentyal)
- fix recurrence pattern event corner case created by Mozilla Thunderbird which made server crash (Zentyal)
- fix corner case that removes attachments on sending messages from Outlook (Zentyal)
- freebusy on web interface works again in multidomain environments (Zentyal)
- fix double creation of folders in Outlook when the folder name starts with a digit (Zentyal)
- avoid crashing Outlook after setting a custom view in a calendar folder (Zentyal)
- handle emails having an attachment as their content
- fixed JavaScript syntax error in attendees editor
- fixed wrong comparison of meta vs. META tag in HTML mails
- fixed popup menu position when moved to the left (#3381)
- fixed dialog position when at the bottom of the window (#2646, #3378)
- fixed addressbrook-only source entires having a c_uid set
pkgsrc change:
* Prefix PKGNAME with ${PHP_PKG_PREFIX}.
* Now depends on php-mysqli instead of php-mysql.
* Now allow all pkgsrc's PHP versions.
December 9, 2015 (2.1.1)
------------
- [Security] Log parameters for 404 errors & make filtering in 404.log work like in error.log [Dirk]
- [Security] Removed the code used for File Manager demos and tests shipped with WideImage to prevent an XSS [Mystralkk]
- [Security] Updated File Manager to version 2.2.0 (fixed security issue with file upload check) [Mystralkk]
- [Security] Configuration string input sanitizing overhaul. Now can be config option specific by
adding sanitize rule in config validation file. Default is now all strings are stripped of tags [Tom]
- [Update] CKEditor to version 4.5.4 [Dengen]
- [Update] jQuery to version 1.11.3 and jQuery UI to version 1.11.4. jQuery Timepicker Addon updated [Tom] [Dengen]
- [Update] OAuth class to version 1.141 [Tom]
- [Feature] Integrated the UIkit framework version 2.24.0 into Geeklog [Dengen]
- [Feature] Denim theme now uses UIkit [Dengen]
- [Feature] Added first part of developer mode which adds extra error logging for any template errors
- [Feature] Plugins can now include default templates and css files along with ones for different themes
Plugins template and css files can be included with themes. Plugins template files can now have
a function.php file to control what javascript is loaded [Tom]
- [Feature] Schema.org article, author, and Breadcrumb markup added to Denim and Modern Curve themes [Tom]
- [Feature] Poll plugin bar graphs now based on percentage and supports responsive themes [Tom]
- [Feature] Useful feature template class [Tom]
- [Feature] Allow xmlSiteMap Plugin to Ping Search Engines when new content is Added [Mystralkk]
- [Feature] XMLSitemap Plugin - Add dedicated API [Mystralkk]
- [Feature] Change default admin page to index.php from moderation.php [Dengen]
- [Feature] Search form part of the theme is not accessible. [Dengen]
- [Feature] Localization of message "Unfortunately, an error has occurred rendering this page." [Mystralkk]
- [Feature] Add Pagination with rel=next and rel=prev [Tom]
- [Bug] Added email check to Com_mail to prevent plugins from sending email to users who don't have an address (Oauth users) [Tom]
- [Bug] Cached Articles Sometimes do not Display on website [Tom]
- [Bug] Current LDAP module doesn't work properly - new Simple_LDAP Authentication provided [Mystralkk]
- [Bug] Duplicate Blocks [Mystralkk]
- [Bug] Remove hardcoded checks for TLD in domain names [Mystralkk]
- [Bug] Geeklog Does Not Accept .website TLD [Mystralkk]
- [Bug] Install script Migrate option needs to handle cookiesecure config value [Dirk]
- [Bug] Hidden config option 'search_use_fulltext' can be found using search in Configuration [Dengen]
- [Bug] Errors while editing blocks reset all options [Dengen]
- [Bug] The administrator is forced to be an input of the user password in the Edit User screen [Dengen]
- [Bug] Wrong permissions with articles submitted by guest users [Dengen]
- [Bug] Declaration of dc: namespace missing from RSS and RDF feeds [Mystralkk]
- [Bug] Missing blank in feed headers [Dirk]
Contao 4.1 is second minor release of Contao 4, which has incompatible API
from Contao 3.
* Now Contao is Symfony bundle.
* Contao 4 dose not use .htaccess files for protexting directory.
* DocumentRoot is "web" subdirecotry.
* XHTML support has gone, HTML5 only.
* Schema.org markup support.
Currently, no extension repository support yet.
Upstream changes:
---
Ruby-GNOME2 3.0.7
http://ruby-gnome2.osdn.jp/hiki.cgi?News_20151006_1
It is a bug fix release of 3.0.6.
Changes
Ruby/GLib2
* Fixes
+ Fixed a bug that `xxx_yyy` enum name isn't accepted.
[ruby-gnome2-devel-en][Reported by Detlef Reichl]
+ Fixed a bug that internal Ruby API is used. [ruby-gnome2-devel-en]
[Reported by Detlef Reichl]
Ruby/GTK3
* Improvements
+ Added backward compatibility API to Gtk::TreeView#insert_column.
[ruby-gnome2-devel-en][Reported by Detlef Reichl]
Thanks
* Detlef Reichl
---
Ruby-GNOME2 3.0.6
http://ruby-gnome2.osdn.jp/hiki.cgi?News_20151004_1
It is a bug fix release of 3.0.5.
Changes
Ruby/GLib2
* Improvements
+ Supported GLib.format_size on 32bit. [GitHub#565][Reported by Mamoru
TASAKA]
+ Supported GLib.format_size_for_display on 32bit. [GitHub#565][Reported
by Mamoru TASAKA]
+ Added GLib::Version.or_later??. [GitHub#570][Patch by cedlemo]
Ruby/GObjectIntrospection
* Improvements
+ Added GObjectIntrospection::Version.or_later?. [GitHub#572][Patch by
cedlemo]
+ Supported GSList for filename. [ruby-gnome2-devel-en][Reported by
Stefan Salewski]
Ruby/GIO2
* Improvements
+ Added Gio::Version.or_later?. [GitHub#571][Patch by cedlemo]
+ Made Gio::APplicationCommandLine#attributes Rubyish.
Ruby/Pango
* Improvements
+ Added Pango::Version.or_later??. [GitHub#576][Patch by cedlemo]
Ruby/GTK2
* Improvements
+ Added Gtk::Version.or_later??. [GitHub#574][Patch by cedlemo]
Ruby/GTK3
* Improvements
+ Supported Gtk::CellLayout#set_cell_data_func. [ruby-gnome2-devel-en]
[Reported by Stefan Salewski]
+ Supported Gtk::Container#add with child properties.
[ruby-gnome2-devel-en][Reported by Stefan Salewski]
+ Added Gtk::StockItem#[]? for backward compatibility.
[ruby-gnome2-devel-en][Reported by Stefan Salewski]
+ Added Gtk::IconSize::IconSize for backward compatibility.
[ruby-gnome2-devel-en][Reported by Stefan Salewski]
+ Supported marking cell renderers in Gtk::CellLayout for GC.
[ruby-gnome2-devel-en][Reported by Stefan Salewski]
+ Supported nil for Gtk::TreeIter#set_value.
+ Supported marking columns in Gtk::TreeView for GC.
[ruby-gnome2-devel-en][Reported by Stefan Salewski]
+ Updated tutorial samples. [GitHub#567][GitHub#568][GitHub#587][Patch by
cedlemo]
+ Supported marking records in Gtk::TreeModel for GC.
[ruby-gnome2-devel-en][Reported by Stefan Salewski]
+ Started updating gtk-demo with Gtk::Application?. [GitHub#583][GitHub#
586][GitHub#588][Patch by cedlemo]
+ Supported option style API by Gtk::Builder#add.
+ Supported :object_ids by Gtk::Builder#add. [GitHub#585][Patch by
cedlemo]
+ Added backward compatible API to Gtk.show_uri.
Ruby/GStreamer
* Improvements
+ Added Gst::Version.or_later??. [GitHub#573][Patch by cedlemo]
Ruby/Poppler
* Improvements
+ Added Poppler::Version.or_later??. [GitHub#577][Patch by cedlemo]
Ruby/RSVG2
* Improvements
+ Added RSVG::Version.or_later??. [GitHub#578][Patch by cedlemo]
Ruby/VTE3
* Improvements
+ Stopped to run tests for old VTE with new VTE. [GitHub#566][Reported by
Mamoru TASAKA]
Ruby/WebKitGTK
* Improvements
+ Added WebKitGtk::Version.or_later??.
Thanks
* Stefan Salewski
* Mamoru TASAKA
* cedlemo
---
Ruby-GNOME2 3.0.5
http://sourceforge.net/projects/ruby-gnome2/files/ruby-gnome2/ruby-gnome2-3.0.5/
It is a bug fix release for mikutter.
Changes
Ruby/GTK2
* Fixes
+ Fixed a bug that g_object_ref_sink() isn't called for instance of
type_registered class.
[http://dev.mikutter.hachune.net/issues/771#note-3]
[Reported by toshi_a]
Thanks
* toshi_a
---
Ruby-GNOME2 3.0.4
http://ruby-gnome2.osdn.jp/hiki.cgi?News_20150922_1
Posted by kou on 2015-09-22 (Tue) 05:40:57
It is a build fix release for 32bit Windows.
Changes
All
* Improvements
+ Supported auto native package installation on Arch Linux. [GitHub#553]
[GitHub#563] [Patch by lilole]
Ruby/GObjctIntrospection
* Fixes
+ 32bit Windows: Fixed strut field accessors access wrong address.
Ruby/ATK
* Improvements
+ Added Atk::Version.or_later? [GitHub#552] [Patch by cedlemo]
Ruby/GdkPixbuf2
* Improvements
+ Added Gdk::Pixbuf::Version.or_later??. [GitHub#561] [Patch by cedlemo]
Ruby/GDK3
* Improvements
+ Supported GTK+ 3.17.9. [GitHub#558] [Reported by Mamoru TASAKA]
Ruby/GTK3
* Improvements
+ Updated examples. [GitHub#550] [Patch by cedlemo]
Ruby/ClutterGstreamer
* Improvements
+ Added ClutterGst.load_version.
+ Added ClutterGst.load_version=.
+ Added ClutterGst::Version.or_later??. [GitHub#556] [Patch by cedlemo]
Thanks
* cedlemo
* lilole
* Mamoru TASAKA
---
Ruby-GNOME2 3.0.3
http://ruby-gnome2.osdn.jp/hiki.cgi?News_20150913_1
It is a compatibility improvement release of 3.0.2.
Changes
All
* Improvements
+ Removed test-unit-notify gem from development dependencies. [GitHub#
547] [Patch by cedlemo]
Ruby/GObjectIntrospection
* Improvements
+ Supported GObjectIntrospection::Repository.prepend_search_path.
+ Supported GObjectIntrospection::Repository.search_path.
+ Windows: Supported requiring library after one
GObjectIntrospection::Loader#load. [GitHub#546] [Reported by Abby
Archer]
Ruby/GTK3
* Improvements
+ Supported Gtk::IconSize.lookup. [GitHub#544] [Reported by Masafumi
Yokoyama]
+ Supported size name as argument of Gtk::Widget#render_icon_pixbuf.
[GitHub#544] [Reported by Masafumi Yokoyama]
+ Supported Gio::Icon in Gtk::IconTheme#lookup_icon. [GitHub#544]
[Reported by Masafumi Yokoyama]
+ Supported Gtk::TreeModel#iter_parent.
+ Supported Gtk::TreeIter#parent.
+ Updated examples. [GitHub#548] [Patch by cedlemo]
* Fixes
+ Fixed a bug that Gtk::Widget.bind_template_child is required. [GitHub#
549] [Reported by cedlemo]
+ Fixed a bug that default x_option and y_option values of Gtk::Table#
attach is wrong. [GitHub#546] [Reported by Abby Archer]
+ Windows: Fixed a bug that Ruby/RSVG2 isn't required automatically.
[GitHub#546] [Reported by Abby Archer]
Thanks
* Masafumi Yokoyama
* cedlemo
* Abby Archer
---
Ruby-GNOME2 3.0.2
http://ruby-gnome2.osdn.jp/hiki.cgi?News_20150913_1
It is a compatibility improvement release of 3.0.1.
Changes
Ruby/GObjectIntrospection
* Improvements
+ Supported void pointer. [GitHub#540] [Reported by Abby Archer]
+ Added GObjectIntrospection::Loader.instantiate_gobject_pointer.
Ruby/GDK3
* Improvements
+ Supported Gdk::Window#user_data. [GitHub#540] [Reported by Abby Archer]
+ compatibility: Cairo::Context#set_source_rgba accepts nil as alpha
value. [GitHub#540] [Reported by Abby Archer]
+ compatibility: Added fallback feature for deprecated
Gdk::EventScroll::Direction.
+ Windows: Added hicolor-icon-theme as fallback theme.
Ruby/GTK3
* Improvements
+ compatibility: Gtk::Window#icon= accepts icon file name. [GitHub#540]
[Reported by Abby Archer]
+ compatibility: Gtk::Dialog#add_button accepts Symbol as response ID.
[GitHub#540] [Reported by Abby Archer]
+ Deprecated Gtk::ColorSelectionDialog.
+ compatibility: Added fallback feature for deprecated
Gtk::TextTag::WrapMode.
+ compatibility: Added fallback feature for deprecated Gtk::TextBuffer#
insert(iter, target, *tags) usage.
+ compatibility: Added fallback feature for deprecated
Gtk::ButtonBox::Style.
+ compatibility: Added fallback feature for deprecated
Gtk::MessageDialog::ButtonsType.
+ compatibility: Supported creating an empty image by Gtk::Image.new.
+ compatibility: Added fallback feature for deprecated
Gtk::ImageMenuItem.new usage.
+ Supported Gtk::TreeIter#next!.
+ Supported Gtk::TreeModel#get_value.
+ compatibility: Added fallback feature for deprecated
Gtk::Alignment::Align.
+ compatibility: Added fallback feature for deprecated Gtk::Widget#
get_size_request.
+ compatibility: Added fallback feature for deprecated Gtk::Table.new.
+ compatibility: Added fallback feature for deprecated Gtk::Table#
column_spaces.
+ compatibility: Added fallback feature for deprecated Gtk::Table#
column_spaces=.
+ compatibility: Added fallback feature for deprecated Gtk::Table#attach.
+ compatibility: Added fallback feature for deprecated
Gtk::ToggleButton.new.
+ Windows: Added missing Ruby/RSVG2 dependency.
+ compatibility: Added fallback feature for deprecated Gtk::Container#
each_forall.
+ Supported nil as size for Gtk::Image.new.
+ compatibility: Added fallback feature for deprecated Gtk::Image.new
(pixbuf).
+ compatibility: Added fallback feature for deprecated
Gtk::Toolbar::Style.
+ Supported Rubyish Gtk::CheckMenuItem.new.
* Fixes
+ Fixed samples. [GitHub#536][GitHub#541] [Patch by cedlemo] [GitHub#540]
[Reported by Abby Archer]
+ Fixed a bug that Gtk::Calendar#date returns 0-11 range month value.
Ruby/RSVG2
* Improvements
+ Windows: Added missing Ruby/Pango dependency.
+ Windows: Updated loaders.cache for gdk-pixbuf automatically.
Ruby/GStreamer
* Improvements
+ compatibility: Gst::TypeFindFactory#extensions always returns Array.
Thanks
* cedlemo
* Abby Archer
---
Ruby-GNOME2 3.0.1
http://ruby-gnome2.osdn.jp/hiki.cgi?News_20150911_1
It is a bug fix release of 3.0.0.
Changes
Ruby/GLib2
* Fixes
+ Windows: Fixed a bug that large number flag value isn't usable. [GitHub
#538] [Reported by Abby Archer]
Ruby/GTK3
* Improvements
+ Updated tutorials. [GitHub#534][GitHub#537] [Patch by cedlemo]
Ruby/VTE3
* Improvements
+ Added Vte::Version.or_later??. [GitHub#535] [Patch by cedlemo]
Thanks
* cedlemo
* Abby Archer
---
Ruby-GNOME2 3.0.0
http://ruby-gnome2.osdn.jp/hiki.cgi?News_20150910_1
It is a GTK+ 3.16 support release.
To GTK+ 3.16 support, many people helped us. Especially, cedlemo did great
works. Very thanks all!!!
Changes
All
* Improvements
+ Added install instruction for GitHub master branch. [GitHub#425][Patch
by Hiroyuki Sato]
Ruby/GLib2
* Improvements
+ Added new APIs:
o RVAL2GOBJGLIST
o RVAL2GOBJGSLIST
o rbg_rval2glist
o rbg_rval2gslist
o RVAL2CSTR_PTR
o rbg_name_to_nick
o rbgobj_class_init_func
o rbgobj_register_type
+ Changed RVAL2CSTR to return NULL terminated string. If you want to get
raw string that may not be terminated by NULL, use RVAL2CSTR_PTR.
+ Supported Symbol as flag value.
+ Added windows_platform?
+ Supported GLib::Value.new? without value.
+ Supported array of flag value as GLib::Flags.new input.
+ Supported name, nick and GLib::Enum as GLib::Enum.new input.
+ Migrated to Markdown for README markup. [GitHub#484][Patch by prpr_man]
+ Supported GVariantType.
+ Supported GVariant.
+ Supported GBinding. [GitHub#524][Reported by cedlemo]
* Fixes
+ Fixed a bug that GLib.format_size doesn't work 32bit over integer
value. [GitHub#413][Reported by eumario]
Ruby/GObjectIntrospection
* Improvements
+ Supported non GObject struct as return value. [GitHub#286][Reported by
Christopher L. Ramsey]
+ Supported list_XXX method name.
+ Supported freeing GList<GObjet *>.
+ Supported array of struct as input argument.
+ Supported auto native package install on CentOS 7.
+ Supported can_XXX? predicate.
+ Supported the number of array as input argument. [Suggested by John
Cupitt]
+ Supported array of GValue as input argument.
+ Supported array as return value.
+ Supported GClosure as input argument.
+ Supported GSList<GObject *> as input argument.
+ Supported GSList<GObject *> as output argument. [GitHub#324][Reported
by cedlemo]
+ Supported union as input argument.
+ Supported array of guint8 as input argument.
+ Supported array of gint32 as input argument.
+ Supported class methods defined in XXXClass.
+ Supported GList<GBoxed *> as output argument. [GitHub#389][Reported by
eumario]
+ Supported GList<GInterface *> as return value. [GitHub#501][Reported by
Christopher L. Ramsey]
+ Supported GVariant as return value. [GitHub#502][Reported by kitone]
* Fixes
+ Fixed a bug that GList<GObjet *> return type method always returns nil.
+ Fixed a bug that not predicate is treated as predicate.
+ Fixed a bug that self is different.
Ruby/GIO2
* Improvements
+ Supported GAsyncReadyCallback. [GitHub#302][Reported by Christopher L.
Ramsey]
+ Added ActionMap#add_actions.
Ruby/Pango
* Improvements
+ Added Pango::Language#sample_string.
Ruby/GDK3
* Improvements
+ Added backward compatibility APIs. [GitHub#284][Reported by Christopher
L. Ramsey]
+ Added constants in Gdk::Selection. [GitHub#254][Patch by Masafumi
Yokoyama]
+ Added missing deprecations. [GitHub#291][Reported by Michel Boaventura]
+ Added RGBA.parse. [GitHub#295][Reported by carlosjhr64]
+ Supported Gdk::Rectangle. [GitHub#319][Reported by cedlemo]
+ Supported Gdk::Screen#get_setting. [GitHub#376][Reported by cedlemo]
+ Added Gdk::Screen#get_monitor.
* Fixes
+ Fixed a bug that GDK_KEY_XXX raises an error. [ruby-gnome2-devel-en]
[Reported by Detlef Reichl]
Ruby/GTK3
* Improvements
+ Migrated to GObject Introspection based bindings from hand writing
bindings. Now, all the latest API in GTK+ are supported. [Hiroshi
Hatake][Detlef Reichl][cedlemo][John Cupitt] [Masafumi Yokoyama]
[eumario][PeterWAWood][Daiki Ueno]
+ Updated samples. [Patch by cedlemo]
Ruby/GtkSourceView3
* Improvements
+ Migrated to GObject Introspection based bindings from hand writing
bindings. Now, all the latest API in GtkSourceView are supported.
Ruby/VTE3
* Improvements
+ Migrated to GObject Introspection based bindings from hand writing
bindings. Now, all the latest API in VTE are supported. [cedlemo]
Ruby/GStreamer
* Fixes
+ Fixed native package name on CentOS and Fedora.
+ Fixed shebang. [GitHub#507][Patch by Dmitry Marakasov]
Ruby/RSVG2
* Improvements
+ Added :file_name, :data and :flags option to RSVG::Handle.new.
+ Updated a sample. [GitHub#518][Patch by Robert A. Heiler].
* Fixes
+ Fixed a memory leak of RSVG::Handle.new_from_data and
RSVG::Handle.new_from_file. [GitHub#318][Reported by Kagetsuki]
Ruby/Clutter
* Improvements
+ Added Clutter::Version.or_later?.
Ruby/WebKit2GTK
* Improvements
+ Added.
Thanks
* Hiroshi Hatake
* Christopher L. Ramsey
* Masafumi Yokoyama
* cedlemo
* Detlef Reichl
* Kagetsuki
* eumario
* PeterWAWood
* Hiroyuki Sato
* Daiki Ueno
* prpr_mann
* Dmitry Marakasov
---
Graphite consists of a storage backend and a web-based visualization frontend.
Client applications send streams of numeric time-series data to the Graphite
backend (called carbon), where it gets stored in fixed-size database files
similar in design to RRD. The web frontend provides 2 distinct user interfaces
for visualizing this data in graphs as well as a simple URL-based API for
direct graph generation.
Graphite's design is focussed on providing simple interfaces (both to users
and applications), real-time visualization, high-availability, and enterprise
scalability.
See https://github.com/graphite-project/ for more information.
aVS: ----------------------------------------------------------------------
0.15 2015-10-10 15:01:31+01:00 Europe/London
- Minor spelling check avoidance tweaks
- Enforce comments to be well formed, to resolve potential security issue
described in JVN53973084
0.14 2015-04-02 17:20:41+01:00 Europe/London
- Travis integration (thanks to mrcaron)
- Fix some packaging/dist-zilla issues (thanks to mrcaron)
- check for definedness before calling ->parse (github #3 leejo)
- Removed the link to HTML::Sanitizer (github #4 avereha)
- Removed circular reference (github #5 avereha)
- Fixed up dependancies from dzil bundles
- Enforced minimum perl version of 5.8
(0.12 and 0.13 seem to not have been released)
Upstream changes:
1.0039 2015-12-06 03:27:59 PST
[BUG FIXES]
- Revert the change to use the faster header builder because it breaks the legit
Plack::Response constructor that sets HTTP::Header object directly (#541)
1.0038 2015-11-25 12:36:29 PST
[IMPROVEMENTS]
- Added MIME type for apk files #514 (allanwhiteford)
- Allow passing custom formatters to Plack::Middleware::AccessLog #515 (frew)
- Allow '0' be a valid category for log4perl middleware #523
- Doc fix for Plack::Runner #528 (polettix)
- Doc improvements for -R/-M command line #529 (mickeyn)
- Bind test server explicitly on 127.0.0.1, not 0.0.0.0
- Support single-process manager in FCGI #535 (ianburrell)
- Optimize Plack::Response header builder #540 (kazeburo)
Changes:
configure: build silently by default
cookies: Add support for Publix Suffix List with libpsl
vtls: added support for mbedTLS
Added CURLOPT_STREAM_DEPENDS
Added CURLOPT_STREAM_DEPENDS_E
Added CURLOPT_STREAM_WEIGHT
Added CURLFORM_CONTENTLEN
oauth2: Added support for OAUTHBEARER SASL mechanism to IMAP, POP3 and SNMP
Bugfixes:
des: Fix header conditional for Curl_des_set_odd_parity
ntlm: get rid of unconditional use of long long
CURLOPT_CERTINFO.3: fix reference to CURLINFO_CERTINFO
docs: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET
http2: Fix http2_recv to return -1 if recv returned -1
curl_global_init_mem: set function pointers before doing init
ntlm: error out without 64bit support as the code needs it
openssl: Fix set up of pkcs12 certificate verification chain
acinclude: remove PKGCONFIG override
test1531: case the size to fix the test on non-largefile builds
fread_func: move callback pointer from set to state struct
test1601: fix compilation with --enable-debug and --disable-crypto-auth
http2: Don't pass unitialized name+len pairs to nghttp2_submit_request
curlbuild.h: Fix non-configure compiling to mips and sh4 targets
tool: Generate easysrc with last cache linked-list
cmake: Fix for add_subdirectory(curl) use-case
vtls: fix compiler warning for TLS backends without sha256
build: fix for MSDOS/djgpp
checksrc: add crude // detection
http2: on_frame_recv: trust the conn/data input
ftp: allow CURLOPT_IGNORE_CONTENT_LENGTH to ignore size
polarssl/mbedtls: fix name space pollution
build: Fix mingw ssl gdi32 order
build: Fix support for PKG_CONFIG
MacOSX-Framework: sdk regex fix for sdk 10.10 and later
socks: Fix incorrect port numbers in failed connect messages
curl.1: -E: s/private certificate/client certificate
curl.h: s/HTTPPOST_/CURL_HTTPOST_
curl_formadd: support >2GB files on windows
http redirects: %-encode bytes outside of ascii range
rawstr: Speed up Curl_raw_toupper by 40%
curl_ntlm_core: fix 2 curl_off_t constant overflows.
getinfo: CURLINFO_ACTIVESOCKET: fix bad socket value
tftp tests: verify sent options too
imap: Don't call imap_atom() when no mailbox specified in LIST command
imap: Fixed double quote in LIST command when mailbox contains spaces
imap: Don't check for continuation when executing a CUSTOMREQUEST
acinclude: Remove check for 16-bit curl_off_t
BoringSSL: Work with stricter BIO_get_mem_data()
cmake: Add missing feature macros in config header
sasl_sspi: fixed unicode build for digest authentication
sasl_sspi: fix identity memory leak in digest authentication
unit1602: Fixed failure in torture test
unit1603: Added unit tests for hash functions
vtls/openssl: remove unused traces of yassl ifdefs
openssl: remove #ifdefs for < 0.9.7 support
typecheck-gcc.h: add some missing options
curl: mark two more options strings for --libcurl output
openssl: Free modules on cleanup
CURLMOPT_PUSHFUNCTION.3: *_byname() returns only the first header
getconnectinfo: Don't call recv(2) if socket == -1
http2: http_done: don't free already-freed push headers
zsh completion: Preserve single quotes in output
os400: Provide options for libssh2 use in compile scripts.
build: Fix theoretical infinite loops
pop3: Differentiate between success and continuation responses
examples: Fixed compilation warnings
schannel: Use GetVersionEx() when VerifyVersionInfo() isn't available
CURLOPT_HEADERFUNCTION.3: fix typo
curl: expanded the -XHEAD warning text
done: make sure the final progress update is made
build: Install zsh completion
RTSP: do not add if-modified-since without timecondition
curl: Fixed display of URL index in password prompt for --next
nonblock: fix setting non-blocking mode for Amiga
http2 push: add missing inits of new stream
http2: convert some verbose output into debug-only output
Curl_read_plain: clean up ifdefs that break statements
2015-12-15 Release 6.15
(special thanks to Chase Whitener for testing many of these changes out in
6.14_001!)
Graham Knop (1):
- tests now use localhost rather than a net-accessible address (PR#76)
Michael Schwern (1):
- fixed some tests to do what they intended (regex rather than boolean
checks) (from PR#28)
Joe Atzberger (2):
- conversion of some tests from Test.pm to Test::More (from PR#29)
Piotr Roszatycki (1):
- use File::Temp for randomized tempdir (PR#53)
Betamax is a VCR_ imitation for requests. This will make mocking out requests
much easier. It is tested on 'Travis CI'.
Put in a more humorous way: "Betamax records your HTTP interactions so the NSA
does not have to."
Fri Dec 4 13:53:05 CET 2015
Releasing libmicrohttpd 0.9.47. -CG
Thu Dec 3 18:21:44 CET 2015
Reworked VS project files. Used x64 build tools by
default, many optimizations, fixes.
Added project files for VS 2015. -EG
Tue Dec 1 14:05:13 CET 2015
SPDY is dead, killing experimental libmicrospdy. -CG
Tue Dec 1 10:01:12 CET 2015
New logic for controlling socket buffer modes.
Eliminated delay before last packet in response and before
"100 Continue" response on all platforms. Also response
header are pushed to client without waiting for response
body. -EG
Wed Nov 25 17:02:53 CET 2015
Remove 200ms delay observable with keep-alive on Darwin
and *BSD platfroms. -EG
Tue Nov 10 15:25:48 CET 2015
Fix issue with shutdown if connection was resumed just
before shutdown. -FC
* Add missing stub definition for CPU_ISSET
* Fix build errors in cpuafinity.cc
* Bug 4228: links with krb5 libs despite --without options
* Fix delay_parameters documentation
* Stop using dangling pointers for eCAP-set custom HTTP reason phrases.
* Fix status code-based HTTP reason phrase for eCAP-generated messages.
* Revert r13921: Migrate StoreEntry to using MEMPROXY_CLASS
* Fix cache_peer forceddomain= in CONNECT
* TLS: Handshake Problem during Renegotiation
* Docs: Updated stale Ssl text to make the comment match the code again.
* Fix SSL_get_certificate() problem detection
* Polished cache_peer_access and related documentation.
* Bug 4374: refresh_pattern config parser (%)
* Bug 4373: assertion failed: client_side_request.cc:1709: 'calloutContext->redirect_state == REDIRECT_NONE'
* Make FATAL messages have a consistent prefix
Update DEPENDS
Upstream changes:
== MediaWiki 1.26 ==
=== Configuration changes in 1.26 ===
* $wgPasswordResetRoutes['email'] = true by default.
* $wgEnableParserCache was deprecated, set $wgParserCacheType to CACHE_NONE
instead if you want to disable the parser cache.
* New-style continuation is now the default for API action=continue. Clients may
use the 'rawcontinue' parameter to receive raw query-continue data, but the
new style is encouraged as it's harder to implement incorrectly.
* Deprecated API formats dump and wddx have been completely removed.
* (T7645) The "Signature" button on the edit toolbar is now hidden by default
in non-talk namespaces. A new configuration variable,
$wgExtraSignatureNamespaces, controls in which subject (non-talk) namespaces
the "Signature" button on the edit toolbar will be displayed.
* $wgResourceLoaderUseESI was deprecated and removed. This was an experimental
feature that was never enabled by default.
* $wgResourceLoaderExperimentalAsyncLoading was deprecated and removed.
This experimental feature was never enabled by default and is obsolete as of
MediaWiki 1.26, in where ResourceLoader became fully asynchronous.
* $wgMasterWaitTimeout was removed (deprecated in 1.24).
* Fields in ParserOptions are now private. Use the accessors instead.
* Custom LESS functions (defined via $wgResourceLoaderLESSFunctions or
in extension.json) have been removed, after being deprecated in 1.24.
* $wgAlwaysUseTidy has been removed.
* ResetSessionID hook has been removed. Nothing seems to use it.
* Certain AuthPlugin methods are deprecated in favor of new hooks:
** AuthPlugin::initUser() is replaced by LocalUserCreated.
** AuthPlugin::updateUser() is replaced by UserLoggedIn.
** AuthPlugin::updateExternalDB() is replaced by the existing UserSaveSettings.
** AuthPlugin::updateExternalDBGroups() is replaced by UserGroupsChanged.
** AuthPluginUser::isHidden() is replaced by UserIsHidden.
** AuthPluginUser::isLocked() is replaced by UserIsLocked.
* The UserRights hook is deprecated in favor of the new UserGroupsChanged hook.
* AuthPlugin::initUser() and AuthPlugin::updateUser() should no longer replace
the passed User object.
* $wgBlockAllowsUTEdit is now set to true by default. This allows
blocked users to edit their talk pages unless explicitly disabled
when they are being blocked.
=== New features in 1.26 ===
* (T51506) Now action=info gives estimates of actual watchers for a page.
See $wgRCMaxAge, $wgWatchersMaxAge and $wgUnwatchedPageSecret
to learn how to configure if needed.
* Change tags can now be hidden in the interface by disabling the associated
"tag-<id>" interface message.
* ':' (colon) is now invalid in usernames for new accounts. Existing accounts
are not affected.
* Added a new hook, 'LogException', to log exceptions in nonstandard ways.
* Revive the 'SpecialSearchResultsAppend' hook which occurs after the list of
search results are rendered. The initial use case is to append a "give us
feedback" link beneath the search results.
* Added a new hook, 'RejectParserCacheValue', which allows extensions to
reject an otherwise-successful parser cache lookup. The intent is to allow
extensions to manage the eviction of archaic HTML output from the cache.
* (T68699) The expiration of the UserID and Token login cookies
($wgExtendedLoginCookieExpiration) can be configured independently of the
expiration of all other cookies ($wgCookieExpiration).
* (T50519) Support for generating JPEG/PNG thumbnails from WebP images added
if ImageMagick is used as image scaler ($wgUseImageMagick = true). Uploading
of WebP images still disabled by default. Add $wgFileExtensions[] =
'webp'; to LocalSettings.php to enable uploading of WebP images.
* Added new hooks 'EnhancedChangesListModifyLineData' &
'EnhancedChangesListModifyBlockLineData', to modify the data used to build
lines in enhanced recentchanges and watchlist.
* Caches that need purging ability now use the WANObjectCache interface.
This corresponds to a new $wgMainWANCache setting, which defaults to using
the $wgMainCacheType settings.
* Callers needing fast light-weight data stores use $wgMainStash to select
the store type from $wgObjectCaches. The default is the local database.
* Interface message overrides in the MediaWiki namespace will now be cached in
memcached and APC (if available), rather than memcached and local files.
* Added a new hook, 'RandomPageQuery', to allow modification of the query used
by Special:Random to select random pages.
* $wgTransactionalTimeLimit was added, which controls the request time limit
for potentially slow POST requests that need to be as atomic as possible.
* ResourceLoader now loads all scripts asynchronously. The top-queue and
startup modules are no longer synchronously loaded.
* 'mediawiki.ui.button' styles are no longer unconditionally loaded on every
page. During the deprecation period, the styles will only be loaded on pages
which contain 'mw-ui-button' in their HTML. Starting in 1.28, the styles will
only be loaded if explicitly required.
* If search returns zero results and current search engine has a "did you mean"
suggestion, results for suggestion will be shown. Can be disabled by setting
$wgSearchRunSuggestedQuery to false.
* Added several JavaScript libraries for uploading files to MediaWiki
from the client-side. See documentation for mw.Upload and its
subclasses for more information.
* Added OOUI dialogs and layout for file upload interfaces. See
documentation for mw.Upload.Dialog, mw.Upload.BookletLayout and its
subclasses for more information.
== extension.json changes in 1.26 ==
* (T99344) The extension.json schema is now versioned. All extensions
and skins should set a "manifest_version" property corresponding to
the schema version they were written for. The only supported version
currently is "1".
* (T102523) The error message if a non-array attribute is set was improved.
* (T107646) Configuration settings can now specify how they should be merged,
which is necessary for arrays using integer keys.
* (T110389) Adding namespaces through extension.json now actually works
* $wgNamespaceProtection can now be set in extension.json.
* $wgCapitalLinkOverrides can now be set in extension.json.
* (T97186) Extensions using a custom prefix for their configuration settings
can now set a "_prefix" key to override the default of "wg".
* (T99084) Extensions can now specify what MediaWiki core versions they
depend upon.
* (T105236) The extension.json schema now validates custom classes in
the "ResourceModules" property properly.
=== External library changes in 1.26 ===
==== Upgraded external libraries ====
* Updated es5-shim from v4.0.0 to v4.1.5.
* Updated json2 from revision 2014-02-04 to 2015-05-03.
* Updated Sinon.JS from 1.10.3 to 1.15.4.
* Updated jQuery Client from v1.0.0 to v2.0.0.
* Updated QUnit from v1.17.1 to v1.18.0.
* Updated liuggio/statsd-php-client from v1.0.12 to v1.0.16.
* Updated oojs/oojs-ui from v0.11.3 to v0.12.12.
* Updated wikimedia/cdb from v1.0.1 to v1.3.0.
* Updated wikimedia/utfnormal from v1.0.2 to v1.0.3.
* Updated wikimedia/composer-merge-plugin from v1.0.0 to v1.3.0.
* Updated zordius/lightncandy from v0.18 to v0.21.
==== New external libraries ====
* Added composer/semver v1.0.0.
* Added mediawiki/at-ease v1.1.0.
* Added wikimedia/assert v0.2.2.
* Added wikimedia/ip-set v1.0.1.
* Added wikimedia/wrappedstring v2.0.0.
==== Removed and replaced external libraries ====
* Replaced leafo/lessphp v0.5.0 with oyejorge/less.php v1.7.0.9.
=== Bug fixes in 1.26 ===
* (T53283) load.php sometimes sends 304 response without full headers
* (T65198) Talk page tabs now have a "rel=discussion" attribute
* (T98841) {{msgnw:}} now preserves comments even when subst: is not used.
* (T104142) $wgEmergencyContact and $wgPasswordSender now use their default
value if set to an empty string.
=== Action API changes in 1.26 ===
* New-style continuation is now the default for action=continue. Clients may
use the 'rawcontinue' parameter to receive raw query-continue data, but the
new style is encouraged as it's harder to implement incorrectly.
* Deprecated API formats dump and wddx have been completely removed.
* API action=query&list=tags: The displayname can now be boolean false if the
tag is meant to be hidden from user interfaces.
* action=import no longer allows both the namespace= and rootpage= parameters
to be set. If they are both set, the value of rootpage= will be ignored.
* prop=revision output in enum mode is now sorted by timestamp rather than
revision ID. This usually won't make any difference.
* (T102645) Namespace list from meta=siteinfo&siprop=namespaces is now an array
with formatversion=2.
* Various other output from meta=siteinfo will now always be arrays instead of
sometimes being numerically-indexed objects with formatversion=2.
* When errors about users being blocked are returned, they now include
information about the relevant block.
* (T99926) list=random has higher limits, in line with other API modules.
* list=random's rnredirect parameter is deprecated in favor of a new
rnfilterredir parameter that also allows for listing both redirects and
non-redirects.
* list=random now supports continuation.
* API responses to GET requests may now include ETag and Last-Modified headers,
and will honor corresponding If-None-Match and If-Modified-Since on such
requests.
=== Action API internal changes in 1.26 ===
* New metadata item ApiResult::META_KVP_MERGE to allow for merging the KVP key
into the value when the value is an assoc.
* API action modules may now provide values for the RFC 7232 ETag and
Last-Modified headers. The API will check these against If-None-Match and
If-Modified-Since request headers on GET requests and avoid executing the
module when appropriate.
=== Languages updated in 1.26 ===
MediaWiki supports over 350 languages. Many localisations are updated
regularly. Below only new and removed languages are listed, as well as
changes to languages because of Phabricator reports.
* Languages added:
** ase (American sign language), thanks to translator Icemandeaf
** dty (डोटेली/Doteli), thanks to translators जनक राज भट्ट, बिप्लब आनन्द,
मेश सिंह बोहरा, and राम प्रसाद जोशी
** luz (لئری دوٙمینی / Southern Luri)
** olo (Livvinкarjala / Livvi-Karelian), thanks to translators Denö, Hiloin Natoi,
Ilja.mos, and Mashoi7
=== Other changes in 1.26 ===
* ChangeTags::tagDescription() will return false if the interface message
for the tag is disabled.
* Added PageHistoryPager::doBatchLookups hook.
* Added $wikiId parameter to FormatAutocomments hook.
* Added ParserCacheSaveComplete to ParserCache
* supportsDirectEditing and supportsDirectApiEditing methods added to
ContentHandler, to provide a way for ApiEditPage and EditPage to check
if direct editing of content is allowed. These methods return false,
by default for the ContentHandler base class and true for TextContentHandler
and it's derivative classes (everything in core). For Content types that
do not support direct editing, an alternative mechanism should be provided
for editing, such as action overrides or specific api modules.
* mediaWiki.confirmCloseWindow now returns an object of functions, instead of
one function. The callback can't be called directly any more. The callback
function is replaced with confirmCloseWindow.release().
* BREAKING CHANGE: Added an optional ResouceLoaderContext parameter to
ResourceLoaderModule::getDependencies(). Extension classes that override that
method should be updated. If they aren't updated, PHP Strict standards
warnings will appear when E_STRICT error reporting is enabled. Note: in the
near future, this parameter will probably become non-optional.
* Removed maintenance script deleteImageMemcached.php.
* MWFunction::newObj() was removed (deprecated in 1.25).
ObjectFactory::getObjectFromSpec() should be used instead.
* The parser will no longer randomize the string it uses to mark the place of
items that were stripped during parsing. It will use a fixed string instead.
This causes the parser to re-use the regular expressions it uses to search
and replace markers rather than generate novel expressions on each parse.
Re-using regular expressions will improve performance on HHVM and the
forthcoming PHP 7. The interfaces changes accompanying this change are:
- Parser::getRandomString() and Parser::uniqPrefix() have been deprecated.
- The $uniq_prefix argument for Parser::extractTagsAndParams() and the
$prefix argument for StripState::_construct() are deprecated and their
value is ignored.
* wfSuppressWarnings() and wfRestoreWarnings() were split into a separate library,
mediawiki/at-ease, and are now deprecated. Callers should use
MediaWiki\suppressWarnings() and MediaWiki\restoreWarnings() directly.
* The Block class constructor now takes an associative array of parameters
instead of many optional positional arguments. Calling the constructor the old
way will issue a deprecation warning.
* The jquery.mwExtension module was deprecated.
* $wgSpecialPageGroups was removed (deprecated in 1.21).
* SpecialPageFactory::setGroup was removed (deprecated in 1.21).
* SpecialPageFactory::getGroup was removed (deprecated in 1.21).
* DatabaseBase::ignoreErrors() is now protected.
* BREAKING CHANGE: mediawiki.legacy.ajax has been removed, following
a lengthy deprecation period.
* The ScopedPHPTimeout class was removed.
* Removed maintenance script fixSlaveDesync.php.
* Watchlist tokens, SpecialResetTokens, and User::getTokenFromOption()
are deprecated. Applications using those can work via the OAuth
extension instead. New tokens types should not be added.
* DatabaseBase::errorCount() was removed (unused).
* $wgDeferredUpdateList was removed.
* DeferredUpdates::addHTMLCacheUpdate() was removed.
== Compatibility ==
MediaWiki 1.26 requires PHP 5.3.3 or later. There is experimental support for
HHVM 3.3.0.
MySQL is the recommended DBMS. PostgreSQL or SQLite can also be used, but
support for them is somewhat less mature. There is experimental support for
Oracle and Microsoft SQL Server.
The supported versions are:
* MySQL 5.0.3 or later
* PostgreSQL 8.3 or later
* SQLite 3.3.7 or later
* Oracle 9.0.1 or later
* Microsoft SQL Server 2005 (9.00.1399)
== Upgrading ==
1.26 has several database changes since 1.25, and will not work without schema
updates. Note that due to changes to some very large tables like the revision
table, the schema update may take quite long (minutes on a medium sized site,
many hours on a large site).
If upgrading from before 1.11, and you are using a wiki as a commons
repository, make sure that it is updated as well. Otherwise, errors may arise
due to database schema changes.
If upgrading from before 1.7, you may want to run refreshLinks.php to ensure
new database fields are filled with data.
If you are upgrading from MediaWiki 1.4.x or earlier, you should upgrade to
1.5 first. The upgrade script maintenance/upgrade1_5.php has been removed
with MediaWiki 1.21.
Don't forget to always back up your database before upgrading!
See the file UPGRADE for more detailed upgrade instructions.
For notes on 1.25.x and older releases, see HISTORY.
== Online documentation ==
Documentation for both end-users and site administrators is available on
MediaWiki.org, and is covered under the GNU Free Documentation License (except
for pages that explicitly state that their contents are in the public domain):
https://www.mediawiki.org/wiki/Documentation
== Mailing list ==
A mailing list is available for MediaWiki user support and discussion:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
A low-traffic announcements-only list is also available:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce
It's highly recommended that you sign up for one of these lists if you're
going to run a public MediaWiki, so you can be notified of security fixes.
== IRC help ==
There's usually someone online in #mediawiki on irc.freenode.net.
Version 3.5.6 (2015-11-27)
--------------------------
### Fixed
Correctly determin the protocol delimiter in `Idna::encodeUrl()`.
### Fixed
Handle relative URLs when following redirects in the Request class (see #7799).
### Fixed
Correctly handle empty UUIDs when comparing versions (see #7971).
### Fixed
Remove the "required" attribute when setting up TinyMCE (see #8131).
Version 3.5.5 (2015-11-25)
--------------------------
### Fixed
Fix the domain when forwarding in the page controllers (see #8123).
### Fixed
Use the feed URL instead of the base URL for enclosures (see #8116).
### Fixed
Fix the `<time>` tags and standardize the event templates (see #8012).
### Fixed
Handle empty `href` attributes in the book navigation (see #8104).
### Fixed
Do not store e-mail addresses in the newsletter (un)subscription log.
### Fixed
Correctly encrypt fields upon registration (see #8110).
### Fixed
Correctly render required single checkboxes in the back end (see #7731).
### Fixed
Correctly store multi select menus if no value is selected (see #7760).
### Fixed
Prevent recursion when rendering 403/404 pages (see #8060).
### Fixed
Map the `FileTree` widget to `FormFileUpload` in the front end (see #8091).
### Fixed
Preserve the user input when loading image meta data (see #8108).
### Fixed
Show the "toggle all" buttons in "edit multiple" mode (see #5622).
### Fixed
Disable the gallery pagination if the images are sorted randomly (see #8033).
### Fixed
Set the correct empty value when copying elements (see #8064).
### Fixed
Correctly hide forward pages with no public subpages (see #8054).
### Fixed
Correctly render the page picker if the value starts with `#` (see #8055).
### Fixed
Correctly render the "group" option in the radio button and checkbox widgets.
### Fixed
Correctly set the ID when toggling fields via Ajax (see #8043).
### Fixed
Support call, sms and app hyperlinks when converting relative URLs (see #8102).
### Fixed
Correctly check if a folder is protected when loading subfolders.
### Fixed
Correctly check the synchronization status when copying or moving files.
### Fixed
Adjust the code to be compatible with PHP7 (see #8018).
### Fixed
Correctly show the UUID in the back end file manager popup (see #8058).
Writing RESTful apps is a good thing, but if you're also trying to support
web browsers, it would be nice not to be reduced to GET and POST for
everything.
This middleware allows for POST requests that pretend to be something else:
by adding either a header named X-HTTP-Method-Override to the request, or a
query parameter named x-tunneled-method to the URI, the client can say what
method it actually meant. That is, as long as it meant one of these:
GET
POST
HEAD
PUT
DELETE
OPTIONS
TRACE
CONNECT
PATCH
If so, then the REQUEST_METHOD in the PSGI environment will be replaced
with the client's desired value. The original request method is always
stored under the plack.original_request_method key.
Pelican is a static site generator, written in Python.
- Write your weblog entries directly with your editor of choice (vim!)
in reStructuredText or Markdown
- Includes a simple CLI tool to (re)generate the weblog
- Easy to interface with DVCSes and web hooks
- Completely static output is easy to host anywhere
Feedgenerator-py3k is a standalone version of Django's feedgenerator.
It is based on the current Django Version 1.5.dev20120824122350.
The previous feedgenerator 1.2.1 is based on rather old code, and
during the port to Python 3 it became obvious that (at least) the
handling of unicode strings has to be refactored.
Django has evolved since, so I decided to create a new standalone
version which is based upon modern code.
See http://parenchym.com/pymblog/ for details.
Siege is an http regression testing and benchmarking utility. It was
designed to let web developers measure the performance of their code
under duress, to see how it will stand up to load on the internet.
Siege supports basic authentication, cookies, HTTP and HTTPS protocols.
It allows the user hit a web server with a configurable number of
concurrent simulated users. Those users place the webserver "under siege."
------------------
1.20 2015-10-29 15:28:27-05:00 America/Chicago
- Documentation fixes.
- Don't clobber some response headers if they are already set.
------------------------
5.9009 - 2014-12-13
- fixed a new error in the manual regarding "component" -> "components"
(RT#99131, RT#100597, RT#100767)
5.9008 - 2014-07-26
- misc small documentation tweaks (thanks Karen Etheridge, Matthew
Horsfall, Andreas Marienborg, Dagfinn Ilmari Manns
Cvs: ----------------------------------------------------------------------
The find-prefix infrastructure was required in a pkgviews world where
packages installed from pkgsrc could have different installation
prefixes, and this was a way for a dependency prefix to be determined.
Now that pkgviews has been removed there is no longer any need for the
overhead of this infrastructure. Instead we use BUILDLINK_PREFIX.pkg
for dependencies pulled in via buildlink, or LOCALBASE/PREFIX where the
dependency is coming from pkgsrc.
Provides a reasonable performance win due to the reduction of `pkg_info
-qp` calls, some of which were redundant anyway as they were duplicating
the same information provided by BUILDLINK_PREFIX.pkg.
new welcome page to help new users
touch-screen support for most editing interfaces, for sizes from small tablets to table-top devices
enhanced and polished user interface
much-needed improvements to the structure-board
enhancements to components such as the pop-up plugin editor, sideframe (now called the overlay) and the toolbar
significant speed improvements on loading, HTTP requests and file sizes
restarts are no longer required when changing apphook configurations
a new content wizard system, adaptable to arbitrary content types
- Add two BUILD_DEPENDS for make test
p5-Plack-[0-9]*:../../www/p5-Plack
p5-Switch-[0-9]*:../../lang/p5-Switch
(upstream)
- Update to 0.20
--------------
0.20 2015-10-16 13:55:13 PDT
- Compile Perl code via a tempfile to support source filters (rkitover) #17
- chain to original $SIG{__WARN__} when suppressing signal warnings on
Win32 (rkitover) #16
---------------
3.23 2015-09-10
- Improve CGI mode param() handling to avoi CGI.pm's "param() called in list context" warning.
- add support for Apache 2.4 via mod_perl 1.09.
***** IMPORTANT *****
Apache 2.4 has a *VERY* different API for authentication. You will need
to port your subclass and configuration over to the Apache 2.4 API in
order to use Apache 2.4! Please be sure to read README.apache-2.4.pod for
porting instructions!
Changes to GoAccess 0.9.6 - Tuesday, October 27, 2015
- Fixed segfault when appending data to a log (follow) without virtualhosts.
- Added command line option `--dcf` to view the default config file path.
- Added 'Darwin' to the list of OSs.
- Added the ability to ignore parsing status codes using `--ignore-status`.
Changes to GoAccess 0.9.5 - Thursday, October 22, 2015
- Added major performance improvements to the default storage when parsing and
storing data (~%44 less memory, ~37% faster).
- Added the ability to parse virtual hosts and a new panel to display metrics
per virtual host.
- Added the ability to parse HTTP/2 requests.
- Added the ability to use GNU getline() to parse full line requests.
- Added the ability to output debug info if a log file is specified, even
without `--enable-debug`.
- Added OS X 'El Capitan'.
- Added WebDav HTTP methods and HTTP status from RFC 2518 and RFC 3253.
- Fixed detection of some Googlebots.
- Fixed issue where time served metrics were not shown when loading persisted
data.
- Fixed linker error on OSX: ld: library not found for -lrt.
- Fixed percentage on the HTML output when excluding IPs.
- Removed GLib dependency and refactored storage functionality. By removing
this dependency, GoAccess is able to store data in a more efficient manner,
for instance, it avoids storing integer data as void* (generic typing), thus
greatly improving memory consumption for integers.
Changes to GoAccess 0.9.4 - Tuesday, September 08, 2015
- Fixed inability to parse color due to a missing POSIX extension. ERR: Invalid
bg/fg color pairs
- Added `%~` specifier to move forward through a log string until a non-space
char is found.
- Added the ability to parse static files containing a query string
`--all-static-files`.
- Added the ability to parse native Squid access.log format.
- Added the ability to log invalid requests to a file `--invalid-requests`.
- Added additional overall metric - total valid requests.
- Fixed a few issues in the configuration script.
Changes:
- Fixed dashed and dotted border painting.
- Properly cancel navigation policy checks.
- Several crashes fixed when running editor commands.
- Fix several crashes due to assertions in Debug builds.
- Fix the build on Mac OSX and bring back the Quartz target.
- Fix the build on glibc-based BSD systems.
Fri Nov 6 22:54:38 CET 2015
Fixing the buffer shrinkage issue, this time with test. -CG
Releasing libmicrohttpd 0.9.46. -CG
Tue Nov 3 23:24:52 CET 2015
Undoing change from Sun Oct 25 15:29:23 CET 2015
as the original code was counter-intuitive but
correct, and the new code does break pipelining.
Ignore empty lines at the beginning of an HTTP
request (more tolerant implementation). -CG
Sat Oct 31 15:52:52 CET 2015
Releasing libmicrohttpd 0.9.45. -CG
Tue Oct 27 12:08:02 CET 2015
Rework deprecation maros: fix errors with old GCC versions,
improved support for old clang and new GCC. -EG
Sun Oct 25 23:05:32 CET 2015
Return correct header kind in MHD_get_connection_values()
even if a bitmask is used for the "kind" argument. -FC/CG
Sun Oct 25 15:29:23 CET 2015
Fixing transient resource leak affecting long-lived
connections with many keep-alives and HTTP request
pipelining under certain circumstances (which reduced
the receive window).
Fixed assertion failure triggered by a race in
thread-per-connection mode on shutdown in rare
circumstances. -CG
Mon Oct 5 11:53:52 CEST 2015
Deduplicate code between digestauth and connection
parsing logic for URI arguments, shared code moved
to new MHD_parse_arguments_ function in internal.c. -CG
Thu Oct 1 21:22:05 CEST 2015
Releasing libmicrohttpd 0.9.44. -CG
Wed Sep 30 21:05:38 CEST 2015
Various fixes for W32 VS project files. - EG
Fri Sep 25 09:49:10 CEST 2015
Fix digest authentication with URL arguments where
value-less keys are given before the last argument.
Thanks to MA for reporting. -CG
Tue Sep 22 19:17:54 CEST 2015
Do not use shutdown() on listen socket if MHD_USE_PIPE_FOR_SHUTDOWN
is set. -CG
Wed Sep 16 11:06:02 CEST 2015
Releasing libmicrohttpd 0.9.43. -CG
Wed Sep 2 16:50:31 CEST 2015
Call resume_suspended_connections() when the user is running
its own mainloop and calls MHD_run_from_select() to support
resuming connections with external select. -FC
Sun Aug 30 14:53:51 CEST 2015
Correct documentation as to when MHD_USE_EPOLL_LINUX_ONLY
is allowed. -CG
Thu Aug 27 09:38:44 CEST 2015
Reimplement monotonic clock functions for better
support various platforms.
Print more information during configure. -EG
Fri Aug 14 14:13:55 CEST 2015
Export MHD_get_reason_phrase_for() symbol. -CG
Sat Aug 8 12:19:47 CEST 2015
Added checks for overflows and buffer overruns, fixed
possible buffer overrun.
Updated md5 implementation.
Fixed many compiler warning (mostly for VC compiler). -EG
Tue Aug 4 13:50:23 CEST 2015
Fix failure to properly clean up timed out connections
if running in external select mode without listen socket,
which caused busy waiting until new connections arrived.
(Fixes#3924, thanks to slimp for reporting and testcase). -CG
Sun Aug 2 19:08:20 CEST 2015
Ignore close() errors on sockets except for EBADF,
fixes#3926. -CG
Sat Jun 27 22:16:27 CEST 2015
Make sure to decrement connection counter before
calling connection notifier so that
MHD_DAEMON_INFO_CURRENT_CONNECTIONS does not
present stale information (relevant if this is
used for termination detection of a daemon
stopped via MHD_quiesce_daemon()). Thanks to
Markus Doppelbauer for reporting. -CG
Fri Jun 26 23:17:20 CEST 2015
Fix (automatic) handling of HEAD requests with
MHD_create_response_from_callback() and HTTP/1.1
connection keep-alives. Thanks to Cristian Klein
for reporting. -CG
Tue Jun 09 18:30:17 CEST 2015
Add new functions MHD_create_response_from_fd64() and
MHD_create_response_from_fd_at_offset64(). -EG
Thu Jun 4 13:37:05 CEST 2015
Fixing memory leak in digest authentication. -AW
Wed Jun 03 21:23:47 CEST 2015
Add deprecation compiler messages for deprecated functions
and macros. -EG
Fri May 29 12:23:01 CEST 2015
Fixing digest authentication when used in combination
with escaped characters in URLs. -CG/AW
Wed May 13 11:49:09 CEST 2015
Releasing libmicrohttpd 0.9.42. -CG
Wed May 13 11:33:59 CEST 2015
Fix off-by-one in MHD_start_daemon_va() error handling logic
when initialization of threads for thread pool fails for some
reason. -CG/JC
Thu May 7 17:05:46 CEST 2015
Add support for poll() in W32. -EG
Wed May 6 18:07:38 CEST 2015
Fix#3784: actually implement MHD_CONNECTION_INFO_SOCKET_CONTEXT. -asherkin
Thu Apr 30 00:03::49 CEST 2015
Releasing libmicrohttpd 0.9.41. -CG
Thu Apr 30 00:02:33 CEST 2015
Fix issue where resumed connections would not continue
unless other requests are active in certain
event-loop modes. Thanks to Mike Castillo for reporting. -CG
Wed Apr 15 03:16:18 CEST 2015
Fixing issue #3753 (testcase issue). -CG
Wed Apr 15 00:30:34 CEST 2015
Fix looping issue when using MHD_USE_POLL_INTERNALLY
and a client times out. -LB
Sun Apr 12 21:48:50 CEST 2015
Fix looping issue when combining MHD_USE_EPOLL_LINUX_ONLY
with HTTPS and slow clients. -CG
Fri Apr 10 22:02:27 CEST 2015
Fix logic to add "Connection: Close" that was broken in 0.9.38
when adding MHD_RF_HTTP_VERSION_1_0_ONLY. -CG
Fri Apr 10 00:38:40 CEST 2015
Ensure fast termination in MHD_USE_THREAD_PER_CONNECTION
mode on W32 by using signal pipe. -CG
Thu Apr 9 09:01:15 CEST 2015
Fixing issue with undrained signal pipe when using
MHD_USE_SELECT_INTERNALLY and MHD_USE_POLL in combination
with MHD_resume_connection(), causing 100% CPU usage. -DD
Tue Apr 7 00:12:36 CEST 2015
Releasing libmicrohttpd 0.9.40. -CG
Sat Apr 4 18:28:24 CEST 2015
Fix potential deadlock issue in MHD_USE_THREAD_PER_CONNECTION
mode if shutdown is initiated while connections are active. -CG
Sat Apr 4 17:48:13 CEST 2015
Fix issue in thread-pool mode where a MHD_stop_daemon()
might not reach threads that stopped listening because
we hit the maximum number of concurrent connections and
the option MHD_USE_PIPE_FOR_SHUTDOWN was also not used.
Testcase added as well. -CG
Fri Apr 3 12:55:31 CEST 2015
Update HTTPS testcases to avoid SSLv3, as SSLv3 is dead.
Fri Apr 3 12:25:28 CEST 2015
Do not enforce FD_SETSIZE-limit on worker control
pipe when using MHD_USE_EPOLL_LINUX_ONLY (#3751). -MH/CG
Tue Mar 31 10:28:26 CEST 2015
Adding MHD_OPTION_NOTIFY_CONNECTION,
MHD_CONNECTION_NOTIFY_STARTED,
MHD_CONNECTION_NOTIFY_CLOSED and
MHD_CONNECTION_INFO_SOCKET_CONTEXT to allow
applications to trigger operations when TCP
connections start or end, instead of just
exposing HTTP requests starting and ending. -RG/CG
Thu Feb 26 09:55:43 CET 2015
Fixing bug that prevented MHD_OPTION_HTTPS_MEM_DHPARAMS
from working within a MHD_OPTION_ARRAY. -DD
Sun Feb 8 01:24:38 CET 2015
Adding MHD_OPTION_HTTPS_KEY_PASSWORD as proposed by
Andrew Basile. -CG/AB
Wed Feb 4 20:34:22 CET 2015
Fix issue where for HTTP/1.0-clients that set
Connection: Keep-Alive header a response of
indefinite size was generated with chunked encoding. -CG
Sun Jan 18 20:09:06 CET 2015
Fix potential infinite loop on shutdown in multi-threaded mode
under certain conditions. -CG
Upstream changes:
Major features
Highlights
MDL-29801 - Allow users to delete personal messages
MDL-27177 - Allow students to see each other's contact details in full profile without global permission if they are able to see each other's course profile
MDL-46455 - Backup/restore functionality with new logging system
MDL-46878 - Reset Dashboard for all users after changing the default Dashboard
Quiz
MDL-47494 - New question types from the UK Open University - Select missing words, Drag and drop into text, Drag and drop onto image and Drag and drop markers
MDL-38214 - New Cloze subquestion types with shuffling of answers - MCS, MCVS, MCHS
MDL-50217 - Question types sorted with common ones at the top
MDL-29771 - Interactive behaviour should show number of tries left in the Try again state
Forum
MDL-49682 - Make forum email template editable
MDL-46321 - Uninformative error when moving forum without first selecting destination
MDL-50993 - Timed discussions are now displayed to students in a logical order
MDL-50430 - Number of subscribers specified in forum subscriber list
Assignment
MDL-49176 - Assignment marking guide 'flattens' instructions for markers and students
MDL-49515 - Upgrade FPDI library in assignfeedback_editpdf to 1.5.4 to fix problems with PDF annotator on some files
MDL-50283 - Improve Rubric interface to include the ability to duplicate rows
Other activity modules
MDL-49028 - Wiki: Option to delete pages during course reset
MDL-40836 - File resource: New file resource setting option to display upload/modified date
MDL-26501 - Glossary: Do not allow to browse by author if author is never displayed
MDL-50673 - Workshop: display all participants on "Submission phase" page in a table
MDL-50664 - Database activity: add setting to disallow managing of own entries after approval
MDL-50658 - LTI: Add support for LTI Memberships service
MDL-49581 - Lesson: Remove high scores list feature
MDL-49882 - Lesson: Essay questions are not imported into the lesson Module
MDL-50720 - Database activity: Highlight database entries that are not yet approved.
User interface and usability improvements
MDL-51051 - Rename 'Categories and items' to 'Gradebook setup' and add link
MDL-51250 - Show default section name when editing section details with default checkbox being checked
MDL-49984 - Add visual blocks outlines to My profile page to help separate information
MDL-48947 - Collect all course section editing buttons under one "Edit" dropdown
MDL-51087 - Use client-side validation in the signup form
MDL-50113 - Improve display of long user and course names in Messaging
MDL-50919 - Simplify the Manage tags page, allow to quickly change name, flag and official status of the tags
MDL-51013 - Navbar button should appear for smaller screens only when the custom menu or language menu is not empty
MDL-51260 - Use the new autocomplete form field for tags
MDL-51296 - Add title to page when adding blog post
MDL-38763 - Permission override UI should use JS confirmation
MDL-29763 - Add description to Portfolio settings page
Atto editor
MDL-45515 - New table editing features in Atto editor
MDL-49732 - Keyboard interaction for hyperlink in Atto (Ctrl+K)
MDL-50936 - More Atto editor Maths equation buttons (sum, sqrt, int, etc.)
MDL-50142 - Text editor preferences help pop-up
Enrolments
MDL-30674 - Set guest access key from enrolment methods page
MDL-30157 - Allow users to start manual enrolments right now
MDL-49746 - Allow to sort enrolled users page by last course access
MDL-48074 - Group filter in enrolments list should have option "not in any group"
Administration
MDL-49329 - Multiple improvements in the plugins installation/update system including ability to install several plugins at the same time
MDL-49280 - New configuration setting to allow duplicate email addresses
MDL-51330 - Show scheduled tasks component in the cron log
MDL-51261 - Upgrade key - mechanism to protect anonymous web access to upgrade screens
MDL-50602 - New settings in Automated backup setup for deleting older backups and keeping a minimum number of backups
MDL-48438 - Add real name to email about login failures
MDL-30960 - New option in email settings to specify SSL or TLS (SMTPSecure property of PHPMailer)
MDL-46623, MDL-51824 - CAS and LDAP: Replace CLI script to synchronise users with a scheduled tasks
MDL-39319 - Allow administrator to uninstall several languages in one single action
MDL-50155 - Move and rename "Common activities settings" link to be under "Manage activities" for consistency
MDL-50631 - Display Moodle ASCII logo in CLI installer
MDL-46167 - New option for CLI installation: skip database
MDL-50572 - Disable YouTube repository by default since it requires setting up
MDL-51739 - Lock theme selector UI when $CFG->theme is hardcoded in config.php
MDL-51478 - Enable Mobile services by default for sites with https
MDL-19748 - Do not allow to edit tags in the default authenticated user role
MDL-46398 - Make HTML5 video the default player for capable videos
Other improvements
MDL-51132 - Introduce course tagging as a replacement for user-course-tagging in the "Tags" block. See upgrade documentation
MDL-41042 - Course contacts shown in course listings no longer lag by an hour
MDL-44273 - Back-off strategy for RSS feeds
MDL-45981 - CAS Auth Config needs way to specify that curl should use SSLv3.
MDL-49891 - Add description meta to frontpage
MDL-25451 - Go straight to "Permissions" from block context menu instead of "Assign roles" if they are not available
MDL-50647 - Add 'not in group' section to group overview page
MDL-50956 - Allow main menu block to be displayed "throughout the entire site"
MDL-28954 - Allow images and embedded files in the cohort descriptions
MDL-50371 - Use $CFG->gradepointdefault for new manual gradeitems and grade categories
Security issues
There are no new security issues since the Moodle 2.9.3 release on 9 November 2015.
For developers
MDL-46455 - Events must define fields mappings in order to be correctly restored (documentation)
MDL-50125 - Allow all plugins to inject links in the preferences page (documentation)
MDL-51247 - Revive / refresh / rebuild the autocomplete mform element.
MDL-50839 - Allow themes to set User menu avatar size (documentation)
MDL-48494 - Make $plugin->component required for all plugins
MDL-43896 - Drop support for $module in version.php files for Moodle 3.0
MDL-50645 - Cache the list of available callbacks per plugin
MDL-33564 - rss_error() should return a proper HTTP response code
MDL-37864 - New method to add help icons to the sortable table headers (documentation)
MDL-51737 - Add ability to detect MS Edge in our browser sniffing code
MDL-51213 - external_format_text should be safe to call from web or webservice (documentation)
MDL-51413 - Add an additional return field in get_forums_by_courses in order to specify if the current user can create discussions
MDL-51217 - Using recaptcha is not possible outside auth_email plugin.
MDL-51107 - Add a callback to inject nodes in the category settings navigation (documentation)
MDL-50891 - is_web_crawler should be moved to useragent class
MDL-50453 - Replace reserved word usage from \core\progress\null (PHP7)
MDL-50009 - Prevent scheduled tasks from leaving unfinished db transactions
MDL-49821 - Some Web Services miss checks for guest and deleted users
MDL-50926 - Upgrade to phpunit 4.x
MDL-50491 - New format_text option to exclude particular filters
MDL-50783 - Allow some ajax external functions to be called without a session
MDL-50150 - Add "Blocks" feature to JS and PHP mustache engines (documentation)
Upstream changes:
6.32 2015-11-18
- Deprecated Mojolicious::Routes::Pattern::format_regex.
- Added support for new HTTP status code.
- Improved router performance.
- Improved Mojo::DOM::CSS performance slightly. (jamadam)
- Fixed a few case-sensitivity and An+B notation bugs in Mojo::DOM::CSS.
(jamadam)
6.31 2015-11-13
- Improved documentation browser CSS.
- Fixed handling of invalid URLs in Mojo::UserAgent::CookieJar.
- Fixed a few small selector bugs in Mojo::DOM::CSS.
- Fixed a few small formatting bugs in Mojolicious::Plugin::PODRenderer.
6.30 2015-11-11
- Fixed bug in Mojolicious::Renderer where layouts could not be used with
template inheritance. (nic, sri)
This release includes number of fixes for libnghttp2. We briefly explain notable bug fixes here. Previously, libnghttp2 ignored CONTINUATION frames if preceding HEADERS frame contained padding. The appearance of CONTINUATION is rare these days, but padding is used in some services already, and we may see CONTINUATION somewhere too. The second and third bugs are SETTINGS and HPACK dynamic table size related bugs. The second bug is that previously libnghttp2 did not shrink to minimum size of requested dynamic table size contained in SETTINGS frame sent from local endpoint if it contains several SETTINGS_HEADER_TABLE_SIZE. Now it is corrected, and libnghttp2 shrinks to the minimum size. The third bug is that due to the ambiguous text in RFC 7540 and 7541, we interpreted that if receiver received SETTINGS containing SETTINGS_HEADER_TABLE_SIZE, it always has to send dynamic table size update in the next compressed header block. But it turns out that it is not the intention of the specification author. The intended behaviour is the receiver is required to send dynamic table size update only when it really changed maximum dynamic table size. Depending on the SETTINGS_HEADER_TABLE_SIZE and the current maximum dynamic table size, the table size may not change.
Update DEPENDS
Upstream changes:
0.28
- always shutdown after SIGTERM, but only after notifying the client (via connection: close or equiv.) #23
0.26
- fix abrupt connection close when receiving SIGTERM #21 (by shogo82148)
0.25
- support listing to unix socket wo. using Server::Starter
- suppress warning when receiving broken requests
- fix test issue with Plack >= 1.0035
Update MASTER_SITES
Add BUILD_DEPENDS for test
Upstream changes:
Version 0.11.2
--------------
Released on November 12th 2015.
- Fix inheritable sockets on Windows on Python 3.
- Fixed an issue with the forking server not starting any longer.
- Fixed SSL wrapping on platforms that supported opening sockets
by file descriptor.
- No longer log from the watchdog reloader.
- Unicode errors in hosts are now better catched or converted into
bad request errors.
Version 0.11.1
--------------
Released on November 10th 2015.
- Fixed a regression on Python 3 in the debugger.
Version 0.11
------------
Released on November 8th 2015, codename Gleisbaumaschine.
- Added ``reloader_paths`` option to ``run_simple`` and other functions in
``werkzeug.serving``. This allows the user to completely override the Python
module watching of Werkzeug with custom paths.
- Many custom cached properties of Werkzeug's classes are now subclasses of
Python's ``property`` type (issue ``#616``).
- ``bind_to_environ`` now doesn't differentiate between implicit and explicit
default port numbers in ``HTTP_HOST`` (pull request ``#204``).
- ``BuildErrors`` are now more informative. They come with a complete sentence
as error message, and also provide suggestions (pull request ``#691``).
- Fix a bug in the user agent parser where Safari's build number instead of
version would be extracted (pull request ``#703``).
- Fixed issue where RedisCache set_many was broken for twemproxy, which doesn't
support the default MULTI command (pull request ``#702``).
- ``mimetype`` parameters on request and response classes are now always
converted to lowercase.
- Changed cache so that cache never expires if timeout is 0. This also fixes
an issue with redis setex (issue ``#550``)
- Werkzeug now assumes ``UTF-8`` as filesystem encoding on Unix if Python
detected it as ASCII.
- New optional `has` method on caches.
- Fixed various bugs in `parse_options_header` (pull request ``#643``).
- If the reloader is enabled the server will now open the socket in the parent
process if this is possible. This means that when the reloader kicks in
the connection from client will wait instead of tearing down. This does
not work on all Python versions.
- Implemented PIN based authentication for the debugger. This can optionally
be disabled but is discouraged. This change was necessary as it has been
discovered that too many people run the debugger in production.
- Devserver no longer requires SSL module to be installed.
Version 0.10.5
--------------
(bugfix release, release date yet to be decided)
- Reloader: Correctly detect file changes made by moving temporary files over
the original, which is e.g. the case with PyCharm (pull request ``#722``).
- Fix bool behavior of ``werkzeug.datastructures.ETags`` under Python 3 (issue
``#744``).
Updating MASTER_SITES
From the ChangeLog:
2013-03-25 Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
* In places where the CGI variable REMOTE_USER is read, support
alternatively REDIRECT_REMOTE_USER, which is used by the Apache
HTTPD Server instead, when a redirect was used.
* Removed debian/README.Debian which did not contain any useful
information.
2013-03-23 Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
* Handle the content of the CGI AUTH_TYPE variable case-insensitively as
defined by RFC 3875 Section 4.1.1.
2013-03-21 Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
* Changed the pathnames of the debug files to be a bit more FHS
compliant.
2013-03-20 Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
* Changed the end-of-line encodings of all non-Windows-related and
non-autogenerated text files to use UNIX LF (lots of them had mixed
LF/CRLF).
* HTML escape the remotely retrieved version string printed to the HTML
in order to prevent and attacks (if this would have been possible at
all in 12 characters).
* Updated all addresses of the canonical git upstream repository and the
issue tracker to the new ones.
2013-03-06 Andrew McMillan <andrew@morphoss.com>
* Fix capitalisation of 'plpgsql' & 'sql' for Postgres 9.2. (debbug #702403)
2013-02-16 Andrew McMillan <andrew@morphoss.com>
* Content-Type header should be 'charset' not 'encoding'.
2012-09-20 Andrew McMillan <andrew@morphoss.com>
* When we get here it is a Bad Request, not a Server Error.
* Quick workaround for iOS6 supported-calendar-component-set issue.
Adds a $c->default_calendar_components array of (VEVENT,VTODO,...)
* Workaround client software with imperfect add-member implementations.
2012-09-10 Andrew McMillan <andrew@morphoss.com>
* Fix unassigned variable.
* Avoid unassigned variable warning.
* Fix UID handling.
* Fix debugging to error log.
2012-08-09 Andrew McMillan <andrew@morphoss.com>
* Ensure test responses are displayed in their unprocessed form.
* Some debugging messages.
2012-07-31 Andrew McMillan <andrew@morphoss.com>
* Replace deprecated split() with explode()
2012-05-28 Andrew McMillan <andrew@morphoss.com>
* First cut at iMIP implementation. Still working on this.
2012-07-30 Andrew McMillan <andrew@morphoss.com>
* Fix SQL fieldname.
2012-07-29 Andrew McMillan <andrew@morphoss.com>
* Sometimes we want to retrieve the sync-token as a result of a change we just made.
This allows a (default true) flag to indicate whether it's OK to use
a previously cached value.
* On Apple devices these can sometimes appear in the Apple namespace. Odd.
* Let the VCalendar class handle how to get the UID from the calendar.
2012-07-25 Andrew McMillan <andrew@morphoss.com>
* Remove old redundant constructor.
2012-07-13 Andrew McMillan <andrew@morphoss.com>
* Add workaround for Apple's POST add-member trainwreck.
* We might not have a $request calling this so use the object's path instead.
* Testing for dead property XML which is a set of prop.
* supported-calendar-component-set uses dead properties too...
* Don't just return the first element in a dead property - there might be multiple!
Upstream changes:
Highlights
MDL-42639 - Web service core_user_get_users_by_field should return username or idnumber to all managers
MDL-48861 - Assignment: "Need grading" filter is not working properly within grading overview
MDL-51552 - "Single View" bulk insert for empty grades no longer overwrites non-empty grades
MDL-51083 - Fixed undesired browser password autofilling in several forms (majority of forms were fixed in MDL-45772 in previous release)
MDL-36606 - AJAX Grader report now works correctly when uneditable cells are present
Functional changes
MDL-49545 - Teachers without capability to change course full or short name should not be able to do it during restore as well
MDL-50917 - Allow manager to access another user's preferences
MDL-50811 - Forum email replies update completion tracking information
MDL-51834 - Lock custom profile fields that are set to by synchronised with various auth plugins
MDL-44707 - Copy embedded files in HTML block when duplicating block (mostly affects adding HTML block with files to default Dashboard)
MDL-51467 - Changing course start date when resetting course now correctly adjusts Date Restrictions
MDL-43594 - Assignment: Resetting course start date now updates calendar events respectfully
UI changes
MDL-40710 - Better visualization of badges backpack icon
MDL-51290 - Make adding a photo to a profile more obvious
MDL-50207 - Fixed activity results block CSS not to overwrite table caption and work correctly with RTL
Security issues
A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
Fixes and improvements
MDL-51514 - Performance improvement in one of regrading queries on MySQL
MDL-51498 - Improve performance for regrading gradebook
MDL-50805 - Performance improvement in cron Messaging Cleanup Task
MDL-50790 - Fixed problem with removing content of Reply to email feature in gmail
MDL-26429 - Added missing criteria icons to completion report
MDL-51190 - Fixed MS Edge locking up when viewing embedded PDF
MDL-46710 - LTI module correctly tracks completion when opened in a new window
MDL-46497 - Atto: clicking RTL button and then LTR button should not add additional HTML tags
MDL-49032 - RFC2445_WSP defined incorrectly for Bennu iCal.
MDL-50892 - Fixed errors appearing when resource or activity was named '0' (zero)
MDL-51390 - Badges: fixed connection to external backpack
MDL-50079 - Atto: Fixed bug when user was unable to select "open in new window" when linking to the file from repository
MDL-48881 - Fixed bug with lesson not always showing student attempts
Upstream changes:
1.3202 2015-11-07
- Re-releasing 1.3200 again now CPAN perms should be fully sorted.
1.3201 2015-11-07
- Re-releasing 1.3200 now I should have the required permissions. (Can't
re-upload as 1.3200 even though it wasn't indexed due to PAUSE
restrictions)
1.3200 2015-11-06
[BUG FIXES]
- Fix temporary directory handling in serialiser tests (PR 1133, nanis)
[ENHANCEMENTS]
- Promoting 1.3144 to stable. Only one odd, rare failure remains on
CPAN Testers, which I cannot reproduce.
- Bind to 127.0.0.1 in tests to avoid occasional spurious failures on busy
build hosts (PR 1136, thanks to @redbaron)
- More efficient handling of large requests - don't store the raw request
body, but fish it out of the HTTP::Body object's temp file if required
(PR 1134, David Precious (bigpresh))
[NEW FEATURES]
- Allow mixd named params and splats in route definitions (PR 1086,
veryrusty)
1.3144 2015-11-04
[ENHANCEMENTS]
- Bind to 127.0.0.1 in tests to avoid occasional spurious failures on busy
build hosts (PR 1136, thanks to @redbaron)
1.3143 2015-10-26
- Note: new release manager for Dancer1: David Precious (BIGPRESH)
[BUG FIXES]
- Fix temporary directory handling in serialiser tests (PR 1133, nanis)
[ENHANCEMENTS]
- More efficient handling of large requests - don't store the raw request
body, but fish it out of the HTTP::Body object's temp file if required
(PR 1134, David Precious (bigpresh))
[NEW FEATURES]
- Allow mixd named params and splats in route definitions (PR 1086,
veryrusty)
Fixed a regression causing ModelChoiceField to ignore prefetch_related() on its queryset.
Allowed “mode=memory” in SQLite test database name if supported.
Fixed system check crash on ForeignKey to abstract model.
Fixed incorrect queries when you have multiple ManyToManyFields on different models that have the same field name, point to the same model, and have their reverse relations disabled.
Allowed filtering over a RawSQL annotation.
Made the Concat database function idempotent on SQLite.
Avoided a confusing stack trace when starting runserver with an invalid INSTALLED_APPS setting.
Made deferred models use their proxied model’s _meta.apps for caching and retrieval. This prevents any models generated in data migrations using QuerySet.defer() from leaking to test and application code.
Fixed a typo in the name of the strictly_above PostGIS lookup.
Fixed crash with contrib.postgres.forms.SplitArrayField and IntegerField on invalid value.
Added a helpful error message when Django and South migrations exist in the same directory.
Fixed a regression in URLValidator that allowed URLs with consecutive dots in the domain section (like http://example..com/) to pass.
Fixed a crash with GenericRelation and BaseModelAdmin.to_field_allowed.
Upstream changes:
6.29 2015-11-03
- Fixed a few bugs in built-in templates. (Zoffix, sri)
6.28 2015-11-02
- Improved build_app method in Mojo::Server to work more like the load_app
method.
- Fixed multi-line attribute bug in Mojo::DOM::HTML. (jamadam)
* Add Locker friend class to SBuf for protection against memory issues
* Connection stats, including %<lp, missing for persistent connections
* Fix incorrect authentication headers on cache digest requests
* Bug 4281: copy-paste typos in src/tools.cc
* Bug 4188: Bumping intercepted SSL connections does not work on Solaris
* Avoid errors when parsing manager ACL in old squid.conf
* Bug 4279: No response from proxy for FTP-download of non-existing file
* Bug 3574: crashes on reconfigure and startup
* Bug 4347: compile errors with LibreSSL 2.3
Changes:
What's new in WebKitGTK+ 2.10.3?
- Fix graphics artifacts when entering/leaving Accelerated Compositing mode.
- Honour 'forwards' fill-mode in Multiple-keyframe and delayed instantaneous
animations.
- Fix runtime warning when the inspector is closed.
- Fix the build with GTK+2 plugin process disabled.
- Gracefully handle errors when sending/receiving IPC messages data on connection
close.
- Fix several crashes and rendering issues.
