directory traversal), CVE-2007-1232 an CVE-2008-0516. Update to 1.2.0 in
order to make this possible at all. Also remove manu as maintainer as he
suggested in mail.
took maintainership
updated REPLACE_PERL section
ChangeLog:
Changes in DBI 1.607 (svn r11571) 22nd July 2008
NOTE: Perl 5.8.1 is now the minimum supported version.
If you need support for earlier versions send me a patch.
Fixed missing import of carp in DBI::Gofer::Execute.
Added note to docs about effect of execute(@empty_array).
Clarified docs for ReadOnly thanks to Martin Evans.
ChangeLog:
Changes log for Perl extension SQL::Statement
Version 1.15, released 2 February, 2006
----------------------------------------
* fixed placeholder bug in SQL::Statement::UPDATE
thanks for bug report Tanktalus
Version 1.14, released 21 April, 2005
----------------------------------------
* fixed circular dependency in tests (one mistakenly required AnyData)
Version 1.13, released 18 April, 2005
----------------------------------------
* pod fixes
Version 1.12, released 18 April, 2005
----------------------------------------
* added support for GROUP BY
(several people sent suggestions for this in the past, please email me
so I can credit you, sorry I lost the names)
* added support for true LIMIT - if a LIMIT clause is specified and
no ORDER BY clause is specified, the SELECT will stop searching
when the limit is reached; with an ORDER BY clause it will still
search the entire table because we can only ORDER a set; using
LIMIT without an ORDER BY will greatly increase speed
* added support for CREATE/DROP keyword|operator|type|function
* optimized process_predicate to only look up scalars once
* completely re-wrote the POD
* fixed bug in primary key search optimization
thanks for bug report and test scripts: Jim Lambert, <jimlambrtATmac.com>
* fixed problem with all_cols slowing inserts
thanks for patch and test Cosimo Streppone <cosimoATcpan.org>
* cleaned up case of temp table column names
thanks for bug report: Dan Wright
* added a META.YML and extra tests
1.817 27 March 2008
* Updated dbinfo
* Applied core patch 32299 - Re-apply change #30562
* Applied core patch 32208
* Applied core patch 32884 - use MM->parse_version() in Makefile.PL
* Applied core patch 32883 - Silence new warning grep in void
context warning
* Applied core patch 32704 to remove use of PL_na in typemap
* Applied core patch 30562 to fix a build issue on OSF
1.816 28 October 2007
* Clarified the warning about building with a different version of
Berkeley DB that is used at runtime.
* Also made the boot version check less strict.
[rt.cpan.org #30013]
* Modifications to the virtual file system interface to support a wider range
of embedded systems.
* All C-preprocessor macros used to control compile-time options now begin
with the prefix "SQLITE_".
* The SQLITE_MUTEX_APPDEF compile-time option is no longer supported.
* The handling of IN and NOT IN operators that contain a NULL on their
right-hand side expression is brought into compliance with the SQL standard
and with other SQL database engines. This is a bug fix, but as it has the
potential to break legacy applications that depend on the older buggy
behavior.
* The result column names generated for compound subqueries have been
simplified to show only the name of the column of the original table and
omit the table name. This makes SQLite operate more like other SQL database
engines.
* Added the sqlite3_config() interface for doing run-time configuration of the
entire SQLite library.
* Added the sqlite3_status() interface used for querying run-time status
information about the overall SQLite library and its subsystems.
* Added the sqlite3_initialize() and sqlite3_shutdown() interfaces.
* The SQLITE_OPEN_NOMUTEX option was added to sqlite3_open_v2().
* Added the PRAGMA page_count command.
* Added the sqlite3_next_stmt() interface.
* Added a new R*Tree virtual table
- verify the dependencies added: p5-File-Temp, p5-Encode
ChangeLog:
1.54 Wed Jul 9 09:34:25 EDT 2008
When aborting transactions, we need to flush our cache,
because SQLite is reusing the primary id for later inserts and the cache
can otherwise become inconsistent.
- bug #1908719 [interface] New field cannot be auto-increment and
primary key
- [dbi] Incorrect interpretation for some mysqli field flags
- bug #1910621 [display] part 1: do not display a TEXT utf8_bin
as BLOB (fixed for mysqli extension only)
- [interface] sanitize the after_field parameter,
thanks to Norman Hippert
- [structure] do not remove the BINARY attribute in drop-down
- bug #1955386 [session] Overriding session.hash_bits_per_character
- [interface] sanitize the table comments in table print view,
thanks to Norman Hippert
- bug #1939031 Auto_Increment selected for TimeStamp by Default
- patch #1957998 [display] No tilde for InnoDB row counter when
we know it for sure, thanks to Vladyslav Bakayev - dandy76
- bug #1955572 [display] alt text causes duplicated strings
- bug #1762029 [interface] Cannot upload BLOB into existing row
- bug #1981043 [export] HTML in exports getting corrupted,
thanks to Jason Judge - jasonjudge
- bug #1936761 [interface] BINARY not treated as BLOB:
update/delete issues
- protection against XSS when register_globals is on and .htaccess
has no effect, thanks to Tim Starling
- bug #1996943 [export] Firefox 3 and .sql.gz (corrupted);
detect Gecko 1.9, thanks to Juergen Wind
- (2.11.7.1) [security] XSRF/CSRF by manipulating the db,
convcharset and collation_connection parameters,
thanks to YGN Ethical Hacker Group
This update fixes the security vulnerability reported in PMASA-2008-5.
Terminate HOMEPAGE url with /
Adapt PERL5_PACKLIST to what the package does.
Changes:
0.09 Mon Jul 10 03:40:00 2006
* "I'm doind this as I watch the World Cup Finals" release
- Add POD tests
0.08_02 Mon May 29 15:30:00 2006
- Apply patches from Boris Sukholitko. Adds "Primary As Option" and
"Column Groups" features
0.08_01 Sat May 20 10:00:00 2006
- Fix typo in the sequence detection
- Restructure directory structure
0.08 Sat Mar 11 17:00:00 2006
- Stop using _croak (#18093)
0.07 Thu Jan 26 03:00:00 2006
- work with PostgreSQL 8.1's new sequence display
- pg_version(full_version => 1) gets you the major, minor, micro
version strings
- maintainer changed to Daisuke Maki
0.34 27th March 2008
* Updates to support building with Berkeley DB version 4.7
* Typo in #ifdef for ThreadCount support. Spotted by Mark Hindley
* Updated dbinfo
This is a pure Java (Type IV) JDBC driver for the PostgreSQL
database. It allows Java programs to connect to a PostgreSQL
database using standard, database independent Java code.
The driver provides a reasonably complete implementation of the
JDBC 3 specification in addition to some PostgreSQL specific
extensions.
# Updated Brazilian Portuguese translation. (jurka) Thanks to Euler Taveira de Oliveira.
# fix While the driver currently doesn't support the copy protocol, it needs to understand it enough to ignore it. Now the connection will not be irreparably broken when a COPY request is sent. (jurka) Thanks to Altaf Malik.
# fix The JDBC spec says that when you have two duplicately named columns in a ResultSet, a search by name should return the first one. Previously our code was returning the second match. (jurka) Thanks to Magne Mahre.
This is a pure Java (Type IV) JDBC driver for the PostgreSQL
database. It allows Java programs to connect to a PostgreSQL
database using standard, database independent Java code.
The driver provides a reasonably complete implementation of the
JDBC 3 specification in addition to some PostgreSQL specific
extensions.
module. Hence add a build dependency on time/p5-DateTime-Format-MySQL
package.
- Unbreak build when the package textproc/p5-Data-FormValidator is
not installed: add it as dependency.
Bump PKGREVISION to 1.
Rose::DBx::Garden::Catalyst extends Rose::DBx::Garden to create
Catalyst components that use the RDBO and RHTMLO classes that the
Garden class produces.
By default this class creates stub Template Toolkit files for use
with the RDBO and RHTMLO CRUD components. If you use a different
templating system, just set the tt option to 0.
CatalystX::CRUD provides a simple and generic API for Catalyst CRUD
applications. CatalystX::CRUD is agnostic with regard to data model
and data input, instead providing a common API that different
projects can implement for greater compatability with one another.
The project was born out of a desire to make Rose::HTML::Objects
easy to use with Rose::DB::Object and DBIx::Class ORMs, using the
Catalyst::Controller::Rose project. However, any ORM could implement
the CatalystX::CRUD::Model API, and any form management project
could use the resulting CatalystX::CRUD::Model subclass.
Catalyst Model base class for Rose::DB::Object. This class provides
convenience access to your existing Rose::DB::Object class.
The assumption is one Model class per Rose::DB::Object class.
This is a Catalyst Model for DBIx::Class::Schema-based Models. See the
documentation for Catalyst::Helper::Model::DBIC::Schema and
Catalyst::Helper::Model::DBIC::SchemaLoader for information on
generating these Models via Helper scripts. The latter of the two will
also generated a DBIx::Class::Schema::Loader-based Schema class for you.
ose::DBx::Garden bootstraps Rose::DB::Object and Rose::HTML::Form
based projects. The idea is that you can point the module at a
database and end up with work-able RDBO and Form classes with a
single method call.
Rose::DBx::Garden inherits from Rose::DB::Object::Loader, so all
the magic there is also available here.
This DBIx::Class component resembles the behaviour of Class::DBI::UUID,
to make some columns implicitly created as uuid.
When loaded, UUIDColumns will search for a suitable uuid generation
module from the following list of supported modules:
Data::UUID APR::UUID* UUID Win32::Guidgen Win32API::GUID
If no supporting module can be found, an exception will be thrown.
*APR::UUID will not be loaded under OpenBSD due to an as yet
unidentified XS issue.
DBIx::Class::Schema::Loader automates the definition of a
DBIx::Class::Schema by scanning table schemas and setting up columns and
primary keys.
DBIx::Class::Schema::Loader supports MySQL, Postgres, SQLite and DB2.
See DBIx::Class::Schema::Loader::Generic for more, and
DBIx::Class::Schema::Loader::Writing for notes on writing your own
db-specific subclass for an unsupported db.
This module requires DBIx::Class 0.05 or later, and obsoletes
DBIx::Class::Loader for DBIx::Class version 0.05 and later.
While on the whole, the bare table definitions are fairly straightforward,
relationship creation is somewhat heuristic, especially in the choosing
of relationship types, join types, and relationship names. The relationships
generated by this module will probably never be as well-defined as
hand-generated ones. Because of this, over time a complex project will
probably wish to migrate off of L<DBIx::Class::Schema::Loader>.
It is designed more to get you up and running quickly against an existing
database, or to be effective for simple situations, rather than to be what
you use in the long term for a complex database/project.
DBIx::Class::Loader automates the definition of DBIx::Class
sub-classes by scanning table schemas and setting up columns and
primary keys.
This module is deprecated in favor of DBIx::Class::Schema::Loader
for use with DBIx::Class versions 0.05 and higher. It continues to
function as well as it ever did, even for recent DBIx::Class
releases, and will be maintained for some time to counter bugs,
but it doesn't use the now-preferred DBIx::Class::Schema way of
doing things, and tends to promote bad DBIx::Class usage habits.
This DBIx::Class component can be used to automatically insert a
message digest of selected columns. By default DigestColumns will
use Digest::MD5 to insert a 128-bit hexadecimal message digest of
the column value.
The length of the inserted string will be 32 and it will only
contain characters from this set: '0'..'9' and 'a'..'f'.
If you would like to use a specific digest module to create your
message digest, you can set "digest_algorithm":
This is an SQL to OO mapper, inspired by the Class::DBI framework, and
meant to support compability with it, while restructuring the internals
and making it possible to support some new features like self-joins,
distinct, group bys and more.
This project is still at an early stage, so the maintainers don't make
any absolute promise that full backwards-compatibility will be
supported; however, if we can without compromising the improvements
we're trying to make, we will, and any non-compatible changes will merit
a full justification on the mailing list and a CPAN developer release
for people to test against.
Changes in DBI 1.605 XXX
Make trace level 2 show method entry but not fetched rows, leave that
for trace level 3. So trace level 2 can be used to aid debugging with-
out being flooded by data
1 = return from top level only, no rows
2 = +entry to top level, no rows
3 = +return from nested, no rows
4 = +entry to nested, with rows
Fixed broken DBIS macro with threads on big-endian machines
with 64bit ints but 32bit pointers. Ticket #32309.
Fixed the selectall_arrayref, selectrow_arrayref, and selectrow_array
methods that get embedded into compiled drivers to use the
inner sth handle when passed a $sth instead of an sql string.
Drivers will need to be recompiled to pick up this change.
Fixed leak in neat() for some kinds of values thanks to Rudolf Lippan.
Fixed DBI::PurePerl neat() to behave more like XS neat().
Increased default $DBI::neat_maxlen from 400 to 1000.
Increased timeout on tests to accomodate very slow systems.
Changed behaviour of trace levels 1..4 to show less information
at lower levels.
Changed the format of the key used for $h->{CachedKids}
(which is undocumented so you shouldn't depend on it anyway)
Changed gofer error handling to avoid duplicate error text in errstr.
Clarified docs re ":N" style placeholders.
Improved gofer retry-on-error logic and refactored to aid subclassing.
Improved gofer trace output in assorted ways.
Removed the beeps "\a" from Makefile.PL warnings.
Removed check for PlRPC-modules from Makefile.PL
Added sorting of ParamValues reported by ShowErrorStatement
thanks to to Rudolf Lippan.
Added cache miss trace message to DBD::Gofer transport class.
Added $drh->dbixs_revision method.
Added explicit LICENSE specification (perl) to META.yaml
1.24 2008-07-09
- Ripped out all 1.23 changes
- Re-releasing 1.22 with DBIx::Class as maintainer
1.23 ????-??-??
1) Large patch by Laurent Dami to add all of the
following functionality:
- support for nested subqueries (see the doc for explanations)
- +/- prefixes in C<@order> columns, meaning 'ASC' or 'DESC'
- documentation :
- added an explanation about flexibility of argument types
(passing scalars instead of hashrefs/arrayrefs)
- added an example of a boolean column (through ref to empty
string)
- mentioned that select() can take an arrayref of tables
- added explanation of +/- prefixes in C<@order>
- WHERE section structured into subsections
- new subsection for nested queries
- suppressed the NOTES section about Morgan laws, because
subqueries provide support for compound logic statements.
These changes enable additional functionality in DBIx::DataModel
as well.
2) Patch by Robbie Bow to enable "quote_char" to take
an array ref. This fixes an issue to MS SQL Server,
since it requires that columns and tables be quoted with
surrounding [square brackets]
3) Patch by Norbert BUCHMULLER to enable the use of
the old-school-SQL operator for not-equal ('<>')
could be used for the 'IS NOT NULL' expression:
foo => { '<>' => undef }
This now properly generates:
foo IS NOT NULL
1.22 changes unknown (1.22 changelog empty)
SQL::Translator is a group of Perl modules that converts vendor-specific
SQL table definitions into other formats, such as other vendor-specific
SQL, ER diagrams, documentation (POD and HTML), XML, and Class::DBI
classes. The main focus of SQL::Translator is SQL, but parsers
exist for other structured data formats, including Excel spreadsheets
and arbitrarily delimited text files. Through the separation of
the code into parsers and producers with an object model in between,
it's possible to combine any parser with any producer, to plug in
custom parsers or producers, or to manipulate the parsed data via
the built-in object model. Presently only the definition parts of
SQL are handled (CREATE, ALTER), not the manipulation of data
(INSERT, UPDATE, DELETE).
Sort::SQL is so simple it almost doesn't deserve to be on CPAN.
Takes a scalar string of the SQL ORDER BY syntax and turns it into
an array of key/value pair hashrefs.
- bug #1908719 [interface] New field cannot be auto-increment and
primary key
- [dbi] Incorrect interpretation for some mysqli field flags
- bug #1910621 [display] part 1: do not display a TEXT utf8_bin
as BLOB (fixed for mysqli extension only)
- [interface] sanitize the after_field parameter,
thanks to Norman Hippert
- [structure] do not remove the BINARY attribute in drop-down
- bug #1955386 [session] Overriding session.hash_bits_per_character
- [interface] sanitize the table comments in table print view,
thanks to Norman Hippert
- bug #1939031 Auto_Increment selected for TimeStamp by Default
- patch #1957998 [display] No tilde for InnoDB row counter when
we know it for sure, thanks to Vladyslav Bakayev - dandy76
- bug #1955572 [display] alt text causes duplicated strings
- bug #1762029 [interface] Cannot upload BLOB into existing row
- bug #1981043 [export] HTML in exports getting corrupted,
thanks to Jason Judge - jasonjudge
- bug #1936761 [interface] BINARY not treated as BLOB:
update/delete issues
- protection against XSS when register_globals is on and .htaccess
has no effect, thanks to Tim Starling
- bug #1996943 [export] Firefox 3 and .sql.gz (corrupted);
detect Gecko 1.9, thanks to Juergen Wind
Local change warranting nb1 is to prefix some error messages from
rrdupdate with the name of the file the error relates to, carried
over from nb1 of 1.2.27.
Update loosely OKed by martti@
The announcement of 1.3.0 outlines the changes since 1.2.27:
NEW Fast file access methods (Bernhard Fischer / Tobi Oetiker)
----------------------------
* introduced file-accessor functions rrd_read/rrd_seek/rrd_write
* implemented full mmap-based file access with madvise hints for
improved scalability, much reduced memory-footprint and much less
blocking while accessing the disk
* implemented optional full file-descriptor access instead of FILE*
access
NEW Graphing (Tobi Oetiker)
------------
* libart has been replaced by cairo/pango
* pango markup is supported (--pango-markup)
* full grid fitting
* --graph-render-mode=mono for non anti aliased graphing
* --font-render-mode=mono for non anti aliased fonts
* fonts come through fontconfig, use the Pango font nameing scheme
-> 'Times 20' ... it is not possible to use truetype fonts
directly anymore.
* Tabs are position independent.
* TRENDNAN filter that ignores NAN values while calculating the
TREND data. (Timo Stripf)
* --full-size-mode to specify the outer border of the image and not
just of the graphing canvas (Matthew Chambers)
* TEXTALIGN command to alter default text alignment behavior
* C API in-memory graphing with rrd_graph_v (Evan Miller)
* draw dashed lines in graphs (Thomas Gutzler)
* new interface graphv which returns information using the rrd_info
interface (Tobi Oetiker and Mark Plaksin)
* improved horizontal grid. Have a bit more grid lines and y-axis
labels while keeping them far enough apart to not run into each
other.
NEW Forecasting (Evan Miller)
---------------
* the new MHWPREDICT consolidation function uses a variation of the
Holt-Winters method. It is a drop-in replacement for HWPREDICT,
and is better suited for data whose seasonal variations grow or
shrink in proportion to the average.
* If you create an RRD with the new MHWPREDICT function, the
resulting rrd file will be version 0004 and can only be used in
rrdtool 1.3.
Rewrites
--------
* rrd_restore now uses libxml for parsing which makes things much
more tolerant towards xml variations. The old code could mostly
just parse the XML as it was output by rrdtool dump. See also:
the note at the bottom of this document. (by Florian octo
Forster)
* rrd_update rewritten to make it more modular. Fixed two
longstanding HW bugs in the process (Evan Miller)
Internationalization (Takao Fujiwara and Tobi Oetiker)
--------------------
* The help output by rrdtool has been internationalized. There are
no real translations included with rrdtool yet, contributions are
welcome.
* The internationalization will only be compiled if libintl and
friends are available on your system. Use the configure option
--disable-libintl if you want to disable this feature
Language Bindings
-----------------
* ruby rrd_fetch will return step as a last property -- Mike Perham
RRDtool dump / restore incompatibility
--------------------------------------
* rrdtool dump 1.3 does emit completely legal XML. Basically this
means that it contains an XML header and a DOCTYPE definition.
Unfortunately this causes older versions of rrdtool restore to be
unhappy.
* To restore a new dump with an old rrdtool restore version, either
remove the XML header and the doctype by hand (both on the first
line of the dump) or use rrdtool dump --no-header.
