- feature request: added record_mailbox configuration parameter, to
allow turning off the header getmail adds with this information.
Thanks: Daniel Kahn Gillmor, Osamu Aoki, Josh Triplett.
Changelog v0.5.0.1:
- imap4flags extension: Fix binary corruption occurring when
setflag/addflag/removeflag flag-list is a variable.
- sieve-extprograms plugin: Fix segfault occurring when used in
IMAPSieve context.
This a meta package including Ruby 2.5 full release.
It includes ruby25-base, ruby25-gdbm, ruby25-fiddle and ruby25-readline
package.
No package should depend on this package directly.
Ruby 2.5.0 is the first stable release of the Ruby 2.5 series. It introduces
many new features and performance improvements. The notable changes are as
follows:
o New Features
* rescue/else/ensure are now allowed to be used directly with do/end
blocks. [Feature #12906]
* Add yield_self to yield given block in its context. Unlike tap, it returns
the result of the block. [Feature #6721]
* Support branch coverage and method coverage measurement. The branch coverage
indicates which branches are executed and which are not. The method coverage
indicates which methods are invoked and which are not. By running a test
suite with these new features, you will know which branches and methods are
executed, and evaluate total coverage of the test suite more
strictly. [Feature #13901]
* Hash#slice [Feature #8499] and Hash#transform_keys [Feature #13583]
* Struct.new can create classes that accept keyword arguments. [Feature
#11925]
* Enumerable#any?, all?, none?, and one? accept a pattern argument. [Feature
#11286]
* Top-level constant look-up is no longer available. [Feature #11547]
* One of our most loved libraries, pp.rb, is now automatically loaded. You no
longer have to write require "pp". [Feature #14123]
* Print backtrace and error message in reverse order (oldest call first, most
recent call last). When a long backtrace appears on your terminal (TTY), you
can easily find the cause line at the bottom of the backtrace. Note that the
order is reversed only when the backtrace is printed out to the terminal
directly. [Feature #8661] [experimental]
o Performance improvements
* About 5-10% performance improvement by removing all trace instructions from
overall bytecode (instruction sequences). The trace instruction was added to
support the TracePoint. However, in most cases, TracePoint is not used and
trace instructions are pure overhead. Instead, now we use a dynamic
instrumentation technique. See [Feature #14104] for more details.
* Block passing by a block parameter (e.g. def foo(&b); bar(&b); end) is about
3 times faster than Ruby 2.4 by “Lazy Proc allocation” technique. [Feature
#14045]
* Mutex is rewritten to be smaller and faster. [Feature #13517]
* ERB now generates code from a template twice as fast as Ruby 2.4.
* Improve performance of some built-in methods including Array#concat,
Enumerable#sort_by, String#concat, String#index, Time#+, and more.
* IO.copy_stream uses copy_file_range(2) to copy offload. [Feature #13867]
o Other notable changes since 2.4
* SecureRandom now prefers OS-provided sources over OpenSSL. [Bug #9569]
* Promote cmath, csv, date, dbm, etc, fcntl, fiddle, fileutils, gdbm, ipaddr,
scanf, sdbm, stringio, strscan, webrick, zlib from standard libraries to
default gems.
* Update to Onigmo 6.1.3.
- It adds the absence operator.
- Note that Ruby 2.4.1 also includes this change.
* Update to Psych 3.0.2.
* Update to RubyGems 2.7.3.
* Update to RDoc 6.0.1.
- Switch the lexer from IRB based one to Ripper. This dramatically improves
the performance of document generation.
- Fix a significant amount of bugs that existed over ten years.
- Add support for new Ruby syntax from the latest versions.
* Update supported Unicode version to 10.0.0.
* Thread.report_on_exception is now set to true by default. This change helps
debugging of multi-threaded programs. [Feature #14143]
* IO#write now receives multiple arguments. [Feature #9323]
See NEWS or commit logs for details.
- emailauth: Fix cookie problem when user is on https and the cgiurl
uses http, by making the emailed login link use https.
- passwordauth: Use https for emailed password reset link when user
is on https.
- Remove openid provider icons from login selector, since openid
providers are increasingly not working. Verisign retired theirs, and
aol and yahoo/flickr are not commonly used for openid. Any users who
still clicked those icons to login will need to instead enter their
openid url.
- Updated German basewiki and directives translation from
Sebastian Kuhnert.
Previously a special override header was used via an additional include path,
but this extra include path was not exported to llvm-config so while llvm was
ok, dependencies wouldn't find the header and fail.
Instead just pull the changes directly inline into DataTypes.h so that they
are available everywhere. Fixes the clang build on SunOS. Bump PKGREVISION.
* Use lang/rust-1.23.0
Changelog:
Speculative execution side-channel attack ("Spectre")
Announced
January 4, 2018
Reporter
Jann Horn (Google Project Zero); Microsoft Vunerability Research
Impact
High
Products
Firefox
Fixed in
Firefox 57.0.4
Description
Jann Horn of Google Project Zero Security reported that speculative
execution performed by modern CPUs could leak information through
a timing side-channel attack. Microsoft Vulnerability Research extended
this attack to browser JavaScript engines and demonstrated that code on
a malicious web page could read data from other web sites (violating
the same-origin policy) or private data from the browser itself.
Since this new class of attacks involves measuring precise time intervals,
as a partial, short-term, mitigation we are disabling or reducing
the precision of several time sources in Firefox. The precision of
performance.now() has been reduced from 5us to 20us, and
the SharedArrayBuffer feature has been disabled because it can be
used to construct a high-resolution timer.
SharedArrayBuffer is already disabled in Firefox 52 ESR.
* Disable Solaris/SunOS suppprt for a while
Changelog:
# What's in 1.23.0 stable
New year, new Rust! For our first improvement today, we now avoid
some unnecessary copies in certain situations. We've seen memory
usage of using rustc to drop 5-10% with this change; it may be
different with your programs.
The documentation team has been on a long journey to move rustdoc
to use CommonMark. Previously, rustdoc never guaranteed which
markdown rendering engine it used, but we're finally committing to
CommonMark. As part of this release, we render the documentation
with our previous renderer, Hoedown, but also render it with a
CommonMark compliant renderer, and warn if there are any differences.
There should be a way for you to modify the syntax you use to render
correctly under both; we're not aware of any situations where this
is impossible. Docs team member Guillaume Gomez has written a blog
post showing some common differences and how to solve them. In a
future release, we will switch to using the CommonMark renderer by
default. This warning landed in nightly in May of last year, and
has been on by default since October of last year, so many crates
have already fixed any issues that they've found.
In other documentation news, historically, Cargo's docs have been
a bit strange. Rather than being on doc.rust-lang.org, they've been
at doc.crates.io. With this release, that's changing. You can now
find Cargo's docs at doc.rust-lang.org/cargo. Additionally, they've
been converted to the same format as our other long-form documentation.
We'll be adding a redirect from doc.crates.io to this page, and
you can expect to see more improvements and updates to Cargo's docs
throughout the year.
See the detailed release notes for more.
## Library stabilizations
As of Rust 1.0, a trait named AsciiExt existed to provide ASCII
related functionality on u8, char, [u8], and str. To use it, you'd
write code like this:
use std::ascii::AsciiExt;
let ascii = 'a';
let non_ascii = '❤';
let int_ascii = 97;
assert!(ascii.is_ascii());
assert!(!non_ascii.is_ascii());
assert!(int_ascii.is_ascii());
In Rust 1.23, these methods are now defined directly on those types,
and so you no longer need to import the trait. Thanks to our
stability guarantees, this trait still exists, so if you'd like to
still support Rust versions before Rust 1.23, you can do this:
#[allow(unused_imports)]
use std::ascii::AsciiExt;
...to suppress the related warning. Once you drop support for older
Rusts, you can remove both lines, and everything will continue to
work.
Additionally, a few new APIs were stabilized this release:
The various std::sync::atomic types now implement From their
non-atomic types. For example, let x = AtomicBool::from(true);.
() now implements FromIterator<()>; check the PR for a neat
use-case. RwLock<T> has had its Send restriction lifted
See the detailed release notes for more.
## Cargo features
cargo check can now check your unit tests.
cargo uninstall can now uninstall more than one package in one
command.
Upstream changes:
2.30 Sun Jan 7 22:02:25 CST 2018
No changes since 2.27_03.
2.27_03 Wed Jan 3 17:07:07 CST 2018
[FIXES]
Removed the text-invalid-entity and attr-invalid-entity, which were
for entities that had an invalid numeric value, anything greater
than 𐀀. There is no longer a restriction on the numeric values
of HTML entities. (GH#60)
2.27_02 Wed Dec 27 11:46:28 CST 2017
There are be no functionality changes since 2.27_01.
[INTERNALS]
Many Perl::Critic cleanups.
2.27_01 Fri Dec 22 15:54:32 CST 2017
[ENHANCEMENTS]
Adds checking of entities in attributes, not just text. Thanks,
Klaus S. Madsen.
[FIXES]
Calling ->parsefile() would generate an error. Thanks, Shlomi
Fish. (GH#58)
[INTERNALS]
Prepare for perl 5.26.0 which removes '.' from @INC. Thanks,
Jim Keenan.
Fix disttest target. Thanks, Shlomi Fish.
