ChangeLog:
3.14.0
This release includes fixes for the JSONDOC, Liquid, Magik and TOML
lexers as well as the addition of the NES Assembly and Slice lexers.
3.13.0
This release includes a fix for the BPF lexer and the Q lexer and
the addition of the TTCN-3 lexer.
3.12.0
This release includes a handful of fixes (one for the Embedded
Elixir lexer and a couple for Rouge itself) and the addition of the
Minizinc lexer.
3.11.1
This is a small update that provides a fix for the Perl lexer.
3.11.0
This release includes some fixes for existing lexers and support
for three new languages.
3.10.0
This release includes a couple of fixes and support for five new
languages.
3.9.0
This release includes fixes for a number of lexers and support for
three new languages.
3.8.0
This release includes continued improvements to the library, fixes
for a number of lexers and support for seven new languages.
3.7.0
This release includes continued improvements to the library, fixes
for a number of lexers and support for eight new languages.
3.6.0
This release includes continued improvements to the library, fixes
for a number of lexers and—like v3.5.0—support for three new
languages.
3.5.1
This release fixes a bug in the PowerShell lexer that was affecting
some users.
3.5.0
This release includes continued improvements to the library, fixes
for a number of lexers and support for three new languages.
3.4.1
Version 3.4.0 mistakenly included a breaking change. For some
consumers of the library, this could cause Rouge to crash. This
release reverts the behaviour to be consistent with version 3.3.0.
3.4.0
We are sorry to say that v3.4.0 contains a breaking change that can
cause Rouge to crash for some users. Please use v3.4.1 instead.
From upstream's changelog:
1.1.9.2:
Bug Fixes
Fix CSRF not being checked in collection-edit.php
Other Changes
use foreach() instead of deprecated each()
1.1.9.1:
Bug Fixes
Corrects reflected cross-site scripting (XSS) vulnerability
Corrects persistent XSS vulnerability in user/group/resource details
Corrects persistent XSS vulnerability in user/group/resource list
Adds token to address cross-site request forgery (CSRF) vulnerability
Corrects syntax error in name of collection_id
Make calquery aware of default timezone
Corrections to range-based calendar queries
Add missing 'break' to rrule.php
Other Changes
Updated PHP version requirement
Changelog picked from https://github.com/nifty-site-manager/nsm/releases:
Nift (aka nsm) v1.24
Release Notes:
* fixed bugs with content/page/script extensions and mv/cp/rm
aka move/copy/del
* updated/moved removePath to remove_path and remove_file and
now removes now-empty directories
* added in ^ option for @script syntax in template language
for not making a backup copy
* added in backupScripts to config files
* added Nift commands track-dir, untrack-dir, rm-dir,
track-from-file, untrack-from-file, rm-from-file (note when
removing large volumes of pages using rm-from-file can cause
significant machine lags while running and not long after)
* added Nift commands watch, unwatch, info-watching
* got rid of pre/post build-all and build-updated scripts,
costs too much time and not really needed
* added pre/post build scripts to page dependencies
2.0.0:
- Removed support for older Python versions. On Python 2, meld3 now
requires Python 2.7. On Python 3, meld3 now requires Python 3.4 or later.
- Added Python 3.7 classifier to ``setup.py``. No code changes were
needed for Python 3.7 compatibility.
1.4.1:
* Fix regression, make the library work on Python 3.5 and 3.6 again.
1.4.0:
* Distinguish an empty password in URL from a password not provided at all
* Fixed annotations for optional parameters of ``URL.build``
* Use None as default value of ``user`` parameter of ``URL.build``
* Enforce building C Accelerated modules when installing from source tarball, use
``YARL_NO_EXTENSIONS`` environment variable for falling back to (slower) Pure Python
implementation
* Drop Python 3.5 support
* Fix quoting of plus in path by pure python version
* Don't create a new URL if fragment is unchanged
* Included in error msg the path that produces starting slash forbidden error
* Skip slow IDNA encoding for ASCII-only strings
Changelog picked from https://github.com/nifty-site-manager/nsm/releases:
Nift (aka nsm) v1.23
Release Notes:
fixed Windows bugs and tidied up with pre/post build/serve scripts and @script, @scriptoutput, @scriptraw
fixed indenting inside pre blocks with methods to input from file
added allowing quoted string variable names with whitespace and open brackets
improved filenames for temporary files
added syntax @\n to template language
added in syntax for Nift comments to template language:
<@-- .. --@> (raw multi line comment)
@/* .. @*/ (parsed multi line comment)
@--- .. @--- (parsed special multi line comment)
@# (raw single line comment)
@// (parsed single line comment)
@!\n (parsed special single line comment)
Nift (aka nsm) v1.22
Release Notes:
added in scriptExt to config files, better way to do pre/post build/serve scripts
added command new-script-ext (page-name) scriptExt
changed/improved how pre/post build/serve scripts are done
hopefully fixed bugs with @script, @scriptoutput, @scriptraw functions
added optional parameter string parameter to @script, @scriptoutput, @scriptraw functions
updated Nift info commands with additional page information
added pageinfo syntax @pagecontentext, @pagepageext, @pagescriptext to template language
added siteinfo syntax @scriptext to template language
added in buildThreads to config files
added command no-build-thrds (no-threads)
pkgsrc changes:
- Fixed building with wayland libs installed
Security fixes:
- CVE-2019-17008: Use-after-free in worker destruction
- CVE-2019-13722: Stack corruption due to incorrect number of arguments in WebRTC code
- CVE-2019-11745: Out of bounds write in NSS when encrypting with a block cipher
- CVE-2019-17009: Updater temporary files accessible to unprivileged processes
- CVE-2019-17010: Use-after-free when performing device orientation checks
- CVE-2019-17005: Buffer overflow in plain text serializer
- CVE-2019-17011: Use-after-free when retrieving a document in antitracking
- CVE-2019-17012: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
BUGFIXES
Fix max length check and limit in multiple repo forms (#9148) (#9204)
Properly fix displaying virtual session provider in admin panel (#9137) (#9203)
Upgrade levelqueue to 0.1.0 (#9192) (#9199)
Fix panic when diff (#9187) (#9193)
Smtp logger configuration sendTos should be an array (#9154) (#9157)
Always Show Password Field on Link Account Sign-in Page (#9150)
Create PR on Current Repository by Default (#8670) (#9141)
Fix race on indexer (#9136) (#9139)
Fix reCAPTCHA URL (#9119)
Hide migrated credentials (#9098)
Update golang.org/x/crypto vendor to use acme v2 (#9056) (#9085)
Fix password checks on admin create/edit user (#9076) (#9081)
Fix add search as a reserved username (#9063) (#9065)
Fix permission checks for close/reopen from commit (#8875) (#9033)
Ensure Written is set in GZIP ProxyResponseWriter (#9018) (#9025)
Fix broken link to branch from issue list (#9003) (#9021)
Fix wrong system notice when repository is empty (#9020)
Shadow password correctly for session config (#8984) (#9002)
* Remove oss option. Its patch is not usable for 71.0.
Changelog:
New
Improvements to Lockwise, our integrated password manager:
Firefox now recognizes subdomains and will autofill domain logins from Lockwise
Integrated breach alerts from Firefox Monitor are now available to users with screen readers
More information about Enhanced Tracking Protection in action:
Notifications when Firefox blocks cryptominers
A running tally of blocked trackers in the protection panel accessed by clicking the address bar shield
Picture-in-picture video comes to Firefox for Windows: Select the blue icon from the right edge of a video to pop open a floating window so you can keep watching while working in other tabs. Learn how the feature works.
Native MP3 decoding on Windows, Linux, and macOS
Security fixes:
Not available yet.
2.2.8:
* CVE-2019-19118: Privilege escalation in the Django admin.
* Fixed a data loss possibility in the admin changelist view when a custom formset’s prefix contains regular expression special characters, e.g. ‘$’.
* Fixed a regression in Django 2.2.1 that caused a crash when migrating permissions for proxy models with a multiple database setup if the default entry was empty.
* Fixed a data loss possibility in the select_for_update(). When using 'self' in the of argument with multi-table inheritance, a parent model was locked instead of the queryset’s model
Changelog picked from https://github.com/nifty-site-manager/nsm/releases:
Nift (aka nsm) v1.21
Release Notes:
removed trailing '/' or '\' from @contentdir and @sitedir output
fixed bugs with @contentdir, @sitedir, @contentext syntax
fixed indenting when parsing parameters
added more error handling with Nift commands new-[cont/page]-ext
added file input syntax @RawContent, @inputraw, @scriptraw, @systemraw to template language
added user input syntax @userin, @userfilein to template language
6.43 2019-11-26 13:54:43Z
- Continue trying different Authentication challenge schemes if
credentials are wrong (Roman Galeev, Julien Fiegehenn)
6.42 2019-11-20 17:40:52Z
- Add retry handling for a stale nonce with digest authentication (marmotil
and Frank Maas) (GH#40, GH#313, GH#321)
- Add the patch method to LWP::UserAgent. (GH#334) (Chase Whitener)
- Fix docs to match keep_alive => undef behavior, add some trivial tests
(GH#333) (Ville Skyttä)
- Documentation grammar fixes (GH#331) (Ville Skyttä)
6.41 2019-10-28 14:42:06Z
- Allow mirroring to files called '0' (GH#329) (Mark Fowler)
6.40 2019-10-24 12:55:45Z
- Let Digest authentication act on nonce expiry (GH#313) (Frank Maas)
- Make file arg for mirror mandatory #304 (GH#326) (Julien Fiegehenn)
- Doc fix: fields starting with ":" have to be quoted (GH#324) (Slaven
Rezić)
- Fix documentation for removing all handlers (GH#319) (leedo)
- Ensure proper version of Dist::Zilla::Plugin::MakeMaker::Awesome
- Add TravisCI testing for Perl v5.30
- Clean up .perltidyrc
0.58 2019-09-30
* Made the tests pass on IPv6 enabled systems
Uncovered by making Test::HTTP::LocalServer work on IPv6 enabled systems.
* Test-only improvements, no need to upgrade
0.026 2019-10-08T12:00:22
- Workaround for another timeout exception (Stanislaw Pusep)
- Dist::Zilla maintenance (Stanislaw Pusep)
- CURLOPT_HTTP_VERSION: eval and CURL_HTTP_VERSION_3 (Nick Kostyria)
- CURLOPT_HTTP_VERSION: re updated (Nick Kostyria)
- CURLOPT_HTTP_VERSION (Nick Kostyria)
0.025 2019-07-15T11:27:30
- Failing test fixes (Stanislaw Pusep)
0.024 2019-07-12T12:22:28
- PUT test should no longer fail (Stanislaw Pusep)
- die() is still OK (Stanislaw Pusep)
- Regenerated README (Stanislaw Pusep)
- Updated libcurl symbols (Stanislaw Pusep)
- A less exotic URL for redirect test (Stanislaw Pusep)
- Not every installation of Net::Curl does support select() polling
(Stanislaw Pusep)
- Add and populate META files with MetaJSON and MetaProvides::Package
(José Joaquín Atria)
6.07 2019-11-15 18:11:42Z
- Fix t/issue32.t on old perl versions (GH#59) (Bernhard M. Wiedemann)
6.06 2019-11-12 14:28:31Z
- Make test pass in 2025 (GH#56) (Bernhard M. Wiedemann)
2.4.0:
* Adds CI testing against and support for Python 3.8.
* Adds support for ``raw_path`` in ASGI scope.
* Ensures an error response is sent to the client if the application sends
malformed headers.
* Resolves an asyncio + multiprocessing problem when testing that would cause
the test suite to fail/hang on macOS.
* Requires installing Twisted's TLS extras, via ``install_requires``.
* Adds missing LICENSE to distribution.
8.1
Added compatibility with Python 3.8.
8.0.2
Restored the ability to pass a socket with the sock parameter of :func:`~server.serve`.
Removed an incorrect assertion when a connection drops.
8.0.1
Restored the ability to import WebSocketProtocolError from websockets.
8.0
Warning
Version 8.0 drops compatibility with Python 3.4 and 3.5.
Note
Version 8.0 expects process_request to be a coroutine.
Previously, it could be a function or a coroutine.
If you're passing a process_request argument to :func:`~server.serve` or :class:`~server.WebSocketServerProtocol`, or if you're overriding :meth:`~protocol.WebSocketServerProtocol.process_request` in a subclass, define it with async def instead of def.
For backwards compatibility, functions are still mostly supported, but mixing functions and coroutines won't work in some inheritance scenarios.
Note
Version 8.0 changes the behavior of the max_queue parameter.
If you were setting max_queue=0 to make the queue of incoming messages unbounded, change it to max_queue=None.
Note
Version 8.0 deprecates the host , port , and secure attributes of :class:`~protocol.WebSocketCommonProtocol`.
Use :attr:`~protocol.WebSocketCommonProtocol.local_address` in servers and :attr:`~protocol.WebSocketCommonProtocol.remote_address` in clients instead of host and port.
Note
Version 8.0 renames the WebSocketProtocolError exception to :exc:`ProtocolError` .
A WebSocketProtocolError alias provides backwards compatibility.
Note
Version 8.0 adds the reason phrase to the return type of the low-level API :func:`~http.read_response` .
Also:
:meth:`~protocol.WebSocketCommonProtocol.send`, :meth:`~protocol.WebSocketCommonProtocol.ping`, and :meth:`~protocol.WebSocketCommonProtocol.pong` support bytes-like types :class:`bytearray` and :class:`memoryview` in addition to :class:`bytes`.
Added :exc:`~exceptions.ConnectionClosedOK` and :exc:`~exceptions.ConnectionClosedError` subclasses of :exc:`~exceptions.ConnectionClosed` to tell apart normal connection termination from errors.
Added :func:`~auth.basic_auth_protocol_factory` to enforce HTTP Basic Auth on the server side.
:func:`~client.connect` handles redirects from the server during the handshake.
:func:`~client.connect` supports overriding host and port.
Added :func:`~client.unix_connect` for connecting to Unix sockets.
Improved support for sending fragmented messages by accepting asynchronous iterators in :meth:`~protocol.WebSocketCommonProtocol.send`.
Prevented spurious log messages about :exc:`~exceptions.ConnectionClosed` exceptions in keepalive ping task. If you were using ping_timeout=None as a workaround, you can remove it.
Changed :meth:`WebSocketServer.close() <server.WebSocketServer.close>` to perform a proper closing handshake instead of failing the connection.
Avoided a crash when a extra_headers callable returns None.
Improved error messages when HTTP parsing fails.
Enabled readline in the interactive client.
Added type hints (PEP 484).
Added a FAQ to the documentation.
Added documentation for extensions.
Documented how to optimize memory usage.
Improved API documentation.
Changelog picked from https://github.com/nifty-site-manager/nsm/releases:
Nift (aka nsm) v1.20
Release Notes:
made template language available with input parameters
added paginfo syntax @pagename, @pagepath, @contentpath, @templatepath to template language
added siteinfo syntax @contentdir, @sitedir, @contentext, @pageext, @defaulttemplate to template language
fixed indenting bugs
fixed os_mtx functionality
added optional sleepTime parameter for Nift serve command
Nift (aka nsm) v1.19
Release Notes:
added more error handling
added string variables
added rootBranch and siteBranch to config files
changed/improved/finalised how pre/post build/serve scripts are done
fixed @script[output] and @System[output/content]
added pre/post build-[all/updated] script support
Nift (aka nsm) v1.18
Release Notes:
added FileSystem.[h/cpp] to the project
added cpDir function to FileSystem.[h/cpp]
renamed trash to ret_val and handle more errors
fixed numerous minor bugs
Nift (aka nsm) v1.17
Release Notes:
changed std::endl to "\n" when writing to file, 20% improvement in build-all time on some machines, no improvement on others
changed pages set to pointer in PageBuilder.h, significantly less memory consumption
added/improved Nift commands new-template, new-site-dir, new-cont-dir, new-cont-ext, new-page-ext
added @systemcontent(sys-call) syntax to template language
fixed bug with @System, @systemoutput, @script, @scriptoutput syntax
Nift (aka nsm) v1.16
Release Notes:
improved multithreading
added @inputhead syntax to the template language
fixed read_sys_call and read_path
improved new-page-ext
Nift (aka nsm) v1.15
Release Notes:
added non-default page extension support
added @dep syntax to the template language
Haunt is a static site generator written in Guile Scheme.
Haunt features a functional build system and an extensible
interface for reading articles in any format.
Haunt is a static site generator written in Guile Scheme.
Haunt features a functional build system and an extensible
interface for reading articles in any format.
20.0.3:
- fixed load of a config file without a Python extension
- fixed `socketfromfd.fromfd` when defaults are not set
we now warn when we load a config file without Python Extension
20.0.2:
fix changelog
20.0.1:
fixed the way the config module is loaded. __file__ is now available
fixed wsgi.input_terminated. It is always true.
use the highest protocol version of openssl by default
only support Python >= 3.5
added __repr__ method to Config instance
fixed support of AIX platform and musl libc in socketfromfd.fromfd function
fixed support of applications loaded from a factory function
fixed chunked encoding support to prevent any request smuggling
Capture os.sendfile before patching in gevent and eventlet workers. fix RecursionError.
removed locking in reloader when adding new files
load the WSGI application before the loader to pick up all files
