AUTOFIX: Makefile:58: Replacing "${PKGSRC_COMPILER} == \"sunpro\"" with "${PKGSRC_COMPILER:Msunpro}".
The PKGSRC_COMPILER can be a list of chained compilers, e.g. "ccache
distcc clang". Therefore, comparing it using == or != leads to wrong
results in these cases.
setup.py is invoked internally hardcoding `--optimize 2' that leads to PLIST
mismatches when Python 3 is used. Substitute it to `--optimize 1' to be
consistent with other Python packages.
Thanks to <martin> for spotting this problem and testing this patch!
nghttp2 v1.40.0
lib: Add nghttp2_check_authority as public API (GH-1413)
lib: Fix the bug that stream is closed with wrong error code (GH-1408)
lib: Faster huffman encoding and decoding (GH-1405)
build: Avoid filename collision of static and dynamic lib (Patch from William A Rowe Jr) (GH-1394)
build: Add new flag ENABLE_STATIC_CRT for Windows (Patch from William A Rowe Jr) (GH-1393)
build: cmake: Support building nghttpx with systemd (Patch from Andrew Penkrat) (GH-1377)
third-party: Update neverbleed to fix memory leak
nghttpx: Fix bug that mruby is incorrectly shared between backends (GH-1392)
nghttpx: Reconnect h1 backend if it lost connection before sending headers
nghttpx: Returns 408 if backend timed out before sending headers
nghttpx: Fix request stall (GH-1378)
Changes with nginx 1.17.6:
*) Feature: the $proxy_protocol_server_addr and
$proxy_protocol_server_port variables.
*) Feature: the "limit_conn_dry_run" directive.
*) Feature: the $limit_req_status and $limit_conn_status variables.
Upstream changes:
Moodle 3.8 release notes
Releases > Moodle 3.8 release notes
Release date: 18 November 2019
Here is the full list of fixed issues in 3.8.
If you are upgrading from a previous version, please see Upgrading in the user docs.
Contents
1 Server requirements
1.1 Database requirements
2 Client requirements
2.1 Browser support
3 Major features
3.1 Analytics
3.2 H5P integration
3.3 Forum summary report
3.4 Forum export
3.5 Forum grading
3.6 Forum UI improvements
3.7 Assignment
3.8 Question bank
3.9 Course relative dates (experimental)
3.10 Course overview
3.11 Emojis
3.12 Usability improvements
4 Other highlights
4.1 Functional changes
4.2 For administrators
5 For developers
5.1 Web services additions and updates
5.2 Component API upgrades
6 See also
Server requirements
These are just the minimum supported versions. We recommend keeping all of your software and operating systems up-to-date.
Moodle upgrade: Moodle 3.2 or later
PHP version: minimum PHP 7.1.0 Note: minimum PHP version has increased since Moodle 3.6. PHP 7.2.x and 7.3.x are supported too. PHP 7.x could have some engine limitations.
PHP extension intl is required since Moodle 3.4 (it was recommended in 2.0 onwards)
Database requirements
Moodle supports the following database servers. Again, version numbers are just the minimum supported version. We recommend running the latest stable version of any software.
Database Minimum version Recommended
PostgreSQL 9.4 Latest
MySQL 5.6 Latest
MariaDB 5.5.31 Latest
Microsoft SQL Server 2012 (increased since Moodle 3.7) Latest
Oracle Database 11.2 Latest
Client requirements
Browser support
Moodle is compatible with any standards compliant web browser. We regularly test Moodle with the following browsers:
Desktop:
Chrome
Firefox
Safari
Edge
Internet Explorer
Mobile:
MobileSafari
Google Chrome
For the best experience and optimum security, we recommend that you keep your browser up to date.
Note: Legacy browsers with known compatibility issues with Moodle 3.8:
Internet Explorer 10 and below
Safari 7 and below
Major features
Analytics
MDL-64739 - Analytics models may be restricted to category or course contexts
MDL-65588 - Insights about students who have not logged in recently
MDL-65562 - Report on the actions executed by users on predictions
MDL-65633 - Allow targets to limit the analysis interval to a specific interface or parent class.
MDL-66234 - Extra garbage collection for analytics
MDL-66254 - Require enrolments to be active for most of the analysis interval
MDL-62191 - Add bulk actions for analytics' insights
MDL-66536 - Insight notifications improvements
MDL-60949 - Analytics models should be sorted by name and not last modified
MDL-66004 - Allow the Python machine learning backend to run from a separate server
MDL-58992 - Add multi-class capabilities to prediction processors
MDL-65585 - Global on/off switch for analytics
H5P integration
MDL-66388 - Create a new button in Atto to add H5P content in anywhere from hp5.com and h5p.org external URLs
MDL-66398 - Improve H5P filter to allow internal H5P content URLs
MDL-66593 - Implement backup and restore process for H5P content
MDL-67059 - Add Admin UI to manually upload H5P content-type libraries
MDL-67057 - Create a capability to update H5P content-type libraries
MDL-67058 - Create a task to install H5P content-type libraries
MDL-66609 - Create the basic skeleton, library and interfaces for rendering H5P content
MDL-66399 - Improve H5P Atto button to upload content
MDL-66397 - Create a new filter to convert h5p.com and h5p.org URLs to embed code
Forum summary report
MDL-66153 - Forum report: Basic skeleton
MDL-66298 - Forum summary report option to message selected users
MDL-66268 - Groups filter in forum summary report
MDL-66373 - Dates filter in forum summary report
MDL-66297 - Link forum summary report to export of each user's post content
MDL-66694 - Add columns for word count and character count to the forum summary report
MDL-66768 - Add the ability to download the forum summary report
Forum export
MDL-66075 - Forum export functionality
MDL-66631 - Dates filter in forum export
MDL-66808 - Forum export options for human-readable dates and removing HTML
Forum grading
MDL-66074 - Create forum grading interface
MDL-66358 - Display grading form in the grading panel
MDL-66365 - Add a button to display the entire discussion for a post being graded
MDL-67116 - Make 'require grade' an activity completion criterion for the forum
MDL-66381 - Forum grading user search
MDL-66360 - Forum grading option to send notification to student
MDL-66906 - Forum view grades option for students
MDL-66359 - Support restricting the user list to a specific group
Forum UI improvements
MDL-66477 - Create settings side drawer for new discussion view
MDL-64821 - Create new discussion view for forum
MDL-66481 - Update display of discussion in discussion list table
MDL-65129 - Search starred discussions only option in forum advanced search
Assignment
MDL-63349 - Assignment: Annotate PDF - Rotate submitted image automatically
MDL-66537 - Annotate PDF - Right-to-left UI - The rotate buttons order is confusing
MDL-63878 - Enable the saving and printing of annotated PDFs from previous attempts
MDL-64811 - Assignment: Add warning about students falling into Default group if group submissions are enabled but not required
MDL-65797 - Performance improvements for user / group overrides for mod assign
Question bank
MDL-66553 - Display ID number and tags in the question bank UI
MDL-66816 - Question bank: replace the row of edit icons with an Edit menu
MDL-67153 - Allow question types to add extra actions to the Question bank edit menu
Course relative dates (experimental)
MDL-66147 - Assignment due date relative to the student course start date
MDL-66144 - Weeks format relative dates
MDL-66143 - Course relative dates mode setting
MDL-66148 - Option to override the assignment due date in a relative dates course
Course overview
MDL-64901 - block_myoverview: Add admin setting to control the available layouts
MDL-66016 - An admin can set which filters are available for users to select in their Dashboard course overview
MDL-66017 - An admin can specify a course custom field as a filter for users to select in their Dashboard course overview
MDL-63612 - Course card pattern colours may be specified by an admin
MDL-65621 - Courses with course visibility set to hide should be labelled 'Hidden from students' in the course overview
MDL-64860 - block_myoverview: Improve pagination widget
MDL-64094 - Change 'Hidden' to 'Removed from view' in the course overview
Emojis
MDL-65896 - Add emojis to messaging
MDL-46779 - Atto should support full emoji
Usability improvements
MDL-34498 - Session Timeout alert
MDL-61043 - Provide a more consistent and better way of selecting and deselecting all items in a list
MDL-48610 - Show alphabet filter in grader report even when there are less than 100 users
MDL-38555 - Forms do not prevent same data submission multiple times
MDL-59639 - Browser back button should work as expected in the administration menu with Boost theme
MDL-57208 - Let users set their default homepage
MDL-66178 - Participants list - Filter users with no roles
MDL-65671 - Calendar view selector enables users to switch between month, day and upcoming events
MDL-66563 - Improve drag and drop question accessibility in high-contrast mode
MDL-64032 - The UI for setting enrolment end date/duration should be consistent
MDL-65406 - Boost Theme accessibility: Nav drawer should be marked up as list
MDL-65915 - Better progress display while re-grading quiz attempts
MDL-67048 - Drag and drop upload progressbar invert inner and outer
Other highlights
Functional changes
MDL-64745 - Administrative setting to show/not show "hide" feature in online users block
MDL-62835 - The description should be displayed when viewing a Book, Lesson or IMS content package
MDL-66496 - Option to include author information when importing entries into a database activity
MDL-66740 - Make "course request" capability category context instead of system context
MDL-65093 - Users should be informed that they can't block a user who has permission to message all users
MDL-64002 - Add send message buffering
MDL-66226 - Show plain text in Messages summary pane
MDL-61649 - Several core emails provide only text format
MDL-35773 - Include files option in backup settings
MDL-63453 - VideoJS upgrade to 7.6.5 including HTTP Live Streaming (HLS) and Dynamic Adaptive Streaming over HTTP (MPEG-DASH) support
MDL-56549 - Add support for FLAC files
MDL-62836 - Make awarding badges groups/groupings compliant
MDL-60916 - Global Search: Replace course search form with global search
MDL-64438 - Display course category in course related block
MDL-66326 - Global search: Delete from search index when courses are deleted
MDL-65183 - block_timeline can cause JSON parse error on dashboard when activities are saved with newline characters
MDL-66612 - Calendar course event icon is different from course icon
MDL-66775 - Add new Mobile setting for forcing a minimum app version to access the site
MDL-66375 - Option to disable the "Forgotten password" feature in the app
MDL-66753 - The People block is no longer needed and should be removed from core
For administrators
MDL-66034 - Log role changes in more detail
MDL-66570 - Allow disabling of cron output when capturing logs
MDL-61804 - Let the admin control if lists of courses should be pre-sorted by visibility or not
MDL-66133 - Let the administrator configure which user filters are shown by default
MDL-63643 - Add ability to search/filter users by Last IP Address
MDL-66119 - Disable GUI plugin uninstalls (eg $CFG->uninstallclionly similar to $CFG->disableupdateautodeploy)
MDL-65201 - Automated backup course ordering
MDL-65404 - Add column for enrol start dates to Upload users CSV
MDL-40669 - Upload users via text file should include the optional user field 'disable notifications'
MDL-66705 - Add an example csv file for bulk uploading of users
MDL-59470 - Option to duplicate a user tour
MDL-65622 - Add a new event when a grade item has been created
MDL-65369 - Include changed course settings in course_updated event
MDL-65492 - Cache admin UI: make it easy re-purge the cache you just purged
MDL-63127 - Redis Cache: implement compression
MDL-66428 - Allow Redis cache to use PHP extension Zstd
MDL-46317 - Private files space setting should use MB not Bytes
MDL-7339 - Change 'Open to Google' setting to 'Open to search engines'
MDL-65208 - Add cli upgrade option to test if an upgrade is required
MDL-58439 - Admin pages login as guest and then throw Access denied error (should prompt for login) require_admin()
For developers
MDL-66675 - New $CFG->behat_pause_on_fail option added
MDL-46267 - The $CFG->httpswwwroot was removed
MDL-66335 - New steps to navigate straight to any plugin web page. Plugins must implement their own resolver between page types and URLs.
MDL-65349 - Profiling included and excluded URLs now are matched from start. Some adjustments may be needed.
MDL-66633 - Quiz: quiz attempt API should let you create an attempt for a different user
MDL-66709 - Components other than activity modules should be able to backup and restore question attempt data
MDL-66754 - Question engine: report methods should not require a list of slots
MDL-62497 - Add a new transpilation tool for ES6
MDL-50346 - Remove the restriction to forbid subdirectories in the templates directory
MDL-66327 - $DB->get_records uses a lot of Peak RAM (with Postgres)
MDL-66173 - Add hooks to extend all forms with /login/
MDL-66367 - Caching of templates should use a new templaterev variable
MDL-66304 - Allow support for xsendfile in alternative_file_system_class independently of local files
MDL-66166 - Improve the moodlebot user agent and expose a function for plugins to use
MDL-65646 - Move dependencies and subplugins to JSON
MDL-55751 - Remove the CSS chunker from Moodle
MDL-65438 - Allow themes to alter the core css url's
MDL-65747 - Removed unused Pear_Crypt_CHAP library
Web services additions and updates
MDL-65794 - Make some web service calls idempotent over http GET
MDL-67043 - Web service to enable H5P offline access in the Moodle app
MDL-64254 - New Web Services for updating a forum post (or a discussion topic post)
MDL-65017 - New web service to delete forum posts
MDL-64588 - New web services for adding and deleting comments
MDL-66376 - Enforce app security by using tokenpluginfile.php instead webservice/pluginfile.php
MDL-65400 - Blocks Web Services (for course and dashboard) should return the block settings
Component API upgrades
admin/upgrade.txt
analytics/upgrade.txt
blocks/recentlyaccessedcourses/upgrade.txt
blocks/starredcourses/upgrade.txt
blocks/upgrade.txt
cache/upgrade.txt
calendar/upgrade.txt
comment/upgrade.txt
course/format/upgrade.txt
course/upgrade.txt
customfield/field/upgrade.txt
enrol/ldap/upgrade.txt
enrol/upgrade.txt
lib/mlbackend/php/upgrade.txt
lib/mlbackend/python/upgrade.txt
lib/upgrade.txt
media/upgrade.txt
message/upgrade.txt
mod/assign/upgrade.txt
mod/book/upgrade.txt
mod/feedback/upgrade.txt
mod/forum/upgrade.txt
mod/glossary/upgrade.txt
mod/lti/upgrade.txt
mod/quiz/report/upgrade.txt
mod/upgrade.txt
mod/wiki/upgrade.txt
mod/workshop/upgrade.txt
question/type/upgrade.txt
question/upgrade.txt
search/upgrade.txt
theme/upgrade.txt
webservice/upgrade.txt
1.95 2019-10-28 13:07:45Z
[FIXED]
- die if submit_form() called with invalid form_id (GH#287) (Olaf Alders)
1.94 2019-10-10 13:12:28Z
[FIXED]
- Issue #182: Don't autocheck for mech-dump so basic auth works (GH#285)
(Julien Fiegehenn)
[DOCUMENTATION]
- Fix pod error reported by CPANTS. (GH#284) (Mohammad S Anwar)
1.93 2019-10-04 21:06:49Z
[FIXED]
- Allow images to not have a src attribute (GH#282) (Julien Fiegehenn)
[DOCUMENTATION]
- Pod fixes. (GH#283) (Mohammad S Anwar)
1.92 2019-08-24 01:00:35Z
[FIXED]
- Test requires HTTP::Daemon 6.05+ and uses 127.0.0.1 or [::1] according to
server's sockdomain (GH#280) (Shoichi Kaji)
- Install LWP::Protocol::https and fix xt/author/live/encoding.t (GH#277)
(Shoichi Kaji)
- Set dist trusty for old Perls on Travis (GH#279) (Shoichi Kaji)
- Fixed pod errors as reported by CPANTS. (GH#273) (Mohammad S Anwar)
[DOCUMENTATION]
- Document that follow_link will die on failure with autocheck enabled (GH#271) (Olaf Alders)
[TESTS]
- Add a test for finding a link in a meta refresh tag (GH#275) (Olaf Alders)
6.19 2019-05-16 19:16:59Z
- partially skip live-https.t if there's no keep-alive connection (GH#58) (Slaven Rezić)
- set "x_static_install" : 1 in META files
20.0:
- Fixed `fdopen` `RuntimeWarning` in Python 3.8
- Added check and exception for str type on value in Response process_headers method.
- Ensure WSGI header value is string before conducting regex search on it.
- Added pypy3 to list of tested environments
- Grouped `StopIteration` and `KeyboardInterrupt` exceptions with same body together in Arbiter.run()
- Added `setproctitle` module to `extras_require` in setup.py
- Avoid unnecessary chown of temporary files
- Logging: Handle auth type case insensitively
- Removed `util.import_module`
- Removed fallback for `types.SimpleNamespace` in tests utils
- Use `SourceFileLoader` instead instead of `execfile_`
- Use `importlib` instead of `__import__` and eval`
- Fixed eventlet patching
- Added optional `datadog <https://www.datadoghq.com>`_ tags for statsd metrics
- Header values now are encoded using latin-1, not ascii.
- Rewritten `parse_address` util added test
- Removed redundant super() arguments
- Simplify `futures` import in gthread module
- Fixed worker_connections` setting to also affects the Gthread worker type
- Fixed setting max_requests
- Bump minimum Eventlet and Gevent versions to 0.24 and 1.4
- Use Python default SSL cipher list by default
- handle `wsgi.input_terminated` extension
- Simplify Paste Deployment documentation
- Fix root logging: root and logger are same level.
- Fixed typo in ssl_version documentation
- Documented systemd deployement unit examples
- Added systemd sd_notify support
- Fixed typo in gthread.py
- Added `tornado <https://www.tornadoweb.org/>`_ 5 and 6 support
- Declare our setuptools dependency
- Added support to `--bind` to open file descriptors
- Document how to serve WSGI app modules from Gunicorn
- Provide guidance on X-Forwarded-For access log in documentation
- Add support for named constants in the `--ssl-version` flag
- Clarify log format usage of header & environment in documentation
- Fixed systemd documentation to properly setup gunicorn unix socket
- Prevent removal unix socket for reuse_port
- Fix `ResourceWarning` when reading a Python config module
- Remove unnecessary call to dict keys method
- Support str and bytes for UNIX socket addresses
- fixed `InotifyReloadeder`: handle `module.__file__` is None
- `/dev/shm` as a convenient alternative to making your own tmpfs mount in fchmod FAQ
- fix examples to work on python3
- Fix typo in `--max-requests` documentation
- Clear tornado ioloop before os.fork
- Miscellaneous fixes and improvement for linting using Pylint
Breaking Change
- Removed gaiohttp worker
- Drop support for Python 2.x
- Drop support for EOL Python 3.2 and 3.3
Symfony http-foundation has been updated to version 3.4.35 in this
release. This includes an upstream security release which does not
impact Drupal core.
Core versioning support in *.info.yml files since 8.7.7
Drupal 8.7.7 introduces a new core_version_requirement key to
*.info.yml files, allowing contributed modules to specify specific
versions for Drupal core compatiblity, as well as to indicate that
they are compatible with both Drupal 8 and the forthcoming Drupal
9 release. See the change record for more details. Important
accessibility fix to the Toolbar
This releases resolves a significant accessibility bug which
prevented toolbar links from working with some screen readers.
Websites which need to support administrators who use assistive
technology are strongly recommended to upgrade. If in doubt, assume
this is the case, particularly in larger organizations. Discussing
the issue with staff from IT user-support, disabled employee support,
and human resources teams is advisable. Internal change to entity
and field definition update events
It is now possible to install a new field storage definition during
a fieldable entity type update. Event subscribers for entity type
and field definition update events will now be passed the updated
definitions rather than the outdated ones. Code relying on this
buggy behavior may need adjustment.
6.04 2019-03-20 13:01:15Z
- Full release of changes in 6.03
6.03 2019-03-19 16:44:17Z (TRIAL RELEASE)
- Convert release process to Dist::Zilla
- Allow File::Temp handles to be guessed correctly (GH#1) (Wesley
Schwengle)
0.000042 2019-06-12 15:15:52Z
- Don't rely on Mojo to be installed in tests (GH#18) (Olaf Alders)
0.000041 2019-06-12 12:31:03Z
- Bump minimum Mojo version required for tests (GH#17) (Olaf Alders)
- Add support for Mojo::UserAgent to LWP::ConsoleLogger::Everywhere ((GH#16) simbabque)
0.000040 2019-06-11 01:22:03Z
- Add support for Mojo::UserAgent (GH#14) (Gregory Oschwald)
6.05 2019-10-24 02:21:51Z
- Fix GH#32 by checking for " as well as ; when splitting. (GH#49) (colinnewell)
- Fix GH#48 update documentation about $version (GH#55) (Dave Menninger)
- Fix broken README badge (GH#54) (Alex Peters)
- Whenever possible, use an absolute four digit year for Time::Local (GH#52) (Olaf Alders)
- Add test case for Issue #26 (GH#45) (George-NG)
- Long numbers (GH#47) (pludlamCVL)
- Cookies.pm: die if close on $fh in ->save fails (GH#46) (MCRayRay)
- Replace "use vars" with "our" (GH#43) (James Raspass)
- Fixed minor typo in the pod for HTTP::Cookies. (GH#39) (Mohammad S Anwar)
(from README, not from Changes)
NOTE: 2.30 fixed a dependency in Makefile.PL and is addressing the OSX ACL
files that got included in the tarball and break modern make instances.
Logswan 2.1.2 (2019-11-19)
- Add ENABLE_SECCOMP build option, to allow building seccomp support
conditionally
- Disable seccomp by default, it needs more testing on non !amd64 platforms
- Use ${CMAKE_INSTALL_BINDIR} instead of hardcoding 'bin'
Changelog:
Changes:
7.67.0
------
This release includes the following changes:
o curl: added --no-progress-meter
o setopt: CURLMOPT_MAX_CONCURRENT_STREAMS is new
o urlapi: CURLU_NO_AUTHORITY allows empty authority/host part
This release includes the following bugfixes:
o BINDINGS: five new bindings addded
o CURLOPT_TIMEOUT.3: Clarify transfer timeout time includes queue time
o CURLOPT_TIMEOUT.3: remove the mention of "minutes"
o ESNI: initial build/setup support
o FTP: FTPFILE_NOCWD: avoid redundant CWDs
o FTP: allow "rubbish" prepended to the SIZE response
o FTP: remove trailing slash from path for LIST/MLSD
o FTP: skip CWD to entry dir when target is absolute
o FTP: url-decode path before evaluation
o HTTP3.md: move -p for mkdir, remove -j for make
o HTTP3: fix invalid use of sendto for connected UDP socket
o HTTP3: fix ngtcp2 Windows build
o HTTP3: fix prefix parameter for ngtcp2 build
o HTTP3: fix typo somehere1 > somewhere1
o HTTP3: show an --alt-svc using example too
o INSTALL: add missing space for configure commands
o INSTALL: add vcpkg installation instructions
o README: minor grammar fix
o altsvc: accept quoted ma and persist values
o altsvc: both backends run h3-23 now
o appveyor: Add MSVC ARM64 build
o appveyor: Use two parallel compilation on appveyor with CMake
o appveyor: add --disable-proxy autotools build
o appveyor: add 32-bit MinGW-w64 build
o appveyor: add a winbuild
o appveyor: add a winbuild that uses VS2017
o appveyor: make winbuilds with DEBUG=no/yes and VS 2015/2017
o appveyor: publish artifacts on appveyor
o appveyor: upgrade VS2017 to VS2019
o asyn-thread: make use of Curl_socketpair() where available
o asyn-thread: s/AF_LOCAL/AF_UNIX for Solaris
o build: Remove unused HAVE_LIBSSL and HAVE_LIBCRYPTO defines
o checksrc: fix uninitialized variable warning
o chunked-encoding: stop hiding the CURLE_BAD_CONTENT_ENCODING error
o cirrus: Increase the git clone depth
o cirrus: Switch the FreeBSD 11.x build to 11.3 and add a 13.0 build
o cirrus: switch off blackhole status on the freebsd CI machines
o cleanups: 21 various PVS-Studio warnings
o configure: only say ipv6 enabled when the variable is set
o configure: remove all cyassl references
o conn-reuse: requests wanting NTLM can reuse non-NTLM connections
o connect: return CURLE_OPERATION_TIMEDOUT for errno == ETIMEDOUT
o connect: silence sign-compare warning
o cookie: avoid harmless use after free
o cookie: pass in the correct cookie amount to qsort()
o cookies: change argument type for Curl_flush_cookies
o cookies: using a share with cookies shouldn't enable the cookie engine
o copyrights: update copyright notices to 2019
o curl: create easy handles on-demand and not ahead of time
o curl: ensure HTTP 429 triggers --retry
o curl: exit the create_transfers loop on errors
o curl: fix memory leaked by parse_metalink()
o curl: load large files with -d @ much faster
o docs/HTTP3: fix `--with-ssl` ngtcp2 configure flag
o docs: added multi-event.c example
o docs: disambiguate CURLUPART_HOST is for host name (ie no port)
o docs: note on failed handles not being counted by curl_multi_perform
o doh: allow only http and https in debug mode
o doh: avoid truncating DNS QTYPE to lower octet
o doh: clean up dangling DOH memory on easy close
o doh: fix (harmless) buffer overrun
o doh: fix undefined behaviour and open up for gcc and clang optimization
o doh: return early if there is no time left
o examples/sslbackend: fix -Wchar-subscripts warning
o examples: remove the "this exact code has not been verified"
o git: add tests/server/disabled to .gitignore
o gnutls: make gnutls_bye() not wait for response on shutdown
o http2: expire a timeout at end of stream
o http2: prevent dup'ed handles to send dummy PRIORITY frames
o http2: relax verification of :authority in push promise requests
o http2_recv: a closed stream trumps pause state
o http: lowercase headernames for HTTP/2 and HTTP/3
o ldap: Stop using wide char version of ldapp_err2string
o ldap: fix OOM error on missing query string
o mbedtls: add error message for cert validity starting in the future
o mime: when disabled, avoid C99 macro
o ngtcp2: adapt to API change
o ngtcp2: compile with latest ngtcp2 + nghttp3 draft-23
o ngtcp2: remove fprintf() calls
o openssl: close_notify on the FTP data connection doesn't mean closure
o openssl: fix compiler warning with LibreSSL
o openssl: use strerror on SSL_ERROR_SYSCALL
o os400: getpeername() and getsockname() return ebcdic AF_UNIX sockaddr
o parsedate: fix date parsing disabled builds
o quiche: don't close connection at end of stream
o quiche: persist connection details (fixes -I with --http3)
o quiche: set 'drain' when returning without having drained the queues
o quiche: update HTTP/3 config creation to new API
o redirect: handle redirects to absolute URLs containing spaces
o runtests: get textaware info from curl instead of perl
o schannel: reverse the order of certinfo insertions
o schannel_verify: Fix concurrent openings of CA file
o security: silence conversion warning
o setopt: handle ALTSVC set to NULL
o setopt: make it easier to add new enum values
o setopt: store CURLOPT_RTSP_SERVER_CSEQ correctly
o smb: check for full size message before reading message details
o smbserver: fix Python 3 compatibility
o socks: Fix destination host shown on SOCKS5 error
o test1162: disable MSYS2's POSIX path conversion
o test1591: fix spelling of http feature
o tests: add `connect to non-listen` keywords
o tests: fix narrowing conversion warnings
o tests: fix the test 3001 cert failures
o tests: makes tests succeed when using --disable-proxy
o tests: use %FILE_PWD for file:// URLs
o tests: use port 2 instead of 60000 for a safer non-listening port
o tool_operate: Fix retry sleep time shown to user when Retry-After
o travis: Add an ARM64 build
o url: Curl_free_request_state() should also free doh handles
o url: don't set appconnect time for non-ssl/non-ssh connections
o url: fix the NULL hostname compiler warning
o url: normalize CURLINFO_EFFECTIVE_URL
o url: only reuse TLS connections with matching pinning
o urlapi: avoid index underflow for short ipv6 hostnames
o urlapi: fix URL encoding when setting a full URL
o urlapi: fix unused variable warning
o urlapi: question mark within fragment is still fragment
o urldata: use 'bool' for the bit type on MSVC compilers
o vtls: Fix comment typo about macosx-version-min compiler flag
o vtls: fix narrowing conversion warnings
o winbuild/MakefileBuild.vc: Add vssh
o winbuild/MakefileBuild.vc: Fix line endings
o winbuild: Add manifest to curl.exe for proper OS version detection
o winbuild: add ENABLE_UNICODE option
1.013 2019-07-23 02:00:06Z
- amended instructions in App::Nopaste::Service::Gist regarding
creating a gist authorization token
- --copy now works with Control-V on X windows (PR#17, Shlomi Fish)
The functions optionaly exported by this module allows you to open URLs in
the user browser.
A set of known commands per OS-name is tested for presence, and the first
one found is executed. With an optional parameter, all known commands are
checked.
The "open_browser" uses the system() function to execute the command. If
you want more control, you can get the command with the "open_browser_cmd"
or "open_browser_cmd_all" functions and then use whatever method you want
to execute it.
Change log:
Version 1.10, released 2019-09-08
---------------------------------
No bug fixes or new features.
Other changes
~~~~~~~~~~~~~
* Similar to the change in version 1.9 which normalized conversions to
named colors for `gray`/`grey` to always use the `gray` variant, the
other named grays of CSS3 now normalize to the `gray` spelling. This
affects the following colors: `darkgray`/`darkgrey`,
`darkslategray`/`darkslategrey`, `dimgray`/`dimgrey`,
`lightgray`/`lightgrey`, `lightslategray`/`lightslategrey`,
`slategray`/`slategrey`.
Version 1.9.1, released 2019-06-07
----------------------------------
Bugs fixed
~~~~~~~~~~
* The `__version__` attribute of the installed webcolors module,
although not documented or referenced anywhere, was accidentally not
updated in the 1.9 release. It has now been updated (and now
indicates 1.9.1).
Version 1.9, released 2019-06-01
--------------------------------
No bug fixes.
New features
~~~~~~~~~~~~
* Added :ref:`a set of constants to use when referring to
specifications that define color names <spec-constants>`.
Other changes
~~~~~~~~~~~~~
* When asked to provide a color name, using the CSS3/SVG set of names,
for the hexadecimal value `#808080`, the integer triplet `rgb(128,
128, 128)`, or the percentage triplet `rgb(50%, 50%, 50%)`,
webcolors now always returns `u'gray'`, never `u'grey'`. Previously,
the behavior could be inconsistent as it depended on the Python
version in use; `u'gray'` was picked because it was the spelling
variant used in HTML 4, CSS1, and CSS2.
Version 1.8.1, released 2018-02-12
----------------------------------
The 1.8.1 release is a repackaging of 1.8 to produce both source
(.tar.gz) and binary (.whl) package formats, following reports that
the source-package-only release of 1.8 was causing installation issues
for some users. See `issue 6 in the repository
<https://github.com/ubernostrum/webcolors/issues/6>`_ for details.
Version 1.8, released 2018-02-08
--------------------------------
No bug fixes.
New features
~~~~~~~~~~~~
* Added the :class:`~webcolors.IntegerRGB`,
:class:`~webcolors.PercentRGB`, and
:class:`~webcolors.HTML5SimpleColor` named tuples.
Other changes
~~~~~~~~~~~~~
* Drop support for Python 3.3 (Python core team no longer maintains
3.3).
* Mark support for Python 3.6.
* :ref:`The full verification tests <full-verification>` now run
correctly on Python 3.
Version 1.7, released 2016-11-25
--------------------------------
No new features or bugfixes.
Other changes
~~~~~~~~~~~~~
* Drop support for Python 2.6 (Python core team no longer maintains
2.6).
* Mark support for Python 3.4.
* On Python 3, the use of :class:`str` for all functions which take
string arguments is now mandatory. Attempted use of :class:`bytes`
will raise an exception. On Python 2, use of bytestrings is still
permitted.
Version 1.5.1, released 2015-11-23
----------------------------------
No new features.
Bug fixes
~~~~~~~~~
* Corrected multiple typos in documentation.
Version 1.5, released 2015-03-07
--------------------------------
No bug fixes.
New features
~~~~~~~~~~~~
* Python 3 support: webcolors now supports Python 3.3.
* Added :ref:`HTML5 color algorithms <html5-algorithms>`.
Other changes
~~~~~~~~~~~~~
* Packaging improvements.
- Bumps versions of dependencies.
Changes (since 1.29.3):
Cliqz Browser release 1.30.0 includes all changes of Firefox's latest version 70
with additional Cliqz improvements and bug fixes.
New Features
* Browse undisturbed at last: Thanks to the new Cookie Pop-up Blocker,
websites no longer bother you with cookie consent notices. Once activated,
consent requests for data collection are automatically denied if
possible. Otherwise, the cookie pop-up is simply hidden.
Improvements
* Cliqz got updated to Firefox 70.0.1 with various improvements and fixes.
* Thanks to code optimizations, the Cliqz Browser now starts up to 20%
faster (with an existing profile).
* Cliqz now displays websites opened in Forget Mode in a separate browser
window. Therefore, normal and private tabs are more strictly
separated. This makes it easier for you to differentiate between them, and
further strengthens your privacy. Forget Tabs are no longer supported.
* The completely redesigned Onboarding makes the initial setup of the Cliqz
Browser easier by guiding you step-by-step through the most important
settings.
Fixes
* Various bugs with themes have been fixed.
* Instead of Firefox's built-in tracking protection, the Cliqz Browser uses
our superior anti-tracking technology.
* Cliqz continues to use the built-in password manager instead of Firefox
Lockwise to manage login data and passwords.
Changes:
* BREAKING
* Fix deadline on update issue or PR via API (#8698)
* Hide some user information via API if user doesn't have enough permission (#8655) (#8657)
* Remove legacy handling of drone token (#8191)
* Change repo search to use exact match for topic search. (#7941)
* Add pagination for admin api get orgs and fix only list public orgs bug (#7742)
* Implement the ability to change the ssh port to match what is in the gitea config (#7286)
* SECURITY
* Fix issue with user.fullname (#8903)
* Ignore mentions for users with no access (#8395)
* Be more strict with git arguments (#7715)
* Extract the username and password from the mirror url (#7651)
* reserve .well-known username (#7637)
* FEATURE
* Org/Members: display 2FA members states + optimize sql requests (#7621)
* SetDefaultBranch on pushing to empty repository (#7610)
* Adds side-by-side diff for images (#6784)
* API method to list all commits of a repository (#6408)
* Password Complexity Checks (#6230)
* Add option to initialize repository with labels (#6061)
* Add additional password hash algorithms (#6023)
* BUGFIXES
* Allow to merge if file path contains " or \ (#8629) (#8771)
* On windows set core.longpaths true (#8776) (#8786)
* Fix 500 when edit hook (#8782) (#8789)
* Fix Checkbox at RepoSettings Protected Branch (#8799) (#8801)
* Fix SSH2 conditional in key parsing code (#8806) (#8810)
* Fix commit expand button to not go to commit link (#8745) (#8825)
* Fix new user form for non-local users (#8826) (#8828)
* Fix to close opened io resources as soon as not needed (#8839) (#8846)
* Fix edit content button on migrated issue content (#8877) (#8884)
* Fix require external registration password (#8885) (#8890)
* Fix password complexity check on registration (#8887) (#8888)
* Update Github Migration Tests (#8896) (#8938) (#8945)
* Enable punctuations ending mentions (#8889) (#8894)
* Add Close() method to gogitRepository (#8901) (#8956)
* Hotfix for review actions and notifications (#8965)
* Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528) (#8618)
* Fix milestone close timestamp (#8728) (#8730)
* Fix 500 when getting user as unauthenticated user (#8653) (#8663)
* Fix 'New Issue Missing Milestone Comment' (#8678) (#8681)
* Use AppSubUrl for more redirections (#8647) (#8651)
* Add SubURL to redirect path (#8632) (#8634)
* Fix template error on account page (#8562) (#8622)
* Allow externalID to be UUID (#8551) (#8624)
* Prevent removal of non-empty emoji panel following selection of duplicate (#8609) (#8623)
* Update heatmap fixtures to restore tests (#8615) (#8616)
* Ensure that diff stats can scroll independently of the diff (#8581) (#8621)
* Webhook: set Content-Type for application/x-www-form-urlencoded (#8600)
* Fix#8582 by handling empty repos (#8587) (#8594)
* Fix bug on pull requests when transfer head repository (#8564) (#8569)
* Add missed close in ServeBlobLFS (#8527) (#8542)
* Ensure that GitRepo is set on Empty repositories (#8539) (#8541)
* Fix migrate mirror 500 bug (#8526) (#8530)
* Fix password complexity regex for special characters (#8524)
* Prevent .code-view from overriding font on icon fonts (#8614) (#8627)
* Allow more than 255 characters for tokens in external_login_user table (#8554)
* Fix errors in create org UI regarding team access permission (#8506)
* Fix bug on FindExternalUsersByProvider (#8504)
* Create .ssh dir as necessary (#8486)
* IsBranchExist: return false if provided name is empty (#8485)
* Making openssh listen on SSH_LISTEN_PORT not SSH_PORT (#8477)
* Add check for empty set when dropping indexes during migration (#8471)
* LFS files are relative to LFS content path, ensure that when deleting they are made relative to this (#8455)
* Ensure Request Body Readers are closed in LFS server (#8454)
* Fix template bug on mirror repository setting page (#8438)
* Fix migration v96 to keep issue attachments (#8435)
* Update strk.kbt.io/projects/go/libravatar to latest (#8429)
* Singular form for files that has only one line (#8416)
* Check for either escaped or unescaped wiki filenames (#8408)
* Allow users with explicit read access to give approvals (#8382)
* Fix editor commit to new branch if PR disabled (#8375)
* readd .markdown class to all markup renderers (#8357)
* Upgrade xorm to v0.7.9 to fix some bugs (#8354)
* Fix column name ambiguity in GetUserIssueStats() (#8347)
* Change general form binding to gogs form (#8334)
* Fix pull request commit status in user dashboard list (#8321)
* Fix repo_admin_change_team_access always checked in org settings (#8319)
* Update to github.com/lafriks/xormstore@v1.3.0 (#8317)
* Show correct commit status in PR list (#8316)
* Bugfix for image compare and minor improvements to image compare (#8289)
* Update xorm (#8286)
* Fix API for edit and delete release attachment (#8285)
* Fix nil object access in some conditions when parsing cross references (#8281)
* Fix label count (#8267)
* Only show teams access for organization repositories on collaboration setting page (#8265)
* Test more reserved usernames (#8263)
* Rewrite reference processing code in preparation for opening/closing from comment references (#8261)
* Fix assets key on release webhook (#8253)
* Allow registration when button is hidden (#8237)
* Fix release API URL generation (#8234)
* Fix milestone num_issues (#8221)
* MS Teams webhook misses commit messages (#8209)
* Fix data race (#8204)
* Fix team user api (#8172)
* Fix pull merge 500 error caused by git-fetch breaking behaviors (#8161)
* Make show private icon when repo avatar set (#8144)
* Add reviewers as participants (#8121)
* Fix Go 1.13 private repository go get issue (#8112)
* feat: highlight issue references with : (#8101)
* Make AllowedUsers configurable in sshd_config (#8094)
* Strict name matching for Repository.GetTagID() (#8074)
* Avoid ambiguity of branch/directory names for the git-diff-tree command (#8066)
* Add change title notification for issues (#8061)
* [ssh] fix the config specification in the authorized_keys template (#8031)
* Fix reading git notes from nested trees (#8026)
* Fixes synchronize tags to releases for repository - makes sure we are only getting tag refs (#7990)
* Fix adding default Telegram webhook (#7972)
* Run CORS handler first for /api routes (#7967)
* Abort synchronization from LDAP source if there is some error. (#7960)
* Fix wrong sender when send slack webhook (#7918)
* Fix bug when migrating a private repository (#7917)
* Evaluate emojis in commit messages in list view (#7906)
* Fix upload file type check (#7890)
* lfs/lock: round locked_at timestamp to second (#7872)
* fix non existent milestone with 500 error instead of 404 (#7867)
* gpg/bugfix: Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7846)
* Fix duplicate call of webhook (#7821)
* Enable switching to a different source branch when PR already exists (#7819)
* Convert files to utf-8 for indexing (#7814)
* Do not fetch all refs in pull-request compare (#7797)
* Fix multiple bugs with statuses endpoints at API (#7785)
* Restore functionality for early gits (#7775)
* Fix Slack webhook fork message (#7774)
* Rewrite existing repo units if setting is not included in api body (#7763)
* Fix rename failed when rewrite public keys (#7761)
* Fix approvals counting (#7757)
* Add migration step to remove old repo_indexer_status orphaned records (#7746)
* Fix repo_index_status lingering when deleting a repository (#7734)
* Remove camel case tokenization from repo indexer (#7733)
* Fix milestone completness calculation when migrating (#7725)
* Regression: Include "executable" files in the index, as they are not necessarily … (#7718)
* Fixes indexed repos keeping outdated indexes when files grow too large (#7712)
* Skip non-regular files (e.g. submodules) on repo indexing (#7711)
* Fix dropTableColumns sqlite implementation (#7710)
* Update gopkg.in/src-d/go-git.v4 to v4.13.1 (#7705)
* improve branches list performance and fix protected branch icon when no-login (#7695)
* Correct wrong datetime format for git (#7689)
* Move add to hook queue for created repo to outside xorm session. (#7675)
* sugestion to use range .Branches (#7674)
* Fix bug on migrating milestone from github (#7665)
* hide delete/restore button on archived repos (#7658)
* css: use flex to fix floating paginate (#7656)
* Fix syntax highlight initialization (#7617)
* Fix panic on push at - Merging pull request causes 500 error (#7615)
* Make PKCS8, PEM and SSH2 keys work (#7600)
* Fix mistake in arc-green.less split-diff css code. (#7587)
* Handle ErrUserProhibitLogin in http git (#7586)
* Fix bug create/edit wiki pages when code master branch protected (#7580)
* Fixes Malformed URLs in API git/commits response (#7565)
* Fix file header overflow in file and blame views (#7562)
* Improve SSH key parser to handle newlines in keys (#7522)
* Fix empty commits now showing in repo overview (#7521)
* Fix repository's pull request count error (#7518)
* Fix markdown invoke sequence (#7513)
* Remove duplicated webhook trigger (#7511)
* Update User.NumRepos atomically in createRepository (#7493)
* Fix settings page of repo you aren't admin print error - Settings pages giving UnitType error message (#7482)
* Fix redirection after file edit - Handles all redirects for Web UI File CRUD (#7478)
* cmd/serv: actually exit after fatal errors (#7458)
* Fix an issue with some pages throwing 'not defined' js exceptions (#7450)
* fix Dropzone.js integration (#7445)
* Fix regex for issues in commit messages (#7444)
* Diff: Fix indentation on unhighlighted code (#7435)
* Only show "New Pull Request" button if repo allows pulls (#7426)
* Upgrade macaron/captcha to fix random error problem (#7407)
* create class for inline positioned lists (#7393)
* Fetch refs for successful testing for tag (#7388)
* add missing template variable on organisation settings (#7385)
* fix post parameter - on issue list - unset assignee (#7380)
* fix/define autochecked checkboxes on issue list in firefox (#7320)
* only return head: null if source branch was deleted (#6705)
* ENHANCEMENT
* Add nofollow to sign in links (#8509)
* vendor: update mvdan.cc/xurls/v2 to v2.1.0 (#8495)
* Update milestone issues numbers when save milestone and other code improvements (#8411)
* Add extra user information when migrating release (#8331)
* Require overall success if no context is given for status check (#8318)
* Transaction-aware retry create issue to cope with duplicate keys (#8307)
* Change link on issue milestone (#8246)
* Alwaywas return local url for users avatar (#8245)
* Move some milestone functions to a standalone package (#8213)
* Move create issue comment to comments package (#8212)
* Disable max height property of comment textarea (#8203)
* Add 'Mentioning you' group to /issues page (#8201)
* oauth2 with remote Gitea (#8149)
* Reference issues from pull requests and other issues (#8137)
* Fix webhooks to use proxy from environment (#8116)
* Add merged commit id on pull view when it's merged (#8062)
* Add teams to repo on collaboration page. (#8045)
* Update swagger to 0.20.1 (#8010)
* Make link last commit massages in repository home page and commit tables (#8006)
* Add API endpoint for accessing repo topics (#7963)
* Include description in repository search (#7942)
* Use gitea forked macaron (#7933)
* Fix pull creation with empty changes (#7920)
* Allow token as authorization for accessing attachments (#7909)
* Retry create issue to cope with duplicate keys (#7898)
* Move git diff codes from models to services/gitdiff (#7889)
* migrate gplus to google oauth2 provider (#7885)
* Remove unique filter from repo indexer analyzer. (#7878)
* Detect delimiter in CSV rendering (#7869)
* Import topics during migration (#7851)
* Move CreateReview to modules/pull (#7841)
* vendor: update pdf.js to v2.1.266 (#7834)
* Support SSH_LISTEN_PORT env var in docker app.ini template (#7829)
* Add Ability for User to Customize Email Notification Frequency (#7813)
* Move database settings from models to setting (#7806)
* Display ui time with customize time location (#7792)
* Implement webhook branch filter (#7791)
* Restrict repository indexing by glob match (#7767)
* Api: advanced settings for repository (external wiki, issue tracker etc.) (#7756)
* Update migrated repositories' issues/comments/prs poster id if user has a github external user saved (#7751)
* deps: Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#7749)
* Apply emoji on commit graph page (#7743)
* Add a lot of extension to language mappings for syntax highlights (#7741)
* Add SQL execution on log and indexes on table repository and comment (#7740)
* Set DB connection error level to error (#7724)
* Check commit message hashes before making links (#7713)
* remove unnecessary fmt on generate bindata (#7706)
* Fix specific highlighting (CMakeLists.txt ...) (#7686)
* Add file status on API (#7671)
* Add support for DEFAULT_ORG_MEMBER_VISIBLE (#7669)
* Provide links in commit summaries in commits table/view list (#7659)
* Change length of some repository's columns (#7652)
* Move commit repo action from models to repofiles package (#7645)
* fix wrong email when use gitea as OAuth2 provider (#7640)
* [Branch View] add download button (#7604)
* Update to xorm@v0.7.4 (#7596)
* use 403 instead of 401 for ErrUserProhibitLogin (#7591)
* Removed unnecessary conversions (#7557)
* Un-lambda base.FileSize (#7556)
* Added missing error checks in tests (#7554)
* Move create release from models to a standalone package (#7539)
* Make default branch name link to default branch (#7519)
* Added total count of contributions to heatmap (#7517)
* Move mirror to a standalone package from models (#7486)
* Move models.PushUpdate to repofiles.PushUpdate (#7485)
* Include thread related headers in issue/coment mail (#7484)
* Refuse merge until all required status checks success (#7481)
* convert all js var to let/const (#7464)
* Only create branches for opened pull requestes when migrating from github (#7463)
* jQuery 3 (#7425)
* Add notification placeholder (#7409)
* Search Commits via Commit Hash (#7400)
* Move status table to cron package (#7370)
* wiki - page revisions list (#7369)
* Display original author and URL information when showing migrated issues/comments (#7352)
* Refactor filetype is not allowed errors (#7309)
* switch to use gliderlabs/ssh for builtin server (#7250)
* Remove settting dependency on modules/session (#7237)
* Move all mail related codes from models to services/mailer (#7200)
* Support git.PATH entry in app.ini (#6772)
* Support setting cookie domain (#6288)
* Move migrating repository from frontend to backend (#6200)
* Delete releases attachments if release is deleted (#6068)
* TRANSLATION
* Latvian translation for home page (#8468)
* Add home template italian translation (#8352)
* fix misprint (#7452)
* BUILD
* use go 1.13 (#8088)
* MISC
* add file line count info on UI (#8396)
* Make issues page left menu 100% width and add reponame as title attribute (#8359)
* [arc-green] white on hover for active menu items (#8344)
* Move ref (branch or tag) location on issue list page (#8157)
* apply emoji on dashboard issue list labels (#8156)
* 1148: Take up the full width when viewing the diff in split view. (#8114)
* Display description of 'make this repo private' as help text, not as tooltip (#8097)
* Fixes deformed emoji in pull request reviews (#8047)
* Add strike to old header on comment (#8046)
* Add tooltip for the visibility checkbox in /repo/create (#8025)
* Update github.com/lafriks/xormstore and tidy up mod.go (#8020)
* keep blame view buttons sequence consistent with normal view when view a file (#8007)
* Use "Pull Request" instead of "Merge Request" (#8003)
* Move line number to :before attr to hide from search on browser (#8002)
* Changed black color to white for (read) number label on issue list page (#8000)
* [Branch View] show "New Pull Request" Button only if posible (#7977)
* Fix hook problem by only setting the git environment variables if we are passed them (#7854)
* Prevent Commit Status and Message From Overflowing On Branch Page (#7800)
* Fix global search result CSS, misc CSS tweaks (#7789)
* Tweak label border CSS (#7739)
* Fix create menu item widths (#7708)
* [Branch View] Delete duplicate protection symbol (#7624)
* [Branch View] Delete Table Header (#7622)
* [Branch View] icons to buttons (#7602)
* update js dependencies (#7462)
* Add Extra Info to Branches Page (#7461)
* Bump lodash from 4.17.11 to 4.17.14 (#7459)
* wiki history improvements (#7391)
* ui fixes - compare view and archieved repo issues (#7345)
* dark theme scrollbars (#7269)
* wiki - editor - add buttons 'inline code', 'empty checkbox', 'checked checkbox' (#7243)
* Fix Statuses API only shows first 10 statuses: Add paging and extend API GetCommitStatuses (#7141)
2.0.0
- Discontinue the lib and migrate to https://github.com/model-bakers/model_bakery
- Use default value for unknown field types
- Enable seq method to be imported directly from model_mommy
- Stick to Django's roadmap (https://www.djangoproject.com/download/)
- Add validation to `_fill_optional` parameter
- Add new `_from_manager` parameter to `make` method
- Clean up obsolete imports
- Save object instances when handling one to many relations
3.10.3
Include API version in OpenAPI schema generation, defaulting to empty string.
Add pagination properties to OpenAPI response schemas.
Add missing "description" property to OpenAPI response schemas.
Only include "required" for non-empty cases in OpenAPI schemas.
Fix response schemas for "DELETE" case in OpenAPI schemas.
Use an array type for list view response schemas.
Use consistent lowerInitialCamelCase style in OpenAPI operation IDs.
Fix minLength/maxLength/minItems/maxItems properties in OpenAPI schemas.
Only call FileField.url once in serialization, for improved performance.
Fix an edge case where throttling calcualtions could error after a configuration change.
3.10.2
Various OpenAPI schema fixes.
Ability to specify urlconf in include_docs_urls.
3.10.1
Don't include autocomplete fields on TokenAuth admin, since it forces constraints on custom user models & admin.
Require uritemplate for OpenAPI schema generation, but not coreapi.
3.10.0
Switch to OpenAPI schema generation.
Drop Python 2 support.
Add generateschema --generator_class CLI option
Updated PyYaml dependency for OpenAPI schema generation to pyyaml>=5.1
Resolve DeprecationWarning with markdown.
Use user.get_username in templates, in preference to user.username.
Fix for cursor pagination issue that could occur after object deletions.
Fix for nullable fields with source="*"
Always apply all throttle classes during throttling checks.
Updates to jQuery and Markdown dependencies.
Don't strict disallow redundant SerializerMethodField field name arguments.
Don't render extra actions in browable API if not authenticated.
Strip null characters from search parameters.
This package now depends on py-pallets-sphinx-themes>=1.2.2nb1, since
the latter added a new dependency for its basic functioning (and 1.2.2
pre-revbump was broken).
2019-11-07 Kovid Goyal
* 0.4.4 release
* URLs passed into mechanize now automatically have URL unsafe characters
percent encoded. This is necessary because newer versions of python
disallow processing of URLs with unsafe characters. Note that this means
values return by get_full_url(), get_selector() etc will be percent encoded.
Version 7.43.0.3 [requires libcurl-7.19.0 or better] - 2019-06-17
-----------------------------------------------------------------
* Fixed use with libcurl 7.65+ when FTP support is disabled.
* Added support for mbedTLS (patch by Josef Schlehofer).
* Fixed string processing on Python 3 (patch by Dmitriy Taychenachev).
* Added CURLOPT_TCP_FASTOPEN and CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE
(patch by Khavish Anshudass Bhundoo).
* Repaired inability to install PycURL when libcurl is using an SSL
backend other than the ones PycURL explicitly recognizes and
handles (OpenSSL, LibreSSL, BoringSSL, GnuTLS, NSS).
The requirement for setup.py to detect an SSL backend if libcurl
is configured to use SSL, added in 7.43.0.2, has been changed
to a warning to allow this.
=== RELEASE 2.20.2 ===
Wed Sep 18 18:39:07 CEST 2019 mikulas:
If the user runs links on a framebuffer and switch to a differnt
framebuffer, links would incorrectly respond to mouse clicks.
2.0.11 October 5, 2019
Fix t/modules/apache_resource.t failures [Steve Hay]
Fix [CVE-2011-2767] Arbitrary Perl code execution in the context of the user
account via a user-owned .htaccess. Patch from bugs.debian.org #644169. [Jan
Ingvoldstad <jani+debian-2011+@ifi.uio.no>]
Fix potential test suite hangs due to pipelined response deadlocks. Patch
from rt.cpan.org #82409. [Zefram <zefram@fysh.org>]
Fix t/compat/request.t failures [Steve Hay]
Fix use-after-free segfault in ap_server_config_defines seen on start-up on
OpenBSD. [Found/fixed by Sam Vaughan/Joe Orton]
Fix build with Perls earlier than 5.13.6. [Rainer Jung
<rainer.jung@kippdata.de>]
Fix filter/in_bbs_inject_header.t test failure with Apache 2.4.25+. [Stefan
Fritsch <sf@sfritsch.de>]
Fix apache/read.t test failure with Apache 2.4.25+. [Niko Tyni
<ntyni@debian.org>]
v4.1.4
* Make tests more deterministic and easier to run outside of ``tox``.
* Fix Fedora packaging `issue <https://github.com/evansd/whitenoise/issues/225>`_.
* Use `Black <https://github.com/psf/black>`_ to format all code.
v4.1.3
* Fix handling of zero-valued mtimes which can occur when running on some
filesystems.
* Fix potential path traversal attack while running in autorefresh mode on
Windows.
3.7.0:
Bugfixes
* Monkeypatch pytest to not use ``TestCase.debug`` with unittests, instead
of patching it into Django.
* Work around pytest crashing due to ``pytest.fail`` being used from within the
DB blocker, and pytest trying to display an object representation involving
DB access. pytest-django uses a ``RuntimeError`` now instead.
1.25.7:
* Preserve ``chunked`` parameter on retries
* Allow unset ``SERVER_SOFTWARE`` in App Engine
* Fix issue where URL fragment was sent within the request target.
* Fix issue where an empty query section in a URL would fail to parse.
* Remove TLS 1.3 support in SecureTransport due to Apple removing support
pkgsrc changes: added -lsendfile to SunOS build to make it work.
Release notes:
New in version 1.30:
Enlarged request read buffer to 50KB.
Fix security bug that let remote users read arbitrary files. (CVE-2018-18778)
New in version 1.29:
Allow CGI to handle HTTP methods besides GET/HEAD/POST.
New in version 1.28:
Fix to buffer overrun bug in htpasswd. Reported by Alessio Santoru as CVE-2017-17663.
Some fixes to keep connections from getting stuck forever in FIN_WAIT_2 state.
5.62.0
KDE WebKit
Use ECMAddQtDesignerPlugin instead of private copy
5.63.0
KJS
Added startsWith(), endsWith() and includes() JS String functions
Fixed Date.prototype.toJSON() called on non-Date objects
5.64.0
KHTML
Extend KHtmlView::print() to use a predefined QPrinter instance
KJS
Better message for String.prototype.repeat(count) range errors
Simplify parsing of numeric literals
Parse JS binary literals
Detect truncated hex and octal literals
Support new standard way of specifying octal literals
Collection of regression tests taken from khtmltests repository
Privoxy 3.0.27 stable scales better in multi-user environments
and brings a couple of tuning directives.
Privoxy 3.0.28 stable fixes two regressions introduced in 3.0.27.
--------------------------------------------------------------------
ChangeLog for Privoxy 3.0.28
--------------------------------------------------------------------
- Bug fixes for regressions in 3.0.27:
- Fixed misplaced parentheses.
Reported by David Binderman.
- Changed two regression tests to depend on config directive
enable-remote-toggle instead of FEATURE_TOGGLE.
--------------------------------------------------------------------
ChangeLog for Privoxy 3.0.27
--------------------------------------------------------------------
- General improvements:
- Add a receive-buffer-size directive which can be used to
set the size of the previously statically allocated buffer
in handle_established_connection().
Increasing the buffer size increases Privoxy's memory usage but
can lower the number of context switches and thereby reduce the
CPU usage and potentially increase the throughput.
This is mostly relevant for fast network connections and
large downloads that don't require filtering.
Sponsored by: Robert Klemme
- Add a listen-backlog directive which specifies the backlog
value passed to listen().
Sponsored by: Robert Klemme
- Add an enable-accept-filter directive which allows to
toggle accept filter support at run time when compiled
with FEATURE_ACCEPT_FILTER support.
It makes testing more convenient and now that it's
optional we can emit an error message if enabling
the accept filter fails.
Sponsored by: Robert Klemme
- Add a delay-response{} action.
This is useful to tar pit JavaScript requests that
are endlessly retried in case of blocks. It can also
be used to simulate a slow Internet connection.
Sponsored by: Robert Klemme
- Add a 'trusted-cgi-referrer' directive.
It allows to configure another page or site that can be used
to reach sensitive CGI resources.
Sponsored by: Robert Klemme
- Add a --fuzz mode which exposes Privoxy internals to input
from files or stdout.
Mainly tested with American Fuzzy Lop. For details see:
https://www.fabiankeil.de/talks/fuzzing-on-freebsd/
This work was partially funded with donations and done
as part of the Privoxy month in 2015.
- Consistently use the U(ngreedy) flag in the 'img-reorder' filter.
- listen_loop(): Reuse a single thread attribute object
The object doesn't change and creating a new one for
every thread is a waste of (CPU) time.
Sponsored by: Robert Klemme
- Free csp resources in the thread that belongs to the csp instead
of the main thread which has enough on its plate already.
Sponsored by: Robert Klemme
- Improve 'socket timeout reached' message.
Log the timeout that was triggered and downgrade the
log level to LOG_LEVEL_CONNECT to reduce the log noise
with common debug settings.
The timeout isn't necessary the result of an error and
usually merely indicates that Privoxy's socket timeout
is lower than the relevant timeouts used by client and
server.
Sponsored by: Robert Klemme
- Explicitly taint the server socket in case of CONNECT requests.
This doesn't fix any known problems, but makes
some log messages less confusing.
- Let write_pid_file() terminate if the pid file can't be opened.
Logging the issue at info level is unlikely to help.
- log_error(): Reduce the mutex-protected area by not using a
heap-allocated buffer that is shared between all threads.
This increases performance and reduces the latency with
verbose debug settings and multiple concurrent connections.
Sponsored by: Robert Klemme
- Let zalloc() use calloc() if it's available.
In some situations using calloc() can be faster than
malloc() + memset() and it should never be slower.
In the real world the impact of this change is not
expected to be noticeable.
Sponsored by: Robert Klemme
- Never use select() when poll() is available.
On most platforms select() is limited by FD_SETSIZE while
poll() is not. This was a scaling issue for multi-user setups.
Using poll() has no downside other than the usual risk
that code modifications may introduce new bugs that have
yet to be found and fixed.
At least in theory this commit could also reduce the latency
when there are lots of connections and select() would use
"bit fields in arrays of integers" to store file descriptors.
Another side effect is that Privoxy no longer has to stop
monitoring the client sockets when pipelined requests are
waiting but can't be read yet.
This code keeps the select()-based code behind ifdefs for
now but hopefully it can be removed soonish to make the
code more readable.
Sponsored by: Robert Klemme
- Add a 'reproducible-tarball-dist' target.
It's currently separate from the "tarball-dist" target
because it requires a tar implementation with mtree spec
support.
It's far from being perfect and does not enforce a
reproducible mode, but it's better than nothing.
- Use arc4random() if it's available.
While Privoxy doesn't need high quality pseudo-random numbers
there's no reason not to use them when we can and this silences
a warning emitted by code checkers that can't tell whether or not
the quality matters.
- Show the FEATURE_EXTERNAL_FILTERS status on the status page.
Better late than never. Previously a couple of tests weren't
executed as Privoxy-Regression-Test couldn't detect that the
FEATURE_EXTERNAL_FILTERS dependency was satisfied.
- Ditch FEATURE_IMAGE_DETECT_MSIE.
It's an obsolete workaround we inherited from Junkbuster
and was already disabled by default.
Users that feel the urge to work around issues with
image requests coming from an Internet Explorer version
from more than 15 years ago can still do this using tags.
- Consistently use strdup_or_die() instead of strdup() in
cases where allocation failures aren't expected.
Using strdup_or_die() allows to remove a couple of explicit
error checks which slightly reduces the size of the binary.
- Insert a refresh tag into the /client-tags CGI page when
serving it while a client-specific tag is temporarily enabled.
This makes it less likely that the user ends up
looking at tag state that is out of date.
- Use absolute URLs in the client-tag forms.
It's more consistent with the rest of the CGI page
URLs and makes it more convenient to copy the forms
to external pages.
- cgi_error_disabled(): Use status code 403 and an appropriate response line
- Use a dedicated CGI handler to deal with tag-toggle requests
As a result the /client-tags page is now safe to reach without
trusted Referer header which makes bookmarking or linking to
it more convenient.
Finally, refreshing the /client-tags page to show the
current state can no longer unintentionally repeat the
previous toggle request.
- Don't add a "Connection" header for CONNECT requests.
Explicitly sending "Connection: close" is not necessary and
apparently it causes problems with some forwarding proxies
that will close the connection prematurely.
Reported by Marc Thomas.
- Fix compiler warnings.
- Bug fixes:
- rfc2553_connect_to(): Properly detect and log when poll()
reached the time out. Previously this was logged as:
Could not connect to [...]: No error: 0.
which isn't very helpful.
Sponsored by: Robert Klemme
- add_tag_for_client(): Set time_to_live properly.
Previously the time_to_live was always set for the first tag.
Attempts to temporarily enable a tag would result in enabling
it permanently unless no tag was enabled already.
- Revert r1.165 which didn't perform as advertised.
While the idea was to use "https:// when creating links
for the user manual on the website", the actual effect
was to use "https://" when Privoxy was supposed to serve
the user manual itself.
Reported by Yossi Zahn on Privoxy-devel@.
- socks5_connect(): Fail in case of unsupported address types.
Previously they would not be detected right away and
Privoxy would fail later on with an error message that
didn't make it obvious that the problem was socks-related.
So far, no such problems have actually been reported.
- socks5_connect(): Properly deal with socks replies that
contain IPv6 addresses.
Previously parts of the reply were left unread and
later on treated as invalid HTTP response data.
Fixes#904 reported by Danny Goossen who also provided
the initial version of this patch.
- Action file improvements:
- Unblock 'msdn.microsoft.com/'.
It (presumably) isn't used to serve the kind of ads Privoxy should
block by default but happens to serve lots of pages with URLs that
are likely to result in false positives.
Reported by bugreporter1694 in AF#939.
- Disable gif deanimation for requests tagged with CSS-REQUEST.
The action will ignore content that isn't considered text
anyway and explicitly disabling it makes this more obvious
if "action" debugging (debug 65536) is enabled while
"gif deanimation" debugging (debug 256) isn't.
- Explicitly disable HTML filters for requests with CSS-REQUEST tag.
The filters are unlikely to break CSS files but executing
them without (intentionally) getting any hits is a waste of
cpu time and makes the log more noisy when running with
"debug 64".
- Unblock 'adventofcode.com/'.
Reported by Clint Adams in Debian bug #848211.
Fixes Roland's AF#937.
- Unblock 'adlibris.com'.
Reported by Wyrex in #935
- Unblock .golang.org/
- Add fast-redirects exception for '.youtube.com/.*origin=http'
- Privoxy-Log-Parser:
- Don't gather host and resource statistics if they aren't requested.
While the performance impact seems negligible this significantly
reduces the memory usage if there are lots of requests.
- Bump version as the behaviour (slightly) changed.
- Count connection failures as well in statistics mode.
Sponsored by: Robert Klemme
- Count connection timeouts as well in statistics mode.
Sponsored by: Robert Klemme
- Fix an 'uninitialized value' warning when generating
statistics for a log file without response headers.
While privoxy-log-parser was supposed to detect this already,
the check was flawed and the message the user didn't see was
somewhat confusing anyway.
Now the message is less confusing, more helpful and actually printed.
Reported by: Robert Klemme
- Documentation improvements:
- Refer to the git sources instead of CVS.
- Use GNU/Linux when referring to the OS instead of the kernel.
- Add FAQ entry for what to do if editing the config file is access denied.
- Add brief HTTP/2 FAQ.
- Add a small fuzzing section to the developer documentation.
- Add a client-header-tagger{client-ip-address} example.
- Stop suggesting that Privoxy is an anonymizing proxy.
The term could lead to Privoxy users overestimating
what it can do on its own (without Tor).
- Make it more obvious that SPI accepts Paypal, too.
Currently most donations are made through the Paypal account
managed by Zwiebelfreunde e.V. and a more even distribution
would be useful.
- Suggest to log applying actions as well when reproducing problems.
- Explicitly mention that Privoxy binaries are built by individuals
on their own systems. Buyer beware!
- Mention the release feed on the homepage.
- Remove a mysterious comment with a GNU FDL link as it isn't
useful and could confuse license scanners.
In May 2002 it was briefly claimed that "this document" was covered
by the GNU FDL. The commit message (r1.5) doesn't explain the motivation
or whether all copyright holders were actually asked and agreed to the
declared license change.
It's thus hard to tell whether or not the license change was legit,
but luckily two days later the "doc license" was "put" "back to GPL"
anyway (r1.6).
At the same time the offending comment with a link to the FDL
(not the GPL) was added for no obvious reason.
Now it's gone again.
- Regression tests:
- Bump for-privoxy-version to 3.0.27 as we now rely on untrusted
CGI request being rejected with status code 403 (instead of 200).
- Update test for /send-stylesheet and add another one
- Templates:
- Consistently use https:// when linking to the Privoxy website.
- Remove SourceForge references in Copyright header.
- Remove a couple of SourceForge references in a comment.
While at it, fix the grammar.
- Move the site-specific documentation block before the generic one.
While most Privoxy installations don't have a site-specific
documentation block, in cases were it exists it's likely to
be more relevant than the generic one.
Showing it first makes it less likely that users stop reading
before they reach it, especially on pages that don't fit on
the screen.
- Build system improvements:
- Prefer openjade to jade. On some systems Jade produces
HTML with unescaped ampersands in URLs.
- Prefer OpenSP to SP to be consistent.
- Have Docbook generated HTML files be straight ASCII.
Dealing with a mixture of ISO-8859 and UTF-8 files is problematic.
- Echo the filename to stderr for 'make dok-tidy'.
Make it a bit easier to find errors in docbook generated HTML.
- Warn when still using select().
- Warn when compiling without calloc().
- Make it more obvious that the --with-fdsetsize configure switch
is pointless if poll() is available.
- Remove support for AmigaOS.
- Update windows build system to use supported software.
The cygwin gcc -mno-cygwin option is no longer supported, so
convert the windows build system to use the cygwin cross-compiler
to build "native" code.
- Add --enable-static-linking option for configure
does the same thing as LDFLAGS=-static; ./configure
but nicer than mixing evars and configure options.
4.2
- Fix for old versions of libcurl (build was broken in 4.1 on RHEL / CentOS).
- Add hostname to timeout errors (#190)
4.1
- Fixed typechecking code for new internal macro names in libcurl 7.66
- Rewrite typechecking to work better with clang and old libcurl (#192)
- has_internet() now checks for connectivity via a proxy server if one is detected
- Windows: respect the CURL_SSL_BACKEND variable for people that want to use OpenSSL.
- Windows: respect CURL_CA_BUNDLE if (and only if) CURL_SSL_BACKEND == openssl
- curl_download now writes to a temporary file, which is renamed to the destfile
upon success. This prevents corrupt files when a download fails or is interrupted.
- Automatically set forbid_reuse = TRUE in curl_echo() handles
- Update symbol table to 7.66.0
1.5.4:
Fix display of inline x-editable boolean fields on list view
Add support for several SQLAlchemy-Utils data types
Support searching on SQLAlchemy hybrid properties
Extra URL paramaters are now propagated to the next page when searching / filtering
Add enum34 dependency when running on legacy Python version
Update Mapbox API v1 URL format
Update jQuery and moment dependencies in templates
Fixed a datepicker issue, where only dates up to 2015 were showing up
Updated Pillow dependency version
5.6.1:
Significant Changes
RegExRemove applies to all cells
RegExRemove preprocessor now removes cells regardless of cell outputs. Before this only cells that had outputs were filtered.
Comprehensive notes
New Features
- Add support for alt tags for jpeg and png images
- Allow HTML header anchor text to be HTML
- Change RegExRemove to remove code cells with output
- Added cell tag data attributes to HTML exporter
Fixing Problems
- Update svg2pdf.py to search the PATH for inkscape
- Fix latex dependencies installation command for Ubuntu systems
Testing, Docs, and Builds
- Added Circle CI builds for documentation
- Fix typo in argument name in docstring (TagRemovePreprocessor)
- Changelog typo fix
- Updated API page for TagRemovePreprocessor and TemplateExporter
- Added remove_input_tag traitlet to the docstring
Changes:
2.26.2
======
- Improve performance of querying system fallback fonts.
- Don't use prgname in dbus-proxy socket path.
- Fix thread-safety issues in image decoders.
- Fix the build with WebDriver disabled.
- Disable accelerated compositing when we fail to initialize the EGL
dispaly under Wayland.
- Fill the objects category in emoji picker.
- Fix several crashes and rendering issues.
Go-mux implements a request router and dispatcher for matching
incoming requests to their respective handler.
The name mux stands for "HTTP request multiplexer". Like the standard
http.ServeMux, mux.Router matches incoming requests against a list of
registered routes and calls a handler for the route that matches the
URL or other conditions. The main features are:
It implements the http.Handler interface so it is compatible with the
standard http.ServeMux.
Requests can be matched based on URL host, path, path prefix, schemes,
header and query values, HTTP methods or using custom matchers.
URL hosts, paths and query values can have variables with an optional
regular expression.
Registered URLs can be built, or "reversed", which helps maintaining
references to resources.
Routes can be used as subrouters: nested routes are only tested if the
parent route matches. This is useful to define groups of routes that
share common conditions like a host, a path prefix or other repeated
attributes. As a bonus, this optimizes request matching.
Changes:
7.67.0
------
This release includes the following changes:
o curl: added --no-progress-meter
o setopt: CURLMOPT_MAX_CONCURRENT_STREAMS is new
o urlapi: CURLU_NO_AUTHORITY allows empty authority/host part
This release includes the following bugfixes:
o BINDINGS: five new bindings addded
o CURLOPT_TIMEOUT.3: Clarify transfer timeout time includes queue time
o CURLOPT_TIMEOUT.3: remove the mention of "minutes"
o ESNI: initial build/setup support
o FTP: FTPFILE_NOCWD: avoid redundant CWDs
o FTP: allow "rubbish" prepended to the SIZE response
o FTP: remove trailing slash from path for LIST/MLSD
o FTP: skip CWD to entry dir when target is absolute
o FTP: url-decode path before evaluation
o HTTP3.md: move -p for mkdir, remove -j for make
o HTTP3: fix invalid use of sendto for connected UDP socket
o HTTP3: fix ngtcp2 Windows build
o HTTP3: fix prefix parameter for ngtcp2 build
o HTTP3: fix typo somehere1 > somewhere1
o HTTP3: show an --alt-svc using example too
o INSTALL: add missing space for configure commands
o INSTALL: add vcpkg installation instructions
o README: minor grammar fix
o altsvc: accept quoted ma and persist values
o altsvc: both backends run h3-23 now
o appveyor: Add MSVC ARM64 build
o appveyor: Use two parallel compilation on appveyor with CMake
o appveyor: add --disable-proxy autotools build
o appveyor: add 32-bit MinGW-w64 build
o appveyor: add a winbuild
o appveyor: add a winbuild that uses VS2017
o appveyor: make winbuilds with DEBUG=no/yes and VS 2015/2017
o appveyor: publish artifacts on appveyor
o appveyor: upgrade VS2017 to VS2019
o asyn-thread: make use of Curl_socketpair() where available
o asyn-thread: s/AF_LOCAL/AF_UNIX for Solaris
o build: Remove unused HAVE_LIBSSL and HAVE_LIBCRYPTO defines
o checksrc: fix uninitialized variable warning
o chunked-encoding: stop hiding the CURLE_BAD_CONTENT_ENCODING error
o cirrus: Increase the git clone depth
o cirrus: Switch the FreeBSD 11.x build to 11.3 and add a 13.0 build
o cirrus: switch off blackhole status on the freebsd CI machines
o cleanups: 21 various PVS-Studio warnings
o configure: only say ipv6 enabled when the variable is set
o configure: remove all cyassl references
o conn-reuse: requests wanting NTLM can reuse non-NTLM connections
o connect: return CURLE_OPERATION_TIMEDOUT for errno == ETIMEDOUT
o connect: silence sign-compare warning
o cookie: avoid harmless use after free
o cookie: pass in the correct cookie amount to qsort()
o cookies: change argument type for Curl_flush_cookies
o cookies: using a share with cookies shouldn't enable the cookie engine
o copyrights: update copyright notices to 2019
o curl: create easy handles on-demand and not ahead of time
o curl: ensure HTTP 429 triggers --retry
o curl: exit the create_transfers loop on errors
o curl: fix memory leaked by parse_metalink()
o curl: load large files with -d @ much faster
o docs/HTTP3: fix `--with-ssl` ngtcp2 configure flag
o docs: added multi-event.c example
o docs: disambiguate CURLUPART_HOST is for host name (ie no port)
o docs: note on failed handles not being counted by curl_multi_perform
o doh: allow only http and https in debug mode
o doh: avoid truncating DNS QTYPE to lower octet
o doh: clean up dangling DOH memory on easy close
o doh: fix (harmless) buffer overrun
o doh: fix undefined behaviour and open up for gcc and clang optimization
o doh: return early if there is no time left
o examples/sslbackend: fix -Wchar-subscripts warning
o examples: remove the "this exact code has not been verified"
o git: add tests/server/disabled to .gitignore
o gnutls: make gnutls_bye() not wait for response on shutdown
o http2: expire a timeout at end of stream
o http2: prevent dup'ed handles to send dummy PRIORITY frames
o http2: relax verification of :authority in push promise requests
o http2_recv: a closed stream trumps pause state
o http: lowercase headernames for HTTP/2 and HTTP/3
o ldap: Stop using wide char version of ldapp_err2string
o ldap: fix OOM error on missing query string
o mbedtls: add error message for cert validity starting in the future
o mime: when disabled, avoid C99 macro
o ngtcp2: adapt to API change
o ngtcp2: compile with latest ngtcp2 + nghttp3 draft-23
o ngtcp2: remove fprintf() calls
o openssl: close_notify on the FTP data connection doesn't mean closure
o openssl: fix compiler warning with LibreSSL
o openssl: use strerror on SSL_ERROR_SYSCALL
o os400: getpeername() and getsockname() return ebcdic AF_UNIX sockaddr
o parsedate: fix date parsing disabled builds
o quiche: don't close connection at end of stream
o quiche: persist connection details (fixes -I with --http3)
o quiche: set 'drain' when returning without having drained the queues
o quiche: update HTTP/3 config creation to new API
o redirect: handle redirects to absolute URLs containing spaces
o runtests: get textaware info from curl instead of perl
o schannel: reverse the order of certinfo insertions
o schannel_verify: Fix concurrent openings of CA file
o security: silence conversion warning
o setopt: handle ALTSVC set to NULL
o setopt: make it easier to add new enum values
o setopt: store CURLOPT_RTSP_SERVER_CSEQ correctly
o smb: check for full size message before reading message details
o smbserver: fix Python 3 compatibility
o socks: Fix destination host shown on SOCKS5 error
o test1162: disable MSYS2's POSIX path conversion
o test1591: fix spelling of http feature
o tests: add `connect to non-listen` keywords
o tests: fix narrowing conversion warnings
o tests: fix the test 3001 cert failures
o tests: makes tests succeed when using --disable-proxy
o tests: use %FILE_PWD for file:// URLs
o tests: use port 2 instead of 60000 for a safer non-listening port
o tool_operate: Fix retry sleep time shown to user when Retry-After
o travis: Add an ARM64 build
o url: Curl_free_request_state() should also free doh handles
o url: don't set appconnect time for non-ssl/non-ssh connections
o url: fix the NULL hostname compiler warning
o url: normalize CURLINFO_EFFECTIVE_URL
o url: only reuse TLS connections with matching pinning
o urlapi: avoid index underflow for short ipv6 hostnames
o urlapi: fix URL encoding when setting a full URL
o urlapi: fix unused variable warning
o urlapi: question mark within fragment is still fragment
o urldata: use 'bool' for the bit type on MSVC compilers
o vtls: Fix comment typo about macosx-version-min compiler flag
o vtls: fix narrowing conversion warnings
o winbuild/MakefileBuild.vc: Add vssh
o winbuild/MakefileBuild.vc: Fix line endings
o winbuild: Add manifest to curl.exe for proper OS version detection
o winbuild: add ENABLE_UNICODE option
Changelog:
Security fixes:
#CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber
#CVE-2019-11757: Use-after-free when creating index updates in IndexedDB
#CVE-2019-11758: Potentially exploitable crash due to 360 Total Security
#CVE-2019-11759: Stack buffer overflow in HKDF output
#CVE-2019-11760: Stack buffer overflow in WebRTC networking
#CVE-2019-11761: Unintended access to a privileged JSONView object
#CVE-2019-11762: document.domain-based origin isolation has same-origin-property violation
#CVE-2019-11763: Incorrect HTML parsing results in XSS bypass technique
#CVE-2019-11764: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
5.5:
Django 3.0 compatibility.
Plugin system for extending the Country object.
5.4:
Renamed Macedonia -> North Macedonia.
Fix an outlying makemigrations error.
Pulled in new translations which were provided but missing from previous version.
Fixed Simplified Chinese translation (needed to be locale/zh_Hans).
Introduce an optional complex format for COUNTRIES_ONLY and COUNTRIES_OVERRIDE to allow for multiple names for a country, a custom three character code, and a custom numeric country code.
3.1.1:
Support the value file:// for origins, which is accidentally sent by some versions of Chrome on Android.
3.1.0:
Drop Python 2 support, only Python 3.5-3.7 is supported now.
Fix all links for move from github.com/ottoyiu/django-cors-headers to github.com/adamchainz/django-cors-headers.
Version 2.0.12:
- Fix too broad suppression of ``unused-argument`` warnings for functions and
methods where the first argument is named ``request``. Now issues warnings
for the rest of the arguments if they are unused.
- Pass arguments of ``scripts/test.sh`` to ``test_func/pytest`` to ease
development.
- Document behavior when ForeignKey fields are referenced as strings.
Django 2.2.7:
Fixed a crash when using a contains, contained_by, has_key, has_keys, or has_any_keys lookup on JSONField, if the right or left hand side of an expression is a key transform.
Prevented migrate --plan from showing that RunPython operations are irreversible when reverse_code callables don’t have docstrings or when showing a forward migration plan.
Fixed migrations crash on PostgreSQL when adding an Index with fields ordering and opclasses.
Restored the ability to override get_FOO_display().
Django 1.11.26:
Fixed a crash when using a contains, contained_by, has_key, has_keys, or has_any_keys lookup on JSONField, if the right or left hand side of an expression is a key transform.
3.6.3:
This release fixes issues introduced with 3.6.2 and the extend backport.
Also fixes an issue with memory lifespan of error_src on the C-API.
Additionally some edge case crashes have also been addressed.
Changelog
Fix compound extend warning
Fix extend being stuck in endless loop
Fix various edge-case segfault crashes
Extend error_src lifetime on c-api context
Fix memory leak in permutation function
Preserve indentation in nested mode
pkgsrc changes:
* Fix the script that initialize PostgreSQL database. Patch for AWL
directory was broken. Add '-U @PGUSER@' to psql command because it
is the default database administrator out of the box.
* Bump revision.
* Try to use pkgsrc clang/clang++ explicitly
Changelog:
Fixed
Fix for an issue that caused some websites or page elements using dynamic JavaScript to fail to load. (Bug 1592136)
Update OpenH264 video plugin for macOS 10.15 users (Bug 1587543)
Title bar no longer shows in full screen view (Bug 1588747)
Changed
OpenH264 video codec version bump for macOS 10.15 users (Bug 1587543)
Changes:
* BREAKING
* Hide some user information via API if user doesn't have enough permission (#8655) (#8658)
* BUGFIXES
* Fix milestone close timestamp (#8728) (#8731)
* Fix deadline on update issue or PR via API (#8699)
* Fix 'New Issue Missing Milestone Comment' (#8678) (#8682)
* Fix 500 when getting user as unauthenticated user (#8653) (#8662)
* Use AppSubUrl for more redirections (#8647) (#8652)
* Add SubURL to redirect path (#8632) (#8634) (#8640)
* Fix#8582 by handling empty repos (#8587) (#8593)
* Fix bug on pull requests when transfer head repository (#8571)
* Add missed close in ServeBlobLFS (#8527) (#8543)
* Return false if provided branch name is empty for IsBranchExist (#8485) (#8492)
* Create .ssh dir as necessary (#8369) (#8486) (#8489)
* Restore functionality for early gits (#7775) (#8476)
* Add check for empty set when dropping indexes during migration (#8475)
* Ensure Request Body Readers are closed in LFS server (#8454) (#8459)
* Ensure that LFS files are relative to the LFS content path (#8455) (#8458)
* SECURITY
* Ignore mentions for users with no access (#8395) (#8484)
* TESTING
* Update heatmap fixtures to restore tests (#8615) (#8617)
