| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Due to a change in packaging the docs themes are currently excluded from
the pypi distribution, breaking the -docs package. Issue ``#761`` should
address this upstream; we'll being using GitHub as the master site for the
time being.
Version 0.10.4
--------------
(bugfix release, released on March 26th 2015)
- Re-release of 0.10.3 with packaging artifacts manually removed.
Version 0.10.3
--------------
(bugfix release, released on March 26th 2015)
- Re-release of 0.10.2 without packaging artifacts.
Version 0.10.2
--------------
(bugfix release, released on March 26th 2015)
- Fixed issue where ``empty`` could break third-party libraries that relied on
keyword arguments (pull request ``#675``)
- Improved ``Rule.empty`` by providing a ```get_empty_kwargs`` to allow setting
custom kwargs without having to override entire ``empty`` method. (pull
request ``#675``)
- Fixed ```extra_files``` parameter for reloader to not cause startup
to crash when included in server params
- Using `MultiDict` when building URLs is now not supported again. The behavior
introduced several regressions.
- Fix performance problems with stat-reloader (pull request ``#715``).
Version 0.10.1
--------------
(bugfix release, released on February 3rd 2015)
- Fixed regression with multiple query values for URLs (pull request ``#667``).
- Fix issues with eventlet's monkeypatching and the builtin server (pull
request ``#663``).
Version 0.10
------------
Released on January 30th 2015, codename Bagger.
- Changed the error handling of and improved testsuite for the caches in
``contrib.cache``.
- Fixed a bug on Python 3 when creating adhoc ssl contexts, due to `sys.maxint`
not being defined.
- Fixed a bug on Python 3, that caused
:func:`~werkzeug.serving.make_ssl_devcert` to fail with an exception.
- Added exceptions for 504 and 505.
- Added support for ChromeOS detection.
- Added UUID converter to the routing system.
- Added message that explains how to quit the server.
- Fixed a bug on Python 2, that caused ``len`` for
:class:`werkzeug.datastructures.CombinedMultiDict` to crash.
- Added support for stdlib pbkdf2 hmac if a compatible digest
is found.
- Ported testsuite to use ``py.test``.
- Minor optimizations to various middlewares (pull requests ``#496`` and
``#571``).
- Use stdlib ``ssl`` module instead of ``OpenSSL`` for the builtin server
(issue ``#434``). This means that OpenSSL contexts are not supported anymore,
but instead ``ssl.SSLContext`` from the stdlib.
- Allow protocol-relative URLs when building external URLs.
- Fixed Atom syndication to print time zone offset for tz-aware datetime
objects (pull request ``#254``).
- Improved reloader to track added files and to recover from broken
sys.modules setups with syntax errors in packages.
- ``cache.RedisCache`` now supports arbitrary ``**kwargs`` for the redis
object.
- ``werkzeug.test.Client`` now uses the original request method when resolving
307 redirects (pull request ``#556``).
- ``werkzeug.datastructures.MIMEAccept`` now properly deals with mimetype
parameters (pull request ``#205``).
- ``werkzeug.datastructures.Accept`` now handles a quality of ``0`` as
intolerable, as per RFC 2616 (pull request ``#536``).
- ``werkzeug.urls.url_fix`` now properly encodes hostnames with ``idna``
encoding (issue ``#559``). It also doesn't crash on malformed URLs anymore
(issue ``#582``).
- ``werkzeug.routing.MapAdapter.match`` now recognizes the difference between
the path ``/`` and an empty one (issue ``#360``).
- The interactive debugger now tries to decode non-ascii filenames (issue
``#469``).
- Increased default key size of generated SSL certificates to 1024 bits (issue
``#611``).
- Added support for specifying a ``Response`` subclass to use when calling
:func:`~werkzeug.utils.redirect`\ .
- ``werkzeug.test.EnvironBuilder`` now doesn't use the request method anymore
to guess the content type, and purely relies on the ``form``, ``files`` and
``input_stream`` properties (issue ``#620``).
- Added Symbian to the user agent platform list.
- Fixed make_conditional to respect automatically_set_content_length
- Unset ``Content-Length`` when writing to response.stream (issue ``#451``)
- ``wrappers.Request.method`` is now always uppercase, eliminating
inconsistencies of the WSGI environment (issue ``647``).
- ``routing.Rule.empty`` now works correctly with subclasses of ``Rule`` (pull
request ``#645``).
- Made map updating safe in light of concurrent updates.
- Allow multiple values for the same field for url building (issue ``#658``).
Version 0.9.7
-------------
(bugfix release, release date to be decided)
- Fix unicode problems in ``werkzeug.debug.tbtools``.
- Fix Python 3-compatibility problems in ``werkzeug.posixemulation``.
- Backport fix of fatal typo for ``ImmutableList`` (issue ``#492``).
- Make creation of the cache dir for ``FileSystemCache`` atomic (issue
``#468``).
- Use native strings for memcached keys to work with Python 3 client (issue
``#539``).
- Fix charset detection for ``werkzeug.debug.tbtools.Frame`` objects (issues
``#547`` and ``#532``).
- Fix ``AttributeError`` masking in ``werkzeug.utils.import_string`` (issue
``#182``).
- Explicitly shut down server (issue ``#519``).
- Fix timeouts greater than 2592000 being misinterpreted as UNIX timestamps in
``werkzeug.contrib.cache.MemcachedCache`` (issue ``#533``).
- Fix bug where ``werkzeug.exceptions.abort`` would raise an arbitrary subclass
of the expected class (issue ``#422``).
- Fix broken ``jsrouting`` (due to removal of ``werkzeug.templates``)
- ``werkzeug.urls.url_fix`` now doesn't crash on malformed URLs anymore, but
returns them unmodified. This is a cheap workaround for ``#582``, the proper
fix is included in version 0.10.
- The repr of ``werkzeug.wrappers.Request`` doesn't crash on non-ASCII-values
anymore (pull request ``#466``).
- Fix bug in ``cache.RedisCache`` when combined with ``redis.StrictRedis``
object (pull request ``#583``).
- The ``qop`` parameter for ``WWW-Authenticate`` headers is now always quoted,
as required by RFC 2617 (issue ``#633``).
- Fix bug in ``werkzeug.contrib.cache.SimpleCache`` with Python 3 where add/set
may throw an exception when pruning old entries from the cache (pull request
``#651``).
|
|
https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release/
|
|
ok bsiegert@, wiz@
Changes:
=================
WebKitGTK+ 2.8.5
=================
What's new in WebKitGTK+ 2.8.5?
- Fix the window size reported when the web view isn't realized yet. This fixes the layout of
some websites when opening new tabs in the browser and anchor links when opened in new tabs too.
- Prevent clipboard contents from being lost when web process finishes.
- Always allow font matching for strong aliases.
- Move GStreamer missing plugins installer to the UI process.
- Fix a crash when spell checker returns no guesses.
- Fix a crash when SoupSession is destroyed in exit handler.
- Fix a crash closing a page when default context menu is open.
- Several crashes and rendering issues fixed.
- Translation updates: Swedish.
|
|
|
|
1.2.0
-----
* Codebase was migrated to Flask-Admin GitHub organization
* Automatically inject Flask-WTF CSRF token to internal Flask-Admin forms
* MapBox v4 support for GeoAlchemy
* Updated translations with help of CrowdIn
* Show warning if field was ignored in form rendering rules
* Simple AppEngine backend
* Optional support for Font Awesome in templates and menus
* Bug fixes
|
|
|
|
Version 0.12
------------
Released 2015/07/09
- Abstract protect_csrf() into a separate method
- Update reCAPTCHA configuration
- Fix reCAPTCHA error handle
|
|
User-visible changes:
- General:
* make all commands provide brief description in help output (r1522518)
* flush stdout before exiting to avoid information being lost (r1543868)
- Major new features:
* fsfs: new format 7 with more efficient on-disk layout (r1547045 et al)
* resolve: improve interactive conflict resolution menus
* blame: support showing prospective as well as previous changes
* info: support printing of individual values with --show-item (r1662620)
* svn auth: new subcommand to manage cached credentials and certs
* svnserve: cache config and authz to lower resource usage and be able to
serve large numbers of connections with a limited number of threads
* membuffer: quadruple the maximum cacheable directory size (r1545948 et al)
* new filesystem fsx (faster, smaller); experimental - see release notes
- Minor new features and improvements:
See http://svn.apache.org/repos/asf/subversion/tags/1.9.0/CHANGES
|
|
not redistributable, which prevents this package from being so too.
Bump PKGREVISION.
|
|
|
|
is deprecated and creates a warning.
Quick and dirty replacement by erlang:timestamp(), until such time as
upgrading to a fixed yaws will be done.
|
|
Upstream changes:
6.14 2015-07-12
- Improved app generator command not to create a log directory.
6.13 2015-07-08
- Added support for validating file uploads.
- Added upload check to Mojolicious::Validator.
- Improved error messages for broken applications in Mojo::Server. (mst)
- Improved subscribers method in Mojo::EventEmitter to allow subscribers to be
modified more easily.
|
|
Upstream changes:
0.056 2015-05-19 06:00:40-04:00 America/New_York
- No changes from 0.055
0.055 2015-05-07 18:13:41-04:00 America/New_York (TRIAL RELEASE)
[ADDED]
- Added 'can_ssl' method to detect SSL support before trying and
failing with a fatal exception.
- Added support for 308 redirects
[FIXED]
- When specifying a custom CA file, if that file is missing or
unreadable, HTTP::Tiny will no longer fall back to a default CA
[DOCUMENTED]
- Noted units are bytes for max_size
0.054 2015-01-27 07:18:19-05:00 America/New_York
[ADDED]
- Added more fallback paths to find CA files (thanks golang)
[DOCUMENTED]
- Fixed a typo
|
|
Upstream changes:
== Security fixes ==
* Internal review discovered that Special:DeletedContributions did not
properly
protect the IP of autoblocked users. This fix makes the functionality of
Special:DeletedContributions consistent with Special:Contributions and
Special:BlockList.
<https://phabricator.wikimedia.org/T106893>
* Internal review discovered that watchlist anti-csrf tokens were not being
compared in constant time, which could allow various timing attacks. This
could
allow an attacker to modify a user's watchlist via csrf.
<https://phabricator.wikimedia.org/T94116>
* John Menerick reported that MediaWiki's thumb.php failed to sanitize
various
error messages, resulting in xss.
<https://phabricator.wikimedia.org/T97391>
Additionally, the following extensions have been updated to fix security
issues:
* Extension:SemanticForms - MediaWiki user Grunny discovered multiple
reflected
xss vectors in SemanticForms. Further internal review discovered and fixed
other reflected and stored xss vectors.
<https://phabricator.wikimedia.org/T103391>
<https://phabricator.wikimedia.org/T103765>
<https://phabricator.wikimedia.org/T103761>
* Extension:SyntaxHighlight_GeSHi - xss and potential DoS vectors. Internal
review discovered that the contib directory for GeSHi was re-included in
MediaWiki 1.25. Some scripts could be potentially be used for DoS, and
DAU Huy Ngoc discovered an xss vector. All contrib scripts have been
removed.
<https://phabricator.wikimedia.org/T108198>
* Extension:TimedMediaHandler - User:McZusatz reported that resetting
transcodes deleted the transcode without creating a new one, which could be
used for vandalism or potentially DoS.
<https://phabricator.wikimedia.org/T100211>
* Extension:Quiz - Internal review discovered that Quiz did not properly
escape
regex metacharacters in a user controlled regular expression, enabling a DoS
vector.
<https://phabricator.wikimedia.org/T97083>
* Extension:Widgets - MediaWiki developer Majr reported a potential HTML
injection (xss) vector.
<https://phabricator.wikimedia.org/T88964>
== Bug Fixes in 1.25.2 ==
* (T102562) Fix InstantCommons parameters to handle the new HTTPS-only
policy of Wikimedia Commons.
* (T100767) Setting a configuration setting for skin or extension to
false in LocalSettings.php was not working.
* (T100635) API action=opensearch json output no longer breaks when
$wgDebugToolbar is enabled.
* (T102522) Using an extension.json or skin.json file which has
a "manifest_version" property for 1.26 compatability will no longer
trigger warnings.
* (T86156) Running updateSearchIndex.php will not throw an error as
page_restrictions has been added to the locked table list.
* Special:Version would throw notices if using SVN due to an incorrectly
named variable. Add an additional check that an index is defined.
|
|
* Fix merge mistake.
|
|
* Sync with firefox-40.0.
|
|
Changelog:
New Support for Windows 10
New Added protection against unwanted software downloads
New User can receive suggested tiles in the new tab page based on categories Firefox matches to browsing history (en-US only).
New Hello allows adding a link to conversations to provide context on what the conversation will be about
New New style for add-on manager based on the in-content preferences style
New Improved scrolling, graphics, and video playback performance with off main thread compositing (GNU/Linux only)
New Graphic blocklist mechanism improved: Firefox version ranges can be specified, limiting the number of devices blocked
Changed Add-on extensions that are not signed by Mozilla will display a warning
Changed NPAPI Plug-in performance improved via asynchronous initialization
Changed Smoother animation and scrolling with hardware vsync (Windows only)
Changed JPEG images use less memory when scaled and can be painted faster
Changed Sub-resources can no longer request HTTP authentication, thus protecting users from inadvertently disclosing login data
HTML5 IndexedDB transactions are now non-durable by default
HTML5 Implemented AudioBufferSourceNode.detune to modulate playback rate in cents, a logarithmic unit of measure used for musical intervals
Developer Improved Performance tools in the developer tools: Waterfall view, Call Tree view and a Flame Chart view
Developer New rules view tooltip in the Inspector to tweak CSS Filter values
Developer Console API messages from SharedWorker and ServiceWorker are now displayed in web console
Developer New page ruler highlighting tool that displays lightweight horizontal and vertical rules on a page
Developer Inspector now searches across all content frames in a page
Fixed Kannada text does not display properly in built-in pdf viewer
Fixed Various security fixes
Known Issues
unresolved If Firefox is restarted from an add-on install notification, on-going private browsing downloads might be canceled without warning (1185294)
Fixed in Firefox 40
2015-92 Use-after-free in XMLHttpRequest with shared workers
2015-91 Mozilla Content Security Policy allows for asterisk wildcards in violation of CSP specification
2015-90 Vulnerabilities found through code inspection
2015-89 Buffer overflows on Libvpx when decoding WebM video
2015-88 Heap overflow in gdk-pixbuf when scaling bitmap images
2015-87 Crash when using shared memory in JavaScript
2015-86 Feed protocol with POST bypasses mixed content protections
2015-85 Out-of-bounds write with Updater and malicious MAR file
2015-84 Arbitrary file overwriting through Mozilla Maintenance Service with hard links
2015-83 Overflow issues in libstagefright
2015-82 Redefinition of non-configurable JavaScript object properties
2015-81 Use-after-free in MediaStream playback
2015-80 Out-of-bounds read with malformed MP3 file
2015-79 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
|
|
Upstream changes:
-----------------
19.3.0 / 2015/03/06
Core
fix: :issue:`978` make sure a listener is inheritable
add check_config class method to workers
fix: :issue:`983` fix select timeout in sync worker with multiple connections
allows workers to access to the reloader. close :issue:`984`
raise TypeError instead of AssertionError
Logging
make Logger.loglevel a class attribute
Documentation
fix: :issue:`988` fix syntax errors in examples/gunicorn_rc
19.2.1 / 2015/02/4
Logging
expose loglevel in the Logger class
AsyncIO worker (gaiohttp)
fix :issue:`977` fix initial crash
Documentation
document security mailing-list in the contributing page.
|
|
* Sync with www/firefox38.
|
|
* Sync with www/firefox.
|
|
Fixes Mozilla Foundation Security Advisory 2015-78:
Same origin violation and local file stealing via PDF reader
* Fixes CVE-2015-4495 - It's possible to read local files or
perform privilege escalation by using a native setter, bug 1178058.
* Remove PlayPreview registration from PDF viewer, bug 1179262.
ref. https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/
|
|
|
|
Fixes Mozilla Foundation Security Advisory 2015-78:
Same origin violation and local file stealing via PDF reader
* Fixes CVE-2015-4495 - It's possible to read local files or
perform privilege escalation by using a native setter, bug 1178058.
* Remove PlayPreview registration from PDF viewer, bug 1179262.
|
|
No functional change intended.
|
|
http://curl.haxx.se/mail/lib-2015-06/0122.html found in
https://github.com/bagder/curl/commit/903b6e05565bf826b4194447864288642214b094
|
|
|
|
0.24: # 2015-07-05T13:40:00+0200
- Minor copyediting and formatting changes to the documentation. No
code changes at all.
0.23: # 2015-07-03T17:00:00+0200
- The "Host" header can now be overriden by supplying a new
`no_default_host_header` option along with a `Host` header in `head
=> []` to request().
Before this we'd always send "Host: $host" over, where $host was the
host we were connecting to, now you can customize this.
- Fixed a bug where if passed passed `head => []` to request() we'd
emit a ":" header, i.e. just an empty header name with an empty
value.
You could have just not passed the `head => ` value if the array was
empty, but no we won't screw up and emit a single line consisting of
":" if given an empty array.
0.22: # 2015-05-27T07:54:17+0200
- No feature change. Re-package due to a missing file in the tarball:
https://rt.cpan.org/Ticket/Display.html?id=104624
0.21: # 2015-05-22T15:26:23+0200
- Fix "Too many CRLF" issue. Hijk has been always generating HTTP
request with an extra CRLF at the end. While many HTTP servers are
ignoring those, some treat it as errors. We now eliminate the extra
CRLF at the end of every request.
See also http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html
- Handle better when select() is interrupted by signals.
|
|
0.50 2015-02-02
- All collected changes since 0.44
0.45_08 2015-01-29
- IPv6 skipping code always turned off tests, rather than just
skipping on bad hosts.
0.45_07 2015-01-27T22:24Z
- Skip IPv6 tests in 01live.t on machines where IPv6 isn't configured
0.45_06 2015-01-23T17:55Z
- Further test iteration and diagnostics for smoke failures
0.45_05 2015-01-22T16:23Z
- Test diagnostics for cpantester failures
- Hopefully better localhost handling
0.45_04 2015-01-20T17:40Z
- Fix compatibility for the IPv6 support in .45_02
- Hopefully improve the live tests
0.45_03 2015-01-14T19:48Z
- Remove useless VERSION from HTTP::Server::Simple::CGI and
HTTP::Server::Simple::CGI::Environment
0.45_02 2012-05-20T18:15Z
- Support for IPv6 - Daniel Kahn Gillmor [rt.cpan.org #61200]
0.45_01 2011-09-22T10:10:41Z
- Support full URIs as required by RFC2616 - penfold [rt.cpan.org #69445]
|
|
1.75
========================================
[OTHER CHANGES]
- WWW::Mechanize::Image and WWW::Mechanize::Link now have a defined $VERSION
- fixed warning about the use of the encoding pragma (new in 5.22) (RT#91971)
- fixed warning about the use of CGI::param in list context (RT#103096)
|
|
2.0 (2015-05-18)
++++++++++++++++
- Added support for Unicode IDNA Compatibility Processing (aka Unicode
Technical Standard #46). Big thanks to Jon Ribbens who contributed this
functionality.
|
|
Release 2.2 (July 21, 2015)
===========================
* Fix Python 3 support. Patch by Victor Stinner.
|
|
Upstream changes:
0.161000 2015-07-08 14:57:16+02:00 Europe/Amsterdam
[ BUG FIXES ]
* GH #915, #930: Check existence of optional extension headers when
behind proxy. (Andy Beverley, Pedro Melo, Russell Jenkins)
* GH #926, #940: Set session directory default to $apprdir/session.
(Russell Jenkins)
* GH #936, #939: Use the error_template configuration on a 404.
(Russell Jenkins)
* GH #844, #937: Non-hash serialized params do not cause a crash. (Sawyer X)
* GH #943: Pass @_ to UNIVERSAL's VERSION so it validates version number.
(Sawyer X)
* GH #934: Cleanup internals in the old Dispatcher. (Russell Jenkins)
[ DOCUMENTATION ]
* Sanitize Changes
* GH #938: Fix POD link to params keyword. (Ludovic Tolhurst-Cleaver)
* GH #935: Provide more details and considerations when using
behind_proxy. (Andy Beverley)
[ ENHANCEMENT ]
* GH #933: use note in tests to produce cleaner non-verbose output (Vernon)
* Remove unnecessary dependencies: build chain should be smaller. (Sawyer X)
* No need for Module::Build. (Sawyer X)
* GH #911: Dancer2 request object is now a subclass of Plack::Request.
It's also much faster now. (Sawyer X)
|
|
Changelog:
Version 8.1.0 July 6th 2015
Much polishing, stability and performance improvements
Encryption 2.0
Updated Documents
New Mount Options for External Storage
Federated Cloud ID
Integrated documentation
LDAP Wizard Improvements
Security Improvements
App store improvements
Release channels
ownCloud API work: 190 new calls, 50 replaced
Many small improvements
|
|
|
|
* Bug 4293: wrong SNI sent to server after URL-rewrite
* Add ENABLE_POD2MAN_DOC automake conditional for pod2man builds
* basic_smb_auth: rejecting valid credentials
* basic_smb_auth: doesn't handle passwords with backslashes
* basic_smb_auth: nmblookup fails when smb.conf contaisn WINS servers
* Docs: fix man(8) page syntax for lexgrof tool
* Make pod2man an optional dependency
* Handle exceptions during squid.conf parse
* When SBuf chop()s away everything, always clear the buffer.
* Cleanup: avoid mentioning compiler directives in configure output
* Bug 4251: incorrect instance name for memory segments in /dev/shm
* Bug 3345: Support %un (any available user name) format code for external ACLs.
* AUFS: Raise I/O queue congestion limits
* Improve handling of client connections on shutdown
* Avoid SSL certificate db corruption with empty index.txt as a symptom.
* Errors served using invalid certificates when dealing with SSL server errors.
* IPv6: improve BCP 177 compliance
* Polish debugs on NAT failure
* Fix crash in TcpAccepter with profiler enabled
* Splice to origin cache_peer.
* Bug 4227: invalid key in AuthUserHashPointer causing assertation failure
|
|
It is reported that Trac (www/trac) has Japanese translation
natively and requires no modifications.
|
|
|
|
Changes:
WordPress 4.2.3 fixes a cross-site scripting vulnerability, which could allow
users with the Contributor or Author role to compromise a site.
The release also fixes an issue where it was possible for a user with
Subscriber permissions to create a draft through Quick Draft.
In addition to the security fixes, WordPress 4.2.3 contains fixes for
21 bugs from 4.2.2, including:
* FIX - Upgrades: If a table has already been converted to utf8mb4,
there's no need to try and convert it again.
* FIX - Remove a redundant index drop.
* FIX - Don't upgrade global tables to utf8mb4 when
DO_NOT_UPGRADE_GLOBAL_TABLES is defined.
* FIX - Enable utf8mb4 for MySQL extension users.
* FIX - Plugin update rely upon wp_update_plugins() to check the
contents of the transient and return early if no request needs to
be made.
* FIX - WPDB: When extracting the table name from a query, there is a
1000 character limit on the SQL string that would be searched.
* FIX - WPDB: When checking that text isn't too long to insert into a
column, LONGTEXT columns could fail, as their length is longer than
PHP_INT_MAX.
* FIX - Plugin update handles the case where the plugin is installed
into a different directory than it previously existed in.
* FIX - Plugin update feature doesn't recognize errors
* FIX - Plugin update error messages lack detail
* FIX - Multiple plugin updates: Even if one of plugins update fails,
allow further updates to continue.
* FIX - In comment_form(), ensure that filtered arguments contain all
required default values.
* FIX - WPDB: Remove some of the complexities in
::strip_invalid_text() associated with switching character sets
between queries.
* FIX - WPDB: ::strip_text_from_query() doesn't pass a length to
::strip_invalid_text(), which was causing queries to fail when they
contained characters that needed to be sanity checked by MySQL.
* FIX - Emoji script is producing errors on pages with SVG content
* FIX - Unable to drag widgets down page past certain length.
* FIX - TinyMCE: wpView: fix typo in createInstance that prevented
instances from being reused.
* FIX - SCRIPT_DEBUG check in print_emoji_detection_script()
generated PHP Notices.
* FIX - If the shortcode content contains HTML code, the TinyMCE View
no longer works.
* FIX - Better handling when the credential form is long (such as
when SSH is active).
* FIX - sanitize_option didn't handle a WP_Error Object.
|
|
Please use typo3_62.
|
|
|
|
|
|
Unknown
|
|
Upstream says that it "can not" work with perl 5.22 and has even
forked perl as "stableperl" to allow his package to work instead
of fixing it differently.
See http://blog.schmorp.de/2015-06-06-stableperl-faq.html
Ok bsiegert@
|
|
UI, Workflows & Features
* The bash completion script (in contrib/) learned a few options that
"git revert" takes.
* Whitespace breakages in deleted and context lines can also be
painted in the output of "git diff" and friends with the new
--ws-error-highlight option.
* List of commands shown by "git help" are grouped along the workflow
elements to help early learners.
* "git p4" now detects the filetype (e.g. binary) correctly even when
the files are opened exclusively.
* git p4 attempts to better handle branches in Perforce.
* "git p4" learned "--changes-block-size <n>" to read the changes in
chunks from Perforce, instead of making one call to "p4 changes"
that may trigger "too many rows scanned" error from Perforce.
* More workaround for Perforce's row number limit in "git p4".
* Unlike "$EDITOR" and "$GIT_EDITOR" that can hold the path to the
command and initial options (e.g. "/path/to/emacs -nw"), 'git p4'
did not let the shell interpolate the contents of the environment
variable that name the editor "$P4EDITOR" (and "$EDITOR", too).
This release makes it in line with the rest of Git, as well as with
Perforce.
* A new short-hand <branch>@{push} denotes the remote-tracking branch
that tracks the branch at the remote the <branch> would be pushed
to.
* "git show-branch --topics HEAD" (with no other arguments) did not
do anything interesting. Instead, contrast the given revision
against all the local branches by default.
* A replacement for contrib/workdir/git-new-workdir that does not
rely on symbolic links and make sharing of objects and refs safer
by making the borrowee and borrowers aware of each other.
Consider this as still an experimental feature; its UI is still
likely to change.
* Tweak the sample "store" backend of the credential helper to honor
XDG configuration file locations when specified.
* A heuristic we use to catch mistyped paths on the command line
"git <cmd> <revs> <pathspec>" is to make sure that all the non-rev
parameters in the later part of the command line are names of the
files in the working tree, but that means "git grep $str -- \*.c"
must always be disambiguated with "--", because nobody sane will
create a file whose name literally is asterisk-dot-see. Loosen the
heuristic to declare that with a wildcard string the user likely
meant to give us a pathspec.
* "git merge FETCH_HEAD" learned that the previous "git fetch" could
be to create an Octopus merge, i.e. recording multiple branches
that are not marked as "not-for-merge"; this allows us to lose an
old style invocation "git merge <msg> HEAD $commits..." in the
implementation of "git pull" script; the old style syntax can now
be deprecated (but not removed yet).
* Filter scripts were run with SIGPIPE disabled on the Git side,
expecting that they may not read what Git feeds them to filter.
We however treated a filter that does not read its input fully
before exiting as an error. We no longer do and ignore EPIPE
when writing to feed the filter scripts.
This changes semantics, but arguably in a good way. If a filter
can produce its output without fully consuming its input using
whatever magic, we now let it do so, instead of diagnosing it
as a programming error.
* Instead of dying immediately upon failing to obtain a lock, the
locking (of refs etc) retries after a short while with backoff.
* Introduce http.<url>.SSLCipherList configuration variable to tweak
the list of cipher suite to be used with libcURL when talking with
https:// sites.
* "git subtree" script (in contrib/) used "echo -n" to produce
progress messages in a non-portable way.
* "git subtree" script (in contrib/) does not have --squash option
when pushing, but the documentation and help text pretended as if
it did.
* The Git subcommand completion (in contrib/) no longer lists credential
helpers among candidates; they are not something the end user would
invoke interactively.
* The index file can be taught with "update-index --untracked-cache"
to optionally remember already seen untracked files, in order to
speed up "git status" in a working tree with tons of cruft.
* "git mergetool" learned to drive WinMerge as a backend.
* "git upload-pack" that serves "git fetch" can be told to serve
commits that are not at the tip of any ref, as long as they are
reachable from a ref, with uploadpack.allowReachableSHA1InWant
configuration variable.
|
|
This release contains mostly bug fixes.
Important changes
-----------------
- [ssl] disable SSL3.0 by default
- escape all strings for logging
- fix segfault when temp file for upload couldn’t be created (found by coverity)
- changes to the internal API for buffers, chunks and more; 3rd party plugins are likely to break
|
|
|
|
2015-07-25 Karen Etheridge <ether@cpan.org>
Release 1.69
Karen Etheridge:
- add $VERSIONs for all modules that lack them
Olaf Alders:
- add missing documentation for URI::sftp
- Clarify use of query_param() method
|
|
|
|
* Add Serbian language files.
Version 3.5.2 (2015-07-24)
--------------------------
### Fixed
Revert some of the PhpStorm code inspector changes (see #7937).
Version 3.5.1 (2015-07-24)
--------------------------
### Fixed
Add a `StringUtil` class to restore PHP 7 compatibility (see contao/core-bundle#309).
### Fixed
Fix the `Validator::isEmail()` method (see contao/core-bundle#313).
### Fixed
Strip tags before auto-generating aliases (see #7857).
### Fixed
Correctly encode the URLs in the popup file manager (see #7929).
### Fixed
Check for the comments module when compiling the news meta fields (see #7901).
### Fixed
Also sort the newsletter channels alphabetically in the front end (see #7864).
### Fixed
Disable responsive images in the back end preview (see #7875).
### Fixed
Overwrite the request string when generating news/event feeds (see #7756).
### Fixed
Store the static URLs with the cached file (see #7914).
### Fixed
Correctly check the subfolders in the `hasAccess()` method (see #7920).
### Fixed
Updated the countries list (see #7918).
### Fixed
Respect the `notSortable` flag in the parent (see #7902).
### Fixed
Round the maximum upload size to an integer value (see #7880).
### Fixed
Make the markup minification less aggressive (see #7734).
### Fixed
Filter the indices in `Database::getFieldNames()` (see #7869).
### Fixed
Back-ported two fixes from the upstream versions.
|
|
https://github.com/htacg/tidy-html5/commit/c18f27a58792f7fbd0b30a0ff50d6b40a82f9
40d
|
