Age | Commit message (Collapse) | Author | Files | Lines |
|
It supports both python 2 and 3 nowadays.
|
|
Version 0.14.2
--------------
Released 2017-01-10
- Fix bug where ``FlaskForm`` assumed ``meta`` argument was not ``None`` if it
was passed. (`#278`_)
.. _#278: https://github.com/lepture/flask-wtf/issues/278
Version 0.14.1
--------------
Released 2017-01-10
- Fix bug where the file validators would incorrectly identify an empty file as
valid data. (`#276`_, `#277`_)
- ``FileField`` is no longer deprecated. The data is checked during
processing and only set if it's a valid file.
- ``has_file`` *is* deprecated; it's now equivalent to ``bool(field.data)``.
- ``FileRequired`` and ``FileAllowed`` work with both the Flask-WTF and
WTForms ``FileField`` classes.
- The ``Optional`` validator now works with ``FileField``.
.. _#276: https://github.com/lepture/flask-wtf/issues/276
.. _#277: https://github.com/lepture/flask-wtf/pull/277
Version 0.14
------------
Released 2017-01-06
- Use itsdangerous to sign CSRF tokens and check expiration instead of doing it
ourselves. (`#264`_)
- All tokens are URL safe, removing the ``url_safe`` parameter from
``generate_csrf``. (`#206`_)
- All tokens store a timestamp, which is checked in ``validate_csrf``. The
``time_limit`` parameter of ``generate_csrf`` is removed.
- Remove the ``app`` attribute from ``CsrfProtect``, use ``current_app``.
(`#264`_)
- ``CsrfProtect`` protects the ``DELETE`` method by default. (`#264`_)
- The same CSRF token is generated for the lifetime of a request. It is exposed
as ``g.csrf_token`` for use during testing. (`#227`_, `#264`_)
- ``CsrfProtect.error_handler`` is deprecated. (`#264`_)
- Handlers that return a response work in addition to those that raise an
error. The behavior was not clear in previous docs.
- (`#200`_, `#209`_, `#243`_, `#252`_)
- Use ``Form.Meta`` instead of deprecated ``SecureForm`` for CSRF (and
everything else). (`#216`_, `#271`_)
- ``csrf_enabled`` parameter is still recognized but deprecated. All other
attributes and methods from ``SecureForm`` are removed. (`#271`_)
- Provide ``WTF_CSRF_FIELD_NAME`` to configure the name of the CSRF token.
(`#271`_)
- ``validate_csrf`` raises ``wtforms.ValidationError`` with specific messages
instead of returning ``True`` or ``False``. This breaks anything that was
calling the method directly. (`#239`_, `#271`_)
- CSRF errors are logged as well as raised. (`#239`_)
- ``CsrfProtect`` is renamed to ``CSRFProtect``. A deprecation warning is issued
when using the old name. ``CsrfError`` is renamed to ``CSRFError`` without
deprecation. (`#271`_)
- ``FileField`` is deprecated because it no longer provides functionality over
the provided validators. Use ``wtforms.FileField`` directly. (`#272`_)
.. _`#200`: https://github.com/lepture/flask-wtf/issues/200
.. _`#209`: https://github.com/lepture/flask-wtf/pull/209
.. _`#216`: https://github.com/lepture/flask-wtf/issues/216
.. _`#227`: https://github.com/lepture/flask-wtf/issues/227
.. _`#239`: https://github.com/lepture/flask-wtf/issues/239
.. _`#243`: https://github.com/lepture/flask-wtf/pull/243
.. _`#252`: https://github.com/lepture/flask-wtf/pull/252
.. _`#264`: https://github.com/lepture/flask-wtf/pull/264
.. _`#271`: https://github.com/lepture/flask-wtf/pull/271
.. _`#272`: https://github.com/lepture/flask-wtf/pull/272
Version 0.13.1
--------------
Released 2016/10/6
- Deprecation warning for ``Form`` is shown during ``__init__`` instead of immediately when subclassing. (`#262`_)
- Don't use ``pkg_resources`` to get version, for compatibility with GAE. (`#261`_)
.. _`#261`: https://github.com/lepture/flask-wtf/issues/261
.. _`#262`: https://github.com/lepture/flask-wtf/issues/262
Version 0.13
------------
Released 2016/09/29
- ``Form`` is renamed to ``FlaskForm`` in order to avoid name collision with WTForms's base class. Using ``Form`` will show a deprecation warning. (`#250`_)
- ``hidden_tag`` no longer wraps the hidden inputs in a hidden div. This is valid HTML5 and any modern HTML parser will behave correctly. (`#217`_, `#193`_)
- ``flask_wtf.html5`` is deprecated. Import directly from ``wtforms.fields.html5``. (`#251`_)
- ``is_submitted`` is true for ``PATCH`` and ``DELETE`` in addition to ``POST`` and ``PUT``. (`#187`_)
- ``generate_csrf`` takes a ``token_key`` parameter to specify the key stored in the session. (`#206`_)
- ``generate_csrf`` takes a ``url_safe`` parameter to allow the token to be used in URLs. (`#206`_)
- ``form.data`` can be accessed multiple times without raising an exception. (`#248`_)
- File extension with multiple parts (``.tar.gz``) can be used in the ``FileAllowed`` validator. (`#201`_)
.. _`#187`: https://github.com/lepture/flask-wtf/pull/187
.. _`#193`: https://github.com/lepture/flask-wtf/issues/193
.. _`#201`: https://github.com/lepture/flask-wtf/issues/201
.. _`#206`: https://github.com/lepture/flask-wtf/pull/206
.. _`#217`: https://github.com/lepture/flask-wtf/issues/217
.. _`#248`: https://github.com/lepture/flask-wtf/pull/248
.. _`#250`: https://github.com/lepture/flask-wtf/pull/250
.. _`#251`: https://github.com/lepture/flask-wtf/pull/251
|
|
It works with the demo site, however does not work with real services.
|
|
v1.6.2
Version 1.6.2
Bugfix release
- Fixed a bug where application default credentials would still be used even
when a developerKey was specified. (#347)
- Official support for Python 3.5 and 3.6. (#341)
|
|
|
|
|
|
This is the currently maintained version of tidy.
No concise changelog compared to the 2009 version available though,
sorry.
|
|
Changes:
- fix multiple flaws with malformed text (buffer overflow, use after
free, infinite loop)
- fix uninitialized variable when not USE_IMAGE
|
|
Add a comment that distfiles should be uploaded when updating the package.
7.26 2017-02-15
- Fixed bug in Mojo::IOLoop::Subprocess where starting multiple subprocesses
at once could cause expcetions. (jberger)
|
|
|
|
|
|
|
|
|
|
pup is a command line tool for processing HTML. It reads from
stdin, prints to stdout, and allows the user to filter parts of
the page using CSS selectors.
|
|
6.19 2017-02-14
- Call HTTP::Status constant functions without & (GH#110)
- Make bin scripts use LWP's version and not maintain their own (PR #54)
- Fix bug triggered in some cases of auth challenges not having a viable
protocol (PR#111)
- Remove usage of the 'vars' pragma (GH#113)
|
|
time. PR pkg/51695
|
|
|
|
|
|
Changes since 1.06:
Harmonize arrays names
Remove array of months, it's currently unused and will likely remain so
Simplify internal JSON array and object names
Use OpenBSD style(9) for function prototypes and declarations
Revert back to using strtok, at least for now
Do not use EXIT_SUCCESS and EXIT_FAILURE macros anymore
Fix implicit function declaration rrror on NetBSD (Thanks Maya Rashish)
Remove now useless variables initialization and unnecessary includes
Do not add an extra new line when displaying usage or version
|
|
Reported by Riccardo Mottola.
|
|
|
|
|
|
Changes with nginx 1.11.9 24 Jan 2017
*) Bugfix: nginx might hog CPU when using the stream module; the bug had
appeared in 1.11.5.
*) Bugfix: EXTERNAL authentication mechanism in mail proxy was accepted
even if it was not enabled in the configuration.
*) Bugfix: a segmentation fault might occur in a worker process if the
"ssl_verify_client" directive of the stream module was used.
*) Bugfix: the "ssl_verify_client" directive of the stream module might
not work.
*) Bugfix: closing keepalive connections due to no free worker
connections might be too aggressive.
Thanks to Joel Cunningham.
*) Bugfix: an incorrect response might be returned when using the
"sendfile" directive on FreeBSD and macOS; the bug had appeared in
1.7.8.
*) Bugfix: a truncated response might be stored in cache when using the
"aio_write" directive.
*) Bugfix: a socket leak might occur when using the "aio_write"
directive.
Changes with nginx 1.11.8 27 Dec 2016
*) Feature: the "absolute_redirect" directive.
*) Feature: the "escape" parameter of the "log_format" directive.
*) Feature: client SSL certificates verification in the stream module.
*) Feature: the "ssl_session_ticket_key" directive supports AES256
encryption of TLS session tickets when used with 80-byte keys.
*) Feature: vim-commentary support in vim scripts.
Thanks to Armin Grodon.
*) Bugfix: recursion when evaluating variables was not limited.
*) Bugfix: in the ngx_stream_ssl_preread_module.
*) Bugfix: if a server in an upstream in the stream module failed, it
was considered alive only when a test connection sent to it after
fail_timeout was closed; now a successfully established connection is
enough.
*) Bugfix: nginx/Windows could not be built with 64-bit Visual Studio.
*) Bugfix: nginx/Windows could not be built with OpenSSL 1.1.0.
Changes with nginx 1.11.7 13 Dec 2016
*) Change: now in case of a client certificate verification error the
$ssl_client_verify variable contains a string with the failure
reason, for example, "FAILED:certificate has expired".
*) Feature: the $ssl_ciphers, $ssl_curves, $ssl_client_v_start,
$ssl_client_v_end, and $ssl_client_v_remain variables.
*) Feature: the "volatile" parameter of the "map" directive.
*) Bugfix: dependencies specified for a module were ignored while
building dynamic modules.
*) Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
directives client request body might be corrupted; the bug had
appeared in 1.11.0.
*) Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2; the bug had appeared in 1.11.3.
*) Bugfix: in the ngx_http_mp4_module.
Thanks to Congcong Hu.
*) Bugfix: in the ngx_http_perl_module.
Changes with nginx 1.11.6 15 Nov 2016
*) Change: format of the $ssl_client_s_dn and $ssl_client_i_dn variables
has been changed to follow RFC 2253 (RFC 4514); values in the old
format are available in the $ssl_client_s_dn_legacy and
$ssl_client_i_dn_legacy variables.
*) Change: when storing temporary files in a cache directory they will
be stored in the same subdirectories as corresponding cache files
instead of a separate subdirectory for temporary files.
*) Feature: EXTERNAL authentication mechanism support in mail proxy.
Thanks to Robert Norris.
*) Feature: WebP support in the ngx_http_image_filter_module.
*) Feature: variables support in the "proxy_method" directive.
Thanks to Dmitry Lazurkin.
*) Feature: the "http2_max_requests" directive in the
ngx_http_v2_module.
*) Feature: the "proxy_cache_max_range_offset",
"fastcgi_cache_max_range_offset", "scgi_cache_max_range_offset", and
"uwsgi_cache_max_range_offset" directives.
*) Bugfix: graceful shutdown of old worker processes might require
infinite time when using HTTP/2.
*) Bugfix: in the ngx_http_mp4_module.
*) Bugfix: "ignore long locked inactive cache entry" alerts might appear
in logs when proxying WebSocket connections with caching enabled.
*) Bugfix: nginx did not write anything to log and returned a response
with code 502 instead of 504 when a timeout occurred during an SSL
handshake to a backend.
Changes with nginx 1.11.5 11 Oct 2016
*) Change: the --with-ipv6 configure option was removed, now IPv6
support is configured automatically.
*) Change: now if there are no available servers in an upstream, nginx
will not reset number of failures of all servers as it previously
did, but will wait for fail_timeout to expire.
*) Feature: the ngx_stream_ssl_preread_module.
*) Feature: the "server" directive in the "upstream" context supports
the "max_conns" parameter.
*) Feature: the --with-compat configure option.
*) Feature: "manager_files", "manager_threshold", and "manager_sleep"
parameters of the "proxy_cache_path", "fastcgi_cache_path",
"scgi_cache_path", and "uwsgi_cache_path" directives.
*) Bugfix: flags passed by the --with-ld-opt configure option were not
used while building perl module.
*) Bugfix: in the "add_after_body" directive when used with the
"sub_filter" directive.
*) Bugfix: in the $realip_remote_addr variable.
*) Bugfix: the "dav_access", "proxy_store_access",
"fastcgi_store_access", "scgi_store_access", and "uwsgi_store_access"
directives ignored permissions specified for user.
*) Bugfix: unix domain listen sockets might not be inherited during
binary upgrade on Linux.
*) Bugfix: nginx returned the 400 response on requests with the "-"
character in the HTTP method.
|
|
Changes with nginx 1.10.3 31 Jan 2017
*) Bugfix: in the "add_after_body" directive when used with the
"sub_filter" directive.
*) Bugfix: unix domain listen sockets might not be inherited during
binary upgrade on Linux.
*) Bugfix: graceful shutdown of old worker processes might require
infinite time when using HTTP/2.
*) Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
directives client request body might be corrupted; the bug had
appeared in 1.10.2.
*) Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2; the bug had appeared in 1.10.2.
*) Bugfix: an incorrect response might be returned when using the
"sendfile" directive on FreeBSD and macOS; the bug had appeared in
1.7.8.
*) Bugfix: a truncated response might be stored in cache when using the
"aio_write" directive.
*) Bugfix: a socket leak might occur when using the "aio_write"
directive.
Changes with nginx 1.10.2 18 Oct 2016
*) Change: the "421 Misdirected Request" response now used when
rejecting requests to a virtual server different from one negotiated
during an SSL handshake; this improves interoperability with some
HTTP/2 clients when using client certificates.
*) Change: HTTP/2 clients can now start sending request body
immediately; the "http2_body_preread_size" directive controls size of
the buffer used before nginx will start reading client request body.
*) Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2 and the "proxy_request_buffering" directive.
*) Bugfix: the "Content-Length" request header line was always added to
requests passed to backends, including requests without body, when
using HTTP/2.
*) Bugfix: "http request count is zero" alerts might appear in logs when
using HTTP/2.
*) Bugfix: unnecessary buffering might occur when using the "sub_filter"
directive; the issue had appeared in 1.9.4.
*) Bugfix: socket leak when using HTTP/2.
*) Bugfix: an incorrect response might be returned when using the "aio
threads" and "sendfile" directives; the bug had appeared in 1.9.13.
*) Workaround: OpenSSL 1.1.0 compatibility.
|
|
servicing events when port_getn() returns a timeout.
|
|
Unknown
|
|
Pystache is a Python implementation of Mustache. Mustache is
a framework-agnostic, logic-free templating system inspired by ctemplate and
et. Like ctemplate, Mustache "emphasizes separating logic from presentation:
it is impossible to embed application logic in this template language."
|
|
The 3.5 release is the second in a planned series that is addressing schema generation, hypermedia support, API client libraries, and finally realtime support.
|
|
Scrapy is a fast high-level web crawling and web scraping framework, used to
crawl websites and extract structured data from their pages. It can be used for
a wide range of purposes, from data mining to monitoring and automated testing.
|
|
Parsel is a library to extract data from HTML and XML using XPath and CSS
selectors.
Features:
* Extract text using CSS or XPath selectors
* Regular expression helper methods
|
|
* remove comments, or tags from HTML snippets
* extract base url from HTML snippets
* translate entites on HTML strings
* convert raw HTTP headers to dicts and vice-versa
* construct HTTP auth header
* converting HTML pages to unicode
* sanitize urls (like browsers do)
* extract arguments from urls
|
|
* Bump to cheroot 5.1.0.
* 794: Prefer setting max-age for session cookie
expiration, moving MSIE hack into a function
documenting its purpose.
|
|
Cheroot is the high-performance, pure-Python HTTP server used by CherryPy.
|
|
- Security fix: "|" not allowed into DirLang parameter.
- Security fix: More restrictive rule for using AWSTATS_ENABLE_CONFIG_DIR.
- Update robots database.
- Fix OS database.
- Update/fix of documentation.
- Add missing country flag for "el".
- Add partial support for pure-ftpd stats format in method field.
- Add support for macOS Sierra.
- Add web fonts to default NotPageList, add support for GPX and JSON files
|
|
|
|
|
|
Upstream changes:
= 4.5.3 (20170102) =
* Fixed foster parenting when html5lib is the tree builder. Thanks to
Geoffrey Sneddon for a patch and test.
* Fixed yet another problem that caused the html5lib tree builder to
create a disconnected parse tree. [bug=1629825]
= 4.5.2 (20170102) =
* Apart from the version number, this release is identical to
4.5.3. Due to user error, it could not be completely uploaded to
PyPI. Use 4.5.3 instead.
|
|
Upstream changes:
7.25 2017-02-09
- Fixed cleanup bugs in Mojo::IOLoop::Stream.
7.24 2017-02-05
- Added open method to Mojo::File.
- Added tempfile function to Mojo::File.
- Fixed bug in Mojo::Asset::File where the slurp method would not work
correctly for very large files.
|
|
per message to pkgsrc-users@ from Glenn Strauss.
Bump PKGREVISION.
|
|
Default build is unchanged with gtk2 (cairo-gtk2)
|
|
Default build is unchanged with gtk2 (cairo-gtk2)
|
|
Your NetBSD system should have ~/.asoundrc like as follows.
However OSS audio playback is not ver stable.
pcm.oss {
type oss
device /dev/audio
}
pcm.!default {
type plug
slave {
pcm oss
format S16_LE
}
}
ctl.!default {
type oss
device /dev/mixer
}
|
|
Changes include:
* Single-child trees are now elided into single links. Instead of having to
click through depths of links, now a single link will to to the maximum
point of depth.
* Continuing our commitment to supporting kernel.org, we've adopted some of
their style changes in our CSS, now allowing for colored even/odd table rows
with a nice hover effect.
* Snapshot name prettification is now consistent, so that the 'v' prefix
stripping only occurs when it won't create any collisions. This is a slight
change of behavior, but I imagine cases of folks relying on the old broken
behavior are few and far between.
* We now use Git 2.10.2 internally, which has brought with it numerous
cleanups and a gradual shift away from 20 byte uchar arrays and toward the
newer "object_id" structure.
|
|
certificate generation when using SSL Bump.
http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit
|
|
|
|
|
|
|
|
Version 1.1.26 (released 24-Jan-2017)
* security fix: escape nav_data name to avoid XSS attack
Version 1.1.25 (released 15-Sep-2016)
* fix _rev2optrev assertion on long input
Version 1.1.24 (released 02-Oct-2015)
* fix minor bug in human_readable boolean calculation
* allow hr_funout option to apply to unidiff diffs, too
* fix infinite loop in rcsparse
* fix iso8601 timezone offset handling (issue #542)
* add support for renamed roots (issue #544)
* fix minor buglet in viewvc-install error message
|
|
bass-heavy sounds, similar to the change made to www/firefox.
put this patch in files/ because it's the right thing and also because
I'm struggling to make changes to the patch, possibly my moving the
location of EOF so the patch doesn't apply fully (guessing)
PKGREVISION->2
|
|
|