| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
Version 2.2.1
-------------
Released on June 7th, 2018
- :class:`~fields.StringField` only sets ``data = ''`` when form data
is empty and an initial value was not provided. This fixes an issue
where the default value wasn't rendered with the initial form.
(`#291`_, `#401`_)
.. _#291: https://github.com/wtforms/wtforms/issues/291
.. _#401: https://github.com/wtforms/wtforms/issues/401
Version 2.2
-----------
Released on June 2nd, 2018
- Merged new and updated translations from the community.
- Passing ``data_`` args to render a field converts all the
underscores to hyphens when rendering the HTML attribute, not just
the first one. ``data_foo_bar`` becomes ``data-foo-bar``. (`#248`_)
- The :class:`~validators.UUID` validator uses the :class:`uuid.UUID`
class instead of a regex. (`#251`_)
- :class:`~fields.SelectField` copies the list of ``choices`` passed
to it so modifying an instance's choices will not modify the global
form definition. (`#286`_)
- Fields call :meth:`~fields.Field.process_formdata` even if the raw
data is empty. (`#280`_)
- Added a :class:`~fields.MultipleFileField` to handle a multi-file
input. :class:`~fields.FileField` continues to handle only one
value. The underlying :class:`~widgets.FileInput` widget gained a
``multiple`` argument. (`#281`_)
- :class:`~fields.SelectField` choices can contain HTML (MarkupSafe
``Markup`` object or equivalent API) and will be rendered properly.
(`#302`_)
- :class:`~fields.TimeField` and
:class:`html5.TimeField <fields.html5.TimeField>` were added.
(`#254`_)
- Improved :class:`~validators.Email`. Note that it is still
unreasonable to validate all emails with a regex and you should
prefer validating by actually sending an email. (`#294`_)
- Widgets render the ``required`` attribute when using a validator
that provides the ``'required'`` flag, such as
:class:`~validators.DataRequired`. (`#361`_)
- Fix a compatibility issue with SQLAlchemy 2.1 that caused
:class:`~ext.sqlalchemy.fields.QuerySelectField` to fail with
``ValueError: too many values to unpack``. (`#391`_)
.. _#248: https://github.com/wtforms/wtforms/pull/248
.. _#251: https://github.com/wtforms/wtforms/pull/251
.. _#254: https://github.com/wtforms/wtforms/pull/254
.. _#280: https://github.com/wtforms/wtforms/pull/280
.. _#281: https://github.com/wtforms/wtforms/pull/281
.. _#286: https://github.com/wtforms/wtforms/pull/286
.. _#294: https://github.com/wtforms/wtforms/pull/294
.. _#302: https://github.com/wtforms/wtforms/pull/302
.. _#361: https://github.com/wtforms/wtforms/pull/361
.. _#391: https://github.com/wtforms/wtforms/pull/391
|
|
|
|
3.5.5 Vroom vroom:
Breaking
Revert changes to raw CSS @imports
Deprecations
Add deprecation messages for colour arithmetic
Features
Support hex colors with alpha channels
Add a sass_option_push_import_extension C-API
Fixes
Fix segfault in handling modulo operator
Fix handling of unclosed interpolant in url
Fix possible bug with handling empty reference combinators
Fix -Wmissing-declarations for gcc < 7
|
|
|
|
Also switch from gnome-themes to the newer gnome-themes-standard to avoid
conflicts with other gnome-themes-standard using packages
|
|
|
|
0.54.0
- Change license from LGPL to BSD.
- Status return for WebSocketApp.run_forever()
- Handle redirects in handshake
- Make proxy_type option available in WebSocketApp.run_forever()
- Fix typo in supress_origin
- WebSocketApp's on_close never emits status code or reason
|
|
7.0:
websockets sends Ping frames at regular intervals and closes the connection if it doesn't receive a matching Pong frame. See :class:~protocol.WebSocketCommonProtocol for details.
Added process_request and select_subprotocol arguments to :func:~server.serve() and :class:~server.WebSocketServerProtocol to customize :meth:~server.WebSocketServerProtocol.process_request and :meth:~server.WebSocketServerProtocol.select_subprotocol without subclassing :class:~server.WebSocketServerProtocol
Added support for sending fragmented messages.
Added the :meth:~protocol.WebSocketCommonProtocol.wait_closed method to protocols.
Added an interactive client: python -m websockets <uri>.
Changed the origins argument to represent the lack of an origin with None rather than ''.
Fixed a data loss bug in :meth:~protocol.WebSocketCommonProtocol.recv: canceling it at the wrong time could result in messages being dropped.
Improved handling of multiple HTTP headers with the same name.
Improved error messages when a required HTTP header is missing.
|
|
2.1.5:
* Django middleware caching now works on Django 1.11 and Django 2.0.
The previous release only ran on 2.1.
2.1.4:
* Django middleware is now cached rather than instantiated per request
resulting in a sigificant speed improvement
* ChannelServerLiveTestCase now serves static files again
* Improved error message resulting from bad Origin headers
* runserver logging now goes through the Django logging framework
* Generic consumers can now have non-default channel layers
* Improved error when accessing scope['user'] before it's ready
|
|
3.0.4
* Python 3 fix for deleting items from a dict.
|
|
Bump revision.
|
|
1.24.1:
* Remove quadratic behavior within GzipDecoder.decompress()
* Restored functionality of ciphers parameter for create_urllib3_context()
|
|
|
|
cbindgen gets confused by netbsd's #define uintptr_t..., undef it
https://mail-index.netbsd.org/tech-pkg/2018/10/25/msg020395.html
|
|
3.0.3
* Ensure pytest requirements set properly.
3.0.2
* Encoding fixes in paste.fixture.
3.0.1
* Remove use of future for sake of html.escape and use own. Using
future was causing installation loops.
3.0.0
* Fixes for use with Python 3.7, mostly to do with StopIteration.
* Moving to https://github.com/cdent/paste to keep things maintained.
|
|
|
|
* Sync with www/firefox-63.0.1
|
|
* Minimize pkgsrc specific patches.
* A build system written in Rust lang does not find a C++ header files
from pkgsrc (non-base) GCC, this version is not buildable on NetBSD 7.
I will investigate this problem again.
Changelog:
63.0.1
Fixed
Snippets are not loaded due to missing element (bug 1503047)
Print preview always shows 30% scale when it is actually Shrink To Fit
(bug 1501952)
Dialog displayed when closing multiple windows shows unreplaced %1$S
placeholder in Japanese and potentially other locales (bug 1500823)
63.0
New
Performance and visual improvements for Windows users
Performance improvements for macOS users
Added content blocking, a collection of Firefox settings that offer
users greater control over technology that can track them around the
web. In 63, users can opt to block third-party tracking cookies or
block all trackers and create exceptions for trusted sites that don't
work correctly with content blocking enabled.
WebExtensions now run in their own process on Linux
Firefox now warns about having multiple windows and tabs open
when quitting from the main menu. The Save and Quit feature has been
removed. You can restore your session by ticking the box for Restore
previous session in the General->Startup options or by using Restore
Previous Session in the main menu.
Firefox now recognizes the operating system accessibility setting for
reducing animation
Added search shortcuts for Top Sites: Amazon and Google appear as Top
Sites tiles on the Firefox Home (New Tab) page. When selected these
tiles will change focus to the address bar to initiate a search.
Currently in US only.
Fixed
Resolved an issue that prevented the address bar from autofilling
bookmarked URLs in certain cases
Various security fixes
Changed
In the Library, the Open in Sidebar feature for individual bookmarks
was removed
The option to Never check for updates was removed from about:preferences.
You can use the DisableAppUpdate enterprise policy as a substitute.
The Ctrl+Tab shortcut now displays thumbnail previews of your tabs and
cycles through tabs in recently used order. This new default behavior
is activated only in new profiles and can be changed in preferences.
#CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin
#CVE-2018-12392: Crash with nested event loops
#CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript
#CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting
#CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts
#CVE-2018-12397: Missing warning prompt when WebExtension requests local file access
#CVE-2018-12398: CSP bypass through stylesheet injection in resource URIs
#CVE-2018-12399: Spoofing of protocol registration notification bar
#CVE-2018-12400: Favicons are cached in private browsing mode on Firefox for Android
#CVE-2018-12401: DOS attack through special resource URI parsing
#CVE-2018-12402: SameSite cookies leak when pages are explicitly saved
#CVE-2018-12403: Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP
#CVE-2018-12388: Memory safety bugs fixed in Firefox 63
#CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3
|
|
Django 2.1.3
Bugfixes:
Fixed a regression in Django 2.0 where combining Q objects with __in lookups and lists crashed
Fixed a regression in Django 1.11 where django-admin shell may hang on startup
Fixed a regression in Django 2.0 where test databases aren’t reused with manage.py test --keepdb on MySQL
Fixed a regression where cached foreign keys that use to_field were incorrectly cleared in Model.save()
Fixed a regression in Django 2.0 where FileSystemStorage crashes with FileExistsError if concurrent saves try to create the same directory
|
|
## 2.2.3 / 2018-10-30
### Security
Address CVE-2018-16468: Unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.
This CVE's public notice is at https://github.com/flavorjones/loofah/issues/154
## Meta / 2018-10-27
The mailing list is now on Google Groups [#146](https://github.com/flavorjones/loofah/issues/146):
* Mail: loofah-talk@googlegroups.com
* Archive: https://groups.google.com/forum/#!forum/loofah-talk
This change was made because librelist no longer appears to be maintained.
|
|
Upstream changes (from NEWS):
== Ruby-GNOME2 3.3.0: 2018-10-31
This is a release for fixing memory leak bugs of cairo-gobject,
improving macOS support and adding support for GEGL.
=== Changes
==== Ruby/GLib2
* Improvements
* Added support for the same constant name and class name for error.
* Fixes
* Fixed wrong constant values:
* (({GLib2::MINLONG}))
* (({GLib2::MAXLONG}))
* (({GLib2::MAXULONG}))
* (({GLib2::MINUINT64}))
* (({GLib2::MAXSIZE}))
* (({GLib2::MINFLOAT}))
* (({GLib2::MINDOUBLE}))
[GitHub#1244][Reported by cobodo]
==== Ruby/CairoGObject
* Fixes
* Fixed a memory leak.
[GitHub#1232][Reported by Jean-Christophe Le Lann]
* Stopped to increase needless reference.
[GitHub#1079][Reported by noanoa07]
==== Ruby/GObjectIntrospection
* Improvements
* Added support for transfer full output parameter.
* Fixes
* Fixed a bug that class method closure doesn't work.
[GitHub#1245][Reported by kojix2]
==== Ruby/GdkPixbuf2
* Improvements
* (({GdkPixbuf::Pixbuf.new})): Added support for auto row stride
detection for (({[Integer]})) data.
==== Ruby/Pango
* Improvements
* Made test more robust.
[GitHub#1239][Reported by Michael Hudson-Doyle]
==== Ruby/GTK3
* Improvements
* Improved backward compatibility for (({Gtk::ListStore#set_column_types})).
[GitHub#1240][Reported by Edward Hennessy]
* Fixes
* Fixed wrong size used bug on HiDPI.
[GitHub#1079][Reported by noanoa07]
==== Ruby/Poppler
* Improvements
* Added support for Popper 0.70.0.
==== Ruby/GEGL
* Improvements
* Added.
=== Thanks
* Jean-Christophe Le Lann
* Michael Hudson-Doyle
* Edward Hennessy
* cobodo
* kojix2
* noanoa07
|
|
|
|
Changes:
7.62.0
------
This release includes the following changes:
o multiplex: enable by default
o url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled
o setopt: add CURLOPT_DOH_URL
o curl: --doh-url added
o setopt: add CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size
o imap: change from "FETCH" to "UID FETCH"
o configure: add option to disable automatic OpenSSL config loading
o upkeep: add a connection upkeep API: curl_easy_upkeep()
o URL-API: added five new functions
o vtls: MesaLink is a new TLS backend
This release includes the following bugfixes:
o CVE-2018-16839: SASL password overflow via integer overflow
o CVE-2018-16840: use-after-free in handle close
o CVE-2018-16842: warning message out-of-buffer read
o CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated
o Curl_dedotdotify(): always nul terminate returned string
o Curl_follow: Always free the passed new URL
o Curl_http2_done: fix memleak in error path
o Curl_retry_request: fix memory leak
o Curl_saferealloc: Fixed typo in docblock
o FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output
o GnutTLS: TLS 1.3 support
o SECURITY-PROCESS: mention the bountygraph program
o VS projects: add USE_IPV6:
o Windows: fixes for MinGW targeting Windows Vista
o anyauthput: fix compiler warning on 64-bit Windows
o appveyor: add WinSSL builds
o appveyor: run test suite (on Windows!)
o certs: generate tests certs with sha256 digest algorithm
o checksrc: enable strict mode and warnings
o checksrc: handle zero scoped ignore commands
o cmake: Backport to work with CMake 3.0 again
o cmake: Improve config installation
o cmake: add support for transitive ZLIB target
o cmake: disable -Wpedantic-ms-format
o cmake: don't require OpenSSL if USE_OPENSSL=OFF
o cmake: fixed path used in generation of docs/tests
o cmake: remove unused *SOCKLEN_T variables
o cmake: suppress MSVC warning C4127 for libtest
o cmake: test and set missed defines during configuration
o comment: Fix multiple typos in function parameters
o config: Remove unused SIZEOF_VOIDP
o config_win32: enable LDAPS
o configure: force-use -lpthreads on HPUX
o configure: remove CURL_CONFIGURE_CURL_SOCKLEN_T
o configure: s/AC_RUN_IFELSE/CURL_RUN_IFELSE
o cookies: Remove redundant expired check
o cookies: fix leak when writing cookies to file
o curl-config.in: remove dependency on bc
o curl.1: --ipv6 mutexes ipv4 (fixed typo)
o curl: enabled Windows VT Support and UTF-8 output
o curl: update the documentation of --tlsv1.0
o curl_multi_wait: call getsock before figuring out timeout
o curl_ntlm_wb: check aprintf() return codes
o curl_threads: fix classic MinGW compile break
o darwinssl: Fix realloc memleak
o darwinssl: more specific and unified error codes
o data-binary.d: clarify default content-type is x-www-form-urlencoded
o docs/BUG-BOUNTY: explain the bounty program
o docs/CIPHERS: Mention the options used to set TLS 1.3 ciphers
o docs/CIPHERS: fix the TLS 1.3 cipher names
o docs/CIPHERS: mention the colon separation for OpenSSL
o docs/examples: URL updates
o docs: add "see also" links for SSL options
o example/asiohiper: insert warning comment about its status
o example/htmltidy: fix include paths of tidy libraries
o examples/Makefile.m32: sync with core
o examples/http2-pushinmemory: receive HTTP/2 pushed files in memory
o examples/parseurl.c: show off the URL API
o examples: Fix memory leaks from realloc errors
o examples: do not wait when no transfers are running
o ftp: include command in Curl_ftpsend sendbuffer
o gskit: make sure to terminate version string
o gtls: Values stored to but never read
o hostip: fix check on Curl_shuffle_addr return value
o http2: fix memory leaks on error-path
o http: fix memleak in rewind error path
o krb5: fix memory leak in krb_auth
o ldap: show precise LDAP call in error message on Windows
o lib: fix gcc8 warning on Windows
o memory: add missing curl_printf header
o memory: ensure to check allocation results
o multi: Fix error handling in the SENDPROTOCONNECT state
o multi: fix memory leak in content encoding related error path
o multi: make the closure handle "inherit" CURLOPT_NOSIGNAL
o netrc: free temporary strings if memory allocation fails
o nss: fix nssckbi module loading on Windows
o nss: try to connect even if libnssckbi.so fails to load
o ntlm_wb: Fix memory leaks in ntlm_wb_response
o ntlm_wb: bail out if the response gets overly large
o openssl: assume engine support in 0.9.8 or later
o openssl: enable TLS 1.3 post-handshake auth
o openssl: fix gcc8 warning
o openssl: load built-in engines too
o openssl: make 'done' a proper boolean
o openssl: output the correct cipher list on TLS 1.3 error
o openssl: return CURLE_PEER_FAILED_VERIFICATION on failure to parse issuer
o openssl: show "proper" version number for libressl builds
o pipelining: deprecated
o rand: add comment to skip a clang-tidy false positive
o rtmp: fix for compiling with lwIP
o runtests: ignore disabled even when ranges are given
o runtests: skip ld_preload tests on macOS
o runtests: use Windows paths for Windows curl
o schannel: unified error code handling
o sendf: Fix whitespace in infof/failf concatenation
o ssh: free the session on init failures
o ssl: deprecate CURLE_SSL_CACERT in favour of a unified error code
o system.h: use proper setting with Sun C++ as well
o test1299: use single quotes around asterisk
o test1452: mark as flaky
o test1651: unit test Curl_extract_certinfo()
o test320: strip out more HTML when comparing
o tests/negtelnetserver.py: fix Python2-ism in neg TELNET server
o tests: add unit tests for url.c
o timeval: fix use of weak symbol clock_gettime() on Apple platforms
o tool_cb_hdr: handle failure of rename()
o travis: add a "make tidy" build that runs clang-tidy
o travis: add build for "configure --disable-verbose"
o travis: bump the Secure Transport build to use xcode
o travis: make distcheck scan for BOM markers
o unit1300: fix stack-use-after-scope AddressSanitizer warning
o urldata: Fix "connecting" comment
o urlglob: improve error message on bad globs
o vtls: fix ssl version "or later" behavior change for many backends
o x509asn1: Fix SAN IP address verification
o x509asn1: always check return code from getASN1Element()
o x509asn1: return CURLE_PEER_FAILED_VERIFICATION on failure to parse cert
o x509asn1: suppress left shift on signed value
|
|
less).
|
|
|
|
Changes:
WebKitGTK+ 2.22.3
=================
- Many improvements and fixes for video playback with media source
extensions (MSE), which improve the user experience across the board,
and in particular for playback of WebM videos.
- Fix a memory leak during media playback when using playbin3.
- Fix portions of Web views not being rendered after resizing.
- Fix Resource Timing reporting for <iframe> elements.
- Fix the build with the remote Web Inspector disabled.
- Fix the build on ARMv7 with NEON extensions.
- Fix several crashes and rendering issues.
|
|
patches removed seem to be merged.
security fixes: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/
|
|
https://bugzilla.mozilla.org/show_bug.cgi?id=1479540
|
|
|
|
Add py-zope.proxy package version 4.3.1.
``zope.proxy``
==============
Proxies are special objects which serve as mostly-transparent
wrappers around another object, intervening in the apparent behavior of
the wrapped object only when necessary to apply the policy (e.g., access
checking, location brokering, etc.) for which the proxy is responsible.
zope.proxy is implemented via a C extension module, which lets it do things
like lie about its own ``__class__`` that are difficult in pure Python (and
were completely impossible before metaclasses). It also proxies all the
internal slots (such as ``__int__``/``__str__``/``__add__``).
|
|
Version 4.3.1:
* Allow fabfile to be importable when building docs
* Remove top-level __init__.py from new projects.
* Fix HTML escaping.
Version 4.3.0:
* Added explicit on_delete arguments for all ForeignKey models
* Only generate thumbnails in RichText when absolute width/height used.
* Removed null attribute from slug CharField
* Converted all template.render calls to pass a dict instead of a Context object
* Fixed MezzanineBackend.authenticate backend to accept a request argument, added in Django 1.11
* Fixed test_multiple_comment_forms to be agnostic of the order of HTML attributes
* Altered annotation behaviour of search results. Previously this was done implicitly in the SearchQuerySet.iterator() method,. which Django would call internally when evaluating the queryset. Django 1.11 changed its behaviour to use a ModelIterator class instead of. just calling iterator() on the queryset. Rather than suppy a custom. ModelIterator, we just make the annotate explicit
* Updated setup and test configuration to include Django 1.11
* password reset: 'http' -> request.schema. This fixes a potential security vulnerability in which the password. reset url is exposed to untrusted intermediary nodes in the network.
* Add explicit on_delete arguments to foreign keys in migrations
* Use TextField for Field.label and Field.help_text. Now length limits for user-defined labels and help_texts are enforced in the admin instead of the DB, which should prevent any further migrations
* Get rid of max_length settings for mezzanine.forms
* Timezone aware blog months.
* Test and simplify blog_months
* Weigh search results by age. Weigh search results by their age by default. Add a new setting,. SEARCH_AGE_SCALE_FACTOR, controlling how much emphasis to put on the. age when ranking results (set this to 0 to revert to the old behavior)
* Split dev and prod ALLOWED_HOSTS. Django started checking ALLOWED_HOSTS when DEBUG=True a few releases back.
* Update docs related to ALLOWED_HOSTS
* Fix the old url parsing in import wordpress
* Use Django's six module
* Don't warn Mezzanine about itself
* Looser check for LocalMiddleware.
* Modified the blog homepage pattern to a working version. Added import it requires
* Remove explicit show_banner argument from inner_run. This broke --noreload for me.
* Handle MIDDLEWARE_CLASSES -> MIDDLEWARE
* Don't use lazy static loading when Django's ManifestStaticFilesStorage is configured.
* Link to Pillow docs for dependencies
* Adding new site to site list. Adding "The National: New Australian Art" to the site list. https://the-national.com.au
* Doesn't convert JPG/JPEG images to RGBA.
* Remove all device-detection features
* Remove mentions of device handling from docs
* Use template loaders instead of middlware for host-based template swapping
* Add docs on upgrading from TemplateForHostMiddleware
* Create __init__.py so Python can find directory
* Properly parse positional args. As demonstrated by using call_command, the positional args not. processed. This may be a left-over from optarg migration. Usage property is no longer necessary
* Fix build fail while in here
* Added more tests por pages
* Update page_not_found view args.
* Rename Displayable is_public to published
* Test Nginx config before restarting. This way the configuration won't be updated if it's broken, and you also get an error message in the terminal explaining why it's broken (instead of just telling you to check service status/journal)
* Enable browser-native spell checking in WYSIWYG tinymce editor, which got wiped in 82339b0 . Previously introduced in 86f6ef6
* Fixing the support for external links which are moved to child categories in the menu hierarchy
* Update LOGOUT_URL to make use of ACCOUNT_URL
* Ensure template vars for form defaults are properly escaped
* Fix drag-n-drop for Form field inlines. Inherit from DynamicInlineAdminForm to inject the necessary JS files
* Fix failing tests that assume threadlocals have been set up
* Pulled out middleware present check into its own function. And fixed Python 3 compat
* Made all middleware installation checking consistent. All check by string first, and then for classes and subclasses,. correctly ignoring things that aren't classes
* Fix failing tests that assume threadlocals have been set up
* Fix keywords widget for Django 1.11.
* Fix sense of SITE_PERMISSION_MIDDLEWARE check. Issue introduced by commit 00f4a63c
* Fix sense of other check for SITE_PERMISSION_MIDDLEWARE. Issue introduced by commit 00f4a63
* Added basic tests for TemplateSettings. The tests follow the existing functionality
* Gave TemplateSettings a useful __repr__. Previously it just returned '{}' always, from super()s empty dict
* Don't emit warning when doing force_text(TestSettings()). This is to fix the behaviour of getting lots of instances of: UserWarning: __unicode__ is not in TEMPLATE_ACCESSIBLE_SETTINGS. if you have django-debug-tool installed
* Prevent changes to FORMS_EXTRA_FIELDS setting creating new migrations
* Support access to related model on Django 2+
* Fix safe string handling in richtext filters
* Fix some test warnings
* Add deprecation handling for mark_safe as decorator
* Fix SplitSelectDateTimeWidget which Django 1.9 broke.
* Fix usage of request.scheme in password reset email
* Make thumbnail tag recognize .PNG and .GIF. Files with the upper case extensions .PNG and .GIF are now recognized by. the thumbnail template tag as being PNG- and GIF images, respectively,. instead of being treated as JPEG images
* Added gcc and rsync for the full deployment on the freshly installed Debian (eg. on OVH)
* Support SelectDateWidget in django 1.8 and django 2.x
* Narrow exception handling to ImportError only
|
|
0.5.1:
Unknown changes
|
|
0.5.0:
Unknown changes
|
|
Version 3.0.2:
Bug fixes
Merge Characters tokens after sanitizing them. This fixes issues in the
LinkifyFilter where it was only linkifying parts of urls.
Version 3.0.1:
Features
Support Python 3.7. It supported Python 3.7 just fine, but we added 3.7 to
the list of Python environments we test so this is now officially supported.
Bug fixes
Fix list object has no attribute lower in clean.
Fix abbr getting escaped in linkify.
Version 3.0.0:
Backwards incompatible changes
A bunch of functions were moved from one module to another.
These were moved from bleach.sanitizer to bleach.html5lib_shim:
convert_entity
convert_entities
match_entity
next_possible_entity
BleachHTMLSerializer
BleachHTMLTokenizer
BleachHTMLParser
These functions and classes weren't documented and aren't part of the
public API, but people read code and might be using them so we're
considering it an incompatible API change.
If you're using them, you'll need to update your code.
Features
Bleach no longer depends on html5lib. html5lib==1.0.1 is now vendored into
Bleach. You can remove it from your requirements file if none of your other
requirements require html5lib.
This means Bleach will now work fine with other libraries that depend on
html5lib regardless of what version of html5lib they require.
Bug fixes
Fixed tags getting added when using clean or linkify. This was a
long-standing regression from the Bleach 2.0 rewrite.
Fixed <isindex> getting replaced with a string. Now it gets escaped or
stripped depending on whether it's in the allowed tags or not.
|
|
0.3.7 release
* Fix processing of http-equiv meta tags incorrectly lower casing the content
* Fix error when a textbox contained within a form contains unicode characters
|
|
On NetBSD there is no <sys/sysinfo.h> but we can use hw.usermem64.
This should address WebKitGTK+ support for NetBSD ports where
USE_SYSTEM_MALLOC is by default OFF.
Side-note: on NetBSD/amd64 -current when building with -DUSE_SYSTEM_MALLOC=ON
both SunSpider and JetStream benchmarks shows a very little performance penalty,
so also remove the `-DUSE_SYSTEM_MALLOC=ON' commented out CMAKE_ARGS (i.e. when
possible just use the preferred malloc).
|
|
Thanks to <wiz>!
|
|
pkgsrc changes:
- Bump GCC_REQD to 6 (now gcc 6.0.0 or newer is needed)
- Add NetBSD support for JavaScript JIT on x86_64, i386, arm,
aarch64 and mips
- Add WebKitWebProcess and jsc to NOT_PAX_MPROTECT_SAFE.
At least on NetBSD/amd64, running SunSpider 1.0.2 JavaScript Benchmark
(<https://webkit.org/perf/sunspider/sunspider.html>) with MiniBrowser
before `paxctl +m'-ing them needed:
Total: 1006.9ms +/- 0.7%
...while after `paxctl +m'-ing them:
Total: 322.3ms +/- 3.0%
(Probably EACCESS due PaX MPROTECT are handled gracefully and
silently instead of failing hard at runtime.)
Please also note that webkit-gtk browsers should not need any
NOT_PAX_MPROTECT_SAFE because WebKitWebProcess is used and already
have that.
- Improve handling of `webkit-jit' by introducing a
WEBKIT_JIT_MACHINE_PLATFORMS list that contain all MACHINE_PLATFORMs
triplets that have `webkit-jit' option as suggested one.
- Always use OS(...) and BOS(...) macros instead of __Os__ macros for
consistency with webkit code.
- Add definition for BOS(SOLARIS) and OS(SOLARIS) and add it to the
OS(UNIX) OSes list.
- Limit patch-Source_JavaScriptCore_jit_ExecutableAllocator.cpp to
OpenBSD. It is no longer present in FreeBSD ports and it is not
problematic in NetBSD.
- Remove no longer needed patch-Source_WTF_wtf_ThreadSpecific.h:
NetBSD 5.x was already part of NOT_FOR_PLATFORM.
- Sync patch-CMakeLists.txt with FreeBSD ports.
Please note that this also removes WTF_CPU_SPARC64 definition that was
unused.
- madvise(2) on {Free,DragonFly,Net,Open}BSD supports MADV_FREE and
MADV_DONTNEED flags. Define the corresponding HAVE_* via
patch-Source_WTF_wtf_Platform.h.
- Use globbing for REPLACE_{PERL,PYTHON} where possible.
Changes:
WebKitGTK+ 2.22.2
=================
- Several fixes for video playback with media source extensions (MSE).
This allows using WebM support for YouTube, which no longer works through
regular video source. Note that MSE is still disabled by default and
webkit_settings_set_enable_mediasource() has to be used to enable the
feature.
- Fix the build when only Wayland support is enabled and X11 headers are
not available.
WebKitGTK+ 2.22.1
=================
- Fix printing in landscape.
- Fix the build in several platforms: s390x, ppc64le, armv7hl.
- Fix the build with a11y disabled.
- Fix the build with video disabled.
- Fix several crashes and rendering issues.
WebKitGTK+ 2.22.0
==================
- Add warn_unused_result attribute to some JavaScriptCore GLib APIs.
- Make pinch to zoom scale the page without changing the layout.
- Fix the build in mips64.
|
|
The recent hunspell update has changed the name of the library, so these
need to be rebuilt.
prodded by wiz@ and leot@.
|
|
Changes with Apache 2.4.37
*) mod_ssl: Fix HTTP/2 failures when using OpenSSL 1.1.1.
*) mod_ssl: Fix crash during SSL renegotiation with OptRenegotiate set,
when client certificates are available from the original handshake
but were originally not verified and should get verified now.
This is a regression in 2.4.36 (unreleased).
*) mod_ssl: Correctly merge configurations that have client certificates set
by SSLProxyMachineCertificate{File|Path}.
Changes with Apache 2.4.36
*) mod_brotli, mod_deflate: Restore the separate handling of 304 Not Modified
responses. Regression introduced in 2.4.35.
*) mod_proxy_scgi, mod_proxy_uwsgi: improve error handling when sending the
body of the response.
*) mod_http2: adding defensive code for stream EOS handling, in case the request handler
missed to signal it the normal way (eos buckets).
*) ab: Add client certificate support.
*) ab: Disable printing temp key for OpenSSL before
version 1.0.2. SSL_get_server_tmp_key is not available
there.
*) mod_ssl: Fix a regression that the configuration settings for verify mode
and verify depth were taken from the frontend connection in case of
connections by the proxy to the backend.
*) MPMs: Initialize all runtime/asynchronous objects on a dedicated pool and
before signals handling to avoid lifetime issues on restart or shutdown.
*) mod_ssl: Add support for OpenSSL 1.1.1 and TLSv1.3. TLSv1.3 has
behavioural changes compared to v1.2 and earlier; client and
configuration changes should be expected. SSLCipherSuite is
enhanced for TLSv1.3 ciphers, but applies at vhost level only.
*) mod_auth_basic: Be less tolerant when parsing the credencial. Only spaces
should be accepted after the authorization scheme. \t are also tolerated.
*) mod_proxy_hcheck: Fix issues with interval determination.
*) mod_proxy_hcheck: Fix issues with TCP health checks.
*) mod_proxy_hcheck: take balancer's SSLProxy* directives into account.
*) mod_status, mod_echo: Fix the display of client addresses.
They were truncated to 31 characters which is not enough for IPv6 addresses.
This is done by deprecating the use of the 'client' field and using
the new 'client64' field in worker_score.
|
|
Note this update is based off an EOL firefox (ESR52). Use with caution.
What's New in SeaMonkey 2.49.4
SeaMonkey 2.49.4 uses the same backend as Firefox and contains the relevant Firefox 52.9.0 ESR security fixes.
SeaMonkey 2.49.4 shares most parts of the mail and news code with Thunderbird. Please read the Thunderbird 52.9.1 release notes for specific changes and security fixes in this release.
SeaMonkey-specific changes
Among the general platform and mail fixes this release contains backported fixes from Thunderbird for the EFAIL security vulnerability.
SeaMonkey now uses gtk3 on Linux. If you experience a problem because of this please file a bug and link it to Switch Linux builds to GTK3 with SeaMonkey 2.49. Pleae try another OS theme first. Some of them are buggy and cause problems with SeaMonkey, Thunderbird and Firefox.
|
|
|
|
18.10.1
Don't eat Component.stop() request when crossbar not connected
handle async on_progress callbacks properly
fix attribute error when ConnectionResetError does not contain "reason" attribute
infer rawsocket host, port from URL
fix error on connection lost if no reason (reason = None)
fixed typo on class name
|
|
3.9.0:
Improvements to ViewSet extra actions
Fix action support for ViewSet suffixes
Allow action docs sections
Deprecate the Router.register base_name argument in favor of basename.
Deprecate the Router.get_default_base_name method in favor of Router.get_default_basename.
Change CharField to disallow null bytes. To revert to the old behavior, subclass CharField and remove ProhibitNullCharactersValidator from the validators. python class NullableCharField(serializers.CharField): def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) self.validators = [v for v in self.validators if not isinstance(v, ProhibitNullCharactersValidator)]
Add OpenAPIRenderer and generate_schema management command.
Add OpenAPIRenderer by default, and add schema docs.
Allow permissions to be composed
Allow nullable BooleanField in Django 2.1
Add testing of Python 3.7 support
Test using Django 2.1 final release.
Added djangorestframework-datatables to third-party packages
Change ISO 8601 date format to exclude year/month
Update all pypi.python.org URLs to pypi.org
Ensure that html forms (multipart form data) respect optional fields
Allow hashing of ErrorDetail.
Correct schema parsing for JSONField
Render descriptions (from help_text) using safe
Removed input value from deault_error_message
Added min_value/max_value support in DurationField
Fixed instance being overwritten in pk-only optimization try/except block
Fixed AttributeError from items filter when value is None
Fixed Javascript e.indexOf is not a function error
Fix schemas for extra actions
Improved get_error_detail to use error_dict/error_list
Imprvied URLs in Admin renderer
Add "Community" section to docs, minor cleanup
Moved guardian imports out of compat
Deprecate the DjangoObjectPermissionsFilter class, moved to the djangorestframework-guardian package.
Drop Django 1.10 support
Only catch TypeError/ValueError for object lookups
Handle models without .objects manager in ModelSerializer.
Improve ModelSerializer.create() error message.
Fix CSRF cookie check failure when using session auth with django 1.11.6+
Updated JWT docs.
Fix autoescape not getting passed to urlize_quoted_links filter
|
|
- buildlink3 inclusion of textproc/icu was commented out in
www/libpsl/buildlink3.mk but at least building (latest and still
not committed) net/libsoup needs it, uncomment it.
- Add support for tests
|
|
Bump PKGREVISION.
|
|
Upstream changes:
5.90120 - 2018-10-19
- avoid problematic test using sysread() on :utf8 filehandles on dev perl
versions where this is fatal (starting with 5.29.4). see RT#125843.
5.90119 - 2018-09-24
- fix test for changes in MooseX::Getopt 0.73 (RT#127050)
|
