| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Changelog:
Changes between 0.1 to 0.3:
0.3
Added the possibility to specify the path where SWILL creates temporary files. Added swill_interface() to bind to specific interface.
0.2
Added support for compiling under Win32 with MSVC.
Added support for HTTPS using OpenSSL.
|
|
|
|
* no need INSTALLATION_DIRS anymore
* MAKE_JOBS_SAFE now.
* some cosmetic fix.
|
|
immediately after reading the security announcement:
* SA-CORE-2009-007 - Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed since the 6.12 release:
* - Patch #463450 by wulff: fixed documentation glitch.
* #193577 by Rob Loach, Damien Tournoud, andypost: JavaScript string split() function does not behave like PHP explode(); causes problems with multiple node body break tags
* #454992 by sun, bengtan: _drupal_flush_css_js() should not have 'q' as a possible CSS query character, since that is the Drupal path name character too
* #452704 by andypost, catch: Names of compressed CSS and JS files should have a prefix, so that names starting in ad* will not happen. Those are easily blocked by firewalls, Firefox's Adblock, etc.
* #468732 by andypost: cache_clear_all() mentioned cache_flush_delay incorrectly; it should say we use cache_lifetime
* #460420 by wulff, andypost: drupal_set_title() in forum_overview() is not needed; menu already sets the title and is localized
* #398902 by Nick Urban, alexanderpas, kscheirer: password equality checking was not using strict type checking; we should assume these are strings and compared character to character
* #479216 by jhedstrom: fix grammar in forum module messages
* #445748 by Dave Reid, dww: Fix module support for disabled module update status checking and do not track usage in that case.
* #465190 by Heine: The Anonymous name is a plain text setting, so it should be escaped properly for output.
* #246096 by Sutharsan, Pedro Lozano, mr.baileys, andypost: Actions set to run on cron were not actually triggered.
* #226479 by gpk, BrianV, catch: We should always show the node access rebuild button. The check on when to show it was fragile, so the button might not have been there when actually needed.
* #482646 by Dave Reid: For proper HTTP query simpletesting, we should pass on the instance identifier (database prefix).
* #197266 by ufku, lilou, Dave Reid, c960657, drewish: Save a query by only calling file_space_used() when a limit is provided.
* #408876 by Pasqualle, JamesAn: The 'serialize' Schema API property was used but not documented.
* #145733 by kepten, brianV: The session.use_cookies PHP setting is required by Drupal, but it can be turned off, so try to ensure it is turned on at all times.
* #373225 by jpulles, Josh Waihi: When changing columns, PostgreSQL needs explicit type casting to ensure that values are kept properly.
* #236657 by hctom, swentel: In system_clear_cache_submit(), the function arguments were swapped (but it did not affect how it actually worked).
* #243253 by Benjamin Melançon, dww: Update status should not attempt to request update data until a limit is reached. Fixed Drupal instances when drupal.org is down and gets less load on Drupal.org if data is not found.
* #339466 by patryk, c960657, alexanderpas: Remove url() wrapping from remote links and link in a more user friendly OpenID provider list.
* #461938 by grendzy, JamesAn: Use filter_xss_admin() on site name and site slogan, just like footer message and mission
* #455172 by budda, RoboPhred, andypost: Fix drupal_mail() documentation, so that it encourages to set the body of the email as an array (like core does).
* #329797 by berenddeboer, redndahead, danielb: The tablesort code did not account for possibly nested tables; only match immediate descendats, so elements of nested tables are not matched.
* #352121 by valthebald, Damien Tournoud, mr.baileys: The safe string check on translations should only be applied to the default textgroup. Strings in other textgroups such as blocks and menu items are displayed via escaping and filtering, and might contain arbitrary HTML.
|
|
immediately after reading the security announcement:
* SA-CORE-2009-007 Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed since the 5.18 release:
* #212285 by wrwrwr: hr should be treated as a block level tag. Backport by alexanderpas.
* #145733 by kepten, brianV: The session.use_cookies PHP setting is required by Drupal, but it can be turned off, so try to ensure it is turned on at all times.
|
|
|
|
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422
From rails git commit 056ddbdcfb07f0b5c7e6ed8a35f6c3b55b4ab489.
|
|
|
|
|
|
- Updating package for p5 module LWP from 5.828 to 5.829
- Adjusting license to perl license
Upstream changes:
2009-07-07 Release 5.829
This release removes callback handlers that were left over on the returned
HTTP::Responses. This was problematic because it created reference loops
preventing the Perl garbage collector from releasing their memory. Another
problem was that Storable by default would not serialize these objects any
more.
This release also adds support for locating HTML::Form inputs by id or class
attribute; for instance $form->value("#foo", 42) will set the value on the
input with the ID of "foo".
Gisle Aas (5):
Make the example code 'use strict' clean by adding a my
Avoid cycle in response
Clean up handlers has from response after data processing is done
Support finding inputs by id or class in HTML::Form
Test HTML::Form selectors
Mark Stosberg (1):
Tidy and document the internals of mirror() better [RT#23450]
phrstbrn (1):
Avoid warnings from HTML::Form [RT#42654]
|
|
vulnerabilities reported in CVE-2009-1890 and CVE-2009-1891.
|
|
|
|
|
|
* Update Dutch translation files.
|
|
Bump PKGREVISION.
|
|
|
|
Changes in 3.1.2:
- pecl package.xml/build fixes (bjori)
Changes in 3.1.1:
- PHP4 compatibilty break
- apc_pool allocator (Gopal)
- doubly-linked sma allocator (Shire)
- php 5.3 gc compatibility (Gopal)
- APCIterator for easy access (Shire)
- apc_delete_file (Shire)
- apc_inc/apc_dec/apc_cas functions (Shire)
- apc.canonicalize (Gopal)
- apc.preload_path (Gopal)
- apc.rfc1867_ttl (Shire)
- apc.file_md5 (Shire)
- consolidate locking macros (Shire)
- remove futex/TSRM locks (Shire)
- non-blocking semaphore locks (Shire)
- zval* object rework (Gopal)
Mark this package PHP5-only
|
|
* img: Fix extra double quote with alt text. (smcv)
* Updated French debconf templates translation. Closes: #535103
* openid: Support Net::OpenID 2.x when pretty-printing openids. (smcv)
* highlight: Fix utf-8 encoding bug. Closes: #535028
* comment: Make comment directives no longer use the internal
"\_comment" form, and document the comment directive syntax.
* Avoid relying on translators preserving the case when translating
"discussion", which caused Discussion pages to get unwanted
Discussion links.
* Tighten up matching of bare words inside directives; do not allow
an unterminated triple string to be treated as a series of bare
words. Fixes runaway regexp recursion/backtracking in strange
situations.
* Setup automator: Check that each plugin added to the generated
setup file can be loaded and that its config is ok. If a plugin
fails for any reason, disable it in the generated file. Closes:
#532001
* pagecount: Fix broken optimisation for * pagespec.
* goto: Support being passed a page title that is not a valid page
name, to support several cases including mercurial's long user
names on the RecentChanges page, and urls with spaces being
handled by the 404 plugin.
* Optimise use of gettext, and avoid ugly warnings if Locale::gettext
is not available. Closes: #532285
* meta: Add openid delegate parameter to allow delegating only
openid or openid2.
* Disable the Preferences link if no plugin with an auth hook is enabled.
* Updated French translation. Closes: #532654
* aggregate: Fix storing of changed md5.
* aggregate: Avoid resetting ctime when an item md5 changes.
* highlight: New plugin supporting syntax highlighting of pretty
much anything.
* debian/control: Add suggests for libhighlight-perl, although that
package is not yet created by Debian's highlight source package.
(See #529869)
* format: Provide a htmlizefallback hook that other plugins can use
to handle formats that are not suitable for general-purpose
htmlize hooks. Used by highlight.
* Fix test suite to not rely on an installed copy of ikiwiki after
underlaydir change. Closes: #530502
* Danish translation update. Closes: #530877
|
|
changes:
-updated example feeds etc
-more search support
-Support non-RFC822 alphabetic timezones
-bugfixes
-translation updates
pkgsrc change: removed outdated gnutls dependency
|
|
change: bugfix for 100% CPU issues
|
|
changes:
-UI improvements
-translation updates
|
|
changes:
-bugfixes
-translation updates
pkgsrc note: this still needs firefox2 because there is firefox3 or
xulrunner suitable for embedding in pkgsrc
|
|
Changes:
2.1.1:
Add additional size checks for images.
Added support for css colors of the form rgb(255, 255, 255).
Added the 'nop' keybinding (nop = NO_OPERATION; cancels a default hook).
Added 'stop' key action (not bound by default).
Reduced 'warning: ignoring return value of ...'
2.1:
Implemented basic CSS infrastructure!
Read user style from ~/.dillo/style.css.
Added configurable keybindings! (in ~/.dillo/keysrc)
Implemented "search previous" in string searches.
Ported the command line interface from dillo1
Set middle click to submit in a new TAB. (Helps to keep form data!)
Implemented Basic authentication!
Implemented a close-tab button for the GUI.
Implemented a tools menu.
Added dillo(1) man page.
Added "font_max_size", "font_min_size" dillorc options.
Added instant client-side redirects (aka. zero-delay META refresh).
Proxy support for HTTPS.
Updated the URL resolver to comply with RFC-3986.
Fixed Bookmarks modify's HTML so it wraps nicely on handhelds.
Made cookierc parsing more robust.
Fix: recover page focus when clicking outside of a widget.
Added support for the Q element. BUG#343
Added a right-click menu to form controls (show hiddens, submit, reset)
Added the "http_language" dillorc option for setting HTTP's Accept-Language.
Replace image loading button and page menu option with a tools menu option.
Implemented the "overline" text-decoration.
Enhanced and cleaned up text decorations for SUB and SUP.
Added "View Stylesheets" to the page menu.
System config files have moved to sysconfdir/dillo/
Allowed compilation with older machines by removing a few C99isms.
Switched SSL-enabled to configure.in (./configure --enable-ssl).
Removed redundant caller NULL checks already in the API.
Added use of inttypes.h when stdint.h isn't found.
Made the parser recognize "[^ ]/>"-terminated XML elements.
Brought in Sebastian's CSS parser from dillo-0.8.0-css-3.
Support CSS @import directive.
Improved CSS selector matching performance using hash tables.
Added support for descendant and child selectors.
Support selector specificity.
Replace bg_color dillorc option.
Remove text_color, link_color, and force_my_colors dillorc options.
Replace visited_color dillorc option.
Allow negative values for specific CSS properties only.
Disable negative margins for now as dw/* does not support them yet.
Disable form widgets while stylesheets are loading.
Implement --xid command line option (used by claws mail client).
Added the "middle_click_drags_page" dillorc option.
Set the File menu label to hide when the File menu-button is shown.
Made a big cleanup of cache.c WRT charset decoding (fixes bugs).
Made an extensive cleanup/fixup of the whole image handling process.
Fixed handling of META's content-type with no MIME type (e.g. only charset).
Added support for a quoted URL in META refresh.
Updated the GPL copyright note in the source files.
|
|
|
|
sources in a directory (tree) in pversion.mk. Adjust the various places
that called it locally.
|
|
from 0.09 to 0.10
Adjusting dependencies
Upstream changes:
0.10 Tue Jul 7 13:00:27 CEST 2009
- Depend on a recent Store::Delegate for the NEXT -> MRO::Compat
switch.
|
|
Upstream changes:
1.19 2009-06-29 00:36:50
- Update Module::Install to a version that doesn't screw up
auto_install anymore (Closes: RT#45784).
- Generate Makefile.PLs with unix-paths, even on windows (Closes:
RT#46059).
|
|
to 0.24
Upstream changes:
0.24 Mon Jun 29 2009
- Add an __ENV(foo)__ macro + tests (Stuart Watt)
- Document CATALYST_CONFIG_LOCAL_SUFFIX and MYAPP_LOCAL_CONFIG_SUFFIX
much better (Louis Erickson)
- Fix so that having CATALYST_CONFIG_LOCAL_SUFFIX set in $ENV{} doesn't
cause the tests to break.
|
|
Adjusting dependencies
Upstream changes:
5.80007 2009-06-30 23:54:34
Bug fixes:
- Don't mangle query parameters passed to uri_for
- Tests for this (Byron Young + Amir Sadoughi)
- Inherited controller methods can now be specified in
config->{action(s)}
- Assigning an undef response body no longer produces warnings
- Fix C3 incompatibility bug caused if you use Moose in MyApp.pm and
add Catalyst to the right hand side of this in @ISA.
- Make Catalyst.pm implement the Component::ApplicationAttribute
interface so defining actions in MyApp.pm works again, if the
actions have attributes that cause $self->_application to be used
(like ActionClass).
New features:
- Add optional second argument to uri_with which appends to existing
params rather than replacing them. (foo=1 becomes foo=1&foo=2 when
uri_with({ foo => 2 }, { mode => 'append' }) is called on a foo=1
URI.
5.80006 2009-06-29 23:37:47
Bug fixes:
- Revert change to URL encode things passed into $c->uri_for
Args and CaptureArgs as this causes breakage to pre-existing
applications.
- Remove use of Test::MockObject as it doesn't install from CPAN
in some environments.
- Remove use of dclone to deep copy configs and replace with
Catalyst::Utils::merge_hashes which has the same effect, of
ensuring child classes don't inherit their parent's config,
except works correctly with closures.
- Add Class::C3::reinitialize into Catalyst::Test to avoid weird
bugs in ctx_request (bokutin in RT#46459)
- Fix issues with _parse_PathPrefix_attr method in Catalyst::Controller
(jasonk in RT#42816)
- Fix bugs with action sorting:
- Path actions sorted so that the most specific wins.
- Action methods named default and index fixed.
New features:
- Use ~ as prefix for plugins or action classes which are located in
MyApp::Plugin / MyApp::Action (mo)
- Controller methods without attributes are now considered actions if
they are specified in config->{action(s)} (mo)
- Add Catalyst::Component::ContextClosure as an easy way to create code
references, that close over the context, without creating leaks.
Refactoring / cleanups:
- Clean namespaces in Catalyst::Exception*.
- Turn Catalyst::Exception into an actual class and make the throw
method create instances of it. They can still be used as normal
strings, as before, as they are overloaded to stringify to their
error message.
- Add a rethrow method to Catalyst::Exception.
- Add Catalyst::Exception::Detach and ::Go, and refactor detach() and
go() to use them instead of magic, global strings.
Fixes RT#47366
- Clean up getting metaclass instance and making app class immutable
again in Catalyst::Test
|
|
|
|
to 0.11 and adjusting license according to META.yml
Upstream changes:
0.11 2009-06-28 19:29:16
- Update Module::Install to 0.87 to unbreak auto_install.
No functional changes.
|
|
0.10012 to 0.10013
Upstream changes:
0.10013 Fri Jun 19 16:08:00 BST 2009
- Add a username_field config item to ::Credential::Remote
(Nigel Metheringham)
- Die with a useful error message if we are about to try to restore
a user from a realm which does not exist. (t0m)
|
|
from 0.10 to 0.11
Upstream changes:
0.11 16 June 2009
- Fixed warning during basic.t on Win32
- Added comment into doc about not being "thread-safe"
|
|
meta-data (dependencies, master site).
Upstream changes:
0.24 2009-06-23
- Be more paranoid about getting values of $c->req to avoid issues
with old Test::WWW::Mechanize::Catalyst.
- Check we have a modern version of TWMC before doing the tests which
need it.
0.23 2009-06-16
- Add the verify_user_agent config parameter (kmx)
- Add a test case to prove that logging in with a session cookie still
causes a new cookie to be issued for you, proving that the code is
not vulnerable to a session fixation attack. (t0m)
|
|
and set license to ${PERL5_LICENSE} as well as correcting dependencies.
Upstream changes:
- The only change since December was I removed a reference to File::Slurp
|
|
- Updated package for p5 module Template::Toolkit from 2.20 to 2.21
- Set license to perl license according to META.yml
- Adjusting dependencies according to META.yml
Upstream changes:
#-----------------------------------------------------------------------
# Version 2.21 - 30th June 2009
#------------------------------------------------------------------------
* Fixed a PRE_CHOMP bug that left \r characters lying around when
confronted with templates with DOS \r\n line endings.
https://rt.cpan.org/Ticket/Display.html?id=43345
* Applied patch from Bradley Baetz to fix defblock #line numbers
http://rt.cpan.org/Public/Bug/Display.html?id=47024
#-----------------------------------------------------------------------
# Version 2.20_4 (2.21 candidate) - 21st May 2009
#------------------------------------------------------------------------
* Added the even(), odd() and parity() methods to Template::Iterator to
assist in making zebra tables.
* Removed a post-5.6 perlism in Template::Context that broke on 5.6.2
https://rt.cpan.org/Ticket/Display.html?id=46250
* Replaced a whole bunch of UNIVERSAL::isa() calls with blessed/isa
* Applied a patch from Norbert Buchm"uller to prevent the #line markers
from being whitespaced away from the first column.
https://rt.cpan.org/Ticket/Display.html?id=46269
* Applied a patch from Denis F. Latypoff to fix uri/url filters with
utf8 text
https://rt.cpan.org/Ticket/Display.html?id=41173
#-----------------------------------------------------------------------
# Version 2.20_3 (2.21 candidate) - 20th May 2009
#------------------------------------------------------------------------
* Fixed the XS Stash to compile properly in threaded Perls.
https://rt.cpan.org/Public/Bug/Display.html?id=46240
* Applied a patch to the XS Stash from Alexey A. Kiritchun to make the
scalar.length vmethod work correctly with utf8 strings.
http://lists.tt2.org/pipermail/templates/2009-May/010803.html
#-----------------------------------------------------------------------
# Version 2.20_2 (2.21 candidate) - 17th May 2009
#------------------------------------------------------------------------
* Applied a patch to Template::Test from Andrew Ford to make it skip
properly.
http://lists.tt2.org/pipermail/templates/2009-March/010678.html
* Changed the ttree -v/--verbose option so be less verbose and only
report on things that have changed. To make it more verbose (like
previous versions), add a second -v/--verbose flag, e.g.
$ ttree -v -v
* Also added the --summary option to tree to print a summary of what it
did, and the --color/--colour option to make it print its verbose
messages in colour (on ANSI terminals).
* Applied a ttree patch from Lyle Brooks to allow ttree to accept a
directory name as a command line argument.
* Added the define_view() and define_views() method to Template::Context
and added the VIEWS option to pre-define views when the Template object
is created. Thanks to Timmy Chan for providing the groundwork on this.
http://lists.tt2.org/pipermail/templates/2009-April/010689.html
* Retrospectively fixed the Changes for 2.20 to mention the ttree
--encoding option.
* Applied a patch from Chisel Wright, changing uses of UNIVERSAL::can()
to use blessed() and ->can().
http://lists.tt2.org/pipermail/templates/2009-May/010790.html
* Fixed a memory leak in the XS Stash introduced in 2.20.
Thanks to Breno G. de Oliveira for reporting the problem and helping to
narrow it down.
https://rt.cpan.org/Public/Bug/Display.html?id=46058
#------------------------------------------------------------------------
# Version 2.20_1 (2.21 candidate) - 7th April 2009
#------------------------------------------------------------------------
* Deleted all the old HTML documentation (now available separately from
http://tt2.org/download/index.html#html_docs), examples, libraries and
other cruft that was way out of date and badly unloved.
* Tweaked Template::Parser to work better with the ANYCASE option. It
now knows that anything following a dotop cannot be a keyword so that
you can write data.last without the 'last' bit being interpreted as the
LAST keyword. Thanks to Sean McAfee for the post that inspired it.
http://lists.tt2.org/pipermail/templates/2008-September/010462.html
* Fixed a broken test for Apache::Util in the html_entity filter. Added
the use_html_entities() and use_apache_util() class methods to
Template::Filters to allow end-user selection of one or the other.
http://rt.cpan.org/Public/Bug/Display.html?id=40870
http://template-toolkit.org/svnweb/Template2/revision/?rev=1177
* Tweaked Template::Context to recognise Badger::Exception objects and
convert them to Template::Exception objects. This is a temporary
measure to keep things working during the transition to Badger-based
modules.
* Added the STRICT option which will cause the stash to throw an
exception on encountering an undefined value. Thanks to Ben Tilly
for the prod.
* Applied a patch to Template::Iterator from Jonathon Padfield to make
get_all() do the right thing if get_first() hasn't been called.
* Applied a patch to Template::Stash::Context from Ben Tilly to make
it easier to subclass.
* Applied a patch from Robin Berjon to add the xml filter.
|
|
- Updating package for p5 module LWP from 5.826 to 5.828
Upstream changes:
2009-06-25 Release 5.828
A quick new release to restore compatiblity with perl-5.6.
Gisle Aas (4):
Less noisy behaviour when we can't download the documents
Restore perl-5.6 compatiblity [RT#47054]
Don't decode US-ASCII and ISO-8859-1 content
Some versions of Encode don't support UTF-16-BE [RT#47152]
Ville Skytt"a (1):
Spelling fixes.
2009-06-15 Release 5.827
The main news this time is better detection of what character set the document
in a response uses and the addition of the lwp-dump script that I found useful.
Gisle Aas (31):
Added lwp-dump script
Replace calls to $req->url with $req->uri
Also need to encode strings in the latin1 range
Ignore the value set for file inputs [RT#46911]
Add docs to lwp-dump
Don't let lwp-dump follow redirects
Support --method options
Implement the --agent option
Dictionary order for the option docs; document --method
Merge branch 'dump'
Files are passed as an array and we must not stringify it.
Add content_charset method to HTTP::Message
Start guessing the charset for a message
Let content_charset guess the charset to use for decoded_content
Specify what's missing for the XML and HTML case
Provide charset parameter for HTML::Form->parse()
Make content_charset sniff for <meta> elements specifying the charset.
Determine charset of XML documents
Get rid of the _trivial_http_get() implementation
Update the bundled media.types file
LWP::Simple::get() now returns decoded_content [RT#44435]
Implement content_type_charset method for HTTP::Headers
Implement content_is_text method for HTTP::Headers
Make use of content_is_text and content_type_charset in decoded_content
Don't let the parse_head callback append to the HTTP headers
Don't set Range header on request when max_size is used [RT#17208]
Still show client headers for internal responses
Document Client-Warning: Internal response
Don't use 'no' as example domain for no_proxy docs [RT#43728]
Drop exit from the Makefile.PL [RT#43060]
Merge branch 'content_charset'
Alex Kapranoff (1):
Support "accept-charset" attribute in HTML::Form
Mark Stosberg (1):
new tests for max_size and 206 responses [RT#46230]
murphy (1):
Reformulation of Client-Warning: Internal documentation
|
|
- Updating package for p5 module HTML::Parser from 3.60 to 3.61
- Setting LICENSE=${PERL5_LICENSE} according to META.yml
Upstream changes:
2009-06-20 Release 3.61
Gisle Aas (2):
Test that triggers the crash that Chip fixed
Complete documented list of literal tags
Chip Salzenberg (1):
Avoid crash (referenced pend_text instead of skipped_text)
Antonio Radici (1):
Reference HTML::LinkExttor [RT#43164]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
as dependency of scheduled update of databases/p5-Catalyst-Model-DBIC-Schema.
Adds a "COMPONENT" in Catalyst::Component method to your Catalyst component
base class that reads the optional traits parameter from app and component
config and instantiates the component subclass with those traits using
"new_with_traits" in MooseX::Traits from MooseX::Traits::Pluggable.
|
|
|
|
|
|
|
