Cliquet

------------------

**Protocol**

- Add the ``__lbheartbeat__`` endpoint, for load balancer membership test.

**New features**

- Default console log renderer now has colours (671)

**Bug fixes**

- Do not always return 412 errors when request header ``If-None-Match: *``
is sent on ``POST /collection`` (fixes 673)

**Internal changes**

- Remove some imports at initialization to speed startup (674)

------------------

**Breaking changes**

- Errors are not swallowed anymore during the execution of ``ResourceChanged``
events subscribers.

Subscribers are still executed within the transaction like before.

Subscribers are still executed even if transaction is eventually rolledback.
Every subscriber execution succeeds, or none.

Thus, subscribers of these events should only perform operations that are reversed
on transaction rollback: most likely database storage operations.

For irreversible operations see the new ``AfterResourceChanged`` event.

**Protocol**

- Clients are redirected to URLs without trailing slash only if the current URL
does not exist (656)
- Partial responses can now be specified for nested objects (660, Kinto/kinto445)
For example, ``/records?_fields=address.street``.
- List responses are now sorted by to last_modified descending by default (662,
thanks ayusharma)

**New features**

- Resource events are now merged in batch requests. One event per resource and
per action is emitted when a transaction is committed (634)
- Monitor time of events listeners execution (fixes 503)
- Add method to remove a principal from every user
- Validate that the client can accept JSON response. (667)
- Validate that the client can only send JSON request body. (667)
- Added a new ``AfterResourceChanged`` event, that is sent only when the commit
in database is done and successful.

Subscribers of this event can fail, errors are swallowed and logged. The
final transaction result (or response) cannot be altered.

Since commit occured successfully and operations will not be rolledback,
subcribers running irreversible actions should subscribe to this event
(like sending messages, deleting files, or run asynchronous tasks).
- Track execution time on StatsD for each authentication sub-policy (639)
- Output the cliquet version with --version (636)

**Bug fixes**

- ``ResourceChanged`` events are not emitted if a batch subrequest fails (634)
There are still emitted if the whole batch transaction is eventually rolledback.
- Fix a migration of PostgreSQL schema introduced in 604 that was never executed
- Fix PostgreSQL backend timestamps when collection is empty (ref Kinto/kinto433)
- Fix statsd initialization on storage (637)
- Providing bad last modified values on delete now returns 400 (665)
- Providing last modified in the past for delete now follows behaviour create/update (665)

**Internal changes**

- Moved ``utils.current_service(request)`` to reified request method (ref 631)
- Optimized (and cleaned) usage of (un)authenticated_userid (641)
- Apply request extensions on forged requests (ref Kinto/kinto438)
- Get rid of custom Enum (fixes 645)
- Pyramid config link updated (654, thanks ayusharma)
- Add missing readonly param for read operations in PostgreSQL (653)
- Move Retry-After to error responses in documentation (657)
- Improve batch endpoint documentation about transactions (ref 629)
- Mac OS python installation command updated (661)
- Added details about forced timestamps (665)
- Added troubleshooting section in docs (thanks ayusharma)

-------------------

**Protocol**

- Forward slashes (``/``) are not escaped anymore in JSON responses (537)
- The API capabilities can be exposed in a ``capabilities`` attribute in the
root URL (628). Clients can rely on this to detect optional features on the
server (e.g. enabled plugins).

**Bug fixes**

- Batch now relies on custom views responses (``viewconfig(context=Error)``)
(fixes mozilla-services/syncto78, rel 629)
- Fix listener name logging during startup (626)


**New features**

- The policy name used to configure authentication in settings is now used for
the user id prefix and StatsD ``authn_type`` counters.

-------------------

**Protocol**

- Fields can be filtered in GET requests using ``_fields=f1,f2`` in querystring (fixes 384)

**New features**

- Add ability to filter fields from querystring (601, thanks MrChoclate)
- Check backends configuration at startup (fixes Kinto/kinto228)

**Bug fixes**

- Do not overwrite original error message and details in batch requests (fixes 617)
- Fix plugins not being able to use custom requests methods (618)
- Do not log batch subrequests twice (fixes 450, fixes Kinto/kinto264)

**Internal changes**

- Refactor filtering of events to use Pyramid subscribers predicates (fixes 609)
- Refactor logger imports (fixes 102)

-------------------

**Bug fixes**

- Fix hmac digest with python3 (fixes Kinto/kinto288)

**Documentation**

- Fixed typo in RHEL package manager command (610, thanks FooBarQuaxx)

-------------------

**Bug fixes**

- Fixes duplicated records in paginated results when limit is forced via
settings (fixes 588)

**New features**

- Allow to keep the ``last_modified`` field of records when updating or
creating them. Useful for replication of remote collections (fixes 604)

**Internal changes**

- Documentation has been updated to explain better how versionning is
handled (fixes 603)