Gunicorn

====================

- unblock select loop during reload of a sync worker
- security fix: http desync attack
- handle `wsgi.input_terminated`
- added support for str and bytes in unix socket addresses
- fixed `max_requests` setting
- headers values are now encoded as LATN1, not ASCII
- fixed `InotifyReloadeder`: handle `module.__file__` is None
- fixed compatibility with tornado 6
- fixed root logging
- Prevent removalof unix sockets from `reuse_port`
- Clear tornado ioloop before os.fork
- Miscellaneous fixes and improvement for linting using Pylint

===================

- fix: address a regression that prevented syslog support from working
(:issue:`1668`, :pr:`1773`)
- fix: correctly set `REMOTE_ADDR` on versions of Python 3 affected by
`Python Issue 30205 <https://bugs.python.org/issue30205>`_
(:issue:`1755`, :pr:`1796`)
- fix: show zero response length correctly in access log (:pr:`1787`)
- fix: prevent raising :exc:`AttributeError` when ``--reload`` is not passed
in case of a :exc:`SyntaxError` raised from the WSGI application.
(:issue:`1805`, :pr:`1806`)
- The internal module ``gunicorn.workers.async`` was renamed to ``gunicorn.workers.base_async``
since ``async`` is now a reserved word in Python 3.7.
(:pr:`1527`)

===================

- fix: secure scheme headers when bound to a unix socket
(:issue:`1766`, :pr:`1767`)

===================

- Eventlet 0.21.0 support (:issue:`1584`)
- Tornado 5 support (:issue:`1728`, :pr:`1752`)
- support watching additional files with ``--reload-extra-file``
(:pr:`1527`)
- support configuring logging with a dictionary with ``--logging-config-dict``
(:issue:`1087`, :pr:`1110`, :pr:`1602`)
- add support for the ``--config`` flag in the ``GUNICORN_CMD_ARGS`` environment
variable (:issue:`1576`, :pr:`1581`)
- disable ``SO_REUSEPORT`` by default and add the ``--reuse-port`` setting
(:issue:`1553`, :issue:`1603`, :pr:`1669`)
- fix: installing `inotify` on MacOS no longer breaks the reloader
(:issue:`1540`, :pr:`1541`)
- fix: do not throw ``TypeError`` when ``SO_REUSEPORT`` is not available
(:issue:`1501`, :pr:`1491`)
- fix: properly decode HTTP paths containing certain non-ASCII characters
(:issue:`1577`, :pr:`1578`)
- fix: remove whitespace when logging header values under gevent (:pr:`1607`)
- fix: close unlinked temporary files (:issue:`1327`, :pr:`1428`)
- fix: parse ``--umask=0`` correctly (:issue:`1622`, :pr:`1632`)
- fix: allow loading applications using relative file paths
(:issue:`1349`, :pr:`1481`)
- fix: force blocking mode on the gevent sockets (:issue:`880`, :pr:`1616`)
- fix: preserve leading `/` in request path (:issue:`1512`, :pr:`1511`)
- fix: forbid contradictory secure scheme headers
- fix: handle malformed basic authentication headers in access log
(:issue:`1683`, :pr:`1684`)
- fix: defer handling of ``USR1`` signal to a new greenlet under gevent
(:issue:`1645`, :pr:`1651`)
- fix: the threaded worker would sometimes close the wrong keep-alive
connection under Python 2 (:issue:`1698`, :pr:`1699`)
- fix: re-open log files on ``USR1`` signal using ``handler._open`` to
support subclasses of ``FileHandler`` (:issue:`1739`, :pr:`1742`)
- deprecation: the ``gaiohttp`` worker is deprecated, see the
:ref:`worker-class` documentation for more information
(:issue:`1338`, :pr:`1418`, :pr:`1569`)

================
Changelog - 2019
================

.. note::

Please see :doc:`news` for the latest changes

===================

- fix: continue if SO_REUSEPORT seems to be available but fails (:issue:`1480`)
- fix: support non-decimal values for the umask command line option (:issue:`1325`)

===================

- The previously deprecated ``gunicorn_django`` command has been removed.
Use the :ref:`gunicorn-cmd` command-line interface instead.
- The previously deprecated ``django_settings`` setting has been removed.
Use the :ref:`raw-env` setting instead.
- The default value of :ref:`ssl-version` has been changed from
``ssl.PROTOCOL_TLSv1`` to ``ssl.PROTOCOL_SSLv23``.
- fix: initialize the group access list when initgroups is set (:issue:`1297`)
- add environment variables to gunicorn access log format (:issue:`1291`)
- add --paste-global-conf option (:issue:`1304`)
- fix: print access logs to STDOUT (:issue:`1184`)
- remove upper limit on max header size config (:issue:`1313`)
- fix: print original exception on AppImportError (:issue:`1334`)
- use SO_REUSEPORT if available (:issue:`1344`)
- `fix leak <https://github.com/benoitc/gunicorn/commit/b4c41481e2d5ef127199a4601417a6819053c3fd>`_ of duplicate file descriptor for bound sockets.
- add --reload-engine option, support inotify and other backends (:issue:`1368`, :issue:`1459`)
- fix: reject request with invalid HTTP versions
- add ``child_exit`` callback (:issue:`1394`)
- add support for eventlets _AlreadyHandled object (:issue:`1406`)
- format boot tracebacks properly with reloader (:issue:`1408`)
- refactor socket activation and fd inheritance for better support of SystemD (:issue:`1310`)
- fix: o fds are given by default in gunicorn (:issue:`1423`)
- add ability to pass settings to GUNICORN_CMD_ARGS environment variable which helps in container world (:issue:`1385`)
- fix: catch access denied to pid file (:issue:`1091`)
- many additions and improvements to the documentation

Breaking Change
+++++++++++++++

- **Python 2.6.0** is the last supported version


================
Changelog - 2018
================

.. note::

Please see :doc:`news` for the latest changes