Pylons

* Fixed controllers.core to allow responses of None (empty bodies). Logs a
message indicating the response was empty.
* pylons.helpers has been moved to pylons.controllers.util, to differentiate
between controller utility functions and projects' helpers modules.
* Fixed non-basestring/generator/WSGIResponse objects returned from
Controllers not being set as the response content. Thanks Alex Conrad.
* development.ini now configures the app's Logger level to DEBUG by default.
Thanks Christoph Haas

* Projects now include a MANIFEST.in file: it directs distutils to recursively
include all files in the project's public/ and templates/ dir. This fixes
these dirs not being included in dists unless they were checked into an RCS
recognized by setuptools. This is at the expense of dists now globbing all
files in those dirs (even those not checked into your RCS). Thanks Christoph
Haas.
* Fixed the validate decorator not setting c.form_errors in certain
circumstances. Thanks max. Fixes 286.
* email_to lines commented out in development.ini and test.ini files to avoid
emails being sent to a non-existent address by mistake. If an error occurs
it is logged but no email is sent unless email_to is specified.
* [paste.app_factory] entry points changed to point to the actual make_app()
function to make it simpler for someone to work out how Pylons works (tests
updated accordingly too).
* All use of the ez_setup module is now tested by an ImportError to make
Pylons compatible with Buildout. Note: Tags and releases should be made
using an svn export and an svn add to ensure a real copy of the ez_setup
module is included and not just an svn:external so that the module is tied
to time of the release.
* More full-featured README.txt included.
* Updated beaker_cache to cache global response cookies/status/headers.
Fixes 280.
* Fixed missing abort name import in restrict rest decorator. Fixes 281.
* Added cheetah as a supported template language for template_engine option.
* Fixed public/ and templates/ directories not being created with paster
create.

* Fixed cookie header addition to use add instead of append. Thanks to
anonymous patcher. Fixes 268, again.
* Added ability to pass _code option to specify the status code type for
redirect_to.
* Fixed redirect_to to not copy all headers into redirect for old _response
usage. Fixes 268.
* WARNING: By default, the Pylons request object now returns unicode
parameter (pylons.GET/POST/params) values (and assumes those parameters
were sent to Pylons as utf-8). Unicode parameters can cause major
problems if your application is not setup to handle unicode. To disable
unicode parameters (0.9.5 default behavior), add the following to your
load_environment function (0.9.6 syntax):

config['request_options']['charset'] = None

or, if still using the deprecated pre-0.9.6 pylons.config syntax, add:

request_settings = pylons.config.request_defaults.copy()
request_settings['charset'] = None
return pylons.config.Config(tmpl_options, map, paths,
request_settings=request_settings)

* WARNING: Template names beginning with a / (or the OS's path separator)
will now result in the name not having the separator's replaced with '.'s
for the template engine. This shouldn't affect most projects as they usually
assume a dot notation will be used with dot notation template engines (Kid,
Genshi, etc.). This change allows template engines that can take filename
paths to function properly. Fixes 233.
* WARNING: The pylons.util.get_prefix(environ) function is deprecated. Please
use:
environ.get('SCRIPT_NAME', '')
instead (the get_prefix function is used in the default ErrorController).
Fixes 243.
* WARNING: The paths dictionary's 'root_path' has moved to the less
redundant 'root'.
* Fixed the Error Documents/EvalException css referencing non-existent images.
Thanks Shannon -jj Behrens. Fixes 238.
* Added ability to pass _code option to specify the status code type for
redirect_to.
* Fixed redirect_to to not copy all headers into redirect for old _response
usage. Fixes 268.
* Added logging statements throughout Pylons code, added logging setup to
default template. Fixes 98.
* Refactored global response to be setup in wsgiapp along with the other
globals. Updated WSGIController to copy in global response headers and
cookies into a WSGI app's output.
* Added global pylons.response object. Thanks Shannon -jj Behrens and Damjan
Georgievski. Fixes 268 and 201.
* Updated default project template files for new configuration layout. Options
to handle config now just in environment.py, and middleware.py handling just
middleware. Fixes 203.
* Removing mako tests, as its now the default. Default test changed from
Myghty to Mako.
* Changing default templating to mako.
* Added the https decorator. It requires an action to be loaded via
https. Patch by ido. Fixes 241.
* Added upgrade instructions, and posted a copy on the wiki. Fixes 230.
* Added deprecation warnings for usage of the Pylons Controller class, all
controllers should inherit from WSGIController instead. Fixes 239.
* Removed deprecated attach_locals function from Controller class.
* Added an authenticate_form decorator for use with WebHelpers'
secure_form_tag functions for preventing CSRF attacks. Original patch
by David Turner. Fixes 157.
* Fix Buffet's include_pylons_variables not being upheld. Thanks Jonathan
LaCour.
* The validate decorator now accepts extra keyword arguments (**htmlfill_kwargs)
to pass along to formencode's htmlfill.render function.
* Removed POST-only restriction on validate decorator, now handles GET
requests. No form arg required during a GET request, which will run the
current action with c.form_errors set to the errors. Fixes 246.
* Added PylonsConfig, which gets accessed as pylons.config dict. Contains
all the merged ini options, in addition to the Config options such as
'routes.map', 'pylons.paths', 'buffet.template_options', etc. Check the
pylons.config docs on PylonsConfig for dict keys populated by it.
* Split up resolution stages in wsgiapp, so that controller lookup is a
separate function making it easier to subclass. PylonsApp now takes a
base_wsgi_app argument which is then used for the BaseWSGIApp instead of the
one from wsgiapp.py.
* Added mako template render tests.
* Added storage of the action func used to handle a call, for later code that
might need a reference to the action that originally handled the request.
Fixes 253.
* Updated config object to optionally take a single merged conf dict, updated
project templates to pass around the single merged conf dict.
* Changed project template to use new Beaker session keys.
* Changed default routing for raw template matching to not unicode decode the
route argument. Fixes 242.
* Catch any exceptions raised by template engine entry points and emit a
warning instead of crashing. Thanks markbradley. Fixes 249
* Fixed the validate decorator not working with formencode's
CompoundValidators when variable_decode=False. Fixes 209.
* Fixed the validate decorator failing with a KeyError when no value is
specified to validate against for separate validators (as opposed to a
schema). Reported by Graham Stratton.
* Fixed paster shell not merging app_conf and global_conf into the main CONFIG
dict namespace. Original patch by David Smith. Fixes 244.
* Added logging to decorators. Refs 98.
* Fixed paster restcontroller to test for lib.base and only add that import
statement when its present. This fixes the restcontroller template when used
with minimal Pylons project templates. Fixes 237.
* Fixed the EvalException debugger showing broken links and buttons when the
app's ErrorController was broken (such as when BaseController's __before__
raises an exception). Suggested by Ian Bicking. Fixes 228.
* paster create now accepts a 'template_engine' option to setup the new
project's default template engine. E.g. to create a new project that
uses Genshi by default, use:
paster create --template=pylons mygenshiproj template_engine=genshi
Suggested by Ian Bicking. Fixes 141.
* Fixed the validate decorator triggering the following error with
FormEncode>=0.7 and non-ascii rendered form content:
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 10:
ordinal not in range(128) the form was passed in as an encoded string, but
some data or error messages were unicode strings; the form should be passed
in as a unicode string
Reported by Christoph Haas.
* HTTPExceptions are now converted to Response objects (for __after__),
making the httpexceptions middleware no longer required.
* Added Warning to jsonify to warn about cross-site attacks when returning
a list as the outer-most element to jsonify. Fixes 232.
* Fixed beaker_cache decorator to take optional keyword arguments intended
for the backend cache container (such as url for memcached).
* Fixed paster controller assuming the minimal template was in use when
the lib.base module existed but raised an exception.
* Fixed bug in XMLRPC Controller not setting proper Content-Type. Fixes 236.
* Added the '-d' ('--disable-ipython') option to paster shell for
disabling IPython.
* Allow creation of controllers named 'setup' via paster controller.
Reported by Matt Good.
* Added support for generic arguments to SQLAlchemy's create_engine of
the form sqlalchemy.* from the PasteDeploy config file.

* Fixed a Python 2.3 incompatibility with paster shell, causing the
Exception:
File "Pylons-0.9.5-py2.3.egg/pylons/commands.py", line 357, in command
locs.update([(name, getattr(base, name)) for name in base_public])
AttributeError: keys
* Fixed paster shell breaking for projects where the base package was not
the first package listed in top_level.txt. Patch from Alberto Valverde.
Fixes 229.
* Fixed doc references to config['app_conf']. Fixes 116.
* Changed `get_engine_conf` to properly evaluate sqlalchemy echo statement
when its 'debug'. Fixes 226.
* make_session and create_engine now accept keyword arguments to pass to
SQLAlchemy's create_engine.
* make_session now accepts the keyword argument 'session_kwargs' to pass
to SQLAlchemy's create_session.
* Fixed _inspect_call to call function with keyword arguments instead of list
args. Corrects issue with action defaults that caused the value for the
latter args to be in the wrong spots. Spotted by Topher. Fixes 223.
* Added the allow_none option (passed to xmlrpc.dumps) to XMLRPCController.
Suggested by Jaroslaw Zabiello.
* Updated XMLRPC Controller with patch for name lookup and additional unit
tests for the patch. Fixes 216.
* Updated docs for validate decorator to more clearly illustrate what the
post_only args apply to. Fixes 221.
* Added ability to return strings in the WSGIController. Fixes 218.
* Added lazy i18n translation functions. Patch from David Smith. Fixes 181.
* Added fix for XMLRPCController system.methodHelp function and unit test.
Patch and unit test submitted by Graham Higgins.
* Fixed bug in validate decorator with new UnicodeMultiDict response content
not properly retaining form content as unicode for formencode's htmlfill.
* Fixed bug in XMLRPC Controller with xmlrpclib Faults not being properly
transformed into a WSGI response within the controller.
* WARNING: Pylons now requires the decorator module: it no longer packages
it as pylons.decorator. Code relying on the pylons.decorator.decorator
function will trigger a deprecation warning and should be changed to use
decorator.decorator.
* WARNING: pylons.h was deprecated for using projects' lib.helpers module
directly in 0.9.3. pylons.h is now formally deprecated (emits
DeprecationWarnings). Projects still accessing pylons.h must change the
following import:
from pylons import h
to:
import MYPROJ.lib.helpers as h
* pylons.jsonify and pylons.Controller references have been deprecated
(they are misplaced references). They continue to be available at
pylons.decorators.jsonify and pylons.controllers.Controller, as they always
have been.
* Updated templating Buffet to recognize format parameter and properly pass it
to the template engine.
* Updated LICENSE for new year and to indicate license covering templates
generated. Fixes 188.
* Interactive debugger now supports Mako. After r1780 if you are using a
custom theme you will need to change '%(myghty_data)s' to
'%(template_data)s' in your template. If you are using JavaScript the tab
id is now "template_data".
* Fixed bug in WSGIController with private function attempts not returning a
valid WSGI response.
* Added full unit test coverage of cache decorator.
* Adding messages binary file, enabling i18n unit tests. Updating pylons.i18n
to import LanguageError. Fixes 193.
* Adding i18n tests, not active yet as they're waiting on a binary file from a
patch. Refs 193.
* Updated tests so that they now work with nose, removing py.test requirement.
* Switching config setup to load keys into main config dict with app_conf and
global_conf keys set for any code looking for those keys. Fixes 116.
* PylonsInstaller is now the default paste.app_install entry point for new
projects: this makes Cheetah no longer required for the paster make-config
command. (Thanks Alexander Schremmer, Ian Bicking)
* Added custom redirect_to function in pylons.helpers that will take an
optional _response arg to pull headers and cookies out for preservation
during a redirect. Fixes 136.
* Changed config.Config.__init__ to take all options as keyword args so
unused args can be skipped. Fixes 162.
* The request object can now automatically decode GET/POST/params vars to
unicode, when its charset attribute is set.
* Added a new request_settings keyword arg to Config's constructor. Allows
setting the default charset and errors values of of the request object.
* Deprecated Config constructor's default_charset keyword arg. Use Config's
response_settings keyword arg instead.
* Fixed paster controller to test for lib.base and only add that import
statement when its present. This fixes the controller template when used with
minimal Pylons project templates. Fixes 140 and fixes 139.
* Fixed the paster shell error: KeyError: 'pylons.routes_dict' when calling
app.get and app.post.
* Fixed paster shell not working on projects with names containing hyphens.
* Fixed the config directive 'sqlalchemy.echo' set to False being interpreted
as True. Patch by Alex Conrad.
* Fixed paster shell not restoring CONFIG['global_conf'].

* Added restcontroller command that generates a RESTful controller template
and provides the appropriate map.resource command to add. Suggested by
Matthew Scott.
* Fixed SQLObject pylons.database.PackageHub error:
exceptions.NameError: global name 'CONFIG' is not defined
* Fixed pylons.database.session_context not working outside of requests
(such as in websetup.py).
* Updated template options config to take template options for multiple
engines for less binding to Myghty.
* Fixed paster shell incorrectly importing the the tuple (model,) as the
model object.

* WARNING: Removed the lang_extract and lang_compile commands. They used
pygettext.py and its associated msgfmt.py, which lacked the ability to
extract ngettext style function calls and had issues with unicode strings.
The new I18NToolBox project aims to provide this functionality (and more)
via the gettext command line utilities. http://i18ntoolbox.ufsoft.org
* All Pylons special objects are now available within paster shell (not just
h and g).
* WARNING: Myghty's allow_globals config var has changed, causing the
following when running pre-compiled templates:
Error(TypeError): do_run_component() takes exactly 13 non-keyword
arguments (5 given)
Delete the compiled Myghty templates directory (specified by cache_dir or
myghty_data_dir in the config file) to resolve the error.
* Changed i18n functions in templates to use proxy objects so that using
set_lang in a template works right. Fixes 153.
* Now allowing any template plugin to overwrite global PYLONS_VARS (such as c,
g), not just pylonsmyghty.
* Adding SQLAlchemy support to the database.py file. Saves the session engine
to g to maintain it during the apps lifetime. Uses SessionContext plugin for
management of the current session.
* Updated config object so that init_app can take an optional template engine
argument to declare the default template engine.
* Updated Myghty plugin to use extra_vars_func when passed in.
* Fixed Buffet to use extra_vars_func properly.
* Fixed the validate decorator when there are validation errors and
variable_decode=True: now passing the original params to htmlfill.render
instead of the varable_decode'd version. Patch by FlimFlamMan.
* Added ungettext function for use with pluralized i18n, and the N_ function
(gettext_noop) to mark global strings for translation. Added ungettext, N_
and translator objects to be globals for templates. Refs 126.
* WARNING: The localization function '_' now uses ugettext (returns unicode
strings) instead of gettext. To preserve the old behavior, append the
following line to your project's lib.base and lib.helpers imports:
from pylons.helpers import gettext as _
* Pylons special objects are now available within the interactive debugger
(deprecating _attach_locals).
* Added setup-app run before unit tests run so that webapp has proper setup
tasks handled. Fixes 113.
* Added paste.deploy.CONFIG setup to middleware.py, websetup.py and testing
files in the Pylons project templates. Closes 112.
* Added security policy doc to index for use as Pylons security policy.
Closes 91.
* Improved the repr() of the c context object to show attributes.
* Set environ['paste.testing_variables'] whenever that key is available, not
just in testing mode.
* Added capability to have an action be a generator function.
* Added introspection capability to XMLRPCController and signature checking.
* Updated Controller to use additional arg lookup scheme so that the source of
the function args for _inspect_call can be easily overridden.
* Updated RPCController, renamed to XMLRPCController. XMLRPCController now
functions properly and will automatically return proper xmlrpc responses.
* Added test configuration ini file to default template. Closes 114.
* Fixed problem with pylons.database.PackageHub.__get__ raising errors
other than AttributeError when the database isn't configured. Added
new UnconfiguredConnectionError exception, instead of just KeyError
or TypeError (depending on what part of the configuration failed).
* Fixed default g init, since bare object has no init method. Reported by Ian
Bicking.
* Fixed issue with SQLObject method override having wrong name. Reported by
climbus with patch. Fixes 133.
* Moved log function to pylons.helpers and translation functions to
pylons.i18n. using pylons.util purely for Pylons internal util functions.
* WARNING: Removed 0.8.x legacy code and backwards compatibility functions.
* PylonsApp now has option to not use Routes middleware, default resolving
uses new wsgi.org routing_args spec.
* Refactored routes dispatching to use new Routes middleware.
* Fixed paster shell command to properly acquire mapper object without
relying on the template being configured in a specific manner.
* Added keyword argument pool_connection to
pylons.database.PackageHub; if set to false then SQLObject connections
won't use pooled database connections (a new connection will be
opened for each request).