Pyramid

Latest version: v2.0.2

Safety actively analyzes 638646 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 11 of 30

1.2

Not secure
================

- No changes from 1.2b6.

1.2b6

==================

Backwards Incompatibilities
---------------------------

- Remove magical feature of ``repoze.bfg.url.model_url`` which
prepended a fully-expanded urldispatch route URL before a the
model's path if it was noticed that the request had matched a route.
This feature was ill-conceived, and didn't work in all scenarios.

Bug Fixes
---------

- More correct conversion of provided ``renderer`` values to resource
specification values (internal).

1.2b5

==================

Bug Fixes
---------

- 1.2b4 introduced a bug whereby views added via a route configuration
that named a view callable and also a ``view_attr`` became broken.
Symptom: ``MyViewClass is not callable`` or the ``__call__`` of a
class was being called instead of the method named via
``view_attr``.

- Fix a bug whereby a ``renderer`` argument to the ``bfg_view``
decorator that provided a package-relative template filename might
not have been resolved properly. Symptom: inappropriate ``Missing
template resource`` errors.

1.2b4

==================

Documentation
-------------

- Update GAE tutorial to use Chameleon instead of Jinja2 (now that
it's possible).

Bug Fixes
---------

- Ensure that ``secure`` flag for AuthTktAuthenticationPolicy
constructor does what it's documented to do (merge Daniel Holth's
fancy-cookies-2 branch).

Features
--------

- Add ``path`` and ``http_only`` options to
AuthTktAuthenticationPolicy constructor (merge Daniel Holth's
fancy-cookies-2 branch).

Backwards Incompatibilities
---------------------------

- Remove ``view_header``, ``view_accept``, ``view_xhr``,
``view_path_info``, ``view_request_method``, ``view_request_param``,
and ``view_containment`` predicate arguments from the
``Configurator.add_route`` argument list. These arguments were
speculative. If you need the features exposed by these arguments,
add a view associated with a route using the ``route_name`` argument
to the ``add_view`` method instead.

- Remove ``view_header``, ``view_accept``, ``view_xhr``,
``view_path_info``, ``view_request_method``, ``view_request_param``,
and ``view_containment`` predicate arguments from the ``route`` ZCML
directive attribute set. These attributes were speculative. If you
need the features exposed by these attributes, add a view associated
with a route using the ``route_name`` attribute of the ``view`` ZCML
directive instead.

Dependencies
------------

- Remove dependency on ``sourcecodegen`` (not depended upon by
Chameleon 1.1.1+).

1.2b3

Not secure
==================

Bug Fixes
---------

- When "hybrid mode" (both traversal and urldispatch) is in use,
default to finding route-related views even if a non-route-related
view registration has been made with a more specific context. The
default used to be to find views with a more specific context first.
Use the new ``use_global_views`` argument to the route definition to
get back the older behavior.

Features
--------

- Add ``use_global_views`` argument to ``add_route`` method of
Configurator. When this argument is true, views registered for *no*
route will be found if no more specific view related to the route is
found.

- Add ``use_global_views`` attribute to ZCML ``<route>`` directive
(see above).

Internal
--------

- When registering a view, register the view adapter with the
"requires" interfaces as ``(request_type, context_type)`` rather
than ``(context_type, request_type)``. This provides for saner
lookup, because the registration will always be made with a specific
request interface, but registration may not be made with a specific
context interface. In general, when creating multiadapters, you
want to order the requires interfaces so that the elements which
are more likely to be registered using specific interfaces are
ordered before those which are less likely.

1.2b2

Not secure
==================

Bug Fixes
---------

- When the ``Configurator`` is passed an instance of
``zope.component.registry.Components`` as a ``registry`` constructor
argument, fix the instance up to have the attributes we expect of an
instance of ``repoze.bfg.registry.Registry`` when ``setup_registry``
is called. This makes it possible to use the global Zope component
registry as a BFG application registry.

- When WebOb 0.9.7.1 was used, a deprecation warning was issued for
the class attribute named ``charset`` within
``repoze.bfg.request.Request``. BFG now *requires* WebOb >= 0.9.7,
and code was added so that this deprecation warning has disappeared.

- Fix a view lookup ordering bug whereby a view with a larger number
of predicates registered first (literally first, not "earlier") for
a triad would lose during view lookup to one registered with fewer.

- Make sure views with exactly N custom predicates are always called
before views with exactly N non-custom predicates given all else is
equal in the view configuration.

Documentation
-------------

- Change renderings of ZCML directive documentation.

- Add a narrative documentation chapter: "Using the Zope Component
Architecture in repoze.bfg".

Dependencies
------------

- Require WebOb >= 0.9.7

Page 11 of 30

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.