Pyro4

Latest version: v4.82

Safety actively analyzes 685838 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 4 of 5

4.58

Not secure
- Added feature to be able to pass through serialized arguments unchanged via ``Pyro4.core.SerializedBlob``, see example 'blob-dispatch'
- Fixed a fair amount of typos in the manual and readme texts.
- The stockquotes tutorial example now also has a 'phase 3' just like the warehouse tutorial example, to show how to run it on different machines.

4.57

Not secure
- Pyro4.core.async() and proxy._pyroAsync() no longer return a copy of the proxy but rather modify the proxy itself,
in an attempt to reduce the number of socket connections to a server. They still return the proxy object for api compatibility reasons.
- async result now internally retries connection after a short delay, if it finds that the server has no free worker threads to accept the connection.
If COMMTIMEOUT has been set, it retries until the timeout is exceeded. Otherwise it retries indefinitely util it gets a connection.
- _StreamResultIterator now stops all communication as soon as StopIteration occurred, this avoids unnecessary close calls to remote iterators.

4.56

Not secure
- optional msgpack serializer added (requires msgpack-python library, see https://pypi.python.org/pypi/msgpack-python )
- fixed possible crash in closing of remote iterators (they could crash the proxy by screwing up the internal sequence number).
- json serializer can now serialize uuid.UUID, datetime and decimal objects (into strings, like serpent does)
- serializers can now deal with memoryview and bytearray serialized data input types.
- serpent library dependency updated to 1.19 to be able to deal with memoryview and bytearray inputs.
- added ``response_annotations`` on the call context object to be able to access annotations more easily than having to subclass Proxy or Daemon.
- ``Proxy._pyroAnnotations`` and ``Daemon.annotations`` no longer needs to call super, the annotations you return
here are now automatically merged with whatever Pyro uses internally.
- Proxy and Daemon now contain the ip address family in their repr string.
- Pyro now logs the ip address family for proxy or daemon socket connections.
- ipv6 doesn't have broadcasts, so Pyro no longer uses them when ipv6 is in use.
- improved the docs about binary data transfer a bit.
- documentation is now also available on ReadTheDocs: http://pyro4.readthedocs.io/
- fixed various examples

4.55

Not secure
- _CRITICAL FIX:_ serpent library dependency updated to 1.17 to fix issues with encoding and parsing strings containing 0-bytes.
Note that if you don't want to upgrade Pyro itself yet, you should manually upgrade the serpent library to get this fix.
- Prefer selectors2 over selectors34 if it is available (Python 3.4 or older, to have better semantics of failing syscalls)
- Removed THREADING2 config item and Pyro4.threadutil module. (the threading2 third party module is old and seems unmaintained and wasn't useful for Pyro anyway)
- Improved module structure; fixed various circular import dependencies. This also fixed the RuntimeWarning about sys.modules, when starting the name server.
- To achieve the previous item, had to move `resolve` and `locateNS` from `Pyro4.naming` to `Pyro4.core` .
They're still available on their old location for backwards compatibility for now.
Ofcourse, they're also still on their old "shortcut" location in `Pyro4` directly.
- Removed the publicly visible serializer id numbers from the message module. They're internal protocol details, user code should always refer to serializers by their name.
- When a connection cannot be made, the address Pyro tries to connect to is now also included in the error message.
- Added overridable `Daemon.housekeeping()` method.
- Improved error message in case of invalid ipv6 uri.
- Fixed various examples, and made the Pyro4 main api package documentation page complete again.

4.54

Not secure
- Serpent serializer: floats with value NaN will now be properly serialized and deserialized into a float again, instead of the class dict `{'__class__':'float', 'value':'nan'}`
Note that you can achieve the same for older versions of Pyro by manually registering a custom converter:
`Pyro4.util.SerializerBase.register_dict_to_class("float", lambda _, d: float(d["value"]))`
- Removed platform checks when using dill serializer, latest Pypy version + latest dill (0.2.6) should work again.
Other platforms might still expose problems when trying to use dill (IronPython), but they are now considered
to be the user's problem if they attempt to use this combination.
- Applied version detection patch from Debian package to contrib/init.d/pyro4-nsd
- Don't crash immediately at importing Pyro4 when the 'selectors' or 'selectors34' module is not available.
Rationale:
This is normally a required dependency so the situation should usually not occur at all.
But it can be problematic on Debian (and perhaps other distributions) at this time, because this module may not be packaged/not be available.
So we now raise a proper error message, but only when an attempt is made to actually create a multiplex server (all other parts of Pyro4 are still usable just fine in this case).
The selectors module is available automatically on Python 3.4 or newer, for older Pythons you have to
install it manually or via the python2-selectors34 package if that is available.
- Fixed crash when trying to print the repr or string form of a Daemon that was serialized.
- Changed uuid.uuid1() calls to uuid.uuid4() because of potential issues with uuid1 (obscure resource leak on file descriptors on /var/lib/libuuid/clock.txt).
Pyro4 already used uuid4() for certain things, it now exclusively uses uuid4().
- Fixed a few IronPython issues with several unit tests.
- Improved the installation chapter in the docs.

4.53

Not secure
- _CRITICAL FIX:_ serpent library dependency updated to 1.16 to fix floating point precision loss error on older python versions.
Note that if you don't want to upgrade Pyro itself yet, you should manually upgrade the serpent library to get this fix.
- added unittest to check that float precision is maintained in the serializers
- fixed some typos in docs and docstrings, improved daemon metadata doc.
- mailing list (`pyrofreelists.org`) has been discontinued.

Page 4 of 5

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.