Zope-security

Latest version: v4.2.2

Safety actively analyzes 682387 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 8

4.2.2

Not secure
==================

- Make the pure-Python proxy on Python 2 *not* check permissions for
``__unicode__`` just like the C implementation. Note that
``__str__`` is checked for both implementations on both Python 2 and
3, but if there is no ``__unicode__`` method defined, Python 2's
automatic fallback to ``__str__`` is **not** checked when
``unicode`` is called. See `issue 10
<https://github.com/zopefoundation/zope.security/issues/10>`_.

4.2.1

Not secure
==================

- Fix the default values for ``Permission`` fields ``title`` and
``description`` under Python 2. See `issue 48
<https://github.com/zopefoundation/zope.security/issues/48>`_.

- Change the ``IPermission.id`` from ``Text`` (unicode) to a
``NativeStringLine``. This matches what ZCML creates and what is
usually written in source code.

4.2.0

Not secure
==================

- Fix the extremely rare potential for a crash when the C extensions
are in use. See `issue 35 <https://github.com/zopefoundation/zope.security/issues/35>`_.

- Fix `issue 7
<https://github.com/zopefoundation/zope.security/issues/7>`_: The
pure-Python proxy didn't propagate ``TypeError`` from ``__repr__``
and ``__str__`` like the C implementation did.

- Fix `issue 27 <https://github.com/zopefoundation/zope.security/issues/27>`_:
iteration of ``zope.interface.providedBy()`` is now allowed by
default on all versions of Python. Previously it only worked on
Python 2. Note that ``providedBy`` returns unproxied objects for backwards
compatibility.

- Fix ``__length_hint__`` of proxied iterator objects. Previously it
was ignored.

- Drop support for Python 3.3.

- Enable coveralls.io for coverage measurement and run doctests on all
supported Python versions.

- Fix `issue 9
<https://github.com/zopefoundation/zope.security/issues/9>`_:
iteration of ``itertools.groupby`` objects is now allowed by
default. In addition, iteration of all the custom iterator types
defined in itertools are also allowed by default.

- Simplify the internal ``_compat.py`` module now that we only run on
newer Python versions. See `PR 32 <https://github.com/zopefoundation/zope.security/pull/32>`_.

- Respect ``PURE_PYTHON`` at runtime. At build time, always try to
build the C extensions on supported platforms, ignoring
``PURE_PYTHON``. See `issue 33
<https://github.com/zopefoundation/zope.security/issues/33>`_.

- Fix watching checkers (``ZOPE_WATCH_CHECKERS=1``) in pure-Python
mode. See `issue 8 <https://github.com/zopefoundation/zope.security/issues/8>`_.

- Remove unused internal files from ``tests/``.

- Remove ``zope.security.setup``. It was unused and did not work
anyway.

- Fix the pure-Python proxy on Python 2 letting ``__getslice__`` and
``__setslice__`` fall through to ``__getitem__`` or ``__setitem__``,
respectively, if it raised an error.

- Fix the pure-Python proxy calling a wrapped ``__getattr__`` or
``__getattribute__`` more than once in situations where the C
implementation only called it one time (when it raised an
AttributeError).

- Reach 100% test coverage and maintain it via automated checks.

4.1.1

Not secure
==================

- Fix `issue 23 <https://github.com/zopefoundation/zope.security/issues/23>`_:
iteration of ``collections.OrderedDict`` and its various views is
now allowed by default on all versions of Python.

- As a further fix for issue 20, iteration of ``BTree`` itself is now
allowed by default.

4.1.0

Not secure
==================

- When testing ``PURE_PYTHON`` environments under ``tox``, avoid poisoning
the user's global wheel cache.

- Drop support for Python 2.6 and 3.2.

- Add support for Python 3.5 and 3.6.

- Fix `issue 20 <https://github.com/zopefoundation/zope.security/issues/20>`_:
iteration of pure-Python ``BTrees.items()``, and also creating a list from
``BTrees.items()`` on Python 3. The same applies for ``keys()`` and ``values()``.

4.0.3

Not secure
==================

- Fix iteration over security proxies in Python 3 using the pure-Python
implementation.

Page 1 of 8

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.