The NetBSD Project

CVS log for pkgsrc/www/py-tornado/Makefile

[BACK] Up to [] / pkgsrc / www / py-tornado

Request diff between arbitrary revisions

Default branch: MAIN

Revision 1.34 / (download) - annotate - [select for diffs], Sat Aug 12 12:59:54 2023 UTC (3 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2023Q3-base, pkgsrc-2023Q3, HEAD
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)

py-tornado: updated to 6.3.3

What's new in Tornado 6.3.3

Security improvements

- The ``Content-Length`` header and ``chunked`` ``Transfer-Encoding`` sizes are now parsed
  more strictly (according to the relevant RFCs) to avoid potential request-smuggling
  vulnerabilities when deployed behind certain proxies.

Revision 1.33 / (download) - annotate - [select for diffs], Tue May 16 10:20:23 2023 UTC (6 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2023Q2-base, pkgsrc-2023Q2
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)

py-tornado: updated to 6.3.2

What's new in Tornado 6.3.2

Security improvements

- Fixed an open redirect vulnerability in StaticFileHandler under certain

Revision 1.32 / (download) - annotate - [select for diffs], Tue Apr 25 10:53:27 2023 UTC (7 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)

py-tornado: updated to 6.3.1

What's new in Tornado 6.3.1

Apr 21, 2023


- `.RequestHandler.set_cookie` once again accepts capitalized keyword arguments
  for backwards compatibility. This is deprecated and in Tornado 7.0 only lowercase
  arguments will be accepted.

What's new in Tornado 6.3.0

Apr 17, 2023


- The new `.Application` setting ``xsrf_cookie_name`` can now be used to
  take advantage of the ``__Host`` cookie prefix for improved security.
  To use it, add ``{"xsrf_cookie_name": "__Host-xsrf", "xsrf_cookie_kwargs":
  {"secure": True}}`` to your `.Application` settings. Note that this feature
  currently only works when HTTPS is used.
- `.WSGIContainer` now supports running the application in a ``ThreadPoolExecutor`` so
  the event loop is no longer blocked.
- `.AsyncTestCase` and `.AsyncHTTPTestCase`, which were deprecated in Tornado 6.2,
  are no longer deprecated.
- WebSockets are now much faster at receiving large messages split into many

General changes

- Python 3.7 is no longer supported; the minimum supported Python version is 3.8.
  Python 3.12 is now supported.
- To avoid spurious deprecation warnings, users of Python 3.10 should upgrade
  to at least version 3.10.9, and users of Python 3.11 should upgrade to at least
  version 3.11.1.
- Tornado submodules are now imported automatically on demand. This means it is
  now possible to use a single ``import tornado`` statement and refer to objects
  in submodules such as `tornado.web.RequestHandler`.

Deprecation notices

- In Tornado 7.0, `tornado.testing.ExpectLog` will match ``WARNING``
  and above regardless of the current logging configuration, unless the
  ``level`` argument is used.
- `.RequestHandler.get_secure_cookie` is now a deprecated alias for
  `.RequestHandler.get_signed_cookie`. `.RequestHandler.set_secure_cookie`
  is now a deprecated alias for `.RequestHandler.set_signed_cookie`.
- `.RequestHandler.clear_all_cookies` is deprecated. No direct replacement
  is provided; `.RequestHandler.clear_cookie` should be used on individual
- Calling the `.IOLoop` constructor without a ``make_current`` argument, which was
  deprecated in Tornado 6.2, is no longer deprecated.
- `.AsyncTestCase` and `.AsyncHTTPTestCase`, which were deprecated in Tornado 6.2,
  are no longer deprecated.
- `.AsyncTestCase.get_new_ioloop` is deprecated.


- New method `.GoogleOAuth2Mixin.get_google_oauth_settings` can now be overridden
  to get credentials from a source other than the `.Application` settings.


- `contextvars` now work properly when a ``@gen.coroutine`` calls a native coroutine.


- `~.OptionParser.parse_config_file` now recognizes single comma-separated strings (in addition to
  lists of strings) for options with ``multiple=True``.


- New `.Application` setting ``xsrf_cookie_name`` can be used to change the
  name of the XSRF cookie. This is most useful to take advantage of the
  ``__Host-`` cookie prefix.
- `.RequestHandler.get_secure_cookie` and `.RequestHandler.set_secure_cookie`
  (and related methods and attributes) have been renamed to
  `~.RequestHandler.get_signed_cookie` and `~.RequestHandler.set_signed_cookie`.
  This makes it more explicit what kind of security is provided, and avoids
  confusion with the ``Secure`` cookie attribute and ``__Secure-`` cookie prefix.
  The old names remain supported as deprecated aliases.
- `.RequestHandler.clear_cookie` now accepts all keyword arguments accepted by
  `~.RequestHandler.set_cookie`. In some cases clearing a cookie requires certain
  arguments to be passed the same way in which it was set.
- `.RequestHandler.clear_all_cookies` now accepts additional keyword arguments
  for the same reason as ``clear_cookie``. However, since the requirements
  for additional arguments mean that it cannot reliably clear all cookies,
  this method is now deprecated.


- It is now much faster (no longer quadratic) to receive large messages that
  have been split into many fragments.
- `.websocket_connect` now accepts a ``resolver`` parameter.


- `.WSGIContainer` now accepts an ``executor`` parameter which can be used
  to run the WSGI application on a thread pool.

Revision 1.31 / (download) - annotate - [select for diffs], Thu Aug 18 16:48:30 2022 UTC (15 months, 2 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base, pkgsrc-2023Q1, pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)

py-tornado: updated to 6.2

What's new in Tornado 6.2.0

Jul 3, 2022

Deprecation notice

- Python 3.10 has begun the process of significant changes to the APIs for
  managing the event loop. Calls to methods such as `asyncio.get_event_loop` may
  now raise `DeprecationWarning` if no event loop is running. This has
  significant impact on the patterns for initializing applications, and in
  particular invalidates patterns that have long been the norm in Tornado's
  documentation and actual usage. In the future (with some as-yet-unspecified
  future version of Python), the old APIs will be removed. The new recommended
  pattern is to start the event loop with ``. More detailed migration
  guides will be coming in the future.

  - The `.IOLoop` constructor is deprecated unless the ``make_current=False``
    argument is used. Use `.IOLoop.current` when the loop is already running
  - `.AsyncTestCase` (and `.AsyncHTTPTestCase`) are deprecated. Use
    `unittest.IsolatedAsyncioTestCase` instead.
  - Multi-process `.TCPServer.bind`/`.TCPServer.start` is deprecated. See
    `.TCPServer` docs for supported alternatives.
  - `.AnyThreadEventLoopPolicy` is deprecated. This class controls the creation of
    the "current" event loop so it will be removed when that concept is no longer
  - `.IOLoop.make_current` and `.IOLoop.clear_current` are deprecated. In the
    future the concept of a "current" event loop as distinct from one that is
    currently running will be removed.

- ``TwistedResolver`` and ``CaresResolver`` are deprecated and will be
  removed in Tornado 7.0.

General changes

- The minimum supported Python version is now 3.7.
- Wheels are now published with the Python stable ABI (``abi3``) for
  compatibility across versions of Python.
- SSL certificate verfication and hostname checks are now enabled by default in
  more places (primarily in client-side usage of `.SSLIOStream`).
- Various improvements to type hints throughout the package.
- CI has moved from Travis and Appveyor to Github Actions.


- Fixed a bug in which ``WaitIterator.current_index`` could be incorrect.
- ``tornado.gen.TimeoutError``` is now an alias for `asyncio.TimeoutError`.


- ``max_body_size`` may now be set to zero to disallow a non-empty body.
- ``Content-Encoding: gzip`` is now recognized case-insensitively.


- ``curl_httpclient`` now supports non-ASCII (ISO-8859-1) header values, same as


- `.PeriodicCallback` now understands coroutines and will not start multiple
  copies if a previous invocation runs too long.
- `.PeriodicCallback` now accepts `datetime.timedelta` objects in addition to
  numbers of milliseconds.
- Avoid logging "Event loop is closed" during shutdown-related race conditions.
- Tornado no longer calls `logging.basicConfig` when starting an IOLoop; this
  has been unnecessary since Python 3.2 added a logger of last resort.
- The `.IOLoop` constructor now accepts an ``asyncio_loop`` keyword argument to
  initialize with a specfied asyncio event loop.
- It is now possible to construct an `.IOLoop` on one thread (with
  ``make_current=False``) and start it on a different thread.


- `.SSLIOStream` now supports reading more than 2GB at a time.
- ``IOStream.write`` now supports typed `memoryview` objects.


- `.load_gettext_translations` no longer logs errors when language directories
  exist but do not contain the expected file.


- `.is_valid_ip` no longer raises exceptions when the input is too long.
- The default resolver now uses the same methods (and thread pool) as `asyncio`.


- `.TCPServer.listen` now supports more arguments to pass through to


- `.bind_unused_port` now takes an optional ``address`` argument.
- Wrapped test methods now include the ``__wrapped__`` attribute.


- When using a custom `.StaticFileHandler` subclass, the ``reset()`` method is
  now called on this subclass instead of the base class.
- Improved handling of the ``Accept-Language`` header.
- `.Application.listen` now supports more arguments to pass through to


- `.WebSocketClientConnection.write_message` now accepts `dict` arguments for
  consistency with `.WebSocketHandler.write_message`.
- `.WebSocketClientConnection.write_message` now raises an exception as
  documented if the connection is already closed.

Revision 1.30 / (download) - annotate - [select for diffs], Sat Feb 5 09:00:25 2022 UTC (22 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2, pkgsrc-2022Q1-base, pkgsrc-2022Q1
Changes since 1.29: +4 -20 lines
Diff to previous 1.29 (colored)

py-tornado: updated to 6.1

What„ŗ—‘ new in Tornado 6.1.0

Oct 30, 2020

Deprecation notice

This is the last release of Tornado to support Python 3.5. Future versions will require Python 3.6 or newer.
General changes

Windows support has been improved. Tornado is now compatible with the proactor event loop (which became the default in Python 3.8) by automatically falling back to running a selector in a second thread. This means that it is no longer necessary to explicitly configure a selector event loop, although doing so may improve performance. This does not change the fact that Tornado is significantly less scalable on Windows than on other platforms.
Binary wheels are now provided for Windows, MacOS, and Linux (amd64 and arm64).

coroutine now has better support for the Python 3.7+ contextvars module. In particular, the ContextVar.reset method is now supported.

HEAD requests to handlers that used chunked encoding no longer produce malformed output.
Certain kinds of malformed gzip data no longer cause an infinite loop.

Setting decompress_response=False now works correctly with curl_httpclient.
Mixing requests with and without proxies works correctly in curl_httpclient (assuming the version of pycurl is recent enough).
A default User-Agent of Tornado/$VERSION is now used if the user_agent parameter is not specified.
After a 303 redirect, tornado.simple_httpclient always uses GET. Previously this would use GET if the original request was a POST and would otherwise reuse the original request method. For curl_httpclient, the behavior depends on the version of libcurl (with the most recent versions using GET after 303 regardless of the original method).
Setting request_timeout and/or connect_timeout to zero is now supported to disable the timeout.

Header parsing is now faster.
parse_body_arguments now accepts incompletely-escaped non-ASCII inputs.

ssl.CertificateError during the SSL handshake is now handled correctly.
Reads that are resolved while the stream is closing are now handled correctly.

When colored logging is enabled, logging.CRITICAL messages are now recognized and colored magenta.

EADDRNOTAVAIL is now ignored when binding to localhost with IPv6. This error is common in docker.

AnyThreadEventLoopPolicy now also configures a selector event loop for these threads (the proactor event loop only works on the main thread)

The set_close_exec function has been removed.

ExpectLog now has a level argument to ensure that the given log level is enabled.

RedirectHandler.get now accepts keyword arguments.
When sending 304 responses, more headers (including Allow) are now preserved.
reverse_url correctly handles escaped characters in the regex route.
Default Etag headers are now generated with SHA-512 instead of MD5.

The ping_interval timer is now stopped when the connection is closed.
websocket_connect now raises an error when it encounters a redirect instead of hanging.

For older versions look here:

Revision 1.29 / (download) - annotate - [select for diffs], Tue Jan 4 20:55:36 2022 UTC (23 months ago) by wiz
Branch: MAIN
Changes since 1.28: +2 -1 lines
Diff to previous 1.28 (colored)

*: bump PKGREVISION for users

They now have a tool dependency on py-setuptools instead of a DEPENDS

Revision 1.28 / (download) - annotate - [select for diffs], Thu May 2 09:27:09 2019 UTC (4 years, 7 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base, pkgsrc-2021Q4, pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2, pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4, pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3, pkgsrc-2019Q2-base, pkgsrc-2019Q2
Changes since 1.27: +4 -6 lines
Diff to previous 1.27 (colored)

Forget about Python 3.4

Revision 1.27 / (download) - annotate - [select for diffs], Mon Sep 17 10:15:39 2018 UTC (5 years, 2 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)

py-tornado: updated to 5.1.1

Tornado 5.1.1:

Bug fixes

Fixed an case in which the Future returned by RequestHandler.finish could fail to resolve.
The TwitterMixin.authenticate_redirect method works again.
Improved error handling in the tornado.auth module, fixing hanging requests when a network or other error occurs.

Revision 1.26 / (download) - annotate - [select for diffs], Fri Aug 31 09:51:06 2018 UTC (5 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)

py-tornado: updated to 5.1

What's new in Tornado 5.1

Deprecation notice
- Tornado 6.0 will drop support for Python 2.7 and 3.4. The minimum
  supported Python version will be 3.5.2.
- The tornado.stack_context module is deprecated and will be removed
  in Tornado 6.0. The reason for this is that it is not feasible to
  provide this module's semantics in the presence of async def
  native coroutines. .ExceptionStackContext is mainly obsolete
  thanks to coroutines. .StackContext lacks a direct replacement
  although the new contextvars package (in the Python standard
  library beginning in Python 3.7) may be an alternative.
- Callback-oriented code often relies on .ExceptionStackContext to
  handle errors and prevent leaked connections. In order to avoid the
  risk of silently introducing subtle leaks (and to consolidate all of
  Tornado's interfaces behind the coroutine pattern), callback
  arguments throughout the package are deprecated and will be removed
  in version 6.0. All functions that had a callback argument
  removed now return a .Future which should be used instead.
- Where possible, deprecation warnings are emitted when any of these
  deprecated interfaces is used. However, Python does not display
  deprecation warnings by default. To prepare your application for
  Tornado 6.0, run Python with the -Wd argument or set the
  environment variable PYTHONWARNINGS to d. If your
  application runs on Python 3 without deprecation warnings, it should
  be able to move to Tornado 6.0 without disruption.

- .OAuthMixin._oauth_get_user_future may now be a native coroutine.
- All callback arguments in this package are deprecated and will
  be removed in 6.0. Use the coroutine interfaces instead.
- The OAuthMixin._oauth_get_user method is deprecated and will be removed in
  6.0. Override ~.OAuthMixin._oauth_get_user_future instead.

- The command-line autoreload wrapper is now preserved if an internal
  autoreload fires.
- The command-line wrapper no longer starts duplicated processes on windows
  when combined with internal autoreload.

- .run_on_executor now returns .Future objects that are compatible
  with await.
- The callback argument to .run_on_executor is deprecated and will
  be removed in 6.0.
- .return_future is deprecated and will be removed in 6.0.

- Some older portions of this module are deprecated and will be removed
  in 6.0. This includes .engine, .YieldPoint, .Callback,
  .Wait, .WaitAll, .MultiYieldPoint, and .Task.
- Functions decorated with @gen.coroutine will no longer accept
  callback arguments in 6.0.

- The behavior of raise_error=False is changing in 6.0. Currently
  it suppresses all errors; in 6.0 it will only suppress the errors
  raised due to completed responses with non-200 status codes.
- The callback argument to .AsyncHTTPClient.fetch is deprecated
  and will be removed in 6.0.
- tornado.httpclient.HTTPError has been renamed to
  .HTTPClientError to avoid ambiguity in code that also has to deal
  with tornado.web.HTTPError. The old name remains as an alias.
- tornado.curl_httpclient now supports non-ASCII characters in
  username and password arguments.
- .HTTPResponse.request_time now behaves consistently across
  simple_httpclient and curl_httpclient, excluding time spent
  in the max_clients queue in both cases (previously this time was
  included in simple_httpclient but excluded in
  curl_httpclient). In both cases the time is now computed using
  a monotonic clock where available.
- .HTTPResponse now has a start_time attribute recording a
  wall-clock (time.time) timestamp at which the request started
  (after leaving the max_clients queue if applicable).

- .parse_multipart_form_data now recognizes non-ASCII filenames in
  RFC 2231/5987 (filename*=) format.
- .HTTPServerRequest.write is deprecated and will be removed in 6.0. Use
  the methods of request.connection instead.
- Malformed HTTP headers are now logged less noisily.

- .PeriodicCallback now supports a jitter argument to randomly
  vary the timeout.
- .IOLoop.set_blocking_signal_threshold,
  ~.IOLoop.set_blocking_log_threshold, ~.IOLoop.log_stack,
  and .IOLoop.handle_callback_exception are deprecated and will
  be removed in 6.0.
- Fixed a KeyError in .IOLoop.close when .IOLoop objects are
  being opened and closed in multiple threads.

- All callback arguments in this module are deprecated except for
  .BaseIOStream.set_close_callback. They will be removed in 6.0.
- streaming_callback arguments to .BaseIOStream.read_bytes and
  .BaseIOStream.read_until_close are deprecated and will be removed
  in 6.0.

- Improved compatibility with GNU Hurd.

- tornado.options.parse_config_file now allows setting options to
  strings (which will be parsed the same way as
  tornado.options.parse_command_line) in addition to the specified
  type for the option.

- .TornadoReactor and .TwistedIOLoop are deprecated and will be
  removed in 6.0. Instead, Tornado will always use the asyncio event loop
  and twisted can be configured to do so as well.

- The tornado.stack_context module is deprecated and will be removed
  in 6.0.

- .AsyncHTTPTestCase.fetch now takes a raise_error argument.
  This argument has the same semantics as .AsyncHTTPClient.fetch,
  but defaults to false because tests often need to deal with non-200
  responses (and for backwards-compatibility).
- The .AsyncTestCase.stop and .AsyncTestCase.wait methods are

- New method .RequestHandler.detach can be used from methods
  that are not decorated with @asynchronous (the decorator
  was required to use self.request.connection.detach().
- .RequestHandler.finish and .RequestHandler.render now return
  Futures that can be used to wait for the last part of the
  response to be sent to the client.
- .FallbackHandler now calls on_finish for the benefit of
  subclasses that may have overridden it.
- The .asynchronous decorator is deprecated and will be removed in 6.0.
- The callback argument to .RequestHandler.flush is deprecated
  and will be removed in 6.0.

- When compression is enabled, memory limits now apply to the
  post-decompression size of the data, protecting against DoS attacks.
- .websocket_connect now supports subprotocols.
- .WebSocketHandler and .WebSocketClientConnection now have
  selected_subprotocol attributes to see the subprotocol in use.
- The .WebSocketHandler.select_subprotocol method is now called with
  an empty list instead of a list containing an empty string if no
  subprotocols were requested by the client.
- may now be a coroutine.
- The data argument to is now optional.
- Client-side websocket connections no longer buffer more than one
  message in memory at a time.
- Exception logging now uses .RequestHandler.log_exception.

- .WSGIApplication and .WSGIAdapter are deprecated and will be removed
  in Tornado 6.0.

Revision 1.25 / (download) - annotate - [select for diffs], Thu Jan 11 07:32:05 2018 UTC (5 years, 10 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.24: +3 -3 lines
Diff to previous 1.24 (colored)

py-tornado: updated to 4.5.3

What's new in Tornado 4.5.3

- Improved debug logging on Python 3.

- Content-Length and Transfer-Encoding headers are no longer
  sent with 1xx or 204 responses (this was already true of 304
- Reading chunked requests no longer leaves the connection in a broken

- Writing a memoryview can no longer result in "BufferError:
  Existing exports of data: object cannot be re-sized".

- Duplicate option names are now detected properly whether they use
  hyphens or underscores.

- .AsyncHTTPTestCase.fetch now uses instead of
  localhost, improving compatibility with systems that have
  partially-working ipv6 stacks.

- It is no longer allowed to send a body with 1xx or 204 responses.

- Requests with invalid websocket headers now get a response with
  status code 400 instead of a closed connection.

Revision 1.24 / (download) - annotate - [select for diffs], Thu Sep 7 15:20:33 2017 UTC (6 years, 3 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)

Tornado 4.5.2:
Bug Fixes
* Tornado now sets the FD_CLOEXEC flag on all file descriptors it creates. This prevents hanging client connections and resource leaks when the tornado.autoreload module (or Application(debug=True)) is used.

Revision 1.23 / (download) - annotate - [select for diffs], Sat Aug 19 13:55:20 2017 UTC (6 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored)

Re-written condition for Python < 3.5

Revision 1.22 / (download) - annotate - [select for diffs], Thu May 4 09:50:21 2017 UTC (6 years, 7 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)

What's new in Tornado 4.5

- Improved detection of libraries for colorized logging.

- `.url_concat` once again treats None as equivalent to an empty sequence.

Revision 1.21 / (download) - annotate - [select for diffs], Wed Apr 5 18:23:26 2017 UTC (6 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.20: +4 -4 lines
Diff to previous 1.20 (colored)

Changes 4.4.3:
Bug fixes
The tornado.auth module has been updated for compatibility with a change to Facebook„ŗ—‘ access_token endpoint.

Revision 1.20 / (download) - annotate - [select for diffs], Mon Feb 6 01:22:46 2017 UTC (6 years, 10 months ago) by markd
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base, pkgsrc-2017Q1
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)

python36 PLIST as for python35

Revision 1.19 / (download) - annotate - [select for diffs], Mon Oct 3 12:25:37 2016 UTC (7 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base, pkgsrc-2016Q4
Changes since 1.18: +1 -5 lines
Diff to previous 1.18 (colored)

Remove some dead code, python-3.3 is no more.

Revision 1.18 / (download) - annotate - [select for diffs], Wed Jun 8 17:43:46 2016 UTC (7 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)


Revision 1.17 / (download) - annotate - [select for diffs], Wed Dec 23 12:43:50 2015 UTC (7 years, 11 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4
Changes since 1.16: +4 -1 lines
Diff to previous 1.16 (colored)

Handle build with Python 3.5.

Revision 1.16 / (download) - annotate - [select for diffs], Thu Nov 19 01:32:30 2015 UTC (8 years ago) by wen
Branch: MAIN
Changes since 1.15: +1 -4 lines
Diff to previous 1.15 (colored)

Fix build with python34.

Spotted by:	joerg@(Thanks !)

Revision 1.15 / (download) - annotate - [select for diffs], Sun Nov 8 05:10:28 2015 UTC (8 years, 1 month ago) by wen
Branch: MAIN
Changes since 1.14: +6 -3 lines
Diff to previous 1.14 (colored)

Update to 4.3
Add missing DEPENDS

Upstream changelog is too long, please visit:

Revision 1.14 / (download) - annotate - [select for diffs], Fri Aug 28 10:42:46 2015 UTC (8 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3
Changes since 1.13: +9 -1 lines
Diff to previous 1.13 (colored)

Add missing dependency for python-2.7 and python-3.3.
Fix PLIST for python-3.3.

Revision 1.13 / (download) - annotate - [select for diffs], Sun Jul 19 10:16:12 2015 UTC (8 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)

Update to 4.2.1:

What's new in Tornado 4.2.1

Jul 17, 2015

Security fix

* This release fixes a path traversal vulnerability in `.StaticFileHandler`,
  in which files whose names *started with* the ``static_path`` directory
  but were not actually *in* that directory could be accessed.

Revision 1.12 / (download) - annotate - [select for diffs], Sun May 31 13:13:56 2015 UTC (8 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q2-base, pkgsrc-2015Q2
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)

Update to 4.2:

What's new in Tornado 4.2

May 26, 2015

Backwards-compatibility notes

* ``SSLIOStream.connect`` and `.IOStream.start_tls` now validate certificates
  by default.
* Certificate validation will now use the system CA root certificates instead
  of ``certifi`` when possible (i.e. Python 2.7.9+ or 3.4+). This includes
  `.IOStream` and ``simple_httpclient``, but not ``curl_httpclient``.
* The default SSL configuration has become stricter, using
  `ssl.create_default_context` where available on the client side.
  (On the server side, applications are encouraged to migrate from the
  ``ssl_options`` dict-based API to pass an `ssl.SSLContext` instead).
* The deprecated classes in the `tornado.auth` module, ``GoogleMixin``,
  ``FacebookMixin``, and ``FriendFeedMixin`` have been removed.

New modules: `tornado.locks` and `tornado.queues`

These modules provide classes for coordinating coroutines, merged from
`Toro <>`_.

To port your code from Toro's queues to Tornado 4.2, import `.Queue`,
`.PriorityQueue`, or `.LifoQueue` from `tornado.queues` instead of from

Use `.Queue` instead of Toro's ``JoinableQueue``. In Tornado the methods
`~.Queue.join` and `~.Queue.task_done` are available on all queues, not on a
special ``JoinableQueue``.

Tornado queues raise exceptions specific to Tornado instead of reusing
exceptions from the Python standard library.
Therefore instead of catching the standard `queue.Empty` exception from
`.Queue.get_nowait`, catch the special `tornado.queues.QueueEmpty` exception,
and instead of catching the standard `queue.Full` from `.Queue.get_nowait`,
catch `tornado.queues.QueueFull`.

To port from Toro's locks to Tornado 4.2, import `.Condition`, `.Event`,
`.Semaphore`, `.BoundedSemaphore`, or `.Lock` from `tornado.locks`
instead of from ``toro``.

Toro's ``Semaphore.wait`` allowed a coroutine to wait for the semaphore to
be unlocked *without* acquiring it. This encouraged unorthodox patterns; in
Tornado, just use `~.Semaphore.acquire`.

Toro's ``Event.wait`` raised a ``Timeout`` exception after a timeout. In
Tornado, `.Event.wait` raises `tornado.gen.TimeoutError`.

Toro's ``Condition.wait`` also raised ``Timeout``, but in Tornado, the `.Future`
returned by `.Condition.wait` resolves to False after a timeout::

    def await_notification():
        if not (yield condition.wait(timeout=timedelta(seconds=1))):
            print('timed out')
            print('condition is true')

In lock and queue methods, wherever Toro accepted ``deadline`` as a keyword
argument, Tornado names the argument ``timeout`` instead.

Toro's ``AsyncResult`` is not merged into Tornado, nor its exceptions
``NotReady`` and ``AlreadySet``. Use a `.Future` instead. If you wrote code like

    from tornado import gen
    import toro

    result = toro.AsyncResult()

    def setter():

    def getter():
        value = yield result.get()
        print(value)  # Prints "1".

Then the Tornado equivalent is::

    from tornado import gen
    from tornado.concurrent import Future

    result = Future()

    def setter():

    def getter():
        value = yield result
        print(value)  # Prints "1".


* Improved compatibility with Windows.
* Fixed a bug in Python 3 if a module was imported during a reload check.


* `.run_on_executor` now accepts arguments to control which attributes
  it uses to find the `.IOLoop` and executor.


* Fixed a bug that would cause the client to stop processing requests
  if an exception occurred in certain places while there is a queue.


* `.xhtml_escape` now supports numeric character references in hex
  format (``&#x20;``)


* `.WaitIterator` no longer uses weak references, which fixes several
  garbage-collection-related bugs.
* `tornado.gen.Multi` and `tornado.gen.multi_future` (which are used when
  yielding a list or dict in a coroutine) now log any exceptions after the
  first if more than one `.Future` fails (previously they would be logged
  when the `.Future` was garbage-collected, but this is more reliable).
  Both have a new keyword argument ``quiet_exceptions`` to suppress
  logging of certain exception types; to use this argument you must
  call ``Multi`` or ``multi_future`` directly instead of simply yielding
  a list.
* `.multi_future` now works when given multiple copies of the same `.Future`.
* On Python 3, catching an exception in a coroutine no longer leads to
  leaks via ``Exception.__context__``.


* The ``raise_error`` argument now works correctly with the synchronous
* The synchronous `.HTTPClient` no longer interferes with `.IOLoop.current()`.


* `.HTTPServer` is now a subclass of `tornado.util.Configurable`.


* `.HTTPHeaders` can now be copied with `copy.copy` and `copy.deepcopy`.


* The `.IOLoop` constructor now has a ``make_current`` keyword argument
  to control whether the new `.IOLoop` becomes `.IOLoop.current()`.
* Third-party implementations of `.IOLoop` should accept ``**kwargs``
  in their `~.IOLoop.initialize` methods and pass them to the superclass
* `.PeriodicCallback` is now more efficient when the clock jumps forward
  by a large amount.


* ``SSLIOStream.connect`` and `.IOStream.start_tls` now validate certificates
  by default.
* New method `.SSLIOStream.wait_for_handshake` allows server-side applications
  to wait for the handshake to complete in order to verify client certificates
  or use NPN/ALPN.
* The `.Future` returned by ``SSLIOStream.connect`` now resolves after the
  handshake is complete instead of as soon as the TCP connection is
* Reduced logging of SSL errors.
* `.BaseIOStream.read_until_close` now works correctly when a
  ``streaming_callback`` is given but ``callback`` is None (i.e. when
  it returns a `.Future`)


* New method `.GettextLocale.pgettext` allows additional context to be
  supplied for gettext translations.


* `.define_logging_options` now works correctly when given a non-default
  ``options`` object.


* New method `.Subprocess.wait_for_exit` is a coroutine-friendly
  version of `.Subprocess.set_exit_callback`.


* Improved performance on Python 3 by reusing a single `ssl.SSLContext`.
* New constructor argument ``max_body_size`` controls the maximum response
  size the client is willing to accept. It may be bigger than
  ``max_buffer_size`` if ``streaming_callback`` is used.


* `.TCPServer.handle_stream` may be a coroutine (so that any exceptions
  it raises will be logged).


* `.import_object` now supports unicode strings on Python 2.
* `.Configurable.initialize` now supports positional arguments.


* Key versioning support for cookie signing. ``cookie_secret`` application
  setting can now contain a dict of valid keys with version as key. The
  current signing key then must be specified via ``key_version`` setting.
* Parsing of the ``If-None-Match`` header now follows the RFC and supports
  weak validators.
* Passing ``secure=False`` or ``httponly=False`` to
  `.RequestHandler.set_cookie` now works as expected (previously only the
  presence of the argument was considered and its value was ignored).
* `.RequestHandler.get_arguments` now requires that its ``strip`` argument
  be of type bool. This helps prevent errors caused by the slightly dissimilar
  interfaces between the singular and plural methods.
* Errors raised in ``_handle_request_exception`` are now logged more reliably.
* `.RequestHandler.redirect` now works correctly when called from a handler
  whose path begins with two slashes.
* Passing messages containing ``%`` characters to `tornado.web.HTTPError`
  no longer causes broken error messages.


* The ``on_close`` method will no longer be called more than once.
* When the other side closes a connection, we now echo the received close
  code back instead of sending an empty close frame.

Revision 1.11 / (download) - annotate - [select for diffs], Tue Apr 14 11:40:32 2015 UTC (8 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

Remove more references to python-2.6.

Revision 1.10 / (download) - annotate - [select for diffs], Sun Feb 8 16:31:48 2015 UTC (8 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base, pkgsrc-2015Q1
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)

Update to 4.1:


    If a Future contains an exception but that exception is never
    examined or re-raised (e.g. by yielding the Future), a stack
    trace will be logged when the Future is garbage-collected.
    New class tornado.gen.WaitIterator provides a way to iterate
    over Futures in the order they resolve.
    The tornado.websocket module now supports compression via the
    „—ermessage-deflateextension. Override
    WebSocketHandler.get_compression_options to enable on the server
    side, and use the compression_options keyword argument to
    websocket_connect on the client side.
    When the appropriate packages are installed, it is possible to
    yield asyncio.Future or Twisted Defered objects in Tornado

Backwards-compatibility notes

    HTTPServer now calls start_request with the correct arguments.
    This change is backwards-incompatible, afffecting any application
    which implemented HTTPServerConnectionDelegate by following
    the example of Application instead of the documented method


    If a Future contains an exception but that exception is never
    examined or re-raised (e.g. by yielding the Future), a stack
    trace will be logged when the Future is garbage-collected.
    Future now catches and logs exceptions in its callbacks.


    tornado.curl_httpclient now supports request bodies for PATCH
    and custom methods.
    tornado.curl_httpclient now supports resubmitting bodies after
    following redirects for methods other than POST.
    curl_httpclient now runs the streaming and header callbacks on
    the IOLoop.
    tornado.curl_httpclient now uses its own logger for debug output
    so it can be filtered more easily.


    New class tornado.gen.WaitIterator provides a way to iterate
    over Futures in the order they resolve.
    When the singledispatch library is available (standard on Python
    3.4, available via pip install singledispatch on older versions),
    the convert_yielded function can be used to make other kinds
    of objects yieldable in coroutines.
    New function tornado.gen.sleep is a coroutine-friendly analogue
    to time.sleep.
    gen.engine now correctly captures the stack context for its


    tornado.httpclient.HTTPRequest accepts a new argument
    raise_error=False to suppress the default behavior of raising
    an error for non-200 response codes.


    HTTPServer now calls start_request with the correct arguments.
    This change is backwards-incompatible, afffecting any application
    which implemented HTTPServerConnectionDelegate by following
    the example of Application instead of the documented method
    HTTPServer now tolerates extra newlines which are sometimes
    inserted between requests on keep-alive connections.
    HTTPServer can now use keep-alive connections after a request
    with a chunked body.
    HTTPServer now always reports HTTP/1.1 instead of echoing the
    request version.


    New function tornado.httputil.split_host_and_port for parsing
    the netloc portion of URLs.
    The context argument to HTTPServerRequest is now optional, and
    if a context is supplied the remote_ip attribute is also
    HTTPServerRequest.body is now always a byte string (previously
    the default empty body would be a unicode string on python 3).
    Header parsing now works correctly when newline-like unicode
    characters are present.
    Header parsing again supports both CRLF and bare LF line
    Malformed multipart/form-data bodies will always be logged
    quietly instead of raising an unhandled exception; previously
    the behavior was inconsistent depending on the exact error.


    The kqueue and select IOLoop implementations now report
    writeability correctly, fixing flow control in IOStream.
    When a new IOLoop is created, it automatically becomes „ńurrent    for the thread if there is not already a current instance.
    New method PeriodicCallback.is_running can be used to see
    whether the PeriodicCallback has been started.


    IOStream.start_tls now uses the server_hostname parameter for
    certificate validation.
    SSLIOStream will no longer consume 100% CPU after certain error
    SSLIOStream no longer logs EBADF errors during the handshake
    as they can result from nmap scans in certain modes.


    parse_config_file now always decodes the config file as utf8
    on Python 3.
    tornado.options.define more accurately finds the module defining
    the option.


    It is now possible to yield asyncio.Future objects in coroutines
    when the singledispatch library is available and
    tornado.platform.asyncio has been imported.
    New methods tornado.platform.asyncio.to_tornado_future and
    to_asyncio_future convert between the two librariesFuture


    It is now possible to yield Deferred objects in coroutines when
    the singledispatch library is available and tornado.platform.twisted
    has been imported.


    TCPClient will no longer raise an exception due to an ill-timed


    TCPServer no longer ignores its read_chunk_size argument.


    AsyncTestCase has better support for multiple exceptions.
    Previously it would silently swallow all but the last; now it
    raises the first and logs all the rest.
    AsyncTestCase now cleans up Subprocess state on tearDown when


    The asynchronous decorator now understands concurrent.futures.Future
    in addition to tornado.concurrent.Future.
    StaticFileHandler no longer logs a stack trace if the connection
    is closed while sending the file.
    RequestHandler.send_error now supports a reason keyword argument,
    similar to tornado.web.HTTPError.
    RequestHandler.locale now has a property setter.
    Application.add_handlers hostname matching now works correctly
    with IPv6 literals.
    Redirects for the Application default_host setting now match
    the request protocol instead of redirecting HTTPS to HTTP.
    Malformed _xsrf cookies are now ignored instead of causing
    uncaught exceptions.
    Application.start_request now has the same signature as


    The tornado.websocket module now supports compression via the
    „—ermessage-deflateextension. Override
    WebSocketHandler.get_compression_options to enable on the server
    side, and use the compression_options keyword argument to
    websocket_connect on the client side.
    WebSocketHandler no longer logs stack traces when the connection
    is closed. now accepts *args, **kw for consistency
    with RequestHandler.get and related methods.
    The Sec-WebSocket-Version header now includes all supported
    websocket_connect now has a on_message_callback keyword argument
    for callback-style use without read_message().

Revision 1.9 / (download) - annotate - [select for diffs], Sun Sep 14 17:58:25 2014 UTC (9 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base, pkgsrc-2014Q4, pkgsrc-2014Q3-base, pkgsrc-2014Q3
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored)

Update to 4.0.2:

Bug fixes

* Fixed a bug that could sometimes cause a timeout to fire after being
* `.AsyncTestCase` once again passes along arguments to test methods,
  making it compatible with extensions such as Nose's test generators.
* `.StaticFileHandler` can again compress its responses when gzip is enabled.
* ``simple_httpclient`` passes its ``max_buffer_size`` argument to the
  underlying stream.
* Fixed a reference cycle that can lead to increased memory consumption.
* `.add_accept_handler` will now limit the number of times it will call
  `~socket.socket.accept` per `.IOLoop` iteration, addressing a potential
  starvation issue.
* Improved error handling in `.IOStream.connect` (primarily for FreeBSD

Revision 1.8 / (download) - annotate - [select for diffs], Sun Aug 17 17:41:53 2014 UTC (9 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)

Update to 4.0.1:

    The build will now fall back to pure-python mode if the C
    extension fails to build for any reason (previously it would
    fall back for some errors but not others).
    IOLoop.call_at and IOLoop.call_later now always return a timeout
    handle for use with IOLoop.remove_timeout.
    If any callback of a PeriodicCallback or IOStream returns a
    Future, any error raised in that future will now be logged
    (similar to the behavior of IOLoop.add_callback).
    Fixed an exception in client-side websocket connections when
    the connection is closed.
    simple_httpclient once again correctly handles 204 status codes with no content-length header.
    Fixed a regression in simple_httpclient that would result in
    timeouts for certain kinds of errors.

Revision 1.7 / (download) - annotate - [select for diffs], Tue Jul 22 12:41:28 2014 UTC (9 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.6: +4 -2 lines
Diff to previous 1.6 (colored)

Update to 4.0. Add py-curl dependency for curl_httpclient.


    The tornado.web.stream_request_body decorator allows large
    files to be uploaded with limited memory usage.
    Coroutines are now faster and are used extensively throughout
    Tornado itself. More methods now return Futures, including most
    IOStream methods and RequestHandler.flush.
    Many user-overridden methods are now allowed to return a Future
    for flow control.
    HTTP-related code is now shared between the tornado.httpserver,
    tornado.simple_httpclient and tornado.wsgi modules, making
    support for features such as chunked and gzip encoding more
    consistent. HTTPServer now uses new delegate interfaces defined
    in tornado.httputil in addition to its old single-callback
    New module tornado.tcpclient creates TCP connections with
    non-blocking DNS, SSL handshaking, and support for IPv6.

Backwards-compatibility notes

    tornado.concurrent.Future is no longer thread-safe; use
    concurrent.futures.Future when thread-safety is needed.
    Tornado now depends on the certifi package instead of bundling
    its own copy of the Mozilla CA list. This will be installed
    automatically when using pip or easy_install.
    This version includes the changes to the secure cookie format
    first introduced in version 3.2.1, and the xsrf token change
    in version 3.2.2. If you are upgrading from an earlier version,
    see those versions' release notes.
    WebSocket connections from other origin sites are now rejected
    by default. To accept cross-origin websocket connections,
    override the new method WebSocketHandler.check_origin.
    WebSocketHandler no longer supports the old draft 76 protocol
    (this mainly affects Safari 5.x browsers). Applications should
    use non-websocket workarounds for these browsers.
    Authors of alternative IOLoop implementations should see the
    changes to IOLoop.add_handler in this release.
    The RequestHandler.async_callback and WebSocketHandler.async_callback
    wrapper functions have been removed; they have been obsolete
    for a long time due to stack contexts (and more recently
    curl_httpclient now requires a minimum of libcurl version 7.21.1
    and pycurl 7.18.2.
    Support for RequestHandler.get_error_html has been removed;
    override RequestHandler.write_error instead.

Revision 1.6 / (download) - annotate - [select for diffs], Mon Jun 9 12:33:43 2014 UTC (9 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q2-base, pkgsrc-2014Q2
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)

Update to 3.2.2:

Security fixes

* The XSRF token is now encoded with a random mask on each request.
  This makes it safe to include in compressed pages without being
  vulnerable to the `BREACH attack <>`_.
  This applies to most applications that use both the ``xsrf_cookies``
  and ``gzip`` options (or have gzip applied by a proxy).

Backwards-compatibility notes

* If Tornado 3.2.2 is run at the same time as older versions on the same
  domain, there is some potential for issues with the differing cookie
  versions.  The `.Application` setting ``xsrf_cookie_version=1`` can
  be used for a transitional period to generate the older cookie format
  on newer servers.

Other changes

* ``tornado.platform.asyncio`` is now compatible with ``trollius`` version 0.3.

Revision 1.5 / (download) - annotate - [select for diffs], Tue May 13 13:20:58 2014 UTC (9 years, 6 months ago) by imil
Branch: MAIN
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)

Updated to version 3.2.1

Security fixes

    The signed-value format used by RequestHandler.set_secure_cookie and
    RequestHandler.get_secure_cookie has changed to be more secure. This is a
    disruptive change. The secure_cookie functions take new version parameters
    to support transitions between cookie formats.
    The new cookie format fixes a vulnerability that may be present in
    applications that use multiple cookies where the name of one cookie is a
    prefix of the name of another.
    To minimize disruption, cookies in the older format will be accepted by
    default until they expire. Applications that may be vulnerable can reject
    all cookies in the older format by passing min_version=2 to
    Thanks to Joost Pol of Certified Secure for reporting this issue.

Backwards-compatibility notes

    Signed cookies issued by RequestHandler.set_secure_cookie in Tornado 3.2.1
    cannot be read by older releases. If you need to run 3.2.1 in parallel with
    older releases, you can pass version=1 to RequestHandler.set_secure_cookie
    to issue cookies that are backwards-compatible (but have a known weakness,
    so this option should only be used for a transitional period).

Other changes

    The C extension used to speed up the websocket module now compiles
    correctly on Windows with MSVC and 64-bit mode. The fallback to the
    pure-Python alternative now works correctly on Mac OS X machines with no C
    compiler installed.

Revision 1.4 / (download) - annotate - [select for diffs], Mon Jan 27 19:58:50 2014 UTC (9 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.3: +1 -3 lines
Diff to previous 1.3 (colored)


Revision 1.3 / (download) - annotate - [select for diffs], Mon Jan 27 19:58:33 2014 UTC (9 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.2: +8 -3 lines
Diff to previous 1.2 (colored)

Update to 3.2.

What's new in Tornado 3.2

Jan 14, 2014

* Tornado now depends on the `backports.ssl_match_hostname
  <>`_ when
  running on Python 2.  This will be installed automatically when using ``pip``
  or ``easy_install``
* Tornado now includes an optional C extension module, which greatly improves
  performance of websockets.  This extension will be built automatically
  if a C compiler is found at install time.

New modules

* The `tornado.platform.asyncio` module provides integration with the
  ``asyncio`` module introduced in Python 3.4 (also available for Python
  3.3 with ``pip install asyncio``).


* Added `.GoogleOAuth2Mixin` support authentication to Google services
  with OAuth 2 instead of OpenID and OAuth 1.
* `.FacebookGraphMixin` has been updated to use the current Facebook login
  URL, which saves a redirect.


* `.TracebackFuture` now accepts a ``timeout`` keyword argument (although
  it is still incorrect to use a non-zero timeout in non-blocking code).


* ``tornado.curl_httpclient`` now works on Python 3 with the
  soon-to-be-released pycurl 7.19.3, which will officially support
  Python 3 for the first time.  Note that there are some unofficial
  Python 3 ports of pycurl (Ubuntu has included one for its past
  several releases); these are not supported for use with Tornado.


* `.xhtml_escape` now escapes apostrophes as well.
* `tornado.escape.utf8`, `.to_unicode`, and `.native_str` now raise
  `TypeError` instead of `AssertionError` when given an invalid value.


* Coroutines may now yield dicts in addition to lists to wait for
  multiple tasks in parallel.
* Improved performance of `tornado.gen` when yielding a `.Future` that is
  already done.


* `tornado.httpclient.HTTPRequest` now uses property setters so that
  setting attributes after construction applies the same conversions
  as ``__init__`` (e.g. converting the body attribute to bytes).


* Malformed ``x-www-form-urlencoded`` request bodies will now log a warning
  and continue instead of causing the request to fail (similar to the existing
  handling of malformed ``multipart/form-data`` bodies.  This is done mainly
  because some libraries send this content type by default even when the data
  is not form-encoded.
* Fix some error messages for unix sockets (and other non-IP sockets)


* `.IOLoop` now uses `~.IOLoop.handle_callback_exception` consistently for
  error logging.
* `.IOLoop` now frees callback objects earlier, reducing memory usage
  while idle.
* `.IOLoop` will no longer call `logging.basicConfig` if there is a handler
  defined for the root logger or for the ``tornado`` or ``tornado.application``
  loggers (previously it only looked at the root logger).


* `.IOStream` now recognizes ``ECONNABORTED`` error codes in more places
  (which was mainly an issue on Windows).
* `.IOStream` now frees memory earlier if a connection is closed while
  there is data in the write buffer.
* `.PipeIOStream` now handles ``EAGAIN`` error codes correctly.
* `.SSLIOStream` now initiates the SSL handshake automatically without
  waiting for the application to try and read or write to the connection.
* Swallow a spurious exception from ``set_nodelay`` when a connection
  has been reset.


* `.Locale.format_date` no longer forces the use of absolute
  dates in Russian.


* Fix an error from `tornado.log.enable_pretty_logging` when
  `sys.stderr` does not have an ``isatty`` method.
* `tornado.log.LogFormatter` now accepts keyword arguments ``fmt``
  and ``datefmt``.


* `.is_valid_ip` (and therefore ``HTTPRequest.remote_ip``) now rejects
  empty strings.
* Synchronously using `.ThreadedResolver` at import time to resolve
  a unicode hostname no longer deadlocks.


* `.TwistedResolver` now has better error handling.


* `.Subprocess` no longer leaks file descriptors if `subprocess.Popen` fails.


* ``simple_httpclient`` now applies the ``connect_timeout`` to requests
  that are queued and have not yet started.
* On Python 2.6, ``simple_httpclient`` now uses TLSv1 instead of SSLv3.
* ``simple_httpclient`` now enforces the connect timeout during DNS resolution.
* The embedded ``ca-certificates.crt`` file has been updated with the current
  Mozilla CA list.


* `.StaticFileHandler` no longer fails if the client requests a ``Range`` that
  is larger than the entire file (Facebook has a crawler that does this).
* `.RequestHandler.on_connection_close` now works correctly on subsequent
  requests of a keep-alive connection.
* New application setting ``default_handler_class`` can be used to easily
  set up custom 404 pages.
* New application settings ``autoreload``, ``compiled_template_cache``,
  ``static_hash_cache``, and ``serve_traceback`` can be used to control
  individual aspects of debug mode.
* New methods `.RequestHandler.get_query_argument` and
  `.RequestHandler.get_body_argument` and new attributes
  `.HTTPRequest.query_arguments` and `.HTTPRequest.body_arguments` allow access
  to arguments without intermingling those from the query string with those
  from the request body.
* `.RequestHandler.decode_argument` and related methods now raise
  an ``HTTPError(400)`` instead of `UnicodeDecodeError` when the
  argument could not be decoded.
* `.RequestHandler.clear_all_cookies` now accepts ``domain`` and ``path``
  arguments, just like `~.RequestHandler.clear_cookie`.
* It is now possible to specify handlers by name when using the `.URLSpec`
* `.Application` now accepts 4-tuples to specify the ``name`` parameter
  (which previously required constructing a `.URLSpec` object instead of
  a tuple).
* Fixed an incorrect error message when handler methods return a value
  other than None or a Future.
* Exceptions will no longer be logged twice when using both ``@asynchronous``
  and ``@gen.coroutine``


* `.WebSocketHandler.write_message` now raises `.WebSocketClosedError` instead
  of `AttributeError` when the connection has been closed.
* `.websocket_connect` now accepts preconstructed ``HTTPRequest`` objects.
* Fix a bug with `.WebSocketHandler` when used with some proxies that
  unconditionally modify the ``Connection`` header.
* `.websocket_connect` now returns an error immediately for refused connections
  instead of waiting for the timeout.
* `.WebSocketClientConnection` now has a ``close`` method.


* `.WSGIContainer` now calls the iterable's ``close()`` method even if
  an error is raised, in compliance with the spec.

Revision 1.2 / (download) - annotate - [select for diffs], Thu May 2 07:53:02 2013 UTC (10 years, 7 months ago) by wen
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3, pkgsrc-2013Q2-base, pkgsrc-2013Q2
Changes since 1.1: +6 -5 lines
Diff to previous 1.1 (colored)

Update to 3.0.1
Add test target

Upstream changes:
Apr 8, 2013
The interface of tornado.auth.FacebookGraphMixin is now consistent with its documentation and the rest of the module. The get_authenticated_user and facebook_request methods return a Future and the callback argument is optional.
The tornado.testing.gen_test decorator will no longer be recognized as a (broken) test by nose.
Work around a bug in Ubuntu 13.04 betas involving an incomplete backport of the ssl.match_hostname function.
tornado.websocket.websocket_connect now fails cleanly when it attempts to connect to a non-websocket url.
tornado.testing.LogTrapTestCase once again works with byte strings on Python 2.
The request attribute of tornado.httpclient.HTTPResponse is now always an ~tornado.httpclient.HTTPRequest, never a _RequestProxy.
Exceptions raised by the tornado.gen module now have better messages when tuples are used as callback keys.

Mar 29, 2013

The callback argument to many asynchronous methods is now optional, and these methods return a .Future. The tornado.gen module now understands Futures, and these methods can be used directly without a .gen.Task wrapper.
New function .IOLoop.current returns the .IOLoop that is running on the current thread (as opposed to .IOLoop.instance, which returns a specific thread's (usually the main thread's) IOLoop.
New class tornado.netutil.Resolver provides an asynchronous interface to DNS resolution. The default implementation is still blocking, but non-blocking implementations are available using one of three optional dependencies: ~tornado.netutil.ThreadedResolver using the concurrent.futures thread pool, tornado.platform.caresresolver.CaresResolver using the pycares library, or tornado.platform.twisted.TwistedResolver using twisted
Tornado's logging is now less noisy, and it no longer goes directly to the root logger, allowing for finer-grained configuration.
New class tornado.process.Subprocess wraps subprocess.Popen with .PipeIOStream access to the child's file descriptors.
.IOLoop now has a static configure <.Configurable.configure> method like the one on .AsyncHTTPClient, which can be used to select an .IOLoop implementation other than the default.
.IOLoop can now optionally use a monotonic clock if available (see below for more details).
Backwards-incompatible changes

Python 2.5 is no longer supported. Python 3 is now supported in a single codebase instead of using 2to3
The tornado.database module has been removed. It is now available as a separate package, torndb
Functions that take an io_loop parameter now default to .IOLoop.current() instead of .IOLoop.instance().
Empty HTTP request arguments are no longer ignored. This applies to HTTPRequest.arguments and RequestHandler.get_argument[s] in WSGI and non-WSGI modes.
On Python 3, tornado.escape.json_encode no longer accepts byte strings.
On Python 3, the get_authenticated_user methods in tornado.auth now return character strings instead of byte strings.
tornado.netutil.TCPServer has moved to its own module, tornado.tcpserver.
The Tornado test suite now requires unittest2 when run on Python 2.6.
tornado.options.options is no longer a subclass of dict; attribute-style access is now required.
Detailed changes by module

Multiple modules

Tornado no longer logs to the root logger. Details on the new logging scheme can be found under the tornado.log module. Note that in some cases this will require that you add an explicit logging configuration in order to see any output (perhaps just calling logging.basicConfig()), although both .IOLoop.start() and tornado.options.parse_command_line will do this for you.
On python 3.2+, methods that take an ssl_options argument (on .SSLIOStream, .TCPServer, and .HTTPServer) now accept either a dictionary of options or an ssl.SSLContext object.
New optional dependency on concurrent.futures to provide better support for working with threads. concurrent.futures is in the standard library for Python 3.2+, and can be installed on older versions with pip install futures.

tornado.autoreload is now more reliable when there are errors at import time.
Calling tornado.autoreload.start (or creating an .Application with debug=True) twice on the same .IOLoop now does nothing (instead of creating multiple periodic callbacks). Starting autoreload on more than one .IOLoop in the same process now logs a warning.
Scripts run by autoreload no longer inherit __future__ imports used by Tornado.

On Python 3, the get_authenticated_user method family now returns character strings instead of byte strings.
Asynchronous methods defined in tornado.auth now return a .Future, and their callback argument is optional. The Future interface is preferred as it offers better error handling (the previous interface just logged a warning and returned None).
The tornado.auth mixin classes now define a method get_auth_http_client, which can be overridden to use a non-default .AsyncHTTPClient instance (e.g. to use a different .IOLoop)
Subclasses of .OAuthMixin are encouraged to override .OAuthMixin._oauth_get_user_future instead of _oauth_get_user, although both methods are still supported.

New module tornado.concurrent contains code to support working with concurrent.futures, or to emulate future-based interface when that module is not available.

Preliminary support for tornado.curl_httpclient on Python 3. The latest official release of pycurl only supports Python 2, but Ubuntu has a port available in 12.10 (apt-get install python3-pycurl). This port currently has bugs that prevent it from handling arbitrary binary data but it should work for textual (utf8) resources.
Fix a crash with libcurl 7.29.0 if a curl object is created and closed without being used.

On Python 3, ~tornado.escape.json_encode no longer accepts byte strings. This mirrors the behavior of the underlying json module. Python 2 behavior is unchanged but should be faster.

New decorator @gen.coroutine is available as an alternative to @gen.engine. It automatically returns a .Future, and within the function instead of calling a callback you return a value with raise gen.Return(value) (or simply return value in Python 3.3).
Generators may now yield .Future objects.
Callbacks produced by .gen.Callback and .gen.Task are now automatically stack-context-wrapped, to minimize the risk of context leaks when used with asynchronous functions that don't do their own wrapping.
Fixed a memory leak involving generators, .RequestHandler.flush, and clients closing connections while output is being written.
Yielding a large list no longer has quadratic performance.

.AsyncHTTPClient.fetch now returns a .Future and its callback argument is optional. When the future interface is used, any error will be raised automatically, as if .HTTPResponse.rethrow was called.
.AsyncHTTPClient.configure and all .AsyncHTTPClient constructors now take a defaults keyword argument. This argument should be a dictionary, and its values will be used in place of corresponding attributes of ~tornado.httpclient.HTTPRequest that are not set.
All unset attributes of tornado.httpclient.HTTPRequest are now None. The default values of some attributes (connect_timeout, request_timeout, follow_redirects, max_redirects, use_gzip, proxy_password, allow_nonstandard_methods, and validate_cert have been moved from ~tornado.httpclient.HTTPRequest to the client implementations.
The max_clients argument to .AsyncHTTPClient is now a keyword-only argument.
Keyword arguments to .AsyncHTTPClient.configure are no longer used when instantiating an implementation subclass directly.
Secondary .AsyncHTTPClient callbacks (streaming_callback, header_callback, and prepare_curl_callback) now respect .StackContext.

.HTTPServer no longer logs an error when it is unable to read a second request from an HTTP 1.1 keep-alive connection.
.HTTPServer now takes a protocol keyword argument which can be set to https if the server is behind an SSL-decoding proxy that does not set any supported X-headers.
tornado.httpserver.HTTPConnection now has a set_close_callback method that should be used instead of reaching into its stream attribute.
Empty HTTP request arguments are no longer ignored. This applies to HTTPRequest.arguments and RequestHandler.get_argument[s] in WSGI and non-WSGI modes.

New function .IOLoop.current returns the IOLoop that is running on the current thread (as opposed to .IOLoop.instance, which returns a specific thread's (usually the main thread's) IOLoop).
New method .IOLoop.add_future to run a callback on the IOLoop when an asynchronous .Future finishes.
.IOLoop now has a static configure <.Configurable.configure> method like the one on .AsyncHTTPClient, which can be used to select an .IOLoop implementation other than the default.
The .IOLoop poller implementations (select, epoll, kqueue) are now available as distinct subclasses of .IOLoop. Instantiating .IOLoop will continue to automatically choose the best available implementation.
The .IOLoop constructor has a new keyword argument time_func, which can be used to set the time function used when scheduling callbacks. This is most useful with the time.monotonic function, introduced in Python 3.3 and backported to older versions via the monotime module. Using a monotonic clock here avoids problems when the system clock is changed.
New function .IOLoop.time returns the current time according to the IOLoop. To use the new monotonic clock functionality, all calls to .IOLoop.add_timeout must be either pass a datetime.timedelta or a time relative to .IOLoop.time, not time.time. (time.time will continue to work only as long as the IOLoop's time_func argument is not used).
New convenience method .IOLoop.run_sync can be used to start an IOLoop just long enough to run a single coroutine.
New method .IOLoop.add_callback_from_signal is safe to use in a signal handler (the regular .add_callback method may deadlock).
.IOLoop now uses signal.set_wakeup_fd where available (Python 2.6+ on Unix) to avoid a race condition that could result in Python signal handlers being delayed.
Method IOLoop.running() has been removed.
.IOLoop has been refactored to better support subclassing.
.IOLoop.add_callback and .add_callback_from_signal now take *args, **kwargs to pass along to the callback.

.IOStream.connect now has an optional server_hostname argument which will be used for SSL certificate validation when applicable. Additionally, when supported (on Python 3.2+), this hostname will be sent via SNI (and this is supported by tornado.simple_httpclient)
Much of .IOStream has been refactored into a separate class .BaseIOStream.
New class tornado.iostream.PipeIOStream provides the IOStream interface on pipe file descriptors.
.IOStream now raises a new exception tornado.iostream.StreamClosedError when you attempt to read or write after the stream has been closed (by either side).
.IOStream now simply closes the connection when it gets an ECONNRESET error, rather than logging it as an error.
IOStream.error no longer picks up unrelated exceptions.
.BaseIOStream.close now has an exc_info argument (similar to the one used in the logging module) that can be used to set the stream's error attribute when closing it.
.BaseIOStream.read_until_close now works correctly when it is called while there is buffered data.
Fixed a major performance regression when run on PyPy (introduced in Tornado 2.3).

New module containing .enable_pretty_logging and .LogFormatter, moved from the options module.
.LogFormatter now handles non-ascii data in messages and tracebacks better.

New class tornado.netutil.Resolver provides an asynchronous interface to DNS resolution. The default implementation is still blocking, but non-blocking implementations are available using one of three optional dependencies: ~tornado.netutil.ThreadedResolver using the concurrent.futures thread pool, tornado.platform.caresresolver.CaresResolver using the pycares library, or tornado.platform.twisted.TwistedResolver using twisted
New function tornado.netutil.is_valid_ip returns true if a given string is a valid IP (v4 or v6) address.
tornado.netutil.bind_sockets has a new flags argument that can be used to pass additional flags to getaddrinfo.
tornado.netutil.bind_sockets no longer sets AI_ADDRCONFIG; this will cause it to bind to both ipv4 and ipv6 more often than before.
tornado.netutil.bind_sockets now works when Python was compiled with --disable-ipv6 but IPv6 DNS resolution is available on the system.
tornado.netutil.TCPServer has moved to its own module, tornado.tcpserver.

The class underlying the functions in tornado.options is now public (tornado.options.OptionParser). This can be used to create multiple independent option sets, such as for subcommands.
tornado.options.parse_config_file now configures logging automatically by default, in the same way that ~tornado.options.parse_command_line does.
New function tornado.options.add_parse_callback schedules a callback to be run after the command line or config file has been parsed. The keyword argument final=False can be used on either parsing function to supress these callbacks.
tornado.options.define now takes a callback argument. This callback will be run with the new value whenever the option is changed. This is especially useful for options that set other options, such as by reading from a config file.
tornado.options.parse_command_line --help output now goes to stderr rather than stdout.
tornado.options.options is no longer a subclass of dict; attribute-style access is now required.
tornado.options.options (and .OptionParser instances generally) now have a .mockable() method that returns a wrapper object compatible with mock.patch <unittest.mock.patch>.
Function tornado.options.enable_pretty_logging has been moved to the tornado.log module.

New module containing an asynchronous implementation of the .Resolver interface, using the pycares library.

New class tornado.platform.twisted.TwistedIOLoop allows Tornado code to be run on the Twisted reactor (as opposed to the existing .TornadoReactor, which bridges the gap in the other direction).
New class tornado.platform.twisted.TwistedResolver is an asynchronous implementation of the .Resolver interface.

New class tornado.process.Subprocess wraps subprocess.Popen with .PipeIOStream access to the child's file descriptors.

SimpleAsyncHTTPClient now takes a resolver keyword argument (which may be passed to either the constructor or configure <.Configurable.configure>), to allow it to use the new non-blocking tornado.netutil.Resolver.
When following redirects, SimpleAsyncHTTPClient now treats a 302 response code the same as a 303. This is contrary to the HTTP spec but consistent with all browsers and other major HTTP clients (including CurlAsyncHTTPClient).
The behavior of header_callback with SimpleAsyncHTTPClient has changed and is now the same as that of CurlAsyncHTTPClient. The header callback now receives the first line of the response (e.g. HTTP/1.0 200 OK) and the final empty line.
tornado.simple_httpclient now accepts responses with a 304 status code that include a Content-Length header.
Fixed a bug in which SimpleAsyncHTTPClient callbacks were being run in the client's stack_context.

.stack_context.wrap now runs the wrapped callback in a more consistent environment by recreating contexts even if they already exist on the stack.
Fixed a bug in which stack contexts could leak from one callback chain to another.
Yield statements inside a with statement can cause stack contexts to become inconsistent; an exception will now be raised when this case is detected.

Errors while rendering templates no longer log the generated code, since the enhanced stack traces (from version 2.1) should make this unnecessary.
The {% apply %} directive now works properly with functions that return both unicode strings and byte strings (previously only byte strings were supported).
Code in templates is no longer affected by Tornado's __future__ imports (which previously included absolute_import and division).

New function tornado.testing.bind_unused_port both chooses a port and binds a socket to it, so there is no risk of another process using the same port. get_unused_port is now deprecated.
New decorator tornado.testing.gen_test can be used to allow for yielding tornado.gen objects in tests, as an alternative to the stop and wait methods of .AsyncTestCase.
tornado.testing.AsyncTestCase and friends now extend unittest2.TestCase when it is available (and continue to use the standard unittest module when unittest2 is not available)
tornado.testing.ExpectLog can be used as a finer-grained alternative to tornado.testing.LogTrapTestCase
The command-line interface to tornado.testing.main now supports additional arguments from the underlying unittest module: verbose, quiet, failfast, catch, buffer.
The deprecated --autoreload option of tornado.testing.main has been removed. Use python -m tornado.autoreload as a prefix command instead.
The --httpclient option of tornado.testing.main has been moved to tornado.test.runtests so as not to pollute the application option namespace. The tornado.options module's new callback support now makes it easy to add options from a wrapper script instead of putting all possible options in tornado.testing.main.
.AsyncHTTPTestCase no longer calls .AsyncHTTPClient.close for tests that use the singleton .IOLoop.instance.
.LogTrapTestCase no longer fails when run in unknown logging configurations. This allows tests to be run under nose, which does its own log buffering (.LogTrapTestCase doesn't do anything useful in this case, but at least it doesn't break things any more).

tornado.util.b (which was only intended for internal use) is gone.

.RequestHandler.set_header now overwrites previous header values case-insensitively.
tornado.web.RequestHandler has new attributes path_args and path_kwargs, which contain the positional and keyword arguments that are passed to the get/post/etc method. These attributes are set before those methods are called, so they are available during prepare()
tornado.web.ErrorHandler no longer requires XSRF tokens on POST requests, so posts to an unknown url will always return 404 instead of complaining about XSRF tokens.
Several methods related to HTTP status codes now take a reason keyword argument to specify an alternate "reason" string (i.e. the "Not Found" in "HTTP/1.1 404 Not Found"). It is now possible to set status codes other than those defined in the spec, as long as a reason string is given.
The Date HTTP header is now set by default on all responses.
Etag/If-None-Match requests now work with .StaticFileHandler.
.StaticFileHandler no longer sets Cache-Control: public unnecessarily.
When gzip is enabled in a tornado.web.Application, appropriate Vary: Accept-Encoding headers are now sent.
It is no longer necessary to pass all handlers for a host in a single .Application.add_handlers call. Now the request will be matched against the handlers for any host_pattern that includes the request's Host header.

Client-side WebSocket support is now available: tornado.websocket.websocket_connect
.WebSocketHandler has new methods and ~.WebSocketHandler.on_pong to send pings to the browser (not supported on the draft76 protocol)

Revision 1.1 / (download) - annotate - [select for diffs], Fri Jan 25 22:33:47 2013 UTC (10 years, 10 months ago) by imil
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1

Initial import of py-tornado, version 2.4.1, into the NetBSD Packages

Tornado is an open source version of the scalable, non-blocking web server and
tools that power FriendFeed. The FriendFeed application is written using a web
framework that looks a bit like or Google's webapp, but with additional
tools and optimizations to take advantage of the underlying non-blocking

The framework is distinct from most mainstream web server frameworks (and
certainly most Python frameworks) because it is non-blocking and reasonably
fast. Because it is non-blocking and uses epoll or kqueue, it can handle
thousands of simultaneous standing connections, which means it is ideal for
real-time web services. We built the web server specifically to handle
FriendFeed's real-time features -- every active user of FriendFeed maintains
an open connection to the FriendFeed servers.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

CVSweb <>