Up to [cvs.NetBSD.org] / pkgsrc / www / py-werkzeug-docs
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.18 / (download) - annotate - [select for diffs], Fri Apr 29 23:09:31 2022 UTC (9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base,
pkgsrc-2022Q4,
pkgsrc-2022Q3-base,
pkgsrc-2022Q3,
pkgsrc-2022Q2-base,
pkgsrc-2022Q2,
HEAD
Changes since 1.17: +3 -1
lines
Diff to previous 1.17 (colored)
py-werkzeug-docs: mark as not for python 2.7
Revision 1.17 / (download) - annotate - [select for diffs], Fri Apr 29 13:36:19 2022 UTC (9 months ago) by wiz
Branch: MAIN
Changes since 1.16: +3 -3
lines
Diff to previous 1.16 (colored)
py-werkzeug*: update to 2.1.2 Version 2.1.2 ------------- Released 2022-04-28 - The development server does not set ``Transfer-Encoding: chunked`` for 1xx, 204, 304, and HEAD responses. :issue:`2375` - Response HTML for exceptions and redirects starts with ``<!doctype html>`` and ``<html lang=en>``. :issue:`2390` - Fix ability to set some ``cache_control`` attributes to ``False``. :issue:`2379` - Disable ``keep-alive`` connections in the development server, which are not supported sufficiently by Python's ``http.server``. :issue:`2397` Version 2.1.1 ------------- Released 2022-04-01 - ``ResponseCacheControl.s_maxage`` converts its value to an int, like ``max_age``. :issue:`2364` Version 2.1.0 ------------- Released 2022-03-28 - Drop support for Python 3.6. :pr:`2277` - Using gevent or eventlet requires greenlet>=1.0 or PyPy>=7.3.7. ``werkzeug.locals`` and ``contextvars`` will not work correctly with older versions. :pr:`2278` - Remove previously deprecated code. :pr:`2276` - Remove the non-standard ``shutdown`` function from the WSGI environ when running the development server. See the docs for alternatives. - Request and response mixins have all been merged into the ``Request`` and ``Response`` classes. - The user agent parser and the ``useragents`` module is removed. The ``user_agent`` module provides an interface that can be subclassed to add a parser, such as ua-parser. By default it only stores the whole string. - The test client returns ``TestResponse`` instances and can no longer be treated as a tuple. All data is available as properties on the response. - Remove ``locals.get_ident`` and related thread-local code from ``locals``, it no longer makes sense when moving to a contextvars-based implementation. - Remove the ``python -m werkzeug.serving`` CLI. - The ``has_key`` method on some mapping datastructures; use ``key in data`` instead. - ``Request.disable_data_descriptor`` is removed, pass ``shallow=True`` instead. - Remove the ``no_etag`` parameter from ``Response.freeze()``. - Remove the ``HTTPException.wrap`` class method. - Remove the ``cookie_date`` function. Use ``http_date`` instead. - Remove the ``pbkdf2_hex``, ``pbkdf2_bin``, and ``safe_str_cmp`` functions. Use equivalents in ``hashlib`` and ``hmac`` modules instead. - Remove the ``Href`` class. - Remove the ``HTMLBuilder`` class. - Remove the ``invalidate_cached_property`` function. Use ``del obj.attr`` instead. - Remove ``bind_arguments`` and ``validate_arguments``. Use :meth:`Signature.bind` and :func:`inspect.signature` instead. - Remove ``detect_utf_encoding``, it's built-in to ``json.loads``. - Remove ``format_string``, use :class:`string.Template` instead. - Remove ``escape`` and ``unescape``. Use MarkupSafe instead. - The ``multiple`` parameter of ``parse_options_header`` is deprecated. :pr:`2357` - Rely on :pep:`538` and :pep:`540` to handle decoding file names with the correct filesystem encoding. The ``filesystem`` module is removed. :issue:`1760` - Default values passed to ``Headers`` are validated the same way values added later are. :issue:`1608` - Setting ``CacheControl`` int properties, such as ``max_age``, will convert the value to an int. :issue:`2230` - Always use ``socket.fromfd`` when restarting the dev server. :pr:`2287` - When passing a dict of URL values to ``Map.build``, list values do not filter out ``None`` or collapse to a single value. Passing a ``MultiDict`` does collapse single items. This undoes a previous change that made it difficult to pass a list, or ``None`` values in a list, to custom URL converters. :issue:`2249` - ``run_simple`` shows instructions for dealing with "address already in use" errors, including extra instructions for macOS. :pr:`2321` - Extend list of characters considered always safe in URLs based on :rfc:`3986`. :issue:`2319` - Optimize the stat reloader to avoid watching unnecessary files in more cases. The watchdog reloader is still recommended for performance and accuracy. :issue:`2141` - The development server uses ``Transfer-Encoding: chunked`` for streaming responses when it is configured for HTTP/1.1. :issue:`2090, 1327`, :pr:`2091` - The development server uses HTTP/1.1, which enables keep-alive connections and chunked streaming responses, when ``threaded`` or ``processes`` is enabled. :pr:`2323` - ``cached_property`` works for classes with ``__slots__`` if a corresponding ``_cache_{name}`` slot is added. :pr:`2332` - Refactor the debugger traceback formatter to use Python's built-in ``traceback`` module as much as possible. :issue:`1753` - The ``TestResponse.text`` property is a shortcut for ``r.get_data(as_text=True)``, for convenient testing against text instead of bytes. :pr:`2337` - ``safe_join`` ensures that the path remains relative if the trusted directory is the empty string. :pr:`2349` - Percent-encoded newlines (``%0a``), which are decoded by WSGI servers, are considered when routing instead of terminating the match early. :pr:`2350` - The test client doesn't set duplicate headers for ``CONTENT_LENGTH`` and ``CONTENT_TYPE``. :pr:`2348` - ``append_slash_redirect`` handles ``PATH_INFO`` with internal slashes. :issue:`1972`, :pr:`2338` - The default status code for ``append_slash_redirect`` is 308 instead of 301. This preserves the request body, and matches a previous change to ``strict_slashes`` in routing. :issue:`2351` - Fix ``ValueError: I/O operation on closed file.`` with the test client when following more than one redirect. :issue:`2353` - ``Response.autocorrect_location_header`` is disabled by default. The ``Location`` header URL will remain relative, and exclude the scheme and domain, by default. :issue:`2352` - ``Request.get_json()`` will raise a 400 ``BadRequest`` error if the ``Content-Type`` header is not ``application/json``. This makes a very common source of confusion more visible. :issue:`2339` Version 2.0.3 ------------- Released 2022-02-07 - ``ProxyFix`` supports IPv6 addresses. :issue:`2262` - Type annotation for ``Response.make_conditional``, ``HTTPException.get_response``, and ``Map.bind_to_environ`` accepts ``Request`` in addition to ``WSGIEnvironment`` for the first parameter. :pr:`2290` - Fix type annotation for ``Request.user_agent_class``. :issue:`2273` - Accessing ``LocalProxy.__class__`` and ``__doc__`` on an unbound proxy returns the fallback value instead of a method object. :issue:`2188` - Redirects with the test client set ``RAW_URI`` and ``REQUEST_URI`` correctly. :issue:`2151` Version 2.0.2 ------------- Released 2021-10-05 - Handle multiple tokens in ``Connection`` header when routing WebSocket requests. :issue:`2131` - Set the debugger pin cookie secure flag when on https. :pr:`2150` - Fix type annotation for ``MultiDict.update`` to accept iterable values :pr:`2142` - Prevent double encoding of redirect URL when ``merge_slash=True`` for ``Rule.match``. :issue:`2157` - ``CombinedMultiDict.to_dict`` with ``flat=False`` considers all component dicts when building value lists. :issue:`2189` - ``send_file`` only sets a detected ``Content-Encoding`` if ``as_attachment`` is disabled to avoid browsers saving decompressed ``.tar.gz`` files. :issue:`2149` - Fix type annotations for ``TypeConversionDict.get`` to not return an ``Optional`` value if both ``default`` and ``type`` are not ``None``. :issue:`2169` - Fix type annotation for routing rule factories to accept ``Iterable[RuleFactory]`` instead of ``Iterable[Rule]`` for the ``rules`` parameter. :issue:`2183` - Add missing type annotation for ``FileStorage.__getattr__`` :issue:`2155` - The debugger pin cookie is set with ``SameSite`` set to ``Strict`` instead of ``None`` to be compatible with modern browser security. :issue:`2156` - Type annotations use ``IO[bytes]`` and ``IO[str]`` instead of ``BinaryIO`` and ``TextIO`` for wider type compatibility. :issue:`2130` - Ad-hoc TLS certs are generated with SAN matching CN. :issue:`2158` - Fix memory usage for locals when using Python 3.6 or pre 0.4.17 greenlet versions. :pr:`2212` - Fix type annotation in ``CallbackDict``, because it is not utilizing a bound TypeVar. :issue:`2235` - Fix setting CSP header options on the response. :pr:`2237` - Fix an issue with with the interactive debugger where lines would not expand on click for very long tracebacks. :pr:`2239` - The interactive debugger handles displaying an exception that does not have a traceback, such as from ``ProcessPoolExecutor``. :issue:`2217` Version 2.0.1 ------------- Released 2021-05-17 - Fix type annotation for ``send_file`` ``max_age`` callable. Don't pass ``pathlib.Path`` to ``max_age``. :issue:`2119` - Mark top-level names as exported so type checking understands imports in user projects. :issue:`2122` - Fix some types that weren't available in Python 3.6.0. :issue:`2123` - ``cached_property`` is generic over its return type, properties decorated with it report the correct type. :issue:`2113` - Fix multipart parsing bug when boundary contains special regex characters. :issue:`2125` - Type checking understands that calling ``headers.get`` with a string default will always return a string. :issue:`2128` - If ``HTTPException.description`` is not a string, ``get_description`` will convert it to a string. :issue:`2115` Version 2.0.0 ------------- Released 2021-05-11 - Drop support for Python 2 and 3.5. :pr:`1693` - Deprecate :func:`utils.format_string`, use :class:`string.Template` instead. :issue:`1756` - Deprecate :func:`utils.bind_arguments` and :func:`utils.validate_arguments`, use :meth:`Signature.bind` and :func:`inspect.signature` instead. :issue:`1757` - Deprecate :class:`utils.HTMLBuilder`. :issue:`1761` - Deprecate :func:`utils.escape` and :func:`utils.unescape`, use MarkupSafe instead. :issue:`1758` - Deprecate the undocumented ``python -m werkzeug.serving`` CLI. :issue:`1834` - Deprecate the ``environ["werkzeug.server.shutdown"]`` function that is available when running the development server. :issue:`1752` - Deprecate the ``useragents`` module and the built-in user agent parser. Use a dedicated parser library instead by subclassing ``user_agent.UserAgent`` and setting ``Request.user_agent_class``. :issue:`2078` - Remove the unused, internal ``posixemulation`` module. :issue:`1759` - All ``datetime`` values are timezone-aware with ``tzinfo=timezone.utc``. This applies to anything using ``http.parse_date``: ``Request.date``, ``.if_modified_since``, ``.if_unmodified_since``; ``Response.date``, ``.expires``, ``.last_modified``, ``.retry_after``; ``parse_if_range_header``, and ``IfRange.date``. When comparing values, the other values must also be aware, or these values must be made naive. When passing parameters or setting attributes, naive values are still assumed to be in UTC. :pr:`2040` - Merge all request and response wrapper mixin code into single ``Request`` and ``Response`` classes. Using the mixin classes is no longer necessary and will show a deprecation warning. Checking ``isinstance`` or ``issubclass`` against ``BaseRequest`` and ``BaseResponse`` will show a deprecation warning and check against ``Request`` or ``Response`` instead. :issue:`1963` - JSON support no longer uses simplejson if it's installed. To use another JSON module, override ``Request.json_module`` and ``Response.json_module``. :pr:`1766` - ``Response.get_json()`` no longer caches the result, and the ``cache`` parameter is removed. :issue:`1698` - ``Response.freeze()`` generates an ``ETag`` header if one is not set. The ``no_etag`` parameter (which usually wasn't visible anyway) is no longer used. :issue:`1963` - Add a ``url_scheme`` argument to :meth:`~routing.MapAdapter.build` to override the bound scheme. :pr:`1721` - Passing an empty list as a query string parameter to ``build()`` won't append an unnecessary ``?``. Also drop any number of ``None`` items in a list. :issue:`1992` - When passing a ``Headers`` object to a test client method or ``EnvironBuilder``, multiple values for a key are joined into one comma separated value. This matches the HTTP spec on multi-value headers. :issue:`1655` - Setting ``Response.status`` and ``status_code`` uses identical parsing and error checking. :issue:`1658`, :pr:`1728` - ``MethodNotAllowed`` and ``RequestedRangeNotSatisfiable`` take a ``response`` kwarg, consistent with other HTTP errors. :pr:`1748` - The response generated by :exc:`~exceptions.Unauthorized` produces one ``WWW-Authenticate`` header per value in ``www_authenticate``, rather than joining them into a single value, to improve interoperability with browsers and other clients. :pr:`1755` - If ``parse_authorization_header`` can't decode the header value, it returns ``None`` instead of raising a ``UnicodeDecodeError``. :issue:`1816` - The debugger no longer uses jQuery. :issue:`1807` - The test client includes the query string in ``REQUEST_URI`` and ``RAW_URI``. :issue:`1781` - Switch the parameter order of ``default_stream_factory`` to match the order used when calling it. :pr:`1085` - Add ``send_file`` function to generate a response that serves a file. Adapted from Flask's implementation. :issue:`265`, :pr:`1850` - Add ``send_from_directory`` function to safely serve an untrusted path within a trusted directory. Adapted from Flask's implementation. :issue:`1880` - ``send_file`` takes ``download_name``, which is passed even if ``as_attachment=False`` by using ``Content-Disposition: inline``. ``download_name`` replaces Flask's ``attachment_filename``. :issue:`1869` - ``send_file`` sets ``conditional=True`` and ``max_age=None`` by default. ``Cache-Control`` is set to ``no-cache`` if ``max_age`` is not set, otherwise ``public``. This tells browsers to validate conditional requests instead of using a timed cache. ``max_age=None`` replaces Flask's ``cache_timeout=43200``. :issue:`1882` - ``send_file`` can be called with ``etag="string"`` to set a custom ETag instead of generating one. ``etag`` replaces Flask's ``add_etags``. :issue:`1868` - ``send_file`` sets the ``Content-Encoding`` header if an encoding is returned when guessing ``mimetype`` from ``download_name``. :pr:`3896` - Update the defaults used by ``generate_password_hash``. Increase PBKDF2 iterations to 260000 from 150000. Increase salt length to 16 from 8. Use ``secrets`` module to generate salt. :pr:`1935` - The reloader doesn't crash if ``sys.stdin`` is somehow ``None``. :pr:`1915` - Add arguments to ``delete_cookie`` to match ``set_cookie`` and the attributes modern browsers expect. :pr:`1889` - ``utils.cookie_date`` is deprecated, use ``utils.http_date`` instead. The value for ``Set-Cookie expires`` is no longer "-" delimited. :pr:`2040` - Use ``request.headers`` instead of ``request.environ`` to look up header attributes. :pr:`1808` - The test ``Client`` request methods (``client.get``, etc.) always return an instance of ``TestResponse``. In addition to the normal behavior of ``Response``, this class provides ``request`` with the request that produced the response, and ``history`` to track intermediate responses when ``follow_redirects`` is used. :issue:`763, 1894` - The test ``Client`` request methods takes an ``auth`` parameter to add an ``Authorization`` header. It can be an ``Authorization`` object or a ``(username, password)`` tuple for ``Basic`` auth. :pr:`1809` - Calling ``response.close()`` on a response from the test ``Client`` will close the request input stream. This matches file behavior and can prevent a ``ResourceWarning`` in some cases. :issue:`1785` - ``EnvironBuilder.from_environ`` decodes values encoded for WSGI, to avoid double encoding the new values. :pr:`1959` - The default stat reloader will watch Python files under non-system/virtualenv ``sys.path`` entries, which should contain most user code. It will also watch all Python files under directories given in ``extra_files``. :pr:`1945` - The reloader ignores ``__pycache__`` directories again. :pr:`1945` - ``run_simple`` takes ``exclude_patterns`` a list of ``fnmatch`` patterns that will not be scanned by the reloader. :issue:`1333` - Cookie names are no longer unquoted. This was against :rfc:`6265` and potentially allowed setting ``__Secure`` prefixed cookies. :pr:`1965` - Fix some word matches for user agent platform when the word can be a substring. :issue:`1923` - The development server logs ignored SSL errors. :pr:`1967` - Temporary files for form data are opened in ``rb+`` instead of ``wb+`` mode for better compatibility with some libraries. :issue:`1961` - Use SHA-1 instead of MD5 for generating ETags and the debugger pin, and in some tests. MD5 is not available in some environments, such as FIPS 140. This may invalidate some caches since the ETag will be different. :issue:`1897` - Add ``Cross-Origin-Opener-Policy`` and ``Cross-Origin-Embedder-Policy`` response header properties. :pr:`2008` - ``run_simple`` tries to show a valid IP address when binding to all addresses, instead of ``0.0.0.0`` or ``::``. It also warns about not running the development server in production in this case. :issue:`1964` - Colors in the development server log are displayed if Colorama is installed on Windows. For all platforms, style support no longer requires Click. :issue:`1832` - A range request for an empty file (or other data with length 0) will return a 200 response with the empty file instead of a 416 error. :issue:`1937` - New sans-IO base classes for ``Request`` and ``Response`` have been extracted to contain all the behavior that is not WSGI or IO dependent. These are not a public API, they are part of an ongoing refactor to let ASGI frameworks use Werkzeug. :pr:`2005` - Parsing ``multipart/form-data`` has been refactored to use sans-io patterns. This should also make parsing forms with large binary file uploads significantly faster. :issue:`1788, 875` - ``LocalProxy`` matches the current Python data model special methods, including all r-ops, in-place ops, and async. ``__class__`` is proxied, so the proxy will look like the object in more cases, including ``isinstance``. Use ``issubclass(type(obj), LocalProxy)`` to check if an object is actually a proxy. :issue:`1754` - ``Local`` uses ``ContextVar`` on Python 3.7+ instead of ``threading.local``. :pr:`1778` - ``request.values`` does not include ``form`` for GET requests (even though GET bodies are undefined). This prevents bad caching proxies from caching form data instead of query strings. :pr:`2037` - The development server adds the underlying socket to ``environ`` as ``werkzeug.socket``. This is non-standard and specific to the dev server, other servers may expose this under their own key. It is useful for handling a WebSocket upgrade request. :issue:`2052` - URL matching assumes ``websocket=True`` mode for WebSocket upgrade requests. :issue:`2052` - Updated ``UserAgentParser`` to handle more cases. :issue:`1971` - ``werzeug.DechunkedInput.readinto`` will not read beyond the size of the buffer. :issue:`2021` - Fix connection reset when exceeding max content size. :pr:`2051` - ``pbkdf2_hex``, ``pbkdf2_bin``, and ``safe_str_cmp`` are deprecated. ``hashlib`` and ``hmac`` provide equivalents. :pr:`2083` - ``invalidate_cached_property`` is deprecated. Use ``del obj.name`` instead. :pr:`2084` - ``Href`` is deprecated. Use ``werkzeug.routing`` instead. :pr:`2085` - ``Request.disable_data_descriptor`` is deprecated. Create the request with ``shallow=True`` instead. :pr:`2085` - ``HTTPException.wrap`` is deprecated. Create a subclass manually instead. :pr:`2085`
Revision 1.16 / (download) - annotate - [select for diffs], Wed Apr 1 17:44:54 2020 UTC (2 years, 10 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base,
pkgsrc-2022Q1,
pkgsrc-2021Q4-base,
pkgsrc-2021Q4,
pkgsrc-2021Q3-base,
pkgsrc-2021Q3,
pkgsrc-2021Q2-base,
pkgsrc-2021Q2,
pkgsrc-2021Q1-base,
pkgsrc-2021Q1,
pkgsrc-2020Q4-base,
pkgsrc-2020Q4,
pkgsrc-2020Q3-base,
pkgsrc-2020Q3,
pkgsrc-2020Q2-base,
pkgsrc-2020Q2
Changes since 1.15: +2 -1
lines
Diff to previous 1.15 (colored)
py-werkzeug{-docs}: updated to 1.0.1 Version 1.0.1 - Make the argument to ``RequestRedirect.get_response`` optional. - Only allow a single access control allow origin value. - Fix crash when trying to parse a non-existent Content Security Policy header. - ``http_date`` zero fills years < 1000 to always output four digits. - Fix missing local variables in interactive debugger console. - Fix passing file-like objects like ``io.BytesIO`` to ``FileStorage.save``. Version 1.0.0 - Drop support for Python 3.4. (:issue:`1478`) - Remove code that issued deprecation warnings in version 0.15. (:issue:`1477`) - Remove most top-level attributes provided by the ``werkzeug`` module in favor of direct imports. For example, instead of ``import werkzeug; werkzeug.url_quote``, do ``from werkzeug.urls import url_quote``. Install version 0.16 first to see deprecation warnings while upgrading. - Added ``utils.invalidate_cached_property()`` to invalidate cached properties. (:pr:`1474`) - Directive keys for the ``Set-Cookie`` response header are not ignored when parsing the ``Cookie`` request header. This allows cookies with names such as "expires" and "version". (:issue:`1495`) - Request cookies are parsed into a ``MultiDict`` to capture all values for cookies with the same key. ``cookies[key]`` returns the first value rather than the last. Use ``cookies.getlist(key)`` to get all values. ``parse_cookie`` also defaults to a ``MultiDict``. - Add ``charset=utf-8`` to an HTTP exception response's ``CONTENT_TYPE`` header. (:pr:`1526`) - The interactive debugger handles outer variables in nested scopes such as lambdas and comprehensions. - The user agent for Opera 60 on Mac is correctly reported as "opera" instead of "chrome". - The platform for Crosswalk on Android is correctly reported as "android" instead of "chromeos". (:pr:`1572`) - Issue a warning when the current server name does not match the configured server name. - A configured server name with the default port for a scheme will match the current server name without the port if the current scheme matches. - :exc:`~exceptions.InternalServerError` has a ``original_exception`` attribute that frameworks can use to track the original cause of the error. - Headers are tested for equality independent of the header key case, such that ``X-Foo`` is the same as ``x-foo``. - :meth:`http.dump_cookie` accepts ``'None'`` as a value for ``samesite``. - :meth:`~test.Client.set_cookie` accepts a ``samesite`` argument. - Support the Content Security Policy header through the `Response.content_security_policy` data structure. - ``LanguageAccept`` will fall back to matching "en" for "en-US" or "en-US" for "en" to better support clients or translations that only match at the primary language tag. - ``MIMEAccept`` uses MIME parameters for specificity when matching. - If the development server is started with an ``SSLContext`` configured to verify client certificates, the certificate in PEM format will be available as ``environ["SSL_CLIENT_CERT"]``. - ``is_resource_modified`` will run for methods other than ``GET`` and ``HEAD``, rather than always returning ``False``. - ``SharedDataMiddleware`` returns 404 rather than 500 when trying to access a directory instead of a file with the package loader. The dependency on setuptools and pkg_resources is removed. - Add a ``response.cache_control.immutable`` flag. Keep in mind that browser support for this ``Cache-Control`` header option is still experimental and may not be implemented. - Optional request log highlighting with the development server is handled by Click instead of termcolor. - Optional ad-hoc TLS support for the development server is handled by cryptography instead of pyOpenSSL. - ``FileStorage.save()`` supports ``pathlib`` and :pep:`519` ``PathLike`` objects. - The debugger security pin is unique in containers managed by Podman. - Building a URL when ``host_matching`` is enabled takes into account the current host when there are duplicate endpoints with different hosts. - The ``429 TooManyRequests`` and ``503 ServiceUnavailable`` HTTP exceptions takes a ``retry_after`` parameter to set the ``Retry-After`` header. - ``Map`` and ``Rule`` have a ``merge_slashes`` option to collapse multiple slashes into one, similar to how many HTTP servers behave. This is enabled by default. - Add HTTP 103, 208, 306, 425, 506, 508, and 511 to the list of status codes. - Add ``update``, ``setlist``, and ``setlistdefault`` methods to the ``Headers`` data structure. ``extend`` method can take ``MultiDict`` and kwargs. - The development server accepts paths that start with two slashes, rather than stripping off the first path segment. - Add access control (Cross Origin Request Sharing, CORS) header properties to the ``Request`` and ``Response`` wrappers. - ``Accept`` values are no longer ordered alphabetically for equal quality tags. Instead the initial order is preserved. - Added ``Map.lock_class`` attribute for alternative implementations. - Support matching and building WebSocket rules in the routing system, for use by async frameworks. - Range requests that span an entire file respond with 206 instead of 200, to be more compliant with :rfc:`7233`. This may help serving media to older browsers. - The :class:`~middleware.shared_data.SharedDataMiddleware` default ``fallback_mimetype`` is ``application/octet-stream``. If a filename looks like a text mimetype, the ``utf-8`` charset is added to it. This matches the behavior of :class:`~wrappers.BaseResponse` and Flask's ``send_file()``.
Revision 1.15 / (download) - annotate - [select for diffs], Mon Feb 3 20:04:57 2020 UTC (2 years, 11 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base,
pkgsrc-2020Q1
Changes since 1.14: +1 -2
lines
Diff to previous 1.14 (colored)
reset revision
Revision 1.14 / (download) - annotate - [select for diffs], Thu Nov 14 05:25:43 2019 UTC (3 years, 2 months ago) by gutteridge
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base,
pkgsrc-2019Q4
Changes since 1.13: +3 -2
lines
Diff to previous 1.13 (colored)
py-werkzeug-docs: reflect dependency change This package now depends on py-pallets-sphinx-themes>=1.2.2nb1, since the latter added a new dependency for its basic functioning (and 1.2.2 pre-revbump was broken).
Revision 1.13 / (download) - annotate - [select for diffs], Mon Oct 21 22:11:34 2019 UTC (3 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.12: +2 -3
lines
Diff to previous 1.12 (colored)
Switch sphinx to versioned deps.
Revision 1.12 / (download) - annotate - [select for diffs], Sat Sep 14 17:09:11 2019 UTC (3 years, 4 months ago) by gutteridge
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base,
pkgsrc-2019Q3
Changes since 1.11: +5 -4
lines
Diff to previous 1.11 (colored)
py-werkzeug-docs: note py-werkzeug dependency Fix bulk builds by noting this depends on py-werkzeug. (While here, convert other BUILD_DEPENDS to TOOL_DEPENDS.)
Revision 1.11 / (download) - annotate - [select for diffs], Thu May 23 12:00:48 2019 UTC (3 years, 8 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base,
pkgsrc-2019Q2
Changes since 1.10: +6 -6
lines
Diff to previous 1.10 (colored)
py-werkzeug: updated to 0.15.4 Version 0.15.4 - Fix a SyntaxError on Python 2.7.5. (:issue:1544) Version 0.15.3 - Properly handle multi-line header folding in development server in Python 2.7. (:issue:1080) - Restore the response argument to :exc:~exceptions.Unauthorized. (:pr:1527) - :exc:~exceptions.Unauthorized doesn't add the WWW-Authenticate header if www_authenticate is not given. (:issue:1516) - The default URL converter correctly encodes bytes to string rather than representing them with b''. (:issue:1502) - Fix the filename format string in :class:~middleware.profiler.ProfilerMiddleware to correctly handle float values. (:issue:1511) - Update :class:~middleware.lint.LintMiddleware to work on Python 3. (:issue:1510) - The debugger detects cycles in chained exceptions and does not time out in that case. (:issue:1536) - When running the development server in Docker, the debugger security pin is now unique per container.
Revision 1.10 / (download) - annotate - [select for diffs], Wed Apr 24 16:05:43 2019 UTC (3 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.9: +7 -2
lines
Diff to previous 1.9 (colored)
py-werkzeug: updated to 0.15.2 Version 0.15.2 - Rule code generation uses a filename that coverage will ignore. The previous value, "generated", was causing coverage to fail. - The test client removes the cookie header if there are no persisted cookies. This fixes an issue introduced in 0.15.0 where the cookies from the original request were used for redirects, causing functions such as logout to fail. - The test client copies the environ before passing it to the app, to prevent in-place modifications from affecting redirect requests. - The "werkzeug" logger only adds a handler if there is no handler configured for its level in the logging chain. This avoids double logging if other code configures logging first. Version 0.15.1 - :class:~exceptions.Unauthorized takes description as the first argument, restoring previous behavior. The new www_authenticate argument is listed second. Version 0.15.0 - Building URLs is ~7x faster. Each :class:~routing.Rule compiles an optimized function for building itself. - :meth:MapAdapter.build() <routing.MapAdapter.build> can be passed a :class:~datastructures.MultiDict to represent multiple values for a key. It already did this when passing a dict with a list value. - path_info defaults to '/' for :meth:Map.bind() <routing.Map.bind>. :pr:1316) - Change RequestRedirect code from 301 to 308, preserving the verb and request body (form data) during redirect. - int and float converters in URL rules will handle negative values if passed the signed=True parameter. For example, /jump/<int(signed=True):count>. - Location autocorrection in :func:Response.get_wsgi_headers() <wrappers.BaseResponse.get_wsgi_headers> is relative to the current path rather than the root path. :pr:1315) - 412 responses once again include entity headers and an error message in the body. They were originally omitted when implementing If-Match - The Content-Length header is removed for 1xx and 204 responses. This fixes a previous change where no body would be sent, but the header would still be present. The new behavior matches RFC 7230. - :class:~exceptions.Unauthorized takes a www_authenticate parameter to set the WWW-Authenticate header for the response, which is technically required for a valid 401 response. - Add support for status code 424 :exc:~exceptions.FailedDependency. - :func:http.parse_cookie ignores empty segments rather than producing a cookie with no key or value. - :func:~http.parse_authorization_header (and :class:~datastructures.Authorization, :attr:~wrappers.Request.authorization) treats the authorization header as UTF-8. On Python 2, basic auth username and password are unicode. - :func:~http.parse_options_header understands :rfc:2231 parameter continuations. - :func:~urls.uri_to_iri does not unquote ASCII characters in the unreserved class, such as space, and leaves invalid bytes quoted when decoding. :func:~urls.iri_to_uri does not quote reserved characters. See :rfc:3987 for these character classes. - get_content_type appends a charset for any mimetype that ends with +xml, not just those that start with application/. Known text types such as application/javascript are also given charsets. - Clean up werkzeug.security module, remove outdated hashlib support. - In :func:~security.generate_password_hash, PBKDF2 uses 150000 iterations by default, increased from 50000. - :class:~wsgi.ClosingIterator calls close on the wrapped *iterable*, not the internal iterator. This doesn't affect objects where __iter__ returned self. For other objects, the method was not called before. - Bytes may be used as keys in :class:~datastructures.Headers, they will be decoded as Latin-1 like values are. - :class:~datastructures.Range validates that list of range tuples passed to it would produce a valid Range header. - :class:~datastructures.FileStorage looks up attributes on stream._file if they don't exist on stream, working around an issue where :func:tempfile.SpooledTemporaryFile didn't implement all of :class:io.IOBase. See https://github.com/python/cpython/pull/3249. - :class:CombinedMultiDict.copy() <datastructures.CombinedMultiDict> returns a shallow mutable copy as a :class:~datastructures.MultiDict. The copy no longer reflects changes to the combined dicts, but is more generally useful. - The version of jQuery used by the debugger is updated to 3.3.1. - The debugger correctly renders long markupsafe.Markup instances. - The debugger can serve resources when Werkzeug is installed as a zip file. DebuggedApplication.get_resource uses pkgutil.get_data. - The debugger and server log support Python 3's chained exceptions. - The interactive debugger highlights frames that come from user code to make them easy to pick out in a long stack trace. Note that if an env was created with virtualenv instead of venv, the debugger may incorrectly classify some frames. - Clicking the error message at the top of the interactive debugger will jump down to the bottom of the traceback. - When generating a PIN, the debugger will ignore a KeyError raised when the current UID doesn't have an associated username, which can happen in Docker. - :class:~exceptions.BadRequestKeyError adds the KeyError message to the description, making it clearer what caused the 400 error. Frameworks like Flask can omit this information in production by setting e.args = (). - If a nested ImportError occurs from :func:~utils.import_string the traceback mentions the nested import. Removes an untested code path for handling "modules not yet set up by the parent." - Triggering a reload while using a tool such as PDB no longer hides input. - The reloader will not prepend the Python executable to the command line if the Python file is marked executable. This allows the reloader to work on NixOS. - Fix an issue where sys.path would change between reloads when running with python -m app. The reloader can detect that a module was run with "-m" and reconstructs that instead of the file path in sys.argv when reloading. - The dev server can bind to a Unix socket by passing a hostname like unix://app.socket. - Server uses IPPROTO_TCP constant instead of SOL_TCP for Jython compatibility. - When using an adhoc SSL cert with :func:~serving.run_simple, the cert is shown as self-signed rather than signed by an invalid authority. - The development server logs the unquoted IRI rather than the raw request line, to make it easier to work with Unicode in request paths during development. - The development server recognizes ConnectionError on Python 3 to silence client disconnects, and does not silence other OSErrors that may have been raised inside the application. - The environ keys REQUEST_URI and RAW_URI contain the raw path before it was percent-decoded. This is non-standard, but many WSGI servers add them. Middleware could replace PATH_INFO with this to route based on the raw value. - :class:~test.EnvironBuilder doesn't set CONTENT_TYPE or CONTENT_LENGTH in the environ if they aren't set. Previously these used default values if they weren't set. Now it's possible to distinguish between empty and unset values. - The test client raises a ValueError if a query string argument would overwrite a query string in the path. - :class:test.EnvironBuilder and :class:test.Client take a json argument instead of manually passing data and content_type. This is serialized using the :meth:test.EnvironBuilder.json_dumps method. - :class:test.Client redirect handling is rewritten. - The redirect environ is copied from the initial request environ. - Script root and path are correctly distinguished when redirecting to a path under the root. - The HEAD method is not changed to GET. - 307 and 308 codes preserve the method and body. All others ignore the body and related headers. - Headers are passed to the new request for all codes, following what browsers do. - :class:test.EnvironBuilder sets the content type and length headers in addition to the WSGI keys when detecting them from the data. - Intermediate response bodies are iterated over even when buffered=False to ensure iterator middleware can run cleanup code safely. Only the last response is not buffered. - :class:~test.EnvironBuilder, :class:~datastructures.FileStorage, and :func:wsgi.get_input_stream no longer share a global _empty_stream instance. This improves test isolation by preventing cases where closing the stream in one request would affect other usages. - The default :attr:SecureCookie.serialization_method <contrib.securecookie.SecureCookie.serialization_method> will change from :mod:pickle to :mod:json in 1.0. To upgrade existing tokens, override :meth:~contrib.securecookie.SecureCookie.unquote to try pickle if json fails. - CGIRootFix no longer modifies PATH_INFO for very old versions of Lighttpd. LighttpdCGIRootFix was renamed to CGIRootFix in 0.9. Both are deprecated and will be removed in version 1.0. - :class:werkzeug.wrappers.json.JSONMixin has been replaced with Flask's implementation. Check the docs for the full API. - The :doc:contrib modules </contrib/index> are deprecated and will either be moved into werkzeug core or removed completely in version 1.0. Some modules that already issued deprecation warnings have been removed. Be sure to run or test your code with python -W default::DeprecationWarning to catch any deprecated code you're using. - LintMiddleware has moved to :mod:werkzeug.middleware.lint. - ProfilerMiddleware has moved to :mod:werkzeug.middleware.profiler. - ProxyFix has moved to :mod:werkzeug.middleware.proxy_fix. - JSONRequestMixin has moved to :mod:werkzeug.wrappers.json. - cache has been extracted into a separate project, cachelib <https://github.com/pallets/cachelib>_. The version in Werkzeug is deprecated. - securecookie and sessions have been extracted into a separate project, secure-cookie <https://github.com/pallets/secure-cookie>_. The version in Werkzeug is deprecated. - Everything in fixers, except ProxyFix, is deprecated. - Everything in wrappers, except JSONMixin, is deprecated. - atom is deprecated. This did not fit in with the rest of Werkzeug, and is better served by a dedicated library in the community. - jsrouting is removed. Set URLs when rendering templates or JSON responses instead. - limiter is removed. Its specific use is handled by Werkzeug directly, but stream limiting is better handled by the WSGI server in general. - testtools is removed. It did not offer significant benefit over the default test client. - iterio is deprecated. - :func:wsgi.get_host no longer looks at X-Forwarded-For. Use :class:~middleware.proxy_fix.ProxyFix to handle that. - :class:~middleware.proxy_fix.ProxyFix is refactored to support more headers, multiple values, and more secure configuration. - Each header supports multiple values. The trusted number of proxies is configured separately for each header. The num_proxies argument is deprecated. - Sets SERVER_NAME and SERVER_PORT based on X-Forwarded-Host. - Sets SERVER_PORT and modifies HTTP_HOST based on X-Forwarded-Port. - Sets SCRIPT_NAME based on X-Forwarded-Prefix. - The original WSGI environment values are stored in the werkzeug.proxy_fix.orig key, a dict. The individual keys werkzeug.proxy_fix.orig_remote_addr, werkzeug.proxy_fix.orig_wsgi_url_scheme, and werkzeug.proxy_fix.orig_http_host are deprecated. - Middleware from werkzeug.wsgi has moved to separate modules under werkzeug.middleware, along with the middleware moved from werkzeug.contrib. The old werkzeug.wsgi imports are deprecated and will be removed in version 1.0. - werkzeug.wsgi.DispatcherMiddleware has moved to :class:werkzeug.middleware.dispatcher.DispatcherMiddleware. - werkzeug.wsgi.ProxyMiddleware as moved to :class:werkzeug.middleware.http_proxy.ProxyMiddleware. - werkzeug.wsgi.SharedDataMiddleware has moved to :class:werkzeug.middleware.shared_data.SharedDataMiddleware. - :class:~middleware.http_proxy.ProxyMiddleware proxies the query string. - The filenames generated by :class:~middleware.profiler.ProfilerMiddleware can be customized. - The werkzeug.wrappers module has been converted to a package, and its various classes have been organized into separate modules. Any previously documented classes, understood to be the existing public API, are still importable from werkzeug.wrappers, or may be imported from their specific modules.
Revision 1.9 / (download) - annotate - [select for diffs], Wed May 31 08:24:38 2017 UTC (5 years, 8 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base,
pkgsrc-2019Q1,
pkgsrc-2018Q4-base,
pkgsrc-2018Q4,
pkgsrc-2018Q3-base,
pkgsrc-2018Q3,
pkgsrc-2018Q2-base,
pkgsrc-2018Q2,
pkgsrc-2018Q1-base,
pkgsrc-2018Q1,
pkgsrc-2017Q4-base,
pkgsrc-2017Q4,
pkgsrc-2017Q3-base,
pkgsrc-2017Q3,
pkgsrc-2017Q2-base,
pkgsrc-2017Q2
Changes since 1.8: +4 -6
lines
Diff to previous 1.8 (colored)
Version 0.12.2 -------------- - Fix regression: Pull request ``892`` prevented Werkzeug from correctly logging the IP of a remote client behind a reverse proxy, even when using `ProxyFix`. - Fix a bug in `safe_join` on Windows.
Revision 1.8 / (download) - annotate - [select for diffs], Sun Jan 1 14:44:06 2017 UTC (6 years, 1 month ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base,
pkgsrc-2017Q1
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored)
Add python-3.6 to incompatible versions.
Revision 1.7 / (download) - annotate - [select for diffs], Sat Jul 9 13:04:16 2016 UTC (6 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base,
pkgsrc-2016Q4,
pkgsrc-2016Q3-base,
pkgsrc-2016Q3
Changes since 1.6: +2 -2
lines
Diff to previous 1.6 (colored)
Remove python33: adapt all packages that refer to it.
Revision 1.6 / (download) - annotate - [select for diffs], Sat Dec 5 21:26:07 2015 UTC (7 years, 1 month ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base,
pkgsrc-2016Q2,
pkgsrc-2016Q1-base,
pkgsrc-2016Q1,
pkgsrc-2015Q4-base,
pkgsrc-2015Q4
Changes since 1.5: +2 -2
lines
Diff to previous 1.5 (colored)
Extend PYTHON_VERSIONS_INCOMPATIBLE to 35
Revision 1.5 / (download) - annotate - [select for diffs], Sun Mar 1 20:02:27 2015 UTC (7 years, 11 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base,
pkgsrc-2015Q3,
pkgsrc-2015Q2-base,
pkgsrc-2015Q2,
pkgsrc-2015Q1-base,
pkgsrc-2015Q1
Changes since 1.4: +4 -2
lines
Diff to previous 1.4 (colored)
Fix build with versioned sphinx.
Revision 1.4 / (download) - annotate - [select for diffs], Fri May 9 07:37:26 2014 UTC (8 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base,
pkgsrc-2014Q4,
pkgsrc-2014Q3-base,
pkgsrc-2014Q3,
pkgsrc-2014Q2-base,
pkgsrc-2014Q2
Changes since 1.3: +2 -2
lines
Diff to previous 1.3 (colored)
Mark packages that are not ready for python-3.3 also not ready for 3.4, until proven otherwise.
Revision 1.3 / (download) - annotate - [select for diffs], Sat Jan 25 10:30:30 2014 UTC (9 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base,
pkgsrc-2014Q1
Changes since 1.2: +2 -1
lines
Diff to previous 1.2 (colored)
Mark packages as not ready for python-3.x where applicable; either because they themselves are not ready or because a dependency isn't. This is annotated by PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of x.y.z or PYTHON_VERSIONS_INCOMPATIBLE= 33 # py-foo, py-bar respectively, please use the same style for other packages, and check during updates. Use versioned_dependencies.mk where applicable. Use REPLACE_PYTHON instead of handcoded alternatives, where applicable. Reorder Makefile sections into standard order, where applicable. Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default with the next commit. Whitespace cleanups and other nits corrected, where necessary.
Revision 1.1.4.1 / (download) - annotate - [select for diffs], Wed Aug 14 12:42:29 2013 UTC (9 years, 5 months ago) by tron
Branch: pkgsrc-2013Q2
Changes since 1.1: +1 -1
lines
Diff to previous 1.1 (colored) next main 1.2 (colored)
Pullup ticket #4210 - requested by wiz www/py-werkzeug-docs: packaging fix Revisions pulled up: - www/py-werkzeug-docs/Makefile 1.2 --- Module Name: pkgsrc Committed By: wiz Date: Mon Aug 5 08:40:14 UTC 2013 Modified Files: pkgsrc/www/py-werkzeug-docs: Makefile Log Message: Simplify PKGNAME for older make(1)s or other parsers.
Revision 1.2 / (download) - annotate - [select for diffs], Mon Aug 5 08:40:14 2013 UTC (9 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base,
pkgsrc-2013Q4,
pkgsrc-2013Q3-base,
pkgsrc-2013Q3
Changes since 1.1: +2 -2
lines
Diff to previous 1.1 (colored)
Simplify PKGNAME for older make(1)s or other parsers.
Revision 1.1 / (download) - annotate - [select for diffs], Thu Jan 17 20:01:54 2013 UTC (10 years ago) by kleink
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base,
pkgsrc-2013Q1-base,
pkgsrc-2013Q1
Branch point for: pkgsrc-2013Q2
Import the HTML documentation portion of Werkzeug-0.8.3 as www/py-werkzeug-docs. Based on PR pkg/47381 by Richard PALO. This package contains the HTML documentation for Werkzeug. Werkzeug is a WSGI utility library for Python. It's widely used and BSD licensed. Werkzeug started as a simple collection of various utilities for WSGI applications and has become one of the most advanced WSGI utility modules. It includes a powerful debugger, fully featured request and response objects, HTTP utilities to handle entity tags, cache control headers, HTTP dates, cookie handling, file uploads, a powerful URL routing system and a bunch of community contributed addon modules. It does Unicode and doesn't enforce a specific template engine, database adapter or anything else. It doesn't even enforce a specific way of handling requests and leaves all that up to the developer.