Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Tag: 1.2.5
Fetching contributors…

Cannot retrieve contributors at this time

581 lines (423 sloc) 21.806 kB
1.2.5 (2011-12-14)
- Backport the ``egg:pyramid#wsgiref`` and ``egg:pyramid#cherrypy`` server
runners from the 1.3 branch. This change is to primarily allow scaffolding
authors to rely on the wsgiref entry point for projects that are meant to
work on both Pyramid 1.2.X and 1.3.X.
1.2.4 (2011-12-06)
- ``bpython`` interpreter compatibility in ``pshell``. See the "Command-Line
Pyramid" narrative docs chapter for more information.
Bug Fixes
- Prevent a scaffold rendering from being named ``site`` (conflicts with
Python internal
- Forward compatibility for ``pyramid_zcml`` >= 0.8 + ``zope.configuration``
>= 3.8.0.
Backward Incompatibilities
- The ``pshell`` command (see "paster pshell") no longer accepts a
``--disable-ipython`` command-line argument. Instead, it accepts a ``-p``
or ``--python-shell`` argument, which can be any of the values ``python``,
``ipython`` or ``bpython``.
1.2.3 (2011-11-20)
- 1.2.2 was a brownbag, containing a stray ````.
1.2.2 (2011-11-20)
- Backport from master: a ``mako.directories`` setting is no longer required
to use Mako templates. Rationale: Mako template renderers can be specified
using an absolute asset spec. An entire application can be written with
such asset specs, requiring no ordered lookup path.
Bug Fixes
- Backport from master: The ``pryamid.view.view_config`` decorator did not
accept a ``match_params`` predicate argument. See
- Backport fixes from master regarding URL decoding. URL segments are
no-longer "double-decoded" during traversal and when encountered in a route
subpath (or other star-arg pattern). As a result, a new API named
``pyramid.traversal.traversal_path_info`` was added to the system. This
function accepts an already-URL-decoded string and returns a tuple of
Unicode objects. This API is used internally by Pyramid in all places that
``pyramid.traversal.traversal_path`` used to be used. The
``traversal_path`` function remains for backwards compatibility, however,
and can still be used when a path is encoded. See for more information.
- Backport fix from master: ``request.static_url`` now generates URL-quoted
URLs when fed a ``path`` argument which contains characters that are
unsuitable for URLs. See for
more information.
- Backport from master: fix ``request.json_body`` to deal with alternate
request charsets.
- Backport from master: the AuthTktCookieHelper could potentially generate
Unicode headers inappropriately when the ``tokens`` argument to remember
was used. See
- Backport from master: the AuthTktAuthenticationPolicy did not use a
timing-attack-aware string comparator. See for more info.
- Backport from master: the DummySession in ``pyramid.testing`` now generates
a new CSRF token if one doesn't yet exist.
- Make tox use WebOb 1.1 for Python 2.5-based systems (WebOb 1.2 is 2.6+).
1.2.1 (2011-09-28)
- Lone instance methods can now be treated as view callables (see
Bug Fixes
- Update auth_tkt authentication policy to accept unicode tokens as long as
they only contain ASCII content. See
- Fix ``..note`` and ``..warning`` directives to run properly under newer
1.2 (2011-09-12)
- Route pattern replacement marker names can now begin with an underscore.
1.2b3 (2011-09-11)
Bug Fixes
- The route prefix was not taken into account when a static view was added in
an "include". See .
1.2b2 (2011-09-08)
Bug Fixes
- The 1.2b1 tarball was a brownbag (particularly for Windows users) because
it contained filenames with stray quotation marks in inappropriate places.
We depend on ``setuptools-git`` to produce release tarballs, and when it
was run to produce the 1.2b1 tarball, it didn't yet cope well with files
present in git repositories with high-order characters in their filenames.
- Minor tweaks to the "Introduction" narrative chapter example app and
1.2b1 (2011-09-08)
Bug Fixes
- Sometimes falling back from territory translations (``de_DE``) to language
translations (``de``) would not work properly when using a localizer. See
- The static file serving machinery could not serve files that started with a
``.`` (dot) character.
- Static files with high-order (super-ASCII) characters in their names could
not be served by a static view. The static file serving machinery
inappropriately URL-quoted path segments in filenames when asking for files
from the filesystem.
- Within ``pyramid.traversal.traversal_path`` , canonicalize URL segments
from UTF-8 to Unicode before checking whether a segment matches literally
one of ``.``, the empty string, or ``..`` in case there's some sneaky way
someone might tunnel those strings via UTF-8 that don't match the literals
before decoded.
- Added a "What Makes Pyramid Unique" section to the Introduction narrative
1.2a6 (2011-09-06)
Bug Fixes
- AuthTktAuthenticationPolicy with a ``reissue_time`` interfered with logout.
- Internalize code previously depended upon as imports from the
``paste.auth`` module (futureproof).
- Replaced use of ``paste.urlparser.StaticURLParser`` with a derivative of
Chris Rossi's "happy" static file serving code (futureproof).
- Fixed test suite; on some systems tests would fail due to indeterminate
test run ordering and a double-push-single-pop of a shared test variable.
Behavior Differences
- An ETag header is no longer set when serving a static file. A
Last-Modified header is set instead.
- Static file serving no longer supports the ``wsgi.file_wrapper`` extension.
- Instead of returning a ``403 Forbidden`` error when a static file is served
that cannot be accessed by the Pyramid process' user due to file
permissions, an IOError (or similar) will be raised.
- All scaffolds now send the ``cache_max_age`` parameter to the
``add_static_view`` method.
1.2a5 (2011-09-04)
Bug Fixes
- The ``route_prefix`` of a configurator was not properly taken into account
when registering routes in certain circumstances. See
- The ``zope.configuration`` package is no longer a dependency.
1.2a4 (2011-09-02)
- Support an ``onerror`` keyword argument to
``pyramid.config.Configurator.scan()``. This onerror keyword argument is
passed to ``venusian.Scanner.scan()`` to influence error behavior when
an exception is raised during scanning.
- The ``request_method`` predicate argument to
``pyramid.config.Configurator.add_view`` and
``pyramid.config.Configurator.add_route`` is now permitted to be a tuple of
HTTP method names. Previously it was restricted to being a string
representing a single HTTP method name.
- Undeprecated ``pyramid.traversal.find_model``,
``pyramid.traversal.model_path``, ``pyramid.traversal.model_path_tuple``,
and ``pyramid.url.model_url``, which were all deprecated in Pyramid 1.0.
There's just not much cost to keeping them around forever as aliases to
their renamed ``resource_*`` prefixed functions.
- Undeprecated ``pyramid.view.bfg_view``, which was deprecated in Pyramid
1.0. This is a low-cost alias to ``pyramid.view.view_config`` which we'll
just keep around forever.
- Pyramid now requires Venusian 1.0a1 or better to support the ``onerror``
keyword argument to ``pyramid.config.Configurator.scan``.
1.2a3 (2011-08-29)
Bug Fixes
- Pyramid did not properly generate static URLs using
``pyramid.url.static_url`` when passed a caller-package relative path due
to a refactoring done in 1.2a1.
- The ``settings`` object emitted a deprecation warning any time
``__getattr__`` was called upon it. However, there are legitimate
situations in which ``__getattr__`` is called on arbitrary objects
(e.g. ``hasattr``). Now, the ``settings`` object only emits the warning
upon successful lookup.
- Use ``config.with_package`` in view_config decorator rather than
manufacturing a new renderer helper (cleanup).
1.2a2 (2011-08-27)
Bug Fixes
- When a ``renderers=`` argument is not specified to the Configurator
constructor, eagerly register and commit the default renderer set. This
permits the overriding of the default renderers, which was broken in 1.2a1
without a commit directly after Configurator construction.
- Mako rendering exceptions had the wrong value for an error message.
- An include could not set a root factory successfully because the
Configurator constructor unconditionally registered one that would be
treated as if it were "the word of the user".
- A session factory can now be passed in using the dotted name syntax.
1.2a1 (2011-08-24)
- The ``[pshell]`` section in an ini configuration file now treats a
``setup`` key as a dotted name that points to a callable that is passed the
bootstrap environment. It can mutate the environment as necessary for
great justice.
- A new configuration setting named ``pyramid.includes`` is now available.
It is described in the "Environment Variables and ``.ini`` Files Settings"
narrative documentation chapter.
- Added a ``route_prefix`` argument to the
``pyramid.config.Configurator.include`` method. This argument allows you
to compose URL dispatch applications together. See the section entitled
"Using a Route Prefix to Compose Applications" in the "URL Dispatch"
narrative documentation chapter.
- Added a ```` constant for use in
``permission=`` statements to view configuration. This constant has a
value of the string ``__no_permission_required__``. This string value was
previously referred to in documentation; now the documentation uses the
- Added a decorator-based way to configure a response adapter:
``pyramid.response.response_adapter``. This decorator has the same use as
``pyramid.config.Configurator.add_response_adapter`` but it's declarative.
- The ```` event now has an attribute named
``rendering_val``. This can be used to introspect the value returned by a
view in a BeforeRender subscriber.
- New configurator directive: ``pyramid.config.Configurator.add_tween``.
This directive adds a "tween". A "tween" is used to wrap the Pyramid
router's primary request handling function. This is a feature may be used
by Pyramid framework extensions, to provide, for example, view timing
support and as a convenient place to hang bookkeeping code.
Tweens are further described in the narrative docs section in the Hooks
chapter, named "Registering Tweens".
- New paster command ``paster ptweens``, which prints the current "tween"
configuration for an application. See the section entitled "Displaying
Tweens" in the Command-Line Pyramid chapter of the narrative documentation
for more info.
- The Pyramid debug logger now uses the standard logging configuration
(usually set up by Paste as part of startup). This means that output from
e.g. ``debug_notfound``, ``debug_authorization``, etc. will go to the
normal logging channels. The logger name of the debug logger will be the
package name of the *caller* of the Configurator's constructor.
- A new attribute is available on request objects: ``exc_info``. Its value
will be ``None`` until an exception is caught by the Pyramid router, after
which it will be the result of ``sys.exc_info()``.
- ``pyramid.testing.DummyRequest`` now implements the
``add_finished_callback`` and ``add_response_callback`` methods.
- New methods of the ``pyramid.config.Configurator`` class:
``set_authentication_policy`` and ``set_authorization_policy``. These are
meant to be consumed mostly by add-on authors.
- New Configurator method: ``set_root_factory``.
- Pyramid no longer eagerly commits some default configuration statements at
Configurator construction time, which permits values passed in as
constructor arguments (e.g. ``authentication_policy`` and
``authorization_policy``) to override the same settings obtained via an
- Better Mako rendering exceptions via
- New request methods: ``current_route_url``, ``current_route_path``, and
- New functions in ``pyramid.url``: ``current_route_path`` and
- The ``pyramid.request.Request.static_url`` API (and its brethren
``pyramid.request.Request.static_path``, ``pyramid.url.static_url``, and
``pyramid.url.static_path``) now accept an asbolute filename as a "path"
argument. This will generate a URL to an asset as long as the filename is
in a directory which was previously registered as a static view.
Previously, trying to generate a URL to an asset using an absolute file
path would raise a ValueError.
- The ``RemoteUserAuthenticationPolicy ``, ``AuthTktAuthenticationPolicy``,
and ``SessionAuthenticationPolicy`` constructors now accept an additional
keyword argument named ``debug``. By default, this keyword argument is
``False``. When it is ``True``, debug information will be sent to the
Pyramid debug logger (usually on stderr) when the ``authenticated_userid``
or ``effective_principals`` method is called on any of these policies. The
output produced can be useful when trying to diagnose
authentication-related problems.
- New view predicate: ``match_param``. Example: a view added via
``config.add_view(aview, match_param='action=edit')`` will be called only
when the ``request.matchdict`` has a value inside it named ``action`` with
a value of ``edit``.
- The Pyramid "exception view" machinery is now implemented as a "tween"
- WSGIHTTPException (HTTPFound, HTTPNotFound, etc) now has a new API named
"prepare" which renders the body and content type when it is provided with
a WSGI environ. Required for debug toolbar.
- Once ``__call__`` or ``prepare`` is called on a WSGIHTTPException, the body
will be set, and subsequent calls to ``__call__`` will always return the
same body. Delete the body attribute to rerender the exception body.
- Previously the ```` event *wrapped* a dictionary
(it addressed it as its ``_system`` attribute). Now it *is* a dictionary
(it inherits from ``dict``), and it's the value that is passed to templates
as a top-level dictionary.
- The ``route_url``, ``route_path``, ``resource_url``, ``static_url``, and
``current_route_url`` functions in the ``pyramid.url`` package now delegate
to a method on the request they've been passed, instead of the other way
around. The pyramid.request.Request object now inherits from a mixin named
pyramid.url.URLMethodsMixin to make this possible, and all url/path
generation logic is embedded in this mixin.
- Refactor ``pyramid.config`` into a package.
- Removed the ``_set_security_policies`` method of the Configurator.
- Moved the ``StaticURLInfo`` class from ``pyramid.static`` to
- Move the ``Settings`` class from ``pyramid.settings`` to
- Move the ``OverrideProvider``, ``PackageOverrides``, ``DirectoryOverride``,
and ``FileOverride`` classes from ``pyramid.asset`` to
- All Pyramid-related deployment settings (e.g. ``debug_all``,
``debug_notfound``) are now meant to be prefixed with the prefix
``pyramid.``. For example: ``debug_all`` -> ``pyramid.debug_all``. The
old non-prefixed settings will continue to work indefinitely but supplying
them may eventually print a deprecation warning. All scaffolds and
tutorials have been changed to use prefixed settings.
- The ``settings`` dictionary now raises a deprecation warning when you
attempt to access its values via ``__getattr__`` instead of
via ``__getitem__``.
Backwards Incompatibilities
- If a string is passed as the ``debug_logger`` parameter to a Configurator,
that string is considered to be the name of a global Python logger rather
than a dotted name to an instance of a logger.
- The ``pyramid.config.Configurator.include`` method now accepts only a
single ``callable`` argument (a sequence of callables used to be
permitted). If you are passing more than one ``callable`` to
``pyramid.config.Configurator.include``, it will break. You now must now
instead make a separate call to the method for each callable. This change
was introduced to support the ``route_prefix`` feature of include.
- It may be necessary to more strictly order configuration route and view
statements when using an "autocommitting" Configurator. In the past, it
was possible to add a view which named a route name before adding a route
with that name when you used an autocommitting configurator. For example::
config = Configurator(autocommit=True)
config.add_view('my.pkg.someview', route_name='foo')
config.add_route('foo', '/foo')
The above will raise an exception when the view attempts to add itself.
Now you must add the route before adding the view::
config = Configurator(autocommit=True)
config.add_route('foo', '/foo')
config.add_view('my.pkg.someview', route_name='foo')
This won't effect "normal" users, only people who have legacy BFG codebases
that used an autommitting configurator and possibly tests that use the
configurator API (the configurator returned by ``pyramid.testing.setUp`` is
an autocommitting configurator). The right way to get around this is to
use a non-autocommitting configurator (the default), which does not have
these directive ordering requirements.
- The ``pyramid.config.Configurator.add_route`` directive no longer returns a
route object. This change was required to make route vs. view
configuration processing work properly.
- Narrative and API documentation which used the ``route_url``,
``route_path``, ``resource_url``, ``static_url``, and ``current_route_url``
functions in the ``pyramid.url`` package have now been changed to use
eponymous methods of the request instead.
- Added a section entitled "Using a Route Prefix to Compose Applications" to
the "URL Dispatch" narrative documentation chapter.
- Added a new module to the API docs: ``pyramid.tweens``.
- Added a "Registering Tweens" section to the "Hooks" narrative chapter.
- Added a "Displaying Tweens" section to the "Command-Line Pyramid" narrative
- Added documentation for the ``pyramid.tweens`` and ``pyramid.includes``
configuration settings to the "Environment Variables and ``.ini`` Files
Settings" chapter.
- Added a Logging chapter to the narrative docs (based on the Pylons logging
docs, thanks Phil).
- Added a Paste chapter to the narrative docs (moved content from the Project
- Added the ``pyramid.interfaces.IDict`` interface representing the methods
of a dictionary, for documentation purposes only (IMultiDict and
IBeforeRender inherit from it).
- All tutorials now use - The ``route_url``, ``route_path``,
``resource_url``, ``static_url``, and ``current_route_url`` methods of the
request rather than the function variants imported from ``pyramid.url``.
- The ZODB wiki tutorial now uses the ``pyramid_zodbconn`` package rather
than the ``repoze.zodbconn`` package to provide ZODB integration.
Dependency Changes
- Pyramid now relies on PasteScript >= 1.7.4. This version contains a
feature important for allowing flexible logging configuration.
- All scaffolds now use the ``pyramid_tm`` package rather than the
``repoze.tm2`` middleware to manage transaction management.
- The ZODB scaffold now uses the ``pyramid_zodbconn`` package rather than the
``repoze.zodbconn`` package to provide ZODB integration.
- All scaffolds now use the ``pyramid_debugtoolbar`` package rather than the
``WebError`` package to provide interactive debugging features.
- Projects created via a scaffold no longer depend on the ``WebError``
package at all; configuration in the ``production.ini`` file which used to
require its ``error_catcher`` middleware has been removed. Configuring
error catching / email sending is now the domain of the ``pyramid_exclog``
package (see
Bug Fixes
- Fixed an issue with the default renderer not working at certain times. See
Jump to Line
Something went wrong with that request. Please try again.