/
CHANGELOG
142 lines (126 loc) · 6.59 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
Beaker Changelog
================
1.0 (8/13/2008)
* Added cookie delete to both cookie only sessions and normal sessions, to
help with proxies and such that may determine whether a user is logged in
via a cookie. (cookie varies, etc.). Suggested by Felix Schwarz.
* cache.get_value() now uses the given **kwargs in all cases in the same
manner as cache.set_value(). This way you can send a new createfunc
to cache.get_value() each time and it will be used.
0.9.5 (6/19/2008)
* Fixed bug in memcached to be tolerant of keys disappearing when memcached
expires them.
* Fixed the cache functionality to actually work, previously set_value was
ignored if there was already a value set.
0.9.4 (4/13/2008)
* Adding 'google' backend datastore, available by specifying 'google' as the
cache/session type. Note that this takes an optional table_name used to name
the model class used.
* SECURITY BUG: Fixed security issue with Beaker not properly removing
directory escaping characters from the session ID when un-signed sessions
are used. Reported with patch by Felix Schwarz.
* Fixed bug with Beaker not playing well with Registry when its placed above
it in the stack. Thanks Wichert Akkerman.
0.9.3 (2/28/2008)
* Adding 'id' to cookie-based sessions for better compatibility.
* Fixed error with exception still raised for PyCrypto missing.
* WARNING: Session middleware no longer catches Paste HTTP Exceptions, apps
are now expected to capture and handle Paste HTTP Exceptions themselves.
* Fixed Python 2.4 compatibility bug in hmac.
* Fixed key lookup bug on cache object to only use the settings for the key
lookup. Found by Andrew Stromnov.
0.9.2 (2/13/2008)
* Added option to make Beaker use a secure cookie.
* Removed CTRCipher as pycryptopp doesn't need it.
* Changed AES to use 256 bit.
* Fixed signing code to use hmac with sha for better signing security.
* Fixed memcached code to use delete_multi on clearing the keys for efficiency
and updated key retrieval to properly store and retrieve None values.
* Removing cookie.py and signed cookie middleware, as the environ_key option
for session middleware provides a close enough setting.
* Added option to use just cookie-based sessions without requiring
encryption.
* Switched encryption requirement from PyCrypto to pycryptopp which uses a
proper AES in Counter Mode.
0.9.1 (2/4/2008)
* Fixed bug in middleware using module that wasn't imported.
0.9 (12/17/07)
* Fixed bug in memcached replace to actually replace spaces properly.
* Fixed md5 cookie signature to use SHA-1 when available.
* Updated cookie-based session storage to use 256-bit AES-CTR mode with a
SHA-1 HMAC signature. Now requires PyCrypto to use for AES scheme.
* WARNING: Moved session and cache middleware to middleware, as per the old
deprecation warnings had said was going to happen for 0.8.
* Added cookie-only session storage with RC4 ciphered encryption, requires
Python 2.4.
* Add the ability to specify the cookie's domain for sessions.
0.8.1 (11/15/07)
* Fixed bug in database.py not properly handling missing sqlalchemy library.
0.8 (10/17/07)
* Fixed bug in prior db update causing session to occasionally not be written
back to the db.
* Fixed memcached key error with keys containing spaces. Thanks Jim Musil.
* WARNING: Major change to ext:database to use a single row per namespace.
Additionally, there's an accessed and created column present to support
easier deletion of old cache/session data. You *will* need to drop any
existing tables being used by the ext:database backend.
* Streamline ext:database backend to avoid unnecessary database selects for
repeat data.
* Added SQLAlchemy 0.4 support to ext:database backend.
0.7.5 (08/18/07)
* Fixed data_dir parsing for session string coercions, no longer picks up None
as a data_dir.
* Fixed session.get_by_id to lookup recently saved sessions properly, also
updates session with creation/access time upon save.
* Add unit tests for get_by_id function. Updated get_by_id to not result in
additional session files.
* Added session.get_by_id function to retrieve a session of the given id.
0.7.4 (07/09/07)
* Fixed issue with Beaker not properly handling arguments as Pylons may pass
them in.
* Fixed unit test to catch file removal exception.
* Fixed another bug in synchronization, this one involving reentrant
conditions with file synchronization
* If a file open fails due to pickling errors, locks just opened
are released unconditionally
0.7.3 (06/08/07)
* Beaker was not properly parsing input options to session middleware. Thanks
to Yannick Gingras and Timothy S for spotting the issue.
* Changed session to only send the cookie header if its a new session and
save() was called. Also only creates the session file under these
conditions.
0.7.2 (05/19/07)
* Added deprecation warning for middleware move, relocated middleware to cache
and session modules for backwards compatibility.
0.7.1 05/18/07)
* adjusted synchronization logic to account for Mako/new Cache object's
multithreaded usage of Container.
0.7 (05/18/07)
* WARNING: Cleaned up Cache object based on Mako cache object, this changes
the call interface slightly for creating a Cache object directly. The
middleware cache object is unaffected from an end-user view. This change
also avoids duplicate creations of Cache objects.
* Adding database backend and unit tests.
* Added memcached test, fixed memcached namespace arg passing.
* Fixed session and cache tests, still failing syncdict test. Added doctests
for Cache and Session middleware.
* Cleanup of container/cache/container_test
* Namespaces no longer require a context, removed NamespaceContext?
* Logging in container.py uses logging module
* Cleanup of argument passing, use name **kwargs instead of **params for
generic kwargs
* Container classes contain a static create_namespace() method, namespaces are
accessed from the ContainerContext? via string name + container class alone
* Implemented (but not yet tested) clear() method on Cache, locates all
Namespaces used thus far and clears each one based on its keys() collection
* Fixed Cache.clear() method to actually clear the Cache namespace.
* Updated memcached backend to split servers on ';' for multiple memcached
backends.
* Merging MyghtyUtils code into Beaker.
0.6.3 (03/18/2007)
* Added api with customized Session that doesn't require a Myghty request
object, just a dict. Updated session to use the new version.
* Removing unicode keys as some dbm backends can't handle unicode keys.
* Adding core files that should've been here.
* More stringent checking for existence of a session.
* Avoid recreating the session object when it's empty.