From 4245b85e8041c87b9eb7ebd60707813d05d7e004 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Mon, 1 May 2017 21:30:09 -0500 Subject: really add whatsnew-1.9 --- docs/whatsnew-1.9.rst | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 docs/whatsnew-1.9.rst (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst new file mode 100644 index 000000000..7ceefbf49 --- /dev/null +++ b/docs/whatsnew-1.9.rst @@ -0,0 +1,49 @@ +What's New in Pyramid 1.9 +========================= + +This article explains the new features in :app:`Pyramid` version 1.9 as compared to its predecessor, :app:`Pyramid` 1.8. It also documents backwards incompatibilities between the two versions and deprecations added to :app:`Pyramid` 1.9, as well as software dependency changes and notable documentation additions. + +Major Feature Additions +----------------------- + +- The file format used by all ``p*`` command line scripts such as ``pserve`` and ``pshell``, as well as the :func:`pyramid.paster.bootstrap` function is now replaceable thanks to a new dependency on `plaster `_. + + For now, Pyramid is still shipping with integrated support for the PasteDeploy INI format by depending on the ``plaster_pastedeploy`` binding library. This may change in the future so it is recommended for applications to start depending on the appropriate plaster binding for their needs. + + See https://github.com/Pylons/pyramid/pull/2985 + +- Added an :term:`execution policy` hook to the request pipeline. An execution policy has the ability to control creation and execution of the request objects before they enter the rest of the pipeline. This means for a single request environ the policy may create more than one request object. + + The execution policy can be replaced using the new :meth:`pyramid.config.Configurator.set_execution_policy` config directive. + + The first library to use this feature is `pyramid_retry `_. + + See https://github.com/Pylons/pyramid/pull/2964 + +- CSRF support has been refactored out of sessions and into its own independent API in the :mod:`pyramid.csrf` module. It supports a pluggable :class:`pyramid.interfaces.ICSRFStoragePolicy` which can be used to define your own mechanism for generating and validating CSRF tokens. By default, Pyramid continues to use the :class:`pyramid.csrf.LegacySessionCSRFStoragePolicy` that uses the ``request.session.get_csrf_token`` and ``request.session.new_csrf_token`` APIs under the hood to preserve compatibility with older Pyramid applications. Two new policies are shipped as well, :class:`pyramid.csrf.SessionCSRFStoragePolicy` and :class:`pyramid.csrf.CookieCSRFStoragePolicy` which will store the CSRF tokens in the session and in a standalone cookie, respectively. The storage policy can be changed by using the new :meth:`pyramid.config.Configurator.set_csrf_storage_policy` config directive. + + CSRF tokens should be used via the new :func:`pyramid.csrf.get_csrf_token`, :func:`pyramid.csrf.new_csrf_token` and :func:`pyramid.csrf.check_csrf_token`` APIs in order to continue working if the storage policy is changed. Also, the :func:`pyramid.csrf.get_csrf_token` function is now injected into templates to be used conveniently in UI code. + + See https://github.com/Pylons/pyramid/pull/2854 and https://github.com/Pylons/pyramid/pull/3019 + +Minor Feature Additions +----------------------- + +- Support an ``open_url`` config setting in the ``pserve`` section of the config file. This url is used to open a web browser when ``pserve --browser`` is invoked. When this setting is unavailable the ``pserve`` script will attempt to guess the port the server is using from the ``server:`` section of the config file but there is no requirement that the server is being run in this format so it may fail. See https://github.com/Pylons/pyramid/pull/2984 + +- The :class:`pyramid.config.Configurator` can now be used as a context manager which will automatically push/pop threadlocals (similar to :meth:`pyramid.config.Configurator.begin` and `pyramid.config.Configurator.end`). It will also automatically perform a :meth:`pyramid.config.Configurator.commit` at the end and thus it is only recommended to be used at the top-level of your app. See https://github.com/Pylons/pyramid/pull/2874 + +- The threadlocals are now available inside any function invoked via :meth:`pyramid.config.Configurator.include`. This means the only config-time code that cannot rely on threadlocals is code executed from non-actions inside the main. This can be alleviated by invoking :meth:`pyramid.config.Configurator.begin` and :meth:`pyramid.config.Configurator.end` appropriately or using the new context manager feature of the configurator. See https://github.com/Pylons/pyramid/pull/2989 + +Deprecations +------------ + +- Pyramid currently depends on ``plaster_pastedeploy`` to simplify the transition to ``plaster`` by maintaining integrated support for INI files. This dependency on ``plaster_pastedeploy`` should be considered subject to Pyramid's deprecation policy and is subject to removal in the future. Applications should depend on the appropriate plaster binding to satisfy their needs. + +- Retrieving CSRF token from the session has been deprecated in favor of equivalent methods in the :mod:`pyramid.csrf` module. The CSRF methods (``ISession.get_csrf_token`` and ``ISession.new_csrf_token``) are no longer required on the :class:`pyramid.interfaces.ISession` interface except when using the default :class:`pyramid.csrf.LegacySessionCSRFStoragePolicy`. + + Also, ``pyramid.session.check_csrf_token`` is now located at + :func:`pyramid.csrf.check_csrf_token`. + + See https://github.com/Pylons/pyramid/pull/2854 and + https://github.com/Pylons/pyramid/pull/3019 -- cgit v1.2.3 From fdd77da6231fa9286c3f6fa494ae0731570e0134 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Mon, 1 May 2017 21:42:54 -0500 Subject: link to plaster_pastedeploy --- docs/whatsnew-1.9.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index 7ceefbf49..291f731ed 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -8,7 +8,7 @@ Major Feature Additions - The file format used by all ``p*`` command line scripts such as ``pserve`` and ``pshell``, as well as the :func:`pyramid.paster.bootstrap` function is now replaceable thanks to a new dependency on `plaster `_. - For now, Pyramid is still shipping with integrated support for the PasteDeploy INI format by depending on the ``plaster_pastedeploy`` binding library. This may change in the future so it is recommended for applications to start depending on the appropriate plaster binding for their needs. + For now, Pyramid is still shipping with integrated support for the PasteDeploy INI format by depending on the `plaster_pastedeploy Date: Mon, 1 May 2017 21:49:28 -0500 Subject: fix rst syntax --- docs/whatsnew-1.9.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index 291f731ed..dd5ab894d 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -31,7 +31,7 @@ Minor Feature Additions - Support an ``open_url`` config setting in the ``pserve`` section of the config file. This url is used to open a web browser when ``pserve --browser`` is invoked. When this setting is unavailable the ``pserve`` script will attempt to guess the port the server is using from the ``server:`` section of the config file but there is no requirement that the server is being run in this format so it may fail. See https://github.com/Pylons/pyramid/pull/2984 -- The :class:`pyramid.config.Configurator` can now be used as a context manager which will automatically push/pop threadlocals (similar to :meth:`pyramid.config.Configurator.begin` and `pyramid.config.Configurator.end`). It will also automatically perform a :meth:`pyramid.config.Configurator.commit` at the end and thus it is only recommended to be used at the top-level of your app. See https://github.com/Pylons/pyramid/pull/2874 +- The :class:`pyramid.config.Configurator` can now be used as a context manager which will automatically push/pop threadlocals (similar to :meth:`pyramid.config.Configurator.begin` and :meth:`pyramid.config.Configurator.end`). It will also automatically perform a :meth:`pyramid.config.Configurator.commit` at the end and thus it is only recommended to be used at the top-level of your app. See https://github.com/Pylons/pyramid/pull/2874 - The threadlocals are now available inside any function invoked via :meth:`pyramid.config.Configurator.include`. This means the only config-time code that cannot rely on threadlocals is code executed from non-actions inside the main. This can be alleviated by invoking :meth:`pyramid.config.Configurator.begin` and :meth:`pyramid.config.Configurator.end` appropriately or using the new context manager feature of the configurator. See https://github.com/Pylons/pyramid/pull/2989 -- cgit v1.2.3 From 7850884719c94c0721748b5458504cb8a9d242c8 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Mon, 1 May 2017 21:54:55 -0500 Subject: add changelog for #2993 --- docs/whatsnew-1.9.rst | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index dd5ab894d..e57ed254d 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -47,3 +47,9 @@ Deprecations See https://github.com/Pylons/pyramid/pull/2854 and https://github.com/Pylons/pyramid/pull/3019 + +Documentation Enhancements +-------------------------- + +- Added the :term:`execution policy` to the routing diagram in + :ref:`router_chapter`. See https://github.com/Pylons/pyramid/pull/2993 -- cgit v1.2.3 From 2aebc688c6a81b1baef01791e1cf3c9907c7c3ee Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Mon, 1 May 2017 22:07:55 -0500 Subject: line length fixes in whatsnew-1.9 --- docs/whatsnew-1.9.rst | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index e57ed254d..5f9e0e011 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -38,18 +38,15 @@ Minor Feature Additions Deprecations ------------ -- Pyramid currently depends on ``plaster_pastedeploy`` to simplify the transition to ``plaster`` by maintaining integrated support for INI files. This dependency on ``plaster_pastedeploy`` should be considered subject to Pyramid's deprecation policy and is subject to removal in the future. Applications should depend on the appropriate plaster binding to satisfy their needs. +- Pyramid currently depends on ``plaster_pastedeploy`` to simplify the transition to ``plaster`` by maintaining integrated support for INI files. This dependency on ``plaster_pastedeploy`` should be considered subject to Pyramid's deprecation policy and may be removed in the future. Applications should depend on the appropriate plaster binding to satisfy their needs. - Retrieving CSRF token from the session has been deprecated in favor of equivalent methods in the :mod:`pyramid.csrf` module. The CSRF methods (``ISession.get_csrf_token`` and ``ISession.new_csrf_token``) are no longer required on the :class:`pyramid.interfaces.ISession` interface except when using the default :class:`pyramid.csrf.LegacySessionCSRFStoragePolicy`. - Also, ``pyramid.session.check_csrf_token`` is now located at - :func:`pyramid.csrf.check_csrf_token`. + Also, ``pyramid.session.check_csrf_token`` is now located at :func:`pyramid.csrf.check_csrf_token`. - See https://github.com/Pylons/pyramid/pull/2854 and - https://github.com/Pylons/pyramid/pull/3019 + See https://github.com/Pylons/pyramid/pull/2854 and https://github.com/Pylons/pyramid/pull/3019 Documentation Enhancements -------------------------- -- Added the :term:`execution policy` to the routing diagram in - :ref:`router_chapter`. See https://github.com/Pylons/pyramid/pull/2993 +- Added the :term:`execution policy` to the routing diagram in :ref:`router_chapter`. See https://github.com/Pylons/pyramid/pull/2993 -- cgit v1.2.3 From c273cd0471afe365d9bd8a793a81897a9e713aab Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Mon, 1 May 2017 22:57:19 -0500 Subject: fix url syntax --- docs/whatsnew-1.9.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index 5f9e0e011..b1a406a74 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -8,7 +8,7 @@ Major Feature Additions - The file format used by all ``p*`` command line scripts such as ``pserve`` and ``pshell``, as well as the :func:`pyramid.paster.bootstrap` function is now replaceable thanks to a new dependency on `plaster `_. - For now, Pyramid is still shipping with integrated support for the PasteDeploy INI format by depending on the `plaster_pastedeploy `_ binding library. This may change in the future so it is recommended for applications to start depending on the appropriate plaster binding for their needs. See https://github.com/Pylons/pyramid/pull/2985 -- cgit v1.2.3 From ab8c57811d904377416c2786670ecf0e81d8ca33 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Thu, 4 May 2017 00:26:20 -0500 Subject: add incompatibilities to whatsnew --- docs/whatsnew-1.9.rst | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index b1a406a74..f49258662 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -46,6 +46,29 @@ Deprecations See https://github.com/Pylons/pyramid/pull/2854 and https://github.com/Pylons/pyramid/pull/3019 +Backward Incompatibilities +-------------------------- + +- ``request.exception`` and ``request.exc_info`` will only be set if the + response was generated by the EXCVIEW tween. This is to avoid any confusion + where a response was generated elsewhere in the pipeline and not in + direct relation to the original exception. If anyone upstream wants to + catch and render responses for exceptions they should set + ``request.exception`` and ``request.exc_info`` themselves to indicate + the exception that was squashed when generating the response. + + Similar behavior occurs with + :meth:`pyramid.request.Request.invoke_exception_view` in which + the exception properties are set to reflect the exception if a response + is successfully generated by the method. + + This is a very minor incompatibility. Most tweens right now would give + priority to the raised exception and ignore ``request.exception``. This + change just improves and clarifies that bookkeeping by trying to be + more clear about the relationship between the response and its squashed + exception. See https://github.com/Pylons/pyramid/pull/3029 and + https://github.com/Pylons/pyramid/pull/3031 + Documentation Enhancements -------------------------- -- cgit v1.2.3 From d1745247edae01ef934acf5bb206d29952a99dbf Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Thu, 4 May 2017 00:27:18 -0500 Subject: line length --- docs/whatsnew-1.9.rst | 24 +++++------------------- 1 file changed, 5 insertions(+), 19 deletions(-) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index f49258662..0ba29625c 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -49,25 +49,11 @@ Deprecations Backward Incompatibilities -------------------------- -- ``request.exception`` and ``request.exc_info`` will only be set if the - response was generated by the EXCVIEW tween. This is to avoid any confusion - where a response was generated elsewhere in the pipeline and not in - direct relation to the original exception. If anyone upstream wants to - catch and render responses for exceptions they should set - ``request.exception`` and ``request.exc_info`` themselves to indicate - the exception that was squashed when generating the response. - - Similar behavior occurs with - :meth:`pyramid.request.Request.invoke_exception_view` in which - the exception properties are set to reflect the exception if a response - is successfully generated by the method. - - This is a very minor incompatibility. Most tweens right now would give - priority to the raised exception and ignore ``request.exception``. This - change just improves and clarifies that bookkeeping by trying to be - more clear about the relationship between the response and its squashed - exception. See https://github.com/Pylons/pyramid/pull/3029 and - https://github.com/Pylons/pyramid/pull/3031 +- ``request.exception`` and ``request.exc_info`` will only be set if the response was generated by the EXCVIEW tween. This is to avoid any confusion where a response was generated elsewhere in the pipeline and not in direct relation to the original exception. If anyone upstream wants to catch and render responses for exceptions they should set ``request.exception`` and ``request.exc_info`` themselves to indicate the exception that was squashed when generating the response. + + Similar behavior occurs with :meth:`pyramid.request.Request.invoke_exception_view` in which the exception properties are set to reflect the exception if a response is successfully generated by the method. + + This is a very minor incompatibility. Most tweens right now would give priority to the raised exception and ignore ``request.exception``. This change just improves and clarifies that bookkeeping by trying to be more clear about the relationship between the response and its squashed exception. See https://github.com/Pylons/pyramid/pull/3029 and https://github.com/Pylons/pyramid/pull/3031 Documentation Enhancements -------------------------- -- cgit v1.2.3 From cdd0a86b46ecf0a16403ccf780c87f2c938b3e0c Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Sun, 11 Jun 2017 22:53:10 -0500 Subject: update whatsnew-1.9 --- docs/whatsnew-1.9.rst | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index 0ba29625c..eca159d4c 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -35,6 +35,10 @@ Minor Feature Additions - The threadlocals are now available inside any function invoked via :meth:`pyramid.config.Configurator.include`. This means the only config-time code that cannot rely on threadlocals is code executed from non-actions inside the main. This can be alleviated by invoking :meth:`pyramid.config.Configurator.begin` and :meth:`pyramid.config.Configurator.end` appropriately or using the new context manager feature of the configurator. See https://github.com/Pylons/pyramid/pull/2989 +- The threadlocals are now available inside exception views invoked via :meth:`pyramid.request.Request.invoke_exception_view` even when the ``request`` argument is overridden. See https://github.com/Pylons/pyramid/pull/3060 + +- When unsupported predicates are supplied to :meth:`pyramid.config.Configurator.add_view`, :meth:`pyramid.config.Configurator.add_route` and :meth:`pyramid.config.Configurator.add_subscriber` a much more helpful error message is output with a guess as to which predicate was intended. See https://github.com/Pylons/pyramid/pull/3054 + Deprecations ------------ -- cgit v1.2.3 From 975b025c7952d148392cc17b48388a4ee5dcbd45 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Thu, 15 Jun 2017 00:39:57 -0500 Subject: update whatsnew-1.9 --- docs/whatsnew-1.9.rst | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index eca159d4c..0c3385a66 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -39,6 +39,8 @@ Minor Feature Additions - When unsupported predicates are supplied to :meth:`pyramid.config.Configurator.add_view`, :meth:`pyramid.config.Configurator.add_route` and :meth:`pyramid.config.Configurator.add_subscriber` a much more helpful error message is output with a guess as to which predicate was intended. See https://github.com/Pylons/pyramid/pull/3054 +- Normalize the permission results to a proper class hierarchy. :class:`pyramid.security.ACLAllowed` is now a subclass of :class:`pyramid.security.Allowed` and :class:`pyramid.security.ACLDenied` is now a subclass of :class:`pyramid.security.Denied`. See https://github.com/Pylons/pyramid/pull/3084 + Deprecations ------------ -- cgit v1.2.3 From 5c437abba0926f6093efbd481e49763de2436665 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Sun, 18 Jun 2017 00:18:13 -0500 Subject: add changelog for #3088 --- docs/whatsnew-1.9.rst | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index 0c3385a66..9e9c1614d 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -41,6 +41,8 @@ Minor Feature Additions - Normalize the permission results to a proper class hierarchy. :class:`pyramid.security.ACLAllowed` is now a subclass of :class:`pyramid.security.Allowed` and :class:`pyramid.security.ACLDenied` is now a subclass of :class:`pyramid.security.Denied`. See https://github.com/Pylons/pyramid/pull/3084 +- Add a ``quote_via`` argument to :func:`pyramid.encode.urlencode` to follow the stdlib's version and enable custom quoting functions. See https://github.com/Pylons/pyramid/pull/3088 + Deprecations ------------ -- cgit v1.2.3 From 53cfb8383593288f5114c1a31a6253987e9233bd Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Mon, 19 Jun 2017 21:43:03 -0500 Subject: update the whatsnew-1.9 with changes from #3034 --- docs/whatsnew-1.9.rst | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index 9e9c1614d..3c2e75d5c 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -43,6 +43,8 @@ Minor Feature Additions - Add a ``quote_via`` argument to :func:`pyramid.encode.urlencode` to follow the stdlib's version and enable custom quoting functions. See https://github.com/Pylons/pyramid/pull/3088 +- Support `_query=None` and `_anchor=None` in :meth:`pyramid.request.Request.route_url` as well as ``query=None`` and ``anchor=None`` in :meth:`pyramid.request.Request.resource_url`. Previously this would cause an `?` and a `#`, respectively, in the url with nothing after it. Now the unnecessary parts are dropped from the generated URL. See https://github.com/Pylons/pyramid/pull/3034 + Deprecations ------------ -- cgit v1.2.3 From 068010176a6bb4ea98a0598600dc5f571a2a0502 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Mon, 19 Jun 2017 23:47:13 -0500 Subject: mention check_csrf_origin moving to the pyramid.csrf module --- docs/whatsnew-1.9.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index 3c2e75d5c..77a84e431 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -52,7 +52,7 @@ Deprecations - Retrieving CSRF token from the session has been deprecated in favor of equivalent methods in the :mod:`pyramid.csrf` module. The CSRF methods (``ISession.get_csrf_token`` and ``ISession.new_csrf_token``) are no longer required on the :class:`pyramid.interfaces.ISession` interface except when using the default :class:`pyramid.csrf.LegacySessionCSRFStoragePolicy`. - Also, ``pyramid.session.check_csrf_token`` is now located at :func:`pyramid.csrf.check_csrf_token`. + Also, ``pyramid.session.check_csrf_token`` is now located at :func:`pyramid.csrf.check_csrf_token` and ``pyramid.session.check_csrf_origin`` is moved to :func:`pyramid.csrf.check_csrf_origin`. See https://github.com/Pylons/pyramid/pull/2854 and https://github.com/Pylons/pyramid/pull/3019 -- cgit v1.2.3 From 19d341b5be789e97000d3dcbd33de75d8b061829 Mon Sep 17 00:00:00 2001 From: Steve Piercy Date: Mon, 26 Jun 2017 03:48:21 -0700 Subject: change http://docs.pylonsproject.org to https - use correct URL for code style - use correct Pyramid version for zodb wiki src file template --- docs/whatsnew-1.9.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index 77a84e431..ea3b4b350 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -6,7 +6,7 @@ This article explains the new features in :app:`Pyramid` version 1.9 as compared Major Feature Additions ----------------------- -- The file format used by all ``p*`` command line scripts such as ``pserve`` and ``pshell``, as well as the :func:`pyramid.paster.bootstrap` function is now replaceable thanks to a new dependency on `plaster `_. +- The file format used by all ``p*`` command line scripts such as ``pserve`` and ``pshell``, as well as the :func:`pyramid.paster.bootstrap` function is now replaceable thanks to a new dependency on `plaster `_. For now, Pyramid is still shipping with integrated support for the PasteDeploy INI format by depending on the `plaster_pastedeploy `_ binding library. This may change in the future so it is recommended for applications to start depending on the appropriate plaster binding for their needs. @@ -16,7 +16,7 @@ Major Feature Additions The execution policy can be replaced using the new :meth:`pyramid.config.Configurator.set_execution_policy` config directive. - The first library to use this feature is `pyramid_retry `_. + The first library to use this feature is `pyramid_retry `_. See https://github.com/Pylons/pyramid/pull/2964 -- cgit v1.2.3 From 32c61ca8eb935c3d4ffbe844c526aad1bf3366d1 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Mon, 26 Jun 2017 23:41:28 -0500 Subject: explain more clearly the exception view changes --- docs/whatsnew-1.9.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'docs/whatsnew-1.9.rst') diff --git a/docs/whatsnew-1.9.rst b/docs/whatsnew-1.9.rst index ea3b4b350..17d6126d6 100644 --- a/docs/whatsnew-1.9.rst +++ b/docs/whatsnew-1.9.rst @@ -18,6 +18,7 @@ Major Feature Additions The first library to use this feature is `pyramid_retry `_. + Pyramid's default :term:`execution policy` will attempt to handle and render uncaught exceptions. This is a subtle, but fundamental, change indicating that an :term:`exception view` may expect to be called outside of the default ``EXCVIEW`` tween. There are various predicates available to assist in defining valid exception views for various parts of the pipeline. For example, ``pyramid_tm`` defines the ``tm_active=True`` predicate which can be applied to exception views that require access to the default transaction. In general this means that exception views may be expected to cover more possible error conditions, including when exceptions occur from tweens that are placed **OVER** the ``EXCVIEW`` tween. If necessary, when provided a ``response`` object, you may inspect ``request.exception`` or ``request.exc_info`` to determine if the response was generated as the result of an exception. See https://github.com/Pylons/pyramid/pull/2964 - CSRF support has been refactored out of sessions and into its own independent API in the :mod:`pyramid.csrf` module. It supports a pluggable :class:`pyramid.interfaces.ICSRFStoragePolicy` which can be used to define your own mechanism for generating and validating CSRF tokens. By default, Pyramid continues to use the :class:`pyramid.csrf.LegacySessionCSRFStoragePolicy` that uses the ``request.session.get_csrf_token`` and ``request.session.new_csrf_token`` APIs under the hood to preserve compatibility with older Pyramid applications. Two new policies are shipped as well, :class:`pyramid.csrf.SessionCSRFStoragePolicy` and :class:`pyramid.csrf.CookieCSRFStoragePolicy` which will store the CSRF tokens in the session and in a standalone cookie, respectively. The storage policy can be changed by using the new :meth:`pyramid.config.Configurator.set_csrf_storage_policy` config directive. -- cgit v1.2.3