From eb0a46010a119d3ede2e89e4b0a61cbfb533d473 Mon Sep 17 00:00:00 2001 From: jonathan vanasco Date: Tue, 5 Nov 2019 15:00:05 -0500 Subject: black 19.10b0 was released on 2019.10.28 and introduced several changes that affect Pyramid --- src/pyramid/threadlocal.py | 2 +- src/pyramid/traversal.py | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/src/pyramid/threadlocal.py b/src/pyramid/threadlocal.py index 7eca5b0f0..24bc0ec33 100644 --- a/src/pyramid/threadlocal.py +++ b/src/pyramid/threadlocal.py @@ -55,7 +55,7 @@ def get_current_request(): def get_current_registry( - context=None + context=None, ): # context required by getSiteManager API """ Return the currently active :term:`application registry` or the diff --git a/src/pyramid/traversal.py b/src/pyramid/traversal.py index 9ed5754b7..811c0881b 100644 --- a/src/pyramid/traversal.py +++ b/src/pyramid/traversal.py @@ -708,8 +708,8 @@ class ResourceTreeTraverser(object): ModelGraphTraverser = ( - ResourceTreeTraverser -) # b/w compat, not API, used in wild + ResourceTreeTraverser # b/w compat, not API, used in wild +) @implementer(IResourceURL) @@ -744,8 +744,8 @@ class ResourceURL(object): self.physical_path = physical_path # IResourceURL attr self.virtual_path_tuple = virtual_path_tuple # IResourceURL attr (1.5) self.physical_path_tuple = ( - physical_path_tuple - ) # IResourceURL attr (1.5) + physical_path_tuple # IResourceURL attr (1.5) + ) @lru_cache(1000) -- cgit v1.2.3 From 1d2b4fd13edc972dd4076500b1ec4cb972bef1c9 Mon Sep 17 00:00:00 2001 From: jonathan vanasco Date: Mon, 4 Nov 2019 16:59:41 -0500 Subject: deprecate PickleSerializer --- src/pyramid/session.py | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/pyramid/session.py b/src/pyramid/session.py index 70ac4f55f..adfe28a39 100644 --- a/src/pyramid/session.py +++ b/src/pyramid/session.py @@ -44,10 +44,24 @@ def manage_changed(wrapped): class PickleSerializer(object): - """ A serializer that uses the pickle protocol to dump Python - data to bytes. + """ + .. deprecated:: 2.0 + + .. warning:: + + In :app:`Pyramid` 2.0 the default ``serializer`` option changed to + use :class:`pyramid.session.JSONSerializer`, and ``PickleSerializer` + has been been removed from active Pyramid code. + + Pyramid will require JSON-serializable objects in :app:`Pyramid` 2.0. + + Please see :ref:`pickle_session_deprecation`. + + Also, please see: #2709, #3353, #3413 + + A serializer that uses the pickle protocol to dump Python data to bytes. - This is the default serializer used by Pyramid. + This was the default serializer used by Pyramid, but has been deprecated. ``protocol`` may be specified to control the version of pickle used. Defaults to :attr:`pickle.HIGHEST_PROTOCOL`. -- cgit v1.2.3 From 9264004c92adf731cd8164a63e199558ffdd2751 Mon Sep 17 00:00:00 2001 From: jonathan vanasco Date: Mon, 4 Nov 2019 17:45:44 -0500 Subject: changes based on feedback --- src/pyramid/session.py | 32 +++++++++++++++++++++----------- 1 file changed, 21 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/src/pyramid/session.py b/src/pyramid/session.py index adfe28a39..efac52140 100644 --- a/src/pyramid/session.py +++ b/src/pyramid/session.py @@ -49,15 +49,24 @@ class PickleSerializer(object): .. warning:: - In :app:`Pyramid` 2.0 the default ``serializer`` option changed to - use :class:`pyramid.session.JSONSerializer`, and ``PickleSerializer` - has been been removed from active Pyramid code. + In :app:`Pyramid` 2.0 the default ``serializer`` option changed to + use :class:`pyramid.session.JSONSerializer`, and ``PickleSerializer` + has been been removed from active Pyramid code. - Pyramid will require JSON-serializable objects in :app:`Pyramid` 2.0. + Pyramid will require JSON-serializable objects in :app:`Pyramid` 2.0. - Please see :ref:`pickle_session_deprecation`. + Please see :ref:`pickle_session_deprecation`. - Also, please see: #2709, #3353, #3413 + Also, please see these tickets: + + * 2.0 feature request: Require that sessions are JSON serializable #2709 + https://github.com/pylons/pyramid/issues/2709 + + * deprecate pickleable sessions, recommend json #3353 + https://github.com/Pylons/pyramid/pull/3353 + + * change to use JSONSerializer for SignedCookieSessionFactory #3413 + https://github.com/Pylons/pyramid/pull/3413 A serializer that uses the pickle protocol to dump Python data to bytes. @@ -75,8 +84,9 @@ class PickleSerializer(object): """Accept bytes and return a Python object.""" try: return pickle.loads(bstruct) - # at least ValueError, AttributeError, ImportError but more to be safe except Exception: + # this block should catch at least: + # ValueError, AttributeError, ImportError; but more to be safe raise ValueError def dumps(self, appstruct): @@ -452,10 +462,10 @@ def SignedCookieSessionFactory( .. warning:: - In :app:`Pyramid` 2.0 the default ``serializer`` option changed to - use :class:`pyramid.session.JSONSerializer`. See - :ref:`pickle_session_deprecation` for more information about why this - change was made. + In :app:`Pyramid` 2.0 the default ``serializer`` option changed to + use :class:`pyramid.session.JSONSerializer`. See + :ref:`pickle_session_deprecation` for more information about why this + change was made. .. versionadded: 1.5a3 -- cgit v1.2.3 From b6604fc39e542a78bc6cb4f009bf972ba4db098f Mon Sep 17 00:00:00 2001 From: jonathan vanasco Date: Mon, 4 Nov 2019 17:47:03 -0500 Subject: updated docstring issuet --- src/pyramid/session.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'src') diff --git a/src/pyramid/session.py b/src/pyramid/session.py index efac52140..d317b7c48 100644 --- a/src/pyramid/session.py +++ b/src/pyramid/session.py @@ -50,7 +50,7 @@ class PickleSerializer(object): .. warning:: In :app:`Pyramid` 2.0 the default ``serializer`` option changed to - use :class:`pyramid.session.JSONSerializer`, and ``PickleSerializer` + use :class:`pyramid.session.JSONSerializer`, and ``PickleSerializer`` has been been removed from active Pyramid code. Pyramid will require JSON-serializable objects in :app:`Pyramid` 2.0. @@ -74,7 +74,6 @@ class PickleSerializer(object): ``protocol`` may be specified to control the version of pickle used. Defaults to :attr:`pickle.HIGHEST_PROTOCOL`. - """ def __init__(self, protocol=pickle.HIGHEST_PROTOCOL): -- cgit v1.2.3 From 3bc31c66c41f795abdaa270645f1046f70a86e07 Mon Sep 17 00:00:00 2001 From: jonathan vanasco Date: Mon, 4 Nov 2019 17:56:27 -0500 Subject: fixed rst; migrated some inline references to the docs --- src/pyramid/session.py | 11 ----------- 1 file changed, 11 deletions(-) (limited to 'src') diff --git a/src/pyramid/session.py b/src/pyramid/session.py index d317b7c48..ededdaab7 100644 --- a/src/pyramid/session.py +++ b/src/pyramid/session.py @@ -57,17 +57,6 @@ class PickleSerializer(object): Please see :ref:`pickle_session_deprecation`. - Also, please see these tickets: - - * 2.0 feature request: Require that sessions are JSON serializable #2709 - https://github.com/pylons/pyramid/issues/2709 - - * deprecate pickleable sessions, recommend json #3353 - https://github.com/Pylons/pyramid/pull/3353 - - * change to use JSONSerializer for SignedCookieSessionFactory #3413 - https://github.com/Pylons/pyramid/pull/3413 - A serializer that uses the pickle protocol to dump Python data to bytes. This was the default serializer used by Pyramid, but has been deprecated. -- cgit v1.2.3 From 5a77d1dc082d0f2cedc7320616f2d96f61a3ed9c Mon Sep 17 00:00:00 2001 From: jonathan vanasco Date: Tue, 5 Nov 2019 17:04:11 -0500 Subject: invoke `deprecated()` --- src/pyramid/session.py | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'src') diff --git a/src/pyramid/session.py b/src/pyramid/session.py index ededdaab7..10e1ea313 100644 --- a/src/pyramid/session.py +++ b/src/pyramid/session.py @@ -82,6 +82,14 @@ class PickleSerializer(object): return pickle.dumps(appstruct, self.protocol) +deprecated( + 'PickleSerializer', + 'pyramid.session.PickleSerializer is deprecated as of Pyramid 2.0 for ' + 'security concerns. Use pyramid.session.JSONSerializer or reference the ' + 'narrative documentation for information on building a migration tool.', +) + + JSONSerializer = JSONSerializer # api -- cgit v1.2.3 From d9dadcfabccb8895eda1fa948f7d7d6686e53806 Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Wed, 4 Dec 2019 21:38:17 -0600 Subject: add missing versionadded directive on config.add_cache_buster --- src/pyramid/config/views.py | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src') diff --git a/src/pyramid/config/views.py b/src/pyramid/config/views.py index afb685f93..bc0b05a08 100644 --- a/src/pyramid/config/views.py +++ b/src/pyramid/config/views.py @@ -2045,6 +2045,8 @@ class ViewsConfiguratorMixin(object): :class:`~pyramid.interfaces.ICacheBuster` interface. Default: ``False``. + .. versionadded:: 1.6 + """ spec = self._make_spec(path) info = self._get_static_info() -- cgit v1.2.3