Subject: CVS commit: pkgsrc/www/p5-Dancer
From: Wen Heping
Date: 2018-06-18 04:52:12
Message id: 20180618025212.A802DFBEC@cvs.NetBSD.org

Log Message:
Update to 1.3400

Upstream changes:
1.3400    2018-06-15 23:08:34+01:00 Europe/London
 Promoting previous trial releases to stable.

1.3205    2018-06-13 22:59:32+01:00 Europe/London (TRIAL RELEASE)
 [ENHANCEMENTS]
 - require MIME::Types 2.17, as 2.16 has some funny ideas, like responding to a
   ZIP file with 'application/vnd.easykaraoke.cdgdownload'
 - Fix YAML-related test failures if YAML::XS not installed
   (GH 1184, PR 1189, bigpresh)

 [BUG FIXES]
 - Avoid accidental route matches if a previous successful match had left %+
   populated (GH 1187, PR 1188, bigpresh, reported by skington)

1.3204    2018-05-23 14:40:33+01:00 Europe/London (TRIAL RELEASE)
 [ENHANCEMENTS]
 - Try to use 127.0.0.11 for listen tests, fall back to 127.0.0.1
   on systems that don't have 127/8, e.g. FreeBSD (GH 1183, PR 1185, bigpresh)

1.3203    2018-05-20 20:44:30+01:00 Europe/London (TRIAL RELEASE)
 [DOCUMENTATION]
 - Add environment var hint to cookbook (PR 1161, castaway)

 [ENHANCEMENTS]
 - Make it possible to switch out YAML for YAML::XS for config parsing and
   serialisation (there was already an attempt at this in place, and it was
   documented as posisble, but didn't work) (PR 1164, 1nickt)
 - New test method response_redirect_like (PR 1159, 1nickt)
 - New config option raw_request_body_in_ram, which controls whether the
   raw request body is available via request->body or not.  See Issue #1140
   for the problems the previous approach, of getting it from the temp file
   that HTTP::Body might (or might not) have written it to.
 - Validate session IDs read from client - GH #1172 - potential security
   risk if the session provider in use passes the session ID in a way
   where injection is possible.

1.3301 2016-02-16
 [BUG FIXES]
 - Reverted session ID validation (PR-1155) as it breaks
   Dancer::Session::Cookie (bigpresh)

1.3300 2016-02-15
 [BUG FIXES]
 - More temp directory handling fixes (Issue #1147)
 - Avoid request body truncation in hand-assembled requests in tests (PR
   1148, skington)
 - Avoid tests failing when "localhost" doesn't resolve (PR 1142, gbarco)
 - Avoid test failures due to race condition in selecting a port to listen
   on by using 127.0.0.10 instead (more of a hacky workaround than a fix,
   but should help (bigpresh)
 - Fix YAML session handler under taint mode (chrisjrob)
 - Make request->body work again for URL-encoded POST requests - Issue 1140
   reported by miyagawa (bigpresh)
 - Validate session IDs read from cookies before passing to session engine,
   to protect against any engine that might feed that value straight to a
   file path for security - Issue 1118 (bigpresh)

 [DOCUMENTATION]
 - Better doc for forward_for_address (PR 1146, Relequestual)

 [ENHANCEMENTS]
 - Let Dancer::Test::dancer_response() handle supplying multiple params
   with the same name - Issue 1116 (bigpresh)

Files:
RevisionActionfile
1.31modifypkgsrc/www/p5-Dancer/distinfo
1.39modifypkgsrc/www/p5-Dancer/Makefile