Subject: CVS commit: pkgsrc/www/py-werkzeug
From: Klaus Klein
Date: 2013-07-09 19:11:42
Message id: 20130709171142.21D7096@cvs.netbsd.org

Log Message:
Update py-werkzeug and py-werkzeug-docs to 0.9.1.

Version 0.9.1
-------------

(bugfix release, released on June 14th 2013)

- Fixed an issue with integers no longer being accepted in certain
  parts of the routing system or URL quoting functions.
- Fixed an issue with `url_quote` not producing the right escape
  codes for single digit codepoints.
- Fixed an issue with :class:`~werkzeug.wsgi.SharedDataMiddleware` not
  reading the path correctly and breaking on etag generation in some
  cases.
- Properly handle `Expect: 100-continue` in the development server
  to resolve issues with curl.
- Automatically exhaust the input stream on request close.  This should
  fix issues where not touching request files results in a timeout.
- Fixed exhausting of streams not doing anything if a non-limited
  stream was passed into the multipart parser.
- Raised the buffer sizes for the multipart parser.

Version 0.9
-----------

Released on June 13nd 2013, codename Planierraupe.

- Added support for :meth:`~werkzeug.wsgi.LimitedStream.tell`
  on the limited stream.
- :class:`~werkzeug.datastructures.ETags` now is nonzero if it
  contains at least one etag of any kind, including weak ones.
- Added a workaround for a bug in the stdlib for SSL servers.
- Improved SSL interface of the devserver so that it can generate
  certificates easily and load them from files.
- Refactored test client to invoke the open method on the class
  for redirects.  This makes subclassing more powerful.
- :func:`werkzeug.wsgi.make_chunk_iter` and
  :func:`werkzeug.wsgi.make_line_iter` now support processing of
  iterators and streams.
- URL generation by the routing system now no longer quotes
  ``+``.
- URL fixing now no longer quotes certain reserved characters.
- The :func:`werkzeug.security.generate_password_hash` and
  check functions now support any of the hashlib algorithms.
- `wsgi.get_current_url` is now ascii safe for browsers sending
  non-ascii data in query strings.
- improved parsing behavior for :func:`werkzeug.http.parse_options_header`
- added more operators to local proxies.
- added a hook to override the default converter in the routing
  system.
- The description field of HTTP exceptions is now always escaped.
  Use markup objects to disable that.
- Added number of proxy argument to the proxy fix to make it more
  secure out of the box on common proxy setups.  It will by default
  no longer trust the x-forwarded-for header as much as it did
  before.
- Added support for fragment handling in URI/IRI functions.
- Added custom class support for :func:`werkzeug.http.parse_dict_header`.
- Renamed `LighttpdCGIRootFix` to `CGIRootFix`.
- Always treat `+` as safe when fixing URLs as people love misusing them.
- Added support to profiling into directories in the contrib profiler.
- The escape function now by default escapes quotes.
- Changed repr of exceptions to be less magical.
- Simplified exception interface to no longer require environmnts
  to be passed to recieve the response object.
- Added sentinel argument to IterIO objects.
- Added pbkdf2 support for the security module.
- Added a plain request type that disables all form parsing to only
  leave the stream behind.
- Removed support for deprecated `fix_headers`.
- Removed support for deprecated `header_list`.
- Removed support for deprecated parameter for `iter_encoded`.
- Removed support for deprecated non-silent usage of the limited
  stream object.
- Removed support for previous dummy `writable` parameter on
  the cached property.
- Added support for explicitly closing request objects to close
  associated resources.
- Conditional request handling or access to the data property on responses no
  longer ignores direct passthrough mode.
- Removed werkzeug.templates and werkzeug.contrib.kickstart.
- Changed host lookup logic for forwarded hosts to allow lists of
  hosts in which case only the first one is picked up.
- Added `wsgi.get_query_string`, `wsgi.get_path_info` and
  `wsgi.get_script_name` and made the `wsgi.pop_path_info` and
  `wsgi.peek_path_info` functions perform unicode decoding.  This
  was necessary to avoid having to expose the WSGI encoding dance
  on Python 3.
- Added `content_encoding` and `content_md5` to the request object's
  common request descriptor mixin.
- added `options` and `trace` to the test client.
- Overhauled the utilization of the input stream to be easier to use
  and better to extend.  The detection of content payload on the input
  side is now more compliant with HTTP by detecting off the content
  type header instead of the request method.  This also now means that
  the stream property on the request class is always available instead
  of just when the parsing fails.
- Added support for using :class:`werkzeug.wrappers.BaseResponse` in a with
  statement.
- Changed `get_app_iter` to fetch the response early so that it does not
  fail when wrapping a response iterable.  This makes filtering easier.
- Introduced `get_data` and `set_data` methods for responses.
- Introduced `get_data` for requests.
- Soft deprecated the `data` descriptors for request and response objects.
- Added `as_bytes` operations to some of the headers to simplify working
  with things like cookies.
- Made the debugger paste tracebacks into github's gist service as
  private pastes.

Version 0.8.4
-------------

(bugfix release, release date to be announced)

- Added a favicon to the debugger which fixes problem with
  state changes being triggered through a request to
  /favicon.ico in Google Chrome.  This should fix some
  problems with Flask and other frameworks that use
  context local objects on a stack with context preservation
  on errors.
- Fixed an issue with scolling up in the debugger.
- Fixed an issue with debuggers running on a different URL
  than the URL root.
- Fixed a problem with proxies not forwarding some rarely
  used special methods properly.
- Added a workaround to prevent the XSS protection from Chrome
  breaking the debugger.
- Skip redis tests if redis is not running.
- Fixed a typo in the multipart parser that caused content-type
  to not be picked up properly.

Files:
RevisionActionfile
1.5modifypkgsrc/www/py-werkzeug/Makefile
1.3modifypkgsrc/www/py-werkzeug/Makefile.common
1.3modifypkgsrc/www/py-werkzeug/PLIST
1.2modifypkgsrc/www/py-werkzeug/distinfo