Subject: CVS commit: pkgsrc/www/py-h2
From: Leonardo Taccari
Date: 2017-04-14 15:10:13
Message id: 20170414131013.40064FBE4@cvs.NetBSD.org

Log Message:
Update www/py-h2 to 2.5.2

Changes:
2.5.2 (2017-01-27)
------------------
- Resolved issue where the ``HTTP2-Settings`` header value for plaintext
  upgrade that was emitted by ``initiate_upgrade_connection`` included the
  *entire* ``SETTINGS`` frame, instead of just the payload.
- Resolved issue where the ``HTTP2-Settings`` header value sent by a client for
  plaintext upgrade would be ignored by ``initiate_upgrade_connection``, rather
  than have those settings applied appropriately.

2.4.3 (2017-01-27)
------------------
- Resolved issue where the ``HTTP2-Settings`` header value for plaintext
  upgrade that was emitted by ``initiate_upgrade_connection`` included the
  *entire* ``SETTINGS`` frame, instead of just the payload.
- Resolved issue where the ``HTTP2-Settings`` header value sent by a client for
  plaintext upgrade would be ignored by ``initiate_upgrade_connection``, rather
  than have those settings applied appropriately.

2.3.4 (2017-01-27)
------------------
- Resolved issue where the ``HTTP2-Settings`` header value for plaintext
  upgrade that was emitted by ``initiate_upgrade_connection`` included the
  *entire* ``SETTINGS`` frame, instead of just the payload.
- Resolved issue where the ``HTTP2-Settings`` header value sent by a client for
  plaintext upgrade would be ignored by ``initiate_upgrade_connection``, rather
  than have those settings applied appropriately.

2.5.1 (2016-12-17)
------------------
Bugfixes
~~~~~~~~
- Remote peers are now allowed to send zero or any positive number as a value
  for ``SETTINGS_MAX_HEADER_LIST_SIZE``, where previously sending zero would
  raise a ``InvalidSettingsValueError``.

2.5.0 (2016-10-25)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Added a new ``H2Configuration`` object that allows rich configuration of
  a ``H2Connection``. This object supersedes the prior keyword arguments to the
  ``H2Connection`` object, which are now deprecated and will be removed in 3.0.
- Added support for automated window management via the
  ``acknowledge_received_data`` method. See the documentation for more details.
- Added a ``DenialOfServiceError`` that is raised whenever a behaviour that
  looks like a DoS attempt is encountered: for example, an overly large
  decompressed header list. This is a subclass of ``ProtocolError``.
- Added support for setting and managing ``SETTINGS_MAX_HEADER_LIST_SIZE``.
  This setting is now defaulted to 64kB.
- Added ``h2.errors.ErrorCodes``, an enum that is used to store all the HTTP/2
  error codes. This allows us to use a better printed representation of the
  error code in most places that it is used.
- The ``error_code`` fields on ``ConnectionTerminated`` and ``StreamReset``
  events have been updated to be instances of ``ErrorCodes`` whenever they
  correspond to a known error code. When they are an unknown error code, they
  are instead ``int``. As ``ErrorCodes`` is a subclass of ``int``, this is
  non-breaking.
- Deprecated the other fields in ``h2.errors``. These will be removed in 3.0.0.

Bugfixes
~~~~~~~~
- Correctly reject request header blocks with neither :authority nor Host
  headers, or header blocks which contain mismatched :authority and Host
  headers, per RFC 7540 Section 8.1.2.3.
- Correctly expect that responses to HEAD requests will have no body regardless
  of the value of the Content-Length header, and reject those that do.
- Correctly refuse to send header blocks that contain neither :authority nor
  Host headers, or header blocks which contain mismatched :authority and Host
  headers, per RFC 7540 Section 8.1.2.3.
- Hyper-h2 will now reject header field names and values that contain leading
  or trailing whitespace.
- Correctly strip leading/trailing whitespace from header field names and
  values.
- Correctly refuse to send header blocks with a TE header whose value is not
  ``trailers``, per RFC 7540 Section 8.1.2.2.
- Correctly refuse to send header blocks with connection-specific headers,
  per RFC 7540 Section 8.1.2.2.
- Correctly refuse to send header blocks that contain duplicate pseudo-header
  fields, or with pseudo-header fields that appear after ordinary header fields,
  per RFC 7540 Section 8.1.2.1.
  This may cause passing a dictionary as the header block to ``send_headers``
  to throw a ``ProtocolError``, because dictionaries are unordered and so they
  may trip this check.  Passing dictionaries here is deprecated, and callers
  should change to using a sequence of 2-tuples as their header blocks.
- Correctly reject trailers that contain HTTP/2 pseudo-header fields, per RFC
  7540 Section 8.1.2.1.
- Correctly refuse to send trailers that contain HTTP/2 pseudo-header fields,
  per RFC 7540 Section 8.1.2.1.
- Correctly reject responses that do not contain the ``:status`` header field,
  per RFC 7540 Section 8.1.2.4.
- Correctly refuse to send responses that do not contain the ``:status`` header
  field, per RFC 7540 Section 8.1.2.4.
- Correctly update the maximum frame size when the user updates the value of
  that setting. Prior to this release, if the user updated the maximum frame
  size hyper-h2 would ignore the update, preventing the remote peer from using
  the higher frame sizes.

2.4.2 (2016-10-25)
------------------
Bugfixes
~~~~~~~~
- Correctly update the maximum frame size when the user updates the value of
  that setting. Prior to this release, if the user updated the maximum frame
  size hyper-h2 would ignore the update, preventing the remote peer from using
  the higher frame sizes.

2.3.3 (2016-10-25)
------------------
Bugfixes
~~~~~~~~
- Correctly update the maximum frame size when the user updates the value of
  that setting. Prior to this release, if the user updated the maximum frame
  size hyper-h2 would ignore the update, preventing the remote peer from using
  the higher frame sizes.

2.2.7 (2016-10-25)
------------------
*Final 2.2.X release*

Bugfixes
~~~~~~~~
- Correctly update the maximum frame size when the user updates the value of
  that setting. Prior to this release, if the user updated the maximum frame
  size hyper-h2 would ignore the update, preventing the remote peer from using
  the higher frame sizes.

2.4.1 (2016-08-23)
------------------
Bugfixes
~~~~~~~~
- Correctly expect that responses to HEAD requests will have no body regardless
  of the value of the Content-Length header, and reject those that do.

2.3.2 (2016-08-23)
------------------
Bugfixes
~~~~~~~~
- Correctly expect that responses to HEAD requests will have no body regardless
  of the value of the Content-Length header, and reject those that do.

2.4.0 (2016-07-01)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Adds ``additional_data`` to ``H2Connection.close_connection``, allowing the
  user to send additional debug data on the GOAWAY frame.
- Adds ``last_stream_id`` to ``H2Connection.close_connection``, allowing the
  user to manually control what the reported last stream ID is.
- Add new method: ``prioritize``.
- Add support for emitting stream priority information when sending headers
  frames using three new keyword arguments: ``priority_weight``,
  ``priority_depends_on``, and ``priority_exclusive``.
- Add support for "related events": events that fire simultaneously on \ 
a single
  frame.

2.3.1 (2016-05-12)
------------------
Bugfixes
~~~~~~~~
- Resolved ``AttributeError`` encountered when receiving more than one sequence
  of CONTINUATION frames on a given connection.

2.2.5 (2016-05-12)
------------------
Bugfixes
~~~~~~~~
- Resolved ``AttributeError`` encountered when receiving more than one sequence
  of CONTINUATION frames on a given connection.

2.3.0 (2016-04-26)
------------------
API Changes (Backward-Compatible)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Added a new flag to the ``H2Connection`` constructor: ``header_encoding``,
  that controls what encoding is used (if any) to decode the headers from bytes
  to unicode. This defaults to UTF-8 for backward compatibility. To disable the
  decode and use bytes exclusively, set the field to False, None, or the empty
  string. This affects all headers, including those pushed by servers.
- Bumped the minimum version of HPACK allowed from 2.0 to 2.2.
- Added support for advertising RFC 7838 Alternative services.
- Allowed users to provide ``hpack.HeaderTuple`` and
  ``hpack.NeverIndexedHeaderTuple`` objects to all methods that send headers.
- Changed all events that carry headers to emit ``hpack.HeaderTuple`` and
  ``hpack.NeverIndexedHeaderTuple`` instead of plain tuples. This allows users
  to maintain header indexing state.
- Added support for plaintext upgrade with the ``initiate_upgrade_connection``
  method.

Bugfixes
~~~~~~~~
- Automatically ensure that all ``Authorization`` and ``Proxy-Authorization``
  headers, as well as short ``Cookie`` headers, are prevented from being added
  to encoding contexts.

2.2.4 (2016-04-25)
------------------
Bugfixes
~~~~~~~~
- Correctly forbid pseudo-headers that were not defined in RFC 7540.
- Ignore AltSvc frames, rather than exploding when receiving them.

2.1.5 (2016-04-25)
------------------
*Final 2.1.X release*

Bugfixes
~~~~~~~~
- Correctly forbid pseudo-headers that were not defined in RFC 7540.
- Ignore AltSvc frames, rather than exploding when receiving them.

Files:
RevisionActionfile
1.4modifypkgsrc/www/py-h2/Makefile
1.2modifypkgsrc/www/py-h2/PLIST
1.3modifypkgsrc/www/py-h2/distinfo
1.3modifypkgsrc/www/py-h2/patches/patch-setup.py