./www/py-waitress, Production-quality pure-Python WSGI server

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.3.1, Package name: py37-waitress-1.3.1, Maintainer: pkgsrc-users

Waitress is meant to be a production-quality pure-Python WSGI server
with very acceptable performance. It has no dependencies except
ones which live in the Python standard library. It supports HTTP/1.0
and HTTP/1.1.

Required to run:
[devel/py-setuptools] [lang/python37]

Required to build:

Master sites:

SHA1: 8016cb356417686529de0d9f2b850b7866c29ebb
RMD160: 2042c8ed01b64674560ea0a00f9a9bf6173bfd82
Filesize: 163.181 KB

Version history: (Expand)

CVS history: (Expand)

   2019-09-13 11:53:30 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-waitress: updated to 1.3.1


- Waitress won't accidentally throw away part of the path if it starts with a
  double slash (GET //testing/whatever HTTP/1.0). WSGI applications will
  now receive a PATH_INFO in the environment that contains
  //testing/whatever as required.
   2019-07-03 22:36:51 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-waitress: updated to 1.3.0



- The send_bytes adjustment now defaults to 1 and is deprecated
  pending removal in a future release.


- Add a new outbuf_high_watermark adjustment which is used to apply
  backpressure on the app_iter to avoid letting it spin faster than data
  can be written to the socket. This stabilizes responses that iterate quickly
  with a lot of data.

- Stop early and close the app_iter when attempting to write to a closed
  socket due to a client disconnect. This should notify a long-lived streaming
  response when a client hangs up.

- Adjust the flush to output SO_SNDBUF bytes instead of whatever was
  set in the send_bytes adjustment. send_bytes now only controls how
  much waitress will buffer internally before flushing to the kernel, whereas
  previously it used to also throttle how much data was sent to the kernel.
  This change enables a streaming app_iter containing small chunks to
  still be flushed efficiently.


- Upon receiving a request that does not include HTTP/1.0 or HTTP/1.1 we will
  no longer set the version to the string value "None". See

- When a client closes a socket unexpectedly there was potential for memory
  leaks in which data was written to the buffers after they were closed,
  causing them to reopen.

- Fix the queue depth warnings to only show when all threads are busy.

- Trigger the app_iter to close as part of shutdown. This will only be
  noticeable for users of the internal server api. In more typical operations
  the server will die before benefiting from these changes.

- Fix a bug in which a streaming app_iter may never cleanup data that has
  already been sent. This would cause buffers in waitress to grow without
  bounds. These buffers now properly rotate and release their data.

- Fix a bug in which non-seekable subclasses of io.IOBase would trigger
  an exception when passed to the wsgi.file_wrapper callback.
   2019-01-29 15:30:03 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-waitress: updated to 1.2.1


- When given an IPv6 address in X-Forwarded-For or Forwarded for=
  waitress was placing the IP address in REMOTE_ADDR with brackets:
  [2001:db8::0], this does not match the requirements in the CGI spec which
  REMOTE_ADDR was lifted from. Waitress will now place the bare IPv6
  address in REMOTE_ADDR: 2001:db8::0.
   2019-01-20 14:20:02 by Adam Ciarcinski | Files touched by this commit (4) | Package updated
Log message:
py-waitress: updated to 1.2.0

No changes since the last beta release. Enjoy Waitress!

- Modified clear_untrusted_proxy_headers to be usable without a

- Modified trusted_proxy_count to error when used without a

- Fixed logic to no longer warn on writes where the output is required to have
  a body but there may not be any data to be written. Solves issue posted on
  the Pylons Project mailing list with 1.2.0b1.

Happy New Year!

- Setting the trusted_proxy setting to '*' (wildcard) will allow all
  upstreams to be considered trusted proxies, thereby allowing services behind
  Cloudflare/ELBs to function correctly whereby there may not be a singular IP
  address that requests are received from.

  Using this setting is potentially dangerous if your server is also available
  from anywhere on the internet, and further protections should be used to lock
  down access to Waitress.

- Waitress has increased its support of the X-Forwarded-* headers and includes
  Forwarded (RFC7239) support. This may be used to allow proxy servers to
  influence the WSGI environment.

  This also provides a new security feature when using Waitress behind a proxy
  in that it is possible to remove untrusted proxy headers thereby making sure
  that downstream WSGI applications don't accidentally use those proxy headers
  to make security decisions.

  The documentation has more information, see the following new arguments:

  - trusted_proxy_count
  - trusted_proxy_headers
  - clear_untrusted_proxy_headers
  - log_untrusted_proxy_headers (useful for debugging)

  Be aware that the defaults for these are currently backwards compatible with
  older versions of Waitress, this will change in a future release of waitress.
  If you expect to need this behaviour please explicitly set these variables in
  your configuration, or pin this version of waitress.

  https://docs.pylonsproject.org/projects … proxy.html

- Waitress can now accept a list of sockets that are already pre-bound rather
  than creating its own to allow for socket activation. Support for init
  systems/other systems that create said activated sockets is not included.

- Server header can be omitted by specifying ident=None or ident=''.

- Waitress will no longer send Transfer-Encoding or Content-Length for 1xx,
  204, or 304 responses, and will completely ignore any message body sent by
  the WSGI application, making sure to follow the HTTP standard.

- Waitress has now "vendored" asyncore into itself as waitress.wasyncore.
  This is to cope with the eventuality that asyncore will be removed from
  the Python standard library in 3.8 or so.

- Bring in documentation of paste.translogger from Pyramid. Reorganize and
  clean up documentation.
   2017-10-16 14:07:25 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-waitress: update to 1.1.0


* Waitress now has a __main__ and thus may be called with python -mwaitress

* Waitress no longer allows lowercase HTTP verbs. This change was made to fall \ 
in line with most HTTP servers.
* When receiving non-ascii bytes in the request URL, waitress will no longer \ 
abruptly close the connection, instead returning a 400 Bad Request.
   2017-07-09 23:24:24 by Adam Ciarcinski | Files touched by this commit (4)
Log message:

- Python 3.6 is now officially supported in Waitress

- Add a work-around for libc issue on Linux not following the documented
  standards. If getnameinfo() fails because of DNS not being available it
  should return the IP address instead of the reverse DNS entry, however
  instead getnameinfo() raises. We catch this, and ask getnameinfo()
  for the same information again, explicitly asking for IP address instead of
  reverse DNS hostname.
   2016-06-08 19:43:49 by Thomas Klausner | Files touched by this commit (356)
Log message:
   2015-11-04 03:47:43 by Alistair G. Crooks | Files touched by this commit (758)
Log message:
Add SHA512 digests for distfiles for www category

Problems found locating distfiles:
	Package haskell-cgi: missing distfile haskell-cgi-20001206.tar.gz
	Package nginx: missing distfile array-var-nginx-module-0.04.tar.gz
	Package nginx: missing distfile encrypted-session-nginx-module-0.04.tar.gz
	Package nginx: missing distfile headers-more-nginx-module-0.261.tar.gz
	Package nginx: missing distfile nginx_http_push_module-0.692.tar.gz
	Package nginx: missing distfile set-misc-nginx-module-0.29.tar.gz
	Package nginx-devel: missing distfile echo-nginx-module-0.58.tar.gz
	Package nginx-devel: missing distfile form-input-nginx-module-0.11.tar.gz
	Package nginx-devel: missing distfile lua-nginx-module-0.9.16.tar.gz
	Package nginx-devel: missing distfile nginx_http_push_module-0.692.tar.gz
	Package nginx-devel: missing distfile set-misc-nginx-module-0.29.tar.gz
	Package php-owncloud: missing distfile owncloud-8.2.0.tar.bz2

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.