Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CI: verify docs are up to date #3217

Merged
merged 4 commits into from
Aug 7, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 25 additions & 2 deletions .github/workflows/lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,22 +7,45 @@ env:
FORCE_COLOR: 1
jobs:
lint:
name: tox-${{ matrix.toxenv }}
name: ${{ matrix.python-version }} / tox-${{ matrix.toxenv || '(other)' }}
timeout-minutes: 10
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
toxenv: [lint, docs-lint, pycodestyle]
python-version: [ "3.10" ]
include:
# for actions that want git env, not tox env
- toxenv: null
python-version: "3.10"
steps:
- uses: actions/checkout@v4
- name: Using Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: pip
- name: Install Dependencies
- name: Install Dependencies (tox)
if: ${{ matrix.toxenv }}
run: |
python -m pip install --upgrade pip
python -m pip install tox
- run: tox -e ${{ matrix.toxenv }}
if: ${{ matrix.toxenv }}
- name: Install Dependencies (non-toxic)
if: ${{ ! matrix.toxenv }}
run: |
python -m pip install sphinx
- name: "Update docs"
if: ${{ ! matrix.toxenv }}
run: |
# this will update docs/source/settings.rst - but will not create html output
(cd docs && sphinx-build -b "dummy" -d _build/doctrees source "_build/dummy")
if unclean=$(git status --untracked-files=no --porcelain) && [ -z "$unclean" ]; then
echo "no uncommitted changes in working tree (as it should be)"
else
echo "did you forget to run `make -C docs html`?"
echo "$unclean"
exit 2
fi
5 changes: 5 additions & 0 deletions docs/source/2023-news.rst
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,11 @@ Changelog - 2023

This is fixing the bad file description error.

21.1.0 - 2023-07-18
===================

- fix thread worker: fix socket removal from the queue

21.0.1 - 2023-07-17
===================

Expand Down
55 changes: 18 additions & 37 deletions docs/source/news.rst
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,24 @@
Changelog
=========

23.0.0 - unreleased
===================

* minor docs fixes (:pr:`3217`, :pr:`3089`, :pr:`3167`)
* worker_class parameter accepts a class (:pr:`3079`)
* fix deadlock if request terminated during chunked parsing (:pr:`2688`)
* permit receiving Transfer-Encodings: compress, deflate, gzip (:pr:`3261`)
* permit Transfer-Encoding headers specifying multiple encodings. note: no parameters, still (:pr:`3261`)
* sdist generation now explicitly excludes sphinx build folder (:pr:`3257`)
* decode bytes-typed status (as can be passed by gevent) as utf-8 instead of raising `TypeError` (:pr:`2336`)
* raise correct Exception when encounting invalid chunked requests (:pr:`3258`)

** Breaking changes **
* refuse requests where the uri field is empty (:pr:`3255`)
* refuse requests with invalid CR/LR/NUL in heade field values (:pr:`3253`)
* remove temporary `--tolerate-dangerous-framing` switch from 22.0 (:pr:`3260`)
* If any of the breaking changes affect you, be aware that now refused requests can post a security problem, especially so in setups involving request pipe-lining and/or proxies.

22.0.0 - 2024-04-17
===================

Expand Down Expand Up @@ -33,49 +51,12 @@ Changelog

- fix CVE-2024-1135

21.2.0 - 2023-07-19
===================

- fix thread worker: revert change considering connection as idle .

*** NOTE ***

This is fixing the bad file description error.

21.1.0 - 2023-07-18
===================

- fix thread worker: fix socket removal from the queue

21.0.1 - 2023-07-17
===================

- fix documentation build

21.0.0 - 2023-07-17
===================

- support python 3.11
- fix gevent and eventlet workers
- fix threads support (gththread): improve performance and unblock requests
- SSL: now use SSLContext object
- HTTP parser: miscellaneous fixes
- remove unnecessary setuid calls
- fix testing
- improve logging
- miscellaneous fixes to core engine

*** RELEASE NOTE ***

We made this release major to start our new release cycle. More info will be provided on our discussion forum.

History
=======

.. toctree::
:titlesonly:

2024-news
2023-news
2021-news
2020-news
Expand Down
32 changes: 3 additions & 29 deletions docs/source/settings.rst
Original file line number Diff line number Diff line change
Expand Up @@ -210,7 +210,7 @@ H protocol
s status
B response length
b response length or ``'-'`` (CLF format)
f referer
f referrer (note: header is ``referer``)
a user agent
T request time in seconds
M request time in milliseconds
Expand Down Expand Up @@ -314,7 +314,7 @@ file format.

The log config dictionary to use, using the standard Python
logging module's dictionary configuration format. This option
takes precedence over the :ref:`logconfig` and :ref:`logConfigJson` options,
takes precedence over the :ref:`logconfig` and :ref:`logconfig-json` options,
which uses the older file configuration format and JSON
respectively.

Expand Down Expand Up @@ -569,7 +569,7 @@ Whether client certificate is required (see stdlib ssl module's)
=========== ===========================
--cert-reqs Description
=========== ===========================
`0` no client veirifcation
`0` no client verification
`1` ssl.CERT_OPTIONAL
`2` ssl.CERT_REQUIRED
=========== ===========================
Expand Down Expand Up @@ -1504,32 +1504,6 @@ on a proxy in front of Gunicorn.

.. versionadded:: 22.0.0

.. _tolerate-dangerous-framing:

``tolerate_dangerous_framing``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

**Command line:** ``--tolerate-dangerous-framing``

**Default:** ``False``

Process requests with both Transfer-Encoding and Content-Length

This is known to induce vulnerabilities, but not strictly forbidden by RFC9112.

In any case, the connection is closed after the malformed request,
as it is unclear if and at which boundary additional requests start.

Use with care and only if necessary.
Temporary; will be changed or removed in a future version.

.. versionadded:: 22.0.0
.. versionchanged: 22.1.0
The newly added rejection of invalid and dangerous characters CR, LF and NUL in
header field values is also controlled with this setting. rfc9110 permits both
rejecting and SP-replacing. With this option set, Gunicorn passes the field value
unchanged. With this option unset, Gunicorn rejects the request.

Server Socket
-------------

Expand Down
6 changes: 3 additions & 3 deletions gunicorn/config.py
Original file line number Diff line number Diff line change
Expand Up @@ -1395,7 +1395,7 @@ class AccessLogFormat(Setting):
s status
B response length
b response length or ``'-'`` (CLF format)
f referer
f referrer (note: header is ``referer``)
a user agent
T request time in seconds
M request time in milliseconds
Expand Down Expand Up @@ -1506,7 +1506,7 @@ class LogConfigDict(Setting):
desc = """\
The log config dictionary to use, using the standard Python
logging module's dictionary configuration format. This option
takes precedence over the :ref:`logconfig` and :ref:`logConfigJson` options,
takes precedence over the :ref:`logconfig` and :ref:`logconfig-json` options,
which uses the older file configuration format and JSON
respectively.

Expand Down Expand Up @@ -2154,7 +2154,7 @@ class CertReqs(Setting):
=========== ===========================
--cert-reqs Description
=========== ===========================
`0` no client veirifcation
`0` no client verification
`1` ssl.CERT_OPTIONAL
`2` ssl.CERT_REQUIRED
=========== ===========================
Expand Down
Loading