Skip to content
This repository has been archived by the owner on Nov 16, 2022. It is now read-only.

Initial Update #1020

Closed
wants to merge 1 commit into from
Closed

Initial Update #1020

wants to merge 1 commit into from

Conversation

pyup-bot
Copy link

This is my first visit to this fine repo so I have bundled all updates in a single pull request to make things easier for you to merge.

Close this pull request and delete the branch if you want me to start with single pull requests right away

Here's the executive summary:

Updates

Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.

Jinja2 2.7.1 » 2.9.5 PyPI | Changelog | Homepage
mistune 0.7.1 » 0.7.3 PyPI | Changelog | Repo

Changelogs

Jinja2 2.7.1 -> 2.9.5

2.9.5


(bugfix release, released on January 28th 2017)

  • Restored the original repr of the internal _GroupTuple because this
    caused issues with ansible and it was an unintended change. (654)
  • Added back support for custom contexts that override the old resolve
    method since it was hard for people to spot that this could cause a
    regression.
  • Correctly use the buffer for the else block of for loops. This caused
    invalid syntax errors to be caused on 2.x and completely wrong behavior
    on Python 3 (669)
  • Resolve an issue where the {% extends %} tag could not be used with
    async environments. (668)
  • Reduce memory footprint slightly by reducing our unicode database dump
    we use for identifier matching on Python 3 (666)
  • Fixed autoescaping not working for macros in async compilation mode. (671)

2.9.4


(bugfix release, released on January 10th 2017)

  • Solved some warnings for string literals. (646)
  • Increment the bytecode cache version which was not done due to an
    oversight before.
  • Corrected bad code generation and scoping for filtered loops. (649)
  • Resolved an issue where top-level output silencing after known extend
    blocks could generate invalid code when blocks where contained in if
    statements. (651)
  • Made the truncate.leeway default configurable to improve compatibility
    with older templates.

2.9.3


(bugfix release, released on January 8th 2017)

  • Restored the use of blocks in macros to the extend that was possible
    before. On Python 3 it would render a generator repr instead of
    the block contents. (645)
  • Set a consistent behavior for assigning of variables in inner scopes
    when the variable is also read from an outer scope. This now sets the
    intended behavior in all situations however it does not restore the
    old behavior where limited assignments to outer scopes was possible.
    For more information and a discussion see 641
  • Resolved an issue where block scoped would not take advantage of the
    new scoping rules. In some more exotic cases a variable overriden in a
    local scope would not make it into a block.
  • Change the code generation of the with statement to be in line with the
    new scoping rules. This resolves some unlikely bugs in edge cases. This
    also introduces a new internal With node that can be used by extensions.

2.9.2


(bugfix release, released on January 8th 2017)

  • Fixed a regression that caused for loops to not be able to use the same
    variable for the target as well as source iterator. (640)
  • Add support for a previously unknown behavior of macros. It used to be
    possible in some circumstances to explicitly provide a caller argument
    to macros. While badly buggy and unintended it turns out that this is a
    common case that gets copy pasted around. To not completely break backwards
    compatibility with the most common cases it's now possible to provide an
    explicit keyword argument for caller if it's given an explicit default.
    (642)

2.9.1


(bugfix release, released on January 7th 2017)

  • Resolved a regression with call block scoping for macros. Nested caller
    blocks that used the same identifiers as outer macros could refer to the
    wrong variable incorrectly.

2.9


(codename Derivation, released on January 7th 2017)

  • Change cache key definition in environment. This fixes a performance
    regression introduced in 2.8.
  • Added support for generator_stop on supported Python versions
    (Python 3.5 and later)
  • Corrected a long standing issue with operator precedence of math operations
    not being what was expected.
  • Added support for Python 3.6 async iterators through a new async mode.
  • Added policies for filter defaults and similar things.
  • urlize now sets "rel noopener" by default.
  • Support attribute fallback for old-style classes in 2.x.
  • Support toplevel set statements in extend situations.
  • Restored behavior of Cycler for Python 3 users.
  • Subtraction now follows the same behavior as other operators on undefined
    values.
  • map and friends will now give better error messages if you forgot to
    quote the parameter.
  • Depend on MarkupSafe 0.23 or higher.
  • Improved the truncate filter to support better truncation in case
    the string is barely truncated at all.
  • Change the logic for macro autoescaping to be based on the runtime
    autoescaping information at call time instead of macro define time.
  • Ported a modified version of the tojson filter from Flask to Jinja2
    and hooked it up with the new policy framework.
  • Block sets are now marked safe by default.
  • On Python 2 the asciification of ASCII strings can now be disabled with
    the compiler.ascii_str policy.
  • Tests now no longer accept an arbitrary expression as first argument but
    a restricted one. This means that you can now properly use multiple
    tests in one expression without extra parentheses. In particular you can
    now write foo is divisibleby 2 or foo is divisibleby 3
    as you would expect.
  • Greatly changed the scoping system to be more consistent with what template
    designers and developers expect. There is now no more magic difference
    between the different include and import constructs. Context is now always
    propagated the same way. The only remaining differences is the defaults
    for with context and without context.
  • The with and autoescape tags are now built-in.
  • Added the new select_autoescape function which helps configuring better
    autoescaping easier.

2.8.2


(bugfix release, unreleased)

  • Fixed a runtime error in the sandbox when attributes of async generators
    were accessed.

2.8.1


(bugfix release, released on December 29th 2016)

  • Fixed the for_qs flag for urlencode.
  • Fixed regression when applying int to non-string values.
  • SECURITY: if the sandbox mode is used format expressions are now sandboxed
    with the same rules as in Jinja. This solves various information leakage
    problems that can occur with format strings.

2.8


(codename Replacement, released on July 26th 2015)

  • Added target parameter to urlize function.
  • Added support for followsymlinks to the file system loader.
  • The truncate filter now counts the length.
  • Added equalto filter that helps with select filters.
  • Changed cache keys to use absolute file names if available
    instead of load names.
  • Fixed loop length calculation for some iterators.
  • Changed how Jinja2 enforces strings to be native strings in
    Python 2 to work when people break their default encoding.
  • Added :func:make_logging_undefined which returns an undefined
    object that logs failures into a logger.
  • If unmarshalling of cached data fails the template will be
    reloaded now.
  • Implemented a block set tag.
  • Default cache size was increased to 400 from a low 50.
  • Fixed is number test to accept long integers in all Python versions.
  • Changed is number to accept Decimal as a number.
  • Added a check for default arguments followed by non-default arguments. This
    change makes {% macro m(x, y=1, z) %}...{% endmacro %} a syntax error. The
    previous behavior for this code was broken anyway (resulting in the default
    value being applied to y).
  • Add ability to use custom subclasses of jinja2.compiler.CodeGenerator and
    jinja2.runtime.Context by adding two new attributes to the environment
    (code_generator_class and context_class) (pull request 404).
  • added support for context/environment/evalctx decorator functions on
    the finalize callback of the environment.
  • escape query strings for urlencode properly. Previously slashes were not
    escaped in that place.
  • Add 'base' parameter to 'int' filter.

2.7.3


(bugfix release, released on June 6th 2014)

  • Security issue: Corrected the security fix for the cache folder. This
    fix was provided by RedHat.

2.7.2


(bugfix release, released on January 10th 2014)

  • Prefix loader was not forwarding the locals properly to
    inner loaders. This is now fixed.
  • Security issue: Changed the default folder for the filesystem cache to be
    user specific and read and write protected on UNIX systems. See Debian bug 734747_ for more information.

.. _Debian bug 734747: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734747

mistune 0.7.1 -> 0.7.3

0.7.3

Released on Jun. 28, 2016

  • Fix strikethrough regex
  • Fix HTML attribute regex
  • Fix close tag regex

0.7.2

Released on Feb. 26, 2016

  • Fix hard_wrap options on renderer.
  • Fix emphasis regex pattern
  • Fix base64 image link 80_.
  • Fix link security per 87_.

.. _80: lepture/mistune#80
.. _87: lepture/mistune#87

Once you have closed this pull request, I'll create seperate pull requests for every update as soon as I find them.

That's it for now!

Happy merging! 🤖

@chadwhitacre
Copy link
Contributor

Closing per gratipay/gratipay.com#4376 (comment).

@chadwhitacre chadwhitacre deleted the pyup-initial-update branch May 17, 2017 19:41
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants