[Jifty-commit] r6740 - jifty/trunk
Jifty commits
jifty-commit at lists.jifty.org
Thu Apr 9 11:30:54 EDT 2009
Author: alexmv
Date: Thu Apr 9 11:30:53 2009
New Revision: 6740
Modified:
jifty/trunk/Changelog
Log:
Updated changelog
Modified: jifty/trunk/Changelog
==============================================================================
--- jifty/trunk/Changelog (original)
+++ jifty/trunk/Changelog Thu Apr 9 11:30:53 2009
@@ -1,14 +1,370 @@
-Jifty 0.80408
-Subversion r5269
+-------------------------------
+Jifty 0.90409 - April 9th, 2009
+-------------------------------
+
+POSSIBLE INCOMPATIBILITIES
+==========================
+ * Mason's dhandler is no longer in charge of generating 404's;
+ instead, the dispatcher catches when no views can handle a request.
+ The 'mason_internal_error' page has also been renamed to the more
+ straightforward '/errors/500'.
+
+ * Actions found under Jifty::Plugin::SomePlugin::Action are now
+ denied. As these actions are always mirrored under the
+ application's YourApp::Action class, this provides a single point
+ of extensibility and access control.
+
+ As long as plugins and applications always refer to the
+ application's mirrored action class -- which they should be doing
+ already for extensibility -- this change does not affect backwards
+ compatibility.
+
+ * AppClass::Action is now a mixin, and does not inherit from
+ Jifty::Action. This removes a diamond inheritance pattern from
+ autogenerated jifty actions, and those made by `./bin/jifty
+ action`. This is additionally needed in order to allow `jifty
+ action`-generated UpdateWidget actions to inherit from a consistent
+ and correct set of parents.
+
+ This _will_ break existing actions which only inherit from
+ YourApp::Action but not Jifty::Action as well.
+
+ * The div with id 'jifty-wait-message' has changed CSS, and now
+ includes an animated 'spinner.' Applications which customized the
+ CSS of this element may need to adjust their CSS.
+
+ * Jifty no longer uses the 'prototype' javascript library by default,
+ instead relying on 'jQuery'. Applications running config file
+ version 3 and below will have the 'Prototypism' plugin added
+ automatically, which enables compatibility with the 'prototype'
+ javascript library. This plugin can be safely removed if your
+ application makes no use of 'prototype'.
-ON UPGRADE
-==========
+ * URI unescaping is now consistent between FastCGI and standalone
- * some files (for example share/web/templates/dhandler) have been removed,
- if you don't use system's packages manager then files most probably stay
- in system lib dirs and may break jifty and your app.
- Delete all Jifty's files from perl's @INC before installing new Jifty.
+SECURITY
+========
+ * Fix a security hole in the REST plugin which let you call any
+ method on the model. We were checking the load by column with
+ valid_column instead of the display field. This would not be done
+ with any elevated privileges, but still might have allowed
+ unexpected access.
+ * Requests to /=/subs how return immediately if PubSub is turned off,
+ instead of consuming a thread on the server
+
+
+CORE FEATURES
+=============
+ * Jifty::Datetime has been retooled to be more generic
+ * Allow subclassing of Jifty::Config into YourApp::Config
+ * Store the request method on the request object. This is so a POST
+ request with an action, which is redirected to a new URL in a
+ before {} block, doesn't show the user an obscure 'Action denied'
+ message. Since the original request with the action was a POST
+ request, it is _not_ a cross-site scripting vulnerability.
+ * YAML configuration file merging is now slightly smarter for
+ specific listrefs: MailerArgs and View.Handlers arguments now
+ replace earlier settings, rather than appending to them.
+ * Overload stringification of ClassLoaders, so warning messages with
+ @INC are a bit more educational
+ * The configuration setting FallbackViewHandler has been removed, as
+ it is no different from the last Handler in the View section. For
+ backwards compatibility, Jifty::Handler still adds it to the set if
+ it exists in your config file, though.
+ * In the DateTime filter, use the application's DateTime class if
+ they have one
+ * Handle Jifty->web->new_action('CreateFoo', moniker => 'create_foo')
+ (makes "class" optional)
+ * Move Mason-specific methods out of Jifty::Handler
+ * Add an "explain" method to Jifty::API, to trace action deny/allow
+ * Deny and hide autogenerated application action abstract base
+ classes.
+ * Make Net::Server subclasses use Log4perl infrastructure
+ * Move log messages, whenever possible, to $self->log rather than
+ Jifty->log
+ * The code that walks the calls stack to find the correct
+ current_user has been refactored.
+ * Split out Jifty::View::Mason::Request (renamed from
+ HTML::Mason::Request::Jifty) into its own file.
+
+
+ACTIONS
+=======
+ * Obviate the need for the really short sub record_class {...} in
+ most cases of YourApp::Action::UpdateFoo (and SearchFoo, DeleteFoo,
+ and CreateFoo)
+ * Added an Execute virtual action for help building general "do
+ something to a record" actions.
+ * Updated the Create, Execute, and Update actions to make them easier
+ to extend via Jifty::Param::Schema
+ * Extract the validation of valid_values into a method which is
+ overridable
+ * Whenever we can (on any action and on record ->creates), pass in
+ the other field values so a validator can base its validation on
+ those as well.
+ * Add an option for force ajax validation failures on empty form fields
+ * Allow earlier fields to set validation failures on later fields
+ * "ajax validates" on a column should actually activate it, with an
+ action validator
+ * Add a Time and DateTime renderer
+ * Add a Bulk update action
+ * Add report_detailed_messages option in Jifty::Action::Record
+ * Allow literal region names in qualified_region
+ * Allow action parameter renderers with :: in their name
+ * Make Jifty::Action::Record::Search skip container columns.
+ * In Jifty::Action::Record::Search actions, "contains" conditions
+ should not kick in if its length is 0.
+ * Don't push Jifty::Action onto @ISA if the class is already a
+ Jifty::Action
+
+
+COMMAND LINE
+=============
+ * `jifty console` has been removed in favor of `jifty repl`, which is
+ provided by Jifty::Plugin::REPL.
+ * `jifty deps` has been removed in favor of Shipwright.
+ * Added `jifty version` command
+ * Add a --no-bootstrap option for `jifty schema` command
+ * Quiet down warnings about missing application root when creating a
+ new application with `jifty app`
+ * If someone creates an app with a Foo::Bar name, make it Foo-Name
+ for them.
+ * Add control of running user, group, and host in standalone server
+
+
+PUBSUB
+======
+ * Multiple regions can be subscribed to the same PubSub channel
+ * Coalesce region updates in PubSub.
+ * PubSub updates can now have effects on removal and addition.
+ * Support for Jifty->subs->update_on( class => 'SomeEvent' ) as a
+ shortcut.
+ * Add an Jifty::Event::Log, and a Jifty::Logger::EventAppender, so
+ you can cause arbitrary log messages to send events, based on your
+ log4perl config.
+ * Don't connect to PubSub during cleanup, and disconnect PubSub after
+ initialization
+
+
+I18N
+====
+ * Locale::Maketext::Lexicon is not smart about seeing the same path
+ more than once. This is a problem if the app uses multiple
+ plugins, which all point to the Jifty share directory for their po
+ files.
+ * Updated fr, ru, zh_tw, ja translations
+ * Added `jifty po` script to manage po and pot files
+
+
+BUGFIXES
+========
+ * Delay view setup for as long as possible; this prevents
+ command-line scripts from creating Mason cache directories.
+ * Better warning-proofing for 5.10, which gets picky about lc called
+ with undef, like render_as sometimes is.
+ * Let Jifty::JSON export objToJson and jsonToObj if the user requests
+ it
+ * Log an error on invalid display_from or value_from in Jifty::Action
+ valid_values
+ * In void context, Jifty->web->link renders the link or button
+ automatically.
+ * Fix memory leaks due to weak reference in Jifty::Web::Menu,
+ Jifty::Web::Form::Field, and Jifty::Web::Menu.
+ * Check that a valid_values collection has a ->count before calling
+ ->first on it
+ * The "get" function of Jifty::Dispatcher contained a bug that made
+ it return '' whenever the actual value was '0'. Additionally,
+ show(0) did not work, and set(foo => 0) and default(foo => 0) would
+ print '' instead of 0 in debug log.
+ * Do not attempt to create sqlite databases with colons in the
+ filename, as win32 does not allow them.
+ * When setting the continuation request's path in a redirect, we need
+ to unescape it to be consistent with Apache, lighttpd, and
+ HTTP::Server::Simple
+ * Split the _current_ continuation from the continuation we're
+ returning or calling into. This means you can return from a
+ continuation you're not in, and it does the right thing if actions
+ fail to validate, and the call doesn't go through.
+ * Force Net::Server to not duplicate filehandles when it forks
+ * When we set up database connections, first purge the memcache
+ connections, if any; reusing memcache filehandles leads to broken
+ connections. After we fork in the server, we re-set up the
+ database connections.
+ * Fix potential connection problems after forking in the server
+ * Intuit https better in Jifty->web->path
+ * LWP::UserAgent explodes unless ENV{http_proxy} looks like a URI,
+ and '' doesn't cut it.
+ * Stop Jifty actions from loading by primary key if you pass in blank
+ primary keys.
+ * Don't try to drop the DB if we know it doesn't exist
+ * Fix multiple loops which looped on $_, and called functions which
+ implicitly modified $_
+ * Include all css_files when not using compressed css
+ * Clean up "action denied" warnings a bit, such that they give useful
+ backtraces, and only give additional cross-site scripting warnings
+ if the request method is GET.
+ * Work around a bug in 5.10 where nested loops trigger "Attempt to
+ free unreferenced scalar"
+ * Don't reset keybindings when we display the keybinding div, or we
+ never have any to display.
+
+
+CRUD
+====
+ * Updated POD
+ * Add support for predefined searches, and sort headers
+ * If create from new_item_controls fails, don't show an empty row in
+ the CRUD UI that goes away later.
+ * 'id' column is not editable (though if you really demand it you can
+ have it)
+
+
+DOCUMENTATION
+=============
+ * Tutorial has been updated to use Template::Declare instead of Mason
+ * Jifty::Manual::Javascript describes programming techniques for
+ javascript in Jifty.
+ * Jifty::Manual::jQueryMigrationGuide describes the steps in
+ migrating from Prototype to jQuery.
+ * Update copyright year to 2009
+ * Updated documentation for `jifty` command
+ * Added zh_tw translation of the tutorial
+
+
+PERFORMANCE
+===========
+ * Don't call ->plugins _twice_, since Module::Pluggable doesn't cache
+ at all, and stat is expensive
+ * Subrequests should never need to run actions; this should speed up
+ regions
+ * Having a local $Request saves thousands of method calls to
+ Class::Accessor per request
+ * In Jifty::Web::Menu, cache ordering of children, and url value,
+ more aggressively; also remove unnecessary _parent accessor
+ * Cheat, in Jifty::CurrentUser, and walk around Class::Accessor
+ methods in a hotspot
+ * Install a faster Jifty::Web->out in the handler once we have output
+ headers.
+ * Remove uses of a Class::Accessor where we don't need one
+ * In certain hotspots, walk around Class::Accessor calls and access
+ the object hash directly.
+ * When outputting links and buttons, only iterate over javascript
+ attributes that have been set, rather than _all_ attributes.
+
+
+PLUGINS
+=======
+ * In plugins, add support for "after app => run {...}" instead of
+ just "after plugin Jifty::Plugin::Something => run {...}" in
+ dispatcher. This allows plugins to provide dispatcher rules which
+ the application can override.
+ * The following plugins, previously distributed as part of Jifty
+ core, have been moved into their own distributions:
+ - Attributes
+ - Authentication-CAS
+ - Authentication-Facebook
+ - Authentication-Ldap
+ - AutoReference
+ - Chart
+ - Comment
+ - Feedback
+ - Gladiator
+ - GoogleMap
+ - LeakTracker
+ - Monitoring
+ - OpenID
+ - Quota
+ - Recorder
+ - SiteNews
+ - TabView
+ - Userpic
+ - UUID
+ - Yullio
+ * The following plugins, previously distributed under plugins/ as
+ part of core, but not installed by default, have been moved into
+ their own distributions:
+ - AuthzLDAP
+ - CodePress
+ - DumpDispatcher
+ - EmailErrors
+ - ExtJS
+ - ProfileBehaviour
+ - WikiToolbar
+ - WyzzEditor
+ * Added ViewDeclarePage plugin, for more advanced Template::Declare
+ pages.
+ * Several deprecated plugins have been removed:
+ - AuthCAS (replaced by Authentication::CAS)
+ - AuthLDAP (replaced by Authentication::LDAP)
+ - EditInPlace
+ - Debug (replaced by AccessLog)
+ - Nothing
+ * Authentication::Password: Extend Login action so people can use
+ username to login, though email takes precedence of username
+ * OnlineDocs: Cleanup and dispatcher-ize
+ * OnlineDocs: Link to local application pod directly
+ * OnlineDocs: Allow linking to specific page within documentation
+ using /__jifty/online_docs/?n=Jifty::Manual
+ * REST: Include the "by" column attribute in the REST interface for
+ Net::Jifty
+ * REST: Some doc for extending your REST interface's object dump
+ * REST: Propagate output format across REST redirection
+ * REST: Give help under /= as well
+ * REST: Better errors from the REST API for hidden/denied actions
+ * SinglePage: Added history support for links; we use the "Really
+ Simple History" javascript library to make the magic work.
+ (http://code.google.com/p/reallysimplehistory/)
+ * SinglePage: Add a temporary variable for disabling spa in runtime.
+ * SQLQueries: Also clear slow/halo queries on "clear queries"
+ * SQLQueries: Avoid undef warnings from undef bindings
+ * User: Since it is internally used as a flag to store if one has
+ valid email address, the column "email_confirmed" should never be
+ rendered.
+
+
+TESTING
+=======
+ * Move a skip_all from compile time to runtime. some cpantesters
+ failed a test file with no actual tests :(
+ * Move t/lib/Jifty/SubTest.pm to lib/Jifty/Test/Dist.pm Additionally,
+ make it descend from Jifty::Test, so you don't need to use both
+ * Add test app from Peter Mottram to uncover this valid_values bug
+ * TODOify some tests that need some virtual-column discussion
+ * Depend on the $$ for ports, not on random numbers. This reduces
+ the likelihood of port conflict.
+ * Add a test helper module for matching notification email sent
+ during a test.
+ * Fixes for updated LWP, WWW::Mechanize; ->get and ->post are not
+ ->get_ok and ->post_ok
+ * Add a TestServerWarnings plugin during tests, which allows us to
+ have a warnings_like test, which checks warnings on the server
+ side.
+ * Bail early with exit value, if database drop or create fails
+ * Do not load po files by default anymore. You can provide l10n => 1
+ for tests requiring po loading.
+
+
+VIEW
+====
+ * Better integration between views, using a common
+ String::BufferStack. This allows cross-calling between
+ Template::Declare and HTML::Mason templates.
+ * Kill our custom popup notifications in favor of jGrowl.
+ Additionally, use Behavior to change full-page action messages into
+ sticky jGrowl messages.
+ * Added a 'multiple' flag for select form field
+ * Make the default "Loading..." display as an animated gif spinner
+ * Support for "loading" fragments for lazy regions.
+ * Add, and respect, the calendar-starts-monday element class for
+ calendar javascript.
+ * Add a render_hidden to Jifty::View::Declare::Helpers
+
+
+
+-------------------------------
+Jifty 0.80408 - April 8th, 2008
+-------------------------------
I18N
====
More information about the Jifty-commit
mailing list