[Jifty-commit] jifty branch, master, updated. jifty-1.10228-23-g238d2cc
Jifty commits
jifty-commit at lists.jifty.org
Tue May 17 16:19:37 EDT 2011
The branch, master has been updated
via 238d2cc0693515a393971165e998ae1c30627d18 (commit)
via 648590e827311b31cd7276b4daf9d6e94379852f (commit)
via 2039cb70f6294aa4f99083f7cd772bb1df258826 (commit)
from 3d1b0d0439b8d3bb647748d6d18a1e00c1716fb0 (commit)
Summary of changes:
Changelog | 48 +++++++++++++++++++++++++++++++++++++
MANIFEST.SKIP | 1 +
inc/Module/Install.pm | 4 +-
inc/Module/Install/AutoInstall.pm | 2 +-
inc/Module/Install/Base.pm | 2 +-
inc/Module/Install/Can.pm | 2 +-
inc/Module/Install/Fetch.pm | 2 +-
inc/Module/Install/Include.pm | 2 +-
inc/Module/Install/Makefile.pm | 2 +-
inc/Module/Install/Metadata.pm | 9 ++++---
inc/Module/Install/Scripts.pm | 2 +-
inc/Module/Install/Share.pm | 4 +-
inc/Module/Install/Win32.pm | 2 +-
inc/Module/Install/WriteAll.pm | 2 +-
14 files changed, 67 insertions(+), 17 deletions(-)
- Log -----------------------------------------------------------------
commit 2039cb70f6294aa4f99083f7cd772bb1df258826
Author: Shawn M Moore <sartak at bestpractical.com>
Date: Tue May 17 16:03:43 2011 -0400
Regenerate Module::Install
diff --git a/inc/Module/Install.pm b/inc/Module/Install.pm
index 8ee839d..74caf9c 100644
--- a/inc/Module/Install.pm
+++ b/inc/Module/Install.pm
@@ -31,7 +31,7 @@ BEGIN {
# This is not enforced yet, but will be some time in the next few
# releases once we can make sure it won't clash with custom
# Module::Install extensions.
- $VERSION = '1.00';
+ $VERSION = '1.01';
# Storage for the pseudo-singleton
$MAIN = undef;
@@ -467,4 +467,4 @@ sub _CLASS ($) {
1;
-# Copyright 2008 - 2010 Adam Kennedy.
+# Copyright 2008 - 2011 Adam Kennedy.
diff --git a/inc/Module/Install/AutoInstall.pm b/inc/Module/Install/AutoInstall.pm
index f1f5356..bc3d172 100644
--- a/inc/Module/Install/AutoInstall.pm
+++ b/inc/Module/Install/AutoInstall.pm
@@ -6,7 +6,7 @@ use Module::Install::Base ();
use vars qw{$VERSION @ISA $ISCORE};
BEGIN {
- $VERSION = '1.00';
+ $VERSION = '1.01';
@ISA = 'Module::Install::Base';
$ISCORE = 1;
}
diff --git a/inc/Module/Install/Base.pm b/inc/Module/Install/Base.pm
index b55bda3..d3662c9 100644
--- a/inc/Module/Install/Base.pm
+++ b/inc/Module/Install/Base.pm
@@ -4,7 +4,7 @@ package Module::Install::Base;
use strict 'vars';
use vars qw{$VERSION};
BEGIN {
- $VERSION = '1.00';
+ $VERSION = '1.01';
}
# Suspend handler for "redefined" warnings
diff --git a/inc/Module/Install/Can.pm b/inc/Module/Install/Can.pm
index 71ccc27..276409a 100644
--- a/inc/Module/Install/Can.pm
+++ b/inc/Module/Install/Can.pm
@@ -9,7 +9,7 @@ use Module::Install::Base ();
use vars qw{$VERSION @ISA $ISCORE};
BEGIN {
- $VERSION = '1.00';
+ $VERSION = '1.01';
@ISA = 'Module::Install::Base';
$ISCORE = 1;
}
diff --git a/inc/Module/Install/Fetch.pm b/inc/Module/Install/Fetch.pm
index ec1f106..093cb7a 100644
--- a/inc/Module/Install/Fetch.pm
+++ b/inc/Module/Install/Fetch.pm
@@ -6,7 +6,7 @@ use Module::Install::Base ();
use vars qw{$VERSION @ISA $ISCORE};
BEGIN {
- $VERSION = '1.00';
+ $VERSION = '1.01';
@ISA = 'Module::Install::Base';
$ISCORE = 1;
}
diff --git a/inc/Module/Install/Include.pm b/inc/Module/Install/Include.pm
index a28cd4c..90cc979 100644
--- a/inc/Module/Install/Include.pm
+++ b/inc/Module/Install/Include.pm
@@ -6,7 +6,7 @@ use Module::Install::Base ();
use vars qw{$VERSION @ISA $ISCORE};
BEGIN {
- $VERSION = '1.00';
+ $VERSION = '1.01';
@ISA = 'Module::Install::Base';
$ISCORE = 1;
}
diff --git a/inc/Module/Install/Makefile.pm b/inc/Module/Install/Makefile.pm
index 5dfd0e9..4c71003 100644
--- a/inc/Module/Install/Makefile.pm
+++ b/inc/Module/Install/Makefile.pm
@@ -8,7 +8,7 @@ use Fcntl qw/:flock :seek/;
use vars qw{$VERSION @ISA $ISCORE};
BEGIN {
- $VERSION = '1.00';
+ $VERSION = '1.01';
@ISA = 'Module::Install::Base';
$ISCORE = 1;
}
diff --git a/inc/Module/Install/Metadata.pm b/inc/Module/Install/Metadata.pm
index cfe45b3..3b01e09 100644
--- a/inc/Module/Install/Metadata.pm
+++ b/inc/Module/Install/Metadata.pm
@@ -6,7 +6,7 @@ use Module::Install::Base ();
use vars qw{$VERSION @ISA $ISCORE};
BEGIN {
- $VERSION = '1.00';
+ $VERSION = '1.01';
@ISA = 'Module::Install::Base';
$ISCORE = 1;
}
@@ -515,6 +515,7 @@ sub __extract_license {
'GNU Free Documentation license' => 'unrestricted', 1,
'GNU Affero General Public License' => 'open_source', 1,
'(?:Free)?BSD license' => 'bsd', 1,
+ 'Artistic license 2\.0' => 'artistic_2', 1,
'Artistic license' => 'artistic', 1,
'Apache (?:Software )?license' => 'apache', 1,
'GPL' => 'gpl', 1,
@@ -550,9 +551,9 @@ sub license_from {
sub _extract_bugtracker {
my @links = $_[0] =~ m#L<(
- \Qhttp://rt.cpan.org/\E[^>]+|
- \Qhttp://github.com/\E[\w_]+/[\w_]+/issues|
- \Qhttp://code.google.com/p/\E[\w_\-]+/issues/list
+ https?\Q://rt.cpan.org/\E[^>]+|
+ https?\Q://github.com/\E[\w_]+/[\w_]+/issues|
+ https?\Q://code.google.com/p/\E[\w_\-]+/issues/list
)>#gx;
my %links;
@links{@links}=();
diff --git a/inc/Module/Install/Scripts.pm b/inc/Module/Install/Scripts.pm
index 329bcc0..e9510f8 100644
--- a/inc/Module/Install/Scripts.pm
+++ b/inc/Module/Install/Scripts.pm
@@ -6,7 +6,7 @@ use Module::Install::Base ();
use vars qw{$VERSION @ISA $ISCORE};
BEGIN {
- $VERSION = '1.00';
+ $VERSION = '1.01';
@ISA = 'Module::Install::Base';
$ISCORE = 1;
}
diff --git a/inc/Module/Install/Share.pm b/inc/Module/Install/Share.pm
index f1e3bdd..1cf9330 100644
--- a/inc/Module/Install/Share.pm
+++ b/inc/Module/Install/Share.pm
@@ -8,7 +8,7 @@ use ExtUtils::Manifest ();
use vars qw{$VERSION @ISA $ISCORE};
BEGIN {
- $VERSION = '1.00';
+ $VERSION = '1.01';
@ISA = 'Module::Install::Base';
$ISCORE = 1;
}
@@ -22,7 +22,7 @@ sub install_share {
}
unless ( defined $dir and -d $dir ) {
require Carp;
- Carp::croak("Illegal or missing directory install_share param");
+ Carp::croak("Illegal or missing directory install_share param: '$dir'");
}
# Split by type
diff --git a/inc/Module/Install/Win32.pm b/inc/Module/Install/Win32.pm
index edc18b4..3139a63 100644
--- a/inc/Module/Install/Win32.pm
+++ b/inc/Module/Install/Win32.pm
@@ -6,7 +6,7 @@ use Module::Install::Base ();
use vars qw{$VERSION @ISA $ISCORE};
BEGIN {
- $VERSION = '1.00';
+ $VERSION = '1.01';
@ISA = 'Module::Install::Base';
$ISCORE = 1;
}
diff --git a/inc/Module/Install/WriteAll.pm b/inc/Module/Install/WriteAll.pm
index d0f6599..1f724a7 100644
--- a/inc/Module/Install/WriteAll.pm
+++ b/inc/Module/Install/WriteAll.pm
@@ -6,7 +6,7 @@ use Module::Install::Base ();
use vars qw{$VERSION @ISA $ISCORE};
BEGIN {
- $VERSION = '1.00';
+ $VERSION = '1.01';
@ISA = qw{Module::Install::Base};
$ISCORE = 1;
}
commit 648590e827311b31cd7276b4daf9d6e94379852f
Author: Shawn M Moore <sartak at bestpractical.com>
Date: Tue May 17 16:04:04 2011 -0400
Move MYMETA.yml from MANIFEST to MANIFEST.SKIP
It's supposed to be generated by end-users so we never want to ship it
diff --git a/MANIFEST.SKIP b/MANIFEST.SKIP
index 81ea961..865a4fb 100644
--- a/MANIFEST.SKIP
+++ b/MANIFEST.SKIP
@@ -6,6 +6,7 @@
.gz$
.bak$
Makefile$
+MYMETA.yml$
MANIFEST.perl$
\.old$
merge_bleadperl$
commit 238d2cc0693515a393971165e998ae1c30627d18
Author: Shawn M Moore <sartak at bestpractical.com>
Date: Tue May 17 16:19:28 2011 -0400
Commit part of the changelog
diff --git a/Changelog b/Changelog
index 99992bb..ca08d31 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,51 @@
+------------------------------
+Jifty 1.10517 - May 17th, 2011
+------------------------------
+CORE
+====
+ * Only load view handlers and actions once
+ This speeds up startup, particularly under multi-threaded plack servers,
+ by allowing the view handlers and actions to be loaded once before
+ forking. This is safe because essentially no state is saved (and almost
+ certainly none is modified) on the Jifty::Handler and Jifty::API objects
+ between first and second initialization.
+ * Replace XML::XPath with the more modern HTML::TreeBuilder::XPath
+ * Allow a shortcut around the dispatcher for fragments
+ Re-dispatching through the application's dispatcher can be a significant
+ performance hit on pageregion-heavy pages. Allow dispatchers to declare
+ a fragment_handler method which will be used in place of the full
+ dispatcher.
+ Care must be taken to ensure that this does not allow walking around
+ ACLs. Anything which runs on every request (sessions, Jifty->api
+ limiting) will have already run once on the original
+ /__jifty/webservices/json request; however, since that page is in no way
+ ACL protected by the dispatcher, a fragment_handler method which does
+ not adequately express the ACL checks of the rest of the dispatcher is a
+ security vulnerability. Whitelisting, rather than blacklisting, is most
+ likely the correct course of action.
+
+SECURITY
+========
+ * Move directory traversal check to the more centralized ->render_template
+ * Canonicalize all request paths; this catches fragment requests as well
+ Previously, the path as passed in the fragment request data structure
+ was used verbatim in the dispatcher and other locations. This possibly
+ allowed requests to walk around ACLs by requesting
+ '/some/safe/place/../../../dangerous' as a fragment. As a non-fragment,
+ this would have been canonicalized to '/dangerous', but fragment paths
+ were not being so canonicalized.
+
+BUGFIXES
+========
+ * Close lightboxes automatically and only if there are no validation errors
+ * Have Jifty::Test::WWW::Mechanize pull in improvements from
+ Jifty::Client::field_error_text
+
+INSTALL
+=======
+ * We placked up a while ago, no need for HTTP::Server::Simple deps
+ * Depend on the Jifty::DBI 0.68 which has security fixes
+
-----------------------------------
Jifty 1.10228 - February 28th, 2011
-----------------------------------
-----------------------------------------------------------------------
More information about the Jifty-commit
mailing list