net/proxytunnel: fix build on SmartOS #139

wiedi · 2013-12-07T23:12:42Z

fix build on SmartOS

1.3.4 (2013-02-28) * Support RDoc 4.0 (#168, judofyr) * Add mention of Org-Mode support (#165, aslakknutsen) * Add AsciiDoctorTemplate (#163, #164, aslakknutsen) * Add PlainTextTemplate (nathanaeljones) * Restrict locals to valid variable names (#158, thinkerbot) * ERB: Improve trim mode support (#156, ssimeonov) * Add CSVTemplate (#153, alexgb) * Remove special case for 1.9.1 (#147, guilleiguaran) * Add allows_script? method to Template (#143, bhollis) * Default to using Redcarpet2 (#139, DAddYE) * Allow File/Tempfile as filenames (#134, jamesotron) * Add EtanniTemplate (#131, manveru) * Support RDoc 3.10 (#112, timfel) * Less: Options are now being passed to the parser (#106, cowboyd)

== Ruby-GNOME2 1.2.6: 2013-04-02 Broken Ruby/Poppler fix release! === Changes ==== Ruby/GLib2 * Improvements * Removed deprecated GLib::Completion. * Removed deprecated g_suorce_get_current_time() use. * [windows] Updated bundled GLib to 3.8.0. * [windows] Updated bundled glib-networking to 3.8.0. * [windows] Updated bundled GnuTLS to 3.1.10. ==== Ruby/ATK * Improvements * [windows] Updated bundled ATK to 2.8.0. ==== Ruby/GdkPixbuf2 * Improvements * [windows] Updated bundled gdk-pixbuf to 2.28.0. ==== Ruby/Pango * Improvements * [windows] Updated bundled Pango to 1.34.0. ==== Ruby/GDK3 * Improvements * [windows] Updated bundled GTK+ to 3.8.0. ==== Ruby/Poppler * Fixes * Fixed a bug that Poppler::Page#render is broken. [SF.net#184] [Reported by HARUYAMA Seigo] ==== Ruby/GooCanvas * Improvements * Added a Ruby/GObjectIntrospection based sample. [GitHub #139] [Patch by Masafumi Yokoyama] === Thanks * Masafumi Yokoyama * HARUYAMA Seigo

jperkin · 2013-12-10T14:00:08Z

Fixed upstream, thanks!

FITS (Flexible Image Transport System) is a data format most used in astronomy. PyFITS is a Python module for reading, writing, and manipulating FITS files. The module uses Python's object-oriented features to provide quick, easy, and efficient access to FITS files. The use of Python's array syntax enables immediate access to any FITS extension, header cards, or data items. Changes to 2.4.0 (in py-pyfits): Changelog =========== 3.2 (2013-11-26) ---------------- Highlights ^^^^^^^^^^ - Rewrote CFITSIO-based backend for handling tile compression of FITS files. It now uses a standard CFITSIO instead of heavily modified pieces of CFITSIO as before. PyFITS ships with its own copy of CFITSIO v3.35 which supports the latest version of the Tiled Image Convention (v2.3), but system packagers may choose instead to strip this out in favor of a system-installed version of CFITSIO. Earlier versions may work, but nothing earlier than 3.28 has been tested yet. (#169) - Added support for reading and writing tables using the Q format for columns. The Q format is identical to the P format (variable-length arrays) except that it uses 64-bit integers for the data descriptors, allowing more than 4 GB of variable-length array data in a single table. (#160) - Added initial support for table columns containing pseudo-unsigned integers. This is currently enabled by using the ``uint=True`` option when opening files; any table columns with the correct BZERO value will be interpreted and returned as arrays of unsigned integers. - Some refactoring of the table and ``FITS_rec`` modules in order to better separate the details of the FITS binary and ASCII table data structures from the HDU data structures that encapsulate them. Most of these changes should not be apparent to users (but see API Changes below). API Changes ^^^^^^^^^^^ - Assigning to values in ``ColDefs.names``, ``ColDefs.formats``, ``ColDefs.nulls`` and other attributes of ``ColDefs`` instances that return lists of column properties is no longer supported. Assigning to those lists will no longer update the corresponding columns. Instead, please just modify the ``Column`` instances directly (``Column.name``, ``Column.null``, etc.) - The ``pyfits.new_table`` function is marked "pending deprecation". This does not mean it will be removed outright or that its functionality has changed. It will likely be replaced in the future for a function with similar, if not subtly different functionality. A better, if not slightly more verbose approach is to use ``pyfits.FITS_rec.from_columns`` to create a new ``FITS_rec`` table--this has the same interface as ``pyfits.new_table``. The difference is that it returns a plan ``FITS_rec`` array, and not an HDU instance. This ``FITS_rec`` object can then be used as the data argument in the constructors for ``BinTableHDU`` (for binary tables) or ``TableHDU`` (for ASCII tables). This is analogous to creating an ``ImageHDU`` by passing in an image array. ``pyfits.FITS_rec.from_columns`` is just a simpler way of creating a FITS-compatible recarray from a FITS column specification. - The ``updateHeader``, ``updateHeaderData``, and ``updateCompressedData`` methods of the ``CompDataHDU`` class are pending deprecation and moved to internal methods. The operation of these methods depended too much on internal state to be used safely by users; instead they are invoked automatically in the appropriate places when reading/writing compressed image HDUs. - The ``CompDataHDU.compData`` attribute is pending deprecation in favor of the clearer and more PEP-8 compatible ``CompDataHDU.compressed_data``. - The constructor for ``CompDataHDU`` has been changed to accept new keyword arguments. The new keyword arguments are essentially the same, but are in underscore_separated format rather than camelCase format. The old arguments are still pending deprecation. - The internal attributes of HDU classes ``_hdrLoc``, ``_datLoc``, and ``_datSpan`` have been replaced with ``_header_offset``, ``_data_offset``, and ``_data_size`` respectively. The old attribute names are still pending deprecation. This should only be of interest to advanced users who have created their own HDU subclasses. - The following previously deprecated functions and methods have been removed entirely: ``createCard``, ``createCardFromString``, ``upperKey``, ``ColDefs.data``, ``setExtensionNameCaseSensitive``, ``_File.getfile``, ``_TableBaseHDU.get_coldefs``, ``Header.has_key``, ``Header.ascardlist``. If you run your code with a previous version of PyFITS (>= 3.0, < 3.2) with the ``python -Wd`` argument, warnings for all deprecated interfaces still in use will be displayed. - Interfaces that were pending deprecation are now fully deprecated. These include: ``create_card``, ``create_card_from_string``, ``upper_key``, ``Header.get_history``, and ``Header.get_comment``. - The ``.name`` attribute on HDUs is now directly tied to the HDU's header, so that if ``.header['EXTNAME']`` changes so does ``.name`` and vice-versa. - The ``pyfits.file.PYTHON_MODES`` constant dict was renamed to ``pyfits.file.PYFITS_MODES`` which better reflects its purpose. This is rarely used by client code, however. Support for the old name will be removed by PyFITS 3.4. Other Changes and Additions ^^^^^^^^^^^^^^^^^^^^^^^^^^^ - The new compression code also adds support for the ZQUANTIZ and ZDITHER0 keywords added in more recent versions of this FITS Tile Compression spec. This includes support for lossless compression with GZIP. (#198) By default no dithering is used, but the ``SUBTRACTIVE_DITHER_1`` and ``SUBTRACTIVE_DITHER_2`` methods can be enabled by passing the correct constants to the ``quantize_method`` argument to the ``CompImageHDU`` constuctor. A seed can be manually specified, or automatically generated using either the system clock or checksum-based methods via the ``dither_seed`` argument. See the documentation for ``CompImageHDU`` for more details. (#198) (spacetelescope/PYFITS#32) - Images compressed with the Tile Compression standard can now be larger than 4 GB through support of the Q format. (#159) - All HDUs now have a ``.ver`` ``.level`` attribute that returns the value of the EXTVAL and EXTLEVEL keywords from that HDU's header, if the exist. This was added for consistency with the ``.name`` attribute which returns the EXTNAME value from the header. - Then ``Column`` and ``ColDefs`` classes have new ``.dtype`` attributes which give the Numpy dtype for the column data in the first case, and the full Numpy compound dtype for each table row in the latter case. - There was an issue where new tables created defaulted the values in all string columns to '0.0'. Now string columns are filled with empty strings by default--this seems a less surprising default, but it may cause differences with tables created with older versions of PyFITS. - Improved round-tripping and preservation of manually assigned column attributes (``TNULLn``, ``TSCALn``, etc.) in table HDU headers. (astropy/astropy#996) Bug Fixes ^^^^^^^^^ - Binary tables containing compressed images may, optionally, contain other columns unrelated to the tile compression convention. Although this is an uncommon use case, it is permitted by the standard. (#159) - Reworked some of the file I/O routines to allow simpler, more consistent mapping between OS-level file modes ('rb', 'wb', 'ab', etc.) and the more "PyFITS-specific" modes used by PyFITS like "readonly" and "update". That is, if reading a FITS file from an open file object, it doesn't matter as much what "mode" it was opened in so long as it has the right capabilities (read/write/etc.) Also works around bugs in the Python io module in 2.6+ with regard to file modes. (spacetelescope/PyFITS#33) - Fixed an obscure issue that can occur on systems that don't have flush to memory-mapped files implemented (namely GNU Hurd). (astropy/astropy#968) 3.1.3 (2013-11-26) ------------------ - Disallowed assigning NaN and Inf floating point values as header values, since the FITS standard does not define a way to represent them in. Because this is undefined, the previous behavior did not make sense and produced invalid FITS files. (spacetelescope/PyFITS#11) - Added a workaround for a bug in 64-bit OSX that could cause truncation when writing files greater than 2^32 bytes in size. (spacetelescope/PyFITS#28) - Fixed a long-standing issue where writing binary tables did not correctly write the TFORMn keywords for variable-length array columns (they ommitted the max array length parameter of the format). This was thought fixed in v3.1.2, but it was only fixed there for compressed image HDUs and not for binary tables in general. - Fixed an obscure issue that can occur on systems that don't have flush to memory-mapped files implemented (namely GNU Hurd). (Backported from 3.2) 3.0.12 (2013-11-26) ------------------- - Disallowed assigning NaN and Inf floating point values as header values, since the FITS standard does not define a way to represent them in. Because this is undefined, the previous behavior did not make sense and produced invalid FITS files. (Backported from 3.1.3) - Added a workaround for a bug in 64-bit OSX that could cause truncation when writing files greater than 2^32 bytes in size. (Backported from 3.1.3) - Fixed a long-standing issue where writing binary tables did not correctly write the TFORMn keywords for variable-length array columns (they ommitted the max array length parameter of the format). This was thought fixed in v3.1.2, but it was only fixed there for compressed image HDUs and not for binary tables in general. (Backported from 3.1.3) - Fixed an obscure issue that can occur on systems that don't have flush to memory-mapped files implemented (namely GNU Hurd). (Backported from 3.2) 3.1.2 (2013-04-22) ------------------ - When an error occurs opening a file in fitsdiff the exception message will now at least mention which file had the error. (#168) - Fixed support for opening gzipped FITS files by filename in a writeable mode (PyFITS has supported writing to gzip files for some time now, but only enabled it when GzipFile objects were passed to ``pyfits.open()`` due to some legacy code preventing full gzip support. (#195) - Added a more helpful error message in the case of malformatted FITS files that contain non-float NULL values in an ASCII table but are missing the required TNULLn keywords in the header. (#197) - Fixed an (apparently long-standing) issue where writing compressed images did not correctly write the TFORMn keywords for variable-length array columns (they ommitted the max array length parameter of the format). (#199) - Slightly refactored how tables containing variable-length array columns are handled to add two improvements: Fixes an issue where accessing the data after a call to the `pyfits.getdata` convenience function caused an exception, and allows the VLA data to be read from an existing mmap of the FITS file. (#200) - Fixed a bug that could occur when opening a table containing multi-dimensional columns (i.e. via the TDIMn keyword) and then writing it out to a new file. (#201) - Added use of the console_scripts entry point to install the fitsdiff and fitscheck scripts, which if nothing else provides better Windows support. The generated scripts now override the ones explicitly defined in the scripts/ directory (which were just trivial stubs to begin with). (#202) - Fixed a bug on Python 3 where attempting to open a non-existent file on Python 3 caused a seemingly unrelated traceback. (#203) - Fixed a bug in fitsdiff that reported two header keywords containing NaN as value as different. (#204) - Fixed an issue in the tests that caused some tests to fail if pyfits is installed with read-only permissions. (#208) - Fixed a bug where instantiating a ``BinTableHDU`` from a numpy array containing boolean fields converted all the values to ``False``. (#215) - Fixed an issue where passing an array of integers into the constructor of ``Column()`` when the column type is floats of the same byte width caused the column array to become garbled. (#218) - Fixed inconsistent behavior in creating CONTINUE cards from byte strings versus unicode strings in Python 2--CONTINUE cards can now be created properly from unicode strings (so long as they are convertable to ASCII). (spacetelescope/PyFITS#1) - Fixed a couple cases where creating a new table using TDIMn in some of the columns could caused a crash. (spacetelescope/PyFITS#3) - Fixed a bug in parsing HIERARCH keywords that do not have a space after the first equals sign (before the value). (spacetelescope/PyFITS#5) - Prevented extra leading whitespace on HIERARCH keywords from being treated as part of the keyword. (spacetelescope/PyFITS#6) - Fixed a bug where HIERARCH keywords containing lower-case letters was mistakenly marked as invalid during header validation. (spacetelescope/PyFITS#7) - Fixed an issue that was ancillary to (spacetelescope/PyFITS#7) where the ``Header.index()`` method did not work correctly with HIERARCH keywords containing lower-case letters. 3.0.11 (2013-04-17) ------------------- - Fixed support for opening gzipped FITS files by filename in a writeable mode (PyFITS has supported writing to gzip files for some time now, but only enabled it when GzipFile objects were passed to ``pyfits.open()`` due to some legacy code preventing full gzip support. Backported from 3.1.2. (#195) - Added a more helpful error message in the case of malformatted FITS files that contain non-float NULL values in an ASCII table but are missing the required TNULLn keywords in the header. Backported from 3.1.2. (#197) - Fixed an (apparently long-standing) issue where writing compressed images did not correctly write the TFORMn keywords for variable-length array columns (they ommitted the max array length parameter of the format). Backported from 3.1.2. (#199) - Slightly refactored how tables containing variable-length array columns are handled to add two improvements: Fixes an issue where accessing the data after a call to the `pyfits.getdata` convenience function caused an exception, and allows the VLA data to be read from an existing mmap of the FITS file. Backported from 3.1.2. (#200) - Fixed a bug that could occur when opening a table containing multi-dimensional columns (i.e. via the TDIMn keyword) and then writing it out to a new file. Backported from 3.1.2. (#201) - Fixed a bug on Python 3 where attempting to open a non-existent file on Python 3 caused a seemingly unrelated traceback. Backported from 3.1.2. (#203) - Fixed a bug in fitsdiff that reported two header keywords containing NaN as value as different. Backported from 3.1.2. (#204) - Fixed an issue in the tests that caused some tests to fail if pyfits is installed with read-only permissions. Backported from 3.1.2. (#208) - Fixed a bug where instantiating a ``BinTableHDU`` from a numpy array containing boolean fields converted all the values to ``False``. Backported from 3.1.2. (#215) - Fixed an issue where passing an array of integers into the constructor of ``Column()`` when the column type is floats of the same byte width caused the column array to become garbled. Backported from 3.1.2. (#218) - Fixed a couple cases where creating a new table using TDIMn in some of the columns could caused a crash. Backported from 3.1.2. (spacetelescope/PyFITS#3) 3.1.1 (2013-01-02) ------------------ This is a bug fix release for the 3.1.x series. Bug Fixes ^^^^^^^^^ - Improved handling of scaled images and pseudo-unsigned integer images in compressed image HDUs. They now work more transparently like normal image HDUs with support for the ``do_not_scale_image_data`` and ``uint`` options, as well as ``scale_back`` and ``save_backup``. The ``.scale()`` method works better too. (#88) - Permits non-string values for the EXTNAME keyword when reading in a file, rather than throwing an exception due to the malformatting. Added verification for the format of the EXTNAME keyword when writing. (#96) - Added support for EXTNAME and EXTVER in PRIMARY HDUs. That is, if EXTNAME is specified in the header, it will also be reflected in the ``.name`` attribute and in ``pyfits.info()``. These keywords used to be verboten in PRIMARY HDUs, but the latest version of the FITS standard allows them. (#151) - HCOMPRESS can again be used to compress data cubes (and higher-dimensional arrays) so long as the tile size is effectively 2-dimensional. In fact, PyFITS will automatically use compatible tile sizes even if they're not explicitly specified. (#171) - Added support for the optional ``endcard`` parameter in the ``Header.fromtextfile()`` and ``Header.totextfile()`` methods. Although ``endcard=False`` was a reasonable default assumption, there are still text dumps of FITS headers that include the END card, so this should have been more flexible. (#176) - Fixed a crash when running fitsdiff on two empty (that is, zero row) tables. (#178) - Fixed an issue where opening files containing random groups HDUs in update mode could cause an unnecessary rewrite of the file even if none of the data is modified. (#179) - Fixed a bug that could caused a deadlock in the filesystem on OSX if PyFITS is used with Numpy 1.7 in some cases. (#180) - Fixed a crash when generating diff reports from diffs using the ``ignore_comments`` options. (#181) - Fixed some bugs with WCS Paper IV record-valued keyword cards: - Cards that looked kind of like RVKCs but were not intended to be were over-permissively treated as such--commentary keywords like COMMENT and HISTORY were particularly affected. (#183) - Looking up a card in a header by its standard FITS keyword only should always return the raw value of that card. That way cards containing values that happen to valid RVKCs but were not intended to be will still be treated like normal cards. (#184) - Looking up a RVKC in a header with only part of the field-specifier (for example "DP1.AXIS" instead of "DP1.AXIS.1") was implicitly treated as a wildcard lookup. (#184) - Fixed a crash when diffing two FITS files where at least one contains a compressed image HDU which was not recognized as an image instead of a table. (#187) - Fixed bugs in the backwards compatibility layer for the ``CardList.index`` and ``CardList.count`` methods. (#190) - Improved ``__repr__`` and text file representation of cards with long values that are split into CONTINUE cards. (#193) - Fixed a crash when trying to assign a long (> 72 character) value to blank ('') keywords. This also changed how blank keywords are represented--there are still exactly 8 spaces before any commentary content can begin; this *may* affect the exact display of header cards that assumed there could be fewer spaces in a blank keyword card before the content begins. However, the current approach is more in line with the requirements of the FITS standard. (#194) 3.0.10 (2013-01-02) ------------------- - Improved handling of scaled images and pseudo-unsigned integer images in compressed image HDUs. They now work more transparently like normal image HDUs with support for the ``do_not_scale_image_data`` and ``uint`` options, as well as ``scale_back`` and ``save_backup``. The ``.scale()`` method works better too. Backported from 3.1.1. (#88) - Permits non-string values for the EXTNAME keyword when reading in a file, rather than throwing an exception due to the malformatting. Added verification for the format of the EXTNAME keyword when writing. Backported from 3.1.1. (#96) - Added support for EXTNAME and EXTVER in PRIMARY HDUs. That is, if EXTNAME is specified in the header, it will also be reflected in the ``.name`` attribute and in ``pyfits.info()``. These keywords used to be verbotten in PRIMARY HDUs, but the latest version of the FITS standard allows them. Backported from 3.1.1. (#151) - HCOMPRESS can again be used to compress data cubes (and higher-dimensional arrays) so long as the tile size is effectively 2-dimensional. In fact, PyFITS will not automatically use compatible tile sizes even if they're not explicitly specified. Backported from 3.1.1. (#171) - Fixed a bug when writing out files containing zero-width table columns, where the TFIELDS keyword would be updated incorrectly, leaving the table largely unreadable. Backported from 3.1.0. (#174) - Fixed an issue where opening files containing random groups HDUs in update mode could cause an unnecessary rewrite of the file even if none of the data is modified. Backported from 3.1.1. (#179) - Fixed a bug that could caused a deadlock in the filesystem on OSX if PyFITS is used with Numpy 1.7 in some cases. Backported from 3.1.1. (#180) 3.1 (2012-08-08) ---------------- Highlights ^^^^^^^^^^ - The ``Header`` object has been significantly reworked, and ``CardList`` objects are now deprecated (their functionality folded into the ``Header`` class). See API Changes below for more details. - Memory maps are now used by default to access HDU data. See API Changes below for more details. - Now includes a new version of the ``fitsdiff`` program for comparing two FITS files, and a new FITS comparison API used by ``fitsdiff``. See New Features below. API Changes ^^^^^^^^^^^ - The ``Header`` class has been rewritten, and the ``CardList`` class is deprecated. Most of the basic details of working with FITS headers are unchanged, and will not be noticed by most users. But there are differences in some areas that will be of interest to advanced users, and to application developers. For full details of the changes, see the "Header Interface Transition Guide" section in the PyFITS documentation. See ticket #64 on the PyFITS Trac for futher details and background. Some highlights are listed below: * The Header class now fully implements the Python dict interface, and can be used interchangably with a dict, where the keys are header keywords. * New keywords can be added to the header using normal keyword assignment (previously it was necessary to use ``Header.update`` to add new keywords). For example:: >>> header['NAXIS'] = 2 will update the existing 'FOO' keyword if it already exists, or add a new one if it doesn't exist, just like a dict. * It is possible to assign both a value and a comment at the same time using a tuple:: >>> header['NAXIS'] = (2, 'Number of axes') * To add/update a new card and ensure it's added in a specific location, use ``Header.set()``:: >>> header.set('NAXIS', 2, 'Number of axes', after='BITPIX') This works the same as the old ``Header.update()``. ``Header.update()`` still works in the old way too, but is deprecated. * Although ``Card`` objects still exist, it generally is not necessary to work with them directly. ``Header.ascardlist()``/``Header.ascard`` are deprecated and should not be used. To directly access the ``Card`` objects in a header, use ``Header.cards``. * To access card comments, it is still possible to either go through the card itself, or through ``Header.comments``. For example:: >>> header.cards['NAXIS'].comment Number of axes >>> header.comments['NAXIS'] Number of axes * ``Card`` objects can now be used interchangeably with ``(keyword, value, comment)`` 3-tuples. They still have ``.value`` and ``.comment`` attributes as well. The ``.key`` attribute has been renamed to ``.keyword`` for consistency, though ``.key`` is still supported (but deprecated). - Memory mapping is now used by default to access HDU data. That is, ``pyfits.open()`` uses ``memmap=True`` as the default. This provides better performance in the majority of use cases--there are only some I/O intensive applications where it might not be desirable. Enabling mmap by default also enabled finding and fixing a large number of bugs in PyFITS' handling of memory-mapped data (most of these bug fixes were backported to PyFITS 3.0.5). (#85) * A new ``pyfits.USE_MEMMAP`` global variable was added. Set ``pyfits.USE_MEMMAP = False`` to change the default memmap setting for opening files. This is especially useful for controlling the behavior in applications where pyfits is deeply embedded. * Likewise, a new ``PYFITS_USE_MEMMAP`` environment variable is supported. Set ``PYFITS_USE_MEMMAP = 0`` in your environment to change the default behavior. - The ``size()`` method on HDU objects is now a ``.size`` property--this returns the size in bytes of the data portion of the HDU, and in most cases is equivalent to ``hdu.data.nbytes`` (#83) - ``BinTableHDU.tdump`` and ``BinTableHDU.tcreate`` are deprecated--use ``BinTableHDU.dump`` and ``BinTableHDU.load`` instead. The new methods output the table data in a slightly different format from previous versions, which places quotes around each value. This format is compatible with data dumps from previous versions of PyFITS, but not vice-versa due to a parsing bug in older versions. - Likewise the ``pyfits.tdump`` and ``pyfits.tcreate`` convenience function versions of these methods have been renamed ``pyfits.tabledump`` and ``pyfits.tableload``. The old deprecated, but currently retained for backwards compatibility. (r1125) - A new global variable ``pyfits.EXTENSION_NAME_CASE_SENSITIVE`` was added. This serves as a replacement for ``pyfits.setExtensionNameCaseSensitive`` which is not deprecated and may be removed in a future version. To enable case-sensitivity of extension names (i.e. treat 'sci' as distict from 'SCI') set ``pyfits.EXTENSION_NAME_CASE_SENSITIVE = True``. The default is ``False``. (r1139) - A new global configuration variable ``pyfits.STRIP_HEADER_WHITESPACE`` was added. By default, if a string value in a header contains trailing whitespace, that whitespace is automatically removed when the value is read. Now if you set ``pyfits.STRIP_HEADER_WHITESPACE = False`` all whitespace is preserved. (#146) - The old ``classExtensions`` extension mechanism (which was deprecated in PyFITS 3.0) is removed outright. To our knowledge it was no longer used anywhere. (r1309) - Warning messages from PyFITS issued through the Python warnings API are now output to stderr instead of stdout, as is the default. PyFITS no longer modifies the default behavior of the warnings module with respect to which stream it outputs to. (r1319) - The ``checksum`` argument to ``pyfits.open()`` now accepts a value of 'remove', which causes any existing CHECKSUM/DATASUM keywords to be ignored, and removed when the file is saved. New Features ^^^^^^^^^^^^ - Added support for the proposed "FITS" extension HDU type. See http://listmgr.cv.nrao.edu/pipermail/fitsbits/2002-April/001094.html. FITS HDUs contain an entire FITS file embedded in their data section. `FitsHDU` objects work like other HDU types in PyFITS. Their ``.data`` attribute returns the raw data array. However, they have a special ``.hdulist`` attribute which processes the data as a FITS file and returns it as an in-memory HDUList object. FitsHDU objects also support a ``FitsHDU.fromhdulist()`` classmethod which returns a new `FitsHDU` object that embeds the supplied HDUList. (#80) - Added a new ``.is_image`` attribute on HDU objects, which is True if the HDU data is an 'image' as opposed to a table or something else. Here the meaning of 'image' is fairly loose, and mostly just means a Primary or Image extension HDU, or possibly a compressed image HDU (#71) - Added an ``HDUList.fromstring`` classmethod which can parse a FITS file already in memory and instantiate and ``HDUList`` object from it. This could be useful for integrating PyFITS with other libraries that work on FITS file, such as CFITSIO. It may also be useful in streaming applications. The name is a slight misnomer, in that it actually accepts any Python object that implements the buffer interface, which includes ``bytes``, ``bytearray``, ``memoryview``, ``numpy.ndarray``, etc. (#90) - Added a new ``pyfits.diff`` module which contains facilities for comparing FITS files. One can use the ``pyfits.diff.FITSDiff`` class to compare two FITS files in their entirety. There is also a ``pyfits.diff.HeaderDiff`` class for just comparing two FITS headers, and other similar interfaces. See the PyFITS Documentation for more details on this interface. The ``pyfits.diff`` module powers the new ``fitsdiff`` program installed with PyFITS. After installing PyFITS, run ``fitsdiff --help`` for usage details. - ``pyfits.open()`` now accepts a ``scale_back`` argument. If set to ``True``, this automatically scales the data using the original BZERO and BSCALE parameters the file had when it was first opened, if any, as well as the original BITPIX. For example, if the original BITPIX were 16, this would be equivalent to calling ``hdu.scale('int16', 'old')`` just before calling ``flush()`` or ``close()`` on the file. This option applies to all HDUs in the file. (#120) - ``pyfits.open()`` now accepts a ``save_backup`` argument. If set to ``True``, this automatically saves a backup of the original file before flushing any changes to it (this of course only applies to update and append mode). This may be especially useful when working with scaled image data. (#121) Changes in Behavior ^^^^^^^^^^^^^^^^^^^ - Warnings from PyFITS are not output to stderr by default, instead of stdout as it has been for some time. This is contrary to most users' expectations and makes it more difficult for them to separate output from PyFITS from the desired output for their scripts. (r1319) Bug Fixes ^^^^^^^^^ - Fixed ``pyfits.tcreate()`` (now ``pyfits.tableload()``) to be more robust when encountering blank lines in a column definition file (#14) - Fixed a fairly rare crash that could occur in the handling of CONTINUE cards when using Numpy 1.4 or lower (though 1.4 is the oldest version supported by PyFITS). (r1330) - Fixed ``_BaseHDU.fromstring`` to actually correctly instantiate an HDU object from a string/buffer containing the header and data of that HDU. This allowed for the implementation of ``HDUList.fromstring`` described above. (#90) - Fixed a rare corner case where, in some use cases, (mildly, recoverably) malformatted float values in headers were not properly returned as floats. (#137) - Fixed a corollary to the previous bug where float values with a leading zero before the decimal point had the leading zero unnecessarily removed when saving changes to the file (eg. "0.001" would be written back as ".001" even if no changes were otherwise made to the file). (#137) - When opening a file containing CHECKSUM and/or DATASUM keywords in update mode, the CHECKSUM/DATASUM are updated and preserved even if the file was opened with checksum=False. This change in behavior prevents checksums from being unintentionally removed. (#148) - Fixed a bug where ``ImageHDU.scale(option='old')`` wasn't working at all--it was not restoring the image to its original BSCALE and BZERO values. (#162) - Fixed a bug when writing out files containing zero-width table columns, where the TFIELDS keyword would be updated incorrectly, leaving the table largely unreadable. This fix will be backported to the 3.0.x series in version 3.0.10. (#174) 3.0.9 (2012-08-06) ------------------ This is a bug fix release for the 3.0.x series. Bug Fixes ^^^^^^^^^ - Fixed ``Header.values()``/``Header.itervalues()`` and ``Header.items()``/ ``Header.iteritems()`` to correctly return the different values for duplicate keywords (particularly commentary keywords like HISTORY and COMMENT). This makes the old Header implementation slightly more compatible with the new implementation in PyFITS 3.1. (#127) .. note:: This fix did not change the existing behavior from earlier PyFITS versions where ``Header.keys()`` returns all keywords in the header with duplicates removed. PyFITS 3.1 changes that behavior, so that ``Header.keys()`` includes duplicates. - Fixed a bug where ``ImageHDU.scale(option='old')`` wasn't working at all--it was not restoring the image to its original BSCALE and BZERO values. (#162) - Fixed a bug where opening a file containing compressed image HDUs in 'update' mode and then immediately closing it without making any changes caused the file to be rewritten unncessarily. (#167) - Fixed two memory leaks that could occur when writing compressed image data, or in some cases when opening files containing compressed image HDUs in 'update' mode. (#168) 3.0.8 (2012-06-04) ------------------ Changes in Behavior ^^^^^^^^^^^^^^^^^^^ - Prior to this release, image data sections did not work with scaled data--that is, images with non-trivial BSCALE and/or BZERO values. Previously, in order to read such images in sections, it was necessary to manually apply the BSCALE+BZERO to each section. It's worth noting that sections *did* support pseudo-unsigned ints (flakily). This change just extends that support for general BSCALE+BZERO values. Bug Fixes ^^^^^^^^^ - Fixed a bug that prevented updates to values in boolean table columns from being saved. This turned out to be a symptom of a deeper problem that could prevent other table updates from being saved as well. (#139) - Fixed a corner case in which a keyword comment ending with the string "END" could, in some circumstances, cause headers (and the rest of the file after that point) to be misread. (#142) - Fixed support for scaled image data and psuedo-unsigned ints in image data sections (``hdu.section``). Previously this was not supported at all. At some point support was supposedly added, but it was buggy and incomplete. Now the feature seems to work much better. (#143) - Fixed the documentation to point out that image data sections *do* support non-contiguous slices (and have for a long time). The documentation was never updated to reflect this, and misinformed users that only contiguous slices were supported, leading to some confusion. (#144) - Fixed a bug where creating an ``HDUList`` object containing multiple PRIMARY HDUs caused an infinite recursion when validating the object prior to writing to a file. (#145) - Fixed a rare but serious case where saving an update to a file that previously had a CHECKSUM and/or DATASUM keyword, but removed the checksum in saving, could cause the file to be slightly corrupted and unreadable. (#147) - Fixed problems with reading "non-standard" FITS files with primary headers containing SIMPLE = F. PyFITS has never made many guarantees as to how such files are handled. But it should at least be possible to read their headers, and the data if possible. Saving changes to such a file should not try to prepend an unwanted valid PRIMARY HDU. (#157) - Fixed a bug where opening an image with ``disable_image_compression = True`` caused compression to be disabled for all subsequent ``pyfits.open()`` calls. (r1651) 3.0.7 (2012-04-10) ------------------ Changes in Behavior ^^^^^^^^^^^^^^^^^^^ - Slices of GroupData objects now return new GroupData objects instead of extended multi-row _Group objects. This is analogous to how PyFITS 3.0 fixed FITS_rec slicing, and should have been fixed for GroupData at the same time. The old behavior caused bugs where functions internal to Numpy expected that slicing an ndarray would return a new ndarray. As this is a rare usecase with a rare feature most users are unlikely to be affected by this change. - The previously internal _Group object for representing individual group records in a GroupData object are renamed Group and are now a public interface. However, there's almost no good reason to create Group objects directly, so it shouldn't be considered a "new feature". - An annoyance from PyFITS 3.0.6 was fixed, where the value of the EXTEND keyword was always being set to F if there are not actually any extension HDUs. It was unnecessary to modify this value. Bug Fixes ^^^^^^^^^ - Fixed GroupData objects to return new GroupData objects when sliced instead of _Group record objects. See "Changes in behavior" above for more details. - Fixed slicing of Group objects--previously it was not possible to slice slice them at all. - Made it possible to assign `np.bool_` objects as header values. (#123) - Fixed overly strict handling of the EXTEND keyword; see "Changes in behavior" above. (#124) - Fixed many cases where an HDU's header would be marked as "modified" by PyFITS and rewritten, even when no changes to the header are necessary. (#125) - Fixed a bug where the values of the PTYPEn keywords in a random groups HDU were forced to be all lower-case when saving the file. (#130) - Removed an unnecessary inline import in `ExtensionHDU.__setattr__` that was causing some slowdown when opening files containing a large number of extensions, plus a few other small (but not insignficant) performance improvements thanks to Julian Taylor. (#133) - Fixed a regression where header blocks containing invalid end-of-header padding (i.e. null bytes instead of spaces) couldn't be parsed by PyFITS. Such headers can be parsed again, but a warning is raised, as such headers are not valid FITS. (#136) - Fixed a memory leak where table data in random groups HDUs weren't being garbage collected. (#138) 3.0.6 (2012-02-29) ------------------ Highlights ^^^^^^^^^^ The main reason for this release is to fix an issue that was introduced in PyFITS 3.0.5 where merely opening a file containing scaled data (that is, with non-trivial BSCALE and BZERO keywords) in 'update' mode would cause the data to be automatically rescaled--possibly converting the data from ints to floats--as soon as the file is closed, even if the application did not touch the data. Now PyFITS will only rescale the data in an extension when the data is actually accessed by the application. So opening a file in 'update' mode in order to modify the header or append new extensions will not cause any change to the data in existing extensions. This release also fixes a few Windows-specific bugs found through more extensive Windows testing, and other miscellaneous bugs. Bug Fixes ^^^^^^^^^ - More accurate error messages when opening files containing invalid header cards. (#109) - Fixed a possible reference cycle/memory leak that was caught through more extensive testing on Windows. (#112) - Fixed 'ostream' mode to open the underlying file in 'wb' mode instead of 'w' mode. (#112) - Fixed a Windows-only issue where trying to save updates to a resized FITS file could result in a crash due to there being open mmaps on that file. (#112) - Fixed a crash when trying to create a FITS table (i.e. with new_table()) from a Numpy array containing bool fields. (#113) - Fixed a bug where manually initializing an ``HDUList`` with a list of of HDUs wouldn't set the correct EXTEND keyword value on the primary HDU. (#114) - Fixed a crash that could occur when trying to deepcopy a Header in Python < 2.7. (#115) - Fixed an issue where merely opening a scaled image in 'update' mode would cause the data to be converted to floats when the file is closed. (#119) 3.0.5 (2012-01-30) ------------------ - Fixed a crash that could occur when accessing image sections of files opened with memmap=True. (r1211) - Fixed the inconsistency in the behavior of files opened in 'readonly' mode when memmap=True vs. when memmap=False. In the latter case, although changes to array data were not saved to disk, it was possible to update the array data in memory. On the other hand with memmap=True, 'readonly' mode prevented even in-memory modification to the data. This is what 'copyonwrite' mode was for, but difference in behavior was confusing. Now 'readonly' is equivalent to 'copyonwrite' when using memmap. If the old behavior of denying changes to the array data is necessary, a new 'denywrite' mode may be used, though it is only applicable to files opened with memmap. (r1275) - Fixed an issue where files opened with memmap=True would return image data as a raw numpy.memmap object, which can cause some unexpected behaviors--instead memmap object is viewed as a numpy.ndarray. (r1285) - Fixed an issue in Python 3 where a workaround for a bug in Numpy on Python 3 interacted badly with some other software, namely to vo.table package (and possibly others). (r1320, r1337, and #110) - Fixed buggy behavior in the handling of SIGINTs (i.e. Ctrl-C keyboard interrupts) while flushing changes to a FITS file. PyFITS already prevented SIGINTs from causing an incomplete flush, but did not clean up the signal handlers properly afterwards, or reraise the keyboard interrupt once the flush was complete. (r1321) - Fixed a crash that could occur in Python 3 when opening files with checksum checking enabled. (r1336) - Fixed a small bug that could cause a crash in the `StreamingHDU` interface when using Numpy below version 1.5. - Fixed a crash that could occur when creating a new `CompImageHDU` from an array of big-endian data. (#104) - Fixed a crash when opening a file with extra zero padding at the end. Though FITS files should not have such padding, it's not explictly forbidden by the format either, and PyFITS shouldn't stumble over it. (#106) - Fixed a major slowdown in opening tables containing large columns of string values. (#111) 3.0.4 (2011-11-22) ------------------ - Fixed a crash when writing HCOMPRESS compressed images that could happen on Python 2.5 and 2.6. (r1217) - Fixed a crash when slicing an table in a file opened in 'readonly' mode with memmap=True. (r1230) - Writing changes to a file or writing to a new file verifies the output in 'fix' mode by default instead of 'exception'--that is, PyFITS will automatically fix common FITS format errors rather than raising an exception. (r1243) - Fixed a bug where convenience functions such as getval() and getheader() crashed when specifying just 'PRIMARY' as the extension to use (r1263). - Fixed a bug that prevented passing keyword arguments (beyond the standard data and header arguments) as positional arguments to the constructors of extension HDU classes. - Fixed some tests that were failing on Windows--in this case the tests themselves failed to close some temp files and Windows refused to delete them while there were still open handles on them. (r1295) - Fixed an issue with floating point formatting in header values on Python 2.5 for Windows (and possibly other platforms). The exponent was zero-padded to 3 digits; although the FITS standard makes no specification on this, the formatting is now normalized to always pad the exponent to two digits. (r1295) - Fixed a bug where long commentary cards (such as HISTORY and COMMENT) were broken into multiple CONTINUE cards. However, commentary cards are not expected to be found in CONTINUE cards. Instead these long cards are broken into multiple commentary cards. (#97) - GZIP/ZIP-compressed FITS files can be detected and opened regardless of their filename extension. (#99) - Fixed a serious bug where opening scaled images in 'update' mode and then closing the file without touching the data would cause the file to be corrupted. (#101) 3.0.3 (2011-10-05) ------------------ - Fixed several small bugs involving corner cases in record-valued keyword cards (#70) - In some cases HDU creation failed if the first keyword value in the header was not a string value (#89) - Fixed a crash when trying to compute the HDU checksum when the data array contains an odd number of bytes (#91) - Disabled an unnecessary warning that was displayed on opening compressed HDUs with disable_image_compression = True (#92) - Fixed a typo in code for handling HCOMPRESS compressed images. 3.0.2 (2011-09-23) ------------------ - The ``BinTableHDU.tcreate`` method and by extension the ``pyfits.tcreate`` function don't get tripped up by blank lines anymore (#14) - The presence, value, and position of the EXTEND keyword in Primary HDUs is verified when reading/writing a FITS file (#32) - Improved documentation (in warning messages as well as in the handbook) that PyFITS uses zero-based indexing (as one would expect for C/Python code, but contrary to the PyFITS standard which was written with FORTRAN in mind) (#68) - Fixed a bug where updating a header card comment could cause the value to be lost if it had not already been read from the card image string. - Fixed a related bug where changes made directly to Card object in a header (i.e. assigning directly to card.value or card.comment) would not propagate when flushing changes to the file (#69) [Note: This and the bug above it were originally reported as being fixed in version 3.0.1, but the fix was never included in the release.] - Improved file handling, particularly in Python 3 which had a few small file I/O-related bugs (#76) - Fixed a bug where updating a FITS file would sometimes cause it to lose its original file permissions (#79) - Fixed the handling of TDIMn keywords; 3.0 added support for them, but got the axis order backards (they were treated as though they were row-major) (#82) - Fixed a crash when a FITS file containing scaled data is opened and immediately written to a new file without explicitly viewing the data first (#84) - Fixed a bug where creating a table with columns named either 'names' or 'formats' resulted in an infinite recursion (#86) 3.0.1 (2011-09-12) ------------------ - Fixed a bug where updating a header card comment could cause the value to be lost if it had not already been read from the card image string. - Changed ``_TableBaseHDU.data`` so that if the data contain an empty table a ``FITS_rec`` object with zero rows is returned rather than ``None``. - The ``.key`` attribute of ``RecordValuedKeywordCards`` now returns the full keyword+field-specifier value, instead of just the plain keyword (#46) - Fixed a related bug where changes made directly to Card object in a header (i.e. assigning directly to card.value or card.comment) would not propagate when flushing changes to the file (#69) - Fixed a bug where writing a table with zero rows could fail in some cases (#72) - Miscellanous small bug fixes that were causing some tests to fail, particularly on Python 3 (#74, #75) - Fixed a bug where creating a table column from an array in non-native byte order would not preserve the byte order, thus interpreting the column array using the wrong byte order (#77) 3.0.0 (2011-08-23) -------------------- - Contains major changes, bumping the version to 3.0 - Large amounts of refactoring and reorganization of the code; tried to preserve public API backwards-compatibility with older versions (private API has many changes and is not guaranteed to be backwards-compatible). There are a few small public API changes to be aware of: * The pyfits.rec module has been removed completely. If your version of numpy does not have the numpy.core.records module it is too old to be used with PyFITS. * The ``Header.ascardlist()`` method is deprecated--use the ``.ascard`` attribute instead. * ``Card`` instances have a new ``.cardimage`` attribute that should be used rather than ``.ascardimage()``, which may become deprecated. * The ``Card.fromstring()`` method is now a classmethod. It returns a new ``Card`` instance rather than modifying an existing instance. * The ``req_cards()`` method on HDU instances has changed: The ``pos`` argument is not longer a string. It is either an integer value (meaning the card's position must match that value) or it can be a function that takes the card's position as it's argument, and returns True if the position is valid. Likewise, the ``test`` argument no longer takes a string, but instead a function that validates the card's value and returns True or False. * The ``get_coldefs()`` method of table HDUs is deprecated. Use the ``.columns`` attribute instead. * The ``ColDefs.data`` attribute is deprecated--use ``ColDefs.columns`` instead (though in general you shouldn't mess with it directly--it might become internal at some point). * ``FITS_record`` objects take ``start`` and ``end`` as arguments instead of ``startColumn`` and ``endColumn`` (these are rarely created manually, so it's unlikely that this change will affect anyone). * ``BinTableHDU.tcreate()`` is now a classmethod, and returns a new ``BinTableHDU`` instance. * Use ``ExtensionHDU`` and ``NonstandardExtHDU`` for making new extension HDU classes. They are now public interfaces, wheres previously they were private and prefixed with underscores. * Possibly others--please report if you find any changes that cause difficulties. - Calls to deprecated functions will display a Deprecation warning. However, in Python 2.7 and up Deprecation warnings are ignored by default, so run Python with the `-Wd` option to see if you're using any deprecated functions. If we get close to actually removing any functions, we might make the Deprecation warnings display by default. - Added basic Python 3 support - Added support for multi-dimensional columns in tables as specified by the TDIMn keywords (#47) - Fixed a major memory leak that occurred when creating new tables with the ``new_table()`` function (#49) be padded with zero-bytes) vs ASCII tables (where strings are padded with spaces) (#15) - Fixed a bug in which the case of Random Access Group parameters names was not preserved when writing (#41) - Added support for binary table fields with zero width (#42) - Added support for wider integer types in ASCII tables; although this is non- standard, some GEIS images require it (#45) - Fixed a bug that caused the index_of() method of HDULists to crash when the HDUList object is created from scratch (#48) - Fixed the behavior of string padding in binary tables (where strings should be padded with nulls instead of spaces) - Fixed a rare issue that caused excessive memory usage when computing checksums using a non-standard block size (see r818) - Add support for forced uint data in image sections (#53) - Fixed an issue where variable-length array columns were not extended when creating a new table with more rows than the original (#54) - Fixed tuple and list-based indexing of FITS_rec objects (#55) - Fixed an issue where BZERO and BSCALE keywords were appended to headers in the wrong location (#56) - ``FITS_record`` objects (table rows) have full slicing support, including stepping, etc. (#59) - Fixed a bug where updating multiple files simultaneously (such as when running parallel processes) could lead to a race condition with mktemp() (#61) - Fixed a bug where compressed image headers were not in the order expected by the funpack utility (#62)

Release 3.1.2 - 2014/01/29 -------------------------- Improvements ^^^^^^^^^^^^ * [doc] Updated to caplitalized "Groonga" terms in documentation. [Patch by cosmo0920] [GitHub#136, #137, #138, #139, #140, #141, #142, #143, #144, #145, #146, #147, #148, #149, #150, #151] * Supported to customize the value of lock timeout. See :doc:`/reference/api/global_configurations` about details. [groonga-dev,02017] [Suggested by yoku] * [doc] Added description about the value of lock timeout. * Enabled ``GRN_JA_SKIP_SAME_VALUE_PUT`` by default. In the previous releases, the value of this configuration is 'no'. This change affects reducing the size of Groonga database. * Supported multiple indexes including a nested index and multiple keywords query. This change improves missing search results isssue when narrowing down by multiple keywords query. * Added API to customize normalizer for snippet. Fixes ^^^^^ * Fixed not to use index for empty query. This change enables you to search even though empty query. Note that this means that there is performance penalty if many empty records exist. [groonga-dev,02052] [Reported by Naoya Murakami] * Fixed the behaviour about return value of "X || Y" and "X && Y" for adjusting to ECMAScript. In "X || Y" case, if either X or Y satisfy the condition, it returns X itself or Y itself instead of 1 or 0. * In "X && Y" case, if X and Y satisfy the condition, it returns X itself instead of 1. if X doesn't satisfy the condition, it returns false instead of 0. * Fixed to return null when no snippet is found. This change enables you to set the default value of :doc:`/reference/functions/snippet_html`. In such a purpose, use "snippet_html(XXX) || 'default value'". Thanks ^^^^^^ * cosmo0920 * yoku * Naoya Murakami

@rsub

17 Dec 2013 - 2.7.7 ------------------- Fixes: - Changed release version to 2.7.7 - Got the configure scripts inside the release tarball 16 Dec 2013 - 2.7.6 ------------------- Improvements: - Organizes all Makefile.am - 1cde4d2dd9d96747536c1c25d06ba0677069477f Now using one file per line (sorted). This is the better way to handle it, since it reduces the possibility of merge conflicts. - nginx: generates config file using configure input. - 351b9cc357d439e30ebd61d89a9e38ecf55c6827 The nginx config file was looking for depedencies by its own, by doing that it was ignoring the options that were passed to configure script. This commit deletes this config file and adds a meta-config which is populated by configure whenever the standalone-module is enabled. - nginx: adds lua support - da16d9e5d51d4ef8734687514a4e1368e7fb4284 - iis: Cosmetics fixies on sqli. - 5046c8327ea21c69b4c0d0c0057c692b05b09fef This is needed to get it compiled with VS2011 on Windows8 - Regression tests: makes configuration compatible with 2.2 and 2.4 (try 2) - ae252ee8767069363906e5a611dff487b799b839 - nginx: Trying apxs and apxs2 while compiling nginx module - 65d9272fdc353e1263567b60604542d377d19672 - nginx: Trying apxs and apxs2 while compiling nginx module - 35fd75d859e4a8873b8843da1db13e04a1b08140 - macos: Using glibtoolize instead of libtoolize - 751a9f4e45213cd69f00c62c71edc9d7ad99b82d - regression-tests: makes configuration compatible with 2.2 and 2.4 - 6fc4cac37ab1be8d1232140042b58fe4bd93ee17 - Regression test: get it working with apache 2.4 - e9813cd0d9bfc5b0c9aa5832634ec1b39b805108 Changes in httpd.conf.in to get it working with apache 2.4 - Code cosmetics. - 7366f35c1d80772d739b35da8faa972f92a72b97 Changed to reduce the number of possible fails during Build Bot compilation. - iis: Waiting for 5 seconds before move curl directory - 9bf2959c919587ebc63f5a1b8c0785da8927bff5 Testing buildbot. - Redefines unixd_set_global_mutex_perms on tests - f70f6f4281b806627e0cf0dbb9c84ae5864bdb16 Avoding conflicts with the standalone implementation - Adds verbose quality check - 388943440cc9b8c6fdea09f5e365a2e5a3e792e2 Vera++ and ccpcheck are not outputing to the stderr instead stdout allowing the buildbot to extract some numbers about it. - Adds support for coding style and quality check - b77e90152d119609ac78a7028383c3b79898b2cf Initial effort to get the code on shape. This will be executed by the buildbots as soon as they get ready for it. - iis: New improvements on the Wix installer - 2ea5a74a7bfb00f21312e51e48aa6dac03d84600 * Now the installation is divided in modules: ModSecurity and CRS. * Added default configuration * Configuration was moved to "Program Files" folder * Build_msi script now using candle available in %PATH% - iis: Removes the installer helper dependency - 1a12648c9f6028f251af0f03c889397c7954b74c Now using appcmd directly with WiX instead of calling the installer helper. - iis: Remove readme.html - 550d5aae21cba696cac1ce75ab8113e5255d5a59 This HTML is about "Creating a Native Module for IIS7" not straight related to ModSecurity itself. - iis: Adds batch script to compile Wix - a2c5fc831baf0b324ebb66b0f878dacf1ec2f808 This batch script can be used to generate our msi installer. - iis: Adds Wix installer resources - 3604763e15a665eb7a6ecae1f7e7c65cebbb1d17 This is all about cosmetic changes. - iss: Removes Post-Build event. - 28bbde1bb218b004654cb865fc8563d69b848dc2 There was a copy on Post-Build event using a hard coded path. This patch removes this Post-Build event. - iis: Relative paths on the VS project file - 368617ddb2443f9b6036f80a648d467d07c9a054 There are a ModSecurityIIS solution and project files, those were using hard coded paths to meet the dependencies. As consequence of the last update in our build scripts, now we are able to built the dependencies and load it to our Visual Studio project using relative paths. - iis: Adds release script - 9477118903861ce80c4c27cb581bf3462315e98e - iis: fixies the Installer.cpp coding style - 79875b1af8e8571098345b91557bab9c06eb7c88 - iis: Removes AppWizard remade file - 91738f93bcc82b6ab756c550a66b6cf6af2fa9f8 Apparently the AppWizard was used to generate part of this Installer, the ReadMe.txt created by the AppWizard was removed by this commit - iss: Removes pre-compiled headers - adfbeb85dcfa9466b72eebb8d1bd8eb7728bab79 No need to use the pre-compiled headers in InstallerHelper, removing it, in order to keep the project lean. - iis: Moves installer to InstallerHelper - 6adf25667dd4bfa33010bd6d8ae3d35046a69967 To organize the folder the Installer application was renamed to installer helper. It is not the real installer, it is just an helper which is executed during the installation phase. - iss: Removes fart dependencies - 8c3b8d81b613aaa38f28472af1eb26c90c7fc9da This commit removes the dependency of the fart.exe utility. The utility was responsible to rename contents inside some dependencies build files. Those modifications are not longer needed. - iss: Better err handling in build scripts. - 192599bf63b6ae5aa08e4536a90d5d0a17f969f7 Now checking for errors in every step of the build phase - iis: Moves build_module.bat to build_modsecurity.bat - e25c6b2e85ced7beba4d41867dbdf30e9c1286d3 The build_modsecurity.bat is now on the iis sub-directory, not in the dependencies anymore. Its content was also changed fixing all the paths. - iis: Identifies arch before unzip apache - cf5de78dfb9fffd21edf17af9e1db8f2fd83c804 Currently we need the Apache binary which could be used in 32 or 64 bits. This patch makes usage of 'cl' to identify which architecture is set. - iis: Renamves winbuild to dependencies - 1447766e816a896e88c9c8f053fcc3f62797bac1 Since the directory becomes all about dependencies there is no need to call it winbuild anymore. - iis: Removes unnecessary files from winbuild dir - 9f8cbf6ed8034ba42aa4967699308df09864fd18 Those .mak files seems to be part of an old build system. Since the script are now working fine, this commit removes all those .mac files and also a CMakeList.txt and the Makefile.win. - iis: Improves the iis build system - b277e538f28c87c81c1b50925dd8b82996b88294 Now checking for common errors while building. Refactoring on the build scripts, now there is this build_dependencies.bat script on the iis sub-folder. By calling this script all the dependencies should be build under the winbuild/. This commit also removes build scripts that were not needed anymore. - iis: Fixes the vcxproj file - a946a163f0ad822c760af80ca32dda61f0e6b2a9 Versions of the dependencies were changed, as long as the version of the Visual Studio, now 12. - iis: Removes unecessary files from the build system - 26738d2e34bcc7620047bd23180e0e26a64c71ee The following files were removed: * VCVarsQueryRegistry.bat * vcvars64.bat * vsvars32.bat The visual studio files can be called direcltly, not necessary to distribute those files, at least in VS12. - iss: Changes httpd version 2.4.6 - 0a772cb0748aa51a01800e0473309b9de792b456 Apache version was changed to 2.4.6 to sync with the current apache lounge version. - iis: Changes the version of the dependencies - 3e6fb41d36b7a5e98a55d8f52b88b29d1bd50b64 * pcre from 8.30 to 8.33 * zlib from 1.2.7 to 1.2.8 * libxml2 from 2.7.7 to 2.9.1 * curl from 7.24 to 7.33.0 - Removes standalone/Makefile.in - e3c19d53d23c48fea337aae76a87b2a85c36a1f1 Makefile.in is recommended to be in the repository whenever it is edit manually, in our case the automatically generated Makefile.in is ok. Bug Fixes: - test: Avoids conflict of fuctions definition - cef72855e4106ce29e1d39103ebf9eb9ab28f17e - test: Makes the unit tests to work again - cc982ae42ec86c79a67be1a01c6ee35fb06c272c The unit tests was not working due to lack update. This patch adds the necessary stuff to have it work again. - iis: Avoids directory link while building - ad330a44bfa39430cf6340cb52971568cccdf1d6 Build scripts was creating links allowing the project to be loaded into Visual Studio without care about the dependencies versions. Sometimes windows refuse to delete those links leading the script to fail. This patch moves the sources directories instead of create links to it. - QA: Avoids the utilization of 3rd filedescriptor - 69c5ccac662f4e11a6eefd54a3e912583c067b9d No need to use a 3rd description on the quality check scripts. Stderr is now redirected to stdout and filtered as needed. - Supports WarningCountingShellCommand in cppcheck and vera - baaf502363e68c3240b60adb7f7c91f5b4f0ba03 WarningCountingShellCommand allow us to have some measurements on the buildbot waterfall. - iis: Using base_rules instead of activated_rules - 7b1537058fa451e0df7098cd907ef19f04102f9d - iis: Fix inet_pton build problem - a4202146b8d26b6615bbab986383fe0afae60d77 There is a function named inet_pton on windows API, with different signature. This patch just override the windows function and point the inet_pton to our implementation. - iis: Adds Wix installer xml file.c - b32cb7d9ab397160f0154aa4bd4e9638658b41e6 This commit adds the Wix template to our git repository. - iis: build_modsecurity.bat fixies - 7e03e3f840375ed682c35a5bb67932461cc77013 This commit enable a cleanup on the mod_security build directory avoiding symbols with different architectures. - iis: Fix mlogc build on windows - 9b7663fa79377a0685130a019916d810f31e7478 The libcurl path was not pointing to the correct directory - Fix #154, Uses addn instead of apr_table_setn - 1734221d9d3a78f9aafd68e35717da9ee1a4fe51 The headers are represented in the format of an apr_table, which is able to handle elements with the same key, however the function apr_table_setn checks if the key exists before add the element, if so it replaces the old value with the new one. This was making our implementation to just keep the last added Cookie. The apr_table_addn function, which is now used, just add a new item without check for olders one. - Merge pull request #579 from zimmerle/revert_139 - 61e54f2067ae760808359926ff91d57275df1aac Revert merge request #139 - Revert "Merge pull request #139 from chaizhenhua/remotes/trunk" - 7f7d00fa2c364716691df1b45779304b24a0debb This reverts commit 10fd40fb0d06f6c577d870b6f15d2f6e2a3a5b1b, reversing changes made to 414033aafa94cd50c9b310afd3f164740caccc94. - Merge pull request #578 from client9/remotes/trunk - b0c3977845f60747b15ae10531b7d20355a22627 libinjection sync to v3.8.0 - libinjection sync - a5f175d79fac1e69124da4e1e227b622e7e233d7 - Merge pull request #152 from client9/remotes/trunk - 88ebf8a0bdbc4db1be76f3a2e70df77cc52a5925 Sync to libinjection v3.7.1 - libinjection sync - fcb6dc13ed6efb066fb9b70405eecab8b83a2d96 - libinjection sync - f52242a013f301ca5c17e59b662124833cb7cc6d - Merge pull request #148 from zimmerle/bugfix_charset_missing_string_terminator - b76e26d81ddafc2b99bffad53d1426f8fd33080a Bugfix: missing string terminator while mounting the charset (nginx) - Bugfix: missing string terminator while mounting the charset (nginx) - ff19dcd5c53d4af61d0a9397d4616f47f80ee207 The charset in headers is mounted using ngx_snprintf which does not place the string terminator. This patch adds the terminator at the end of the string. The size was correctly allocated, just missing the terminator. - Merge pull request #141 from client9/remotes/trunk - 9a630eea23a7ead4e77617c86dc937fd7a421a57 libinjection sync to v3.6.0 - libinjection sync - 11217207e8f2e0cf15742273836399866971071a - Fix Chunked string case sensitive issue - CVE-2013-5705 - f8d441cd25172fdfe5b613442fedfc0da3cc333d - Revert "Fix Chuncked string case sensitive issue" - 3901128f17e0763ac1a260106b79859d2aad6d90 This reverts commit 16a815a3c2735f62238ef99af26090a2b8430d3d. - Fix Chuncked string case sensitive issue - 16a815a3c2735f62238ef99af26090a2b8430d3d - Merge pull request #139 from chaizhenhua/remotes/trunk - 10fd40fb0d06f6c577d870b6f15d2f6e2a3a5b1b Fixed fd leackage after reload - Merge pull request #138 from client9/remotes/trunk - 414033aafa94cd50c9b310afd3f164740caccc94 libinjection sync - Fixed fd leackage after reload - e0993fcd7a166ce9e1a279a47d050af1311d9001 - libinjection sync - 2268626c20260e88cab9b7830f8a06101fa7172a - Fix logical disjunction and conjunction issues - 7e0a9ecf7d492e85650671a0cfcfd53e5f15df2c 23 Jul 2013 - 2.7.5 ------------------- Improvements: * SecUnicodeCodePage is deprecated. SecUnicodeMapFile now accepts the code page as a second parameter. * Updated Libinjection to version 3.4.1. Many improvements were made. * Severity action now supports strings (emergency, alert, critical, error, warning, notice, info, debug). Bug Fixes: * Fixed utf8toUnicode tfn null byte conversion. * Fixed NGINX crash when issue reload command. * Fixed flush output buffer before inject modified hashed response body. * Fixed url normalization for Hash Engine. * Fixed NGINX ap_unixd_set_global_perms_mutex compilation error with apache 2.4 devel files. Security Issues: 10 May 2013 - 2.7.4 ------------------- Improvements: * Added Libinjection project http://www.client9.com/projects/libinjection/ as a new operator @detectSQLi. (Thanks Nick Galbreath). * Added new variable SDBM_DELETE_ERROR that will be set to 1 when sdbm engine fails to delete entries. * NGINX is now set to STABLE. Thanks chaizhenhua and all the people in community who help the project testing, sending feedback and patches. Bug Fixes: * Fixed SecRulePerfTime storing unnecessary rules performance times. * Fixed Possible SDBM deadlock condition. * Fixed Possible @rsub memory leak. * Fixed REMOTE_ADDR content will receive the client ip address when mod_remoteip.c is present. * Fixed NGINX Audit engine in Concurrent mode was overwriting existing alert files because a issue with UNIQUE_ID. * Fixed CPU 100% issue in NGINX port. This is also related to an memory leak when loading response body. Security Issues: * Fixed Remote Null Pointer DeReference (CVE-2013-2765). When forceRequestBodyVariable action is triggered and a unknown Content-Type is used, mod_security will crash trying to manipulate msr->msc_reqbody_chunks->elts however msr->msc_reqbody_chunks is NULL. (Thanks Younes JAAIDI). 28 Mar 2013 - 2.7.3 ------------------- * Fixed IIS version race condition when module is initialized. * Fixed IIS version failing config commands in libapr. * Nginx version is now RC quality. The rule engine should works for all phases. We fixed many issues and missing features (for more information please check jira). Code is running well with latest Nginx 1.2.7 stable. Thanks chaizhenhua for your help. * Added MULTIPART_NAME and MULTIPART_FILENAME. Should be used soon by CRS and will help prevent attacks using multipart data. * Added --enable-htaccess-config configure option. It will allow the follow directives to be used into .htaccess files when AllowOverride Options is set: - SecAction - SecRule - SecRuleRemoveByMsg - SecRuleRemoveByTag - SecRuleRemoveById - SecRuleUpdateActionById - SecRuleUpdateTargetById - SecRuleUpdateTargetByTag - SecRuleUpdateTargetByMsg * Improvements in the ID duplicate code checking. Should be faster now. * SECURITY: Added SecXmlExternalEntity (On|Off - default it Off) that will disable by default the external entity load task executed by LibXml2. This is a security issue [CVE-2013-1915] reported by Timur Yunusov, Alexey Osipov (Positive Technologies). 21 Jan 2013 - 2.7.2 ------------------- * IIS version is now stable. * Fixed IIS version does not pass through POST data to ASP.NET when SecRequestBodyAccess is set to On (MODSEC-372). * Fixed IIS version HTTP Request Smuggling protection does not work (MODSEC-344). * Fixed IIS version PHP Injection Attack (958976) protection does not work (MODSEC-346). * Fixed IIS version Request limit protections are not working (MODSEC-349). * Fixed IIS version Outbound protections are not working (MODSEC-350). * Added IIS version better installer. * NGINX version removed ModSecurityPassCommand (Thanks chaizhenhua). * Fixed NGINX version ngx_http_read_client_request_body returned unexpected buffer type (Thanks chaizhenhua). * Fixed NGINX version INCS config directories on fedora (Thanks chaizhenhua). * Added NGINX version Added drop action for nginx (Thanks chaizhenhua). * Fixed bug in cpf_verify operator (Thanks Hideaki Hayashi). * Fixed build modsecurity under Arch Linux. * Fixed make test crashing when JIT pcre is enabled. * Fixed better cookie separator detection code. * Fixed mod_security displaying wrong ip address in error.log using apache 2.4 and mod_remoteip. * Fixed mod_security was not compiling when use apr without ipv6 support. * Fixed mod_security was not compiling when use lua 5.2. * Fixed issue when execute make install under Solaris. * Fixed ipmatchf operator was not working as expected. 01 Nov 2012 - 2.7.1 ------------------- * Changed "Encryption" name of directives and options related to hmac feature to "Hash". SecEncryptionEngine to SecHashEngine SecEncryptionKey to SecHashKey SecEncryptionParam to SecHashParam SecEncryptionMethodRx to SecHashMethodRx SecEncryptionMethodPm to SecHashMethodPm @validateEncryption to @validateHash ctl:EncryptionEnforcement to ctl:HashEnforcement ctl:EncryptionEngine to ctl:HashEngine * Added a better random bytes generator using apr_generate_random_bytes() to create the HMAC key. * Fixed byte conversion issue during logging under Linux s390x platform. * Fixed compilation bug with LibXML2 2.9.0 (Thanks Athmane Madjoudj). * Fixed parsing error with modsecurity-recommended.conf and Apache 2.4. * Fixed DROP action was disabled for Apache 2 module by mistake. * Fixed bug when use ctl:ruleRemoveTargetByTag. * Fixed IIS and NGINX modules bugs. * Fixed bug when @strmatch patterns use invalid escape sequence (Thanks Hideaki Hayashi). * Fixed bugs in @verifySSN (Thanks Hideaki Hayashi). * The doc/ directory now contains the instructions to access online documentation. 15 Oct 2012 - 2.7.0 ------------------- * Fixed Pause action should work as a disruptive action (MODSEC-297). * Fixed Problem loading mod_env variables in phase 2 (MODSEC-226). * Fixed Detect cookie v0 separator and use it for parsing (MODSEC-261). * Fixed Variable REMOTE_ADDR with wrong IP address in NGINX version (MODSEC-337). * Fixed Errors compiling NGINX version. * Added Include directive into standalone module. IIS and NGINX module should support Include directive like Apache2. * Added MULTIPART_INVALID_PART flag. Also used in rule id 200002 for multipart strict validation. https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20121017-0_mod_security_ruleset_bypass.txt). * Updated Reference Manual. 25 Sep 2012 - 2.6.8 ------------------- * Fixed ctl:ruleRemoveTargetByID order issue (MODSEC-333). Thanks to Armadillo Dasypodidae. * Fixed variable HIGHEST_SEVERITY incorrectly gets reset in a chain rule (MODSEC-315). Thanks to Valery Reznic. 10 Sep 2012 - 2.7.0-rc3 ------------------- * Fixed requests bigger than SecRequestBodyNoFilesLimit were truncated even engine mode was detection only. * Fixed double close() for multipart temporary files (Thanks Seema Deepak). * Fixed many small issues reported by Coverity Scanner (Thanks Peter Vrabek). * Fixed format string issue in ngnix experimental code. (Thanks Eldar Zaitov). * Added ctl:ruleRemoveTargetByTag/Msg and removed ctl:ruleUpdateTargetByTag/Msg. * Added IIS and Ngnix platform code. * Added new transformation utf8toUnicode. 23 Jul 2012 - 2.6.7 ------------------- * Fixed explicit target replacement using SecUpdateTargetById was broken. * The ctl:ruleUpdateTargetById is deprecated and will be removed for future versions since there is no safe way to use it per-request. * Added ctl:ruleRemoveTargetById that can be used to exclude targets to be processed per-request. 22 Jun 2012 - 2.7.0-rc2 ------------------- * Fixed compilation errors and warnings under Windows platform. * Fixed SecEncryptionKey was not working as expected. 08 Jun 2012 - 2.7.0-rc1 ------------------- * Added SecEncryptionEngine. Initial crypt engine support, at the momment it will sign some Html and Response Header options. * Added SecEncryptionKey to define the a rand or static key for crypt engine. * Added SecEncryptionParam to define the new parameter name. * Added SecEncryptionMethodRx used with a regular expression to inspect the html in response body/header and decide what to protect. * Added SecEncryptionMethodPm used with multiple or single strings to inspect the html in response body/header and decide what to protect. * Added ctl encryptionEngine as a per transaction version of SecEncryptionEgine diretive. * Added ctl encryptionEnforcement that will allow the engine to sign the data but the enforcement is disabled. * Added validateEncryption operator to enforce the signed elements. * Added rsub operator supports the syntax |hex| allowing users to use special chars like \n \r. * Added SecRuleUpdateTargetById now supports id range. * Added SecRuleUpdateTargetByMsg and its ctl version (Thanks Scott Gifford). * Added SecRuleUpdateTargetByTag and its ctl version (Thanks Scott Gifford). * Added SecRulePerfTime when greater than zero it will fill rule id's execution time into PERF_RULE and log id=usec information in the new Perf-rule-info: line in part H. * Added PERF_RULES variable that contains rule execution time. * Added Engine-mode: section in part H. * Added ruleRemoveByMsg ctl version. * Added removeCommentsChar and removeComments now can work with  style. * Added SecArgumentSeparator and SecCookieFormat can be used in different scope locations. * Added Rules must have ID action and must be numeric. * Added The use of tfns are deprecated in SecDefaultAction. Should be forbid in the future. * Added Macro expansion support to the action pause. * Added IpmatchFromFile/IpmatchF operator. * Added New setrsc action, the RESOURCE collection used SecWebAppId Name Space * Added Configure option --enable-cache-lua that allows reuse of Lua VM per transaction. It will only take any effect when ModSecurity has multiple scripts to run per transaction. * Added Configure option --enable-pcre-jit that allows ModSecurity regex engine to use PCRE Jit support. * Added Configure option --enable-request-early that allows ModSecurity run phase 1 in post_read_request hook. * Added RBL operator now support the httpBl api (http://www.projecthoneypot.org/httpbl_api.php). * Added SecHttpBlKey to be used with httpBl api. * Added SecSensorId will specify the modsecurity sensor name into audit log part H. * Added aliases to phase:2 (phase:request), phase:4 (phase:response) and phase:5 (phase:logging). * Added USERAGENT_IP variable. Created when Apache24 is used with mod_remoteip to know the real client ip address. ^ Added new rule metadata actions ver, maturity and accuracy. Also included into RULE collection. * Updated Reference manual into doc/ directory. * Fixed Variable DURATION contains the elapsed time in microseconds for compatible reasons with apache and other variables. * Fixed Preserve names/identity of the variables going into MATCHED_VARS. * Fixed Redirect macro expansion does not work in SecDefaultAction when SecRule uses block action. * Fixed rsub operator does not work as expect if regex contains parentheses (Thanks Jerome Freilinger). * Current Google Safe Browsing implementation is deprecated. Google changed the API and does not allow anymore the malware database for download. 08 Jun 2012 - 2.6.6 ------------------- * Added build system support for KfreeBSD and HURD. * Fixed a multipart bypass issue related to quote parsing Credits to Qualys Vulnerability & Malware Research Labs (VMRL). 20 Mar 2012 - 2.6.5 ------------------- * Fixed increased a specific message debug level in SBDM code (MODSEC-293). * Cleanup build system. 09 Mar 2012 - 2.6.4 ------------------- * Fixed Mlogc 100% CPU consume (Thanks Klaubert Herr and Ebrahim Khalilzadeh). * Fixed ModSecurity cannot load session and user sdbm data. * Fixed updateTargetById was creating rule unparsed content making apache memory grow. * Code cleanup. 23 Feb 2012 - 2.6.4-rc1 ------------------- * Fixed @rsub adding garbage data into stream variables. * Fixed regex for section A into mlogc-batch-load.pl (Thanks Ebrahim Khalilzadeh). * Fixed logdata cuts message without closing it with final chars. * Added sanitizeMatchedBytes support to verifyCPF, verifyCC and verifySSN. 06 Dec 2011 - 2.6.3-rc1 ------------------- * Fixed MATCHED_VARS does not correctly handle multiple VARS with the same name. * Fixed SDBM garbage collection was not working as expected, increasing the size of files. * Fixed wrong timestamp calculation for some time zones in log files. * Fixed SecUpdateTargetById failed to load multiple VARS (MODSEC-270). * Fixed Reverted hexDecode for hexEncode compatibility reason. * Added SecCollectionTimeout to set collection timeout, default is 3600. * Added sqlHexDecode transformation to decode sql hex data. Thanks Marc Stern. 30 Sep 2011 - 2.6.2 ------------------- * Fixed hexDecode test during make. * Updated the reference manual into doc/ directory. 5 Sep 2011 - 2.6.2-rc1 ------------------- * Added support to macro expansion for rx operator. * Added new transformations removeComments and removeCommentsChars * Fixed colletion names are not case-sensitive anymore. * Fixed compilation errors with apache 2.0. * Fixed build system was not using some libraries CFLAGS. * Fixed check for valid hex values into hexDecode transformation. * Fixed ctl:ruleUpdateTargetById appending multiple targets. 18 Jun 2011 - 2.6.1 ------------------- * Updated the reference manual into doc/ directory. 11 Jul 2011 - trunk ------------------- * Add HttpBl support to rbl operator. 30 Jun 2011 - 2.6.1-rc1 ------------------- * Fixed SecUploadFileMode doesn't work with the new build system. * Fixed building with Lua library (Thanks Diego Elio). * Fixed some ./configure --enable* features not being enabled in compilation time. * Improvements on GSB database add/search operations. * Log part K was removed from modsecurity.conf-recommended. * Added SecUnicodeMapFile directive. Must be use to load the unicode.mapping file. * Added SecUnicodeCodePage directive. Used to define the unicode code page. There are a few already available: 1250 (ANSI - Central Europe) 1251 (ANSI - Cyrillic) 1252 (ANSI - Latin I) 1253 (ANSI - Greek) 1254 (ANSI - Turkish) 1255 (ANSI - Hebrew) 1256 (ANSI - Arabic) 1257 (ANSI - Baltic) 1258 (ANSI/OEM - Viet Nam) 20127 (US-ASCII) 20261 (T.61) 20866 (Russian - KOI8) 28591 (ISO 8859-1 Latin I) 28592 (ISO 8859-2 Central Europe) 28605 (ISO 8859-15 Latin 9) 37 (IBM EBCDIC - U.S./Canada) 437 (OEM - United States) 500 (IBM EBCDIC - International) 850 (OEM - Multilingual Latin I) 860 (OEM - Portuguese) 861 (OEM - Icelandic) 863 (OEM - Canadian French) 865 (OEM - Nordic) 874 (ANSI/OEM - Thai) 932 (ANSI/OEM - Japanese Shift-JIS) 936 (ANSI/OEM - Simplified Chinese GBK) 949 (ANSI/OEM - Korean) 950 (ANSI/OEM - Traditional Chinese Big5) Also mapping some extra unicode chars defined at http://tools.ietf.org/html/rfc3490#section-3.1 * Fixed SecRequestBodyLimit was truncating the real request body. 18 May 2011 - 2.6.0 ------------------- * Added SecWriteStateLimit for Slow Post DoS mitigation. * Fix problem when buffering in input filter. * Fix memory leak when use MATCHED_VAR_NAMES. 2 May 2011 - 2.6.0-rc2 ------------------- * Added code optimizations - thanks Diego Elio. * Added support to AIX and HPUX in the build system (untested). * Renamed decodeBase64Ext to base64DecodeExt. * Build system improvements - thanks Diego Elio. * Improvements on gsblookup parser. * Fixed input filter bug when upload files and SecStreamInBodyInspect is enabled. * Logging improvements and bug fix. * Remove extra useless files when make clean and maintainer-clean 18 Apr 2011 - 2.6.0-rc1 ------------------- * Replaced previous GPLv2 License to Apachev2. * Added Google Safe Browsing lookups operator and directive. It should be used to extract and lookup urls from http packets. * Added Data Modification operator. It must be used with STREAM_* variables to replace/add/edit any data from http bodies. * Added STREAM_OUPUT_BODY and STREAM_INPUT_BODY variables to work with data modification operators. * Added fast ip address operator. It supports partial ip address, cidr for IPv4 and IPv6. Thanks Tom Donovan. * Added new sensitive data tracking verifyCPF and verifySSN. * Added MATCHED_VARS and MATCHED_VARS_NAMES. It is similiar to MATCHED_VAR, but now we should see all matched variables. * Added UNIQUE_ID variable. It holds the data created my mod_unique_id. * Added new tranformation cmdline. Thanks Marc Stern. * Added new exception handling operators and directives. It should help users reduce FN and FPs. The directives SecRuleUpdateTargetById, SecRuleRemoveByTag and its ctl actions were included. * Added SecStreamOutBodyInspection and SecStreamInBodyInspection to enable STREAM_* variables. * Added SecGsbLookupDB used to load Google Safe Browsing malware databse into memory. * Added the directive SecInterceptOnError to control what to do if a rule returns values less than zero. * Improvements in DetectionOnly engine mode. Also added SecRequestBodyLimitAction to control what to do if the engine receive a http request over a hard limit. Note that there is now many combinations with SecRuleEngine and the limit action directives for response and request data. Please see the reference manual. * Improvements under RBL operator. It now will parse return code values for some RBL lists. * Added new Log Part J. It should log some informations about uploaded files. * Added new sanitizeMatchedBytes action. It will give more flexibilty for user to sanitize logged data, also improving peformance when sanitize big amount of data. * Improvements on Logging phase. It is possible now see full chains, distinguish between simple rules, chain starters and chain nodes. * Improvements on AutoTools usage. * Improvements on pattern matching operators, pmf, pm and strmatch now supports more flexible input data allowing any kind of special char. * Improvements on SecRuleUpdateActionById to update chain nodes. * Many bugs were fixed. Please see the ModSecurity Jira for more details 19 Mar 2010 - trunk ------------------- * Added SecDisableBackendCompression, which disabled backend compression while keeping the frontend compression enabled (assuming mod_deflate in installed and configured in the proxy). [Ivan Ristic] * Added REQUEST_BODY_LENGTH, which contains the number of request body bytes read. [Ivan Ristic] * Integrate with mod_log_config using the %{VARNAME}M format string. (MODSEC-108) [Ivan Ristic] * Replaced the previous time-measuring mechanism with a new one, which provides the following information: request time, request duration, phase duration (for all 5 phases), time spent dealing with persistent storage, and time spent on audit logging. The new information is now available in the Stopwatch2 audit log header. The Stopwatch header remains for backward compatiblity, although it now only includes the request time and request duration values. Added the following variables: PERF_COMBINED, PERF_PHASE1, PERF_PHASE2, PERF_PHASE3, PERF_PHASE4, PERF_PHASE5, PERF_SREAD, PERF_SWRITE, PERF_LOGGING, PERF_GC. [Ivan Ristic] * Added DURATION, which contains the time ellapsed since the beginning of the current transaction, in milliseconds. [Ivan Ristic] * Adjusted phase 5 to execute just prior to mod_log_config. This should allow phase 5 rules to to implement conditional logging, as well as pave support for allowing access to all ModSecurity variables from mog_log_config. [Ivan Ristic] * Added the URLENCODED_ERROR flag, which is raised whenever invalid URL encoding is encountered in the query string or in the request body (but only if URLENCODED request body processor is used). (MODSEC-111) [Ivan Ristic] * Removed the obsolete PDF UXSS functionality. (MODSEC-96) [Ivan Ristic] * Renamed normalisePath to normalizePath and normalisePathWin to normalizePathWin. Kept the previous names for backward compatibility. (MODSEC-103) [Ivan Ristic] * Moved phase 1 to be run in the same Apache hook as phase 2. This means that you can now have phase 1 rules in <Location> tags and, more importantly, override server configuration in <Location> and others. (MODSEC-98) [Ivan Ristic] * Renamed the sanitise family of actions to sanitize. Kept the old variants for backward compatibility. (MODSEC-95) [Ivan Ristic] * Improve the logging of the ctl action. (MODSEC-99) [Ivan Ristic] * Cleanup build files that were from the Apache source.

1.3.4 (2013-02-28) * Support RDoc 4.0 (#168, judofyr) * Add mention of Org-Mode support (#165, aslakknutsen) * Add AsciiDoctorTemplate (#163, #164, aslakknutsen) * Add PlainTextTemplate (nathanaeljones) * Restrict locals to valid variable names (#158, thinkerbot) * ERB: Improve trim mode support (#156, ssimeonov) * Add CSVTemplate (#153, alexgb) * Remove special case for 1.9.1 (#147, guilleiguaran) * Add allows_script? method to Template (#143, bhollis) * Default to using Redcarpet2 (#139, DAddYE) * Allow File/Tempfile as filenames (#134, jamesotron) * Add EtanniTemplate (#131, manveru) * Support RDoc 3.10 (#112, timfel) * Less: Options are now being passed to the parser (#106, cowboyd)

== Ruby-GNOME2 1.2.6: 2013-04-02 Broken Ruby/Poppler fix release! === Changes ==== Ruby/GLib2 * Improvements * Removed deprecated GLib::Completion. * Removed deprecated g_suorce_get_current_time() use. * [windows] Updated bundled GLib to 3.8.0. * [windows] Updated bundled glib-networking to 3.8.0. * [windows] Updated bundled GnuTLS to 3.1.10. ==== Ruby/ATK * Improvements * [windows] Updated bundled ATK to 2.8.0. ==== Ruby/GdkPixbuf2 * Improvements * [windows] Updated bundled gdk-pixbuf to 2.28.0. ==== Ruby/Pango * Improvements * [windows] Updated bundled Pango to 1.34.0. ==== Ruby/GDK3 * Improvements * [windows] Updated bundled GTK+ to 3.8.0. ==== Ruby/Poppler * Fixes * Fixed a bug that Poppler::Page#render is broken. [SF.net#184] [Reported by HARUYAMA Seigo] ==== Ruby/GooCanvas * Improvements * Added a Ruby/GObjectIntrospection based sample. [GitHub #139] [Patch by Masafumi Yokoyama] === Thanks * Masafumi Yokoyama * HARUYAMA Seigo

FITS (Flexible Image Transport System) is a data format most used in astronomy. PyFITS is a Python module for reading, writing, and manipulating FITS files. The module uses Python's object-oriented features to provide quick, easy, and efficient access to FITS files. The use of Python's array syntax enables immediate access to any FITS extension, header cards, or data items. Changes to 2.4.0 (in py-pyfits): Changelog =========== 3.2 (2013-11-26) ---------------- Highlights ^^^^^^^^^^ - Rewrote CFITSIO-based backend for handling tile compression of FITS files. It now uses a standard CFITSIO instead of heavily modified pieces of CFITSIO as before. PyFITS ships with its own copy of CFITSIO v3.35 which supports the latest version of the Tiled Image Convention (v2.3), but system packagers may choose instead to strip this out in favor of a system-installed version of CFITSIO. Earlier versions may work, but nothing earlier than 3.28 has been tested yet. (#169) - Added support for reading and writing tables using the Q format for columns. The Q format is identical to the P format (variable-length arrays) except that it uses 64-bit integers for the data descriptors, allowing more than 4 GB of variable-length array data in a single table. (#160) - Added initial support for table columns containing pseudo-unsigned integers. This is currently enabled by using the ``uint=True`` option when opening files; any table columns with the correct BZERO value will be interpreted and returned as arrays of unsigned integers. - Some refactoring of the table and ``FITS_rec`` modules in order to better separate the details of the FITS binary and ASCII table data structures from the HDU data structures that encapsulate them. Most of these changes should not be apparent to users (but see API Changes below). API Changes ^^^^^^^^^^^ - Assigning to values in ``ColDefs.names``, ``ColDefs.formats``, ``ColDefs.nulls`` and other attributes of ``ColDefs`` instances that return lists of column properties is no longer supported. Assigning to those lists will no longer update the corresponding columns. Instead, please just modify the ``Column`` instances directly (``Column.name``, ``Column.null``, etc.) - The ``pyfits.new_table`` function is marked "pending deprecation". This does not mean it will be removed outright or that its functionality has changed. It will likely be replaced in the future for a function with similar, if not subtly different functionality. A better, if not slightly more verbose approach is to use ``pyfits.FITS_rec.from_columns`` to create a new ``FITS_rec`` table--this has the same interface as ``pyfits.new_table``. The difference is that it returns a plan ``FITS_rec`` array, and not an HDU instance. This ``FITS_rec`` object can then be used as the data argument in the constructors for ``BinTableHDU`` (for binary tables) or ``TableHDU`` (for ASCII tables). This is analogous to creating an ``ImageHDU`` by passing in an image array. ``pyfits.FITS_rec.from_columns`` is just a simpler way of creating a FITS-compatible recarray from a FITS column specification. - The ``updateHeader``, ``updateHeaderData``, and ``updateCompressedData`` methods of the ``CompDataHDU`` class are pending deprecation and moved to internal methods. The operation of these methods depended too much on internal state to be used safely by users; instead they are invoked automatically in the appropriate places when reading/writing compressed image HDUs. - The ``CompDataHDU.compData`` attribute is pending deprecation in favor of the clearer and more PEP-8 compatible ``CompDataHDU.compressed_data``. - The constructor for ``CompDataHDU`` has been changed to accept new keyword arguments. The new keyword arguments are essentially the same, but are in underscore_separated format rather than camelCase format. The old arguments are still pending deprecation. - The internal attributes of HDU classes ``_hdrLoc``, ``_datLoc``, and ``_datSpan`` have been replaced with ``_header_offset``, ``_data_offset``, and ``_data_size`` respectively. The old attribute names are still pending deprecation. This should only be of interest to advanced users who have created their own HDU subclasses. - The following previously deprecated functions and methods have been removed entirely: ``createCard``, ``createCardFromString``, ``upperKey``, ``ColDefs.data``, ``setExtensionNameCaseSensitive``, ``_File.getfile``, ``_TableBaseHDU.get_coldefs``, ``Header.has_key``, ``Header.ascardlist``. If you run your code with a previous version of PyFITS (>= 3.0, < 3.2) with the ``python -Wd`` argument, warnings for all deprecated interfaces still in use will be displayed. - Interfaces that were pending deprecation are now fully deprecated. These include: ``create_card``, ``create_card_from_string``, ``upper_key``, ``Header.get_history``, and ``Header.get_comment``. - The ``.name`` attribute on HDUs is now directly tied to the HDU's header, so that if ``.header['EXTNAME']`` changes so does ``.name`` and vice-versa. - The ``pyfits.file.PYTHON_MODES`` constant dict was renamed to ``pyfits.file.PYFITS_MODES`` which better reflects its purpose. This is rarely used by client code, however. Support for the old name will be removed by PyFITS 3.4. Other Changes and Additions ^^^^^^^^^^^^^^^^^^^^^^^^^^^ - The new compression code also adds support for the ZQUANTIZ and ZDITHER0 keywords added in more recent versions of this FITS Tile Compression spec. This includes support for lossless compression with GZIP. (#198) By default no dithering is used, but the ``SUBTRACTIVE_DITHER_1`` and ``SUBTRACTIVE_DITHER_2`` methods can be enabled by passing the correct constants to the ``quantize_method`` argument to the ``CompImageHDU`` constuctor. A seed can be manually specified, or automatically generated using either the system clock or checksum-based methods via the ``dither_seed`` argument. See the documentation for ``CompImageHDU`` for more details. (#198) (spacetelescope/PYFITS#32) - Images compressed with the Tile Compression standard can now be larger than 4 GB through support of the Q format. (#159) - All HDUs now have a ``.ver`` ``.level`` attribute that returns the value of the EXTVAL and EXTLEVEL keywords from that HDU's header, if the exist. This was added for consistency with the ``.name`` attribute which returns the EXTNAME value from the header. - Then ``Column`` and ``ColDefs`` classes have new ``.dtype`` attributes which give the Numpy dtype for the column data in the first case, and the full Numpy compound dtype for each table row in the latter case. - There was an issue where new tables created defaulted the values in all string columns to '0.0'. Now string columns are filled with empty strings by default--this seems a less surprising default, but it may cause differences with tables created with older versions of PyFITS. - Improved round-tripping and preservation of manually assigned column attributes (``TNULLn``, ``TSCALn``, etc.) in table HDU headers. (astropy/astropy#996) Bug Fixes ^^^^^^^^^ - Binary tables containing compressed images may, optionally, contain other columns unrelated to the tile compression convention. Although this is an uncommon use case, it is permitted by the standard. (#159) - Reworked some of the file I/O routines to allow simpler, more consistent mapping between OS-level file modes ('rb', 'wb', 'ab', etc.) and the more "PyFITS-specific" modes used by PyFITS like "readonly" and "update". That is, if reading a FITS file from an open file object, it doesn't matter as much what "mode" it was opened in so long as it has the right capabilities (read/write/etc.) Also works around bugs in the Python io module in 2.6+ with regard to file modes. (spacetelescope/PyFITS#33) - Fixed an obscure issue that can occur on systems that don't have flush to memory-mapped files implemented (namely GNU Hurd). (astropy/astropy#968) 3.1.3 (2013-11-26) ------------------ - Disallowed assigning NaN and Inf floating point values as header values, since the FITS standard does not define a way to represent them in. Because this is undefined, the previous behavior did not make sense and produced invalid FITS files. (spacetelescope/PyFITS#11) - Added a workaround for a bug in 64-bit OSX that could cause truncation when writing files greater than 2^32 bytes in size. (spacetelescope/PyFITS#28) - Fixed a long-standing issue where writing binary tables did not correctly write the TFORMn keywords for variable-length array columns (they ommitted the max array length parameter of the format). This was thought fixed in v3.1.2, but it was only fixed there for compressed image HDUs and not for binary tables in general. - Fixed an obscure issue that can occur on systems that don't have flush to memory-mapped files implemented (namely GNU Hurd). (Backported from 3.2) 3.0.12 (2013-11-26) ------------------- - Disallowed assigning NaN and Inf floating point values as header values, since the FITS standard does not define a way to represent them in. Because this is undefined, the previous behavior did not make sense and produced invalid FITS files. (Backported from 3.1.3) - Added a workaround for a bug in 64-bit OSX that could cause truncation when writing files greater than 2^32 bytes in size. (Backported from 3.1.3) - Fixed a long-standing issue where writing binary tables did not correctly write the TFORMn keywords for variable-length array columns (they ommitted the max array length parameter of the format). This was thought fixed in v3.1.2, but it was only fixed there for compressed image HDUs and not for binary tables in general. (Backported from 3.1.3) - Fixed an obscure issue that can occur on systems that don't have flush to memory-mapped files implemented (namely GNU Hurd). (Backported from 3.2) 3.1.2 (2013-04-22) ------------------ - When an error occurs opening a file in fitsdiff the exception message will now at least mention which file had the error. (#168) - Fixed support for opening gzipped FITS files by filename in a writeable mode (PyFITS has supported writing to gzip files for some time now, but only enabled it when GzipFile objects were passed to ``pyfits.open()`` due to some legacy code preventing full gzip support. (#195) - Added a more helpful error message in the case of malformatted FITS files that contain non-float NULL values in an ASCII table but are missing the required TNULLn keywords in the header. (#197) - Fixed an (apparently long-standing) issue where writing compressed images did not correctly write the TFORMn keywords for variable-length array columns (they ommitted the max array length parameter of the format). (#199) - Slightly refactored how tables containing variable-length array columns are handled to add two improvements: Fixes an issue where accessing the data after a call to the `pyfits.getdata` convenience function caused an exception, and allows the VLA data to be read from an existing mmap of the FITS file. (#200) - Fixed a bug that could occur when opening a table containing multi-dimensional columns (i.e. via the TDIMn keyword) and then writing it out to a new file. (#201) - Added use of the console_scripts entry point to install the fitsdiff and fitscheck scripts, which if nothing else provides better Windows support. The generated scripts now override the ones explicitly defined in the scripts/ directory (which were just trivial stubs to begin with). (#202) - Fixed a bug on Python 3 where attempting to open a non-existent file on Python 3 caused a seemingly unrelated traceback. (#203) - Fixed a bug in fitsdiff that reported two header keywords containing NaN as value as different. (#204) - Fixed an issue in the tests that caused some tests to fail if pyfits is installed with read-only permissions. (#208) - Fixed a bug where instantiating a ``BinTableHDU`` from a numpy array containing boolean fields converted all the values to ``False``. (#215) - Fixed an issue where passing an array of integers into the constructor of ``Column()`` when the column type is floats of the same byte width caused the column array to become garbled. (#218) - Fixed inconsistent behavior in creating CONTINUE cards from byte strings versus unicode strings in Python 2--CONTINUE cards can now be created properly from unicode strings (so long as they are convertable to ASCII). (spacetelescope/PyFITS#1) - Fixed a couple cases where creating a new table using TDIMn in some of the columns could caused a crash. (spacetelescope/PyFITS#3) - Fixed a bug in parsing HIERARCH keywords that do not have a space after the first equals sign (before the value). (spacetelescope/PyFITS#5) - Prevented extra leading whitespace on HIERARCH keywords from being treated as part of the keyword. (spacetelescope/PyFITS#6) - Fixed a bug where HIERARCH keywords containing lower-case letters was mistakenly marked as invalid during header validation. (spacetelescope/PyFITS#7) - Fixed an issue that was ancillary to (spacetelescope/PyFITS#7) where the ``Header.index()`` method did not work correctly with HIERARCH keywords containing lower-case letters. 3.0.11 (2013-04-17) ------------------- - Fixed support for opening gzipped FITS files by filename in a writeable mode (PyFITS has supported writing to gzip files for some time now, but only enabled it when GzipFile objects were passed to ``pyfits.open()`` due to some legacy code preventing full gzip support. Backported from 3.1.2. (#195) - Added a more helpful error message in the case of malformatted FITS files that contain non-float NULL values in an ASCII table but are missing the required TNULLn keywords in the header. Backported from 3.1.2. (#197) - Fixed an (apparently long-standing) issue where writing compressed images did not correctly write the TFORMn keywords for variable-length array columns (they ommitted the max array length parameter of the format). Backported from 3.1.2. (#199) - Slightly refactored how tables containing variable-length array columns are handled to add two improvements: Fixes an issue where accessing the data after a call to the `pyfits.getdata` convenience function caused an exception, and allows the VLA data to be read from an existing mmap of the FITS file. Backported from 3.1.2. (#200) - Fixed a bug that could occur when opening a table containing multi-dimensional columns (i.e. via the TDIMn keyword) and then writing it out to a new file. Backported from 3.1.2. (#201) - Fixed a bug on Python 3 where attempting to open a non-existent file on Python 3 caused a seemingly unrelated traceback. Backported from 3.1.2. (#203) - Fixed a bug in fitsdiff that reported two header keywords containing NaN as value as different. Backported from 3.1.2. (#204) - Fixed an issue in the tests that caused some tests to fail if pyfits is installed with read-only permissions. Backported from 3.1.2. (#208) - Fixed a bug where instantiating a ``BinTableHDU`` from a numpy array containing boolean fields converted all the values to ``False``. Backported from 3.1.2. (#215) - Fixed an issue where passing an array of integers into the constructor of ``Column()`` when the column type is floats of the same byte width caused the column array to become garbled. Backported from 3.1.2. (#218) - Fixed a couple cases where creating a new table using TDIMn in some of the columns could caused a crash. Backported from 3.1.2. (spacetelescope/PyFITS#3) 3.1.1 (2013-01-02) ------------------ This is a bug fix release for the 3.1.x series. Bug Fixes ^^^^^^^^^ - Improved handling of scaled images and pseudo-unsigned integer images in compressed image HDUs. They now work more transparently like normal image HDUs with support for the ``do_not_scale_image_data`` and ``uint`` options, as well as ``scale_back`` and ``save_backup``. The ``.scale()`` method works better too. (#88) - Permits non-string values for the EXTNAME keyword when reading in a file, rather than throwing an exception due to the malformatting. Added verification for the format of the EXTNAME keyword when writing. (#96) - Added support for EXTNAME and EXTVER in PRIMARY HDUs. That is, if EXTNAME is specified in the header, it will also be reflected in the ``.name`` attribute and in ``pyfits.info()``. These keywords used to be verboten in PRIMARY HDUs, but the latest version of the FITS standard allows them. (#151) - HCOMPRESS can again be used to compress data cubes (and higher-dimensional arrays) so long as the tile size is effectively 2-dimensional. In fact, PyFITS will automatically use compatible tile sizes even if they're not explicitly specified. (#171) - Added support for the optional ``endcard`` parameter in the ``Header.fromtextfile()`` and ``Header.totextfile()`` methods. Although ``endcard=False`` was a reasonable default assumption, there are still text dumps of FITS headers that include the END card, so this should have been more flexible. (#176) - Fixed a crash when running fitsdiff on two empty (that is, zero row) tables. (#178) - Fixed an issue where opening files containing random groups HDUs in update mode could cause an unnecessary rewrite of the file even if none of the data is modified. (#179) - Fixed a bug that could caused a deadlock in the filesystem on OSX if PyFITS is used with Numpy 1.7 in some cases. (#180) - Fixed a crash when generating diff reports from diffs using the ``ignore_comments`` options. (#181) - Fixed some bugs with WCS Paper IV record-valued keyword cards: - Cards that looked kind of like RVKCs but were not intended to be were over-permissively treated as such--commentary keywords like COMMENT and HISTORY were particularly affected. (#183) - Looking up a card in a header by its standard FITS keyword only should always return the raw value of that card. That way cards containing values that happen to valid RVKCs but were not intended to be will still be treated like normal cards. (#184) - Looking up a RVKC in a header with only part of the field-specifier (for example "DP1.AXIS" instead of "DP1.AXIS.1") was implicitly treated as a wildcard lookup. (#184) - Fixed a crash when diffing two FITS files where at least one contains a compressed image HDU which was not recognized as an image instead of a table. (#187) - Fixed bugs in the backwards compatibility layer for the ``CardList.index`` and ``CardList.count`` methods. (#190) - Improved ``__repr__`` and text file representation of cards with long values that are split into CONTINUE cards. (#193) - Fixed a crash when trying to assign a long (> 72 character) value to blank ('') keywords. This also changed how blank keywords are represented--there are still exactly 8 spaces before any commentary content can begin; this *may* affect the exact display of header cards that assumed there could be fewer spaces in a blank keyword card before the content begins. However, the current approach is more in line with the requirements of the FITS standard. (#194) 3.0.10 (2013-01-02) ------------------- - Improved handling of scaled images and pseudo-unsigned integer images in compressed image HDUs. They now work more transparently like normal image HDUs with support for the ``do_not_scale_image_data`` and ``uint`` options, as well as ``scale_back`` and ``save_backup``. The ``.scale()`` method works better too. Backported from 3.1.1. (#88) - Permits non-string values for the EXTNAME keyword when reading in a file, rather than throwing an exception due to the malformatting. Added verification for the format of the EXTNAME keyword when writing. Backported from 3.1.1. (#96) - Added support for EXTNAME and EXTVER in PRIMARY HDUs. That is, if EXTNAME is specified in the header, it will also be reflected in the ``.name`` attribute and in ``pyfits.info()``. These keywords used to be verbotten in PRIMARY HDUs, but the latest version of the FITS standard allows them. Backported from 3.1.1. (#151) - HCOMPRESS can again be used to compress data cubes (and higher-dimensional arrays) so long as the tile size is effectively 2-dimensional. In fact, PyFITS will not automatically use compatible tile sizes even if they're not explicitly specified. Backported from 3.1.1. (#171) - Fixed a bug when writing out files containing zero-width table columns, where the TFIELDS keyword would be updated incorrectly, leaving the table largely unreadable. Backported from 3.1.0. (#174) - Fixed an issue where opening files containing random groups HDUs in update mode could cause an unnecessary rewrite of the file even if none of the data is modified. Backported from 3.1.1. (#179) - Fixed a bug that could caused a deadlock in the filesystem on OSX if PyFITS is used with Numpy 1.7 in some cases. Backported from 3.1.1. (#180) 3.1 (2012-08-08) ---------------- Highlights ^^^^^^^^^^ - The ``Header`` object has been significantly reworked, and ``CardList`` objects are now deprecated (their functionality folded into the ``Header`` class). See API Changes below for more details. - Memory maps are now used by default to access HDU data. See API Changes below for more details. - Now includes a new version of the ``fitsdiff`` program for comparing two FITS files, and a new FITS comparison API used by ``fitsdiff``. See New Features below. API Changes ^^^^^^^^^^^ - The ``Header`` class has been rewritten, and the ``CardList`` class is deprecated. Most of the basic details of working with FITS headers are unchanged, and will not be noticed by most users. But there are differences in some areas that will be of interest to advanced users, and to application developers. For full details of the changes, see the "Header Interface Transition Guide" section in the PyFITS documentation. See ticket #64 on the PyFITS Trac for futher details and background. Some highlights are listed below: * The Header class now fully implements the Python dict interface, and can be used interchangably with a dict, where the keys are header keywords. * New keywords can be added to the header using normal keyword assignment (previously it was necessary to use ``Header.update`` to add new keywords). For example:: >>> header['NAXIS'] = 2 will update the existing 'FOO' keyword if it already exists, or add a new one if it doesn't exist, just like a dict. * It is possible to assign both a value and a comment at the same time using a tuple:: >>> header['NAXIS'] = (2, 'Number of axes') * To add/update a new card and ensure it's added in a specific location, use ``Header.set()``:: >>> header.set('NAXIS', 2, 'Number of axes', after='BITPIX') This works the same as the old ``Header.update()``. ``Header.update()`` still works in the old way too, but is deprecated. * Although ``Card`` objects still exist, it generally is not necessary to work with them directly. ``Header.ascardlist()``/``Header.ascard`` are deprecated and should not be used. To directly access the ``Card`` objects in a header, use ``Header.cards``. * To access card comments, it is still possible to either go through the card itself, or through ``Header.comments``. For example:: >>> header.cards['NAXIS'].comment Number of axes >>> header.comments['NAXIS'] Number of axes * ``Card`` objects can now be used interchangeably with ``(keyword, value, comment)`` 3-tuples. They still have ``.value`` and ``.comment`` attributes as well. The ``.key`` attribute has been renamed to ``.keyword`` for consistency, though ``.key`` is still supported (but deprecated). - Memory mapping is now used by default to access HDU data. That is, ``pyfits.open()`` uses ``memmap=True`` as the default. This provides better performance in the majority of use cases--there are only some I/O intensive applications where it might not be desirable. Enabling mmap by default also enabled finding and fixing a large number of bugs in PyFITS' handling of memory-mapped data (most of these bug fixes were backported to PyFITS 3.0.5). (#85) * A new ``pyfits.USE_MEMMAP`` global variable was added. Set ``pyfits.USE_MEMMAP = False`` to change the default memmap setting for opening files. This is especially useful for controlling the behavior in applications where pyfits is deeply embedded. * Likewise, a new ``PYFITS_USE_MEMMAP`` environment variable is supported. Set ``PYFITS_USE_MEMMAP = 0`` in your environment to change the default behavior. - The ``size()`` method on HDU objects is now a ``.size`` property--this returns the size in bytes of the data portion of the HDU, and in most cases is equivalent to ``hdu.data.nbytes`` (#83) - ``BinTableHDU.tdump`` and ``BinTableHDU.tcreate`` are deprecated--use ``BinTableHDU.dump`` and ``BinTableHDU.load`` instead. The new methods output the table data in a slightly different format from previous versions, which places quotes around each value. This format is compatible with data dumps from previous versions of PyFITS, but not vice-versa due to a parsing bug in older versions. - Likewise the ``pyfits.tdump`` and ``pyfits.tcreate`` convenience function versions of these methods have been renamed ``pyfits.tabledump`` and ``pyfits.tableload``. The old deprecated, but currently retained for backwards compatibility. (r1125) - A new global variable ``pyfits.EXTENSION_NAME_CASE_SENSITIVE`` was added. This serves as a replacement for ``pyfits.setExtensionNameCaseSensitive`` which is not deprecated and may be removed in a future version. To enable case-sensitivity of extension names (i.e. treat 'sci' as distict from 'SCI') set ``pyfits.EXTENSION_NAME_CASE_SENSITIVE = True``. The default is ``False``. (r1139) - A new global configuration variable ``pyfits.STRIP_HEADER_WHITESPACE`` was added. By default, if a string value in a header contains trailing whitespace, that whitespace is automatically removed when the value is read. Now if you set ``pyfits.STRIP_HEADER_WHITESPACE = False`` all whitespace is preserved. (#146) - The old ``classExtensions`` extension mechanism (which was deprecated in PyFITS 3.0) is removed outright. To our knowledge it was no longer used anywhere. (r1309) - Warning messages from PyFITS issued through the Python warnings API are now output to stderr instead of stdout, as is the default. PyFITS no longer modifies the default behavior of the warnings module with respect to which stream it outputs to. (r1319) - The ``checksum`` argument to ``pyfits.open()`` now accepts a value of 'remove', which causes any existing CHECKSUM/DATASUM keywords to be ignored, and removed when the file is saved. New Features ^^^^^^^^^^^^ - Added support for the proposed "FITS" extension HDU type. See http://listmgr.cv.nrao.edu/pipermail/fitsbits/2002-April/001094.html. FITS HDUs contain an entire FITS file embedded in their data section. `FitsHDU` objects work like other HDU types in PyFITS. Their ``.data`` attribute returns the raw data array. However, they have a special ``.hdulist`` attribute which processes the data as a FITS file and returns it as an in-memory HDUList object. FitsHDU objects also support a ``FitsHDU.fromhdulist()`` classmethod which returns a new `FitsHDU` object that embeds the supplied HDUList. (#80) - Added a new ``.is_image`` attribute on HDU objects, which is True if the HDU data is an 'image' as opposed to a table or something else. Here the meaning of 'image' is fairly loose, and mostly just means a Primary or Image extension HDU, or possibly a compressed image HDU (#71) - Added an ``HDUList.fromstring`` classmethod which can parse a FITS file already in memory and instantiate and ``HDUList`` object from it. This could be useful for integrating PyFITS with other libraries that work on FITS file, such as CFITSIO. It may also be useful in streaming applications. The name is a slight misnomer, in that it actually accepts any Python object that implements the buffer interface, which includes ``bytes``, ``bytearray``, ``memoryview``, ``numpy.ndarray``, etc. (#90) - Added a new ``pyfits.diff`` module which contains facilities for comparing FITS files. One can use the ``pyfits.diff.FITSDiff`` class to compare two FITS files in their entirety. There is also a ``pyfits.diff.HeaderDiff`` class for just comparing two FITS headers, and other similar interfaces. See the PyFITS Documentation for more details on this interface. The ``pyfits.diff`` module powers the new ``fitsdiff`` program installed with PyFITS. After installing PyFITS, run ``fitsdiff --help`` for usage details. - ``pyfits.open()`` now accepts a ``scale_back`` argument. If set to ``True``, this automatically scales the data using the original BZERO and BSCALE parameters the file had when it was first opened, if any, as well as the original BITPIX. For example, if the original BITPIX were 16, this would be equivalent to calling ``hdu.scale('int16', 'old')`` just before calling ``flush()`` or ``close()`` on the file. This option applies to all HDUs in the file. (#120) - ``pyfits.open()`` now accepts a ``save_backup`` argument. If set to ``True``, this automatically saves a backup of the original file before flushing any changes to it (this of course only applies to update and append mode). This may be especially useful when working with scaled image data. (#121) Changes in Behavior ^^^^^^^^^^^^^^^^^^^ - Warnings from PyFITS are not output to stderr by default, instead of stdout as it has been for some time. This is contrary to most users' expectations and makes it more difficult for them to separate output from PyFITS from the desired output for their scripts. (r1319) Bug Fixes ^^^^^^^^^ - Fixed ``pyfits.tcreate()`` (now ``pyfits.tableload()``) to be more robust when encountering blank lines in a column definition file (#14) - Fixed a fairly rare crash that could occur in the handling of CONTINUE cards when using Numpy 1.4 or lower (though 1.4 is the oldest version supported by PyFITS). (r1330) - Fixed ``_BaseHDU.fromstring`` to actually correctly instantiate an HDU object from a string/buffer containing the header and data of that HDU. This allowed for the implementation of ``HDUList.fromstring`` described above. (#90) - Fixed a rare corner case where, in some use cases, (mildly, recoverably) malformatted float values in headers were not properly returned as floats. (#137) - Fixed a corollary to the previous bug where float values with a leading zero before the decimal point had the leading zero unnecessarily removed when saving changes to the file (eg. "0.001" would be written back as ".001" even if no changes were otherwise made to the file). (#137) - When opening a file containing CHECKSUM and/or DATASUM keywords in update mode, the CHECKSUM/DATASUM are updated and preserved even if the file was opened with checksum=False. This change in behavior prevents checksums from being unintentionally removed. (#148) - Fixed a bug where ``ImageHDU.scale(option='old')`` wasn't working at all--it was not restoring the image to its original BSCALE and BZERO values. (#162) - Fixed a bug when writing out files containing zero-width table columns, where the TFIELDS keyword would be updated incorrectly, leaving the table largely unreadable. This fix will be backported to the 3.0.x series in version 3.0.10. (#174) 3.0.9 (2012-08-06) ------------------ This is a bug fix release for the 3.0.x series. Bug Fixes ^^^^^^^^^ - Fixed ``Header.values()``/``Header.itervalues()`` and ``Header.items()``/ ``Header.iteritems()`` to correctly return the different values for duplicate keywords (particularly commentary keywords like HISTORY and COMMENT). This makes the old Header implementation slightly more compatible with the new implementation in PyFITS 3.1. (#127) .. note:: This fix did not change the existing behavior from earlier PyFITS versions where ``Header.keys()`` returns all keywords in the header with duplicates removed. PyFITS 3.1 changes that behavior, so that ``Header.keys()`` includes duplicates. - Fixed a bug where ``ImageHDU.scale(option='old')`` wasn't working at all--it was not restoring the image to its original BSCALE and BZERO values. (#162) - Fixed a bug where opening a file containing compressed image HDUs in 'update' mode and then immediately closing it without making any changes caused the file to be rewritten unncessarily. (#167) - Fixed two memory leaks that could occur when writing compressed image data, or in some cases when opening files containing compressed image HDUs in 'update' mode. (#168) 3.0.8 (2012-06-04) ------------------ Changes in Behavior ^^^^^^^^^^^^^^^^^^^ - Prior to this release, image data sections did not work with scaled data--that is, images with non-trivial BSCALE and/or BZERO values. Previously, in order to read such images in sections, it was necessary to manually apply the BSCALE+BZERO to each section. It's worth noting that sections *did* support pseudo-unsigned ints (flakily). This change just extends that support for general BSCALE+BZERO values. Bug Fixes ^^^^^^^^^ - Fixed a bug that prevented updates to values in boolean table columns from being saved. This turned out to be a symptom of a deeper problem that could prevent other table updates from being saved as well. (#139) - Fixed a corner case in which a keyword comment ending with the string "END" could, in some circumstances, cause headers (and the rest of the file after that point) to be misread. (#142) - Fixed support for scaled image data and psuedo-unsigned ints in image data sections (``hdu.section``). Previously this was not supported at all. At some point support was supposedly added, but it was buggy and incomplete. Now the feature seems to work much better. (#143) - Fixed the documentation to point out that image data sections *do* support non-contiguous slices (and have for a long time). The documentation was never updated to reflect this, and misinformed users that only contiguous slices were supported, leading to some confusion. (#144) - Fixed a bug where creating an ``HDUList`` object containing multiple PRIMARY HDUs caused an infinite recursion when validating the object prior to writing to a file. (#145) - Fixed a rare but serious case where saving an update to a file that previously had a CHECKSUM and/or DATASUM keyword, but removed the checksum in saving, could cause the file to be slightly corrupted and unreadable. (#147) - Fixed problems with reading "non-standard" FITS files with primary headers containing SIMPLE = F. PyFITS has never made many guarantees as to how such files are handled. But it should at least be possible to read their headers, and the data if possible. Saving changes to such a file should not try to prepend an unwanted valid PRIMARY HDU. (#157) - Fixed a bug where opening an image with ``disable_image_compression = True`` caused compression to be disabled for all subsequent ``pyfits.open()`` calls. (r1651) 3.0.7 (2012-04-10) ------------------ Changes in Behavior ^^^^^^^^^^^^^^^^^^^ - Slices of GroupData objects now return new GroupData objects instead of extended multi-row _Group objects. This is analogous to how PyFITS 3.0 fixed FITS_rec slicing, and should have been fixed for GroupData at the same time. The old behavior caused bugs where functions internal to Numpy expected that slicing an ndarray would return a new ndarray. As this is a rare usecase with a rare feature most users are unlikely to be affected by this change. - The previously internal _Group object for representing individual group records in a GroupData object are renamed Group and are now a public interface. However, there's almost no good reason to create Group objects directly, so it shouldn't be considered a "new feature". - An annoyance from PyFITS 3.0.6 was fixed, where the value of the EXTEND keyword was always being set to F if there are not actually any extension HDUs. It was unnecessary to modify this value. Bug Fixes ^^^^^^^^^ - Fixed GroupData objects to return new GroupData objects when sliced instead of _Group record objects. See "Changes in behavior" above for more details. - Fixed slicing of Group objects--previously it was not possible to slice slice them at all. - Made it possible to assign `np.bool_` objects as header values. (#123) - Fixed overly strict handling of the EXTEND keyword; see "Changes in behavior" above. (#124) - Fixed many cases where an HDU's header would be marked as "modified" by PyFITS and rewritten, even when no changes to the header are necessary. (#125) - Fixed a bug where the values of the PTYPEn keywords in a random groups HDU were forced to be all lower-case when saving the file. (#130) - Removed an unnecessary inline import in `ExtensionHDU.__setattr__` that was causing some slowdown when opening files containing a large number of extensions, plus a few other small (but not insignficant) performance improvements thanks to Julian Taylor. (#133) - Fixed a regression where header blocks containing invalid end-of-header padding (i.e. null bytes instead of spaces) couldn't be parsed by PyFITS. Such headers can be parsed again, but a warning is raised, as such headers are not valid FITS. (#136) - Fixed a memory leak where table data in random groups HDUs weren't being garbage collected. (#138) 3.0.6 (2012-02-29) ------------------ Highlights ^^^^^^^^^^ The main reason for this release is to fix an issue that was introduced in PyFITS 3.0.5 where merely opening a file containing scaled data (that is, with non-trivial BSCALE and BZERO keywords) in 'update' mode would cause the data to be automatically rescaled--possibly converting the data from ints to floats--as soon as the file is closed, even if the application did not touch the data. Now PyFITS will only rescale the data in an extension when the data is actually accessed by the application. So opening a file in 'update' mode in order to modify the header or append new extensions will not cause any change to the data in existing extensions. This release also fixes a few Windows-specific bugs found through more extensive Windows testing, and other miscellaneous bugs. Bug Fixes ^^^^^^^^^ - More accurate error messages when opening files containing invalid header cards. (#109) - Fixed a possible reference cycle/memory leak that was caught through more extensive testing on Windows. (#112) - Fixed 'ostream' mode to open the underlying file in 'wb' mode instead of 'w' mode. (#112) - Fixed a Windows-only issue where trying to save updates to a resized FITS file could result in a crash due to there being open mmaps on that file. (#112) - Fixed a crash when trying to create a FITS table (i.e. with new_table()) from a Numpy array containing bool fields. (#113) - Fixed a bug where manually initializing an ``HDUList`` with a list of of HDUs wouldn't set the correct EXTEND keyword value on the primary HDU. (#114) - Fixed a crash that could occur when trying to deepcopy a Header in Python < 2.7. (#115) - Fixed an issue where merely opening a scaled image in 'update' mode would cause the data to be converted to floats when the file is closed. (#119) 3.0.5 (2012-01-30) ------------------ - Fixed a crash that could occur when accessing image sections of files opened with memmap=True. (r1211) - Fixed the inconsistency in the behavior of files opened in 'readonly' mode when memmap=True vs. when memmap=False. In the latter case, although changes to array data were not saved to disk, it was possible to update the array data in memory. On the other hand with memmap=True, 'readonly' mode prevented even in-memory modification to the data. This is what 'copyonwrite' mode was for, but difference in behavior was confusing. Now 'readonly' is equivalent to 'copyonwrite' when using memmap. If the old behavior of denying changes to the array data is necessary, a new 'denywrite' mode may be used, though it is only applicable to files opened with memmap. (r1275) - Fixed an issue where files opened with memmap=True would return image data as a raw numpy.memmap object, which can cause some unexpected behaviors--instead memmap object is viewed as a numpy.ndarray. (r1285) - Fixed an issue in Python 3 where a workaround for a bug in Numpy on Python 3 interacted badly with some other software, namely to vo.table package (and possibly others). (r1320, r1337, and #110) - Fixed buggy behavior in the handling of SIGINTs (i.e. Ctrl-C keyboard interrupts) while flushing changes to a FITS file. PyFITS already prevented SIGINTs from causing an incomplete flush, but did not clean up the signal handlers properly afterwards, or reraise the keyboard interrupt once the flush was complete. (r1321) - Fixed a crash that could occur in Python 3 when opening files with checksum checking enabled. (r1336) - Fixed a small bug that could cause a crash in the `StreamingHDU` interface when using Numpy below version 1.5. - Fixed a crash that could occur when creating a new `CompImageHDU` from an array of big-endian data. (#104) - Fixed a crash when opening a file with extra zero padding at the end. Though FITS files should not have such padding, it's not explictly forbidden by the format either, and PyFITS shouldn't stumble over it. (#106) - Fixed a major slowdown in opening tables containing large columns of string values. (#111) 3.0.4 (2011-11-22) ------------------ - Fixed a crash when writing HCOMPRESS compressed images that could happen on Python 2.5 and 2.6. (r1217) - Fixed a crash when slicing an table in a file opened in 'readonly' mode with memmap=True. (r1230) - Writing changes to a file or writing to a new file verifies the output in 'fix' mode by default instead of 'exception'--that is, PyFITS will automatically fix common FITS format errors rather than raising an exception. (r1243) - Fixed a bug where convenience functions such as getval() and getheader() crashed when specifying just 'PRIMARY' as the extension to use (r1263). - Fixed a bug that prevented passing keyword arguments (beyond the standard data and header arguments) as positional arguments to the constructors of extension HDU classes. - Fixed some tests that were failing on Windows--in this case the tests themselves failed to close some temp files and Windows refused to delete them while there were still open handles on them. (r1295) - Fixed an issue with floating point formatting in header values on Python 2.5 for Windows (and possibly other platforms). The exponent was zero-padded to 3 digits; although the FITS standard makes no specification on this, the formatting is now normalized to always pad the exponent to two digits. (r1295) - Fixed a bug where long commentary cards (such as HISTORY and COMMENT) were broken into multiple CONTINUE cards. However, commentary cards are not expected to be found in CONTINUE cards. Instead these long cards are broken into multiple commentary cards. (#97) - GZIP/ZIP-compressed FITS files can be detected and opened regardless of their filename extension. (#99) - Fixed a serious bug where opening scaled images in 'update' mode and then closing the file without touching the data would cause the file to be corrupted. (#101) 3.0.3 (2011-10-05) ------------------ - Fixed several small bugs involving corner cases in record-valued keyword cards (#70) - In some cases HDU creation failed if the first keyword value in the header was not a string value (#89) - Fixed a crash when trying to compute the HDU checksum when the data array contains an odd number of bytes (#91) - Disabled an unnecessary warning that was displayed on opening compressed HDUs with disable_image_compression = True (#92) - Fixed a typo in code for handling HCOMPRESS compressed images. 3.0.2 (2011-09-23) ------------------ - The ``BinTableHDU.tcreate`` method and by extension the ``pyfits.tcreate`` function don't get tripped up by blank lines anymore (#14) - The presence, value, and position of the EXTEND keyword in Primary HDUs is verified when reading/writing a FITS file (#32) - Improved documentation (in warning messages as well as in the handbook) that PyFITS uses zero-based indexing (as one would expect for C/Python code, but contrary to the PyFITS standard which was written with FORTRAN in mind) (#68) - Fixed a bug where updating a header card comment could cause the value to be lost if it had not already been read from the card image string. - Fixed a related bug where changes made directly to Card object in a header (i.e. assigning directly to card.value or card.comment) would not propagate when flushing changes to the file (#69) [Note: This and the bug above it were originally reported as being fixed in version 3.0.1, but the fix was never included in the release.] - Improved file handling, particularly in Python 3 which had a few small file I/O-related bugs (#76) - Fixed a bug where updating a FITS file would sometimes cause it to lose its original file permissions (#79) - Fixed the handling of TDIMn keywords; 3.0 added support for them, but got the axis order backards (they were treated as though they were row-major) (#82) - Fixed a crash when a FITS file containing scaled data is opened and immediately written to a new file without explicitly viewing the data first (#84) - Fixed a bug where creating a table with columns named either 'names' or 'formats' resulted in an infinite recursion (#86) 3.0.1 (2011-09-12) ------------------ - Fixed a bug where updating a header card comment could cause the value to be lost if it had not already been read from the card image string. - Changed ``_TableBaseHDU.data`` so that if the data contain an empty table a ``FITS_rec`` object with zero rows is returned rather than ``None``. - The ``.key`` attribute of ``RecordValuedKeywordCards`` now returns the full keyword+field-specifier value, instead of just the plain keyword (#46) - Fixed a related bug where changes made directly to Card object in a header (i.e. assigning directly to card.value or card.comment) would not propagate when flushing changes to the file (#69) - Fixed a bug where writing a table with zero rows could fail in some cases (#72) - Miscellanous small bug fixes that were causing some tests to fail, particularly on Python 3 (#74, #75) - Fixed a bug where creating a table column from an array in non-native byte order would not preserve the byte order, thus interpreting the column array using the wrong byte order (#77) 3.0.0 (2011-08-23) -------------------- - Contains major changes, bumping the version to 3.0 - Large amounts of refactoring and reorganization of the code; tried to preserve public API backwards-compatibility with older versions (private API has many changes and is not guaranteed to be backwards-compatible). There are a few small public API changes to be aware of: * The pyfits.rec module has been removed completely. If your version of numpy does not have the numpy.core.records module it is too old to be used with PyFITS. * The ``Header.ascardlist()`` method is deprecated--use the ``.ascard`` attribute instead. * ``Card`` instances have a new ``.cardimage`` attribute that should be used rather than ``.ascardimage()``, which may become deprecated. * The ``Card.fromstring()`` method is now a classmethod. It returns a new ``Card`` instance rather than modifying an existing instance. * The ``req_cards()`` method on HDU instances has changed: The ``pos`` argument is not longer a string. It is either an integer value (meaning the card's position must match that value) or it can be a function that takes the card's position as it's argument, and returns True if the position is valid. Likewise, the ``test`` argument no longer takes a string, but instead a function that validates the card's value and returns True or False. * The ``get_coldefs()`` method of table HDUs is deprecated. Use the ``.columns`` attribute instead. * The ``ColDefs.data`` attribute is deprecated--use ``ColDefs.columns`` instead (though in general you shouldn't mess with it directly--it might become internal at some point). * ``FITS_record`` objects take ``start`` and ``end`` as arguments instead of ``startColumn`` and ``endColumn`` (these are rarely created manually, so it's unlikely that this change will affect anyone). * ``BinTableHDU.tcreate()`` is now a classmethod, and returns a new ``BinTableHDU`` instance. * Use ``ExtensionHDU`` and ``NonstandardExtHDU`` for making new extension HDU classes. They are now public interfaces, wheres previously they were private and prefixed with underscores. * Possibly others--please report if you find any changes that cause difficulties. - Calls to deprecated functions will display a Deprecation warning. However, in Python 2.7 and up Deprecation warnings are ignored by default, so run Python with the `-Wd` option to see if you're using any deprecated functions. If we get close to actually removing any functions, we might make the Deprecation warnings display by default. - Added basic Python 3 support - Added support for multi-dimensional columns in tables as specified by the TDIMn keywords (#47) - Fixed a major memory leak that occurred when creating new tables with the ``new_table()`` function (#49) be padded with zero-bytes) vs ASCII tables (where strings are padded with spaces) (#15) - Fixed a bug in which the case of Random Access Group parameters names was not preserved when writing (#41) - Added support for binary table fields with zero width (#42) - Added support for wider integer types in ASCII tables; although this is non- standard, some GEIS images require it (#45) - Fixed a bug that caused the index_of() method of HDULists to crash when the HDUList object is created from scratch (#48) - Fixed the behavior of string padding in binary tables (where strings should be padded with nulls instead of spaces) - Fixed a rare issue that caused excessive memory usage when computing checksums using a non-standard block size (see r818) - Add support for forced uint data in image sections (#53) - Fixed an issue where variable-length array columns were not extended when creating a new table with more rows than the original (#54) - Fixed tuple and list-based indexing of FITS_rec objects (#55) - Fixed an issue where BZERO and BSCALE keywords were appended to headers in the wrong location (#56) - ``FITS_record`` objects (table rows) have full slicing support, including stepping, etc. (#59) - Fixed a bug where updating multiple files simultaneously (such as when running parallel processes) could lead to a race condition with mktemp() (#61) - Fixed a bug where compressed image headers were not in the order expected by the funpack utility (#62)

Release 3.1.2 - 2014/01/29 -------------------------- Improvements ^^^^^^^^^^^^ * [doc] Updated to caplitalized "Groonga" terms in documentation. [Patch by cosmo0920] [GitHub#136, #137, #138, #139, #140, #141, #142, #143, #144, #145, #146, #147, #148, #149, #150, #151] * Supported to customize the value of lock timeout. See :doc:`/reference/api/global_configurations` about details. [groonga-dev,02017] [Suggested by yoku] * [doc] Added description about the value of lock timeout. * Enabled ``GRN_JA_SKIP_SAME_VALUE_PUT`` by default. In the previous releases, the value of this configuration is 'no'. This change affects reducing the size of Groonga database. * Supported multiple indexes including a nested index and multiple keywords query. This change improves missing search results isssue when narrowing down by multiple keywords query. * Added API to customize normalizer for snippet. Fixes ^^^^^ * Fixed not to use index for empty query. This change enables you to search even though empty query. Note that this means that there is performance penalty if many empty records exist. [groonga-dev,02052] [Reported by Naoya Murakami] * Fixed the behaviour about return value of "X || Y" and "X && Y" for adjusting to ECMAScript. In "X || Y" case, if either X or Y satisfy the condition, it returns X itself or Y itself instead of 1 or 0. * In "X && Y" case, if X and Y satisfy the condition, it returns X itself instead of 1. if X doesn't satisfy the condition, it returns false instead of 0. * Fixed to return null when no snippet is found. This change enables you to set the default value of :doc:`/reference/functions/snippet_html`. In such a purpose, use "snippet_html(XXX) || 'default value'". Thanks ^^^^^^ * cosmo0920 * yoku * Naoya Murakami

@rsub

17 Dec 2013 - 2.7.7 ------------------- Fixes: - Changed release version to 2.7.7 - Got the configure scripts inside the release tarball 16 Dec 2013 - 2.7.6 ------------------- Improvements: - Organizes all Makefile.am - 1cde4d2dd9d96747536c1c25d06ba0677069477f Now using one file per line (sorted). This is the better way to handle it, since it reduces the possibility of merge conflicts. - nginx: generates config file using configure input. - 351b9cc357d439e30ebd61d89a9e38ecf55c6827 The nginx config file was looking for depedencies by its own, by doing that it was ignoring the options that were passed to configure script. This commit deletes this config file and adds a meta-config which is populated by configure whenever the standalone-module is enabled. - nginx: adds lua support - da16d9e5d51d4ef8734687514a4e1368e7fb4284 - iis: Cosmetics fixies on sqli. - 5046c8327ea21c69b4c0d0c0057c692b05b09fef This is needed to get it compiled with VS2011 on Windows8 - Regression tests: makes configuration compatible with 2.2 and 2.4 (try 2) - ae252ee8767069363906e5a611dff487b799b839 - nginx: Trying apxs and apxs2 while compiling nginx module - 65d9272fdc353e1263567b60604542d377d19672 - nginx: Trying apxs and apxs2 while compiling nginx module - 35fd75d859e4a8873b8843da1db13e04a1b08140 - macos: Using glibtoolize instead of libtoolize - 751a9f4e45213cd69f00c62c71edc9d7ad99b82d - regression-tests: makes configuration compatible with 2.2 and 2.4 - 6fc4cac37ab1be8d1232140042b58fe4bd93ee17 - Regression test: get it working with apache 2.4 - e9813cd0d9bfc5b0c9aa5832634ec1b39b805108 Changes in httpd.conf.in to get it working with apache 2.4 - Code cosmetics. - 7366f35c1d80772d739b35da8faa972f92a72b97 Changed to reduce the number of possible fails during Build Bot compilation. - iis: Waiting for 5 seconds before move curl directory - 9bf2959c919587ebc63f5a1b8c0785da8927bff5 Testing buildbot. - Redefines unixd_set_global_mutex_perms on tests - f70f6f4281b806627e0cf0dbb9c84ae5864bdb16 Avoding conflicts with the standalone implementation - Adds verbose quality check - 388943440cc9b8c6fdea09f5e365a2e5a3e792e2 Vera++ and ccpcheck are not outputing to the stderr instead stdout allowing the buildbot to extract some numbers about it. - Adds support for coding style and quality check - b77e90152d119609ac78a7028383c3b79898b2cf Initial effort to get the code on shape. This will be executed by the buildbots as soon as they get ready for it. - iis: New improvements on the Wix installer - 2ea5a74a7bfb00f21312e51e48aa6dac03d84600 * Now the installation is divided in modules: ModSecurity and CRS. * Added default configuration * Configuration was moved to "Program Files" folder * Build_msi script now using candle available in %PATH% - iis: Removes the installer helper dependency - 1a12648c9f6028f251af0f03c889397c7954b74c Now using appcmd directly with WiX instead of calling the installer helper. - iis: Remove readme.html - 550d5aae21cba696cac1ce75ab8113e5255d5a59 This HTML is about "Creating a Native Module for IIS7" not straight related to ModSecurity itself. - iis: Adds batch script to compile Wix - a2c5fc831baf0b324ebb66b0f878dacf1ec2f808 This batch script can be used to generate our msi installer. - iis: Adds Wix installer resources - 3604763e15a665eb7a6ecae1f7e7c65cebbb1d17 This is all about cosmetic changes. - iss: Removes Post-Build event. - 28bbde1bb218b004654cb865fc8563d69b848dc2 There was a copy on Post-Build event using a hard coded path. This patch removes this Post-Build event. - iis: Relative paths on the VS project file - 368617ddb2443f9b6036f80a648d467d07c9a054 There are a ModSecurityIIS solution and project files, those were using hard coded paths to meet the dependencies. As consequence of the last update in our build scripts, now we are able to built the dependencies and load it to our Visual Studio project using relative paths. - iis: Adds release script - 9477118903861ce80c4c27cb581bf3462315e98e - iis: fixies the Installer.cpp coding style - 79875b1af8e8571098345b91557bab9c06eb7c88 - iis: Removes AppWizard remade file - 91738f93bcc82b6ab756c550a66b6cf6af2fa9f8 Apparently the AppWizard was used to generate part of this Installer, the ReadMe.txt created by the AppWizard was removed by this commit - iss: Removes pre-compiled headers - adfbeb85dcfa9466b72eebb8d1bd8eb7728bab79 No need to use the pre-compiled headers in InstallerHelper, removing it, in order to keep the project lean. - iis: Moves installer to InstallerHelper - 6adf25667dd4bfa33010bd6d8ae3d35046a69967 To organize the folder the Installer application was renamed to installer helper. It is not the real installer, it is just an helper which is executed during the installation phase. - iss: Removes fart dependencies - 8c3b8d81b613aaa38f28472af1eb26c90c7fc9da This commit removes the dependency of the fart.exe utility. The utility was responsible to rename contents inside some dependencies build files. Those modifications are not longer needed. - iss: Better err handling in build scripts. - 192599bf63b6ae5aa08e4536a90d5d0a17f969f7 Now checking for errors in every step of the build phase - iis: Moves build_module.bat to build_modsecurity.bat - e25c6b2e85ced7beba4d41867dbdf30e9c1286d3 The build_modsecurity.bat is now on the iis sub-directory, not in the dependencies anymore. Its content was also changed fixing all the paths. - iis: Identifies arch before unzip apache - cf5de78dfb9fffd21edf17af9e1db8f2fd83c804 Currently we need the Apache binary which could be used in 32 or 64 bits. This patch makes usage of 'cl' to identify which architecture is set. - iis: Renamves winbuild to dependencies - 1447766e816a896e88c9c8f053fcc3f62797bac1 Since the directory becomes all about dependencies there is no need to call it winbuild anymore. - iis: Removes unnecessary files from winbuild dir - 9f8cbf6ed8034ba42aa4967699308df09864fd18 Those .mak files seems to be part of an old build system. Since the script are now working fine, this commit removes all those .mac files and also a CMakeList.txt and the Makefile.win. - iis: Improves the iis build system - b277e538f28c87c81c1b50925dd8b82996b88294 Now checking for common errors while building. Refactoring on the build scripts, now there is this build_dependencies.bat script on the iis sub-folder. By calling this script all the dependencies should be build under the winbuild/. This commit also removes build scripts that were not needed anymore. - iis: Fixes the vcxproj file - a946a163f0ad822c760af80ca32dda61f0e6b2a9 Versions of the dependencies were changed, as long as the version of the Visual Studio, now 12. - iis: Removes unecessary files from the build system - 26738d2e34bcc7620047bd23180e0e26a64c71ee The following files were removed: * VCVarsQueryRegistry.bat * vcvars64.bat * vsvars32.bat The visual studio files can be called direcltly, not necessary to distribute those files, at least in VS12. - iss: Changes httpd version 2.4.6 - 0a772cb0748aa51a01800e0473309b9de792b456 Apache version was changed to 2.4.6 to sync with the current apache lounge version. - iis: Changes the version of the dependencies - 3e6fb41d36b7a5e98a55d8f52b88b29d1bd50b64 * pcre from 8.30 to 8.33 * zlib from 1.2.7 to 1.2.8 * libxml2 from 2.7.7 to 2.9.1 * curl from 7.24 to 7.33.0 - Removes standalone/Makefile.in - e3c19d53d23c48fea337aae76a87b2a85c36a1f1 Makefile.in is recommended to be in the repository whenever it is edit manually, in our case the automatically generated Makefile.in is ok. Bug Fixes: - test: Avoids conflict of fuctions definition - cef72855e4106ce29e1d39103ebf9eb9ab28f17e - test: Makes the unit tests to work again - cc982ae42ec86c79a67be1a01c6ee35fb06c272c The unit tests was not working due to lack update. This patch adds the necessary stuff to have it work again. - iis: Avoids directory link while building - ad330a44bfa39430cf6340cb52971568cccdf1d6 Build scripts was creating links allowing the project to be loaded into Visual Studio without care about the dependencies versions. Sometimes windows refuse to delete those links leading the script to fail. This patch moves the sources directories instead of create links to it. - QA: Avoids the utilization of 3rd filedescriptor - 69c5ccac662f4e11a6eefd54a3e912583c067b9d No need to use a 3rd description on the quality check scripts. Stderr is now redirected to stdout and filtered as needed. - Supports WarningCountingShellCommand in cppcheck and vera - baaf502363e68c3240b60adb7f7c91f5b4f0ba03 WarningCountingShellCommand allow us to have some measurements on the buildbot waterfall. - iis: Using base_rules instead of activated_rules - 7b1537058fa451e0df7098cd907ef19f04102f9d - iis: Fix inet_pton build problem - a4202146b8d26b6615bbab986383fe0afae60d77 There is a function named inet_pton on windows API, with different signature. This patch just override the windows function and point the inet_pton to our implementation. - iis: Adds Wix installer xml file.c - b32cb7d9ab397160f0154aa4bd4e9638658b41e6 This commit adds the Wix template to our git repository. - iis: build_modsecurity.bat fixies - 7e03e3f840375ed682c35a5bb67932461cc77013 This commit enable a cleanup on the mod_security build directory avoiding symbols with different architectures. - iis: Fix mlogc build on windows - 9b7663fa79377a0685130a019916d810f31e7478 The libcurl path was not pointing to the correct directory - Fix #154, Uses addn instead of apr_table_setn - 1734221d9d3a78f9aafd68e35717da9ee1a4fe51 The headers are represented in the format of an apr_table, which is able to handle elements with the same key, however the function apr_table_setn checks if the key exists before add the element, if so it replaces the old value with the new one. This was making our implementation to just keep the last added Cookie. The apr_table_addn function, which is now used, just add a new item without check for olders one. - Merge pull request #579 from zimmerle/revert_139 - 61e54f2067ae760808359926ff91d57275df1aac Revert merge request #139 - Revert "Merge pull request #139 from chaizhenhua/remotes/trunk" - 7f7d00fa2c364716691df1b45779304b24a0debb This reverts commit 10fd40fb0d06f6c577d870b6f15d2f6e2a3a5b1b, reversing changes made to 414033aafa94cd50c9b310afd3f164740caccc94. - Merge pull request #578 from client9/remotes/trunk - b0c3977845f60747b15ae10531b7d20355a22627 libinjection sync to v3.8.0 - libinjection sync - a5f175d79fac1e69124da4e1e227b622e7e233d7 - Merge pull request #152 from client9/remotes/trunk - 88ebf8a0bdbc4db1be76f3a2e70df77cc52a5925 Sync to libinjection v3.7.1 - libinjection sync - fcb6dc13ed6efb066fb9b70405eecab8b83a2d96 - libinjection sync - f52242a013f301ca5c17e59b662124833cb7cc6d - Merge pull request #148 from zimmerle/bugfix_charset_missing_string_terminator - b76e26d81ddafc2b99bffad53d1426f8fd33080a Bugfix: missing string terminator while mounting the charset (nginx) - Bugfix: missing string terminator while mounting the charset (nginx) - ff19dcd5c53d4af61d0a9397d4616f47f80ee207 The charset in headers is mounted using ngx_snprintf which does not place the string terminator. This patch adds the terminator at the end of the string. The size was correctly allocated, just missing the terminator. - Merge pull request #141 from client9/remotes/trunk - 9a630eea23a7ead4e77617c86dc937fd7a421a57 libinjection sync to v3.6.0 - libinjection sync - 11217207e8f2e0cf15742273836399866971071a - Fix Chunked string case sensitive issue - CVE-2013-5705 - f8d441cd25172fdfe5b613442fedfc0da3cc333d - Revert "Fix Chuncked string case sensitive issue" - 3901128f17e0763ac1a260106b79859d2aad6d90 This reverts commit 16a815a3c2735f62238ef99af26090a2b8430d3d. - Fix Chuncked string case sensitive issue - 16a815a3c2735f62238ef99af26090a2b8430d3d - Merge pull request #139 from chaizhenhua/remotes/trunk - 10fd40fb0d06f6c577d870b6f15d2f6e2a3a5b1b Fixed fd leackage after reload - Merge pull request #138 from client9/remotes/trunk - 414033aafa94cd50c9b310afd3f164740caccc94 libinjection sync - Fixed fd leackage after reload - e0993fcd7a166ce9e1a279a47d050af1311d9001 - libinjection sync - 2268626c20260e88cab9b7830f8a06101fa7172a - Fix logical disjunction and conjunction issues - 7e0a9ecf7d492e85650671a0cfcfd53e5f15df2c 23 Jul 2013 - 2.7.5 ------------------- Improvements: * SecUnicodeCodePage is deprecated. SecUnicodeMapFile now accepts the code page as a second parameter. * Updated Libinjection to version 3.4.1. Many improvements were made. * Severity action now supports strings (emergency, alert, critical, error, warning, notice, info, debug). Bug Fixes: * Fixed utf8toUnicode tfn null byte conversion. * Fixed NGINX crash when issue reload command. * Fixed flush output buffer before inject modified hashed response body. * Fixed url normalization for Hash Engine. * Fixed NGINX ap_unixd_set_global_perms_mutex compilation error with apache 2.4 devel files. Security Issues: 10 May 2013 - 2.7.4 ------------------- Improvements: * Added Libinjection project http://www.client9.com/projects/libinjection/ as a new operator @detectSQLi. (Thanks Nick Galbreath). * Added new variable SDBM_DELETE_ERROR that will be set to 1 when sdbm engine fails to delete entries. * NGINX is now set to STABLE. Thanks chaizhenhua and all the people in community who help the project testing, sending feedback and patches. Bug Fixes: * Fixed SecRulePerfTime storing unnecessary rules performance times. * Fixed Possible SDBM deadlock condition. * Fixed Possible @rsub memory leak. * Fixed REMOTE_ADDR content will receive the client ip address when mod_remoteip.c is present. * Fixed NGINX Audit engine in Concurrent mode was overwriting existing alert files because a issue with UNIQUE_ID. * Fixed CPU 100% issue in NGINX port. This is also related to an memory leak when loading response body. Security Issues: * Fixed Remote Null Pointer DeReference (CVE-2013-2765). When forceRequestBodyVariable action is triggered and a unknown Content-Type is used, mod_security will crash trying to manipulate msr->msc_reqbody_chunks->elts however msr->msc_reqbody_chunks is NULL. (Thanks Younes JAAIDI). 28 Mar 2013 - 2.7.3 ------------------- * Fixed IIS version race condition when module is initialized. * Fixed IIS version failing config commands in libapr. * Nginx version is now RC quality. The rule engine should works for all phases. We fixed many issues and missing features (for more information please check jira). Code is running well with latest Nginx 1.2.7 stable. Thanks chaizhenhua for your help. * Added MULTIPART_NAME and MULTIPART_FILENAME. Should be used soon by CRS and will help prevent attacks using multipart data. * Added --enable-htaccess-config configure option. It will allow the follow directives to be used into .htaccess files when AllowOverride Options is set: - SecAction - SecRule - SecRuleRemoveByMsg - SecRuleRemoveByTag - SecRuleRemoveById - SecRuleUpdateActionById - SecRuleUpdateTargetById - SecRuleUpdateTargetByTag - SecRuleUpdateTargetByMsg * Improvements in the ID duplicate code checking. Should be faster now. * SECURITY: Added SecXmlExternalEntity (On|Off - default it Off) that will disable by default the external entity load task executed by LibXml2. This is a security issue [CVE-2013-1915] reported by Timur Yunusov, Alexey Osipov (Positive Technologies). 21 Jan 2013 - 2.7.2 ------------------- * IIS version is now stable. * Fixed IIS version does not pass through POST data to ASP.NET when SecRequestBodyAccess is set to On (MODSEC-372). * Fixed IIS version HTTP Request Smuggling protection does not work (MODSEC-344). * Fixed IIS version PHP Injection Attack (958976) protection does not work (MODSEC-346). * Fixed IIS version Request limit protections are not working (MODSEC-349). * Fixed IIS version Outbound protections are not working (MODSEC-350). * Added IIS version better installer. * NGINX version removed ModSecurityPassCommand (Thanks chaizhenhua). * Fixed NGINX version ngx_http_read_client_request_body returned unexpected buffer type (Thanks chaizhenhua). * Fixed NGINX version INCS config directories on fedora (Thanks chaizhenhua). * Added NGINX version Added drop action for nginx (Thanks chaizhenhua). * Fixed bug in cpf_verify operator (Thanks Hideaki Hayashi). * Fixed build modsecurity under Arch Linux. * Fixed make test crashing when JIT pcre is enabled. * Fixed better cookie separator detection code. * Fixed mod_security displaying wrong ip address in error.log using apache 2.4 and mod_remoteip. * Fixed mod_security was not compiling when use apr without ipv6 support. * Fixed mod_security was not compiling when use lua 5.2. * Fixed issue when execute make install under Solaris. * Fixed ipmatchf operator was not working as expected. 01 Nov 2012 - 2.7.1 ------------------- * Changed "Encryption" name of directives and options related to hmac feature to "Hash". SecEncryptionEngine to SecHashEngine SecEncryptionKey to SecHashKey SecEncryptionParam to SecHashParam SecEncryptionMethodRx to SecHashMethodRx SecEncryptionMethodPm to SecHashMethodPm @validateEncryption to @validateHash ctl:EncryptionEnforcement to ctl:HashEnforcement ctl:EncryptionEngine to ctl:HashEngine * Added a better random bytes generator using apr_generate_random_bytes() to create the HMAC key. * Fixed byte conversion issue during logging under Linux s390x platform. * Fixed compilation bug with LibXML2 2.9.0 (Thanks Athmane Madjoudj). * Fixed parsing error with modsecurity-recommended.conf and Apache 2.4. * Fixed DROP action was disabled for Apache 2 module by mistake. * Fixed bug when use ctl:ruleRemoveTargetByTag. * Fixed IIS and NGINX modules bugs. * Fixed bug when @strmatch patterns use invalid escape sequence (Thanks Hideaki Hayashi). * Fixed bugs in @verifySSN (Thanks Hideaki Hayashi). * The doc/ directory now contains the instructions to access online documentation. 15 Oct 2012 - 2.7.0 ------------------- * Fixed Pause action should work as a disruptive action (MODSEC-297). * Fixed Problem loading mod_env variables in phase 2 (MODSEC-226). * Fixed Detect cookie v0 separator and use it for parsing (MODSEC-261). * Fixed Variable REMOTE_ADDR with wrong IP address in NGINX version (MODSEC-337). * Fixed Errors compiling NGINX version. * Added Include directive into standalone module. IIS and NGINX module should support Include directive like Apache2. * Added MULTIPART_INVALID_PART flag. Also used in rule id 200002 for multipart strict validation. https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20121017-0_mod_security_ruleset_bypass.txt). * Updated Reference Manual. 25 Sep 2012 - 2.6.8 ------------------- * Fixed ctl:ruleRemoveTargetByID order issue (MODSEC-333). Thanks to Armadillo Dasypodidae. * Fixed variable HIGHEST_SEVERITY incorrectly gets reset in a chain rule (MODSEC-315). Thanks to Valery Reznic. 10 Sep 2012 - 2.7.0-rc3 ------------------- * Fixed requests bigger than SecRequestBodyNoFilesLimit were truncated even engine mode was detection only. * Fixed double close() for multipart temporary files (Thanks Seema Deepak). * Fixed many small issues reported by Coverity Scanner (Thanks Peter Vrabek). * Fixed format string issue in ngnix experimental code. (Thanks Eldar Zaitov). * Added ctl:ruleRemoveTargetByTag/Msg and removed ctl:ruleUpdateTargetByTag/Msg. * Added IIS and Ngnix platform code. * Added new transformation utf8toUnicode. 23 Jul 2012 - 2.6.7 ------------------- * Fixed explicit target replacement using SecUpdateTargetById was broken. * The ctl:ruleUpdateTargetById is deprecated and will be removed for future versions since there is no safe way to use it per-request. * Added ctl:ruleRemoveTargetById that can be used to exclude targets to be processed per-request. 22 Jun 2012 - 2.7.0-rc2 ------------------- * Fixed compilation errors and warnings under Windows platform. * Fixed SecEncryptionKey was not working as expected. 08 Jun 2012 - 2.7.0-rc1 ------------------- * Added SecEncryptionEngine. Initial crypt engine support, at the momment it will sign some Html and Response Header options. * Added SecEncryptionKey to define the a rand or static key for crypt engine. * Added SecEncryptionParam to define the new parameter name. * Added SecEncryptionMethodRx used with a regular expression to inspect the html in response body/header and decide what to protect. * Added SecEncryptionMethodPm used with multiple or single strings to inspect the html in response body/header and decide what to protect. * Added ctl encryptionEngine as a per transaction version of SecEncryptionEgine diretive. * Added ctl encryptionEnforcement that will allow the engine to sign the data but the enforcement is disabled. * Added validateEncryption operator to enforce the signed elements. * Added rsub operator supports the syntax |hex| allowing users to use special chars like \n \r. * Added SecRuleUpdateTargetById now supports id range. * Added SecRuleUpdateTargetByMsg and its ctl version (Thanks Scott Gifford). * Added SecRuleUpdateTargetByTag and its ctl version (Thanks Scott Gifford). * Added SecRulePerfTime when greater than zero it will fill rule id's execution time into PERF_RULE and log id=usec information in the new Perf-rule-info: line in part H. * Added PERF_RULES variable that contains rule execution time. * Added Engine-mode: section in part H. * Added ruleRemoveByMsg ctl version. * Added removeCommentsChar and removeComments now can work with  style. * Added SecArgumentSeparator and SecCookieFormat can be used in different scope locations. * Added Rules must have ID action and must be numeric. * Added The use of tfns are deprecated in SecDefaultAction. Should be forbid in the future. * Added Macro expansion support to the action pause. * Added IpmatchFromFile/IpmatchF operator. * Added New setrsc action, the RESOURCE collection used SecWebAppId Name Space * Added Configure option --enable-cache-lua that allows reuse of Lua VM per transaction. It will only take any effect when ModSecurity has multiple scripts to run per transaction. * Added Configure option --enable-pcre-jit that allows ModSecurity regex engine to use PCRE Jit support. * Added Configure option --enable-request-early that allows ModSecurity run phase 1 in post_read_request hook. * Added RBL operator now support the httpBl api (http://www.projecthoneypot.org/httpbl_api.php). * Added SecHttpBlKey to be used with httpBl api. * Added SecSensorId will specify the modsecurity sensor name into audit log part H. * Added aliases to phase:2 (phase:request), phase:4 (phase:response) and phase:5 (phase:logging). * Added USERAGENT_IP variable. Created when Apache24 is used with mod_remoteip to know the real client ip address. ^ Added new rule metadata actions ver, maturity and accuracy. Also included into RULE collection. * Updated Reference manual into doc/ directory. * Fixed Variable DURATION contains the elapsed time in microseconds for compatible reasons with apache and other variables. * Fixed Preserve names/identity of the variables going into MATCHED_VARS. * Fixed Redirect macro expansion does not work in SecDefaultAction when SecRule uses block action. * Fixed rsub operator does not work as expect if regex contains parentheses (Thanks Jerome Freilinger). * Current Google Safe Browsing implementation is deprecated. Google changed the API and does not allow anymore the malware database for download. 08 Jun 2012 - 2.6.6 ------------------- * Added build system support for KfreeBSD and HURD. * Fixed a multipart bypass issue related to quote parsing Credits to Qualys Vulnerability & Malware Research Labs (VMRL). 20 Mar 2012 - 2.6.5 ------------------- * Fixed increased a specific message debug level in SBDM code (MODSEC-293). * Cleanup build system. 09 Mar 2012 - 2.6.4 ------------------- * Fixed Mlogc 100% CPU consume (Thanks Klaubert Herr and Ebrahim Khalilzadeh). * Fixed ModSecurity cannot load session and user sdbm data. * Fixed updateTargetById was creating rule unparsed content making apache memory grow. * Code cleanup. 23 Feb 2012 - 2.6.4-rc1 ------------------- * Fixed @rsub adding garbage data into stream variables. * Fixed regex for section A into mlogc-batch-load.pl (Thanks Ebrahim Khalilzadeh). * Fixed logdata cuts message without closing it with final chars. * Added sanitizeMatchedBytes support to verifyCPF, verifyCC and verifySSN. 06 Dec 2011 - 2.6.3-rc1 ------------------- * Fixed MATCHED_VARS does not correctly handle multiple VARS with the same name. * Fixed SDBM garbage collection was not working as expected, increasing the size of files. * Fixed wrong timestamp calculation for some time zones in log files. * Fixed SecUpdateTargetById failed to load multiple VARS (MODSEC-270). * Fixed Reverted hexDecode for hexEncode compatibility reason. * Added SecCollectionTimeout to set collection timeout, default is 3600. * Added sqlHexDecode transformation to decode sql hex data. Thanks Marc Stern. 30 Sep 2011 - 2.6.2 ------------------- * Fixed hexDecode test during make. * Updated the reference manual into doc/ directory. 5 Sep 2011 - 2.6.2-rc1 ------------------- * Added support to macro expansion for rx operator. * Added new transformations removeComments and removeCommentsChars * Fixed colletion names are not case-sensitive anymore. * Fixed compilation errors with apache 2.0. * Fixed build system was not using some libraries CFLAGS. * Fixed check for valid hex values into hexDecode transformation. * Fixed ctl:ruleUpdateTargetById appending multiple targets. 18 Jun 2011 - 2.6.1 ------------------- * Updated the reference manual into doc/ directory. 11 Jul 2011 - trunk ------------------- * Add HttpBl support to rbl operator. 30 Jun 2011 - 2.6.1-rc1 ------------------- * Fixed SecUploadFileMode doesn't work with the new build system. * Fixed building with Lua library (Thanks Diego Elio). * Fixed some ./configure --enable* features not being enabled in compilation time. * Improvements on GSB database add/search operations. * Log part K was removed from modsecurity.conf-recommended. * Added SecUnicodeMapFile directive. Must be use to load the unicode.mapping file. * Added SecUnicodeCodePage directive. Used to define the unicode code page. There are a few already available: 1250 (ANSI - Central Europe) 1251 (ANSI - Cyrillic) 1252 (ANSI - Latin I) 1253 (ANSI - Greek) 1254 (ANSI - Turkish) 1255 (ANSI - Hebrew) 1256 (ANSI - Arabic) 1257 (ANSI - Baltic) 1258 (ANSI/OEM - Viet Nam) 20127 (US-ASCII) 20261 (T.61) 20866 (Russian - KOI8) 28591 (ISO 8859-1 Latin I) 28592 (ISO 8859-2 Central Europe) 28605 (ISO 8859-15 Latin 9) 37 (IBM EBCDIC - U.S./Canada) 437 (OEM - United States) 500 (IBM EBCDIC - International) 850 (OEM - Multilingual Latin I) 860 (OEM - Portuguese) 861 (OEM - Icelandic) 863 (OEM - Canadian French) 865 (OEM - Nordic) 874 (ANSI/OEM - Thai) 932 (ANSI/OEM - Japanese Shift-JIS) 936 (ANSI/OEM - Simplified Chinese GBK) 949 (ANSI/OEM - Korean) 950 (ANSI/OEM - Traditional Chinese Big5) Also mapping some extra unicode chars defined at http://tools.ietf.org/html/rfc3490#section-3.1 * Fixed SecRequestBodyLimit was truncating the real request body. 18 May 2011 - 2.6.0 ------------------- * Added SecWriteStateLimit for Slow Post DoS mitigation. * Fix problem when buffering in input filter. * Fix memory leak when use MATCHED_VAR_NAMES. 2 May 2011 - 2.6.0-rc2 ------------------- * Added code optimizations - thanks Diego Elio. * Added support to AIX and HPUX in the build system (untested). * Renamed decodeBase64Ext to base64DecodeExt. * Build system improvements - thanks Diego Elio. * Improvements on gsblookup parser. * Fixed input filter bug when upload files and SecStreamInBodyInspect is enabled. * Logging improvements and bug fix. * Remove extra useless files when make clean and maintainer-clean 18 Apr 2011 - 2.6.0-rc1 ------------------- * Replaced previous GPLv2 License to Apachev2. * Added Google Safe Browsing lookups operator and directive. It should be used to extract and lookup urls from http packets. * Added Data Modification operator. It must be used with STREAM_* variables to replace/add/edit any data from http bodies. * Added STREAM_OUPUT_BODY and STREAM_INPUT_BODY variables to work with data modification operators. * Added fast ip address operator. It supports partial ip address, cidr for IPv4 and IPv6. Thanks Tom Donovan. * Added new sensitive data tracking verifyCPF and verifySSN. * Added MATCHED_VARS and MATCHED_VARS_NAMES. It is similiar to MATCHED_VAR, but now we should see all matched variables. * Added UNIQUE_ID variable. It holds the data created my mod_unique_id. * Added new tranformation cmdline. Thanks Marc Stern. * Added new exception handling operators and directives. It should help users reduce FN and FPs. The directives SecRuleUpdateTargetById, SecRuleRemoveByTag and its ctl actions were included. * Added SecStreamOutBodyInspection and SecStreamInBodyInspection to enable STREAM_* variables. * Added SecGsbLookupDB used to load Google Safe Browsing malware databse into memory. * Added the directive SecInterceptOnError to control what to do if a rule returns values less than zero. * Improvements in DetectionOnly engine mode. Also added SecRequestBodyLimitAction to control what to do if the engine receive a http request over a hard limit. Note that there is now many combinations with SecRuleEngine and the limit action directives for response and request data. Please see the reference manual. * Improvements under RBL operator. It now will parse return code values for some RBL lists. * Added new Log Part J. It should log some informations about uploaded files. * Added new sanitizeMatchedBytes action. It will give more flexibilty for user to sanitize logged data, also improving peformance when sanitize big amount of data. * Improvements on Logging phase. It is possible now see full chains, distinguish between simple rules, chain starters and chain nodes. * Improvements on AutoTools usage. * Improvements on pattern matching operators, pmf, pm and strmatch now supports more flexible input data allowing any kind of special char. * Improvements on SecRuleUpdateActionById to update chain nodes. * Many bugs were fixed. Please see the ModSecurity Jira for more details 19 Mar 2010 - trunk ------------------- * Added SecDisableBackendCompression, which disabled backend compression while keeping the frontend compression enabled (assuming mod_deflate in installed and configured in the proxy). [Ivan Ristic] * Added REQUEST_BODY_LENGTH, which contains the number of request body bytes read. [Ivan Ristic] * Integrate with mod_log_config using the %{VARNAME}M format string. (MODSEC-108) [Ivan Ristic] * Replaced the previous time-measuring mechanism with a new one, which provides the following information: request time, request duration, phase duration (for all 5 phases), time spent dealing with persistent storage, and time spent on audit logging. The new information is now available in the Stopwatch2 audit log header. The Stopwatch header remains for backward compatiblity, although it now only includes the request time and request duration values. Added the following variables: PERF_COMBINED, PERF_PHASE1, PERF_PHASE2, PERF_PHASE3, PERF_PHASE4, PERF_PHASE5, PERF_SREAD, PERF_SWRITE, PERF_LOGGING, PERF_GC. [Ivan Ristic] * Added DURATION, which contains the time ellapsed since the beginning of the current transaction, in milliseconds. [Ivan Ristic] * Adjusted phase 5 to execute just prior to mod_log_config. This should allow phase 5 rules to to implement conditional logging, as well as pave support for allowing access to all ModSecurity variables from mog_log_config. [Ivan Ristic] * Added the URLENCODED_ERROR flag, which is raised whenever invalid URL encoding is encountered in the query string or in the request body (but only if URLENCODED request body processor is used). (MODSEC-111) [Ivan Ristic] * Removed the obsolete PDF UXSS functionality. (MODSEC-96) [Ivan Ristic] * Renamed normalisePath to normalizePath and normalisePathWin to normalizePathWin. Kept the previous names for backward compatibility. (MODSEC-103) [Ivan Ristic] * Moved phase 1 to be run in the same Apache hook as phase 2. This means that you can now have phase 1 rules in <Location> tags and, more importantly, override server configuration in <Location> and others. (MODSEC-98) [Ivan Ristic] * Renamed the sanitise family of actions to sanitize. Kept the old variants for backward compatibility. (MODSEC-95) [Ivan Ristic] * Improve the logging of the ctl action. (MODSEC-99) [Ivan Ristic] * Cleanup build files that were from the Apache source.

3.6.0 (2014-06-18) ------------------ * Add example of rest arguments usage in the readme file #139 * Default values on options are printed in the help message #134

@elyscape

### 1.7.2 / 2015-04-19 #### Bug fixes * Fix #138 (a regression of #131). PR #139. ### 1.7.1 / 2015-02-24 #### Enhancements * Add travis CI configuration (Eli Young (@elyscape), #130) * Add Rubinius to Build Matrix with Allowed Failure (Brandon Fish (bjfish), #132) * Make some adjustments on tests (Abinoam Marques Jr., #133, #134) * Drop support for Ruby 1.8 (Abinoam Marques Jr., #134) #### Bug fixes * Fix IO.console.winsize returning reversed column and line values (Fission Xuiptz (@fissionxuiptz)), #131) ### 1.7.0 / 2015-02-18 #### Bug fixes * Fix correct encoding of statements to output encoding (Dāvis (davispuh), #110) * Fix character echoing when echo is false and multibyte character is typed (Abinoam Marques Jr., #117 #118) * Fix backspace support on Cyrillic (Abinoam Marques Jr., #115 #118) * Fix returning wrong encoding when echo is false (Abinoam Marques Jr., #116 #118) * Fix Question #limit and #realine incompatibilities (Abinoam Marques Jr. #113 #120) * Fix/improve string coercion on #say (Abinoam Marques Jr., #98 #122) * Fix #terminal_size returning nil in some terminals (Abinoam Marques Jr., #85 #123) #### Enhancements * Improve #format_statement String coercion (Michael Bishop (michaeljbishop), #104) * Update homepage url on gemspec (Rubyforge->GitHub) (Edward Anderson (nilbus), #107) * Update COPYING file (Vít Ondruch (voxik), #109) * Improve multi-byte encoding support (Abinoam Marques Jr., #115 #116 #117 #118) * Make :grey -> :gray and :light -> :bright aliases (Abinoam Marques Jr., #114 #119) * Return the default object (as it is) when no answer given (Abinoam Marques Jr., #112 #121) * Added test for Yaml serialization of HighLine::String (Abinoam Marques Jr., #69 #124) * Make improvements on Changelog and Rakefile (Abinoam Marques Jr., #126 #127 #128)

* Disable debug library Changelog: Release 1.6.1 (2015-08-03) ========================== - added project and solution files for Visual Studio 2015 - upgraded bundled SQLite to 3.8.11.1 - fixed GH #782: Poco::JSON::PrintHandler not working for nested arrays - fixed GH #819: JSON Stringifier fails with preserve insert order - fixed GH #878: UUID tryParse - fixed GH #869: FIFOBuffer::read(T*, std::size_t) documentation inaccurate - fixed GH #861: Var BadCastException - fixed GH #779: BUG in 1.6.0 Zip code - fixed GH #769: Poco::Var operator== throws exception - fixed GH #766: Poco::JSON::PrintHandler not working for objects in array - fixed GH #763: Unable to build static with NetSSL_OpenSSL for OS X - fixed GH #750: BsonWriter::write<Binary::Ptr> missing size ? - fixed GH #741: Timestamp anomaly in Poco::Logger on WindowsCE - fixed GH #735: WEC2013 build fails due to missing Poco::Path methods. - fixed GH #722: poco-1.6.0: Unicode Converter Test confuses string and char types - fixed GH #719: StreamSocket::receiveBytes and FIFOBuffer issue in 1.6 - fixed GH #706: POCO1.6 Sample EchoServer BUG - fixed GH #646: Prevent possible data race in access to Timer::_periodicInerval - DeflatingStream: do not flush underlying stream on sync() as these can cause corrupted files in Zip archives Release 1.6.0 (2014-12-22) ========================== - fixed GH #625: MongoDB ensureIndex double insert? - fixed GH #622: Crypto: RSATest::testSign() should verify with public key only - fixed GH #620: Data documentation sample code outdated - fixed GH #618: OS X 10.10 defines PAGE_SIZE macro, conflicts with PAGE_SIZE in Thread_POSIX.cpp - fixed GH #616: Visual Studio warning C4244 - fixed GH #612: OpenSSLInitializer calls OPENSSL_config but not CONF_modules_free - fixed GH #608: (Parallel)SocketAcceptor ctor/dtor call virtual functions - fixed GH #607: Idle Reactor high CPU usage - fixed GH #606: HTMLForm constructor read application/x-www-form-urlencoded UTF-8 request body first parameter with BOM in name - fixed GH #596: For OpenSSL 1.0.1, include openssl/crypto.h not openssl/fips.h - fixed GH #592: Incorrect format string in Poco::Dynamic::Struct - fixed GH #590: Poco::Data::SQlite doesn't support URI filenames - fixed GH #564: URI::encode - fixed GH #560: DateTime class calculates a wrong day - fixed GH #549: Memory allocation is not safe between fork() and execve() - fixed GH #500: SSLManager causes a crash - fixed GH #490: 2 byte frame with payload length of 0 throws "Incomplete Frame Received" exception - fixed GH #483: multiple cases for sqlite_busy - fixed GH #482: Poco::JSON::Stringifier::stringify bad behaviour - fixed GH #478: HTTPCredentials not according to HTTP spec - fixed GH #471: vs2010 release builds have optimization disabled ? - fixed GH #468: HTTPClientSession/HTTPResponse not forwarding exceptions - fixed GH #438: Poco::File::setLastModified() doesn't work - fixed GH #402: StreamSocket::receiveBytes(FIFOBuffer&) and sendBytes(FIFOBuffer&) are not thread safe - fixed GH #345: Linker warning LNK4221 in Foundation for SignalHandler.obj, String.obj and ByteOrder.obj - fixed GH #331: Poco::Zip does not support files with ".." in the name. - fixed GH #318: Logger local time doesn't automatically account for DST - fixed GH #294: Poco::Net::TCPServerParams::setMaxThreads(int count) will not accept count == 0. - fixed GH #215: develop WinCE build broken - fixed GH #63: Net::NameValueCollection::size() returns int - Poco::Logger: formatting methods now support up to 10 arguments. - added Poco::Timestamp::raw() - Poco::DeflatingOutputStream and Poco::InflatingOutputStreams also flush underlying stream on flush()/sync(). - Poco::Util::Timer: prevent re-schedule of cancelled TimerTask - enabled WinRegistryKey and WinRegistryConfiguration for WinCE - Poco::BasicEvent improvements and preparations for future support of lambdas/std::function - upgraded bundled sqlite to 3.8.7.2 - Poco::Thread: added support for starting functors/lambdas - Poco::Net::HTTPClientSession: added support for global proxy configuration - added support for OAuth 1.0/2.0 via Poco::Net::OAuth10Credentials and Poco::Net::OAuth20Credentials classes. - Poco::Net::IPAddress: fixed IPv6 prefix handling issue on Windows - added Poco::Timestamp::TIMEVAL_MIN and Poco::Timestamp::TIMEVAL_MAX - added Poco::Clock::CLOCKVAL_MIN and Poco::Clock::CLOCKVAL_MAX - added poco_assert_msg() and poco_assert_msg_dbg() macros - Poco::Net::Context: fixed a memory leak if the CA file was not found while creating the Context object (the underlying OpenSSL context would leak) - Poco::URI: added new constructor to create URI from Path - Various documentation and style fixes - Removed support (project/solution files) for Visual Studio.NET 2003 and Visual Studio 2005. - Improved CMake support Release 1.5.4 (2014-10-14) ========================== - fixed GH #326: compile Net lib 1.5.2 without UTF8 support enabled - fixed GH #518: NetworkInterface.cpp compile error w/ POCO_NO_WSTRING (1.5.3) - Fixed MSVC 2010 warnings on large alignment - make HTTPAuthenticationParams::parse() add value on end of string - fixed GH #482: Poco::JSON::Stringifier::stringify bad behaviour - fixed GH #508: Can't compile for arm64 architecture - fixed GH #510: Incorrect RSAKey construction from istream - fix SharedMemory for WinCE/WEC2013 - Add NIOS2 double conversion detection, fixes compile errors - added VS2013 project/solution files for Windows Embedded Compact 2013 - added Process::isRunning() - NetSSL: Fix typo in documentation - NetSSL_OpenSSL: support for TLS 1.1 and 1.2 - Zip: Added CM_AUTO, which automatically selects CM_STORE or CM_DEFLATE based on file extension. Used to avoid double-compression of already compressed file formats such as images. - added %L modifier to PatternFormatter to switch to local time - removed unnecessary explicit in some multi-arg constructors - Allow SecureStreamSocket::attach() to be used in server connections - added Var::isBoolean() and fixed JSON stringifier - added poco_unexpected() macro invoking Bugcheck::unexpected() to deal with unexpected exceptions in destructors - fixed GH #538 prevent destructors from throwing exceptions - improved HTTP server handling of errors while reading header - fixed GH #545: use short for sign - upgraded SQLite to 3.8.6 - fixed GH #550 WebSocket fragmented message problem - improved HTTPClientSession handling of network errors while sending the request - updated bundled PCRE to 8.35.0 - fixed GH #552: FIFOBuffer drain() problem - fixed GH #402: StreamSocket::receiveBytes(FIFOBuffer&) and sendBytes(FIFOBuffer&) are not thread safe - HTTPCookie: fix documentation for max age - added Timestamp::raw() and Clock::raw() - Poco::Buffer properly handles zero-sized buffers - GH #512: Poco:Data:ODBC:Binder.h causes a crash - Added Crypto_Win and NetSSL_Win libraries which are re-implementations of existing Crypto and NetSSL_OpenSSL libraries based on WinCrypt/Schannel. The new libraries can be used as an almost drop-in replacement for the OpenSSL based libraries on Windows and Windows Embedded Compact platforms. Only available from GitHub for now. Release 1.5.3 (2014-06-30) ========================== - fixed GH# 316: Poco::DateTimeFormatter::append() gives wrong result for Poco::LocalDateTime - Poco::Data::MySQL: added SQLite thread cleanup handler - Poco::Net::X509Certificate: improved and fixed domain name verification for wildcard domains - added Poco::Clock class, which uses a system-provided monotonic clock (if available) and is thus not affected by system realtime clock changes. Monotonic Clock is available on Windows, Linux, OS X and on POSIX platforms supporting clock_gettime() and CLOCK_MONOTONIC. - Poco::Timer, Poco::Stopwatch, Poco::TimedNotificationQueue and Poco::Util::Timer have been changed to use Poco::Clock instead of Poco::Timestamp and are now unaffected by system realtime clock changes. - fixed GH# 350: Memory leak in Data/ODBC with BLOB - Correctly set MySQL time_type for Poco::Data::Date. - fixed GH #352: Removed redundant #includes and fixed spelling mistakes. - fixed setting of MYSQL_BIND is_unsigned value. - fixed GH #360: CMakeLists foundation: add Clock.cpp in the list of source files - Add extern "C" around <net/if.h> on HPUX platform. - added runtests.sh - fixed CPPUNIT_IGNORE parsing - fixed Glob from start path, for platforms not alowing transverse from root (Android) - added NTPClient (Rangel Reale) - added PowerShell build script - added SmartOS build support - fix warnings in headers - XMLWriter: removed unnecessary apostrophe escaping (&apos) - MongoDB: use Int32 for messageLength - fixed GH #380: SecureSocket+DialogSocket crashes with SIGSEGV when timeout occours - Improve RSADigestEngine, using Poco::Crypto::DigestEngine to calculate hash before signing - added Poco::PBKDF2Engine - Fixed GH #380: SecureSocket+DialogSocket crashes with SIGSEGV when timeout occours - added support for a 'Priority' attribute on cookies. - GH #386: fixed bug in MailMessage without content-transfer-encoding header - GH #384: ew hash algorithms support for RSADigestEngine - fixed Clock overflow bug on Windows - Poco::ByteOrder now uses intrinsics, if available - CMake: added /bigobj option for msvc - Fix typo to restore Net/TestSuite_x64_vs120 build - correct path for CONFIGURE_FILE in CMakeLists.txt - Building Poco 1.5.2 for Synology RS812+ (Intel Atom) (honor POCO_NO_INOTIFY) - added WEC2013 support to buildwin.cmd and buildwin.ps1 - HTMLForm: in URL encoding, percent-encode more characters - Fixed #include <linux/if.h> conflict with other libraries - Poco::Net::X509Certificate::verify() no longer uses DNS reverse lookups to validate host names - cert hostname validation is case insensitive and stricter for wildcard certificates - TCPServer: do not reduce the capacity of the default ThreadPool - added POCO_LOG_DEBUG flag - Zip: fixed a crash caused by an I/O error - added runtest script for windows - added SQlite Full Text Search support - added Thread::trySleep() and Thread::wakeUp() - fixed GH #410: Bug in JSON::Object.stringify() in 1.5.2 - fixed GH #362: Defect in Var::parseString when there is no space between value and newline - fixed GH #314: JSON parsing bug - added GH #313: MetaColumn additions for Data::ODBC and Data::SQLite - fixed GH #346: Make Poco::Data::Date and Poco::Data::Time compare functions const. - fixed GH #341: Compiling poco-1.5.2 for Cygwin - fixed GH #305: There are bugs in Buffer.h - fixed GH #321: trivial build fixes (BB QNX build) - fixed GH #440: MongoDB ObjectId string formatting - added SevenZip library (Guenter Obiltschnig) - fixed GH #442: Use correct prefix length field of Windows IP_ADAPTER_PREFIX structure - improved GH #328: NetworkInterface on Windows XP - fixed GH #154 Add support for MYSQL_TYPE_NEWDECIMAL to Poco::Data::MySQL - fixed GH #290: Unicode support - fixed GH #318: Logger local time doesn't automatically account for DST - fixed GH #363: DateTimeParser tryParse/parse - added HTMLForm Content-Length calculation (Rangel Reale) - Make TemporaryFile append a slash to tempDir - fixed GH #319 android build with cmake - added hasDelegates() method to AbstractEvent - fixed GH #230: Poco::Timer problem - fixed GH #317: Poco::Zip does not support newer Zip file versions. - fixed GH #176: Poco::JSON::Stringifier UTF encoding - fixed GH #458: Broadcast address and subnet mask for IEEE802.11 network interface - fixed GH #456: poco: library install dirs per RUNTIME/LIBRARY/ARCHIVE Release 1.5.2 (2013-09-16) ========================== - added MongoDB library - fixed GH #57: poco-1.5.1: Doesn't compile for Android - added VoidEvent (Arturo Castro) - fixed GH #80: NumberFormatter::append broken - fixed GH #93: ParallelSocketAcceptor virtual functions - optional small object optimization for IPAddress, SocketAddress, Any and Dynamic::Var - SQLite events (insert, update, delete, commit, rollback) handlers - merged GH #91: Improve SQLite multi-threaded use (Rangel Reale) - merged GH #86: Invalid pointers to vector internals (Adrian Imboden) - automatic library initialization macros - fixed GH #110: WebSocket accept() fails when Connection header contains multiple tokens - fixed GH #71: WebSocket and broken Timeouts (POCO_BROKEN_TIMEOUTS) - fixed a warning in Poco/Crypto/OpenSSLInitializer.h - fixed GH #109: Bug in Poco::Net::SMTPClientSession::loginUsingPlain - added clang libc++ build configurations for Darwin and iPhone (Andrea Bigagli) - fixed GH #116: Wrong timezone parsing in DateTimeParse (Matej Knopp) - fixed GH #118: JSON::Object::stringify endless loop - added Recursive and SortedDirectoryIterator (Marian Krivos) - added ListMap (map-like container with preserving insertion order) - MailMessage: attachments saving support and consistent read/write - fixed GH #124: Possible buffer overrun in Foundation/EventLogChannel - fixed GH #119: JSON::Object holds values in ordered map - added JSON::PrintHandler - renamed JSON::DefaultHandler to ParseHandler (breaking change!) - fixed GH #127: Eliminate -Wshadow warnings - fixed GH #79: Poco::Thread leak on Linux - fixed GH #61: static_md build configs for Crypto and NetSSL - fixed GH #130: prefer sysconf over sysctlbyname - fixed GH #131: no timezone global var on OpenBSD - fixed GH #102: Some subprojects don't have x64 solutions for VS 2010 - added GH #75: Poco::Uri addQueryParameter method - Poco::Environment::osDisplayName() now recognizes Windows 8/Server 2012 - fixed GH #140: Poco::Runnable threading cleanup issue - simplified default TCP/HTTPServer construction - fixed GH #141: Application::run() documentation/implementation discrepancy - changed RowFormatter to SharedPtr<RowFormatter> in Data::RecordSet interface (breaking change!) - fixed GH #144: Poco::Dynamic emits invalid JSON - removed naked pointers from Data interfaces - fixed GH #82: name conflict in Data::Keywords::bind - fixed GH #157: MySQL: cannot bind to 'long' data type on Windows/Visual C++ - fixed GH #158: MySQL: MYSQL_BIND 'is_unsigned' member is not set - fixed GH #160: MultipartReader ignores first part, if preamble is missing - fixed GH #156: Possible buffer overrun in Foundation/EventLogChannel - XML: fixed an issue with parsing a memory buffer > 2 GB - upgraded to expat 2.1.0 - Data/ODBC: added support for setting query timeout (via setProperty of "queryTimeout"). Timeout is int, given in seconds. - fixed a potential endless loop in SecureStreamSocketImpl::sendBytes() and also removed unnecessary code. - fixed GH #159: Crash in openssl CRYPTO_thread_id() after library libPocoCrypto.so has been unloaded. - fixed GH #155: MailOutputStream mangles consecutive newline sequences - fixed GH #139: FileChannel::PROP_FLUSH is invalid (contains a tab character) - fixed GH #173: HTTPClientSession::proxyConnect forces DNS lookup of host names - fixed GH #194: MessageNotification constructor is inefficient. - fixed GH #189: Poco::NumberParser::tryParse() documentation bug - fixed GH #172: IPv6 Host field is stripped of Brackets in HTTPClientSession - fixed GH #188: Net: SocketAddress operator < unusable for std::map key - fixed GH #128: DOMWriter incorrectly adds SYSTEM keyword to DTD if PUBLIC is already specified - fixed GH #65: Poco::format() misorders sign and padding specifiers - upgraded bundled SQLite to 3.7.17 - replaced JSON parser with Poco::Web::JSON parser (from sandbox) - added JSON conversion to Dynamic Struct and Array - added VarIterator - modified behavior of empty Var (empty == empty) - added Alignment.h header for C++03 alignment needs - added Data/WebNotifier (DB, WebSocket) example - fixed GH #209: Poco::NumberFormatter double length - fixed GH #204: Upgrade zlib to 1.2.8 - fixed GH #198: The "application.configDir" property is not always created. - fixed GH #185: Poco::NumberFormatter::format(double value, int precision) ignore precision == 0 - fixed GH #138: FreeBSD JSON tests fail - fixed GH #99: JSON::Query an JSON::Object - limited allowed types for JSON::Query to Object, Array, Object::Ptr, Array::Ptr and empty - fixed GH #175: HTMLForm does not read URL parameters on POST or PUT - added GH #187: MySQL: allow access to the underlying connection handle - added GH #186: MySQL: support for MYSQL_SECURE_AUTH - fixed GH #174: MySQL: 4GB allocated when reading any largetext or largeblob field - fixed a potential memory leak in Poco::Net::HTTPClientSession if it is misused (e.g., sendRequest() is sent two times in a row without an intermediate call to receiveResponse(), or by calling receiveResponse() two times in a row without an intermediate call to sendRequest()) - GH #217 - removed a few unnecessary protected accessor methods from Poco::Net::HTTPClientSession that would provide inappropriate access to internal state - merged GH #210: Don't call CloseHandle() twice on Windows; Ability to select the threadpool that will be used to start an Activity(Patrice Tarabbia) - fixed GH #212: JSONConfiguration was missing from the vs90 project(Patrice Tarabbia) - fixed GH #220: add qualifiers for FPEnvironment in C99 (Lucas Clemente) - fixed GH #222: HTTPCookie doesn't support expiry times in the past (Karl Reid) - fixed GH #224: building 1.5.1 on Windows for x64 - fixed GH# 233: ServerSocket::bind6(Poco::UInt16 port, bool reuseAddress, bool ipV6Only) does not work - fixed GH# 231: Compatibility issue with Poco::Net::NetworkInterface - fixed GH# 236: Bug in RecursiveDirectoryIterator - added ColorConsoleChannel and WindowsColorConsoleChannel classes supporting colorizing log messages - fixed GH# 259: Poco::EventLogChannel fails to find 64bit Poco Foundation dll - fixed GH# 254: UTF8::icompare unexpected behavior - Poco::UUID::tryParse() also accepts UUIDs without hyphens. Also updated documentation (links to specifications). - added GH# 268: Method to get JSON object value using Poco::Nullable - fixed GH# 267: JSON 'find' not returning empty result if object is expected but another value is found - Added support for ARM64 architecture and iPhone 5s 64-bit builds (POCO_TARGET_OSARCH=arm64). Release 1.5.1 (2013-01-11) ========================== - using double-conversion library for floating-point numeric/string conversions - added Poco::istring (case-insensitive string) and Poco::isubstr - added SQLite sys.dual (in-memory system table) - applied SF Patch #120: The ExpireLRUCache does not compile with a tuple as key on Visual Studio 2010 - fixed SF Bug #599: JSON::Array and JSON::Object size() member can implicitly lose precision - fixed SF Bug #602: iterating database table rows not correct if no data in table - fixed SF Bug #603: count() is missing in HashMap - fixed GH #23: JSON::Object::stringify throw BadCastException - fixed GH #16: NetworkInterface::firstAddress() should not throw on unconfigured interfaces - Android compile/build support (by Rangel Reale) - TypeHandler::prepare() now takes const-reference - fixed GH #27: Poco::URI::decode() doesn't properly handle '+' - fixed GH #31: JSON implementation bug - fixed SF #597: Configure script ignores cflags - fixed SF #593: Poco 1.5.0 on FreeBSD: cannot find -ldl - added SF #542: SocketAddress() needs port-only constructor - fixed SF #215: Wrong return type in SocketConnector.h - applied SF Patch #97: fix c++0x / clang++ bugs - fixed GH32/SF596: Poco::JSON: Parsing long integer (int64) value fails. - added Net ifconfig sample (contributed by Philip Prindeville) - merged GH #34: add algorithm header (Roger Meier/Philip Prindeville) - fixed GH #26: Cannot compile on gcc - merged SF #111: FTP Client logging (Marian Krivos) - fixed GH #30: Poco::Path::home() throws when called from Windows Service - fixed GH #22: MySQL connection string lowercased - added MySQL support for Date/Time - upgraded SQLite to version 3.7.15.1 (2012-12-19) - improved SQLite execute() return (affected rows) value and added tests - added SQLite::Utility::isThreadSafe() function - added SQLite::Utility::setThreadMode(int mode) function - fixed GH #36: 'distclean' requires 3 traversals of project tree - fixed GH #41: Buffer::resize crash - fixed GH #42: Linux unbundled builds don't link - fixed GH #44: Problems with win x64 build - fixed GH #46: 1.5.1 build fails on OS X when using libc++ - fixed GH #48: Need getArgs() accessor to Util::Application to retrieve start-up arguments - fixed GH #49: NetworkInterface::list doesn't return MAC addresses - fixed GH #51: Android should use isfinite, isinf, isnan and signbit from the std namespace - fixed GH #53: JSON unicode fixes and running tests on invalid unicode JSON - added ParallelAcceptor and ParallelReactor classes - added EOF and error to FIFOBuffer Release 1.5.0 (2012-10-14) ========================== - added JSON library - added Util::JSONConfiguration - added FIFOBuffer and FIFOBufferStream - fixed SF# 3522906: Unregistering handlers from SocketReactor - fixed SF# 3522084: AbstractConfiguration does not support 64-bit integers - HTTPServer::stopAll(): close the socket instead of just shutting it down, as the latter won't wake up a select() on Windows - added SMTPLogger - added cmake support - fixed SF#3538778: NetworkInterface enumeration uses deprecated API - fixed SF#3538779: IPAddress lacks useful constructors: from prefix mask, native SOCKADDR - fixed SF#3538780: SocketAddress needs operator < function - fixed SF#3538775: Issues building on Fedora/Centos, etc. for AMD64 - fixed SF#3538786: Use size_t for describing data-blocks in DigestEngine - added IPAddress bitwise operators (&,|,^,~) - added IPAddress BinaryReader/Writer << and >> operators - modified IPAddress to force IPv6 to lowercase (RFC 5952) - fixed SF#3538785: SMTPClientSession::sendMessage() should take recipient list - added IPAddress::prefixLength() - UTF portability improvements - fixed SF#3556186: Linux shouldn't use <net/if.h> in Net/SocketDefs.h - added IPAddress RFC 4291 compatible site-local prefix support - fixed SF#3012166: IPv6 patch - added SF#3558085: Add formatter to MACAddress object - fixed SF#3552774: Don't hide default target in subordinate makefile - fixed SF#3534307: Building IPv6 for Linux by default - fixed SF#3516844: poco missing symbols with external >=lipcre-8.13 - added SF#3544720: AbstractConfigurator to support 64bit values - fixed SF#3522081: WinRegistryConfiguration unable to read REG_QWORD values - fixed SF#3563626: For Win32 set Up/Running flags on NetworkInterface - fixed SF#3560807: Deprecate setPeerAddress() as this is now done in getifaddrs - fixed SF#3560776: Fix byte-ordering issues with INADDR_* literals - fixed SF#3563627: Set IP address on multicast socket from socket family - fixed SF#3563999: Size BinaryWriter based on buffer's capacity(), not size() - fixed SF#102 Fix building Poco on Debian GNU/kFreeBSD - fixed SF#321 Binding DatTime or Timestamp - fixed SF#307 Detect the SQL driver type at run time - added VS 2012 Projects/Solutions - enhanced and accelerated numeric parsing for integers and floats - fixed SF#590 Segfault on FreeBSD when stack size not rounded - added warn function and warnmsg macro in CppUnit - fixed SF# 3558012 Compilation fails when building with -ansi or -std=c++0x - fixed SF# 3563517 Get rid of loss-of-precision warnings on x64 MacOS - fixed SF#3562244: Portability fix for AF_LINK - fixed SF #3562400: DatagramSocketImpl comment is incorrect Release 1.4.7p1 (2014-11-25) ============================ - Fixed Visual C++ 2010-2013 project files. Release builds now have optimization enabled. - Poco::URI: added constructor to create URI from Path. - fixed GH #618: OS X 10.10 defines PAGE_SIZE macro, conflicts with PAGE_SIZE in Thread_POSIX.cpp - Poco::Net::HTTPClientSession: added support for global proxy configuration - fixed GH #331: Poco::Zip does not support files with .. in the name. - fixed a memory leak in Poco::Net::Context constructor when it fails to load the certificate or private key files. - upgraded bundled SQLite to 3.8.7.2 - fixed GH #229: added missing value() function - fixed GH #69: MySQL empty text/blob Release 1.4.7 (2014-10-06) ========================== - fixed GH #398: PropertyFileConfiguration: input != output - fixed GH #368: Build failure of Poco 1.4.6p2 on FreeBSD 9.2 - fixed GH #318: Logger local time doesn't automatically account for DST - fixed GH #317: Poco::Zip does not support newer Zip file versions. - fixed GH #454: Fix: handle unhandled exceptions - fixed GH #463: XML does not compile with XML_UNICODE_WCHAR_T - fixed GH #282: Using Thread in a global can cause crash on Windows - fixed GH #424: Poco::Timer deadlock - fixed GH #465: Fix result enum type XML_Error -> XML_Status - fixed GH #510: Incorrect RSAKey construction from istream - fixed GH #332: POCO::ConsoleChannnel::initColors() assigns no color to PRIO_TRACE and wrong color to PRIO_FATAL - fixed GH #550: WebSocket fragmented message problem - Poco::Data::MySQL: added SQLite thread cleanup handler - Poco::Net::X509Certificate: improved and fixed domain name verification for wildcard domains - fixed a crash in Foundation testsuite with Visual C++ 2012 - improved and fixed domain name verification for wildcard domains in Poco::Net::X509Certificate - updated TwitterClient sample to use new 1.1 API and OAuth - added Poco::Clock class, which uses a system-provided monotonic clock (if available) and is thus not affected by system realtime clock changes. Monotonic Clock is available on Windows, Linux, OS X and on POSIX platforms supporting clock_gettime() and CLOCK_MONOTONIC. - Poco::Timer, Poco::Stopwatch, Poco::TimedNotificationQueue and Poco::Util::Timer have been changed to use Poco::Clock instead of Poco::Timestamp and are now unaffected by system realtime clock changes. - added Poco::PBKDF2Engine class template - Poco::Net::HTTPCookie: added support for Priority attribute (backport from develop) - fixed makedepend.* scripts to work in paths containing '.o*' (contributed by Per-Erik Bjorkstad, Hakan Bengtsen) - Upgraded bundled SQLite to 3.8.6 - Support for Windows Embedded Compact 2013 (Visual Studio 2012) - Project and solution files for Visual Studio 2013 - Changes for C++11 compatibility. - fixed an issue with receiving empty web socket frames (such as ping) - improved error handling in secure socket classes - Poco::ByteOrder now uses intrinsics if available - added new text encoding classes: Latin2Encoding, Windows1250Encoding, Windows1251Encoding - Zip: Added CM_AUTO, which automatically selects CM_STORE or CM_DEFLATE based on file extension. Used to avoid double-compression of already compressed file formats such as images. Release 1.4.6p4 (2014-04-18) ============================ - no longer use reverse DNS lookups for cert hostname validation - cert hostname validation is case insensitive and more strict - HTMLForm: in URL encoding, percent-encode more special characters - fixed thread priority issues on POSIX platforms with non-standard scheduling policy - XMLWriter no longer escapes apostrophe character - fixed GH #316: Poco::DateTimeFormatter::append() gives wrong result for Poco::LocalDateTime - fixed GH #305 (memcpy in Poco::Buffer uses wrong size if type != char) - Zip: fixed a crash caused by an I/O error (e.g., full disk) while creating a Zip archive Release 1.4.6p3 (2014-04-02) ============================ - Fixed a potential security vulnerability in client-side X509 certificate verification. Release 1.4.6p2 (2013-09-16) ============================ - fixed GH #156: Possible buffer overrun in Foundation/EventLogChannel - XML: fixed an issue with parsing a memory buffer > 2 GB - upgraded to expat 2.1.0 - Data/ODBC: added support for setting query timeout (via setProperty of "queryTimeout"). Timeout is int, given in seconds. - fixed a potential endless loop in SecureStreamSocketImpl::sendBytes() and also removed unnecessary code. - fixed GH #159: Crash in openssl CRYPTO_thread_id() after library libPocoCrypto.so has been unloaded. - fixed GH #155: MailOutputStream mangles consecutive newline sequences - fixed GH# 139: FileChannel::PROP_FLUSH is invalid (contains a tab character) - fixed GH# 173: HTTPClientSession::proxyConnect forces DNS lookup of host names - fixed GH# 194: MessageNotification constructor is inefficient. - fixed GH# 189: Poco::NumberParser::tryParse() documentation bug - fixed GH# 172: IPv6 Host field is stripped of Brackets in HTTPClientSession - fixed GH# 188: Net: SocketAddress operator < unusable for std::map key - fixed GH# 128: DOMWriter incorrectly adds SYSTEM keyword to DTD if PUBLIC is already specified - fixed GH# 65: Poco::format() misorders sign and padding specifiers - upgraded bundled SQLite to 3.7.17 - upgraded bundled zlib to 1.2.8 - fixed a potential memory leak in Poco::Net::HTTPClientSession if it is misused (e.g., sendRequest() is sent two times in a row without an intermediate call to receiveResponse(), or by calling receiveResponse() two times in a row without an intermediate call to sendRequest()) - GH #217 - removed a few unnecessary protected accessor methods from Poco::Net::HTTPClientSession that would provide inappropriate access to internal state - fixed GH# 223 (Poco::Net::HTTPCookie does not support expiry times in the past) - fixed GH# 233: ServerSocket::bind6(Poco::UInt16 port, bool reuseAddress, bool ipV6Only) does not work - added ColorConsoleChannel and WindowsColorConsoleChannel classes supporting colorizing log messages - fixed GH# 259: Poco::EventLogChannel fails to find 64bit Poco Foundation dll - fixed GH# 254: UTF8::icompare unexpected behavior - Poco::UUID::tryParse() also accepts UUIDs without hyphens. Also updated documentation (links to specifications). - Added support for ARM64 architecture and iPhone 5s 64-bit builds (POCO_TARGET_OSARCH=arm64). Release 1.4.6p1 (2013-03-06) ============================ - fixed GH# 71: WebSocket and broken Timeouts (POCO_BROKEN_TIMEOUTS) - fixed an ambiguity error with VC++ 2010 in Data/MySQL testsuite - Poco::Net::NetworkInterface now provides the interface index even for IPv4 - added DNS::reload() as a wrapper for res_init(). - On Linux, Poco::Environment::nodeId() first always tries to obtain the MAC address of eth0, before looking for other interfaces. - Poco::Net::HTTPSession now always resets the buffer in connect() to clear any leftover data from a (failed) previous session - fixed copysign namespace issue in FPEnvironment_DUMMY.h - fixed a warning in Poco/Crypto/OpenSSLInitializer.h - added a build configuration for BeagleBoard/Angstrom - fixed GH# 109: Bug in Poco::Net::SMTPClientSession::loginUsingPlain) - fixed compile errors with clang -std=c++11 - fixed GH# 116: Wrong timezone parsing in DateTimeParse (fix by Matej Knopp) - updated bundled SQLite to 3.7.15.2 Release 1.4.6 (2013-01-10) ========================== - changed FPEnvironment_DUMMY.h to include <cmath> instead of <math.h> - updated bundled SQLite to 3.7.15.1 - fixed GH# 30: Poco::Path::home() throws - fixed SF Patch# 120 The ExpireLRUCache does not compile with a tuple as key on VS2010 - fixed SF# 603 count() is missing in HashMap - Crypto and NetSSL_OpenSSL project files now use OpenSSL *MD.lib library files for static_md builds. Previously, the DLL import libs were used. - Poco::Environment::osDisplayName() now recognizes Windows 8/Server 2012 Release 1.4.5 (2012-11-19) ========================== - added Visual Studio 2012 project files - buildwin.cmd now support building with msbuild for VS2010 and 2012. - added Poco::Optional class - fixed SF# 3558012 Compilation fails when building with -ansi or -std=c++0x - fixed SF# 3563517 Get rid of loss-of-precision warnings on x64 MacOS - fixed SF# 3562244: Portability fix for AF_LINK - fixed SF# 3562400: DatagramSocketImpl comment - fixed SF# 594: Websocket fails with small masked payloads - fixed SF# 588: Missing POCO_ARCH and POCO_ARCH_LITTLE_ENDIAN define for WinCE on SH4 - fixed SF# 581: Out-of-bound array access in Unicode::properties() function. - fixed SF# 590: Segfault on FreeBSD when stack size not rounded - fixed SF# 586: Poco::DateTimeParser and ISO8601 issues when seconds fraction has more than 6 digits - Poco::Net::HTTPSSessionInstantiator::registerInstantiator() now optionally accepts a Poco::Net::Context object. - added Poco::XML::XMLWriter::depth() member function. - added Poco::XML::XMLWriter::uniquePrefix() and Poco::XML::XMLWriter::isNamespaceMapped(). - Poco::FileChannel now supports a new rotateOnOpen property (true/false) which can be used to force rotation of the log file when it's opened. - fixed a bug in Poco::XML::XMLWriter::emptyElement(): need to pop namespace context - OS X builds now use Clang as default compiler - Updated SQLite to 3.7.14.1 - POCO_SERVER_MAIN macro now has a try ... catch block for Poco::Exception and writes the displayText to stderr. - Poco/Platform.h now defines POCO_LOCAL_STATIC_INIT_IS_THREADSAFE macro if the compiler generates thread-safe static local initialization code. Release 1.4.4 (2012-09-03) ========================== - ZipStream now builds correctly in unbundled build. - added proxy digest authentication support to Net library - integrated MySQL BLOB fixes from Franky Braem. - use standard OpenSSL import libraries (libeay32.lib, ssleay32.lib) for Crypto and NetSSL_OpenSSL Visual Studio project files. - fixed a potential buffer corruption issue in Poco::Net::SecureStreamSocket if lazy handshake is enabled and the first attempt to complete the handshake fails - Poco::DateTimeParser::tryParse() without format specifier now correctly parses ISO8601 date/times with fractional seconds. - Poco::Process::launch() now has additional overloads allowing to specify an initial directory and/or environment. - Poco::Net::FTPClientSession: timeout was not applied to data connection, only to control connection. - Fixed potential IPv6 issue with socket constructors if IPv6 SocketAddress is given (contributed by ??????? ????????? <milovidov@yandex-team.ru>). - Added an additional (optional) parameter to Poco::Thread::setOSPriority() allowing to specify a scheduling policy. Currently this is only used on POSIX platforms and allows specifying SCHED_OTHER (default), SCHED_FIFO or SCHED_RR, as well as other platform-specific policy values. - Added Poco::Crypto::DigestEngine class providing a Poco::DigestEngine interface to the digest algorithms provided by OpenSSL. - Fixed some potential compiler warnings in Crypto library - In some cases, when an SSL exception was unexpectedly closed, a generic Poco::IOException was thrown. This was fixed to throw a SSLConnectionUnexpectedlyClosedException instead. - Added Poco::ObjectPool class template. - Poco::Net::HTTPServer has a new stopAll() method allowing stopping/aborting of all currently active client connections. - The HTTP server framework now actively prevents sending a message body in the response to a HEAD request, or in case of a 204 No Content or 304 Not Modified response status. - fixed a DOM parser performance bug (patch by Peter Klotz) - fixed SF# 3559325: Util Windows broken in non-Unicode - updated iOS build configuration to use xcode-select for finding toolchain - Poco::Net::SecureSocketImpl::shutdown() now also shuts down the underlying socket. - fixed SF# 3552597: Crypto des-ecb error - fixed SF# 3550553: SecureSocketImpl::connect hangs - fixed SF# 3543047: Poco::Timer bug for long startInterval/periodic interval - fixed SF# 3539695: Thread attributes should be destroyed using the pthread_attr_destroy() - fixed SF# 3532311: Not able to set socket option on ServerSocket before bind Added Poco::Net::Socket::init(int af) which can be used to explicitely initialize the underlying socket before calling bind(), connect(), etc. - fixed SF# 3521347: Typo in UnWindows.h undef - fixed SF# 3519474: WinRegistryConfiguration bug Also added tests and fixed another potential issue with an empty root path passed to the constructor. - fixed SF# 3516827: wrong return value of WinRegistryKey::exists() - fixed SF# 3515284: RSA publickey format(X.509 SubjectPublicKeyInfo) - fixed SF# 3503267: VxWorks OS prio is not set in standard constructor - fixed SF# 3500438: HTTPResponse failure when reason is empty - fixed SF# 3495656: numberformater, numberparser error in mingw - fixed SF# 3496493: Reference counting broken in TaskManager postNotification - fixed SF# 3483174: LogFile flushing behavior on Windows Flushing is now configurable for FileChannel and SimpleFileChannel using the "flush" property (true or false). - fixed SF# 3479561: Subsequent IPs on a NIC is not enumerated - fixed SF# 3478665: Permission checks in Poco::File not correct for root - fixed SF# 3475050: Threading bug in initializeNetwork() on Windows - fixed SF# 3552680: websocket small frames bug and proposed fix - fixed a WebSocket interop issue with Firefox - added Poco::Net::MessageHeader::hasToken() - Poco::AtomicCounter now uses GCC 4.3 builtin atomics on more platforms - fixed SF# 3555938: NetSSL: socket closed twice - socket exceptions now include OS error code - fixed SF# 3556975: Need to fix Shared Memory for memory map - Poco::Net::SecureSocketImpl::close() now catches exceptions thrown by its call to shutdown(). - fixed SF# 3535990: POCO_HAVE_IPv6 without POCO_WIN32_UTF8 conflict - fixed SF# 3559665: Poco::InflatingInputStream may not always inflate completely - added Poco::DirectoryWatcher class - fixed SF# 3561464: Poco::File::isDevice() can throw due to sharing violation - Poco::Zip::Compress::addRecursive() has a second variant that allows to specify the compression method. - Upgraded internal SQLite to 3.7.14 Release 1.4.3p1 (2012-01-23) ============================ - fixed SF# 3476926: RegDeleteKeyEx not available on Windows XP 32-bit Release 1.4.3 (2012-01-16) ========================== - fixed a compilation error with Data/MySQL on QNX. - fixed Util project files for WinCE (removed sources not compileable on CE) - removed MD2 license text from Ackowledgements document - fixed iPhone build config for Xcode 4.2 (compiler name changed to llvm-g++) - Poco::Util::XMLConfiguration: delimiter char (default '.') is now configurable. This allows for working with XML documents having element names with '.' in them. - Poco::Util::OptionProcessor: Required option arguments can now be specified as separate command line arguments, as in "--option value" in addition to the "--option=value" format. - Poco::Util::HelpFormatter: improved option help formatting if indentation has been set explicitely. - added Mail sample to NetSSL_OpenSSL, showing use of Poco::Net::SecureSMTPClientSession. - added additional read() overloads to Poco::Net::HTMLForm. - fixed SF# 3440769: Poco::Net::HTTPResponse doesn't like Amazon EC2 cookies. - added support for requiring TLSv1 to Poco::Net::Context. - added an additional constructor to Poco::Net::HTTPBasicCredentials, allowing the object to be created from a string containing a base64-encoded, colon-separated username and password. - Poco::Zip::ZipStreamBuf: fixed a crash if CM_STORE was used. - Added setContentLength64() and getContentLength64() to Poco::Net::HTTPMessage. - added Poco::Environment::osDisplayName(). - fixed SF# 3463096: WinService leaves dangling handles (open() now does not reopen the service handle if it's already open) - fixed SF# 3426537: WinRegistryConfiguration can't read virtualized keys - added Poco::Buffer::resize() - fixed SF# 3441822: thread safety issue in HTTPClientSession: always use getaddrinfo() instead of gethostbyname() on all platforms supporting it - added version resource to POCO DLLs - fixed SF# 3440599: Dir Path in Quotes in PATH cause PathTest::testFind to fail. - fixed SF# 3406030: Glob::collect problem - added Poco::Util::AbstractConfiguration::enableEvents() - Poco::AtomicCounter now uses GCC builtins with GCC 4.1 or newer (contributed by Alexey Milovidov) - made Poco::Logger::formatDump() public as it may be useful for others as well (SF# 3453446) - Poco::Net::DialogSocket now has a proper copy constructor (SF# 3414602) - Poco::Net::MessageHeader and Poco::Net::HTMLForm now limit the maximum number of fields parsed from a message to prevent certain kinds of denial-of-service attacks. The field limit can be changed with the new method setFieldLimit(). The default limit is 100. - Poco::NumberFormatter, Poco::NumberParser and Poco::format() now always use the classic ("C") locale to format and parse floating-point numbers. - added Poco::StreamCopier::copyStream64(), Poco::StreamCopier::copyStreamUnbuffered64() and Poco::StreamCopier::copyToString64(). These functions use a 64-bit integer to count the number of bytes copied. - upgraded internal zlib to 1.2.5 - upgraded internal sqlite to 3.7.9 - XML: integrated bugfix for Expat bug# 2958794 (memory leak in poolGrow) - Added support for HTTP Digest authentication (based on a contribution by Anton V. Yabchinskiy (arn at bestmx dot ru)). For information on how to use this, see the Poco::Net::HTTPCredentials, Poco::Net::HTTPDigestCredentials and Poco::Net::HTTPAuthenticationParams classes. - Poco::Net::HTTPStreamFactory and Poco::Net::HTTPSStreamFactory now support Basic and Digest authentication. Username and password must be provided in the URI. - added Poco::Net::WebSocket, supporting the WebSocket protocol as described in RFC 6455 - NetSSL_OpenSSL: added client-side support for Server Name Indication. Poco::Net::SecureSocketImpl::connectSSL() now calls SSL_set_tlsext_host_name() if its available (OpenSSL 9.8.6f and later). - added Poco::Net::HTTPClientSession::proxyConnect() (factored out from Poco::Net::HTTPSClientSession::connect()) - added Poco::Process::kill(const Poco::ProcessHandle&) which is preferable to kill(pid) on Windows, as process IDs on Windows may be reused. - fixed SF# 3471463: Compiler warnings with -Wformat - Poco::Util::Application::run() now catches and logs exceptions thrown in initialize() - Fixed a WinCE-specific bug in Poco::Util::ServerApplication where uninitialize() would be called twice. - fixed SF# 3471957: WinRegistryKey::deleteKey() unable to delete alt views - Added additional constructor to Poco::ScopedLock and Poco::ScopedLockWithUnlock accepting a timeout as second argument. - Added Poco::Logger::parseLevel() - Poco::format(): an argument that does not match the format specifier no longer results in a BadCastException. The string [ERRFMT] is written to the result string instead. - PageCompiler: added createSession page attribute.

19.6.1 ------ * Restore compatibility for PyPy 3 compatibility lost in 19.4.1 addressing Issue #487. * ``setuptools.launch`` shim now loads scripts in a new namespace, avoiding getting relative imports from the setuptools package on Python 2. 19.6 ---- * Added a new entry script ``setuptools.launch``, implementing the shim found in ``pip.util.setuptools_build``. Use this command to launch distutils-only packages under setuptools in the same way that pip does, causing the setuptools monkeypatching of distutils to be invoked prior to invoking a script. Useful for debugging or otherwise installing a distutils-only package under setuptools when pip isn't available or otherwise does not expose the desired functionality. For example:: $ python -m setuptools.launch setup.py develop * Issue #488: Fix dual manifestation of Extension class in extension packages installed as dependencies when Cython is present. 19.5 ---- * Issue #486: Correct TypeError when getfilesystemencoding returns None. * Issue #139: Clarified the license as MIT. * Pull Request #169: Removed special handling of command spec in scripts for Jython. 19.4.1 ------ * Issue #487: Use direct invocation of ``importlib.machinery`` in ``pkg_resources`` to avoid missing detection on relevant platforms.

@savraj

NEWS: Version 2.5.3 ------------- - Updated zoneinfo to 2016d - Fixed parser bug where unambiguous datetimes fail to parse when dayfirst is set to true. (gh issue #233, pr #234) - Bug in zoneinfo file on platforms such as Google App Engine which do not do not allow importing of subprocess.check_call was reported and fixed by @savraj (gh issue #239, gh pr #240) - Fixed incorrect version in documentation (gh issue #235, pr #243) Version 2.5.2 ------------- - Updated zoneinfo to 2016c - Fixed parser bug where yearfirst and dayfirst parameters were not being respected when no separator was present. (gh issue #81 and #217, pr #229) Version 2.5.1 ------------- - Updated zoneinfo to 2016b - Changed MANIFEST.in to explicitly include test suite in source distributions, with help from @koobs (gh issue #193, pr #194, #201, #221) - Explicitly set all line-endings to LF, except for the NEWS file, on a per-repository basis (gh pr #218) - Fixed an issue with improper caching behavior in rruleset objects (gh issue #104, pr #207) - Changed to an explicit error when rrulestr strings contain a missing BYDAY (gh issue #162, pr #211) - tzfile now correctly handles files containing leapcnt (although the leapcnt information is not actually used). Contributed by @hjoukl (gh issue #146, pr #147) - Fixed recursive import issue with tz module (gh pr #204) - Added compatibility between tzwin objects and datetime.time objects (gh issue #216, gh pr #219) - Refactored monolithic test suite by module (gh issue #61, pr #200 and #206) - Improved test coverage in the relativedelta module (gh pr #215) - Adjusted documentation to reflect possibly counter-intuitive properties of RFC-5545-compliant rrules, and other documentation improvements in the rrule module (gh issue #105, gh issue #149 - pointer to the solution by @phep, pr #213). Version 2.5.0 ------------- - Updated zoneinfo to 2016a - zoneinfo_metadata file version increased to 2.0 - the updated updatezinfo.py script will work with older zoneinfo_metadata.json files, but new metadata files will not work with older updatezinfo.py versions. Additionally, we have started hosting our own mirror of the Olson databases on a github pages site (https://dateutil.github.io/tzdata/) (gh pr #183) - dateutil zoneinfo tarballs now contain the full zoneinfo_metadata file used to generate them. (gh issue #27, gh pr #85) - relativedelta can now be safely subclassed without derived objects reverting to base relativedelta objects as a result of arithmetic operations. (lp:1010199, gh issue #44, pr #49) - relativedelta 'weeks' parameter can now be set and retrieved as a property of relativedelta instances. (lp: 727525, gh issue #45, pr #49) - relativedelta now explicitly supports fractional relative weeks, days, hours, minutes and seconds. Fractional values in absolute parameters (year, day, etc) are now deprecated. (gh issue #40, pr #190) - relativedelta objects previously did not use microseconds to determine of two relativedelta objects were equal. This oversight has been corrected. Contributed by @elprans (gh pr #113) - rrule now has an xafter() method for retrieving multiple recurrences after a specified date. (gh pr #38) - str(rrule) now returns an RFC2445-compliant rrule string, contributed by @schinckel and @armicron (lp:1406305, gh issue #47, prs #50, #62 and #160) - rrule performance under certain conditions has been significantly improved thanks to a patch contributed by @dekoza, based on an article by Brian Beck (@exogen) (gh pr #136) - The use of both the 'until' and 'count' parameters is now deprecated as inconsistent with RFC2445 (gh pr #62, #185) - Parsing an empty string will now raise a ValueError, rather than returning the datetime passed to the 'default' parameter. (gh issue #78, pr #187) - tzwinlocal objects now have a meaningful repr() and str() implementation (gh issue #148, prs #184 and #186) - Added equality logic for tzwin and tzwinlocal objects. (gh issue #151, pr #180, #184) - Added some flexibility in subclassing timelex, and switched the default behavior over to using string methods rather than comparing against a fixed list. (gh pr #122, #139) - An issue causing tzstr() to crash on Python 2.x was fixed. (lp: 1331576, gh issue #51, pr #55) - An issue with string encoding causing exceptions under certain circumstances when tzname() is called was fixed. (gh issue #60, #74, pr #75) - Parser issue where calling parse() on dates with no day specified when the day of the month in the default datetime (which is "today" if unspecified) is greater than the number of days in the parsed month was fixed (this issue tended to crop up between the 29th and 31st of the month, for obvious reasons) (canonical gh issue #25, pr #30, #191) - Fixed parser issue causing fuzzy_with_tokens to raise an unexpected exception in certain circumstances. Contributed by @MichaelAquilina (gh pr #91) - Fixed parser issue where years > 100 AD were incorrectly parsed. Contributed by @Bachmann1234 (gh pr #130) - Fixed parser issue where commas were not a valid separator between seconds and microseconds, preventing parsing of ISO 8601 dates. Contributed by @RyansS (gh issue #28, pr #106) - Fixed issue with tzwin encoding in locales with non-Latin alphabets (gh issue #92, pr #98) - Fixed an issue where tzwin was not being properly imported on Windows. Contributed by @labrys. (gh pr #134) - Fixed a problem causing issues importing zoneinfo in certain circumstances. Issue and solution contributed by @alexxv (gh issue #97, pr #99) - Fixed an issue where dateutil timezones were not compatible with basic time objects. One of many, many timezone related issues contributed and tested by @labrys. (gh issue #132, pr #181) - Fixed issue where tzwinlocal had an invalid utcoffset. (gh issue #135, pr #141, #142) - Fixed issue with tzwin and tzwinlocal where DST transitions were incorrectly parsed from the registry. (gh issue #143, pr #178) - updatezinfo.py no longer suppresses certain OSErrors. Contributed by @bjamesv (gh pr #164) - An issue that arose when timezone locale changes during runtime has been fixed by @carlosxl and @mjschultz (gh issue #100, prs #107, #109) - Python 3.5 was added to the supported platforms in the metadata (@tacaswell gh pr #159) and the test suites (@moreati gh pr #117). - An issue with tox failing without unittest2 installed in Python 2.6 was fixed by @moreati (gh pr #115) - Several deprecated functions were replaced in the tests by @moreati (gh pr #116) - Improved the logic in Travis and Appveyor to alleviate issues where builds were failing due to connection issues when downloading the IANA timezone files. In addition to adding our own mirror for the files (gh pr #183), the download is now retried a number of times (with a delay) (gh pr #177) - Many failing doctests were fixed by @moreati. (gh pr #120) - Many fixes to the documentation (gh pr #103, gh pr #87 from @radarhere, gh pr #154 from @gpoesia, gh pr #156 from @awsum, gh pr #168 from @ja8zyjits) - Added a code coverage tool to the CI to help improve the library. (gh pr #182) - We now have a mailing list - dateutil@python.org, graciously hosted by Python.org. Version 2.4.2 ------------- - Updated zoneinfo to 2015b. - Fixed issue with parsing of tzstr on Python 2.7.x; tzstr will now be decoded if not a unicode type. gh #51 (lp:1331576), gh pr #55. - Fix a parser issue where AM and PM tokens were showing up in fuzzy date stamps, triggering inappropriate errors. gh #56 (lp: 1428895), gh pr #63. - Missing function "setcachesize" removed from zoneinfo __all__ list by @RyansS, fixing an issue with wildcard imports of dateutil.zoneinfo. (gh pr #66). - (PyPi only) Fix an issue with source distributions not including the test suite. Version 2.4.1 ------------- - Added explicit check for valid hours if AM/PM is specified in parser. (gh pr #22, issue #21) - Fix bug in rrule introduced in 2.4.0 where byweekday parameter was not handled properly. (gh pr #35, issue #34) - Fix error where parser allowed some invalid dates, overwriting existing hours with the last 2-digit number in the string. (gh pr #32, issue #31) - Fix and add test for Python 2.x compatibility with boolean checking of relativedelta objects. Implemented by @nimasmi (gh pr #43) and Cédric Krier (lp: 1035038) - Replaced parse() calls with explicit datetime objects in unit tests unrelated to parser. (gh pr #36) - Changed private _byxxx from sets to sorted tuples and fixed one currently unreachable bug in _construct_byset. (gh pr #54) - Additional documentation for parser (gh pr #29, #33, #41) and rrule. - Formatting fixes to documentation of rrule and README.rst. - Updated zoneinfo to 2015a.

**Released on August 26th, 2016.** * Fixed execution of test cases as an unprivileged user, at least under NetBSD 7.0. Kyua-level failures were probably a regression introduced in Kyua 0.12, but the underlying may have existed for much longer: test cases might have previously failed for mysterious reasons when running under an unprivileged user. * Issue #134: Fixed metadata test broken on 32-bit platforms. * Issue #139: Added per-test case start/end timestamps to all reports. * Issue #156: Fixed crashes due to the invalid handling of cleanup routine data and triggered by the reuse of PIDs in long-running Kyua instances. * Issue #159: Fixed TAP parser to ignore case while matching `TODO` and `SKIP` directives, and to also recognize `Skipped`. * Fixed potential crash due to a race condition in the unprogramming of timers to control test deadlines.

@jgm

--------------------------------------- cmark 0.26.1 @jgm jgm released this Jul 16, 2016 . 18 commits to master since this release * Removed unnecessary typedef that caused build failure on some platforms. * Use $(MAKE) in Makefile instead of hardcoded make (#146, Tobias Kortkamp). cmark 0.26.0 @jgm jgm released this Jul 15, 2016 . 23 commits to master since this release * Implement spec changes for list items: + Empty list items cannot interrupt paragraphs. + Ordered lists cannot interrupt paragraphs unless they start with 1. + Removed "two blank lines break out of a list" feature. * Fix sourcepos for blockquotes (#142). * Fix sourcepos for atx headers (#141). * Fix ATX headers and thematic breaks to allow tabs as well as spaces. * Fix chunk_set_cstr with suffix of current string (#139, Nick Wellnhofer). It's possible that cmark_chunk_set_cstr is called with a substring (suffix) of the current string. Delay freeing of the chunk content to handle this case correctly. * Export targets on installation (Jonathan M?ller). This allows using them in other cmake projects. * Fix cmake warning about CMP0048 (Jonathan M?ller). * commonmark renderer: Ensure we don't have a blank line before a code block when it's the first thing in a list item. * Change parsing of strong/emph in response to spec changes. process_emphasis now gets better results in corner cases. The change is this: when considering matches between an interior delimiter run (one that can open and can close) and another delimiter run, we require that the sum of the lengths of the two delimiter runs mod 3 is not 0. * Ported Robin Stocker's changes to link parsing in commonmark/commonmark-spec#101. This uses a separate stack for brackets, instead of putting them on the delimiter stack. This avoids the need for looking through the delimiter stack for the next bracket. * cmark_reference_lookup: Return NULL if reference is null string. * Fix character type detection in commonmark.c (Nick Wellnhofer). Fixes test failures on Windows and undefined behavior. + Implement cmark_isalpha. + Check for ASCII character before implicit cast to char. + Use internal ctype functions in commonmark.c. * Better documentation of memory-freeing responsibilities. in cmark.h and its man page (#124). * Use library functions to insert nodes in emphasis/link processing. Previously we did this manually, which introduces many places where errors can creep in. * Correctly handle list marker followed only by spaces. Previously when a list marker was followed only by spaces, cmark expected the following content to be indented by the same number of spaces. But in this case we should treat the line just like a blank line and set list padding accordingly. * Fixed a number of issues relating to line wrapping. + Extend CMARK_OPT_NOBREAKS to all renderers and add --nobreaks. + Do not autowrap, regardless of width parameter, if CMARK_OPT_NOBREAKS is set. + Fixed CMARK_OPT_HARDBREAKS for LaTeX and man renderers. + Ensure that no auto-wrapping occurs if CMARK_OPT_NOBREAKS is enabled, or if output is CommonMark and CMARK_OPT_HARDBREAKS is enabled. * Set stdin to binary mode on Windows (Nick Wellnhofer, #113). This fixes EOLs when reading from stdin. * Add library option to render softbreaks as spaces (Pavlo Kapyshin). Note that the NOBREAKS option is HTML-only * renderer: no_linebreaks instead of no_wrap. We generally want this option to prohibit any breaking in things like headers (not just wraps, but softbreaks). * Coerce realurllen to int. This is an alternate solution for pull request # 132, which introduced a new warning on the comparison (Benedict Cohen). * Remove unused variable link_text (Mathiew Duponchelle). * Improved safety checks in buffer (Vicent Marti). * Add new interface allowing specification of custom memory allocator for nodes (Vicent Marti). Added cmark_node_new_with_mem, cmark_parser_new_with_mem, cmark_mem to API. * Reduce storage size for nodes by using bit flags instead of separate booleans (Vicent Marti). * config: Add SSIZE_T compat for Win32 (Vicent Marti). * cmake: Global handler for OOM situations (Vicent Marti). * Add tests for memory exhaustion (Vicent Marti). * Document in man page and public header that one should use the same memory allocator for every node in a tree. * Fix ctypes in Python FFI calls (Nick Wellnhofer). This didn't cause problems so far because all types are 32-bit on 32-bit systems and arguments are passed in registers on x86-64. The wrong types could cause crashes on other platforms, though. * Remove spurious failures in roundtrip tests. In the commonmark writer we separate lists, and lists and indented code, using a dummy HTML comment. So in evaluating the round-trip tests, we now strip out these comments. We also normalize HTML to avoid issues having to do with line breaks. * Add 2016 to copyright (Kevin Burke). * Added to_commonmark in test/cmark.py (for round-trip tests). * spec_test.py - parameterize do_test with converter. * spec_tests.py: exit code is now sum of failures and errors. This ensures that a failing exit code will be given when there are errors, not just with failures. * Fixed round trip tests. Previously they actually ran cmark instead of the round-trip version, since there was a bug in setting the ROUNDTRIP variable (#131). * Added new roundtrip_tests.py. This replaces the old use of simple shell scripts. It is much faster, and more flexible. (We will be able to do custom normalization and skip certain tests.) * Fix tests under MinGW (Nick Wellnhofer). * Fix leak in api_test (Mathieu Duponchelle). * Makefile: have leakcheck stop on first error instead of going through all the formats and options and probably getting the same output. * Add regression tests (Nick Wellnhofer). cmark 0.25.2 @jgm jgm released this Mar 26, 2016 . 114 commits to master since this release * Open files in binary mode (#113, Nick Wellnhofer). Now that cmark supports different line endings, files must be openend in binary mode on Windows. * Reset partially_consumed_tab on every new line (#114, Nick Wellnhofer). * Handle buffer split across a CRLF line ending (#117). Adds an internal field to the parser struct to keep track of last_buffer_ended_with_cr. Added test. cmark 0.25.1 @jgm jgm released this Mar 25, 2016 . 122 commits to master since this release * Release with no code changes. cmark version was mistakenly set to 0.25.1 in the 0.25.0 release (#112), so this release just ensures that this will cause no confusion later. cmark 0.25.0 @jgm jgm released this Mar 25, 2016 . 124 commits to master since this release * Fixed tabs in indentation (#101). This patch fixes S_advance_offset so that it doesn't gobble a tab character when advancing less than the width of a tab. * Added partially_consumed_tab to parser. This keeps track of when we have gotten partway through a tab when consuming initial indentation. * Simplified add_line (only need parser parameter). * Properly handle partially consumed tab. E.g. in - foo <TAB><TAB>bar we should consume two spaces from the second tab, including two spaces in the code block. * Properly handle tabs with blockquotes and fenced blocks. * Fixed handling of tabs in lists. * Clarified logic in S_advance_offset. * Use an assertion to check for in-range html_block_type. It's a programming error if the type is out of range. * Refactored S_processLines to make the logic easier to understand, and added documentation (Mathieu Duponchelle). * Removed unnecessary check for empty string_content. * Factored out contains_inlines. * Moved the cmake minimum version to top line of CMakeLists.txt (tinysun212). * Fix ctype(3) usage on NetBSD (Kamil Rytarowski). We need to cast value passed to isspace(3) to unsigned char to explicitly prevent possibly undefined behavior. * Compile in plain C mode with MSVC 12.0 or newer (Nick Wellnhofer). Under MSVC, we used to compile in C++ mode to get some C99 features like mixing declarations and code. With newer MSVC versions, it's possible to build in plain C mode. * Switched from "inline" to "CMARK_INLINE" (Nick Wellnhofer). Newer MSVC versions support enough of C99 to be able to compile cmark in plain C mode. Only the "inline" keyword is still unsupported. We have to use "__inline" instead. * Added include guards to config.h * config.h.in - added compatibility snprintf, vsnprintf for MSVC. * Replaced sprintf with snprintf (Marco Benelli). * config.h: include stdio.h for _vscprintf etc. * Include starg.h when needed in config.h. * Removed an unnecessary C99-ism in buffer.c. This helps compiling on systems like luarocks that don't have all the cmake configuration goodness (thanks to carlmartus). * Don't use variable length arrays (Nick Wellnhofer). They're not supported by MSVC. * Test with multiple MSVC versions under Appveyor (Nick Wellnhofer). * Fix installation dir of man-pages on NetBSD (Kamil Rytarowski). * Fixed typo in cmark.h comments (Chris Eidhof). * Clarify in man page that cmark_node_free frees a node's children too. * Fixed documentation of --width in man page. * Require re2c >= 1.14.2 (#102). * Generated scanners.c with more recent re2c. (pkgsrc changes) - Drop two patches accepted to upstream

@beardypig

A major update to Streamlink. With this release, we include a Windows binary as well as numerous plugin changes and fixes. The main features are: Windows binary (and generation!) thanks to the fabulous work by @beardypig Multiple plugin fixes Remove unneeded run-as-root (no more warning you when you run as root, we trust that you know what you're doing) Fix stream quality naming issue Beardypig <beardypig@users.noreply.github.com> (13): fix stream quality naming issue with py2 vs. py3, fixing #89 (#96) updated connectcast plugin to support the new rtmp streams; fixes #93 (#95) Fix for erroneous escape coding the livecoding plugin. Fixes #106 (#121) TVPlayer.com: fix for 400 error, correctly set the platform parameter (#123) Added a method to automatically determine the encoding when parsing JSON, if no encoding is provided. (#122) when retry-streams and twitch-disable-hosting arguments are used the stream is retried until a non-hosted stream is found (#125) plugins.goodgame: Update for API change (#130) plugins.adultswim: added a new adultswim.com plugin (#139) plugins.goodgame: restored DDOS protection cookie support (#136) plugins.younow: update API url (#135) plugins.euronew: update to support the new site (#141) plugins.webtv: added a new plugin to support web.tv (#144) plugins.connectcast: fix regex issue with python 3 (#152) Brainzyy <Brainzyy@users.noreply.github.com> (1): Add piczel.tv plugin (courtesy of @intact) (#114) Charlie Drage <charlie@charliedrage.com> (1): Update release scripts Erk- <Erk-@users.noreply.github.com> (1): Changed the twitch plugin to use https instead of http as discussed in #103 (#104) Forrest <gravyboat@users.noreply.github.com> (2): Modify the changelog link (#107) Update cli to note a few windows issues (#108) Simon Bernier St-Pierre <sbernierstpierre@gmail.com> (1): change icon Simon Bernier St-Pierre <sbstp@users.noreply.github.com> (1): finish the installer (#98) Stefan <stefan-github@yrden.de> (1): Debian packaging base (#80) Stefan <stefanhani@gmail.com> (1): remove run-as-root option, reworded warning #85 (#109) Weslly <weslly.honorato@gmail.com> (1): Fixed afreecatv.com url matching (#90) bastimeyer <mail@bastimeyer.de> (2): Improve NSIS installer script Remove shortcut from previous releases on Windows beardypig <beardypig@users.noreply.github.com> (8): plugins.cybergame: update to support changes to the live streams on the cybergame.tv website Use pycryptodome inplace of pyCrypto Automated build of the Windows NSIS installer support for relative paths for rtmpdump makeinstaller: install the streamlinkrc file in to the users %APPDATA% directory remove references to livestreamer in the win32 config template stream.rtmpdump: fixed the rtmpdump path issue, introduced in 6bf7fd7 pin requests to <2.12.0 to avoid the strict IDNA2008 validation ethanhlc <ethanhlc@users.noreply.github.com> (1): fixed instance of livestreamer (#99) intact <intact.devel@gmail.com> (1): plugins.livestream: Support old player urls mmetak <mmetak@users.noreply.github.com> (2): fix vaughnlive.tv info_url (#88) fix vaughnlive.tv info_url (yet again...) (#143) skulblakka <pascal.romahn@mailbox.org> (1): Overworked Plugin for ZDF Mediathek (#154) sqrt2 <sqrt2@users.noreply.github.com> (1): Fix ORF TVthek plugin (#113) tam1m <tam1m@users.noreply.github.com> (1): Fix zdf_mediathek TypeError (#156)

Reviewed by: joerg@ Upstream changes: Release Notes for fish 2.5.0 (released February 3, 2017) The Home, End, Insert, Delete, Page Up and Page Down keys work in Vi-style key bindings (#3731). Platform Changes Starting with version 2.5, fish requires a more up-to-date version of C++, specifically C++11 (from 2011). This affects some older platforms: Linux For users building from source, GCC's g++ 4.8 or later, or LLVM's clang 3.3 or later, are known to work. Older platforms may require a newer compiler installed. Unfortunately, because of the complexity of the toolchain, binary packages are no longer published by the fish-shell developers for the following platforms: Red Hat Enterprise Linux and CentOS 5 & 6 for 64-bit builds Ubuntu 12.04 (EoLTS April 2017) Debian 7 (EoLTS May 2018) Installing newer version of fish on these systems will require building from source. OS X SnowLeopard Starting with version 2.5, fish requires a C++11 standard library on OS X 10.6 ("SnowLeopard"). If this library is not installed, you will see this error: dyld: Library not loaded: /usr/lib/libc++.1.dylib MacPorts is the easiest way to obtain this library. After installing the SnowLeopard MacPorts release from the install page, run: sudo port -v install libcxx Now fish should launch successfully. (Please open an issue if it does not.) This is only necessary on 10.6. OS X 10.7 and later include the required library by default. Other significant changes Attempting to exit with running processes in the background produces a warning, then signals them to terminate if a second attempt to exit is made. This brings the behaviour for running background processes into line with stopped processes. (#3497) random can now have start, stop and step values specified, or the new choice subcommand can be used to pick an argument from a list (#3619). A new key bindings preset, fish_hybrid_key_bindings, including all the Emacs-style and Vi-style bindings, which behaves like fish_vi_key_bindings in fish 2.3.0 (#3556). function now returns an error when called with invalid options, rather than defining the function anyway (#3574). This was a regression present in fish 2.3 and 2.4.0. fish no longer prints a warning when it identifies a running instance of an old version (2.1.0 and earlier). Changes to universal variables may not propagate between these old versions and 2.5b1. Improved compatiblity with Android (#3585), MSYS/mingw (#2360), Solaris (#3456, #3340) Like other shells, the test builting now returns an error for numeric operations on invalid integers (#3346, #3581). complete no longer recognises --authoritative and --unauthoritative options, and they are marked as obsolete. status accepts subcommands, and should be used like status is-interactive. The old options continue to be supported for the foreseeable future (#3526), although only one subcommand or option can be specified at a time. Selection mode (used with "begin-selection") no longer selects a character the cursor does not move over (#3684). List indexes are handled better, and a bit more liberally in some cases (echo $PATH[1 .. 3] is now valid) (#3579). The fish_mode_prompt function is now simply a stub around fish_default_mode_prompt, which allows the mode prompt to be included more easily in customised prompt functions (#3641). Notable fixes and improvements alias, run without options or arguments, lists all defined aliases, and aliases now include a description in the function signature that identifies them. complete accepts empty strings as descriptions (#3557). command accepts -q/--quiet in combination with --search (#3591), providing a simple way of checking whether a command exists in scripts. Abbreviations can now be renamed with abbr --rename OLD_KEY NEW_KEY (#3610). The command synopses printed by --help options work better with copying and pasting (#2673). help launches the browser specified by the $fish_help_browser variable if it is set (#3131). History merging could lose items under certain circumstances and is now fixed (#3496). The $status variable is now set to 123 when a syntactically invalid command is entered (#3616). Exiting fish now signals all background processes to terminate, not just stopped jobs (#3497). A new prompt_hostname function which prints a hostname suitable for use in prompts (#3482). The __fish_man_page function (bound to Alt-h by default) now tries to recognize subcommands (e.g. git add will now open the "git-add" man page) (#3678). A new function edit_command_buffer (bound to Alt-e & Alt-v by default) to edit the command buffer in an external editor (#1215, #3627). set_color now supports italics (--italics), dim (--dim) and reverse (--reverse) modes (#3650). Filesystems with very slow locking (eg incorrectly-configured NFS) will no longer slow fish down (#685). Improved completions for apt (#3695), fusermount (#3642), make (#3628), netctl-auto (#3378), nmcli (#3648), pygmentize (#3378), and tar (#3719). Added completions for: VBoxHeadless (#3378) VBoxSDL (#3378) base64 (#3378) caffeinate (#3524) dconf (#3638) dig (#3495) dpkg-reconfigure (#3521 & #3522) feh (#3378) launchctl (#3682) lxc (#3554 & #3564), mddiagnose (#3524) mdfind (#3524) mdimport (#3524) mdls (#3524) mdutil (#3524) mkvextract (#3492) nvram (#3524) objdump (#3378) sysbench (#3491) tmutil (#3524) Release Notes for fish 2.4.0 (released November 8, 2016) Significant changes The clipboard integration has been revamped with explicit bindings. The killring commands no longer copy from, or paste to, the X11 clipboard - use the new copy (C-x) and paste (C-v) bindings instead. The clipboard is now available on OS X as well as systems using X11 (e.g. Linux). (#3061) history uses subcommands (history delete) rather than options (history --delete) for its actions (#3367). You can no longer specify multiple actions via flags (e.g., history --delete --save something). New history options have been added, including --max=n to limit the number of history entries, --show-time option to show timestamps (#3175, #3244), and --null to null terminate history entries in the search output. history search is now case-insensitive by default (which also affects history delete) (#3236). history delete now correctly handles multiline commands (#31). Vi-style bindings no longer include all of the default emacs-style bindings; instead, they share some definitions (#3068). If there is no locale set in the environment, various known system configuration files will be checked for a default. If no locale can be found, en_US-UTF.8 will be used (#277). A number followed by a caret (e.g. 5^) is no longer treated as a redirection (#1873). The $version special variable can be overwritten, so that it can be used for other purposes if required. Notable fixes and improvements The fish_realpath builtin has been renamed to realpath and made compatible with GNU realpath when run without arguments (#3400). It is used only for systems without a realpath or grealpath utility (#3374). Improved color handling on terminals/consoles with 8-16 colors, particularly the use of bright named color (#3176, #3260). fish_indent can now read from files given as arguments, rather than just standard input (#3037). Fuzzy tab completions behave in a less surprising manner (#3090, #3211). jobs should only print its header line once (#3127). Wildcards in redirections are highlighted appropriately (#2789). Suggestions will be offered more often, like after removing characters (#3069). history --merge now correctly interleaves items in chronological order (#2312). Options for fish_indent have been aligned with the other binaries - in particular, -d now means --debug. The --dump option has been renamed to --dump-parse-tree (#3191). The display of bindings in the Web-based configuration has been greatly improved (#3325), as has the rendering of prompts (#2924). fish should no longer hang using 100% CPU in the C locale (#3214). A bug in FreeBSD 11 & 12, Dragonfly BSD & illumos prevented fish from working correctly on these platforms under UTF-8 locales; fish now avoids the buggy behaviour (#3050). Prompts which show git repository information (via __fish_git_prompt) are faster in large repositories (#3294) and slow filesystems (#3083). fish 2.3.0 reintroduced a problem where the greeting was printed even when using read; this has been corrected again (#3261). Vi mode changes the cursor depending on the current mode (#3215). Command lines with escaped space characters at the end tab-complete correctly (#2447). Added completions for: arcanist (#3256) connmanctl (#3419) figlet (#3378) mdbook (#3378) ninja (#3415) p4, the Perforce client (#3314) pygmentize (#3378) ranger (#3378) Improved completions for aura (#3297), abbr (#3267), brew (#3309), chown (#3380, #3383),cygport (#3392), git (#3274, #3226, #3225, #3094, #3087, #3035, #3021, #2982, #3230), kill & pkill (#3200), screen (#3271), wget (#3470), and xz (#3378). Distributors, packagers and developers will notice that the build process produces more succinct output by default; use make V=1 to get verbose output (#3248). Improved compatibility with minor platforms including musl (#2988), Cygwin (#2993), Android (#3441, #3442), Haiku (#3322) and Solaris. Automatic cursor changes are now only enabled on the subset of XTerm versions known to support them, resolving a problem where older versions printed garbage to the terminal before and after every prompt (#3499). Improved the title set in Apple Terminal.app. Added completions for defaults and improved completions for diskutil (#3478). Release Notes for fish 2.3.1 (released July 3, 2016) This is a functionality and bugfix release. This release does not contain all the changes to fish since the last release, but fixes a number of issues directly affecting users at present and includes a small number of new features. Significant changes A new fish_key_reader binary for decoding interactive keypresses (#2991). fish_mode_prompt has been updated to reflect the changes in the way the Vi input mode is set up (#3067), making this more reliable. fish_config can now properly be launched from the OS X app bundle (#3140). Notable fixes and improvements Extra lines were sometimes inserted into the output under Windows (Cygwin and Microsoft Windows Subsystem for Linux) due to TTY timestamps not being updated (#2859). The string builtin's match mode now handles the combination of -rnv (match, invert and count) correctly (#3098). Improvements to TTY special character handling (#3064), locale handling (#3124) and terminal environment variable handling (#3060). Work towards handling the terminal modes for external commands launched from initialisation files (#2980). Ease the upgrade path from fish 2.2.0 and before by warning users to restart fish if the string builtin is not available (#3057). type -a now syntax-colorizes function source output. Added completions for alsamixer, godoc, gofmt, goimports, gorename, lscpu, mkdir, modinfo, netctl-auto, poweroff, termite, udisksctl and xz (#3123). Improved completions for apt (#3097), aura (#3102),git (#3114), npm (#3158), string and suspend (#3154). Release Notes for fish 2.3.0 (released May 20, 2016) Significant Changes A new string builtin to handle… strings! This builtin will measure, split, search and replace text strings, including using regular expressions. It can also be used to turn lists into plain strings using join. string can be used in place of sed, grep, tr, cut, and awk in many situations. (#2296) After seeing an escape character wait up to 300ms for an additional character. This is consistent with readline (e.g. bash) and can be configured via the fish_escape_delay_ms variable. This allows using escape as the Meta modifier. (#1356) Add new directories for vendor functions and configuration snippets (#2498) A new fish_realpath builtin and associated function to allow the use of realpath even on those platforms that don't ship an appropriate command. (#2932) Alt-# toggles the current command line between commented and uncommented states, making it easy to save a command in history without executing it. The fish_vi_mode function is now deprecated in favour of fish_vi_key_bindings Backward-incompatible changes Unmatched globs will now cause an error, except when used with for, set or count (#2719, #2394) and and or will now bind to the closest if or while, allowing compound conditions without begin and end (#1428) set -ql now searches up to function scope for variables (#2502) status -f will now behave the same when run as the main script or using source (#2643) source no longer puts the file name in $argv if no arguments are given (#139) Other Notable Fixes and Improvements Fish no longer silences errors in config.fish (#2702) Move the history file to $XDG_DATA_HOME/fish (or ~/.local/share if it has not been set) Directory autosuggestions will now descend as far as possible if there is only one child directory (#2531) Add support for bright colors (#1464) Allow Ctrl-J (\cj) to be bound separately from Ctrl-M (\cm) (#217) psub now has a "-s"/"-suffix" option to name the temporary file with that suffix Enable 24-bit colors on select terminals (#2495) Support for SVN status in the prompt (#2582) Mercurial and SVN support have been added to the Classic + Git (now Classic + VCS) prompt (via the new __fish_vcs_prompt function) (#2592) export now handles variables with a "=" in the value (#2403) Avoid confusing the terminal line driver with non-printing characters in fish_title(#2453) New completions for: alsactl Archlinux’s asp, makepkg Atom’s apm (#2390) entr - the "Event Notify Test Runner" (#2265) Fedora’s dnf (#2638) OSX diskutil (#2738) pkgng (#2395) pulseaudio’s pacmd and pactl rmmod (#3007) rust’s rustc and cargo (#2409) sysctl (#2214) systemd’s machinectl (#2158), busctl (#2144), systemd-nspawn, systemd-analyze, localectl, timedatectl and more Fish no longer has a function called sgrep, freeing it for user customization (#2245) A rewrite of the completions for cd, fixing a few bugs (#2299, #2300, #562) Linux VTs now run in a simplified mode to avoid issues (#2311) The vi-bindings now inherit from the emacs bindings Fish will also execute fish_user_key_bindings when in vi-mode funced will now also check $VISUAL (#2268) A new suspend function (#2269) Subcommand completion now works better with split /usr (#2141) The command-not-found-handler can now be overridden by defining a function called __fish_command_not_found_handler in config.fish (#2331) A few fixes to the Sorin theme PWD shortening in the prompt can now be configured via the fish_prompt_pwd_dir_length variable, set to the length per path component (#2473) fish now ships a skeleton file for /etc/fish/config.fish that only contains some documentation, the included code has been moved to the corresponding file in /usr (#2799) Release Notes for fish 2.2.0 (released July 12, 2015) Significant Changes Abbreviations: the new `abbr` command allows for interactively-expanded abbreviations, allowing quick access to frequently-used commands (#731). Vi mode: run `fish_vi_mode` to switch fish into the key bindings and prompt familiar to users of the Vi editor (#65). New inline and interactive pager, which will be familiar to users of zsh (#291). Underlying architectural changes: the `fishd` universal variable server has been removed as it was a source of many bugs and security problems. Notably, old fish sessions will not be able to communicate universal variable changes with new fish sessions. For best results, restart all running instances of `fish`. The web-based configuration tool has been redesigned, featuring a prompt theme chooser and other improvements. New German, Brazilian Portuguese, and Chinese translations. Backward-incompatible changes These are kept to a minimum, but either change undocumented features or are too hard to use in their existing forms. These changes may break existing scripts. `commandline` no longer interprets functions "in reverse", instead behaving as expected (#1567). The previously-undocumented `CMD_DURATION` variable is now set for all commands and contains the execution time of the last command in milliseconds (#1585). It is no longer exported to other commands (#1896). `if` / `else` conditional statements now return values consistent with the Single Unix Specification, like other shells (#1443). A new "top-level" local scope has been added, allowing local variables declared on the commandline to be visible to subsequent commands. (#206) Other notable fixes and improvements New documentation design (#1662), which requires a Doxygen version 1.8.7 or newer to build. Fish now defines a default directory for other packages to provide completions. By default this is `/usr/share/fish/vendor-completions.d`; on systems with `pkgconfig` installed this path is discoverable with `pkg-config --variable completionsdir fish`. A new parser removes many bugs; all existing syntax should keep working. New `fish_preexec` and `fish_postexec` events are fired before and after job execution respectively (#1549). Unmatched wildcards no longer prevent a job from running. Wildcards used interactively will still print an error, but the job will proceed and the wildcard will expand to zero arguments (#1482). The `.` command is deprecated and the `source` command is preferred (#310). `bind` supports "bind modes", which allows bindings to be set for a particular named mode, to support the implementation of Vi mode. A new `export` alias, which behaves like other shells (#1833). `command` has a new `--search` option to print the name of the disk file that would be executed, like other shells' `command -v` (#1540). `commandline` has a new `--paging-mode` option to support the new pager. `complete` has a new `--wraps` option, which allows a command to (recursively) inherit the completions of a wrapped command (#393), and `complete -e` now correctly erases completions (#380). Completions are now generated from manual pages by default on the first run of fish (#997). `fish_indent` can now produce colorized (`--ansi`) and HTML (`--html`) output (#1827). `functions --erase` now prevents autoloaded functions from being reloaded in the current session. `history` has a new `--merge` option, to incorporate history from other sessions into the current session (#825). `jobs` returns 1 if there are no active jobs (#1484). `read` has several new options: `--array` to break input into an array (#1540) `--null` to break lines on NUL characters rather than newlines (#1694) `--nchars` to read a specific number of characters (#1616) `--right-prompt` to display a right-hand-side prompt during interactive read (#1698). `type` has a new `-q` option to suppress output (#1540 and, like other shells, `type -a` now prints all matches for a command (#261). Pressing F1 now shows the manual page for the current command (#1063). `fish_title` functions have access to the arguments of the currently running argument as `$argv[1]` (#1542). The OS command-not-found handler is used on Arch Linux (#1925), nixOS (#1852), openSUSE and Fedora (#1280). `Alt`+`.` searches backwards in the token history, mapping to the same behavior as inserting the last argument of the previous command, like other shells (#89). The `SHLVL` environment variable is incremented correctly (#1634 & #1693). Added completions for `adb` (#1165 & #1211), `apt` (#2018), `aura` (#1292), `composer` (#1607), `cygport` (#1841), `dropbox` (#1533), `elixir` (#1167), `fossil`, `heroku` (#1790), `iex` (#1167), `kitchen` (#2000), `nix` (#1167), `node`/`npm` (#1566), `opam` (#1615), `setfacl` (#1752), `tmuxinator` (#1863), and `yast2` (#1739). Improved completions for `brew` (#1090 & #1810), `bundler` (#1779), `cd` (#1135), `emerge` (#1840),`git` (#1680, #1834 & #1951), `man` (#960), `modprobe` (#1124), `pacman` (#1292), `rpm` (#1236), `rsync` (#1872), `scp` (#1145), `ssh` (#1234), `sshfs` (#1268), `systemctl` (#1462, #1950 & #1972), `tmux` (#1853), `vagrant` (#1748), `yum` (#1269), and `zypper` (#1787).

net/proxytunnel: fix build on SmartOS

6274897

jperkin closed this Dec 10, 2013

jperkin pushed a commit that referenced this pull request Mar 16, 2015

Update ruby-slop to 3.6.0.

6d1b0b9

3.6.0 (2014-06-18) ------------------ * Add example of rest arguments usage in the readme file #139 * Default values on options are printed in the help message #134

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

net/proxytunnel: fix build on SmartOS #139

net/proxytunnel: fix build on SmartOS #139

wiedi commented Dec 7, 2013

jperkin commented Dec 10, 2013

net/proxytunnel: fix build on SmartOS #139

net/proxytunnel: fix build on SmartOS #139

Conversation

wiedi commented Dec 7, 2013

jperkin commented Dec 10, 2013