---
- branch: MAIN
  date: Tue Jul  9 17:11:42 UTC 2013
  files:
  - new: '1.5'
    old: '1.4'
    path: pkgsrc/www/py-werkzeug/Makefile
    pathrev: pkgsrc/www/py-werkzeug/Makefile@1.5
    type: modified
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/www/py-werkzeug/Makefile.common
    pathrev: pkgsrc/www/py-werkzeug/Makefile.common@1.3
    type: modified
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/www/py-werkzeug/PLIST
    pathrev: pkgsrc/www/py-werkzeug/PLIST@1.3
    type: modified
  - new: '1.2'
    old: '1.1'
    path: pkgsrc/www/py-werkzeug/distinfo
    pathrev: pkgsrc/www/py-werkzeug/distinfo@1.2
    type: modified
  id: 20130709T171142Z.95c50042859ed67422e1d1ea442dfca5ae08507c
  log: |
    Update py-werkzeug and py-werkzeug-docs to 0.9.1.

    Version 0.9.1
    -------------

    (bugfix release, released on June 14th 2013)

    - Fixed an issue with integers no longer being accepted in certain
      parts of the routing system or URL quoting functions.
    - Fixed an issue with `url_quote` not producing the right escape
      codes for single digit codepoints.
    - Fixed an issue with :class:`~werkzeug.wsgi.SharedDataMiddleware` not
      reading the path correctly and breaking on etag generation in some
      cases.
    - Properly handle `Expect: 100-continue` in the development server
      to resolve issues with curl.
    - Automatically exhaust the input stream on request close.  This should
      fix issues where not touching request files results in a timeout.
    - Fixed exhausting of streams not doing anything if a non-limited
      stream was passed into the multipart parser.
    - Raised the buffer sizes for the multipart parser.

    Version 0.9
    -----------

    Released on June 13nd 2013, codename Planierraupe.

    - Added support for :meth:`~werkzeug.wsgi.LimitedStream.tell`
      on the limited stream.
    - :class:`~werkzeug.datastructures.ETags` now is nonzero if it
      contains at least one etag of any kind, including weak ones.
    - Added a workaround for a bug in the stdlib for SSL servers.
    - Improved SSL interface of the devserver so that it can generate
      certificates easily and load them from files.
    - Refactored test client to invoke the open method on the class
      for redirects.  This makes subclassing more powerful.
    - :func:`werkzeug.wsgi.make_chunk_iter` and
      :func:`werkzeug.wsgi.make_line_iter` now support processing of
      iterators and streams.
    - URL generation by the routing system now no longer quotes
      ``+``.
    - URL fixing now no longer quotes certain reserved characters.
    - The :func:`werkzeug.security.generate_password_hash` and
      check functions now support any of the hashlib algorithms.
    - `wsgi.get_current_url` is now ascii safe for browsers sending
      non-ascii data in query strings.
    - improved parsing behavior for :func:`werkzeug.http.parse_options_header`
    - added more operators to local proxies.
    - added a hook to override the default converter in the routing
      system.
    - The description field of HTTP exceptions is now always escaped.
      Use markup objects to disable that.
    - Added number of proxy argument to the proxy fix to make it more
      secure out of the box on common proxy setups.  It will by default
      no longer trust the x-forwarded-for header as much as it did
      before.
    - Added support for fragment handling in URI/IRI functions.
    - Added custom class support for :func:`werkzeug.http.parse_dict_header`.
    - Renamed `LighttpdCGIRootFix` to `CGIRootFix`.
    - Always treat `+` as safe when fixing URLs as people love misusing them.
    - Added support to profiling into directories in the contrib profiler.
    - The escape function now by default escapes quotes.
    - Changed repr of exceptions to be less magical.
    - Simplified exception interface to no longer require environmnts
      to be passed to recieve the response object.
    - Added sentinel argument to IterIO objects.
    - Added pbkdf2 support for the security module.
    - Added a plain request type that disables all form parsing to only
      leave the stream behind.
    - Removed support for deprecated `fix_headers`.
    - Removed support for deprecated `header_list`.
    - Removed support for deprecated parameter for `iter_encoded`.
    - Removed support for deprecated non-silent usage of the limited
      stream object.
    - Removed support for previous dummy `writable` parameter on
      the cached property.
    - Added support for explicitly closing request objects to close
      associated resources.
    - Conditional request handling or access to the data property on responses no
      longer ignores direct passthrough mode.
    - Removed werkzeug.templates and werkzeug.contrib.kickstart.
    - Changed host lookup logic for forwarded hosts to allow lists of
      hosts in which case only the first one is picked up.
    - Added `wsgi.get_query_string`, `wsgi.get_path_info` and
      `wsgi.get_script_name` and made the `wsgi.pop_path_info` and
      `wsgi.peek_path_info` functions perform unicode decoding.  This
      was necessary to avoid having to expose the WSGI encoding dance
      on Python 3.
    - Added `content_encoding` and `content_md5` to the request object's
      common request descriptor mixin.
    - added `options` and `trace` to the test client.
    - Overhauled the utilization of the input stream to be easier to use
      and better to extend.  The detection of content payload on the input
      side is now more compliant with HTTP by detecting off the content
      type header instead of the request method.  This also now means that
      the stream property on the request class is always available instead
      of just when the parsing fails.
    - Added support for using :class:`werkzeug.wrappers.BaseResponse` in a with
      statement.
    - Changed `get_app_iter` to fetch the response early so that it does not
      fail when wrapping a response iterable.  This makes filtering easier.
    - Introduced `get_data` and `set_data` methods for responses.
    - Introduced `get_data` for requests.
    - Soft deprecated the `data` descriptors for request and response objects.
    - Added `as_bytes` operations to some of the headers to simplify working
      with things like cookies.
    - Made the debugger paste tracebacks into github's gist service as
      private pastes.

    Version 0.8.4
    -------------

    (bugfix release, release date to be announced)

    - Added a favicon to the debugger which fixes problem with
      state changes being triggered through a request to
      /favicon.ico in Google Chrome.  This should fix some
      problems with Flask and other frameworks that use
      context local objects on a stack with context preservation
      on errors.
    - Fixed an issue with scolling up in the debugger.
    - Fixed an issue with debuggers running on a different URL
      than the URL root.
    - Fixed a problem with proxies not forwarding some rarely
      used special methods properly.
    - Added a workaround to prevent the XSS protection from Chrome
      breaking the debugger.
    - Skip redis tests if redis is not running.
    - Fixed a typo in the multipart parser that caused content-type
      to not be picked up properly.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/py-werkzeug'
  unixtime: '1373389902'
  user: kleink