---
- branch: MAIN
  date: Mon Jun 18 02:52:12 UTC 2018
  files:
  - new: '1.39'
    old: '1.38'
    path: pkgsrc/www/p5-Dancer/Makefile
    pathrev: pkgsrc/www/p5-Dancer/Makefile@1.39
    type: modified
  - new: '1.31'
    old: '1.30'
    path: pkgsrc/www/p5-Dancer/distinfo
    pathrev: pkgsrc/www/p5-Dancer/distinfo@1.31
    type: modified
  id: 20180618T025212Z.bfa0714cfacc14a21ee0b7de6106ead298ae398e
  log: |
    Update to 1.3400

    Upstream changes:
    1.3400    2018-06-15 23:08:34+01:00 Europe/London
     Promoting previous trial releases to stable.

    1.3205    2018-06-13 22:59:32+01:00 Europe/London (TRIAL RELEASE)
     [ENHANCEMENTS]
     - require MIME::Types 2.17, as 2.16 has some funny ideas, like responding to a
       ZIP file with 'application/vnd.easykaraoke.cdgdownload'
     - Fix YAML-related test failures if YAML::XS not installed
       (GH 1184, PR 1189, bigpresh)

     [BUG FIXES]
     - Avoid accidental route matches if a previous successful match had left %+
       populated (GH 1187, PR 1188, bigpresh, reported by skington)

    1.3204    2018-05-23 14:40:33+01:00 Europe/London (TRIAL RELEASE)
     [ENHANCEMENTS]
     - Try to use 127.0.0.11 for listen tests, fall back to 127.0.0.1
       on systems that don't have 127/8, e.g. FreeBSD (GH 1183, PR 1185, bigpresh)

    1.3203    2018-05-20 20:44:30+01:00 Europe/London (TRIAL RELEASE)
     [DOCUMENTATION]
     - Add environment var hint to cookbook (PR 1161, castaway)

     [ENHANCEMENTS]
     - Make it possible to switch out YAML for YAML::XS for config parsing and
       serialisation (there was already an attempt at this in place, and it was
       documented as posisble, but didn't work) (PR 1164, 1nickt)
     - New test method response_redirect_like (PR 1159, 1nickt)
     - New config option raw_request_body_in_ram, which controls whether the
       raw request body is available via request->body or not.  See Issue #1140
       for the problems the previous approach, of getting it from the temp file
       that HTTP::Body might (or might not) have written it to.
     - Validate session IDs read from client - GH #1172 - potential security
       risk if the session provider in use passes the session ID in a way
       where injection is possible.

    1.3301 2016-02-16
     [BUG FIXES]
     - Reverted session ID validation (PR-1155) as it breaks
       Dancer::Session::Cookie (bigpresh)

    1.3300 2016-02-15
     [BUG FIXES]
     - More temp directory handling fixes (Issue #1147)
     - Avoid request body truncation in hand-assembled requests in tests (PR
       1148, skington)
     - Avoid tests failing when "localhost" doesn't resolve (PR 1142, gbarco)
     - Avoid test failures due to race condition in selecting a port to listen
       on by using 127.0.0.10 instead (more of a hacky workaround than a fix,
       but should help (bigpresh)
     - Fix YAML session handler under taint mode (chrisjrob)
     - Make request->body work again for URL-encoded POST requests - Issue 1140
       reported by miyagawa (bigpresh)
     - Validate session IDs read from cookies before passing to session engine,
       to protect against any engine that might feed that value straight to a
       file path for security - Issue 1118 (bigpresh)

     [DOCUMENTATION]
     - Better doc for forward_for_address (PR 1146, Relequestual)

     [ENHANCEMENTS]
     - Let Dancer::Test::dancer_response() handle supplying multiple params
       with the same name - Issue 1116 (bigpresh)
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/p5-Dancer'
  unixtime: '1529290332'
  user: wen