forked from web2py/web2py
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGELOG
1827 lines (1585 loc) · 67.5 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
## 2.27
- python 3.11 support
- linted and formatted code
## 2.26
- fixed invalid headers and header serialization bug
- fixed circular imports
- fixed a header injection vulnerability
## 2.25
(never released)
## 2.24
- fixed vulnerability JVN#80476432
- fixed issue #2468
- fixed issue #2457
- fixed issue #2457
- initialize env with abspath
- fixed application packaging
- fixed hmac.new digestmod
- fixed cache corruption issue
## 2.23
- fixed internal error in map_static() on self.args=None
- fixed corner cases in prevent_open_redirect
- fixed #2451, invalid chars in german translation
- prevent admin app from accessing files outside the applications folder
- fixed migration and virtual fields
- callable auth.settings.auth_two_factor_enabled
- added DKIM support to emails
## 2.22
- pydal upgrade
- yatl upgrade
- improved open redirect prevention
- fixed problem with gmail attachments
- fixed #2432
- made simplejsonrpc compatible with python3.8+
- fixed reload from _compat so it works in py3
- fixed bug with filenames and = in the url
- fixed #2425
- fixed copyreg import for python2
- fixed #2330
- fixed oauth2.0 to work with python 3
- added Ubuntu 20.04+Apache+Python3 installation script
- fixed #2400, in rocket fixed SSL DoS issue in accept loop
- added python 3.9 support
## 2.21
- fixed exception handling for packed file creation
- fixed handling of filenames with non-ascii characters in attachments
- fixed issue #2312
- added hash_extension functionality to URL
- fixed order keyword value in Grid column sort
- cleanup in strings and regex
- fixed handling of smtplib.SMTPException
- fixed SCRIPT(ASSIGNJS(foo=bar))
- fixed issue #2326
- fixed issue #2315
- removed Python 3.5 support
## 2.20.1
new makefile to update binaries from Nico Zanferrari
## 2.19.0
- new command line options (Thanks Paolo Pastori)
OLD NAME NEW NAME
================== ==================
--debug --log_level
--nogui --no_gui
--ssl_private_key --server_key
--ssl_certificate --server_cert
--minthreads --min_threads
--maxthreads --max_threads
--profiler --profiler_dir
--run-cron --with_cron
--softcron --soft_cron
--cron --cron_run
--cronjob * --cron_job *
--test --run_doctests
--add_options
--interface
--crontab
## 2.18.1-2.18.5
- pydal 19.04
- made template its own module (Yet Another Template Language)
- improved python 3.4-3.7 support
- better regular expressions
- bug fixes
## 2.17.1-2
- pydal 18.08
- many small bug fixes
## 2.16.1
- pydal 17.11
- bootstrap 4
- better welcome examples
- many bug fixes
## 2.15.1-4
- pydal 17.08
- dropped support for python 2.6
- dropped web shell
- experimental python 3 support
- experimental authapi for service login
- allow ajax file uploads
- more tests
- more pep8 compliance
- d3.js model visulization
- improved scheduler
- is_email support for internationalized Domain Names
- improved used of cookies with CookieJar
- SQLFORM.grid(showblobs=True)
- import JS events (added w2p.componentBegin event)
- added support for CASv3
- allow first_name and last_name placeholders in verify_email message
- added three-quote support in markmin
- updated pg8000 driver (but we still recommend psycopg2)
- compiled views use . separator not _ separator (must recompile code)
- better serbian, french, and catalan translations
- speed improvements (refactor of compileapp and pyc caching)
- removed web shell (never worked as intended)
- allow Expose(..., follow_symlink_out=False).
- Updated fpdf to latest version
- JWT support
- import fabfile for remote deployment
- scheduler new feature: you can now specify intervals with cron
- gluon/* removed from sys.path. Applications relying on statements like e.g.
"from storage import Storage"
will need to be rewritten with
"from gluon.storage import Storage"
- tests can only be run with the usual web2py.py --run_system_tests OR with
python -m unittest -v gluon.tests on the root dir
- jQuery 3.2.1
- PyDAL 17.07 including:
allow jsonb support for postgres
correctly configure adapters that need connection for configuration
better caching
updated IMAP adapter methods to new API
experimental suport for joinable subselects
improved Teradata support
improved mongodb support
overall refactoring
experimental support for Google Cloud SQL v2
new pymysql driver
## 2.14.6
- Increased test coverage (thanks Richard)
- Fixed some newly discovered security issues in admin:
CSRF vulnerability in admin that allows disabling apps
Brute force password attack vulnerability in admin
(thanks Narendra and Leonel)
## 2.14.1-5
- fixed two major security issues that caused the examples app to leak information
- new Auth(…,host_names=[…]) to prevent host header injection
- improved scheduler
- pep8 enhancements
- many bug fixes
- restored GAE support that was broken in 2.13.*
- improved fabfile for deployment
- refactored examples with stupid.css
- new JWT implementation (experimental)
- new gluon.contrib.redis_scheduler
- myconf.get
- LDAP groups (experimental)
- .flash -> .w2p_flash
- Updated feedparser.py 5.2.1
- Updated jQuery 1.12.2
- welcome app now checks for version number
- Redis improvements. New syntax:
BEFORE:
from gluon.contrib.redis_cache import RedisCache
cache.redis = RedisCache('localhost:6379',db=None, debug=True)
NOW:
from gluon.contrib.redis_utils import RConn
from gluon.contrib.redis_cache import RedisCache
rconn = RConn()
# or RConn(host='localhost', port=6379,
# db=0, password=None, socket_timeout=None,
# socket_connect_timeout=None, .....)
# exactly as a redis.StrictRedis instance
cache.redis = RedisCache(redis_conn=rconn, debug=True)
BEFORE:
from gluon.contrib.redis_session import RedisSession
sessiondb = RedisSession('localhost:6379',db=0, session_expiry=False)
session.connect(request, response, db = sessiondb)
NOW:
from gluon.contrib.redis_utils import RConn
from gluon.contrib.redis_session import RedisSession
rconn = RConn()
sessiondb = RedisSession(redis_conn=rconn, session_expiry=False)
session.connect(request, response, db = sessiondb)
Many thanks to Richard and Simone for their work and dedication.
## 2.13.*
- fixed a security issue in request_reset_password
- added fabfile.py
- fixed oauth2 renew token, thanks dokime7
- fixed add_membership, del_membership, add_membership IntegrityError (when auth.enable_record_versioning)
- allow passing unicode to template render
- allow IS_NOT_IN_DB to work with custom primarykey, thanks timmyborg
- allow HttpOnly cookies
- french pluralizaiton rules, thanks Mathieu Clabaut
- fixed bug in redirect to cas service, thanks Fernando González
- allow deploying to pythonanywhere from the web2py admin that you're running locally, thanks Leonel
- better tests
- many more bug fixes
## 2.12.1-3
- security fix: Validate for open redirect everywhere, not just in login()
- allow to pack invidual apps and selected files as packed exe files
- allow bulk user registration with default bulk_register_enabled=False
- allow unsorted multiword query in grid search
- better MongoDB support with newer pyDAL
- enable <app>/appadmin/manage/auth by default for user admin
- allow mail.settings.server='logging:filename' to log emails to a file
- better caching logic
- fixed order of confirm-password field
- TLS support in ldap
- prettydate can do UTC
- jquery 1.11.3
- bootstrap 3.3.5
- moved to codecov and enabled appveyor
- many bug fixes
## 2.11.1
- Many small but significative improvements and bug fixes
## 2.10.1-2.10.2
- welcome app defaults to Bootstrap 3
- DAL -> pyDAL (thanks Giovanni, Niphlod, Paolo)
- new modular dal
- fixed problems with GAE support
- moved to full NDB support
- improved connection pooling logic
- optional cache.ram.max_ram_utilization = 90 (experimental)
- improved cache.disk logic (thanks Niphlod and Leonel)
- lots of pep8 improvements, thanks Richard
- added support for email attchments when auth.settings.server='gae'
- fixed app.yaml.example for GAE
- fixed many small issues
- many many more tests (thanks Giovanni, Niphlod, Paolo)
- upgrading static libraries (bootstrap, codemirror, jquery, etc)
## 2.9.12
- Tornado HTTPS support, thanks Diego
- Modular DAL, thanks Giovanni
- Added coverage support, thanks Niphlod
- More tests, thanks Niphlod and Paolo Valleri
- Added support for show_if in readonly sqlform, thanks Paolo
- Improved scheduler, thanks Niphlod
- Email timeout support
- Made web2py's custom_import work with circular imports, thanks Jack Kuan
- Added Portuguese, Catalan, and Burmese translations
- Allow map_hyphen to work for application names, thanks Tim Nyborg
- New module appconfig.py, thanks Niphlod
- Added geospatial support to Teradata adaptor, thanks Andrew Willimott
- Many bug fixes
## 2.9.6 - 2.9.10
- fixed support of GAE + SQL
- fixed a typo in the license of some login_methods code. It is now LGPL consistently with the rest of the web2py code. This change applied to all previous web2py versions.
- support for SAML2 (with pysaml2)
- Sphinx documentation (thanks Niphlod)
- improved scheduler (thanks Niphlod)
- increased security
- better cache.disk (thanks Leonel)
- sessions are stored in subfolders for speed
- postgres support for "INSERT ... RETURING ..."
- ldap support for Certificate Authority (thanks Maggs and Shane)
- improved support for S/Mime X.509 (thanks Gyuris)
- better welcome app
- support for Collection+JSON Hypermedia API (RESTful self documenting API)
- jQuery 1.11
- codemirror 4.0.3
- markdown2 2.2.3
- memcache 1.53
- support for the new janrain API
- new "web2py.py -G config" to make GAE configuration easier
- many small bug fixes
## 2.9.1 - 2.9.5
- many small but important bug fixes
- jquery 1.11
- codemirror 3.21, thanks Paolo Valleri
- fixed security issue with sessions in database, thanks Nathan Humphreys
- fixed security issue with persistant data in session, thanks Kiran
- fixed security issue with redirect after expired login, thanks André Kablu
- cleaner DAL and rname integration, thanks niphlod and Michele
- added mongodb and imap tests for dal, thanks Alan
- NoSQL dal tests, thanks Alan
- better docstrings, thanks Niphlod
- allow URL(...,language=...) with parametric router, thanks Jonathan
- allow non-expiration of gae-memcache, thanks crimsoncantab
- MARKMIN(...,_class='...'), thanks Luca
- better transliteration in building slugs
- autolink emails
- new Janrain API, thanks PeterQ2
- enable admin app for GAE (experimental), thanks Alan
- many bug fixes
- invalidate function in web2py.js, thanks Paolo
- DAL(...,adapter_args=dict(engine='MyISAM'))
- todolist panel in admin editor, thanks Paolo Valleri
## 2.8.1
- no more winservice (use nssm instead)
- better imap support in DAL
- db().select().as_tree()
- bootstrap 2.3.2
- codemirror 3.19
- improved mongoDB support, thanks Alan
- support for wiki custom render function
- Wiki(...groups=['x','y']) allows bypassing default permissions
- fixed websocket_messaging.py to support newer Tornado
- NDB support for GAE, thanks Quint
- fixed major concurrecy issue with MEMDB
- blocked generic.jsonp for security reasons
- many bug fixes, thanks Niphlod, Michele, Anthony, Tim, and many others.
## 2.7.1 - 2.7.4
- jQuery 1.10.2
- codemirror 3.18, thanks Paolo
- namespaces in T("Welcome", ns="namespace"), thanks jamarcer (experimental)
- more Auth options, thanks Charles
- more admin configuration, thanks Roberto
- new gluon.contrib.strip.StripeForm for PCI compliant payments
- webclient can hendle lists, thanks Yair
- allows SQLFORM.grid(...,ignore_common_filters=True)
- more translations, thanks Vladyslav
- better session2trash.py, works with scheduler, thanks niphlod
- fixed problem with ENABLED/DISABLED
- many bug fixes, thanks niphlod, michele, anthony, roberto, tim, and others
## 2.6.1 - 2.6.4
Attention all users: For pre 2.6 applications to work with web2py >=2.6, you must copy static/js/web2py.js, controllers/appadmin.py, and views/appadmin.html from the welcome app to your own apps (all of them).
Attention production users: The updated handlers and examples are in handlers/ and examples/. The updated ones will not override the existing ones. To use the new ones it is not sufficient to upgrade web2py, you also need to copy the desired handler/example in the root web2py/ folder.
Attention MySQL users: The length of string fields changed from 255 to 512 bytes. If you have migrations enabled this will trigger a large migration. To prevent it, first set migrate_enabled=False, upgrade, check everything is ok, then add length=255 to your string Fields, then re-enable migrations with migrate_enabled=True if needed.
- better directory structure: handlers/ extras/ examples/
- better MongoDb support, thanks Alan
- better Admin editor interface, thanks Paolo, Roberto (codemirror 3), and Lightdot
- better layout.html and web2py_bootstrap.css, thanks Paolo
- refactored web2py.js makes code more readable, thanks Niphlod
- compute fields can depend on other compute(d) fields
- more functions in appadmin (/manage/auth), thanks Anthony
- support for CAST in SQL generation
- new API jQuery('#component').reload()
- new API rows.render()
- new API table.field.referent, table._references
- new API db(...).validate_and_update(...)
- new API Wiki(..., force_render=True) renders the page source again instead of using cached
- Wiki now automatically parses named component arguments @{f:a=1,b='twp',c=variable}
- auth.get_or_create_user(login=False)
- auth = Auth(crsf_protection = False) prevents creating sessions in login/register forms.
- enable multiple renderers in wiki, thanks Alan
- log messages from Auth are no longer translated (for speed and readability)
- update jQuery mobile to 1.3.1
- reduced memory footprint by conditionally loading Tk
- faster pbkdf2 uses OpenSSL, thanks Michele
- many speed improvements, thanks Michele
- better session logic, prevents false positive when detecting session changes.
- scripts/import_static.py converts a static site to a web2py app (experimental)
- support for new http error code 451
- profiler saves dump in dir, thanks Niphlod
- upgraded pyfpdf, thanks Mariano
- gluon/contrib/pdfinvoice.py for generating PDF invoices (assumes reportlab)
- no more double submission of forms (even without crsf protection), thanks Niphlod
- speedup for define_table, thanks Michele
- settings.cfg to admin, thanks Paolo
- many bugs fixed, thanks Niphlod, Michele, Roberto, Jonathan, and many others
- 2.6,3 specifically fixed a possible DoS vulnerability
- 2.6.4 specifically fixes major problem introduced in 2.6.1 with session logic
## 2.5.2
- Web editor with tabs, thanks ilvalle
## 2.5.1
- New style virtual fields in grid
- Conditional fields (experimental) ``db.table.field.show_if = db.table.otherfield==True`` or ``db.table.field.show_if = db.table.otherfiel.contains(values)``
- auth.settings.manager_group_role="manager" enables http://.../app/appadmin/auth_manage and http://.../app/appadmin/manage for members of the "manager" group. (also experimental)
- support for POST variables in DELETE
- Fixed memory leak when using the TAG helper
## 2.4.7
- pypy support, thanks Niphlod
- more bug fixes
- ...
## 2.4.6
- better tests
- new ANY_OF and IS_IPV6 validators
- new custom save option
- many small bug fixes
## 2.4.5
- travis.ci integration (thanks Marc Abramowitz and Niphlod). Passes all tests (thanks Niplod).
- IS_DATE and IS_DATETIME can specify timezone
## 2.4.1- 2.4.3
- 2D GEO API: geoPoint, getLine, geoPolygon
- support for 'json' field type in DAL
- schema export with db.as_json/as_xml, thanks Alan
- graph representation of models
- support for semantic versioning
- new bootstrap based admin, thanks Paolo
- improved scheduler (and change in scheduler field names), thanks Niphlod
- graphviz support added to adm, thanks Jose
- on_failure in grid
- db.table.field.abs()
- better wiki
- geoPoint, getLine, geoPolygon
- better reporting of 500 ajax errors
- better grid
- improved/fixed mongodb support
- improved parse_as_rest(patterns=...), thanks Denes
- improved IMAP DAL support, thanks Alan
- improved security when cookies in sessions
- Row.as_xml, as_json, as_dict, as_yaml thanks Alan
- smarter custom_import
- setup-ubuntu-12-04-redmine-unicorn-web2py-uwsgi-nginx.sh
- added support for motor and pulsar servers, thanks Niphlod
- added json-rpc2 support
- added pypyodbc.py driver
- allow auth.settings.ondelete='CASCADE'
- new syntax IS_EXPR(lambda value: ...
- using google for QR codes (although Graph API will be deprecated in 2015)
- upgraded fpdf to 1.7.1
- bug fixes (including issues with calendar.js and archive tables)
## 2.3.1 - 2.3.2
- new virtual fields syntax:
``db.define_table('person',Field('name'),Field.Virtual('namey',lambda row: row.person.name+'y'))``
- db.thing(name='Cohen',_orderby=db.thing.name), thanks Yair
- made many modules Python 3.3 friendly (compile but not tested)
- better welcome css, thanks Paolo
- jQuery 1.8.3
- Bootstrap 2.2.2
- Modernizr 2.6.2 (custom full options)
- integration with analyitics.js (0.2.0)
- better scheduler, thanks Niphlod
- page and media preview in wiki, thanks Niphlod
- create new auth.wiki page from slug model, thanks Nico
- conditional menus with auth.wiki(menugroups=['wiki_editor'])
- better security in grid/smartgrid
- allow LOADing multiple grids, thanks Niphlod
- auth.settings.login_onfail, thanks Yair
- better handling of session files for speed
- added heroku support (experimental)
- added rocket support for IPV6, thanks Chirs Winebrinner
- more customizable menus with MENU(li_first, li_last..)
- added support for paymentech (gluon/contrib/paymentech.py)
- fixed broken cron
- fixed possible xss with share.js
- many bug fixes. Closed more than 50 tickets since 2.2.1
## 2.2.1
- session.connect(cookie_key='secret', compression_level=9) stores sessions in cookies
- T.is_writable = False prevents T from dynamically updating langauge files
- all code is more PEP8 compliant
- better custom_importer behaviour (now works per app, is smalled and faster)
- fixed some bugs
- upgraded feedparser.py and rss2.py
- codemirror has autoresize
## 2.1.0
- overall faster web2py
- when apps are deleted, a w2p copy is left in deposit folder
- change in cron (it is now disabled by default). removed -N option and introduced -Y.
- faster web2py_uuid() and request initialization logic, thanks Michele
- static asset management, thanks Niphlod
- improved mobile admin
- request.requires_https and Auth(secure=True), thanks Yarin and Niphlod
- better custom_import (works per app and is faster), thanks Michele
- redis_sesssion.py, thanks Niphlod
- allow entropy computation in IS_STRONG and web2py.js, thanks Jonathan and Niphlod
- fixed many aith.wiki problems
- support for auth.wiki(render='html')
- better welcome layout, thanks Paolo
- db.define_table(...,redefine=True)
- DAL, Row, and Rows object can now be pickled/unpickled, thanks to zombie DAL.
- admin uses codemirror
- allow syntax auth = Auth(db).define_tables()
- better auth.wiki with preview, thanks Alan
- better auth.impersonate, thanks Alan
- upgraded jQuery 1.8
- upgraded Bootstrap 2.1
- fixed problem with dropbox_account.py
- many fixes to cache.ram, cache.disk, memcache and gae_memcache
- cache.with_prefix(cache.ram,'prefix')
- db.table.field.epoch() counts seconds from epoch
- DAL support for SQL CASE, example: db().select(...query.case('true','false))
- DAL(...,do_connect=False) allows faking connections
- DAL(...,auto_import=True) now retieves some fiel attributes
- mail can specify a sender: mail.send(...,sender='Mr X <%(sender)s>')
- renamed gluon/contrib/comet_messaging.py -> gluon/contrib/websocket_messaging.py
## 2.0.1-11
### DAL Improvements
- Support for DAL(lazy_tables=True) and db.define_table(on_define=lambda table:), thanks Jonathan
- db(...).select(cacheable=True) make select 30% faster
- db(...).select(cache=(cache.ram,3600)) now caches parsed data 100x faster
- db(...).count(cache=(cache.ram,3600)) now supported
- MongoDB support in DAL (experimental), thanks Mark Breedveld
- geodal and spatialite, thanks Denes and Fran (experimental)
- db.mytable._before_insert, _after_insert, _before_update, _after_update, _before_delete. _after_delete (list of callbacks)
- db(...).update_naive(...) same as update but ignores table._before_update and table._after_update
- DAL BIGINT support and DAL(...,bigint_id=True)
- IS_IN_DB(..., distinct=True)
- new syntax: db.mytable.insert(myuploadfield=open(....)), thank you Iceberg
- db(...).select(db.mytable.myfield.count(distinct=True))
- db(db.a)._update(name=db(db.b.a==db.a.id).nested_select(db.b.id))
- db.mytable.myfield.filter_in, filter_out
- db.mytable._enable_record_versioning(db) adds versioning to this table
- teradata adapter, thanks Andrew Willimott
- experimental Sybase Adapter
- added db.table.field.avg()
- Support for Google App Engine projections, thanks Christian
- Field(... 'upload', default=path) now accepts a path to a local file as default value, if user does not upload a file. Relative path looks inside current application folder, thanks Marin
- executesql(...,fields=,columns=) allows parsing of results in Rows, thanks Anthony
- Rows.find(lambda row: bool(), limitby=(0,1))
### Auth improvements
- auth.enable_record_versioning(db) adds full versioning to all tables
- @auth.requires_login(otherwise=URL(...))
- auth supports salt and compatible with third party data, thanks Dave Stoll
- CRYPT now defaults to pbkdf2(1000,20,sha1)
- Built-in wiki with menu, tags, search, media, permissions. def index: return auth.wiki()
- auth.settings.everybody_group_id
- allow storage of uploads on any PyFileSystem (including amazon)
### Form improvements
- FORM.confirm('Are you sure?',{'Back':URL(...)})
- SQLFORM.smartdictform(dict)
- form.add_button(value,link)
- SQLFORM.grid(groupby='...')
- fixed security issue with SQLFORM.grid and SQLFORM.smartgrid
- more export options in SQLFORM.grid and SQLFORM.smartgrid (html, xml, csv, ...)
### Admin improvements
- new admin pages: manage_students, bulk_regsiter, and progress reports
- increased security in admin against CSRF
- experimental Git integration
- experimental OpenShift deployment
- multi-language pluralization engine
- ace text web editor in admin
- Ukrainian translations, thanks Vladyslav Kozlovskyy
- Romanian translation for welcome, thanks ionel
- support for mercurial 2.6, thanks Vlad
### Scheduler Improvements (thanks to niphlod, ykessler, dhx, toomim)
- web2py.py -K myapp -X starts the myapp scheduler alongside the webserver
- tasks are marked EXPIRED (if stop_time passed)
- functions with no result don't end up in scheduler_run
- more options: web2py.py -E -b -L
- scheduler can now handle 10k tasks with 20 concurrent workers and with no issues
- new params:
tasks can be found in the environment (no need to define the tasks parameter)
max_empty_runs kills the workers automatically if no new tasks are found in queue (nice for "spikes" of processing power)
discard_results to completely discard the results (if you don't need the output of the task)
utc_time enables datetime calculations with UTC time
- scheduler_task changes:
task_name is no longer required (filled automatically with function_name if found empty)
uuid makes easy to coordinate scheduler_task maintenance (filled automatically if not provided)
stop_time has no default (previously was today+1)
retry_failed to requeue automatically failed tasks
sync_output refreshes automatically the output (nice to report percentages)
- workers can be:
DISABLED (put to sleep and do nothing if not sending the heartbeat every 30 seconds)
TERMINATE (complete the current task and then die)
KILL (kill ASAP)
### Other Improvements
- gluon/contrib/webclient.py makes it easy to create functional tests for app
- DIV(..).elements(...replace=...), thanks Anthony
- new layout based on Twitter Bootstrap
- New generic views: generic.ics (Mac Mail Calendar) and generic.map (Google Maps)
- request.args(0,default=0, cast=int, otherwise=URL(...)), thanks Anthony
- redirect(...,type='auto') will be handled properly in ajax responses
- routes in can redirect outside with routes_in=[('/path','303->http://..')]
- better memcache support
- improved spreadsheet, thanks Alan
- new internationalization engine, thanks Vladyslav
- pluralization engine, thanks Vladyslav
- new markmin with support for nested lists, <i>, <em>, autolinks, thanks Vladyslav
- new syntax: {{=BR()*5}}
- gluon.cache.lazy_cache decorator allows caching functions in modules
- .coffee and .less support in response.files, thanks Sam Sheftel
- ldap certificate support
- pg8000 postgresql driver support (experimental)
- @cache('%(name)s%(args)s%(vars)s',5) and cache.autokey
- added tox.ini, thanks Marc
- web2py.py --run_system_tests, thanks Marc Abramowitz
- html.py (and web2py helpers) can be used without web2py dependencies
- new fpdf, thanks Mariano
## 1.99.5-1.99.7
- admin in Russian (Bulat), Japanese (Omi) and Slovenian (Robert Valentak)
- included web-based debugger (experimental, thanks Mariano)
- def index(): return dict(a=gluon.tools.Expose(folder))
- db.table.field.like(...,case_sensitive=False) (thanks Floyd)
- db.table.field.regexp(...) for sqlite and postgres
- db(...,ignore_common_filters=True)
- db(db.dog_id.belongs(db.dogs.owner=='james')).select()
- db(...).select().group_by_value(db.table.field) (thanks Yair)
- db = DAL('imap://user:password@server:port') support (thanks Alan Etkin)
- db = DAL('teradata://DSN=dsn;UID=user;PWD=pass; DATABASE=database') (thanks Adrew Willmott)
- db = DAL('mongodb://127.0.0.1:5984/db') (experimental, thanks Mark Breedveld)
- db = DAL('cubrid') (experimental)
- db = DAL('postgres:pg8000:...') and DAL('postgres:psycopg2:...')
- pg8000 now ships with web2py (thanks Mariano)
- reponse.delimiters = ('\\[','\\]') (thanks Denes)
- auth.user_groups stores user groups
- auth.is_impersonating()
- populate can now deal with computed fields (thanks Tsvi Mostovicz)
- new rediscache (thanks niphold)
- sync languages capability (thanks Yair)
- improved markmin auto-links
- improved ldap support (thanks Omi)
- added TimeCollector (thanks Caleb)
- better cpdb.py (thanks pasxidis)
- conditional menu items (reponse.menu=[(title,bool,link,[],condition)]
- scripts/services/service.py (thanks Ross)
- gluon/contrib/login_methods/browserid_account.py (thanks Pai)
- gluon/contrib/htmlmin.py for html minimization (thanks kerncece)
- web2py_component has timeout parameter, thanks Alan
- 100's of small bug fixes and small improvements
## 1.99.4
Improved mobile admin, thanks Angelo
Improved examples page, thanks Anthony
fixed a SQLCustomField bug
## 1.99.3
This is a major revision in peparation for web2py 2.0
- moved to GitHub and abandoned Lanchpad
- new web site layout, thanks Anthony
- new welcome app using skeleton, thanks Anthony
- jQuery 1.7.1
- modernizr 2.0.6 (customized)
- ``define_table('thing', singluar='thing',plural='things')``
- CAS 1.0 and 2.0 compliant, thanks Olivier
- fixed validate_and_insert and validate_and_update, thanks Anthony
- ``request.user_agent().is_mobile`` etc., thanks Ross and Angelo
- better router, thanks Jonathan
- app on/off buttons
- support for dropbox_login
- improved markmin recognizes qr code, supports auto audio/video/embed
- ``response.optimize_css = 'concat,minify,inline'``, thanks Ross
- ``response.optimize_js = 'concat,minify,inline'`` thanks Ross
- ``db.define_table(...,common_filter=query)``, thanks Yair
- ``db(...,ignore_common_filter=True)``
- support for stripe payments
- support for DowCommerce payments, thanks Dave
- experimental PyPy support
- experimental mongodb support, thanks Mark
- tickets in db now accessible from admin, thanks Niphlod
## 1.99.1-1.99.2
- gluon/contrib/simplejsonrpc.py
- gluon/contrib/redis_cache.py
- support for A(name,callback=url,target='id',delete='tr')
- support for A(name,component=url,target='id',delete='tr')
- new pip installer, thanks Chris Steel
- isapiwsgihandler.py
- dal expression.coalesce(*options)
- gluon/contrib/simplejsonrpc.py, thanks Mariano
- expire_sessions.py respects expiration time, thanks iceberg
- addressed this issue: http://fuelyourcoding.com/jquery-events-stop-misusing-return-false/
- x509 support (thanks Michele)
- form.process() and for.validate()
- rocket upgrade (1.2.4)
- jQuery upgrade (1.6.3)
- new syntax rows[i]('tablename.fieldname')
- new query syntax field.contains(list,all=True or False)
- new SQLFORM.grid and SQLFORM.smartgrid (should replace crud.search and crud.select)
- support for natural language queries (english only) in SQLFORM.grid
- support for computed columns and additional links in SQLFORM.grid
- new style virtual fields (experimental): db.table.field=Field.Lazy(...)
- request.utcnow
- cleaner/simpler welcome/models/db.py and welcome layout.html
- response.include_meta() and response.include_files(), thanks Denes
- dal auto-reconnect on time-out connections
- COL and COLGROUP helpers
- addresed OWASP #10, thanks Anthony and Eric
- auth.settings.login_after_registration=True
- detection of mobile devices and @mobilize helper (view.mobile.html), thanks Angelo
- experimental gluon/scheduler.py
- scripts/make_min_web2py.py
- crud.search has more options, thanks Denes
- many bug fixes (thanks Jonathan, Michele, Fran and others)
## 1.98.1-1.98.2
- fixed some problems with LOAD(ajax=False), thanks Anthony
- jquery 1.6.2
- gevent.pywsgi adds ssl support, thanks Vasile
- import/export of blobs are base64 encoded
- max number of login attemts in admin, thanks Ross
- fixed joins with alias tables
- new field.custom_delete attribute
- removed resctions on large 'text fields, thanks Martin
- field.represent = lambda value,record: .... (record is optional)
- FORM.validate() and FORM.process(), thanks Bruno
- faster visrtualfields, thanks Howsec
- mail has ssl support separate from tls, thanks Eric
- TAG objects are now pickable
- new CAT tag for no tags
- request.user_agent(), thanks Ross
- fixed fawps support
- SQLFORM(...,separator=': ') now customizable
- many small bug fixes
## 1.97.1
- validate_and_update, thanks Bruno
- fixed problem with new custom import, thanks Mart
- fixed pyamf 0.6, thanks Alexei and Nickd
- fixed "+ =" bug in wizard
- fixed problem with allowed_patterns
- fixed problems with LOAD and vars and ajax
- closed lots of google code tickets
- checkboxes should now work with list:string
- web2py works on Android, thanks Corne Dickens
- new cpdb.py, thanks Mart
- improved translation (frech in particuler), thanks Pierre
- improved cas_auth.py, thanks Sergio
- IS_DATE and IS_DATETIME validators now work with native types
- better description of --shell, thanks Anthony
- extra SQLTABLE columns, thanks Martin
- fixed toolbar conflics, thanks Simon
- GAE password shows with ****
## 1.96.2-1.96.4
- bug fixes
## 1.96.1
- "from gluon import *" imports in every python module a web2py environment (A, DIV,..SQLFORM, DAL, Field,...) including current.request, current.response, current.session, current.T, current.cache, thanks Jonathan.
- conditional models in
models/<controller>/a.py and models/<controller>/<function>/a.py
- from mymodule import *, looks for mymodule in applications/thisapp/modules first and then in sys.path. No more need for local_import. Thanks Pierre.
- usage of generic.* views is - by default - restricted to localhost for security. This can be changed in a granular way with: response.generic_patterns=['*']. This is a slight change of behavior for new app but a major security fix.
- all applications have cas 2.0 provider at http://.../user/cas/login
- all applications can delegate to login to external provider Auth(...,cas_provider='http://.../other_app/default/user/cas')
- A(...,callback=URL(...),larget='id') does Ajax
- URL(...,user_signature=True), LOAD(...,user_signature=True) can sign urls and @auth.requires_signature() will check the signature for any decorated action.
- DAL(...,migrate_enabled=False) to disable all migrations
- DAL(...,fake_migrate_all=True) to rebuild all corrupted metadata
- new DAL metadata format (databases/*.table)
- DAL(...,adapter_arg={}) allows support for alternate drivers
- DAL now allows circular table defintions
- DAL(..,auto_import=True) automatically imports tables from metadata without need to db.define_table(...)s.
- new alterante syntax for inner joins: db(...).select(join=...)
- experimental cubrid database support
- DAL 'request_tenant' fields are special, the altomatically filer all records based on their default value.
- db._common_fields.append(Field('owner')) allows to add fields to ALL tables
- DAL ignores repeated fields with same names
- web2py_ajax.html is more modular, thanks Anthony
- request.is_local
- request.is_http
- new sessions2trash.py thanks Jim Karsten
- corrupted cache files are automatically deleted
- new simpler API gluon.contrib.AuthorizeNet.procss(...)
- fixed recaptcha (as they released new API)
- messages in validators have default internationalization
- No more Auth(globals(),db), just Auth(db). Same for Crud and Service.
- scripts/access.wsgi allows apache+mod_wsgi to delegate authentication of any URL to any web2py app
- json now supports T(...)
- scripts/setup-web2py-nginx-uwsgi-ubuntu.sh
- web2py HTTP responses now set: "X-Powered-By: web2py", thanks Bruno
- mostly fixed generic.pdf. You can view any page in PDF if you have pdflatex installed or if your html follows the pyfpdf convention.
- auth.settings.extra_fields['auth_user'].append(Field('country')) allows to extend auth_* tables without need of definiting a custom auth_* table. Must be placed before auth.define_tables()
- {{=response.toolbar()}} to help you debug applications
- web based shell now supports object modifications (but no redefinitions of non-serializable types)
- jQuery 1.6.1
- Lots of bug fixes
## 1.95.1
- Google MySQL support (experimental)
- pip support, thanks lifeeth
- better setup_exe.py, thanks meredyk
- importved pyfpdf
- domain check in email_auth.py, thanks Gyuris
- added change_password_onvalidation and change_password_onaccept
- DAL(...,migrate_enabled=True)
- login_methods/loginza.py, thanks Vladimir
- bpython shell support, thanks Arun
- request.uuid and response.uuid (for a future toolbar)
- db._timings contains database query timing info
- efficient db(...).isempty()
- setup-web2py-nginx-uwsgi-ubuntu.sh
- Many bug fixes, thanks Jonathan
## 1.94.6
- fixed a number of minor bugs including adding some missing files
- better session handling on session._unlock(..), thanks Jonathan
- added experimental pip support, thanks Lifeeth
- added experimental SAP DB support
## 1.94.5
- fixed a major bug with session introdued in 1.94.1
## 1.94.4
- removed debug print statement that caused problems on GAE and mod_wsgi
## 1.94.3
- fixed major bug in auth redirection
## 1.94.2
- reverted wrong behavior of auth.requires(condition) in 1.94.1
## 1.94.1
- moderniz 1.17
- web2py no longer saves session if no change, this makes it up up to 10x faster for simple actions
- experimental REST API
- better support for MSSQL NOT NULL
- small bug fixes
## 1.93.1-2
- support for multiple interfaces, thanks Jonathan
- jquery 1.5.1
- simplejson 2.1.3
- customizable simplejson
- leaner app.yaml
- css3 buttons in welcome
- android support (experimental)
- Field(':hidden'), Field('.readonly'), Field('name=value')
- combined expressions print db.data.body.len().sum()
- wizard can download plugins
- better json serilization (object.custom_json)
- better xml serialization (object.custom_xml)
- better formstyle support
- better comet_messaging.py (needs more testing)
- many bug fixes
## 1.92.1
- much improved routing (thanks Jonathan)
- Expression.__mod__ (thanks Denes)
- admin has MULTI_USER_MODE (admin/models/0.py)
- support for count(distinct=...)
- has_permissions(...,group_id)
- IS_MATCH(...,strict=True)
- URL(...,scheme=,host=,port=), thanks Jonathan
- admin in Afrikaans, thanks Caleb
- auth.signature (experimental)
- many other bug fixes
## 1.91.6
- web2py comet via gluon/contrib/comet_messaging.py (html5 websockets) experimental
- fixed problem with services (broken in 1.91.5), thanks Vollrath
- customizable uploadwidget, thanks Fran
- fixed problem with mail unicode support, thanks Richard
- fixed problem with linkto=None and references fields in SQLTABLE, thanks villas
- no more upgrade button on windows since does not work
- better remember-me login, thanks Martin Weissenboeck
- support for recatcha options
- support for GAE namespaces via DAL('gae://namespace')
- new rocket (1.2.2), thanks Tim
- many other bug fixes and improvements (thanks Jonathan)
## 1.91.2-1.91.5
- fixed a problem with deplyment on GAE
- other new dal bug fixes
## 1.91.1
- LICENSE CHANGE FROM GPLv2 to LGPLv3
- URL(...,hash_vars=...) allows to specify which vars need to be signed
- fixed bug with aliasing in new DAL
## 1.90.6
- fix issue with pickling new dal Row and Rows.
## 1.90.5
- set poll = False in rocket because of poll python thread bug often unfixed, thanks Jonathan
- fixes issue with crud and reCaptcha
## 1.90.2-4
- pymysql no longer requires ssl (if not used)
- fixed bug with virtualfields
- fixed bug in truncate (new dal)
- fixed bug in select with alternate primary key (new dal)
- fixed bug with IS_IN_DB and self refences (also new dal)
## 1.90.1
- new DAL (complete rewrite of the web2py DAL is more modular)
- rewrite has fail safe reload, thanks Jonathan
- better CAS with v2 support, thanks Olivier ROCH VILATO
- better markmin2latex
- session.connect(separate=True) to handle many session files, thanks huaiyu wang
- changed bahvior of impersonate (more secure, can generate form or used as API)
- new rocket, thanks Tim
- new pyfpdf
- no more old style classes
- experimental couchdb support in new dal (only insert, select, update by id)
- mysql support out of the box via pymysql
- SQLITABLE(...,headers='labels') thanks Bruno
- optional: digitally signed URLs, thanks Brian Meredyk
- minor bug fixes
## 1.89.1-.5
- new admin layout (thanks Branko Vukelic)
- new admin search
- new admin language selector (thanks Yair)
- new Welcome app (thanks Martin Mulone)
- better wizard
- admin support for DEMO_MODE=True
- admin exposes GAE deployment button (always)
- MENU support None links (thanks Michael Wolfe)
- web2py.py -J for running cron (thanks Jonathan Lundell)
- fixed ~db.table.id on GAE (thanks MicLee)
- service.jsonrpc supports service.JsonRpcException (thanks Matt)
- bug fixes
## 1.88.1-2
- better list: string support, thanks Bob
- jquery 1.4.3
- scripts/autoroutes.py
- new admin wizard
- added retrieve_username to navbar (if username)
- internal rewrite for arbitrary paths (abspath), thanks Jonathan
- populate support for list: and decimal, thanks Chirstian
- markmin2latex has extra attribute
- better mercual admin allows list of files, versions and retrieve
- new error report system, thanks Thadeus and Selecta
- SQLFORM.accepts(detect_record_change).record_changed
- fixed cron for bytecode compiled apps, thanks Álvaro J. Iradier Muro
- other bugs fixes and pep8 compliant fixes
## 1.87.3
- fixed a major bug introduced in 1.87.1 that prevents appadmin from working for new apps created with 1.87.1-2.
- upgraded to clockpick 1.28, thanks villas
## 1.87.1-2
- new layout for examples, thanks Bruno and Martin
- admin allow ``DEMO_MODE=True`` and ``FILTER_APPS=['welcome']``
- fixed a possible problem with CRON and paths
## 1.86.3
- Error reporting on save, thanks Mariano
recalled
## 1.86.1-1.86.3