Plone 5.2.3

Zope 4.5.1 → 4.5.3

See https://zope.readthedocs.io/en/4.x/changes.html#id1

plone.recipe.zope2instance: 6.7.5 → 6.8.1

New features:

• Added option clear-untrusted-proxy-headers, with default false. See waitress documentation on clear_untrusted_proxy_headers. Fixes a deprecation warning. [maurits] (#142)
• Added option max-request-body-size, with default 1073741824. See waitress documentation on max_request_body_size. [mpeeters] (#155)

Bug fixes:

• Properly disable access-log for WSGI. [tschorr] (#159)
• Add GitHub Actions to project. Run tests there in a matrix against Zope 4 and Zope 5, Windows and Linux, Python 27, 3.6, 3.7 and 3.8. Testing Python 2.7 on Windows is skipped. Refactor tox test setup slightly, do not use tox on GitHub. Split up tests in smaller easier to maintain files. Fix tests to run on Windows without tocuhing the recipe code (the Windows code is not perfect right now, but it test are reflecting current state). This primary includes respecting path-handling (backslash vs slash), conditional instance generation and differences in wsgi configurations. Also resolves "unclosed files" warnings. Reflect Zope 5 and so Plone 6.0 support in trove classifiers. [jensens] (#150)

zest.releaser: 6.21.1 → 6.22.1

pep517: 0.8.2 → 0.9.1

plone.app.robotframework: 1.5.4 → 1.5.6

New features:

• Removed backwards compatibility code for old quickinstaller. Current plone.app.robotframework is only for Plone 5.2+, so this code was no longer used. See also PLIP 1775. [maurits] (#1775)

Bug fixes:

• Fixed error Variable '${CMFPLONE_SELECTORS}' not found on Plone 6. [maurits] (#680)
• Fixed DeprecationWarning: invalid escape sequence. [maurits] (#3130)

zope.interface: 5.0.2 → 5.2.0

• Make sure to call each invariant only once when validating invariants. Previously, invariants could be called multiple times because when an invariant is defined in an interface, it's found by in all interfaces inheriting from that interface. See pull request 215.

• Fix the method definitions of IAdapterRegistry.subscribe, subscriptions and subscribers. Previously, they all were defined to accept a name keyword argument, but subscribers have no names and the implementation of that interface did not accept that argument. See issue 208.

• Fix a potential reference leak in the C optimizations. Previously, applications that dynamically created unique Specification objects (e.g., used @implementer on dynamic classes) could notice a growth of small objects over time leading to increased garbage collection times. See issue 216.

  Caution!

  This leak could prevent interfaces used as the bases of other interfaces from being garbage collected. Those interfaces will now be collected.

  One way in which this would manifest was that weakref.ref objects (and things built upon them, like Weak[Key|Value]Dictionary) would continue to have access to the original object even if there were no other visible references to Python and the original object should have been collected. This could be especially problematic for the WeakKeyDictionary when combined with dynamic or local (created in the scope of a function) interfaces, since interfaces are hashed based just on their name and module name. See the linked issue for an example of a resulting KeyError.

  Note that such potential errors are not new, they are just once again a possibility.

• Make @implementer(*iface) and classImplements(cls, *iface) ignore redundant interfaces. If the class already implements an interface through inheritance, it is no longer redeclared specifically for cls. This solves many instances of inconsistent resolution orders, while still allowing the interface to be declared for readability and maintenance purposes. See issue 199.

• Remove all bare except: statements. Previously, when accessing special attributes such as __provides__, __providedBy__, __class__ and __conform__, this package wrapped such access in a bare except: statement, meaning that many errors could pass silently; typically this would result in a fallback path being taken and sometimes (like with providedBy()) the result would be non-sensical. This is especially true when those attributes are implemented with descriptors. Now, only AttributeError is caught. This makes errors more obvious.

  Obviously, this means that some exceptions will be propagated differently than before. In particular, RuntimeError raised by Acquisition in the case of circular containment will now be propagated. Previously, when adapting such a broken object, a TypeError would be the common result, but now it will be a more informative RuntimeError.

  In addition, ZODB errors like POSKeyError could now be propagated where previously they would ignored by this package.

  See issue 200.

• Require that the second argument (bases) to InterfaceClass is a tuple. This only matters when directly using InterfaceClass to create new interfaces dynamically. Previously, an individual interface was allowed, but did not work correctly. Now it is consistent with type and requires a tuple.

• Let interfaces define custom __adapt__ methods. This implements the other side of the PEP 246 adaptation protocol: objects being adapted could already implement __conform__ if they know about the interface, and now interfaces can implement __adapt__ if they know about particular objects. There is no performance penalty for interfaces that do not supply custom __adapt__ methods.

  This includes the ability to add new methods, or override existing interface methods using the new @interfacemethod decorator.

  See issue 3.

• Make the internal singleton object returned by APIs like implementedBy and directlyProvidedBy for objects that implement or provide no interfaces more immutable. Previously an internal cache could be mutated. See issue 204.

Products.MailHost: 4.9 → 4.10

• We depend on zope.sendmail >= 5.1.
• Support messages with explicit Content-Transfer-Encoding: 8bit (#30).

calmjs.parse: 1.2.4 → 1.2.5

icalendar: 4.0.6 → 4.0.7

Bug fixes:

• fixed rrule handling, re-enabled test_create_america_new_york()

mockup: 3.2.2 → 3.2.4

Bug fixes:

• Don't depend on #edit-bar being present to update the toolbar after folder_contents navigation. Projects using plonetheme.barceloneta's backend.xml might not have that div/id in their html because of an error in the rules.xml. [fredvd] (#3191)
• Prevent a folder_contents navigation from triggering the double amount of XHR requests through the text filter. Also correctly unregister/register events with a namespace in the structure pattern.[fredvd] (#3203)
• Fix building of the docs bundle. [thet] (#980)
• Fix external description text in tinymce link popup [parruc] (#1010)
• Bump bl from 4.0.2 to 4.0.3 [dependabot, jensens] (#1014)
• Bumps lodash from 4.17.15 to 4.17.20. [dependabot, jensens] (#1015)
• Fix plone toolbar action links being updated only on the first navigation action in the folder_contents structure pattern. [fredvd] (#3191)

Plone: 5.2.2 → 5.2.3

Bug fixes:

• Release Plone 5.2.3 final [maurits]

plone.api: 1.10.2 → 1.10.4

Bug fixes:

• Fixed test failures on Python 3 with Products.MailHost 4.10. [maurits] (#3178)
• Fixed deprecation warning for CMFPlone.interfaces.ILanguageSchema. [maurits] (#3130)

plone.app.caching: 2.0.6 → 2.0.8

Bug fixes:

• Do not assume request or request.URL is a string. It might be None. [jensens, iham] (#59)
• Remove hopelessly outdated proxy config examples. Look at plone.recipe.varnish for excellent examples! [jensens] (#64)
• Fixed invalid escape sequences. [maurits] (#3130)

plone.app.content: 3.8.6 → 3.8.7

Bug fixes:

• Fixed deprecation warning for IFieldPermissionChecker. [maurits] (#3130)

plone.app.contentlisting: 2.0.2 → 2.0.3

Bug fixes:

• Fixed deprecation warning for LazyCat/LazyMap. [maurits] (#3130)

plone.app.contentrules: 4.1.4 → 4.1.5

Bug fixes:

• Fixed deprecation warning for ComponentLookupError. Fixed deprecation warning for zope.site.hooks. Fixed deprecation warning for IObjectEvent from zope.component. [maurits] (#3130)
• Fixed test failures on Python 3 with Products.MailHost 4.10. [maurits] (#3178)

plone.app.contenttypes: 2.1.10 → 2.2.1

New features:

• Allow passing a custom catalog-query to migrateCustomAT to constrain which objects to migrate. [pbauer] (#572)

Bug fixes:

• Update tests to fix updated schema cache. See https://github.com/plone/plone.dexterity/pull/137 [@avoinea] (#573)
• Fix various deprecation warnings. [maurits] (#3130)

plone.app.dexterity: 2.6.5 → 2.6.8

Bug fixes:

• For increased security, in the modeleditor do not resolve entities, and remove processing instructions. [maurits] (#3209)
• Update tests to fix updated schema cache. See https://github.com/plone/plone.dexterity/pull/137 [@avoinea, maurits] (#313)
• Do not require nextPreviousEnabled (#312)

plone.app.discussion: 3.4.2 → 3.4.3

Bug fixes:

• Fix tests with Products.MailHost 4.10. [maurits] (#3178)

plone.app.event: 3.2.7 → 3.2.10

Bug fixes:

• Give validation error in ical importer when a file:// URL is used. This could be a line of attack for a hacker. [maurits] (#3209)
• Replaced deprecated plone.testing.z2 imports with plone.testing.zope, where possible. [maurits] (#3130)
• Fixed deprecation warning for setDefaultRoles. [maurits] (#3130)

plone.app.folder: 1.3.1 → 1.3.2

Bug fixes:

• Removed ancient migration code for upgrading BTree folder from Plone 3 to 4. The code, or at least the tests, are incompatible with the latest zope.interface. Current plone.app.folder is only for Plone 5.2, so the code is not needed. [maurits] (#24)

plone.app.iterate: 3.3.14 → 3.3.15

Bug fixes:

• Remove relationship between baseline and working copy, when wc is removed. [frapell] (#77)
• Fixed deprecation warning for ObjectEvent and IObjectEvent. Moved all code from profiles.py to setuphandlers.py to avoid confusion with profiles directory. [maurits] (#3130)

plone.app.layout: 3.4.4 → 3.4.6

Bug fixes:

• Fixed various deprecation warnings. [maurits] (#3130)
• Made the error page recognisable again in the body classes. Instead of template-index-html you now get template-error_message-pt. Compatibility note: in Plone 5.1 and earlier, this was template-default_error_message. [maurits] (#242)

plone.app.linkintegrity: 3.3.13 → 3.3.14

Bug fixes:

• Fixed deprecation warning for ComponentLookupError. [maurits] (#3130)

plone.app.locales: 5.1.24 → 5.1.27

• Use different translations for "User" and "Contributor" in the Italian translation, using respectively "Utente" and "Collaboratore". [lelit]
• Update Italian translations [lelit]
• Minor fix in German translation. [jensens]

plone.app.multilingual: 5.6.1 → 5.6.2

Bug fixes:

• Fixed deprecation warning for ComponentLookupError. Fixed deprecation warning for ILanguageSchema, depend on plone.i18n 4.0.4. Fixed deprecation warning for IObjectEvent from zope.component. Fixed deprecation warning for zope.site.hooks. [maurits] (#3130)

plone.app.portlets: 4.4.5 → 4.4.6

Bug fixes:

• fixes index error in navigation portlet caused by unknown mimetypes without entry in mimetype registry https://github.com/plone/Products.CMFPlone/issues/2882) (cmfplone-2882)
• Fixed deprecation warning for zope.component.interfaces.IComponentRegistry. [maurits] (#3130)

plone.app.registry: 1.7.6 → 1.7.7

Bug fixes:

• Make interface list on configuration export page visible. [jensens] (#41)

plone.app.testing: 6.1.5 → 6.1.8

New features:

• Removed backwards compatibility code for old quickinstaller. Current plone.app.testing is only for Plone 5.2+, so this code was no longer used. See also PLIP 1775. [maurits] (#1775)

Bug fixes:

• Before trying to load the zcml of plone.app.folder, double check if it is a real package or an alias provided by plone.app.upgrade (#72)
• Fixed test failure on Python 3 with Products.MailHost 4.10. [maurits] (#3178)

plone.app.textfield: 1.3.4 → 1.3.5

Bug fixes:

• Fixed deprecation warning for zope.component.interfaces.ComponentLookupError. [maurits] (#43)

plone.app.theming: 4.1.4 → 4.1.6

Bug fixes:

• For increased security, fail when trying file protocol access in diazo rules. Also do not resolve entities, and remove processing instructions. [maurits] (#3209)
• Fixed WrongContainedType for hostnameBlackList on Zope 5. See also issue 183. [maurits] (#183)
• Fixed deprecation warning for ConfigParser.readfp. [maurits] (#3130)

plone.app.upgrade: 2.0.34 → 2.0.36

Breaking changes:

• 6.0 alpha 1: remove the portal_quickinstaller tool. See PLIP 1775. [maurits] (#1775)

Bug fixes:

• Replaced import of plone.api, which should not be used by core. [maurits] (#241)
• Fixes a rare case in v52/betas while migration of relations: Missing attributes on cataloged relations are safely ignored. [jensens] (#244)
• Plone 5.1.7: Update resource registry last_compilation date. [maurits] (#1006)
• Catch deprecation warnings for webdav.LockItem.LockItem and CMFPlone.interfaces.ILanguageSchema. The first has been moved to OFS.LockItem, the second to plone.i18n.interfaces. In older upgrade code, we should still try the old import first. Fixed deprecation warning for zope.site.hooks. Fixed invalid escape sequence. [maurits] (#3130)
• Migrate the plone.site_logo field from ASCII (native string) to Bytes. Otherwise saving the site-controlpanel can fail with a WrongType error Fixes issue 3172. [maurits] (#3172)

plone.app.vocabularies: 4.2.0 → 4.2.1

Bug fixes:

• Fixed deprecation warning for zope.site.hooks. (#3130)

plone.app.widgets: 3.0.4 → 3.0.5

Bug fixes:

• Robot tests: Fix deprecated jQuery.size. [thet] (#207)

plone.app.workflow: 4.0.2 → 4.0.3

Bug fixes:

• Fixed deprecation warning for zope.component.interfaces.IComponentRegistry. Fixed deprecation warning for zope.site.hooks. [maurits] (#3130)

plone.app.z3cform: 3.2.1 → 3.2.2

Bug fixes:

• Fixed repeat syntax in multi input to also work in Zope 4.5. [maurits] (#116)

plone.behavior: 1.3.2 → 1.4.0

New features:

• Drop Plone 4.3 support. [maurits] (#3130)

Bug fixes:

• Fixed deprecation warning for ComponentLookupError. [maurits] (#3130)

plone.browserlayer: 2.2.3 → 2.2.4

Bug fixes:

• Fixed deprecation warning for zope.component.interfaces.IComponentRegistry. [maurits] (#3130)

plone.contentrules: 2.0.10 → 2.1.0

New features:

• Fixed deprecation warning for IObjectEvent/ObjectEvent from zope.component. Drops compatibility with Plone 5.0 and earlier. [maurits] (#3130)

plone.dexterity: 2.9.7 → 2.10.0

New features:

• Make sure that Dynamic schema is updated on all ZEO clients on change [@avoinea] (#136)

Bug fixes:

• Fixes test to work clean with zope.interface. Interfaces are hashed based on just their name and module. So every one of these local IBlank interfaces will hash the same way, and be treated the same for purposes of zope.interface's _dependents. Thus in tests mock interfaces must not be used under the same name in the same module. [jensens] (#135)
• Use mock from unittest on Python 3 [ale-rt] DefaultReadFile properly implements the IStreamIterator interface [ale-rt] (#138)
• Restore webdav support when the webdav library is importable [ale-rt] (#141)
• Fixed missing ISiteRoot utility when running tests with Zope 5. [maurits] (#680)
• Removed call of listing macro in content-core view for containers. It was broken. We now show the same as for items: only the fields. Fixes issue 3177. [maurits] (#3177)

plone.keyring: 3.1.2 → 3.1.3

Bug fixes:

• Fixed deprecation warning for zope.component.interfaces.IComponentRegistry. [maurits] (#3130)

plone.outputfilters: 4.0.1 → 4.0.2

Bug fixes:

• fix AttributeError: 'NoneType' object has no attribute 'unwrap' exception when a fullsize image is wrapped in an <a> tag. [flipmcf] (#39)
• Fixed deprecation warning for html_quote. [maurits] (#3130)

plone.portlet.collection: 3.3.3 → 3.3.5

Bug fixes:

• Removed fallback import of is_default_page. Fixed various DeprecationWarnings. [maurits] (#3130)
• Fixed deprecation warning for setDefaultRoles. [maurits] (#3130)

plone.portlet.static: 3.1.4 → 3.1.6

Bug fixes:

• Removed Plone 4 compatibility code. [maurits] (#19)
• Fixed invalid escape sequence. [maurits] (#3130)
• Fixed startup warning for setDefaultRoles. [maurits] (#17)

plone.protect: 4.1.5 → 4.1.6

Bug fixes:

• Fixed deprecation warning for webdav.Lockable.LockableItem. [maurits] (#3130)

plone.resource: 2.1.2 → 2.1.3

Bug fixes:

• Fixed various warnings. [maurits] (#3130)

plone.restapi: 6.13.7 → 6.15.0

plone.resourceeditor: 3.0.2 → 3.0.3

Bug fixes:

• Fixed invalid escape sequences. [maurits] (#3130)

plone.scale: 3.1.1 → 3.1.2

Bug fixes:

• Resolve deprecation warning [gforcada] (#42)

plone.schemaeditor: 3.0.1 → 3.0.2

Bug fixes:

• Fixed deprecation warning for ObjectEvent. [maurits] (#3130)

plone.staticresources: 1.3.2 → 1.4.1

New features:

• Updated Bootstrap Icons to 1.0.0 final. [santonelli] (#3162)

Bug fixes:

• Update mockup to 3.2.4. [maurits] (#1031)
• Bumps bl from 4.0.2 to 4.0.3. [dependabot, jensens] (#97)
• Build bundles with latest mockup 3.x. [maurits] (#1026)
• Fixed deprecation warning for zope.site.hooks. [maurits] (#3130)

plone.stringinterp: 1.3.2 → 1.3.3

Bug fixes:

• Resolve deprecation warning [gforcada] (#14)

plone.subrequest: 1.9.2 → 1.9.3

Bug fixes:

• Fixed deprecation warning for zope.site.hooks. [maurits] (#24)

plone.supermodel: 1.6.2 → 1.6.3

Bug fixes:

• For increased security, in the xml parser do not resolve entities, and remove processing instructions. [maurits] (#3209)

plone.testing: 8.0.1 → 8.0.2

Bug fixes:

• update isort configuration for version 5 of isort (#75)

plonetheme.barceloneta: 2.1.9 → 2.1.10

Bug fixes:

• Also leave #edit-bar intact when copying the toolbar html into the theme using backend.xml, as was fixed two years to in the normal rules.xml. [fredvd] (#3191)

Products.CMFDiffTool: 3.3.1 → 3.3.2

Bug fixes:

• Fixed invalid escape sequences. [maurits] (#3130)

Products.CMFFormController: 4.1.2 → 4.1.4

Bug fixes:

• Tests: set request method to POST in a way that works on Plone 6 as well. [maurits] (#3057)
• Removed security declaration for nonexistent method ZPythonScriptHTML_changePrefs. This method was removed from Products.PythonScripts in version 4.2, from October 2018. Added Products.PythonScripts>=4.2 as dependency. Fixed deprecation warning for module imp. Fixed invalid escape sequence. [maurits] (#3130)

Products.CMFPlacefulWorkflow: 2.0.2 → 2.0.3

Bug fixes:

• Fix deprecation warning at startup for setDefaultRoles. [maurits] (#34)

Products.CMFPlone: 5.2.2 → 5.2.3

Bug fixes:

• No longer doubly undo a response Content-Type change when combining bundles. [maurits] (#1924)
• Fix issue with @@search view when filtering by creation date [frapell] (#3007)
• Fixed use of own utils.isDefaultPage, which should be defaultpage.check_default_page_via_view. [maurits] (#3130)
• Fixed invalid escape sequences in regular expressions. [maurits] (#3130)
• Fixed deprecation warning for zope.site.hooks. [maurits] (#3130)
• PloneBatch: define __bool__ as copy of __nonzero__. Python 3 calls __bool__ when doing bool(batch). [maurits] (#3175)
• No longer consider calling len(batch) as deprecated. The deprecation warning is unvoidable with current Products.PageTemplates code. Fixes issue 3176. maurits (#3176)
• Fix tests with Products.MailHost 4.10. [maurits] (#3178)
• Robot tests: Do not use jQuery.size() but use .length instead. .size() is deprecated since 1.8. [thet] (#3195)

Products.CMFUid: 3.0.2 → 3.1.0

• Fixed deprecation warning for zope.component.interfaces.IObjectEvent.
• Drop support for python setup.py test which is broken in Python 3.7+.

Products.ExtendedPathIndex: 4.0.0 → 4.0.1

Bug fixes:

• unpin zc.buildout
• pin versions to Zope 4 (otherwise Python 2.7 version cannot be built anymore)
• update tox.ini to align with setup classifiers
• add Products.ZCatalog to setup.py's install_requires, as it is no longer part of Zope core (#17)

Products.ExternalEditor: 3.0 → 3.0.1

Bug fixes:

• Add support for recent Python 3 versions [ale-rt]

Products.GenericSetup: 2.0.2 → 2.0.3

• When logging an upgrade, print the version tuple joined by dots.
• Renamed xml dir to xml_templates. This avoids an import warning on Python 2.7.

Products.isurlinportal: 1.1.0 → 1.1.1

Bug fixes:

• Add testing for Python 3.6 + 3.8; add Python 3.8 trove classifier. [tschorr] (#3)

Products.MimetypesRegistry: 2.1.7 → 2.1.8

Bug fixes:

• Fixed invalid escape sequences. [maurits] (#3130)

Products.PluggableAuthService: 2.4.0 → 2.5

Products.PortalTransforms: 3.1.8 → 3.1.10

Bug fixes:

• Fixed invalid escape sequences. [maurits] (#3130)
• Fixed deprecation warning for DocumentTemplate.DT_Util.html_quote. [maurits] (#41)

Products.Sessions: 4.6 → 4.8

• Don't break completely when no session data container is available (#35)
• Make the product compatible with transaction version 3 (#32)

z3c.form: 3.7.0 → 3.7.1

• Fixed possible UnicodeDecodeError in setup.py on Python 3.6. Put the long description in setup.cfg, without replacing characters.
• Drop Python 3.4 support. Add 3.7 and 3.8 support.
• Fixed compatibility with changed repeat syntax. Fixes issue 94.

plone.app.relationfield: 2.0.2 → 2.0.3

Bug fixes:

• Update tests to fix updated schema cache. See https://github.com/plone/plone.dexterity/pull/137 [@avoinea] (#30)

z3c.jbot: 0.8 → 1.1.0

Products.PrintingMailHost: 1.1.4 → 1.1.5

plone.app.tiles: 3.1.3 → 3.2.0

plone.tiles: 2.2.2 → 2.3.0

New features:

• Drop Plone 4.3 support. [maurits] (#3130)

Bug fixes:

• Fixed deprecation warning for ComponentLookupError. [maurits] (#3130)

Products.Archetypes: 1.16.2 → 1.16.3

Bug fixes:

• Lifted the ceiling for the maximum date from end of 2020 to 2051. See issue 133. (#133)

Products.ATContentTypes: 3.0.3 → 3.0.4

Bug fixes:

• Drop use of test() in templates [pbauer] (#24)