Mailman 3 January 2016 - Python-announce-list

Roundup Bug-Tracker 1.5.1 released
by anatoly techtonik 11 Jan '16

11 Jan '16

I'm proud to release version 1.5.1 of Roundup which has been possible due to the help of several contributors. This release contains important security enhancements, so make sure to read `doc/upgrading.txt <http://www.roundup-tracker.org/docs/upgrading.html>`_ to bring your tracker up to date. Other changes, as usual, include some new features and many bug fixes. Features: - The example local_replace.py has been updated to show how to link to modern revision systems using hex revision identifiers. This extension is used to expand shortcuts in msgs. (Bernhard Reiter) - Drop comment in user settings about numeric hour offsets instead of using pytz timezone names. Due to DST these are wrong half of the year, it is much better to use timezone names. (Thomas Arendsen Hein) - issue2550793: Wrap messages with very long lines in the web interface. (Thomas Arendsen Hein) - New Link / Multilink option "try_id_parsing": Sometimes the key of a class can be numeric -- in that case roundup will try to parse the value as an ID when evaluating form values -- not as a key. Specifying try_id_parsing='no' for these Link/Multilink will skip the ID step, default is 'yes'. (Ralf Schlatterbeck) - New configuration option 'isolation_level' in rdbms section. Currently supported for Postgres and mysql, sets the transaction isolation level. Wrong history entries for concurrent database updates observed in issue2550806 can be prevented by setting this to 'repeatable read' if you want to pay the performance penalty. We test this behaviour in the regression tests for Postgres but not currently for mysql. See http://www.postgresql.org/docs/9.1/static/transaction-iso.html (Ralf Schlatterbeck) - /xmlrpc endpoint now shows link to XML-RPC documentation if accessed through browser, without text/xml Content-Type (anatoly techtonik) - docs: New dedicated chapter for extensions in ``doc/customizing.txt`` (anatoly techtonik) - Increase default height of classhelp windows from 400 to 600. (Thomas Arendsen Hein) - Date properties now can specify (on input) an explicit timezone suffix (similar to RFC 2822), e.g. +0200 for CEST or -0500 for EST. This also works in the XMLRPC interface. For examples see roundup.date.Date. (Ralf Schlatterbeck) - Add RejectRaw exception to allow unescaped HTML error messages to be displayed to the user (thanks Ezio Melotti for the initial patch) (John Kristensen) Fixed: - issue2550869 Duplicate mail headers (Reply-To, Message-ID, In-Reply-To) when sending out email. Reported with first fix by Mathias Behrle. (Bernhard Reiter) - issue2550830 An empty LinkHTMLProperty cannot be compared successfully. Improves the query editing page. Reported and fixed by R David Murray (Bernhard Reiter). - Fix Release-date of 1.5.0 in this file (thanks to Bernhard for discovery) (Ralf Schlatterbeck) - Pythons cgi form code can return a TypeError, we now guard for this condition. (Ralf Schlatterbeck) - Small bug-fix in SQL backends: A query (e.g. in a html menu) with a where-clause that always evaluates to false now will not raise a traceback. (Ralf Schlatterbeck) - Remove Python 2.3 compatibility code for i18n (anatoly techtonik) - If documentation 'sphinx-build' tool is not found in system PATH, 'setup.py build_doc' command now tries to detect it from PYTHONPATH (anatoly techtonik) - Read version and release for generated documentation from roundup/__init__.py. (Thomas Arendsen Hein) - Do not throw an internal error if a .mo file can not be read (Thomas Arendsen Hein) - issue2550673 Make the "Make a copy" link work by fixing copy_url to properly handle multilink properties. (John Rouillard) - issue2550583, issue2550635 Do not limit results with Xapian indexer (Thomas Arendsen Hein) - Allow using plain() on unsaved dates in HTML forms (Thomas Arendsen Hein) - setup.py now installs static files of the HTML documentation (stylesheets, images, etc.) (Thomas Arendsen Hein) - executable .py scripts need "#!/usr/bin/env python", add this to demo.py, remove exec bits from website/wiki/wiki/data/plugin/theme/roundup.py (Thomas Arendsen Hein) - issue2550822: Fix showing more than one additional property in class menu. Report and fix by James Mack (Thomas Arendsen Hein) - Fix String search with special SQL wildcard characters in LIKE/ILIKE clause and add testcase (Ralf Schlatterbeck) - Fix subtle bug when sorting by a Link that contains a Multilink from which we also search for an attribute. In that case the LEFT OUTER JOIN clause was missing in generated SQL. (Ralf Schlatterbeck) - Fix another XSS issue2550817. Note that the code that triggers that particular bug is no longer in roundup core. But the change to the templates we suggest is a *lot* safer as it by default escapes the error and ok messages now. Thanks to Thibault Fevry for the original bug-report. (Ralf Schlatterbeck) - issue2117897: Fixed two more places in date.py where seconds can be rounded to 60.0 and causing exceptions. Change them to 59.999 as was done in the fix for issue2550802. (Thomas Arendsen Hein) - Fix batch.propchanged for transitive id properties (would result in a backtrace when trying to group by property.id) (Ralf Schlatterbeck) - Fix issue2550835, the test checks for date-range queries with an interval that depends on the local time. Put the queried date a little later to avoid a race condition where the queried interval doesn't match the date because the clock has advanced. (Ralf Schlatterbeck) - Apply german translation fixes from Debian team in issue2550761, thanks to Kai Storbeck for taking the time to report these. (Ralf Schlatterbeck) - Fix issue2550843 Pass text of Unauthorised and Login exceptions instead of the exception instance to avoid traceback with string operations. (Thomas Arendsen Hein) - Fix issue2550841 roundup-demo templates not found in virtualenv (John Kristensen) - Security: Default user permissions should not include all user attributes. We now limit this to the username, realname and some further attributes depending on the schema. Note that we no longer include the email addresses, depending on your installation you may want to further restrict this or add some attributes like ``address`` and ``alternate_addresses``. (Ralf Schlatterbeck) - Correctly recreate the database directory when re-initialising a tracker instance. (John Kristensen) - In case of an error, date fields would lose the calendar help, fixed. (Ralf Schlatterbeck) - demo.py usage message improved: explains "nuke" now. (Bernhard Reiter) - Fix issue2550735 Missing doc for xmlrpc schema. Thanks to Cedric Krier for the patch. (anatoly techtonik) - Fix two line-break accidents in devel and responsive milestone.item.html (Thomas Arendsen Hein) - Fix broken images in legacy spec.html and original_overview.html, and restore web presence for "Roundup's Design Document" (anatoly techtonik) - Template jinja2: Updated URL to point to http://www.roundup-tracker.org/, fixed a typo. (Bernhard Reiter) - Security: Add mime-type whitelist for attachmens that can be safely rendered from Roundup without trigerring security bugs in browser plugins, XSS issues and spam. The option ``allow_html_file`` didn't provide protection for invalid content-type, in which case browser tried to guess the best one. Thanks to Kay Hayen for reporting and helping debug this. issue2550848 (Ralf Schlatterbeck, anatoly techtonik) - Documentation: configuration messages_to_author value "nosy" now documented in chapter "customizing". (Bernhard Reiter) - issue2550877 Failures in test_mailgw.py because of duplicated headers and more precise comparision. Writing headers with the email module will use continuation_ws = ' ' now for python 2.5 and 2.6. (Bernhard Reiter) - issue2550870 migrate use of 'rfc822' module to the 'email' module (Bernhard Reiter/John Kristensen) - Doctests for roundup.date.Date are now really executable and don't fail. Bug-Fixes in range properties, open intervals with 'to' didn't always work. (Ralf Schlatterbeck) - issue2550881 demo.py: Add pointer how to access demo from remote host. Suggested by Karl-Philipp Richter. (Bernhard Reiter) - issue2550884 roundup-mailgw --help text improved to explain the allowed parameters better. Suggested by by Karl-Philipp Richter. (Bernhard Reiter) - Fix form-parsing: If multiple new items are added to a multilink property, the old version would create the new items but only link one. (Ralf Schlatterbeck) - issue2550892 (translation error of priority in locale de) Thanks Martin Thomas Swaton for reporting. (Bernhard Reiter) - Help-Window now gets focus, this prevents the case that help doesn't work because an old help-window is below the main window. (Ralf Schlatterbeck) - issue2550811 20% fix: jinja2 template engine now has an example how to use non-ascii unicode contents with a custom filter ('| u'). See updates on http://www.roundup-tracker.org/cgi-bin/moin.cgi/Jinja2 (Bernhard Reiter) If you're upgrading from an older version of Roundup you *must* follow the "Software Upgrade" guidelines given in the maintenance documentation. Roundup requires python 2.5 or later (but not 3+) for correct operation. To give Roundup a try, just download (see below), unpack and run:: python demo.py Release info and download page: http://pypi.python.org/pypi/roundup Source and documentation is available at the website: http://roundup-tracker.org/ Mailing lists - the place to ask questions: http://sourceforge.net/mail/?group_id=31577 About Roundup ============= Roundup is a simple-to-use and -install issue-tracking system with command-line, web and e-mail interfaces. It is based on the winning design from Ka-Ping Yee in the Software Carpentry "Track" design competition. Note: Ping is not responsible for this project. The contact for this project is richard(a)users.sourceforge.net. Roundup manages a number of issues (with flexible properties such as "description", "priority", and so on) and provides the ability to: (a) submit new issues, (b) find and edit existing issues, and (c) discuss issues with other participants. The system will facilitate communication among the participants by managing discussions and notifying interested parties when issues are edited. One of the major design goals for Roundup that it be simple to get going. Roundup is therefore usable "out of the box" with any python 2.5+ (but not 3+) installation. It doesn't even need to be "installed" to be operational, though an install script is provided. It comes with two issue tracker templates (a classic bug/feature tracker and a minimal skeleton) and four database back-ends (anydbm, sqlite, mysql and postgresql).

1 0

PythonCamp 2016 - Free (German) Knowledge Exchange
by Oliver Frietsch 11 Jan '16

11 Jan '16

This is an announcement of a popular & free-to-participate, Python-focused un-conference taking place in Cologne, Germany. My apologies to all readers from other countries. ----- Liebe Python-Fans, es ist wieder soweit: Am * Freitag, den 15. Januar * öffnen wir die Online-Anmeldung für Teilnehmer des PythonCamps 2016! Die nunmehr siebte Ausgabe des PythonCamps wird erneut durch die Python User Group Köln sowie den Python Software Verband e.V. in den Räumen unseres Partners GFU Cyrus AG in Köln ausgerichtet. * PythonCamp 2016: Sa-So, 02.04.2016 - 03.04.2016 * * http://www.pythoncamp.de * Unsere zweitägige Veranstaltung richtet sich an alle, die sich für die Programmiersprache Python und deren Einsatz begeistern - sei es im Bereich Web Development, Automatisierung, Scientific Computing oder einfach nur zum Spaß. Die Themen des PythonCamps sind so vielfältig wie die Einsatzmöglichkeiten von Python selbst, denn das Programm wird - wie bei einem BarCamp üblich - ausschließlich von unseren Teilnehmern selbst gestaltet. Ihr habt einen Vortrag oder eine Demo im Angebot, möchtet eine Diskussionsrunde leiten oder mit Gleichgesinnten ein offenes Brainstorming abhalten? Alles ist möglich - bringt euren Session-Vorschlag einfach mit. Ihr seid noch keine "Vortrags-Veteranen"? Das macht nichts. In unserer familiären Atmosphäre haben schon viele Teilnehmer ihren ersten öffentlichen Vortrag gehalten - traut euch! Dank unserer Sponsoren können wir euch diese "Un-Konferenz" *kostenlos* (Hinweis: Teilnahme nur nach Voranmeldung) anbieten und sorgen dabei tagsüber auch für euer leibliches Wohl. So treffen bei uns seit Jahren Berufstätige, Studenten und auch Schüler aus den verschiedensten Tätigkeitsfeldern, Branchen und Organisationen aufeinander und bereichern sich gegenseitig. Meldet euch frühzeitig an - unsere Plätze sind begrenzt! Euer PythonCamp Orga-Team info(a)pythoncamp.de P.S.: Du kennst eine weitere Mailingliste, deren Leser unser PythonCamp ebenfalls interessieren könnte? Wir freuen uns über Anregungen!

1 0

[ANN] pyspread 1.0.1
by Martin Manns 10 Jan '16

10 Jan '16

================ pyspread 1.0.1 ================ Pyspread 1.0.1 is released. This is a bugfix release. Major changes to 1.0: * Jedi 0.9 API change fixed. * French translation added. * Translations updated. * GPG now only accepts the chosen key as valid. * When an unsaveable xlsx file is opened, a Save As dialog opens. * The default file type can now be adjusted in the .pyspreadrc file. * Undoing a merge operation now correctly restores data from the merged cells. About pyspread ============== Pyspread is a non-traditional spreadsheet application that is based on and written in the programming language Python. The goal of pyspread is to be the most pythonic spreadsheet application. Pyspread is free software. It is released under the GPL v3. Project website: https://manns.github.io/pyspread/ Download page: https://pypi.python.org/pypi/pyspread Source code: https://github.com/manns/pyspread Enjoy Martin

1 0

[ANN] PyInstaller 3.1
by Hartmut Goebel 09 Jan '16

09 Jan '16

Hello, on behalf of the PyInstaller development team I'm happy to announce PyInstaller 3.1 http://www.pyinstaller.org Thanks for all those who contributed questions, bug-reports or pull-requests. === What it is === PyInstaller bundles a Python application and all its dependencies into a single package. The user can run the packaged app without installing a Python interpreter or any modules. PyInstaller reads a Python script written by you. It analyzes your code to discover every other module and library your script needs in order to execute. Then it collects copies of all those files – including the active Python interpreter! – and puts them with your script in a single folder, or optionally in a single executable file. PyInstaller is tested against Windows, Mac OS X, and Linux. However, it is not a cross-compiler: to make a Windows app you run PyInstaller in Windows; to make a Linux app you run it in Linux, etc. PyInstaller has been used successfully with AIX, Solaris, and FreeBSD, but is not tested against them. === Installation === PyInstaller can be installed from PyPi using pip install pyiinstaller === Changes === * Support reproducible builds (#490 <https://github.com/pyinstaller/pyinstaller/issues/490>, #1434 <https://github.com/pyinstaller/pyinstaller/issues/1434>, #1582 <https://github.com/pyinstaller/pyinstaller/issues/1582>, #1590 <https://github.com/pyinstaller/pyinstaller/pull/1590>). * Strip leading parts of paths in compiled code objects (#1059 <https://github.com/pyinstaller/pyinstaller/issues/1059>, #1302 <https://github.com/pyinstaller/pyinstaller/pull/1302>, #1724 <https://github.com/pyinstaller/pyinstaller/issues/1724>). * With |--log-level=DEBUG|, a dependency graph-file is emitted in the build-directory. * Allow running pyinstaller as user |root|. By popular demand, see e.g. #1564 <https://github.com/pyinstaller/pyinstaller/issues/1564>, #1459 <https://github.com/pyinstaller/pyinstaller/issues/1459>, #1081 <https://github.com/pyinstaller/pyinstaller/issues/1081>. * New Hooks: botocore, boto3, distorm3, GObject, GI (G Introspection), GStreamer, GEvent, kivy, lxml.isoschematron, pubsub.core, PyQt5.QtMultimedia, scipy.linalg, shelve. * Fixed or Updated Hooks: astroid, django, jsonschema logilab, PyQt4, PyQt5, skimage, sklearn. * Fix crashes when looking for ctypes DLLs (#1608 <https://github.com/pyinstaller/pyinstaller/issues/1608>, #1609 <https://github.com/pyinstaller/pyinstaller/issues/1609>, #1620 <https://github.com/pyinstaller/pyinstaller/issues/1620>). * Fix: Imports in byte-code not found if code contains a function (#1581 <https://github.com/pyinstaller/pyinstaller/issues/1581>). * Fix recursion into bytes-code when scanning for ctypes (#1620 <https://github.com/pyinstaller/pyinstaller/issues/1620>). * Fix PyCrypto modules to work with crypto feature (|--key| option) (#1663 <https://github.com/pyinstaller/pyinstaller/issues/1663>). * Fix problems with |excludedimports| in some hook excluding the named modules even if used elswhere (#1584 <https://github.com/pyinstaller/pyinstaller/issues/1584>, #1600 <https://github.com/pyinstaller/pyinstaller/issues/1600>). * Fix freezing of pip 7.1.2 (#1699 <https://github.com/pyinstaller/pyinstaller/issues/1699>). * FreeBSD and Solaris fixes. * Improvements to the test-suite, testing infrastructure and continuous integration. *Known Issues* * Apps built with Windows 10 and Python 3.5 may not run on Windows versions earlier than 10 (#1566 <https://github.com/pyinstaller/pyinstaller/issues/1566>). * The multipackage (MERGE) feature (#1527 <https://github.com/pyinstaller/pyinstaller/issues/1527>) is currently broken. * (OSX) Support for OpenDocument events (#1309 <https://github.com/pyinstaller/pyinstaller/issues/1309>) is broken. The full changelog for this release can be found at: https://pypi.python.org/pypi/PyInstaller/3.1 === Feedback === We're eager to listen to your feedback on using PyInstaller: Bug tracker: https://github.com/pyinstaller/pyinstaller/issues Mailing list: http://groups.google.com/group/PyInstaller Regards Hartmut Goebel -- Dipl.-Informatiker (univ), CISSP, CSSLP Information Security Management, Security Governance, Secure Software Development Goebel Consult, Landshut http://www.goebel-consult.de Blog: http://www.goebel-consult.de/blog/filmgesprach-zu-201ecitizenfour201c-in-he… Kolumne: http://www.cissp-gefluester.de/2010-11-it-sicherheit-im-unternehmen-eine-in…

1 0

PyCA cryptography 1.2.1 released
by Paul Kehrer 08 Jan '16

08 Jan '16

If one birthday release is good, two is surely better? To test that theory PyCA cryptography 1.2.1 has been released. This version, in addition to all the changes outlined in the 1.2 release, contains a fix for an issue that caused pyOpenSSL to raise an exception in many situations (https://cryptography.io/en/latest/changelog/). -Paul Kehrer (reaperhulk)

1 0

PyCA/cryptography 1.2 released
by Paul Kehrer 08 Jan '16

08 Jan '16

On behalf of all our contributors I am pleased to announce the release of PyCA/cryptography (https://github.com/pyca/cryptography) version 1.2. cryptography is a package which provides cryptographic recipes and primitives to Python developers. Our goal is for it to be your "cryptographic standard library". We support Python 2.6-2.7, Python 3.3+, and PyPy. Changelog (https://cryptography.io/en/latest/changelog/): * BACKWARDS INCOMPATIBLE: RevokedCertificate extensions now uses extension classes rather than returning raw values inside the Extension value. * Deprecated support for OpenSSL 0.9.8 and 1.0.0. At this time there is no time table for actually dropping support, however we strongly encourage all users to upgrade as those versions no longer receive support from the OpenSSL project. * The Certificate class now has signature and tbs_certificate_bytes attributes. * The CertificateSigningRequest class now has signature and tbs_certrequest_bytes attributes. * The CertificateRevocationList class now has signature and tbs_certlist_bytes attributes. * NameConstraints are now supported in the CertificateBuilder and CertificateSigningRequestBuilder. * Support serialization of certificate revocation lists using the public_bytes() method of CertificateRevocationList. * Add support for parsing CertificateRevocationList extensions() in the OpenSSL backend. * Added CertificateRevocationListBuilder and RevokedCertificateBuilder to allow creation of CRLs. * Unrecognized non-critical X.509 extensions are now parsed into an UnrecognizedExtension object. ...and various other improvements. Please see the website changelog for documentation and additional details. -Paul Kehrer (reaperhulk)

1 0

Pythran 0.7.4 is out!
by serge guelton 08 Jan '16

08 Jan '16

(sorry for the double posting, if any) Dear pythraners and pythonists, The pythran team (a great total of 2 active developers) is delighted to announce the release of Pythran 0.7.4, available on the traditional channels: - pypi: https://pypi.python.org/pypi/pythran - conda: https://anaconda.org/serge-sans-paille/pythran - github: https://github.com/serge-sans-paille/pythran As usual, here is a (new) code sample, once again adapted from a stackoverflow question[0] that showcases pythran capability: #pythran export check_mask(bool[][], bool[]) # ^~~~~~~ non intrusive top-level annotation import numpy as np # ^~~~~~ numpy support (partial) def check_mask(db, out, mask=[1, 0, 1]): for idx, line in enumerate(db): target, vector = line[0], line[1:] # ^~~~~ type destructuring, array view if (mask == np.bitwise_and(mask, vector)).all(): # ^~~~~~~ optimization of high level construct if target == 1: out[idx] = 1 return out Compiled with: % pythran check_mask.py And benchmarked with: % python -m timeit -s 'n=10e3 ; import numpy as np;db = np.array(np.random.randint(2, size=(n, 4)), dtype=bool); out = np.zeros(int(n),dtype=bool); from eq import check_mask' 'check_mask(db, out)' On average, the CPython version runs in 137 msec while the pythran version run in 450us on my laptop :-) Here is an extract of the changelog: 2016-01-05 Serge Guelton <serge.guelton(a)telecom-bretagne.eu> * IPython's magic for pythran now supports extra compile flags * Pythran's C++ output is compatible with Python3 and pythran3 can compile it! * More syntax checks (and less template traceback) * Improved UI (multiline pythran exports, better setup.py...) * Pythonic leaning / bugfixing (this tends to be a permanent item) * More generic support for numpy's dtype * Simpler install (no more boost.python deps, nor nt2 configuration) * Faster compilation (no more boost.python deps, smarter pass manager) * Better testing (gcc + clang) Again, thanks a lot to Pierrick for his continuous top-quality work, and to the OpenDreamKit[1] project that funded (most of) the recent developments! Special thanks to @hainm, @nbecker, @pkoch, @fsteinmetz, @Suor for their feedbacks. *You* give us the motivation to go on! [0] http://stackoverflow.com/questions/34500913/numba-slower-for-numpy-bitwise-… [1] http://opendreamkit.org/

2 1

ANN: Bokeh 0.11 released
by Bryan Van de Ven 06 Jan '16

06 Jan '16

Hi all, On behalf of the Bokeh team, I am excited to announce the release of version 0.11 of Bokeh. Bokeh Version 0.11 is a large release with *many* new improvements. The major focus of this release was to introduce a new Bokeh server, based on Tornado and websockets that is more stable, has higher performance, and simpler to use and deploy. You can already see a small sample of hosted Bokeh application examples at a new site located here: http://demo.bokehplots.com We will be adding many new examples here over the coming weeks. There is so much exciting in this release, that we will need a few blog posts to talk about everything. Keep an eye on our Twitter @BokehPlots or the mailing list for upcoming blog announcements. Some of the highlights from this release are: * New Bokeh Server based on Tornado and websockets - highly expanded documentation, with examples and guidance for usage * User-Defined Models allowing anyone to extend Bokeh * Significant GIS features and improvements - Support for Stamen, OpenStreetMap, and other tile sources - GeoJSON data source - Patches with holes * WebGL support for rendering lines * Python -> JS compilation for CustomJS callbacks (Py3 only for now) * New general push_notebook() based on Jupyter comms * Updates to charts, charts examples, and charts docs * UX improvements - configurable and "auto" range bounds - wheel zoom scroll capture turned off by default - easily set visual styling for highlighting hovered points - responsive improvements, maintain plot aspect and auto-resize Nearly 400 issues and PRs were closed for the release! See the CHANGELOG for full details, and the release notes for known issues and any migration notes. The next big feature we plan is to dramatically improve our layout options using PhosporJS, which is also the foundation of the new Jupyter Workbench project. We also plan to have several, more frequent point releases with smaller incremental improvements and fixes. I'd also like to take the opportunity to thank all the Bokeh contributors, and especially new people who have helped greatly with this release: Havoc Pennington, Greg Nordin, and Christian Tremblay. If you are using Anaconda/miniconda, you can install it with conda: conda install bokeh Alternatively, you can also install it with pip: pip install bokeh Issues, enhancement requests, and pull requests can be made on the Bokeh Github page: https://github.com/bokeh/bokeh Full documentation is available at http://bokeh.pydata.org/en/0.11.0 Questions can be directed to the Bokeh mailing list: bokeh(a)continuum.io Thanks, The Bokeh Team

1 0