pytest 5.2.2 has just been released to PyPI.
This is a bug-fix release, being a drop-in replacement. To upgrade::
pip install --upgrade pytest
The full changelog is available at
https://docs.pytest.org/en/latest/changelog.html.
Thanks to all who contributed to this release, among them:
* Albert Tugushev
* Andrzej Klajnert
* Anthony Sottile
* Bruno Oliveira
* Daniel Hahler
* Florian Bruhin
* Nattaphoom Chaipreecha
* Oliver Bestwalter
* Philipp Loose
* Ran Benita
* Victor Maryama
* Yoav Caspi
Happy testing,
The pytest Development Team
I'm proud to release version 2.0.0alpha0 of the Roundup issue tracker
which has been possible due to the help of several contributors. This
release contains some major changes, so make sure to read
`docs/upgrading.txt
<http://www.roundup-tracker.org/dev-docs/upgrading.html>`_ to bring
your tracker up to date. The changes, as usual, include some new
features and many bug fixes.
You can download it with:
pip download roundup==2.0.0alpha0
then unpack and test/install the tarball.
Among the notable improvements are:
Roundup is multilingual and will run under either Python 3 or
Python 2. If you want to use Python 3, you *must read* the Python 3
Support section in the upgrading doc. Depending on the database
backend you may have to export/import the tracker. Also you will
need to make sure your tracker's Python code is Python 3
compliant. Thanks to Joseph Myers with help from Christof Meerwald.
Roundup has a rest API to go along with the existing xmlrpc
API. See doc/rest.txt for details on configuring, authorizing
access (per role) and making a request. Thanks to Ralf
Schlatterbeck who integrated and updated Chau Nguyen's GSOC code.
PGP encryption is now done using the gpg module and not the
obsolete pyme library. Thanks to Christof Meerwald.
Use of mod_python is deprecated. Apache mod_wsgi documentation
has been updated along with gunicorn and uwsgi and is the
preferred mechanism.
The file CHANGES.txt has a detailed list of feature additions and bug
fixes. The most recent changes from there are at the end of this
announcement. Also see the information in doc/upgrading.txt.
How You Can Help
================
We are looking for one or two front end developers to kick the tires
on the rest interface. The rest interface is available by running
demo.py as described below. If you are interested in helping please
contact "rouilj+rit at ieee.org".
The Zope deployment mode has not had any testing under Python 3. We
are looking for community involvement to help get this deployment
mode validated. It may also have issues under Python 2. If you are
interested in helping with this please see:
https://issues.roundup-tracker.org/issue2141835
Email input using POP and IMAP modes need testing under Python 3
and Python 2.
We have new documentation for deploying with apache and mod_wsgi. It
needs testing and enhancement.
There are other documentation issues at:
https://issues.roundup-tracker.org/issue?@columns=title,id,activity,status&…
If you find bugs, please report them to issues AT roundup-tracker.org
or create an account at https://issues.roundup-tracker.org and open a
new ticket. If you have patches to fix the issues they can be attached
to the email or uploaded to the tracker.
Upgrading
=========
If you're upgrading from an older version of Roundup you *must* follow
all the "Software Upgrade" guidelines given in the doc/upgrading.txt
documentation.
Roundup requires Python 2 newer than version 2.7.2 or Python 3 newer
than or equal to version 3.4 for correct operation.
The wsgi, server and cgi web deployment modes are the ones with the
most testing.
To give Roundup a try, just download (see below), unpack and run::
python demo.py
Release info and download page:
https://pypi.org/project/roundup
Source and documentation is available at the website:
http://roundup-tracker.org/
Mailing lists - the place to ask questions:
https://sourceforge.net/p/roundup/mailman/
About Roundup
=============
Roundup is a simple-to-use and install issue-tracking system with
command-line, web and e-mail interfaces. It is based on the winning design
from Ka-Ping Yee in the Software Carpentry "Track" design competition.
Note: Ping is not responsible for this project. The contact for this
project is richard(a)users.sourceforge.net.
Roundup manages a number of issues (with flexible properties such as
"description", "priority", and so on) and provides the ability to:
(a) submit new issues,
(b) find and edit existing issues, and
(c) discuss issues with other participants.
The system facilitates communication among the participants by managing
discussions and notifying interested parties when issues are edited. One of
the major design goals for Roundup that it be simple to get going. Roundup
is therefore usable "out of the box" with any Python 2.7.2+ (or 3.4+)
installation. It doesn't even need to be "installed" to be operational,
though an install script is provided.
It comes with five issue tracker templates
* a classic bug/feature tracker
* a more extensive devel tracker for bug/features etc.
* a responsive version of the devel tracker
* a jinja2 version of the devel template (work in progress)
* a minimal skeleton
and supports four database back-ends (anydbm, sqlite, mysql and postgresql).
Recent Changes
==============
Features:
- issue2550901: add search page to jinja2 template (Christof Meerwald)
- issue2550982: use PBKDF2 in Python's hashlib, if available (Python
2.7.8+), to improve performance over bundled pure Python
version. Note that acceleration via m2crypto is no longer supported
(Christof Meerwald)
- issue2550989: PGP encryption is now done using the gpg module
instead of pyme. (Christof Meerwald)
- issue2550987: Use updated MySQL client module that supports Python
3. (Christof Meerwald)
- issue2550967: the jinja2 loader has been extended to look for .xml
files as well as .html files similar to the TAL loader. (Christof
Meerwald)
- Support for Python 3 (3.4 and later). See doc/upgrading.txt for
details of what is required to move an existing tracker from Python
2 to Python 3 (Joseph Myers, Christof Meerwald)
- Merge the Google Summer of Code Project of 2015, the implementation of
a REST-API for Roundup. This was implemented by Chau Nguyen under the
supervision of Ezio Melotti. Some additions were made, most notably we
never destroy an object in the database but retire them with the
DELETE method. We also don't allow to DELETE a whole class. Python3
support was also fixed and we have cherry-picked two patches from the
bugs.python.org branch in the files affected by the REST-API changes.
- Patch to client.py and roundup-server needed by REST-API
code. Support OPTIONS verb and prevent hangs when processing a verb
other than GET that doesn't have a payload. E.G. DELETE, PATCH or
OPTIONS. Verbs like PUT and POST usually have payloads, so this
patch doesn't touch processing of these methods. (John Rouillard)
- Patches to new rest code:
- Generated links in responses should use the base url specified
in config.ini.
- allow user (e.g. in browser) to override response type/Accept
header using extension in url. E.G. .../issues.json. This fixes
the existing code so it works.
- fix SECURITY issue. Retrieving the item of a class
(e.g. /rest/data/user/2) would display properties the user wasn't
allowed to access. Note that unlike the web interface, passwords
and roles for users are still retreivable if the user has access
rights to the properties.
- ETags are sent by GET operations and required for DELETE, PUT and
PATCH operations. ETag can be supplied by HTTP header or in the
payload by adding the field @etag to the form with the value of
the etag.
- If dict2xml.py is installed, the rest interface can produce an XML
format response if the accept header is set to text/xml.
(See: https://pypi.org/project/dict2xml/)
- When retrieving collection move list of collection elements to
collection property. Add @links property with self, next and prev
links (where needed). Add @total_size with size of entire
collection (unpaginated). Pagination index starts at 1 not 0.
- accept content-type application/json payload for PUT, PATCH, POST
requests in addition to application/x-www-form-urlencoded.
(John Rouillard)
- issue2550833: the export_csv web action now returns labels/names
rather than id's. Replace calls to export_csv with the export_csv_id
action to return the same data as the old export_csv action. (Tom
Ekberg (tekberg), Andreas (anrounham14) edited/applied and tests
created by John Rouillard)
- issue2551018: Add new note_filter parameter to nosymessage. The
function supplied by this parameter can rewrite the body of the
nosymessage before it gets sent. See issue:
https://issues.roundup-tracker.org/issue2551018 for example
nosyreaction and generated email. (Tom Ekberg (tekberg))
- issue2550949: Rate limit password guesses/login attempts. Rate
limit mechanism added for web page logins. Default is 3 login
attempts/minute for a user. After which one login attempt every 20
seconds can be done. (John Rouillard)
- issue2551043: Add X-Roundup-issue-id email header. Add a new header
to make it easier to filter notification emails without having to
parse the subject line. (John Rouillard)
- The database filter method now can also do an exact string search.
- The database filter method now has limit and offset parameters that
map to the corresponding parameters of SQL.
- issue2551061: Add rudimentary experimental support for JSON Web
Tokens (jwt) to allow delegation of limited access rights to third
parties. See doc/rest.txt for details and intent. (John Rouillard)
- issue2551058: Add new permissions: 'Rest Access' and 'Xmlrpc Access'
to allow per-user access control to rest and xmlrpc interfaces using
roles. (John Rouillard)
- issue2551059: added new values for tx_Source to indicate when /rest
or /xmlrpc endpoint is being used rather than the normal web
endpoints. (John Rouillard)
- issue2551062: roundup-admin security now validates all properties in
permissions. It reports invalid properties. (John Rouillard)
- issue2551065: Reorder html entities generated by submit button so that
styles can be applied. Thanks to Garth Jensen for the patch against
release 1.6 that was ported to upcoming 2.0 release (Ralf
Schlatterbeck).
Fixed:
- issue2550811: work around Unicode encoding issues in jinja2 template
by explicitly converting data to Unicode; also fixed pagination and
selecting columns to display in the issues list (Christof Meerwald)
- issue2550988: fixed fallback to pseudo random number generator in
case SystemRandom isn't available, prefer use of secrets module if
available (Python 3.6+) (Christof Meerwald)
- issue2550993: fixed edit CSV action to update restored items to the
new value instead of restoring with the previous value (Christof
Meerwald)
- issue2550994: avoid breakage caused by use of backports of Python 3
configparser module to Python 2. (Joseph Myers)
- Make non-existent items in history not cause a traceback (Ralf
Schlatterbeck)
- issue2550722: avoid errors from selecting "no selection" on
multilink. (Joseph Myers)
- issue2550992: avoid errors from invalid Authorization
headers. (Joseph Myers)
- issue2551022: support non-ASCII prefixes in instance config for
finding static files. (Cédric Krier)
- issue2551023: Fix CSRF headers for use with wsgi and cgi. The
env variable array used - separators rather than _. Compare:
HTTP_X-REQUESTED-WITH to HTTP_X_REQUESTED_WITH. The last is
correct. Also fix roundup-server to produce the latter form. (Patch
by Cédric Krier, reviewed/applied John Rouillard.)
- issue2551035 - fix XSS issue in wsgi and cgi when handing url not
found/404. Reported by hannob at
https://github.com/python/bugs.python.org/issues/34, issue opened by
JulienPalard.
- issue2551026: template variable not defined even though it is.
Fix issue where variables defined in TAL expression are not
available in the scope of the definition. (Tom Ekberg (tekberg))
- Make all links created with rel=nofollow include noopener. Deals
with possible hijack of original page due to malicious link target.
https://mathiasbynens.github.io/rel-noopener/ (John Rouillard)
- Fix bug where some protected properties were not identified as such
when using the anydbm backend (John Rouillard)
- issue2551041 - change permission check from "Create User" to "Register
User" in page.html for the responsive and devel templates. (reporter
Cédric Krier, John Rouillard)
- issue2550144 - fix use of undefined icing macro in devel
template. Replace with frame macro. (Cédric Krier)
- handle UnicodeDecodeError in file class when file contents are
not text (e.g. jpg). (John Rouillard)
- issue2551033: prevent reverse engineering hidden data by using etags
as an oracle to identify when the right data has been
guessed. (Joseph Myers, John Rouillard)
- issue2551029: Jinja2 template install error. Update configuration
code to make sure valid backend database is set. Remove config.ini
from templates to make sure that roundup-admin install writes a new
default config.ini based on configuration.py.
- issue2551040: New release of psycopg2 drops support for psycopg1 -
need to rewrite. Now uses psycopg2 throughout. (John Rouillard)
- issue2551009: Flint not supported error during reindex. Upgrading
doc updates to discuss this when reindexing. (Reported by Gabi,
Change by John Rouillard)
- issue2551030: Roundup fails to start if pytz to access Olson
timezone database not installed. (John Rouillard)
- issue2551029: Jinja2 template install error. Handle issue with
template's config.ini not getting updated. Provide an alternate
file: config_ini.ini for required config settings that are merged
into the default values producing an up to date config.ini on
install.
- issue2551008: fix incorrect encoding handling in mailgw.py
(Ezio Melotti, John Rouillard)
- issue2551053: the routing dictionary in rest.py used compiled regular
expressions as dictionary keys. This worked most of the time because
the regex lib uses a cache but resulted in duplicate keys in the
dictionary in some cases where a single key should have been used.
Thanks to Robert Klonner for discovering the problem, debugging the
root cause and providing a first proposed fix.
- Make searching with a multiselect work for Link/Multilink properties
that may contain numeric *key* values. For these a menu would render
options with IDs and later look up the IDs as *key* of the
Link/Multilink. Now numeric IDs take precedence -- like they already
do in the menu method of Link and Multilink.
- issue2551013: Reversed sorting in hyperdb property wrapper object's
sorted() method. Patch by David Sowder, application and doc change
by John Rouillard.
- issue2550821 - patches for depricated mod_python apache.py interface
(John Rouillard)
- issue2551005 - deprecation of mod_python (John Rouillard)
- issue2551066: IMAP mail handling wasn't working and produced a
traceback.
- issue2550925 if deployed as CGI and client sends an http PROXY
header, the tainted HTTP_PROXY environment variable is created. It
can affect calls using requests package or curl. A roundup admin
would have to write detectors/extensions that use these mechanisms.
Not exploitable in default config. (John Rouillard)
- Add config option to keep/delete previous logging config. Needed to
make gunicorn --access-logfile work as it uses python logfile module
too.
--
-- rouilj
John Rouillard
===========================================================================
My employers don't acknowledge my existence much less my opinions.
I am delighted to announce the release 1.0.0 of Austin. If you haven't
heard of Austin before, it is a frame stack sampler for CPython. It can
be used to obtain statistical profiling data out of a running Python
application without a single line of instrumentation. This means that you
can start profiling a Python application straightaway, even while it's
running on a production environment, with minimal impact on performance.
The simplest way of using Austin is by piping its output to FlameGraph
for a quick and detailed representation of the collected samples. The
latest release introduces a memory profiling mode which allows you to
profile memory usage.
Austin is a pure C application that has no other dependencies other than
the C standard library. Its source code is hosted on GitHub at
https://github.com/P403n1x87/austin
The README contains installation and usage details, as well as some
examples of Austin in action. Details on how to contribute to Austin's
development can be found at the bottom of the page.
All the best,
Gabriele
What's New
==========
- Added support for multi-process Python applications.
- Added support for Python 3.8.
Bugfixes
========
- Fixed support for WSL on Windows.
Greetings,
I'm wealful to announce the immediate availability of Python 2.7.17, another bugfix release in the Python 2.7 series. Downloads are on python.org:
https://www.python.org/downloads/release/python-2717/
No code changes occurred between the 2.7.17 release candidate and the final release, but there were some documentation changes. See the 2.7.17rc1 changelog for changes between 2.7.16 and 2.7.17:
https://raw.githubusercontent.com/python/cpython/c2f86d86e6c8f5fd1ef602128b…
PEP 373, the Python 2.7 releases schedule, designates 2.7.17 as the penultimate Python 2.7 release. So, be aware that the upstream demise of Python 2 is not far away.
For the time being, bugs may be reported to https://bugs.python.org.
See you soon for The End,
Benjamin
Hi All,
On behalf of the NumPy team I am pleased to announce that NumPy 1.17.3 has
been released. This is a bugfix release. The Python versions supported in
this release are 3.5-3.8.
Downstream developers should use Cython >= 0.29.13 for Python 3.8 support
and OpenBLAS >= 3.7 to avoid wrong results on the Skylake architecture. The
NumP Wheels for this release can be downloaded from PyPI
<https://pypi.org/project/numpy/1.17.3/>, source archives and release notes
are available from Github
<https://github.com/numpy/numpy/releases/tag/v1.17.3>.
*Highlights*
- Wheels for Python 3.8
- Boolean matmul fixed to use booleans instead of integers.
*Compatibility notes*
- The seldom used PyArray_DescrCheck macro has been changed/fixed.
*Contributors*
A total of 7 people contributed to this release. People with a "+" by their
names contributed a patch for the first time.
- Allan Haldane
- Charles Harris
- Kevin Sheppard
- Matti Picus
- Ralf Gommers
- Sebastian Berg
- Warren Weckesser
*Pull requests merged*
A total of 12 pull requests were merged for this release.
- gh-14456: MAINT: clean up pocketfft modules inside numpy.fft namespace.
- gh-14463: BUG: random.hypergeometic assumes npy_long is npy_int64,
hung...
- gh-14502: BUG: random: Revert gh-14458 and refix gh-14557.
- gh-14504: BUG: add a specialized loop for boolean matmul.
- gh-14506: MAINT: Update pytest version for Python 3.8
- gh-14512: DOC: random: fix doc linking, was referencing private
submodules.
- gh-14513: BUG,MAINT: Some fixes and minor cleanup based on clang
analysis
- gh-14515: BUG: Fix randint when range is 2**32
- gh-14519: MAINT: remove the entropy c-extension module
- gh-14563: DOC: remove note about Pocketfft license file (non-existing
here).
- gh-14578: BUG: random: Create a legacy implementation of
random.binomial.
- gh-14687: BUG: properly define PyArray_DescrCheck
Cheers,
Charles Harris
PyCA cryptography 2.8 has been released to PyPI. cryptography includes both
high level recipes and low level interfaces to common cryptographic
algorithms such as symmetric ciphers, asymmetric algorithms, message
digests, X509, key derivation functions, and much more. We support Python
2.7, Python 3.4+, and PyPy.
Changelog (https://cryptography.io/en/latest/changelog/#v2-8):
* Updated Windows, macOS, and manylinux1 wheels to be compiled with OpenSSL
1.1.1d.
* Added support for Python 3.8.
* Added class methods Poly1305.generate_tag and Poly1305.verify_tag for
Poly1305 sign and verify operations.
* Deprecated support for OpenSSL 1.0.1. Support will be removed in
cryptography 2.9.
* We now ship manylinux2010 wheels in addition to our manylinux1 wheels.
* Added support for ed25519 and ed448 keys in the CertificateBuilder,
CertificateSigningRequestBuilder, CertificateRevocationListBuilder and
OCSPResponseBuilder.
* cryptography no longer depends on asn1crypto.
* FreshestCRL is now allowed as a CertificateRevocationList extension.
-Paul Kehrer (reaperhulk)
Python 3.7.5 is now available, the next maintenance release of Python 3.7. You can find the release files, a link to the changelog, and more information here:
https://www.python.org/downloads/release/python-375/
Note that the next feature release of Python 3, Python 3.8.0, is also now available. Python 3.8 contains many new features and optimizations. You should consider upgrading to it. We plan to continue regular bugfix releases of Python 3.7.x through mid-year 2020 and provide security fixes for it until mid-year 2023. More details are available in PEP 537, the Python 3.7 Release Schedule (https://www.python.org/dev/peps/pep-0537/).
Thanks to all of the many volunteers who help make Python Development and these releases possible! Please consider supporting our efforts by volunteering yourself or through organization contributions to the Python Software Foundation.
--
Ned Deily
nad(a)python.org -- []
Dear Listers,
As per requirements, we are pleased to announce the existence of the Python
language community in Tanzania.
Please find below some information and the current developments.
*User Group Details;*
Name: Python Community Tanzania
Mailing list: https://mail.python.org/mailman3/lists/tanzania.python.org/
Under Other: Africa
First Local Meetings Held: Yes
*Meetings and Events;*
Name: PyCon Tanzania
Website: pycon.or.tz
Github: https://github.com/pycontanzania
Under Other: Africa
Organizing Members: 5 - 10
Goal and motivation: To build and sustain while bringing together and
growing the Python language users and community in Tanzania through Python
related meetups, workshops and annual events.
FWIW, Tanzania is a peaceful nation formed out of the political union
between (Tanganyika and Zanzibar ) in the East African Region. The land of
the Serengeti Game Park and the tallest mountain in Africa, the Kilimanjaro.
For more about Tanzania [1] http://www.tanzania.go.tz/home/pages/68
Cheers,
Noah
Community Moderator
https://twitter.com/PyconTanzania
Trac 1.0.19, the latest maintenance release for the older stable branch,
is available.
You will find this release at the usual places:
https://trac.edgewall.org/wiki/TracDownload#PreviousStableRelease
You can find the detailed release notes for 1.0.19 on the following
pages:
https://trac.edgewall.org/wiki/1.0/TracChangeLoghttps://trac.edgewall.org/wiki/TracDev/ReleaseNotes/1.0#MaintenanceReleases
Now to the packages themselves:
URLs:
https://download.edgewall.org/trac/Trac-1.0.19.tar.gzhttps://download.edgewall.org/trac/Trac-1.0.19-py2-none-any.whlhttps://download.edgewall.org/trac/Trac-1.0.19.win32.exehttps://download.edgewall.org/trac/Trac-1.0.19.win-amd64.exe
MD5 sums:
a2f7d22657ef09df6a7117c8b7474d69 Trac-1.0.19.tar.gz
13d2e3885c46445ac2044aecf489d3c7 Trac-1.0.19-py2-none-any.whl
20422a1f977dd0c4b799383cab52d0f7 Trac-1.0.19.win32.exe
0d61b5612ada6fc6bcce4db1f88007bf Trac-1.0.19.win-amd64.exe
SHA256 sums:
026cf713f9e20af9b487e2f8915399a061694e340f7ea4492552ac7c2f48ed13 Trac-1.0.19.tar.gz
badbc390a2c77a767ed0ceda3235760762ec7e7fdde56d149332b0af273560ef Trac-1.0.19-py2-none-any.whl
e65b59ff1010122a71ffc972786cdf9f9c09d93f9d7fa9c5350fff951e28e701 Trac-1.0.19.win32.exe
7e5e7815ef4b4cf39a1da779dbb185d125f158f871def909237fe6c6e75652f2 Trac-1.0.19.win-amd64.exe
Acknowledgements
================
Many thanks to the growing number of people who have, and continue to,
support the project. Also our thanks to all people providing feedback
and bug reports that helps us make Trac better, easier to use and
more effective. Without your invaluable help, Trac would not evolve.
Thank you all.
Finally, we hope that Trac will be useful to like-minded programmers
around the world, and that this release will be an improvement over
the last version.
Please let us know.
/The Trac Team https://trac.edgewall.org/
On behalf of the Python development community and the Python 3.8 release team, I’m pleased to announce the availability of Python 3.8.0.
Python 3.8.0 is the newest feature release of the Python language, and it contains many new features and optimizations. You can find Python 3.8.0 here:
https://www.python.org/downloads/release/python-380/ <https://www.python.org/downloads/release/python-380/>
Most third-party distributors of Python should be making 3.8.0 packages available soon.
See the “What’s New in Python 3.8 <https://docs.python.org/3.8/whatsnew/3.8.html>” document for more information about features included in the 3.8 series. Detailed information about all changes made in 3.8.0 can be found in its change log.
Maintenance releases for the 3.8 series will follow at regular bi-monthly intervals starting in December of 2019.
We hope you enjoy Python 3.8!
Thanks to all of the many volunteers who help make Python Development and these releases possible! Please consider supporting our efforts by volunteering yourself or through organization contributions to the Python Software Foundation.
https://www.python.org/psf/ <https://www.python.org/psf/>
- Ł