Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Initial Update #25

Merged
merged 44 commits into from
Nov 1, 2016
Merged

Initial Update #25

merged 44 commits into from
Nov 1, 2016

Conversation

pyup-bot
Copy link
Contributor

This is my first visit to this fine repo so I have bundled all updates in a single pull request to make things easier for you to merge.

Close this pull request and delete the branch if you want me to start with single pull requests right away

Here's the executive summary:

Updates

Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.

Flask-WTF 0.10.3 » 0.13.1 PyPi | Changelog | Repo | Docs
Flask-Babel 0.9 » 0.11.1 PyPi | Repo | Docs
passlib 1.6.2 » 1.6.5 PyPi | Changelog | Repo | Docs
WTForms 1.0.5 » 2.1 PyPi | Changelog | Homepage | Docs
mongoengine 0.8.7 » 0.10.6 PyPi | Changelog | Homepage
pyasn1-modules 0.0.5 » 0.0.8 PyPi | Homepage
blinker 1.3 » 1.4 PyPi | Changelog | Homepage | Docs
ndg-httpsclient 0.4.2 » 0.4.2 PyPi | Repo | Docs
ndg-httpsclient 0.4.2 » 0.4.2 PyPi | Repo | Docs
Flask-Security 1.7.4 » 1.7.5 PyPi | Changelog | Repo | Docs
uritemplate 0.6 » 3.0.0 PyPi | Changelog | Docs
oauthlib 0.7.2 » 2.0.0 PyPi | Changelog | Repo
Flask-Admin 1.0.9 » 1.4.2 PyPi | Repo | Docs
Werkzeug 0.9.6 » 0.11.11 PyPi | Homepage
requests 2.5.1 » 2.11.1 PyPi | Changelog | Homepage
python-twitter 2.2 » 3.1 PyPi | Repo
google-api-python-client 1.3.1 » 1.5.4 PyPi | Changelog | Repo
Jinja2 2.7.3 » 2.8 PyPi | Changelog | Homepage
httplib2 0.9 » 0.9.2 PyPi | Changelog | Repo
pymongo 2.7.2 » 3.3.0 PyPi | Changelog | Repo
six 1.9.0 » 1.10.0 PyPi | Changelog | Homepage | Docs
Flask-BabelEx 0.9.2 » 0.9.3 PyPi | Repo | Docs
requests-oauthlib 0.4.2 » 0.7.0 PyPi | Changelog | Repo
rsa 3.1.4 » 3.4.2 PyPi | Changelog | Homepage
python-twitter 3.1 » 3.1 PyPi | Repo
python-twitter 3.1 » 3.1 PyPi | Repo
Flask-Login 0.2.11 » 0.3.2 PyPi | Changelog | Repo | Docs
Flask-Script 2.0.5 » 2.0.5 PyPi | Changelog | Repo | Docs
Flask-Script 2.0.5 » 2.0.5 PyPi | Changelog | Repo | Docs
facebook-sdk 0.4.0 » 2.0.0 PyPi | Changelog | Repo
PyOpenSSL 16.2.0 » 16.2.0 PyPi | Docs
PyOpenSSL 16.2.0 » 16.2.0 PyPi | Docs
oauth2client 1.4.5 » 4.0.0 PyPi | Changelog | Repo
Flask-SQLAlchemy 2.1 » 2.1 PyPi | Changelog | Repo | Docs
Flask-SQLAlchemy 2.1 » 2.1 PyPi | Changelog | Repo | Docs
pytz 2014.10 » 2016.7 PyPi | Homepage | Docs
Babel 1.3 » 2.3.4 PyPi | Changelog | Homepage | Docs
pyasn1 0.1.7 » 0.1.9 PyPi | Homepage
simplejson 3.6.5 » 3.8.2 PyPi | Changelog | Repo
Flask 0.10.1 » 0.11.1 PyPi | Changelog | Repo
flask-mongoengine 0.7.1 » 0.8 PyPi | Changelog | Repo
pyasn1 0.1.9 » 0.1.9 PyPi | Homepage
pyasn1 0.1.9 » 0.1.9 PyPi | Homepage
oauth2 1.5.211 » 1.9.0.post1 PyPi | Repo

Changelogs

Flask-WTF 0.10.3 -> 0.13.1

0.13.1


Released 2016/10/6

  • Deprecation warning for Form is shown during __init__ instead of immediately when subclassing. (262_)
  • Don't use pkg_resources to get version, for compatibility with GAE. (261_)

.. _261: pallets-eco/flask-wtf#261
.. _262: pallets-eco/flask-wtf#262

0.13


Released 2016/09/29

  • Form is renamed to FlaskForm in order to avoid name collision with WTForms's base class. Using Form will show a deprecation warning. (250_)
  • hidden_tag no longer wraps the hidden inputs in a hidden div. This is valid HTML5 and any modern HTML parser will behave correctly. (217, 193)
  • flask_wtf.html5 is deprecated. Import directly from wtforms.fields.html5. (251_)
  • is_submitted is true for PATCH and DELETE in addition to POST and PUT. (187_)
  • generate_csrf takes a token_key parameter to specify the key stored in the session. (206_)
  • generate_csrf takes a url_safe parameter to allow the token to be used in URLs. (206_)
  • fom.data can be accessed multiple times without raising an exception. (248_)
  • File extension with multiple parts (.tar.gz) can be used in the FileAllowed validator. (201_)

.. _187: pallets-eco/flask-wtf#187
.. _193: pallets-eco/flask-wtf#193
.. _201: pallets-eco/flask-wtf#201
.. _206: pallets-eco/flask-wtf#206
.. _217: pallets-eco/flask-wtf#217
.. _248: pallets-eco/flask-wtf#248
.. _250: pallets-eco/flask-wtf#250
.. _251: pallets-eco/flask-wtf#251

0.12


Released 2015/07/09

  • Abstract protect_csrf() into a separate method
  • Update reCAPTCHA configuration
  • Fix reCAPTCHA error handle

0.11


Released 2015/01/21

  • Use the new reCAPTCHA API via 164_.

.. _164: pallets-eco/flask-wtf#164

WTForms 1.0.5 -> 2.1

2.1


Released December 15, 2015

  • Added render_kw to allow default rendering time options.
  • Updated / added a number of localizations
  • Updated docs
  • Allow widgets to set flags

2.0.2


Released January 18, 2015

  • Added more localizations and updated some.
  • Validators for email and URL can validate IDNA-encoded domain names and new TLDs
  • Better DeprecationWarnings
  • Support localization files in /usr/share/locale (for distro packaging)

2.0.1


Released July 1, 2014

  • Update wheel install to conditionally install ordereddict for python 2.6.
  • Doc improvements

2.0


Released May 20, 2014

  • Add new class Meta paradigm for much more powerful customization
    of WTForms.
  • Move i18n into core. Deprecate wtforms.ext.i18n.
  • Move CSRF into core. Deprecate wtforms.ext.csrf.
  • Fix issue rendering SelectFields with value=True
  • Make DecimalField able to use babel locale-based number formatting.
  • Drop Python 3.2 support (Python3 support for 3.3+ only)
  • passing attr=False to WTForms widgets causes the value to be ignored.
  • Unique validator in wtforms.ext.sqlalchemy has been removed.

blinker 1.3 -> 1.4

1.4


Released July 23, 2015

  • Verified Python 3.4 support (no changes needed)
  • Additional bookkeeping cleanup for non-ANY connections at disconnect
    time.
  • Added Signal._cleanup_bookeeping() to prune stale bookkeeping on
    demand

Flask-Security 1.7.4 -> 1.7.5

1.7.5


Released December 2nd 2015

  • Added SECURITY_TOKEN_MAX_AGE configuration setting
  • Fixed calls to SQLAlchemyUserDatastore.get_user(None) (this now returns False instead of raising a TypeError
  • Fixed URL generation adding extra slashes in some cases (see GitHub 343)
  • Fixed handling of trackable IP addresses when the X-Forwarded-For header contains multiple values
  • Include WWW-Authenticate headers in auth_required authentication checks
  • Fixed error when check_token function is used with a json list
  • Added support for custom AnonymousUser classes
  • Restricted forgot_password endpoint to anonymous users
  • Allowed unauthorized callback to be overridden
  • Fixed issue where passwords cannot be reset if currently set to None
  • Ensured that password reset tokens are invalidated after use
  • Updated is_authenticated and is_active functions to support Flask-Login changes
  • Various documentation improvements

uritemplate 0.6 -> 3.0.0

2.0.0


1.0.1


  • Fix some minor packaging problems.

1.0.0


  • Fix handling of Unicode values on Python 2.6 and 2.7 for urllib.quote.
  • Confirm public stable API via version number.

oauthlib 0.7.2 -> 2.0.0

2.0.0


  • (New Feature) OpenID support.
  • Documentation improvements and fixes.

1.1.2


  • (Fix) Query strings should be able to include colons.
  • (Fix) Cast body to a string to ensure that we can perform a regex substitution on it.

1.1.1


  • (Enhancement) Better sanitisation of Request objects repr.

1.1.0


  • (Fix) '(', ')', '/' and '?' are now safe characters in url encoded strings.
  • (Enhancement) Added support for specifying if refresh tokens should be created on authorization code grants.
  • (Fix) OAuth2Token now handles None scopes correctly.
  • (Fix) Request token is now available for OAuth 1.
  • (Enhancement) OAuth2Token is declared with slots for smaller memory footprint.
  • (Enhancement) RefreshTokenGrant now allows to set issue_new_refresh_tokens.
  • Documentation improvements and fixes.

1.0.3


  • (Fix) Changed the documented return type of the invalidate_request_token() method from the RSA key to None since nobody is using the return type.
  • (Enhancement) Added a validator log that will store what the endpoint has computed for debugging and logging purposes (OAuth 1 only for now).

1.0.2


  • (Fix) Allow client secret to be null for public applications that do not mandate it's specification in the query parameters.
  • (Fix) Encode request body before hashing in order to prevent encoding errors in Python 3.

1.0.1


  • (Fix) Added token_type_hint to the list of default Request parameters.

1.0.0


  • (Breaking Change) Replace pycrypto with cryptography from https://cryptography.io
  • (Breaking Change) Update jwt to 1.0.0 (which is backwards incompatible) no oauthlib api changes
    were made.
  • (Breaking Change) Raise attribute error for non-existing attributes in the Request object.
  • (Fix) Strip whitespace off of scope string.
  • (Change) Don't require to return the state in the access token response.
  • (Change) Hide password in logs.
  • (Fix) Fix incorrect invocation of prepare_refresh_body in the OAuth2 client.
  • (Fix) Handle empty/non-parsable query strings.
  • (Fix) Check if an RSA key is actually needed before requiring it.
  • (Change) Allow tuples for list_to_scope as well as sets and lists.
  • (Change) Add code to determine if client authentication is required for OAuth2.
  • (Fix) Fix error message on invalid Content-Type header for OAtuh1 signing.
  • (Fix) Allow ! character in query strings.
  • (Fix) OAuth1 now includes the body hash for requests that specify any content-type that isn't x-www-form-urlencoded.
  • (Fix) Fixed error description in oauth1 endpoint.
  • (Fix) Revocation endpoint for oauth2 will now return an empty string in the response body instead of 'None'.
  • Increased test coverage.
  • Performance improvements.
  • Documentation improvements and fixes.

requests 2.5.1 -> 2.11.1

2.11.1

+++++++++++++++++++

Bugfixes

  • Fixed a bug when using iter_content with decode_unicode=True for
    streamed bodies would raise AttributeError. This bug was introduced in
    2.11.
  • Strip Content-Type and Transfer-Encoding headers from the header block when
    following a redirect that transforms the verb from POST/PUT to GET.

2.11.0

+++++++++++++++++++

Improvements

  • Added support for the ALL_PROXY environment variable.
  • Reject header values that contain leading whitespace or newline characters to
    reduce risk of header smuggling.

Bugfixes

  • Fixed occasional TypeError when attempting to decode a JSON response that
    occurred in an error case. Now correctly returns a ValueError.
  • Requests would incorrectly ignore a non-CIDR IP address in the NO_PROXY
    environment variables: Requests now treats it as a specific IP.
  • Fixed a bug when sending JSON data that could cause us to encounter obscure
    OpenSSL errors in certain network conditions (yes, really).
  • Added type checks to ensure that iter_content only accepts integers and
    None for chunk sizes.
  • Fixed issue where responses whose body had not been fully consumed would have
    the underlying connection closed but not returned to the connection pool,
    which could cause Requests to hang in situations where the HTTPAdapter
    had been configured to use a blocking connection pool.

Miscellaneous

  • Updated bundled urllib3 to 1.16.
  • Some previous releases accidentally accepted non-strings as acceptable header values. This release does not.

2.10.0

+++++++++++++++++++

New Features

  • SOCKS Proxy Support! (requires PySocks; $ pip install requests[socks])

Miscellaneous

  • Updated bundled urllib3 to 1.15.1.

2.9.2

++++++++++++++++++

Improvements

  • Change built-in CaseInsensitiveDict (used for headers) to use OrderedDict
    as its underlying datastore.

Bugfixes

  • Don't use redirect_cache if allow_redirects=False
  • When passed objects that throw exceptions from tell(), send them via
    chunked transfer encoding instead of failing.
  • Raise a ProxyError for proxy related connection issues.

2.9.1

++++++++++++++++++

Bugfixes

  • Resolve regression introduced in 2.9.0 that made it impossible to send binary
    strings as bodies in Python 3.
  • Fixed errors when calculating cookie expiration dates in certain locales.

Miscellaneous

  • Updated bundled urllib3 to 1.13.1.

2.9.0

++++++++++++++++++

Minor Improvements (Backwards compatible)

  • The verify keyword argument now supports being passed a path to a
    directory of CA certificates, not just a single-file bundle.
  • Warnings are now emitted when sending files opened in text mode.
  • Added the 511 Network Authentication Required status code to the status code
    registry.

Bugfixes

  • For file-like objects that are not seeked to the very beginning, we now
    send the content length for the number of bytes we will actually read, rather
    than the total size of the file, allowing partial file uploads.
  • When uploading file-like objects, if they are empty or have no obvious
    content length we set Transfer-Encoding: chunked rather than
    Content-Length: 0.
  • We correctly receive the response in buffered mode when uploading chunked
    bodies.
  • We now handle being passed a query string as a bytestring on Python 3, by
    decoding it as UTF-8.
  • Sessions are now closed in all cases (exceptional and not) when using the
    functional API rather than leaking and waiting for the garbage collector to
    clean them up.
  • Correctly handle digest auth headers with a malformed qop directive that
    contains no token, by treating it the same as if no qop directive was
    provided at all.
  • Minor performance improvements when removing specific cookies by name.

Miscellaneous

  • Updated urllib3 to 1.13.

2.8.1

++++++++++++++++++

Bugfixes

  • Update certificate bundle to match certifi 2015.9.6.2's weak certificate
    bundle.
  • Fix a bug in 2.8.0 where requests would raise ConnectTimeout instead of
    ConnectionError
  • When using the PreparedRequest flow, requests will now correctly respect the
    json parameter. Broken in 2.8.0.
  • When using the PreparedRequest flow, requests will now correctly handle a
    Unicode-string method name on Python 2. Broken in 2.8.0.

2.8.0

++++++++++++++++++

Minor Improvements (Backwards Compatible)

  • Requests now supports per-host proxies. This allows the proxies
    dictionary to have entries of the form
    {'<scheme>://<hostname>': '<proxy>'}. Host-specific proxies will be used
    in preference to the previously-supported scheme-specific ones, but the
    previous syntax will continue to work.
  • Response.raise_for_status now prints the URL that failed as part of the
    exception message.
  • requests.utils.get_netrc_auth now takes an raise_errors kwarg,
    defaulting to False. When True, errors parsing .netrc files cause
    exceptions to be thrown.
  • Change to bundled projects import logic to make it easier to unbundle
    requests downstream.
  • Changed the default User-Agent string to avoid leaking data on Linux: now
    contains only the requests version.

Bugfixes

  • The json parameter to post() and friends will now only be used if
    neither data nor files are present, consistent with the
    documentation.
  • We now ignore empty fields in the NO_PROXY environment variable.
  • Fixed problem where httplib.BadStatusLine would get raised if combining
    stream=True with contextlib.closing.
  • Prevented bugs where we would attempt to return the same connection back to
    the connection pool twice when sending a Chunked body.
  • Miscellaneous minor internal changes.
  • Digest Auth support is now thread safe.

Updates

  • Updated urllib3 to 1.12.

2.7.0

++++++++++++++++++

This is the first release that follows our new release process. For more, see
our documentation <http://docs.python-requests.org/en/latest/community/release-process/>_.

Bugfixes

  • Updated urllib3 to 1.10.4, resolving several bugs involving chunked transfer
    encoding and response framing.

2.6.2

++++++++++++++++++

Bugfixes

  • Fix regression where compressed data that was sent as chunked data was not
    properly decompressed. (2561)

2.6.1

++++++++++++++++++

Bugfixes

  • Remove VendorAlias import machinery introduced in v2.5.2.
  • Simplify the PreparedRequest.prepare API: We no longer require the user to
    pass an empty list to the hooks keyword argument. (c.f. 2552)
  • Resolve redirects now receives and forwards all of the original arguments to
    the adapter. (2503)
  • Handle UnicodeDecodeErrors when trying to deal with a unicode URL that
    cannot be encoded in ASCII. (2540)
  • Populate the parsed path of the URI field when performing Digest
    Authentication. (2426)
  • Copy a PreparedRequest's CookieJar more reliably when it is not an instance
    of RequestsCookieJar. (2527)

2.6.0

++++++++++++++++++

Bugfixes

  • CVE-2015-2296: Fix handling of cookies on redirect. Previously a cookie
    without a host value set would use the hostname for the redirected URL
    exposing requests users to session fixation attacks and potentially cookie
    stealing. This was disclosed privately by Matthew Daley of
    BugFuzz <https://bugfuzz.com>_. This affects all versions of requests from
    v2.1.0 to v2.5.3 (inclusive on both ends).
  • Fix error when requests is an install_requires dependency and python setup.py test is run. (2462)
  • Fix error when urllib3 is unbundled and requests continues to use the
    vendored import location.
  • Include fixes to urllib3's header handling.
  • Requests' handling of unvendored dependencies is now more restrictive.

Features and Improvements

  • Support bytearrays when passed as parameters in the files argument.
    (2468)
  • Avoid data duplication when creating a request with str, bytes, or
    bytearray input to the files argument.

2.5.3

++++++++++++++++++

Bugfixes

2.5.2

++++++++++++++++++

Features and Improvements

  • Add sha256 fingerprint support. (shazow/urllib3540_)
  • Improve the performance of headers. (shazow/urllib3544_)

Bugfixes

  • Copy pip's import machinery. When downstream redistributors remove
    requests.packages.urllib3 the import machinery will continue to let those
    same symbols work. Example usage in requests' documentation and 3rd-party
    libraries relying on the vendored copies of urllib3 will work without having
    to fallback to the system urllib3.
  • Attempt to quote parts of the URL on redirect if unquoting and then quoting
    fails. (2356)
  • Fix filename type check for multipart form-data uploads. (2411)
  • Properly handle the case where a server issuing digest authentication
    challenges provides both auth and auth-int qop-values. (2408)
  • Fix a socket leak. (shazow/urllib3549_)
  • Fix multiple Set-Cookie headers properly. (shazow/urllib3534_)
  • Disable the built-in hostname verification. (shazow/urllib3526_)
  • Fix the behaviour of decoding an exhausted stream. (shazow/urllib3535_)

Security

  • Pulled in an updated cacert.pem.
  • Drop RC4 from the default cipher list. (shazow/urllib3551_)

.. _shazow/urllib3551: urllib3/urllib3#551
.. _shazow/urllib3549: urllib3/urllib3#549
.. _shazow/urllib3544: urllib3/urllib3#544
.. _shazow/urllib3540: urllib3/urllib3#540
.. _shazow/urllib3535: urllib3/urllib3#535
.. _shazow/urllib3534: urllib3/urllib3#534
.. _shazow/urllib3526: urllib3/urllib3#526

google-api-python-client 1.3.1 -> 1.5.4

1.5.4

Version 1.5.4

Bugfix release

  • Properly handle errors when the API returns a mapping or sequence. (289)
  • Upgrade to unified uritemplate 3.0.0. (293)
  • Allow oauth2client 4.0.0, with the caveat that file-based discovery
    caching is disabled.

1.5.3

Version 1.5.3

Bugfix release

  • Fixed import error with oauth2client >= 3.0.0. (270)

1.5.2

Version 1.5.2

Bugfix release

  • Allow using oauth2client >= 1.5.0, < 4.0.0. (265)
  • Fix project_id argument description. (257)
  • Retry chunk uploaded on rate limit exceeded errors. (255)
  • Obtain access token if necessary in BatchHttpRequest.execute(). (232)
  • Warn when running tests using HttpMock without having a cache. (261)

1.5.1

Version 1.5.1

Bugfix release

  • Allow using versions of oauth2client < 2.0.0. (197)
  • Check both current and new API discovery URL. (202)
  • Retry http requests on connection errors and timeouts. (218)
  • Retry http requests on rate limit responses. (201)
  • Import guards for ssl (for Google App Engine). (220)
  • Use named loggers instead of the root logger. (206)
  • New search console example. (212)

1.5.0

Version 1.5.0

Release to support oauth2client >= 2.0.0.

  • Fix file stream recognition in Python 3 (141)
  • Fix non-resumable binary uploads in Python 3 (147)
  • Default to 'octet-stream' if mimetype detection fails (157)
  • Handle SSL errors with retries (160)
  • Fix incompatibility with oauth2client v2.0.0 (182)

1.4.2

Version 1.4.2

Add automatic caching for the discovery docs.

1.4.1

Version 1.4.1

Add the googleapiclient.discovery.Resource.new_batch_http_request method.

1.4.0

Version 1.4.0

Python 3 support.

1.3.2

Version 1.3.2

Small bugfix release.

  • Fix an infinite loop for downloading small files.
  • Fix a unicode error in error encoding.
  • Better handling of content-length in media requests.
  • Add support for methodPath entries containing colon.

Jinja2 2.7.3 -> 2.8

2.8


(codename Replacement, released on July 26th 2015)

  • Added target parameter to urlize function.
  • Added support for followsymlinks to the file system loader.
  • The truncate filter now counts the length.
  • Added equalto filter that helps with select filters.
  • Changed cache keys to use absolute file names if available
    instead of load names.
  • Fixed loop length calculation for some iterators.
  • Changed how Jinja2 enforces strings to be native strings in
    Python 2 to work when people break their default encoding.
  • Added :func:make_logging_undefined which returns an undefined
    object that logs failures into a logger.
  • If unmarshalling of cached data fails the template will be
    reloaded now.
  • Implemented a block set tag.
  • Default cache size was incrased to 400 from a low 50.
  • Fixed is number test to accept long integers in all Python versions.
  • Changed is number to accept Decimal as a number.
  • Added a check for default arguments followed by non-default arguments. This
    change makes {% macro m(x, y=1, z) %}...{% endmacro %} a syntax error. The
    previous behavior for this code was broken anyway (resulting in the default
    value being applied to y).
  • Add ability to use custom subclasses of jinja2.compiler.CodeGenerator and
    jinja2.runtime.Context by adding two new attributes to the environment
    (code_generator_class and context_class) (pull request 404).
  • added support for context/environment/evalctx decorator functions on
    the finalize callback of the environment.
  • escape query strings for urlencode properly. Previously slashes were not
    escaped in that place.
  • Add 'base' parameter to 'int' filter.

httplib2 0.9 -> 0.9.2

0.9.2

Fixes in this release:

jcgregorio/httplib2#313

Fix incorrect ResponseNotReady exceptions, retry on transient errors.

0.9.1

Fixes in this release:

jcgregorio/httplib2#296

   There was a problem with headers when a binary string is passed (like
   b&#39;Authorization&#39;).

jcgregorio/httplib2#276

   Default to doing DNS resolution through a proxy server if present.

pymongo 2.7.2 -> 3.3.0

3.3

  • C extensions support on big endian systems.
  • Kerberos authentication support on Windows using WinKerberos &lt;https://pypi.python.org/pypi/winkerberos&gt;_.
  • A new ssl_clrfile option to support certificate revocation lists.
  • A new ssl_pem_passphrase option to support encrypted key files.
  • Support for publishing server discovery and monitoring events. See
    :mod:~pymongo.monitoring for details.
  • New connection pool options minPoolSize and maxIdleTimeMS.
  • New heartbeatFrequencyMS option controls the rate at which background
    monitoring threads re-check servers. Default is once every 10 seconds.

.. warning:: PyMongo 3.3 drops support for MongoDB versions older than 2.4.
It also drops support for python 3.2 (pypy3 continues to be supported).

Issues Resolved
...............

See the PyMongo 3.3 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.3 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16005

3.2.2

a fix for using the connect option in the MongoDB URI and support for setting
the batch size for a query to 1 when using MongoDB 3.2+.

Issues Resolved
...............

See the PyMongo 3.2.2 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.2.2 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16538

3.2.1

running the mapreduce command twice when calling the
:meth:~pymongo.collection.Collection.inline_map_reduce method and a
:exc:TypeError being raised when calling
:meth:~gridfs.GridFSBucket.download_to_stream. This release also
improves error messaging around BSON decoding.

Issues Resolved
...............

See the PyMongo 3.2.1 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.2.1 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16312

3.2


Version 3.2 implements the new server features introduced in MongoDB 3.2.

Highlights include:

  • Full support for MongoDB 3.2 including:
    • Support for :class:~pymongo.read_concern.ReadConcern
    • :class:~pymongo.write_concern.WriteConcern is now applied to
      :meth:~pymongo.collection.Collection.find_one_and_replace,
      :meth:~pymongo.collection.Collection.find_one_and_update, and
      :meth:~pymongo.collection.Collection.find_one_and_delete.
    • Support for the new bypassDocumentValidation option in write
      helpers.
  • Support for reading and writing raw BSON with
    :class:~bson.raw_bson.RawBSONDocument

.. note:: Certain :class:~pymongo.mongo_client.MongoClient properties now
block until a connection is established or raise
:exc:~pymongo.errors.ServerSelectionTimeoutError if no server is available.
See :class:~pymongo.mongo_client.MongoClient for details.

3.1.1

regression in error handling for oversize command documents and interrupt
handling issues in the C extensions.

Issues Resolved
...............

See the PyMongo 3.1.1 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.1.1 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16211

3.1

of 3.0.3.

Highlights include:

  • Command monitoring support. See :mod:~pymongo.monitoring for details.
  • Configurable error handling for :exc:UnicodeDecodeError. See the
    unicode_decode_error_handler option of
    :class:~bson.codec_options.CodecOptions.
  • Optional automatic timezone conversion when decoding BSON datetime. See the
    tzinfo option of :class:~bson.codec_options.CodecOptions.
  • An implementation of :class:~gridfs.GridFSBucket from the new GridFS spec.
  • Compliance with the new Connection String spec.
  • Reduced idle CPU usage in Python 2.

Changes in internal classes
...........................

The private PeriodicExecutor class no longer takes a condition_class
option, and the private thread_util.Event class is removed.

Issues Resolved
...............

See the PyMongo 3.1 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.1 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/14796

3.0.3

feature breaking bug in the GSSAPI implementation.

Issues Resolved
...............

See the PyMongo 3.0.3 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.0.3 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/15528

3.0.2

importantly a bug that could route operations to replica set members
that are not in primary or secondary state when using
:class:~pymongo.read_preferences.PrimaryPreferred or
:class:~pymongo.read_preferences.Nearest. It is a recommended upgrade for
all users of PyMongo 3.0.x.

Issues Resolved
...............

See the PyMongo 3.0.2 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.0.2 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/15430

3.0.1

importantly a bug in GridFS.delete that could prevent file chunks from
actually being deleted.

Issues Resolved
...............

See the PyMongo 3.0.1 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.0.1 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/15322

3.0


PyMongo 3.0 is a partial rewrite of PyMongo bringing a large number of
improvements:

  • A unified client class. MongoClient is the one and only client class for
    connecting to a standalone mongod, replica set, or sharded cluster. Migrating
    from a standalone, to a replica set, to a sharded cluster can be accomplished
    with only a simple URI change.
  • MongoClient is much more responsive to configuration changes in your MongoDB
    deployment. All connected servers are monitored in a non-blocking manner.
    Slow to respond or down servers no longer block server discovery, reducing
    application startup time and time to respond to new or reconfigured
    servers and replica set failovers.
  • A unified CRUD API. All official MongoDB drivers now implement a standard
    CRUD API allowing polyglot developers to move from language to language
    with ease.
  • Single source support for Python 2.x and 3.x. PyMongo no longer relies on
    2to3 to support Python 3.
  • A rewritten pure Python BSON implementation, improving performance
    with pypy and cpython deployments without support for C extensions.
  • Better support for greenlet based async frameworks including eventlet.
  • Immutable client, database, and collection classes, avoiding a host of thread
    safety issues in client applications.

PyMongo 3.0 brings a large number of API changes. Be sure to read the changes
listed below before upgrading from PyMongo 2.x.

.. warning:: PyMongo no longer supports Python 2.4, 2.5, or 3.1. If you
must use PyMongo with these versions of Python the 2.x branch of PyMongo
will be minimally supported for some time.

SONManipulator changes
......................

The :class:~pymongo.son_manipulator.SONManipulator API has limitations as a
technique for transforming your data. Instead, it is more flexible and
straightforward to transform outgoing documents in your own code before passing
them to PyMongo, and transform incoming documents after receiving them from
PyMongo.

Thus the :meth:~pymongo.database.Database.add_son_manipulator method is
deprecated. PyMongo 3's new CRUD API does not apply SON manipulators to
documents passed to :meth:~pymongo.collection.Collection.bulk_write,
:meth:~pymongo.collection.Collection.insert_one,
:meth:~pymongo.collection.Collection.insert_many,
:meth:~pymongo.collection.Collection.update_one, or
:meth:~pymongo.collection.Collection.update_many. SON manipulators are not
applied to documents returned by the new methods
:meth:~pymongo.collection.Collection.find_one_and_delete,
:meth:~pymongo.collection.Collection.find_one_and_replace, and
:meth:~pymongo.collection.Collection.find_one_and_update.

SSL/TLS changes
...............

When ssl is True the ssl_cert_reqs option now defaults to
:attr:ssl.CERT_REQUIRED if not provided. PyMongo will attempt to load OS
provided CA certificates to verify the server, raising
:exc:~pymongo.errors.ConfigurationError if it cannot.

Gevent Support
..............

In previous versions, PyMongo supported Gevent in two modes: you could call
gevent.monkey.patch_socket() and pass use_greenlets=True to
:class:~pymongo.mongo_client.MongoClient, or you could simply call
gevent.monkey.patch_all() and omit the use_greenlets argument.

In PyMongo 3.0, the use_greenlets option is gone. To use PyMongo with
Gevent simply call gevent.monkey.patch_all().

For more information,
see :doc:PyMongo&#39;s Gevent documentation &lt;examples/gevent&gt;.

:class:~pymongo.mongo_client.MongoClient changes
..................................................

:class:~pymongo.mongo_client.MongoClient is now the one and only
client class for a standalone server, mongos, or replica set.
It includes the functionality that had been split into
MongoReplicaSetClient: it can connect to a replica set, discover all its
members, and monitor the set for stepdowns, elections, and reconfigs.
:class:~pymongo.mongo_client.MongoClient now also supports the full
:class:~pymongo.read_preferences.ReadPreference API.

The obsolete classes MasterSlaveConnection, Connection, and
ReplicaSetConnection are removed.

The :class:~pymongo.mongo_client.MongoClient constructor no
longer blocks while connecting to the server or servers, and it no
longer raises :class:~pymongo.errors.ConnectionFailure if they
are unavailable, nor :class:~pymongo.errors.ConfigurationError
if the user's credentials are wrong. Instead, the constructor
returns immediately and launches the connection process on
background threads. The connect option is added to control whether
these threads are started immediately, or when the client is first used.

Therefore the alive method is removed since it no longer provides meaningful
information; even if the client is disconnected, it may discover a server in
time to fulfill the next operation.

In PyMongo 2.x, :class:~pymongo.mongo_client.MongoClient accepted a list of
standalone MongoDB servers and used the first it could connect to::

MongoClient(['host1.com:27017', 'host2.com:27017'])

A list of multiple standalones is no longer supported; if multiple servers
are listed they must be members of the same replica set, or mongoses in the
same sharded cluster.

The behavior for a list of mongoses is changed from "high availability" to
"load balancing". Before, the client connected to the lowest-latency mongos in
the list, and used it until a network error prompted it to re-evaluate all
mongoses' latencies and reconnect to one of them. In PyMongo 3, the client
monitors its network latency to all the mongoses continuously, and distributes
operations evenly among those with the lowest latency.
See :ref:mongos-load-balancing for more information.

The client methods start_request, in_request, and end_request
are removed, and so is the auto_start_request option. Requests were
designed to make read-your-writes consistency more likely with the w=0
write concern. Additionally, a thread in a request used the same member for
all secondary reads in a replica set. To ensure read-your-writes consistency
in PyMongo 3.0, do not override the default write concern with w=0, and
do not override the default :ref:read preference &lt;secondary-reads&gt; of
PRIMARY.

Support for the slaveOk (or slave_okay), safe, and
network_timeout options has been removed. Use
:attr:~pymongo.read_preferences.ReadPreference.SECONDARY_PREFERRED instead of
slave_okay. Accept the default write concern, acknowledged writes, instead of
setting safe=True. Use socketTimeoutMS in place of network_timeout (note that
network_timeout was in seconds, where as socketTimeoutMS is milliseconds).

The max_pool_size option has been removed. It is replaced by the
maxPoolSize MongoDB URI option. maxPoolSize is now a supported URI
option in PyMongo and can be passed as a keyword argument.

The copy_database method is removed, see the
:doc:copy_database examples &lt;/examples/copydb&gt; for alternatives.

The disconnect method is removed. Use
:meth:~pymongo.mongo_client.MongoClient.close instead.

The get_document_class method is removed. Use
:attr:~pymongo.mongo_client.MongoClient.codec_options instead.

The get_lasterror_options, set_lasterror_options, and
unset_lasterror_options methods are removed. Write concern options
can be passed to :class:~pymongo.mongo_client.MongoClient as keyword
arguments or MongoDB URI options.

The :meth:~pymongo.mongo_client.MongoClient.get_database method is added for
getting a Database instance with its options configured differently than the
MongoClient's.

The following read-only attributes have been added:

  • :attr:~pymongo.mongo_client.MongoClient.codec_options

The following attributes are now read-only:

  • :attr:~pymongo.mongo_client.MongoClient.read_preference
  • :attr:~pymongo.mongo_client.MongoClient.write_concern

The following attributes have been removed:

  • :attr:~pymongo.mongo_client.MongoClient.document_class
    (use :attr:~pymongo.mongo_client.MongoClient.codec_options instead)
  • :attr:~pymongo.mongo_client.MongoClient.host
    (use :attr:~pymongo.mongo_client.MongoClient.address instead)
  • :attr:~pymongo.mongo_client.MongoClient.min_wire_version
  • :attr:~pymongo.mongo_client.MongoClient.max_wire_version
  • :attr:~pymongo.mongo_client.MongoClient.port
    (use :attr:~pymongo.mongo_client.MongoClient.address instead)
  • :attr:~pymongo.mongo_client.MongoClient.safe
    (use :attr:~pymongo.mongo_client.MongoClient.write_concern instead)
  • :attr:~pymongo.mongo_client.MongoClient.slave_okay
    (use :attr:~pymongo.mongo_client.MongoClient.read_preference instead)
  • :attr:~pymongo.mongo_client.MongoClient.tag_sets
    (use :attr:~pymongo.mongo_client.MongoClient.read_preference instead)
  • :attr:~pymongo.mongo_client.MongoClient.tz_aware
    (use :attr:~pymongo.mongo_client.MongoClient.codec_options instead)

The following attributes have been renamed:

  • :attr:~pymongo.mongo_client.MongoClient.secondary_acceptable_latency_ms is
    now :attr:~pymongo.mongo_client.MongoClient.local_threshold_ms and is now
    read-only.

:class:~pymongo.cursor.Cursor changes
.......................................

The conn_id property is renamed to :attr:~pymongo.cursor.Cursor.address.

Cursor management changes
.........................

:class:~pymongo.cursor_manager.CursorManager and
:meth:~pymongo.mongo_client.MongoClient.set_cursor_manager are no longer
deprecated. If you subclass :class:~pymongo.cursor_manager.CursorManager
your implementation of :meth:~pymongo.cursor_manager.CursorManager.close
must now take a second parameter, address. The BatchCursorManager class
is removed.

The second parameter to :meth:~pymongo.mongo_client.MongoClient.close_cursor
is renamed from _conn_id to address.
:meth:~pymongo.mongo_client.MongoClient.kill_cursors now accepts an address
parameter.

:class:~pymongo.database.Database changes
...........................................

The connection property is renamed to
:attr:~pymongo.database.Database.client.

The following read-only attributes have been added:

  • :attr:~pymongo.database.Database.codec_options

The following attributes are now read-only:

  • :attr:~pymongo.database.Database.read_preference
  • :attr:~pymongo.database.Database.write_concern

Use :meth:~pymongo.mongo_client.MongoClient.get_database for getting a
Database instance with its options configured differently than the
MongoClient's.

The following attributes have been removed:

  • :attr:~pymongo.database.Database.safe
  • :attr:~pymongo.database.Database.secondary_acceptable_latency_ms
  • :attr:~pymongo.database.Database.slave_okay
  • :attr:~pymongo.database.Database.tag_sets

The following methods have been added:

  • :meth:~pymongo.database.Database.get_collection

The following methods have been changed:

  • :meth:~pymongo.database.Database.command. Support for as_class,
    uuid_subtype, tag_sets, and secondary_acceptable_latency_ms have been
    removed. You can instead pass an instance of
    :class:~bson.codec_options.CodecOptions as codec_options and an instance
    of a read preference class from :mod:~pymongo.read_preferences as
    read_preference. The fields and compile_re options are also removed.
    The fields options was undocumented and never really worked. Regular
    expressions are always decoded to :class:~bson.regex.Regex.

The following methods have been deprecated:

  • :meth:~pymongo.database.Database.add_son_manipulator

The following methods have been removed:

The get_lasterror_options, set_lasterror_options, and
unset_lasterror_options methods have been removed. Use
:class:~pymongo.write_concern.WriteConcern with
:meth:~pymongo.mongo_client.MongoClient.get_database instead.

:class:~pymongo.collection.Collection changes
...............................................

The following read-only attributes have been added:

  • :attr:~pymongo.collection.Collection.codec_options

The following attributes are now read-only:

  • :attr:~pymongo.collection.Collection.read_preference
  • :attr:~pymongo.collection.Collection.write_concern

Use :meth:~pymongo.database.Database.get_collection or
:meth:~pymongo.collection.Collection.with_options for getting a Collection
instance with its options configured differently than the Database's.

The following attributes have been removed:

  • :attr:~pymongo.collection.Collection.safe
  • :attr:~pymongo.collection.Collection.secondary_acceptable_latency_ms
  • :attr:~pymongo.collection.Collection.slave_okay
  • :attr:~pymongo.collection.Collection.tag_sets

The following methods have been added:

  • :meth:~pymongo.collection.Collection.bulk_write
  • :meth:~pymongo.collection.Collection.insert_one
  • :meth:~pymongo.collection.Collection.insert_many
  • :meth:~pymongo.collection.Collection.update_one
  • :meth:~pymongo.collection.Collection.update_many
  • :meth:~pymongo.collection.Collection.replace_one
  • :meth:~pymongo.collection.Collection.delete_one
  • :meth:~pymongo.collection.Collection.delete_many
  • :meth:~pymongo.collection.Collection.find_one_and_delete
  • :meth:~pymongo.collection.Collection.find_one_and_replace
  • :meth:~pymongo.collection.Collection.find_one_and_update
  • :meth:~pymongo.collection.Collection.with_options
  • :meth:~pymongo.collection.Collection.create_indexes
  • :meth:~pymongo.collection.Collection.list_indexes

The following methods have changed:

  • :meth:~pymongo.collection.Collection.aggregate now always returns an
    instance of :class:~pymongo.command_cursor.CommandCursor. See the
    documentation for all options.
  • :meth:~pymongo.collection.Collection.count now optionally takes a filter
    argument, as well as other options supported by the count command.
  • :meth:~pymongo.collection.Collection.distinct now optionally takes a filter
    argument.
  • :meth:~pymongo.collection.Collection.create_index no longer caches
    indexes, therefore the cache_for parameter has been removed. It also
    no longer supports the bucket_size and drop_dups aliases for bucketSize
    and dropDups.

The following methods are deprecated:

  • :meth:~pymongo.collection.Collection.save
  • :meth:~pymongo.collection.Collection.insert
  • :meth:~pymongo.collection.Collection.update
  • :meth:~pymongo.collection.Collection.remove
  • :meth:~pymongo.collection.Collection.find_and_modify
  • :meth:~pymongo.collection.Collection.ensure_index

The following methods have been removed:

The get_lasterror_options, set_lasterror_options, and
unset_lasterror_options methods have been removed. Use
:class:~pymongo.write_concern.WriteConcern with
:meth:~pymongo.collection.Collection.with_options instead.

Changes to :meth:~pymongo.collection.Collection.find and :meth:~pymongo.collection.Collection.find_one


The following find/find_one options have been renamed:

These renames only affect your code if you passed these as keyword arguments,
like find(fields=[&#39;fieldname&#39;]). If you passed only positional parameters these
changes are not significant for your application.

- spec -&gt; filter
- fields -&gt; projection
- partial -&gt; allow_partial_results

The following find/find_one options have been added:

- cursor_type (see :class:`~pymongo.cursor.CursorType` for values)
- oplog_replay
- modifiers

The following find/find_one options have been removed:

- network_timeout (use :meth:`~pymongo.cursor.Cursor.max_time_ms` instead)
- slave_okay (use one of the read preference classes from
 :mod:`~pymongo.read_preferences` and
 :meth:`~pymongo.collection.Collection.with_options` instead)
- read_preference (use :meth:`~pymongo.collection.Collection.with_options`
 instead)
- tag_sets (use one of the read preference classes from
 :mod:`~pymongo.read_preferences` and
 :meth:`~pymongo.collection.Collection.with_options` instead)
- secondary_acceptable_latency_ms (use the `localThresholdMS` URI option
 instead)
- max_scan (use the new `modifiers` option instead)
- snapshot (use the new `modifiers` option instead)
- tailable (use the new `cursor_type` option instead)
- await_data (use the new `cursor_type` option instead)
- exhaust (use the new `cursor_type` option instead)
- as_class (use :meth:`~pymongo.collection.Collection.with_options` with
 :class:`~bson.codec_options.CodecOptions` instead)
- compile_re (BSON regular expressions are always decoded to
 :class:`~bson.regex.Regex`)

The following find/find_one options are deprecated:

- manipulate

The following renames need special handling.

- timeout -&gt; no_cursor_timeout -
 The default for `timeout` was True. The default for `no_cursor_timeout` is
 False. If you were previously passing False for `timeout` you must pass
 **True** for `no_cursor_timeout` to keep the previous behavior.

:mod:`~pymongo.errors` changes
..............................

The exception classes ``UnsupportedOption`` and ``TimeoutError`` are deleted.

:mod:`~gridfs` changes
......................

Since PyMongo 1.6, methods ``open`` and ``close`` of :class:`~gridfs.GridFS`
raised an ``UnsupportedAPI`` exception, as did the entire ``GridFile`` class.
The unsupported methods, the class, and the exception are all deleted.

:mod:`~bson` changes
....................

The `compile_re` option is removed from all methods
that accepted it in :mod:`~bson` and :mod:`~bson.json_util`. Additionally, it
is removed from :meth:`~pymongo.collection.Collection.find`,
:meth:`~pymongo.collection.Collection.find_one`,
:meth:`~pymongo.collection.Collection.aggregate`,
:meth:`~pymongo.database.Database.command`, and so on.
PyMongo now always represents BSON regular expressions as
:class:`~bson.regex.Regex` objects. This prevents errors for incompatible
patterns, see `PYTHON-500`_. Use :meth:`~bson.regex.Regex.try_compile` to
attempt to convert from a BSON regular expression to a Python regular
expression object.

PyMongo now decodes the int64 BSON type to :class:`~bson.int64.Int64`, a
trivial wrapper around long (in python 2.x) or int (in python 3.x). This
allows BSON int64 to be round tripped without losing type information in
python 3. Note that if you store a python long (or a python int larger than
4 bytes) it will be returned from PyMongo as :class:`~bson.int64.Int64`.

The `as_class`, `tz_aware`, and `uuid_subtype` options are removed from all
BSON encoding and decoding methods. Use
:class:`~bson.codec_options.CodecOptions` to configure these options. The
APIs affected are:

- :func:`~bson.decode_all`
- :func:`~bson.decode_iter`
- :func:`~bson.decode_file_iter`
- :meth:`~bson.BSON.encode`
- :meth:`~bson.BSON.decode`

This is a breaking change for any application that uses the BSON API directly
and changes any of the named parameter defaults. No changes are required for
applications that use the default values for these options. The behavior
remains the same.

.. _PYTHON-500: https://jira.mongodb.org/browse/PYTHON-500

Issues Resolved
...............

See the `PyMongo 3.0 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 3.0 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/12501



### 2.9.3

thread safety issues in :meth:`~pymongo.collection.Collection.ensure_index`,
:meth:`~pymongo.collection.Collection.drop_index`, and
:meth:`~pymongo.collection.Collection.drop_indexes`.

Issues Resolved
...............

See the `PyMongo 2.9.3 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 2.9.3 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16539



### 2.9.2

improves an error message when decoding BSON as well as fixes a couple other
issues including :meth:`~pymongo.collection.Collection.aggregate` ignoring
:attr:`~pymongo.collection.Collection.codec_options` and
:meth:`~pymongo.database.Database.command` raising a superfluous
`DeprecationWarning`.

Issues Resolved
...............

See the `PyMongo 2.9.2 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 2.9.2 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16303



### 2.9.1

adapts a test case for a behavior change in MongoDB 3.2.

Issues Resolved
...............

See the `PyMongo 2.9.1 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 2.9.1 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16208



### 2.9

from PyMongo 3.0 have been backported in a backward compatible way, allowing
applications to be written against PyMongo &gt;= 2.9, rather then PyMongo 2.x or
PyMongo 3.x. See the :doc:`/migrate-to-pymongo3` for detailed examples.

.. note:: There are a number of new deprecations in this release for features
 that were removed in PyMongo 3.0.

 :class:`~pymongo.mongo_client.MongoClient`:
   - :attr:`~pymongo.mongo_client.MongoClient.host`
   - :attr:`~pymongo.mongo_client.MongoClient.port`
   - :attr:`~pymongo.mongo_client.MongoClient.use_greenlets`
   - :attr:`~pymongo.mongo_client.MongoClient.document_class`
   - :attr:`~pymongo.mongo_client.MongoClient.tz_aware`
   - :attr:`~pymongo.mongo_client.MongoClient.secondary_acceptable_latency_ms`
   - :attr:`~pymongo.mongo_client.MongoClient.tag_sets`
   - :attr:`~pymongo.mongo_client.MongoClient.uuid_subtype`
   - :meth:`~pymongo.mongo_client.MongoClient.disconnect`
   - :meth:`~pymongo.mongo_client.MongoClient.alive`

 :class:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient`:
   - :attr:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.use_greenlets`
   - :attr:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.document_class`
   - :attr:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.tz_aware`
   - :attr:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.secondary_acceptable_latency_ms`
   - :attr:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.tag_sets`
   - :attr:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.uuid_subtype`
   - :meth:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.alive`

 :class:`~pymongo.database.Database`:
   - :attr:`~pymongo.database.Database.secondary_acceptable_latency_ms`
   - :attr:`~pymongo.database.Database.tag_sets`
   - :attr:`~pymongo.database.Database.uuid_subtype`

 :class:`~pymongo.collection.Collection`:
   - :attr:`~pymongo.collection.Collection.secondary_acceptable_latency_ms`
   - :attr:`~pymongo.collection.Collection.tag_sets`
   - :attr:`~pymongo.collection.Collection.uuid_subtype`

.. warning::
 In previous versions of PyMongo, changing the value of
 :attr:`~pymongo.mongo_client.MongoClient.document_class` changed
 the behavior of all existing instances of
 :class:`~pymongo.collection.Collection`::

   &gt;&gt;&gt; coll = client.test.test
   &gt;&gt;&gt; coll.find_one()
   {u&#39;_id&#39;: ObjectId(&#39;5579dc7cfba5220cc14d9a18&#39;)}
   &gt;&gt;&gt; from bson.son import SON
   &gt;&gt;&gt; client.document_class = SON
   &gt;&gt;&gt; coll.find_one()
   SON([(u&#39;_id&#39;, ObjectId(&#39;5579dc7cfba5220cc14d9a18&#39;))])

 The document_class setting is now configurable at the client,
 database, collection, and per-operation level. This required breaking
 the existing behavior. To change the document class per operation in a
 forward compatible way use
 :meth:`~pymongo.collection.Collection.with_options`::

   &gt;&gt;&gt; coll.find_one()
   {u&#39;_id&#39;: ObjectId(&#39;5579dc7cfba5220cc14d9a18&#39;)}
   &gt;&gt;&gt; from bson.codec_options import CodecOptions
   &gt;&gt;&gt; coll.with_options(CodecOptions(SON)).find_one()
   SON([(u&#39;_id&#39;, ObjectId(&#39;5579dc7cfba5220cc14d9a18&#39;))])

Issues Resolved
...............

See the `PyMongo 2.9 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 2.9 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/14795



### 2.8.1

2.8. It is a recommended upgrade for all users of PyMongo 2.x.

Issues Resolved
...............

See the `PyMongo 2.8.1 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 2.8.1 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/15324



### 2.8

fixes a number of bugs.

Special thanks to Don Mitchell, Ximing, Can Zhang, Sergey Azovskov, and Heewa
Barfchin for their contributions to this release.

Highlights include:

- Support for the SCRAM-SHA-1 authentication mechanism (new in MongoDB 3.0).
- JSON decoder support for the new $numberLong and $undefined types.
- JSON decoder support for the $date type as an ISO-8601 string.
- Support passing an index name to :meth:`~pymongo.cursor.Cursor.hint`.
- The :meth:`~pymongo.cursor.Cursor.count` method will use a hint if one
 has been provided through :meth:`~pymongo.cursor.Cursor.hint`.
- A new socketKeepAlive option for the connection pool.
- New generator based BSON decode functions, :func:`~bson.decode_iter`
 and :func:`~bson.decode_file_iter`.
- Internal changes to support alternative storage engines like wiredtiger.

.. note:: There are a number of deprecations in this release for features that
 will be removed in PyMongo 3.0. These include:

 - :meth:`~pymongo.mongo_client.MongoClient.start_request`
 - :meth:`~pymongo.mongo_client.MongoClient.in_request`
 - :meth:`~pymongo.mongo_client.MongoClient.end_request`
 - :meth:`~pymongo.mongo_client.MongoClient.copy_database`
 - :meth:`~pymongo.database.Database.error`
 - :meth:`~pymongo.database.Database.last_status`
 - :meth:`~pymongo.database.Database.previous_error`
 - :meth:`~pymongo.database.Database.reset_error_history`
 - :class:`~pymongo.master_slave_connection.MasterSlaveConnection`

 The JSON format for :class:`~bson.timestamp.Timestamp` has changed from
 &#39;{&quot;t&quot;: &lt;int&gt;, &quot;i&quot;: &lt;int&gt;}&#39; to &#39;{&quot;$timestamp&quot;: {&quot;t&quot;: &lt;int&gt;, &quot;i&quot;: &lt;int&gt;}}&#39;.
 This new format will be decoded to an instance of
 :class:`~bson.timestamp.Timestamp`. The old format will continue to be
 decoded to a python dict as before. Encoding to the old format is no
 longer supported as it was never correct and loses type information.

Issues Resolved
...............

See the `PyMongo 2.8 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 2.8 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/14223






six 1.9.0 -> 1.10.0

1.10.0


  • Issue 122: Improve the performance of six.int2byte on Python 3.
  • Pull request 55 and issue 99: Don't add the winreg module to six.moves
    on non-Windows platforms.
  • Pull request 60 and issue 108: Add six.moves.getcwd and
    six.moves.getcwdu.
  • Pull request 64: Add create_unbound_method to create unbound methods.

requests-oauthlib 0.4.2 -> 0.7.0

0.7.0

++++++++++++++++++++++++++

  • Allowed OAuth2Session.request to take the client_id and
    client_secret parameters for the purposes of automatic token refresh,
    which may need them.

0.6.2

+++++++++++++++++++++

  • Use client_id and client_secret for the Authorization header if
    provided.
  • Allow explicit bypass of the Authorization header by setting auth=False.
  • Pass through the proxies kwarg when refreshing tokens.
  • Miscellaneous cleanups.

0.6.1

+++++++++++++++++++++++++

  • Fixed a bug when sending authorization in headers with no username and
    password present.
  • Make sure we clear the session token before obtaining a new one.
  • Some improvements to the Slack compliance fix.
  • Avoid timing problems around token refresh.
  • Allow passing arbitrary arguments to requests when calling
    fetch_request_token and fetch_access_token.

0.6.0

+++++++++++++++++++++++++

  • Add compliance fix for Slack.
  • Add compliance fix for Mailchimp.
  • TokenRequestDenied exceptions now carry the entire response, not just the
    status code.
  • Pass through keyword arguments when refreshing tokens automatically.
  • Send authorization in headers, not just body, to maximize compatibility.
  • More getters/setters available for OAuth2 session client values.
  • Allow sending custom headers when refreshing tokens, and set some defaults.

0.5.0

+++++++++++++++++++

  • Fix TypeError being raised instead of TokenMissing error.
  • Raise requests exceptions on 4XX and 5XX responses in the OAuth2 flow.
  • Avoid AttributeError when initializing the OAuth2Session class
    without complete client information.

rsa 3.1.4 -> 3.4.2

3.4.2


  • Fixed dates in CHANGELOG.txt

3.4.1


  • Included tests/private.pem in MANIFEST.in
  • Included README.md and CHANGELOG.txt in MANIFEST.in

3.4


  • Moved development to Github: https://github.com/sybrenstuvel/python-rsa
  • Solved side-channel vulnerability by implementing blinding, fixes 19
  • Deprecated the VARBLOCK format and rsa.bigfile module due to security issues, see
    Vulnerability in bigfile.py sybrenstuvel/python-rsa#13
  • Integration with Travis-CI 1, Coveralls [2] and Code Climate [3]
  • Deprecated the old rsa._version133 and rsa._version200 submodules, they will be
    completely removed in version 4.0.
  • Add an 'exponent' argument to key.newkeys()
  • Switched from Solovay-Strassen to Miller-Rabin primality testing, to
    comply with NIST FIPS 186-4 [4] as probabilistic primality test
    (Appendix C, subsection C.3):
  • Fixed bugs 12, 14, 27, 30, 49

1 https://travis-ci.org/sybrenstuvel/python-rsa
[2] https://coveralls.io/github/sybrenstuvel/python-rsa
[3] https://codeclimate.com/github/sybrenstuvel/python-rsa
[4] http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf

3.3


  • Thanks to Filippo Valsorda: Fix BB'06 attack in verify() by
    switching from parsing to comparison. See 1 for more information.
  • Simplified Tox configuration and dropped Python 3.2 support. The
    coverage package uses a u'' prefix, which was reintroduced in 3.3
    for ease of porting.

1 https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/

3.2.3


  • Added character encoding markers for Python 2.x

3.2.1


  • Added per-file licenses
  • Added support for wheel packages
  • Made example code more consistent and up to date with Python 3.4

3.2


  • Mentioned support for Python 3 in setup.py

Flask-Login 0.2.11 -> 0.3.2

0.3.2


Released on October 8th, 2015

  • Fixes Python 2.6 compatibility.
  • Updates SESSION_KEYS to include "remember".

0.3.1


Released on September 30th, 2015

  • Fixes removal of non-Flask-Login keys from session object when using 'strong'
    protection.

0.3.0


Released on September 10th, 2015

  • Fixes handling of X-Forward-For header.
  • Update to use SHA512 instead of MD5 for session identifier creation.
  • Fixes session creation for every view.
  • BREAKING: UTC used to set cookie duration.
  • BREAKING: Non-fresh logins now returns HTTP 401.
  • Support unicode user IDs in cookie.
  • Fixes user_logged_out signal invocation.
  • Support for per-Blueprint login views.
  • BREAKING: The is_authenticated, is_active, and is_anonymous members of
    the user class are now properties, not methods. Applications should update
    their user classes accordingly.
  • Various other improvements including documentation and code clean up.

Flask-Script -> 2.0.5

0.6.7


Released on February 16, 2014

  • Expose app instance in a command commands (manage.app). 83
  • Show full help for submanagers if called without arguments. 85
  • Fix ShowUrls command conflict. 88

0.6.6


Released on December 6, 2013

  • Fix global being passed after command by not expliciting checking for the 'parents' argument.

0.6.5


Released on December 5, 2013

  • Change warning from UserWarning to DeprecationWarning so it is ignored by default

0.6.4


Released on December 5, 2013

  • Only pass parents argument if a command's create_parser accepts it. Workaround for 71

0.6.3


Released on November 11, 2013

  • Separate usage into usage/help/description
  • Allow for command auto detection

0.6.2


Released on August 10, 2013

  • FIXED: 0.6.1 fails to embed ipython at all

0.6.1


Released on August 9, 2013

  • FIXED: IPython Shell embedding fails after upgrade to IPython 1.0

0.6.0


Released on August 7, 2013.

  • Drop support for Python 2.5
  • Support Python 2.6/2.7 and >= 3.3 using same source code.
    Import necessary compatibility code from flask._compat module of current
    Flask repo code.
  • Use proper argparse subparsers
  • Tab completion using argcomplete
  • Remove question marks from automatically being appended to prompt_bool and prompt_choices
  • FIXED: ipython with disabled bpython
  • FIXED: debug parameter no longer passed in from flask_script

0.5.3


Released on January 9, 2013.

  • Fix nasty bug in Clean command that deletes all files

0.5.2


Released on December 26, 2012.

  • Change from module to package and refactor project structure
  • Add BPython shell support
  • Add Clean and ShowUrls commands
  • Add Group, a simple way to group arguments

0.5.1


Released on October 2nd, 2012.

  • Fixed an issue where debug settings were being overridden if present in config.
  • Expose 'passthrough_errors' on Server to disable error catching (useful to hook debuggers in (ex. pdb))

0.5.0


Released on September 22, 2012.

Flask-Script -> 2.0.5

0.6.7


Released on February 16, 2014

  • Expose app instance in a command commands (manage.app). 83
  • Show full help for submanagers if called without arguments. 85
  • Fix ShowUrls command conflict. 88

0.6.6


Released on December 6, 2013

  • Fix global being passed after command by not expliciting checking for the 'parents' argument.

0.6.5


Released on December 5, 2013

  • Change warning from UserWarning to DeprecationWarning so it is ignored by default

0.6.4


Released on December 5, 2013

  • Only pass parents argument if a command's create_parser accepts it. Workaround for 71

0.6.3


Released on November 11, 2013

  • Separate usage into usage/help/description
  • Allow for command auto detection

0.6.2


Released on August 10, 2013

  • FIXED: 0.6.1 fails to embed ipython at all

0.6.1


Released on August 9, 2013

  • FIXED: IPython Shell embedding fails after upgrade to IPython 1.0

0.6.0


Released on August 7, 2013.

  • Drop support for Python 2.5
  • Support Python 2.6/2.7 and >= 3.3 using same source code.
    Import necessary compatibility code from flask._compat module of current
    Flask repo code.
  • Use proper argparse subparsers
  • Tab completion using argcomplete
  • Remove question marks from automatically being appended to prompt_bool and prompt_choices
  • FIXED: ipython with disabled bpython
  • FIXED: debug parameter no longer passed in from flask_script

0.5.3


Released on January 9, 2013.

  • Fix nasty bug in Clean command that deletes all files

0.5.2


Released on December 26, 2012.

  • Change from module to package and refactor project structure
  • Add BPython shell support
  • Add Clean and ShowUrls commands
  • Add Group, a simple way to group arguments

0.5.1


Released on October 2nd, 2012.

  • Fixed an issue where debug settings were being overridden if present in config.
  • Expose 'passthrough_errors' on Server to disable error catching (useful to hook debuggers in (ex. pdb))

0.5.0


Released on September 22, 2012.

facebook-sdk 0.4.0 -> 2.0.0

2.0.0

  • Add support for Graph API versions 2.6 and 2.7.
  • Remove support for Graph API version 2.0 and FQL.
  • Change default Graph API version to 2.1.
  • Fix bug with debug_access_token method not working when the
    GraphAPI object's access token was set (276).
  • Allow offline generation of application access tokens.

1.0.0

  • Python 3 support.
  • More comprehensive test coverage.
  • Full Unicode support.
  • Better exception handling.
  • Vastly improved documentation.

oauth2client 1.4.5 -> 4.0.0

4.0.0

New features:

  • New Django samples. (636)
  • Add support for RFC7636 PKCE. (588)
  • Release as a universal wheel. (665)

Bug fixes:

  • Fix django authorization redirect by correctly checking validity of credentials. (651)
  • Correct query loss when using parse_qsl to dict. (622)
  • Switch django models from pickle to jsonpickle. (614)
  • Support new MIDDLEWARE Django 1.10 aetting. (623)
  • Remove usage of os.environ.setdefault. (621)
  • Handle missing storage files correctly. (576)
  • Try to revoke token with POST when getting a 405. (662)

Internal changes:

  • Use transport module for GCE environment check. (612)
  • Remove author lines and add contributors.md. (627)
  • Clean up imports. (625)
  • Use transport.request in tests. (607)
  • Drop unittest2 dependency (610)
  • Remove backslash line continuations. (608)
  • Use transport helpers in system tests. (606)
  • Clean up usage of HTTP mocks in tests. (605)
  • Remove all uses of MagicMock. (598)
  • Migrate test runner to pytest. (569)
  • Merge util.py and _helpers.py. (579)
  • Remove httplib2 imports from non-transport modules. (577)

Breaking changes:

  • Drop Python 3.3 support. (603)
  • Drop Python 2.6 support. (590)
  • Remove multistore_file. (589)

3.0.0

  • Populate token_expiry for GCE credentials. (473)
  • Move GCE metadata interface to a separate module. (520)
  • Populate scopes for GCE credentials. (524)
  • Fix Python 3.5 compatibility. (531)
  • Add oauth2client.contrib.sqlalchemy, a SQLAlchemy-based credential store. (527)
  • Improve error when an invalid client secret is provided. (530)
  • Add oauth2client.contrib.multiprocess_storage. This supersedes the functionality in oauth2client.contrib.multistore_file. (504)
  • Pull httplib2 usage into a separate transport module. (559, 561)
  • Refactor all django-related code into oauth2client.contrib.django_util. Add DjangoORMStorage, remove FlowField. (546)
  • Fix application default credentials resolution order. (570)
  • Add configurable timeout for GCE metadata server check. (571)
  • Add warnings when using deprecated approval_prompt=&#39;force&#39;. (572)
  • Add deprecation warning to oauth2client.contrib.multistore_file. (574)
  • (Hygiene) PEP8 compliance and various style fixes (537, 540, 552, 562)
  • (Hygiene) Remove duplicated exception classes in oauth2client.contrib.appengine. (533)

NOTE: The next major release of oauth2client (v4.0.0) will remove the oauth2client.contrib.multistore_file module.

2.2.0

  • Added support to override token_uri and revoke_uri in oauth2client.service_account.ServiceAccountCredentials. (510)
  • oauth2client.contrib.multistore_file now handles OSError in addition to IOError because Windows may raise OSError where other platforms will raise IOError.
  • oauth2client.contrib.django_util and oauth2client.contrib.django_orm have been updated to support Django 1.8 - 1.10. Versions of Django below 1.8 will not work with these modules.

2.1.0

  • Add basic support for JWT access credentials. (503)
  • Fix oauth2client.client.DeviceFlowInfo to use UTC instead of the system timezone when calculating code expiration.

2.0.2

  • Fix issue where flask_util.UserOAuth2.required would accept expired credentials (452).
  • Fix issue where flask_util would fill the session with Flow objects (498).
  • Fix issue with Python 3 binary strings in Flow.step2_exchange (446).
  • Improve test coverage to 100%.

2.0.1

  • Making scopes optional on Google Compute Engine AppAssertionCredentials
    and adding a warning that GCE won't honor scopes (419)
  • Adding common sign_blob() to service account types and a
    service_account_email property. (421)
  • Improving error message in P12 factory
    ServiceAccountCredentials.from_p12_keyfile when pyOpenSSL is
    missing. (424)
  • Allowing default flags in oauth2client.tools.run_flow()
    rather than forcing users to create a dummy argparser (426)
  • Removing oauth2client.util.dict_to_tuple_key() from public
    interface (429)
  • Adding oauth2client.contrib._appengine_ndb helper module
    for oauth2client.contrib.appengine and moving most code that
    uses the ndb library into the helper (434)
  • Fix error in django_util sample code (438)

2.0.0post1

  • Fix Google Compute Engine breakage (411, breakage introduced in 387) that
    made it impossible to obtain access tokens
  • Implement ServiceAccountCredentials.from_p12_keyfile_buffer()
    to allow passing a file-like object in addition to the factory
    constructor that uses a filename directly (413)
  • Implement ServiceAccountCredentials.create_delegated()
    to allow upgrading a credential to one that acts on behalf
    of a given subject (420)

2.0.0

  • Add django_util (332)
  • Avoid OAuth2Credentials id_token going out of sync after a token
    refresh (337)
  • Move to a contrib sub-package code not considered a core part of
    the library (346, 353, 370, 375, 376, 382)
  • Add token_expiry to devshell credentials (372)
  • Move Storage locking into a base class (379)
  • Added dictionary storage (380)
  • Added to_json and from_json methods to all Credentials
    classes (385)
  • Fall back to read-only credentials on EACCES errors (389)
  • Coalesced the two ServiceAccountCredentials
    classes (395, 396, 397, 398, 400)

Special Note About ServiceAccountCredentials:

For JSON keys, you can create a credential via

from oauth2client.service_account import ServiceAccountCredentials
credentials = ServiceAccountCredentials.from_json_keyfile_name(
   key_file_name, scopes=[...])

You can still rely on

from oauth2client.client import GoogleCredentials
credentials = GoogleCredentials.get_application_default()

returning these credentials when you set the GOOGLE_APPLICATION_CREDENTIALS
environment variable.

For .p12 keys, construct via

credentials = ServiceAccountCredentials.from_p12_keyfile(
   service_account_email, key_file_name, scopes=[...])

though we urge you to use JSON keys (rather than .p12 keys) if you can.

This is equivalent to the previous method

PRE-oauth2client 2.0.0 EXAMPLE CODE!
from oauth2client.client import SignedJwtAssertionCredentials

with open(key_file_name, &#39;rb&#39;) as key_file:
   private_key = key_file.read()

credentials = SignedJwtAssertionCredentials(
   service_account_email, private_key, scope=[...])

1.5.2

  • Add access token refresh error class that includes HTTP status (310)
  • Python3 compatibility fixes for Django (316, 318)
  • Fix incremental auth in flask_util (322)
  • Fall back to credential refresh on EDEADLK in multistore_file (336)

1.5.1

  • Fix bad indent in tools.run_flow() (301, bug was
    introduced when switching from 2 space indents to 4)

1.5.0

  • Fix (more like clarify) bytes / str handling in crypto
    methods. (203, 250, 272)
  • Replacing webapp with webapp2 in oauth2client.appengine (217)
  • Added optional state parameter to
    step1_get_authorize_url. (219 and 222)
  • Added flask_util module that provides a Flask extension to aid
    with using OAuth2 web server flow. This provides the same functionality
    as the appengine.webapp2 OAuth2Decorator, but will work with any Flask
    application regardless of hosting environment. (226, 273)
  • Track scopes used on credentials objects (230)
  • Moving docs to readthedocs.org(237, 238, 244)
  • Removing old_run module. Was deprecated July 2, 2013. (285)
  • Avoid proxies when querying for GCE metadata (to check if
    running on GCE) (114, 293)

1.4.12

  • Fix OS X flaky test failure (189).
  • Fix broken OpenSSL import (191).
  • Remove util.positional from wrapped request in Credentials.authorize()
    (196, 197).
  • Changing pinned dependencies to &gt;= (200, 204).
  • Support client authentication using Authorization header (206).
  • Clarify environment check in case where GAE imports succeed but GAE services
    aren't available (208).

1.4.11

  • Better environment detection with Managed VMs.
  • Better OpenSSL detection in exotic environments.

1.4.10

  • Update the OpenSSL check to be less strict about finding crypto.py in
    the OpenSSL directory.
  • tox updates for new environment handling in tox.

1.4.9

  • Ensure that the ADC fails if we try to write the well-known file to a
    directory that doesn't exist, but not if we try to read from one.

1.4.8

  • Better handling of body during token refresh when body is a stream.
  • Better handling of expired tokens in storage.
  • Cleanup around openSSL import.
  • Allow custom directory for the well_known_file.
  • Integration tests for python2 and python3. (!!!)
  • Stricter file permissions when saving the well_known_file.
  • Test cleanup around config file locations.

1.4.7

  • Add support for Google Developer Shell credentials.
  • Better handling of filesystem errors in credential refresh.
  • python3 fixes
  • Add NO_GCE_CHECK for skipping GCE detection.
  • Better error messages on InvalidClientSecretsError.
  • Comment cleanup on run_flow.

1.4.6

  • Add utility function to convert PKCS12 key to PEM. (115)
  • Change GCE detection logic. (93)
  • Add a tox env for doc generation.

Flask-SQLAlchemy -> 2.1

2.1


Released on October 23rd 2015, codename Caesium

  • Table names are automatically generated in more cases, including
    subclassing mixins and abstract models.
  • Allow using a custom MetaData object.
  • Add support for binds parameter to session.

2.0


Released on August 29th 2014, codename Bohrium

  • Changed how the builtin signals are subscribed to skip non Flask-SQLAlchemy
    sessions. This will also fix the attribute error about model changes
    not existing.
  • Added a way to control how signals for model modifications are tracked.
  • Made the SignallingSession a public interface and added a hook
    for customizing session creation.
  • If the bind parameter is given to the signalling session it will no
    longer cause an error that a parameter is given twice.
  • Added working table reflection support.
  • Enabled autoflush by default.
  • Consider SQLALCHEMY_COMMIT_ON_TEARDOWN harmful and remove from docs.

1.0


Released on July 20th 2013, codename Aurum

  • Added Python 3.3 support.
  • Dropped 2.5 compatibility.
  • Various bugfixes
  • Changed versioning format to do major releases for each update now.

0.16


  • New distribution format (flask_sqlalchemy)
  • Added support for Flask 0.9 specifics.

0.15


  • Added session support for multiple databases

0.14


  • Make relative sqlite paths relative to the application root.

0.13


  • Fixed an issue with Flask-SQLAlchemy not selecting the correct binds.

0.12


  • Added support for multiple databases.
  • Expose Flask-SQLAlchemy's BaseQuery as db.Query.
  • Set default query_class for db.relation, db.relationship, and
    db.dynamic_loader to Flask-SQLAlchemy's BaseQuery.
  • Improved compatibility with Flask 0.7.

0.11


  • Fixed a bug introduced in 0.10 with alternative table constructors.

0.10


  • Added support for signals.
  • Table names are now automatically set from the class name unless
    overriden.
  • Model.query now always works for applications directly passed to
    the SQLAlchemy constructor. Furthermore the property now raises
    an RuntimeError instead of being None.
  • added session options to constructor.
  • fixed a broken __repr__
  • db.Table is now a factor function that creates table objects.
    This makes it possible to omit the metadata.

0.9


  • applied changes to pass the Flask extension approval process.

0.8


  • added a few configuration keys for creating connections.
  • automatically activate connection recycling for MySQL connections.
  • added support for the Flask testing mode.

0.7


  • Initial public release

Flask-SQLAlchemy -> 2.1

2.1


Released on October 23rd 2015, codename Caesium

  • Table names are automatically generated in more cases, including
    subclassing mixins and abstract models.
  • Allow using a custom MetaData object.
  • Add support for binds parameter to session.

2.0


Released on August 29th 2014, codename Bohrium

  • Changed how the builtin signals are subscribed to skip non Flask-SQLAlchemy
    sessions. This will also fix the attribute error about model changes
    not existing.
  • Added a way to control how signals for model modifications are tracked.
  • Made the SignallingSession a public interface and added a hook
    for customizing session creation.
  • If the bind parameter is given to the signalling session it will no
    longer cause an error that a parameter is given twice.
  • Added working table reflection support.
  • Enabled autoflush by default.
  • Consider SQLALCHEMY_COMMIT_ON_TEARDOWN harmful and remove from docs.

1.0


Released on July 20th 2013, codename Aurum

  • Added Python 3.3 support.
  • Dropped 2.5 compatibility.
  • Various bugfixes
  • Changed versioning format to do major releases for each update now.

0.16


  • New distribution format (flask_sqlalchemy)
  • Added support for Flask 0.9 specifics.

0.15


  • Added session support for multiple databases

0.14


  • Make relative sqlite paths relative to the application root.

0.13


  • Fixed an issue with Flask-SQLAlchemy not selecting the correct binds.

0.12


  • Added support for multiple databases.
  • Expose Flask-SQLAlchemy's BaseQuery as db.Query.
  • Set default query_class for db.relation, db.relationship, and
    db.dynamic_loader to Flask-SQLAlchemy's BaseQuery.
  • Improved compatibility with Flask 0.7.

0.11


  • Fixed a bug introduced in 0.10 with alternative table constructors.

0.10


  • Added support for signals.
  • Table names are now automatically set from the class name unless
    overriden.
  • Model.query now always works for applications directly passed to
    the SQLAlchemy constructor. Furthermore the property now raises
    an RuntimeError instead of being None.
  • added session options to constructor.
  • fixed a broken __repr__
  • db.Table is now a factor function that creates table objects.
    This makes it possible to omit the metadata.

0.9


  • applied changes to pass the Flask extension approval process.

0.8


  • added a few configuration keys for creating connections.
  • automatically activate connection recycling for MySQL connections.
  • added support for the Flask testing mode.

0.7


  • Initial public release

Babel 1.3 -> 2.3.4

2.3


(Feature release, released on April 8th)

Internal improvements


* The CLI frontend and Distutils commands use a shared implementation (https://github.com/python-babel/babel/pull/311)
* PyPy3 is supported (https://github.com/python-babel/babel/pull/343)

Features

Bugfixes


* Core: Mixed-case locale IDs work more reliably (https://github.com/python-babel/babel/pull/361)
* Dates: S...S formats work correctly now (https://github.com/python-babel/babel/pull/360)
* Messages: All messages are now sorted correctly if sorting has been specified (https://github.com/python-babel/babel/pull/300)
* Messages: Fix the unexpected behavior caused by catalog header updating (e0e7ef1) (https://github.com/python-babel/babel/pull/320)
* Messages: Gettext operands are now generated correctly (https://github.com/python-babel/babel/pull/295)
* Messages: Message extraction has been taught to detect encodings better (https://github.com/python-babel/babel/pull/274)



### 2.2

-----------

(Feature release, released on January 2nd 2016)

Bugfixes
  • General: Add hash to Locale. (303) (2aa8074)
  • General: Allow files with BOM if they're UTF-8 (189) (da87edd)
  • General: localedata directory is now locale-data (109) (2d1882e)
  • General: odict: Fix pop method (0a9e97e)
  • General: Removed uses of datetime.date class from *.dat files (174) (94f6830)
  • Messages: Fix plural selection for Chinese (531f666)
  • Messages: Fix typo and add semicolon in plural_forms (5784501)
  • Messages: Flatten NullTranslations.files into a list (ad11101)
  • Times: FixedOffsetTimezone: fix display of negative offsets (d816803)

Features


* CLDR: Update to CLDR 28 (292) (9f7f4d0)
* General: Add __copy__ and __deepcopy__ to LazyProxy. (a1cc3f1)
* General: Add official support for Python 3.4 and 3.5
* General: Improve odict performance by making key search O(1) (6822b7f)
* Locale: Add an ordinal_form property to Locale (270) (b3f3430)
* Locale: Add support for list formatting (37ce4fa, be6e23d)
* Locale: Check inheritance exceptions first (3ef0d6d)
* Messages: Allow file locations without line numbers (279) (79bc781)
* Messages: Allow passing a callable to `extract()` (289) (3f58516)
* Messages: Support &#39;Language&#39; header field of PO files (76) (3ce842b)
* Messages: Update catalog headers from templates (e0e7ef1)
* Numbers: Properly load and expose currency format types (201) (df676ab)
* Numbers: Use cdecimal by default when available (b6169be)
* Numbers: Use the CLDR&#39;s suggested number of decimals for format_currency (139) (201ed50)
* Times: Add format_timedelta(format=&#39;narrow&#39;) support (edc5eb5)



### 2.1

-----------

(Bugfix/minor feature release, released on September 25th 2015)

- Parse and honour the locale inheritance exceptions
 (https://github.com/python-babel/babel/issues/97)
- Fix Locale.parse using ``global.dat`` incompatible types 
 (https://github.com/python-babel/babel/issues/174)
- Fix display of negative offsets in ``FixedOffsetTimezone``
 (https://github.com/python-babel/babel/issues/214)
- Improved odict performance which is used during localization file
 build, should improve compilation time for large projects
- Add support for &quot;narrow&quot; format for ``format_timedelta``
- Add universal wheel support
- Support &#39;Language&#39; header field in .PO files 
 (fixes https://github.com/python-babel/babel/issues/76)
- Test suite enhancements (coverage, broken tests fixed, etc)
- Documentation updated



### 2.0

-----------

(Released on July 27th 2015, codename Second Coming)

- Added support for looking up currencies that belong to a territory
 through the :func:`babel.numbers.get_territory_currencies`
 function.
- Improved Python 3 support.
- Fixed some broken tests for timezone behavior.
- Improved various smaller things for dealing with dates.



### 1.4

-----------

(bugfix release, release date to be decided)

- Fixed a bug that caused deprecated territory codes not being
 converted properly by the subtag resolving.  This for instance
 showed up when trying to use ``und_UK`` as a language code
 which now properly resolves to ``en_GB``.
- Fixed a bug that made it impossible to import the CLDR data
 from scratch on windows systems.






simplejson 3.6.5 -> 3.8.2

3.8.2

3.8.1

3.8.0

  • New iterable_as_array encoder option to perform lazy serialization of
    any iterable objects, without having to convert to tuple or list.

3.7.3

3.7.2

  • Do not cache Decimal class in encoder, only reference the decimal module.
    This may make reload work in more common scenarios.

3.7.1

3.7.0

Flask 0.10.1 -> 0.11.1

0.11.1


Bugfix release, released on June 7th 2016.

  • Fixed a bug that prevented FLASK_APP=foobar/__init__.py from working. See
    pull request 1872.

0.11


Released on May 29th 2016, codename Absinthe.

  • Added support to serializing top-level arrays to :func:flask.jsonify. This
    introduces a security risk in ancient browsers. See
    :ref:json-security for details.
  • Added before_render_template signal.
  • Added **kwargs to :meth:flask.Test.test_client to support passing
    additional keyword arguments to the constructor of
    :attr:flask.Flask.test_client_class.
  • Added SESSION_REFRESH_EACH_REQUEST config key that controls the
    set-cookie behavior. If set to True a permanent session will be
    refreshed each request and get their lifetime extended, if set to
    False it will only be modified if the session actually modifies.
    Non permanent sessions are not affected by this and will always
    expire if the browser window closes.
  • Made Flask support custom JSON mimetypes for incoming data.
  • Added support for returning tuples in the form (response, headers)
    from a view function.
  • Added :meth:flask.Config.from_json.
  • Added :attr:flask.Flask.config_class.
  • Added :meth:flask.Config.get_namespace.
  • Templates are no longer automatically reloaded outside of debug mode. This
    can be configured with the new TEMPLATES_AUTO_RELOAD config key.
  • Added a workaround for a limitation in Python 3.3's namespace loader.
  • Added support for explicit root paths when using Python 3.3's namespace
    packages.
  • Added :command:flask and the flask.cli module to start the local
    debug server through the click CLI system. This is recommended over the old
    flask.run() method as it works faster and more reliable due to a
    different design and also replaces Flask-Script.
  • Error handlers that match specific classes are now checked first,
    thereby allowing catching exceptions that are subclasses of HTTP
    exceptions (in werkzeug.exceptions). This makes it possible
    for an extension author to create exceptions that will by default
    result in the HTTP error of their choosing, but may be caught with
    a custom error handler if desired.
  • Added :meth:flask.Config.from_mapping.
  • Flask will now log by default even if debug is disabled. The log format is
    now hardcoded but the default log handling can be disabled through the
    LOGGER_HANDLER_POLICY configuration key.
  • Removed deprecated module functionality.
  • Added the EXPLAIN_TEMPLATE_LOADING config flag which when enabled will
    instruct Flask to explain how it locates templates. This should help
    users debug when the wrong templates are loaded.
  • Enforce blueprint handling in the order they were registered for template
    loading.
  • Ported test suite to py.test.
  • Deprecated request.json in favour of request.get_json().
  • Add "pretty" and "compressed" separators definitions in jsonify() method.
    Reduces JSON response size when JSONIFY_PRETTYPRINT_REGULAR=False by removing
    unnecessary white space included by default after separators.
  • JSON responses are now terminated with a newline character, because it is a
    convention that UNIX text files end with a newline and some clients don't
    deal well when this newline is missing. See
    Add JSONIFY_END_WITH_NEWLINE config variable pallets/flask#1262 -- this came up originally as a
    part of https://github.com/kennethreitz/httpbin/issues/168
  • The automatically provided OPTIONS method is now correctly disabled if
    the user registered an overriding rule with the lowercase-version
    options (issue 1288).
  • flask.json.jsonify now supports the datetime.date type (pull request
    1326).
  • Don't leak exception info of already catched exceptions to context teardown
    handlers (pull request 1393).
  • Allow custom Jinja environment subclasses (pull request 1422).
  • flask.g now has pop() and setdefault methods.
  • Turn on autoescape for flask.templating.render_template_string by default
    (pull request 1515).
  • flask.ext is now deprecated (pull request 1484).
  • send_from_directory now raises BadRequest if the filename is invalid on
    the server OS (pull request 1763).
  • Added the JSONIFY_MIMETYPE configuration variable (pull request 1728).
  • Exceptions during teardown handling will no longer leave bad application
    contexts lingering around.

0.10.2


(bugfix release, release date to be announced)

  • Fixed broken test_appcontext_signals() test case.
  • Raise an :exc:AttributeError in :func:flask.helpers.find_package with a
    useful message explaining why it is raised when a PEP 302 import hook is used
    without an is_package() method.
  • Fixed an issue causing exceptions raised before entering a request or app
    context to be passed to teardown handlers.
  • Fixed an issue with query parameters getting removed from requests in
    the test client when absolute URLs were requested.
  • Made before_first_request into a decorator as intended.
  • Fixed an etags bug when sending a file streams with a name.
  • Fixed send_from_directory not expanding to the application root path
    correctly.
  • Changed logic of before first request handlers to flip the flag after
    invoking. This will allow some uses that are potentially dangerous but
    should probably be permitted.
  • Fixed Python 3 bug when a handler from app.url_build_error_handlers
    reraises the BuildError.

flask-mongoengine 0.7.1 -> 0.8

0.8

  • Dropped MongoEngine 0.7 support
  • Added MongoEngine 0.10 support
  • Added PyMongo 3 support
  • Added Python3 support up to 3.5
  • Allowed empying value list in SelectMultipleField
  • Fixed paginator issues
  • Use InputRequired validator to allow 0 in required field
  • Made help_text Field attribute optional
  • Added "radio" form_arg to convert field into RadioField
  • Added "textarea" form_arg to force conversion into TextAreaField
  • Added field parameters (validators, filters...)
  • Fixed 'False' connection settings ignored
  • Fixed bug to allow multiple instances of extension
  • Added MongoEngineSessionInterface support for PyMongo's tz_aware option
  • Support arbitrary primary key fields (not "id")
  • Configurable httponly flag for MongoEngineSessionInterface
  • Various bugfixes, code cleanup and documentation improvements
  • Move from deprecated flask.ext.* to flask_* syntax in imports
  • Added independent connection handler for FlaskMongoEngine
  • All MongoEngine connection calls are proxied via FlaskMongoEngine connection handler
  • Added backward compatibility for settings key names
  • Added support for MongoMock and temporary test DB
  • Fixed issue with multiple DB support
  • Various bugfixes

Once you have closed this pull request, I'll create seperate pull requests for every update as soon as I find them.

That's it for now!

Happy merging! 🤖

@wooyek wooyek merged commit 7c7a76f into develop Nov 1, 2016
@wooyek wooyek deleted the pyup-initial-update branch November 2, 2016 11:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants