* Thu Sep 07 2017 firstname.lastname@example.org
- Update to version 1.9.0
* Beaker now provides builtin ``ext:mongodb`` and ``ext:redis``
namespace managers. Both come with a Synchronizer implemented
on the storage backend instead of relying on file one.
* Fixed an issue where cookie options like ``Secure``,
``Domain`` and so on where lost.
* Improved support for cache entries expiration.
NamespaceManagers that support it will expire their key
* Pycryptodome can be used instead of pycrypto.
* An issue with ``Cookie`` module import on case insensitive
file systems should have been resolved.
* Cryptography module is now as a crypto function provider
instead of pycrypto
* Thu Aug 24 2017 email@example.com
- singlespec auto-conversion
* Wed Nov 16 2016 firstname.lastname@example.org
- adjust for cryptopp -> pycryptopp rename
* Mon Nov 14 2016 email@example.com
- update to 1.8.1
* Thu Sep 15 2016 firstname.lastname@example.org
- Update to version 1.8.0
* Encrypted sessions can now specify nonce length for salt
generation through encrypt_nonce_bits parameter. set it to 48
for backward compatibility with sessions generated before 1.8.0
* kwargs support in @cache_region decorator
* annotations support in @cache_region decorator
* data_serializer parameter in Session can now specify json to
avoid pickle security issues
* Invalid cookies are now skipped in cookie based sessions
* Memcached based on PyLibMC now share same connection pool for
* Sat Apr 25 2015 email@example.com
- update to version 1.7.0:
* Beaker no longer supports python 2.4 and 2.5
* Beaker now supports Python 2.6, 2.7, 3.2, 3.3, 3.4 without
* Fixed Encrypted Cookie Session on Python3 #57
* New pbkdf2 mobule working on Python3 #21
* Fixed Test suite on Python 3.3 #53, #51
- additional changes from version 1.6.5:
* @cached decorator now keeps docstring of decorated method.
* Fix crash when Session ``accessed_time`` is not available,
this happened when session ``encrypt_key`` was changed.
* Fix cache regions not providing a default key length even
though this was required and examples in the doc didn't
* Fix crash when cache expire wasn't an int, this happened when
caching options were loaded from a config file.
- remove everything related to tests:
upstream deleted them from archive
- drop Beaker-1.6.4-setup_test.patch: only used by the tests
- do not delete the shebang of pbkdf2.py: fixed upstream
- remove CHANGELOG and LICENSE from package: deleted from archive
- add README.rst to the package documentation
* Fri Aug 09 2013 firstname.lastname@example.org
- Add a build conditional for testing with memcached. It can be too
heavy at times
- Fix previous changes entry
* Tue Aug 06 2013 email@example.com
- fix deps
- enable full testing
- Add Beaker-1.6.4-setup_test.patch: Workaround for TypeError in
* Fri Jul 19 2013 firstname.lastname@example.org
- added fdupes to remove rpmlint warning
* Sat Sep 22 2012 email@example.com
- Update to 1.6.4:
* Warning: Session hashing for encrypted sessions using PyCrypto has
changed. This will result in sessions being invalidated upon upgrading
if PyCrypto is used.
* Fix bug with key_length not being coerced to a int for comparison.
* Fix bug with cookie invalidation not clearing the cookie data.
* Added ability to pass in cookie_path for the Session.
* Add NSS crypto support to Beaker.
* Fix security bug with pycrypto not securing data such that an attacker
could possibly determine parts of the encrypted payload. See CVE-2012-3458
* Add ability to specify schema for database-backed sessions.
* Fix issue with long key names in memcached backend.
- Fix sed script so it removes the shebang instead of inserting "d" throughout
the pbkdf2.py file.
- Test suite now succeeds (for Python 2 package) but didn't add it to build
because it takes too long.
- Update URL to what is given in setup.py.
* Wed May 23 2012 firstname.lastname@example.org
- update to version 1.6.3
* Fix bug with cookie deletion on leap years. Patch contributed
by Greg Nelson and Michael Wirth.
* Fix issue with referencing same module via different import paths.
Patch contributed by brianfrantz.
* Fix cookie expiration check. Patch contributed by Mike Dirolf.
- python3 package added
- minor spec improvement
* Wed Feb 01 2012 email@example.com
- Update to version 1.6.2:
* Updated dogpile lock so that it locks per namespace+key rather than on the
entire namespace. (#101)
* Added encryption option for any backend. Patch contributed by Toby Elliot.
* Thu Nov 10 2011 firstname.lastname@example.org
- Update to version 1.6.1:
* Remove stray print statement.
* Include .app for consistency instead of requiring wrap_app.
- Changes from version 1.6:
* Fix bug with cache_key length calculation.
* Fix bug with how path was set so that its restored properly and propagated.
* Fix bug with CacheMiddleware clobbering enabled setting.
* Update option for ``cookie_expires`` so that it can now handle an integer
which will be used as the seconds till the cookie expires.
* Merge fix for Issue 31, can now handle unicode cache keys.
* Add ``key_length`` option for cache regions, and for keyword args passed
into the cache system. Cache keys longer than this will be SHA'd.
* added runtime beaker.__version__
* Add ``webtest_varname`` option to configuration to optionally include
the session value in the environ vars when using Beaker with WebTest.
* Defer running of pkg_resources to look for external cache modules
until requested. #66
* memcached backend uses pylibmc.ThreadMappedPool to ensure thread-local
usage of pylibmc when that library is in use. (#60)
* memcached backend also has ``memcache_module`` string argument, allows
direct specification of the name of which memcache backend to use.
* Basic container/file-based Session support working in Py3K. (#72)
* Further Python 3 fixes
* Added an optimization to the FileNamespaceContainer when used with
Session, such that the pickled contents of the file are not
read a second time when session.save() is called. (#64)
* Fixed bug whereby CacheManager.invalidate wouldn't work for a function
decorated by cache.cache(). (#61)
* cache decorators @cache.cache(), @cache_region() won't include first
argument named 'self' or 'cls' as part of the cache key. This allows
reasonably safe usage for methods as well as functions. (#55)
* file backend no longer squashes unpickling errors. This was inconsistent
behavior versus all the other backends.
* invalidate_corrupt flag on Session now emits a warning. (#52)
* cache.remove_value() removes the value even if it's already marked
* Thu Sep 01 2011 email@example.com
- Initial version
* Wed Apr 22 2020 Steve Kowalik <firstname.lastname@example.org>
- Fix build without Python 2 present.
* Sat Nov 23 2019 Michael Ströder <email@example.com>
- only recommend installation of package python-python-memcached
* Mon Sep 23 2019 firstname.lastname@example.org
- version update to 1.11.0
* Fixed cookie path option not being properly set (`self._path`
was removed, only `self.path` exists)
* Documented `SameSite` option
* Fixed cookie expiration being localised when it shouldn't.
* Thu Apr 18 2019 Matej Cepl <email@example.com>
- Actually for working around gh#bbangert/beaker#172 it is enough
to rm -fv tests/test.db, because the test suite apparently
doesn't clean up after itself.
* Mon Apr 01 2019 Matej Cepl <firstname.lastname@example.org>
- Ignore test_database tests to avoid gh#bbangert/beaker#172
* Fri Mar 01 2019 Tomá? Chvátal <email@example.com>
- Update to 1.10.1:
* Fix issue with Redis namespace manager TTL
* Fix for SameSite cookie option not being set in some cases
* Fix for memcached tests on Python3
* Redis namespace manager now supports providing a TTL for session entries that had a ``timeout`` provided.
This will remove the need to manually clear expired sessions from the redis storage.
* ``nsscrypto`` backend is now properly identified as providing AES support.
* When a crypto backend doesn't support AES it will no longer crash if the ``encrypt_key`` is ``None``.
* Session cookies will now provide support for ``SameSite`` through the ``samesite`` option.
By default this will be ``Lax``, but can be set to ``Strict`` or ``None`` to disable it.