Changelogs » Cornice

Cornice

4.1.0

==================

- Nothing changed yet.

4.0.1

==================

**Bug fixes**

- Fix support of schema as class instead of instance (523)

4.0.0

==================

**Breaking changes**

- Check for ``MappingSchema`` instance in ``colander_*_validator`` (503)

**Bug fixes**

- Fix updating request.validated dict in ``colander_*_validator`` (503)

3.6.1

==================

- Do not return content if response is ``204 No Content`` (fixes 521)

3.6.0

==================

- Add validation support for multipart/form-data (510)

3.5.1

==================

- Fix usage of localizer in Errors when l18n is deactivated. (505)

3.5.0

==================

- Translate Error description field when added with ``request.errors.add()`` (502)

3.4.4

==================

**Internal changes**

- Remove remaining usage of deprecated ``.best_match()``

3.4.3

==================

**Internal changes**

- Remove usage of deprecated ``.best_match()`` (thanks abk-code)

3.4.2

==================

**Internal changes**

- Fix DeprecationWarning for unrecognized backslash escapes (491)

3.4.1

==================

**Bug fixes**

- support both marshmallow 2.x and 3.x unknown key handling (ergo, 495)

**Internal changes**

- Enable support for Python 3.7
- cornice.errors and validation tests now use the builtin `json` module instead of `simplejson` (okin, 494)
- Cleanup tests (karantan, 488)

3.4.0

==================

- Add traverse support. For more information regarding Hybrid Applications see
`Pyramid documentation <https://docs.pylonsproject.org/projects/pyramid/en/1.9-branch/narr/hybrid.html>`_
(483).

3.3.0

==================

- Cornice now accepts Marshmallow schemas instead of instances (482, ergo)
- Marshmallow schemas get request object added to their context
during validation (482, ergo)

3.2.0

==================

**New features**

- Add marshmallow request validation support (475, thanks ergo)
- Allow to reuse Pyramid existing routes in services (477, thanks ergo)

**Documentation**

- Make tutorial work for python3 users (471, thanks rvandegrift)

**Internal changes**

- Remove configuration commit (476, thanks ergo)
- Remove mentions of ``text/json`` in tests and docs (478, thanks wjehenddher)

3.1.0

==================

- In addition to the ``colander_body_validator``, there are now three more similar validators:
``colander_headers_validator``, ``colander_path_validator``, and
``colander_querystring_validator``.
- six is now a required dependency.

3.0.0

==================

**Breaking changes**

Please refer to `upgrading docs <https://cornice.readthedocs.io/en/stable/upgrading.html>`_ for detailed migration instructions.

- ``acl`` and ``traverse`` parameters are not supported anymore on services
- Constructors of resource decorated classed must now be ``__init__(self, request, context=None)``

**Enhancements**

- Align Cornice with Pyramid ACL pattern: Dynamic ACLs based
on resource are now possible (452, thanks wjehenddher)

**Bug fixes**

- Disable CSRF check on predicate fallback view (fixes 458)
- Fix to use own validator for Header Accept (fixes 431)

2.4.0

==================

**Enhancements**

- Add support for arrays on request body top level.

2.3.0

==================

**Enhancements**

- Add support for validation with specific JSON Content-Types
(i.e application/merge-patch+json).
- Add ``X-Content-Type-Options: nosniff`` headers to responses (fixes 102)
- Add a ``request.current_service`` attribute (fixes 105)

**Bug fixes**

- Fix ``cornice.cors.get_cors_preflight_view`` to make it parse
`Access-Control-Request-Headers` header correctly event if its value
contains zero number of white spaces between commas (422)

**Internal changes**

- Clean-up an inconsistency in ``cornice.service.decorate_view()`` function
where ``acl`` and ``factory`` were expected as view arguments (whereas
deprecated since 1.0)

2.2.0

==================

**Enhancements**

- Add support of custom predicates in resources (344, thanks VDigitall!)

**Internal changes**

- Assert proper behaviour of UTF-8 content JSON body (366, thanks thruflo!)

2.1.0

==================

**Enhancements**

- ``Cornice.validators.colander_validator`` and
``cornice.validators.colander_body_validator`` now accept colander
schema node instances.  Previously only schema classes were
accepted.  For some discussion see 412.

**Deprecations**

- Passing schema classes to ``Cornice.validators.colander_validator`` and
``cornice.validators.colander_body_validator`` is now deprecated.
(See above.)

**Bug fixes**

- To maintain consistency with cornice 1.2 as to the semantics of
``location='path'``, change ``cornice.validators.extract_cstruct``
so that it places ``request.matchdict`` (rather than
``request.path``) into ``cstruct['path']``. (411)

- Fix ``cornice.validators.colander_validator`` so that it does
nothing if ``schema`` is unset (or set to ``None``.)  Previously
(contrary to its docstring) it was raising a ``TypeError``.

**Internal changes**

- Raised test coverage to 100% (417)

Huge thanks to dairiki for his help on this release!

2.0.2

==================

**Bug fixes**

* Exclude ``tests`` from install (407, thanks doctaweeks!)

**Internal changes**

- Deprecate ``cornice.util.extract_json_data()`` and ``cornice.util.extract_form_urlencoded_data()``
in favor of ``cornice.validators.extract_cstruct()`` (409)

2.0.1

==================

**Bug fixes**

- Fix Colander imports to make sure it remains optional (400)
- Fix truncated JSON validation error message when request body does not contain
valid JSON (401)
- Fix docs about upgrading deserializers (402)

2.0.0

==================

**Breaking changes**

Please refer to `upgrading docs <https://cornice.readthedocs.io/en/stable/upgrading.html>`_ for detailed migration instructions.

- Dropped Python 2.6 support (368)
- Got rid of Buildout files (369)
- Got rid of Spore extension (379)
- Moved Sphinx extension to dedicated repo (379)
- Moved project scaffold to dedicated repo (238, 390)
- Completely rework the schema validation features (376, 386)
- Moved examples to dedicated repo (392)
- Custom ``error_handler`` now receives the request instead of errors (381)
- Errors list ``request.errors`` has no ``request`` anymore (372, 378)
- ``request.errors.add()`` now only accepts one of ``header``, ``body``, ``url``,
``path``, ``querystring``, ``cookies`` or ``method`` as first argument (374)
- Remove deprecated features (382)

**Internal changes**

- Take ``__version__`` from setup.py (358)
- Remove duplicated list of test deps in tox file (371)

1.2.1

==================

Bug fixes

- Properly handle content_type callables returning a single internet media type
as scalar. Thanks amotl (343)
- Do not raise a 415 error when no content-type and no body (354)

Documentation

- Improve documentation regarding content type negotiation and media type
validation. Thanks amotl (91, 343, 350)
- Fix typo in testing docs. Thanks peletiah (348)
- Clarify docs for deferred colander validator. Thanks antoineleclair (352)

1.2.0

==================

- Adding the ability to define services imperatively. (335)
- Clean cornice/statics/ files. (345)

Bug fixes

- Convert ``None`` to ``colander.null``  before calling colander's ``deserialize`` function. (342)
- Allow i18n of colander error messages (206)

1.1.0

==================

- Warn if resource collection and record paths are not distinct. Thanks
circlingthesun (292)

Bug fixes

- Fix duplicated CORS exposed headers (301)
- Fix setup.py in template. Thanks areski (296)
- Make resource test less dependent on Pyramid version (312)
- Fix reload in sphinx extension for Python 3. Thanks JohnBrodie (295)
- Fix usage of Colander ``schema_type()`` and ``schema.typ``. Thanks
tisdall (309)
- Fix check for CORS Allow Credentials. Thanks treerao (320)
- Fix Access-Control-Max-Age value if undefined on service (338)

Documentation

- Fix typos in documentation. Thanks robvdl, tisdall (306, 313)
- Rewrite quickstart documentation (305)
- Huge set of documentation improvements. Thanks areski (297)

1.0.0

==================

Breaking changes:

- ACLs are now handled per route and not per view. Thanks circlingthesun
(287)

Other changes:

- Display default values in the sphinx documentation extension, Thanks
MikaYuoadas (284)
- Add an option to disable Colander schema request binding. (288)

0.20.0

===================

- Service.cors_supported_headers are now filtered by method and CORS options
are now handled in a more consistent way (281).

0.19.0

===================

- Keep fields when colander schema set "unknown=preserve"

0.18.1

===================

- Fix CORS protocol that was sometimes returning
Access-Control-Expose-Headers on preflight request.

0.18

=================

- Fix CORS OPTIONS permission when using default_permission (273)
- Ensure Colander schemas are a Mapping (271)
- Use the tox matrix with Travis. (272)
- Improve Sphinx documentation for schema attributes (270)
- Set CORS headers when an exception is raised (261)
- Remove Cornice warning when returning string or array instead of JSON (256)
- Fix add_view decorator (215)
- Handle per view permissions (248)
- Handle CORS credentials origin (263)
- Let the user choose the default content_type (262)
- Fix spore documentation (255)
- Handle default values in colander schemas (253)

0.17

=================

- Use a string for the version number (cornice.__version__);
- Fix handling of invalid JSON input;
- Fix pyramid configurator route_prefix;
- Fix CORS behavior when using "*";
- Support strict validation of querystring and body;
- Add support for unflatted in querystring;
- If colander defines a default value, put it in request.validated;
- Do not require a permission for the fallback view.

0.16.1

===================

- Added the license in the distribution tarball
- Updated the license headers of the files (to MPL v2.0)

0.16

=================

- Added venusion depth support to cornice.resource 187
- Add support for validation of input content other than JSON against Colander
schemas: built-in support of form-urlencoded and configuration hooks for
other content types 192
- Add support for pyramid traversal. 196
- bugfix: schema was only being bound to the first request 197
- bugfix: can now pass the `decorator` add_view parameter to the Service class 198

0.15

=================

- Add support for dynamic validation schemas for resources.
- Add support for context factory.
- Manually commit configuration changes.
- Add support for Colander's drop object
- Update sphinxext to not display HEAD.
- Allow for explicitely named services created for resources.
- Raise exceptions as-is if they are not subclasses of HTTPException.
- Add a way to opt-out of the exception handling.

0.14

=================

- Add validation of the ``Content-Type`` header sent in requests against a list of allowed ingress content types
- Handle HTTPNotFound and HTTPForbidden in Cornice. Fix some wrong behaviour with CORS support.
- implement "415 Unsupported Media Type"
- Allow Colander schemas with sequence fields in querystring
- Remove PasteScript from the Cornice template.
- Support imperative colander schemas
- Update JSON CSRF warning filter with a better regex

0.13

=================

- Added Cross-Origin Resource Sharing (CORS) support.

0.12

=================

- Fix auto-define of HEAD views from GET views.
- Support for Colander inheritance (introduced in new versions of Colander)
- Check for errors in the body of the view and in validators (was only checking
in validators previously)
- Add a __version__ utility in cornice/__init__.py

0.11

=================

- the sphinx extension is now provided by the `cornice.ext.sphinxext` module [not backward-compatible]
- Add support for SPORE
- add an optional 'error_handler' to view declarations.
- Services.default_{validators, filters} is now used. (Fix 75)

0.10

=================

- use pcreate rather than paster create.
- make it possible to add custom values to errors.

0.9

================

- default schema values are assumed to be in the body
- refactored the internal APIs so we are not using decorators anymore. The
service definition is now separated from the service registration in the
routing mechanism.
- added class-level validators and filters
- added documentation about cornice internals
- deprecated the service.schema attribute. Use service.definitions instead.

0.8

================

- added support for the 'OPTIONS' HTTP Verb
- allow multiple accept definitions for a service.
- get validator's docstring for the automatic doc generation
- fixed non-ascii documentation problems
- add a way to ignore some modules when scanning with venusian.scan.

0.7

================

- update license to MPL 2.0.
- renamed cornice.schemas to cornice.errors
- Added `get_view_wrapper` method to Service class to support subclasses
wrapping the view callables w/ decorators
- added buildout support
- added class-based views and the resource decorator
- make sure we use Pyramid's exceptions. Not Webob's.
- added filters support
- added schema support
- added json xsrf support
- now errors status can be different from 400.

0.6

================

- various fixes in MANIFEST

0.5

================

- added a tutorial
- stacked api decorator are now allowed
- added a Paster template for a quick start

0.4

================

- Added a way to plug validators easily.
- Fixed documentation
- Added a way to automatically document Cornice web services
- Fixed license
- Added a way to specify the accepted Content-Type values. A 406 is raised if
needed

0.3

================

- remove singleton "_defined" state from Service class; this allows service
definitions to be loaded into more than one Configurator.

0.2

================

- Fixed the MANIFEST

0.1

================

- Initial release