[Zope-Checkins] CVS: Zope/doc - CHANGES.txt:1.528.2.10 ENVIRONMENT.txt:1.17.2.2
Chris McDonough
chrism@zope.com
Fri, 3 Jan 2003 01:27:35 -0500
Update of /cvs-repository/Zope/doc
In directory cvs.zope.org:/tmp/cvs-serv25992
Modified Files:
Tag: chrism-install-branch
CHANGES.txt ENVIRONMENT.txt
Log Message:
Merging chrism-install-branch with HEAD (hopefully for one of the last
times).
=== Zope/doc/CHANGES.txt 1.528.2.9 => 1.528.2.10 ===
--- Zope/doc/CHANGES.txt:1.528.2.9 Sun Nov 24 19:13:39 2002
+++ Zope/doc/CHANGES.txt Fri Jan 3 01:27:32 2003
@@ -4,57 +4,163 @@
Change information for previous versions of Zope can be found in the
file HISTORY.txt.
- Zope 2.7.0 alpha 1
-
- Features Added
+ HEAD only
- - The zLOG package is now backed by Vinay Sajip's "PEP 282" logger
- which has been included in lib/python/logging. As a result,
- the ZLogger package was removed (as its only real duty was to
- handle syslog-based logging).
-
- - Zope's shutdown process is now more careful and clean. It
- avoids sending half-complete responses to clients, particularly
- when running in a cluster using ICP.
- http://dev.zope.org/Wikis/DevSite/Proposals/CleanShutdown
-
- - ZTUtils.Iterator now handles any object that has a Python
- iterator, resolving Collector #385 and #577. The
- implementation is somwhat simpler, as well.
+ Features added
- - ZTUtils.Tree.TreeMaker now has additional methods for setting
- various flags and attributes that influence how the tree is built,
- making these aspects accessible to PythonScripts.
+ - Collector #167: Support __getattr__ on cAccessControl PermissionRole
+ objects to allow gathering of permission names for products like
+ DocFinder and VerboseSecurity.
- - ZTUtils.Tree.TreeMaker has a new method setStateFunction, which
- allows you to set a callback function that can influence the state
- (open, closed, leaf) of each node in the tree.
+ Bugs Fixed
- - Pidfile handling improved. When Zope is started under
- zdaemon, it no longer writes its own pidfile. Instead, it
- passes in the path to Z2.pid to zdaemon as its pidfile name.
- The 'zProcessManager.pid' file is no longer ever written.
- This caused a change to the -Z option of z2.py which should be
- mostly backwards-compatible (unless people were relying on
- zProcessManager.pid to be written). Now the -Z option is a
- boolean. -Z1 means use a daemon. -Z0 means dont. The
- default is -Z1.
+ - The ZEO unit tests and wo_pcgi.py didn't run on Windows if the path
+ to the python executable included a space.
- - Collector #670: applied patch from Dieter Maurer to enhance
- the Zope profiling support
+ - Some calls to os.system('chmod') has been replaced with the more
+ portable os.chmod() call, to make install work properly on Windows.
+
+
+ Zope 2.6.1 beta 2
Bugs Fixed
+ - Collector #736: ZPublisher now allows marshalling tags to contain
+ a '-'. This is the first step towards a fix for Collector #737
+
+ - Collector #714: CopySupport's manage_clone now calls
+ manage_afterClone in the saem way that manage_pasteObjects does.
+
+ - Collector #697: Multiple selection properties were incorrectly
+ marshalled. note than any non-ascii multiple selection properties
+ modified in versions without this fix will have been corrupted in
+ the zodb.
+
+ - Collector #256: Added a check in _doChangeUser to make sure
+ passwords isn't encrypted twice.
+
+
+ Zope 2.6.1 beta 1
+
+ Bugs Fixed
+
+ - VirtualHostMonster handles empty Mapping paths properly.
+
+ - Deadlock prevention code added.
+
+ It was possible for earlier versions of ZODB to deadlock when
+ using multiple storages. If multiple transactions committed
+ concurrently and both transactions involved two or more shared
+ storages, deadlock was possible. This problem has been fixed
+ by introducing a sortKey() method to the transaction and
+ storage APIs that is used to define an ordering on transaction
+ participants. This solution will prevent deadlocks provided
+ that all transaction participants that use locks define a
+ valid sortKey() method. A warning is raised if a participant
+ does not define sortKey(). For backwards compatibility,
+ BaseStorage provides a sortKey() that uses __name__.
+
+ - Fixed bug in FileStorage related to object uncreation. An
+ attempt to load an uncreated object now raises KeyError.
+
+ - Fixed a couple bugs in FileStorage recover() that wrote
+ incorrect backpointers.
+
+ - Fixed data_txn attribute of iterator data records to use
+ the transaction id of the previous transaction, even if it
+ also has a data_txn field.
+
+ - Fixed conflict resolution bug that raised a NameError when a
+ class involved in a conflict could not be loaded.
+
+ - Fixed C extensions that included standard header files before
+ Python.h, which is not allowed.
+
+ - Added code to ThreadedAsync/LoopCallback.py to work around a
+ bug in asyncore.py: a handled signal can cause unwanted reads
+ to happen.
+
- Collector #651: WebDAV Lock Manager was broken.
- Collector #646: metal:slot was lost during the I18n merge.
- - Removed the signal handler hung off USR1 for packing the database.
+ - Collector #640: Fix security assertion on ZCTextIndex query method.
+
+ - Delayed opening the ZODB until after the "Zope" module has
+ been imported, fixing a deadlock issue involving ZEO. The
+ "Zope" module now has a "startup()" function.
+
+ - Fixed a NameError in the recent change to DateTime.rfc822().
+
+ - Made DateTime.rfc822() simpler and independent of local timezone.
+
+ - Fixed bug in Transience reported by kedai which caused spurious
+ KeyErrors under heavy sessioning usage.
+
+ - Fixed bug in the Interface Verify package; base interfaces were not
+ included in an interface compliancy test.
+
+ - Collector #650: Fixed implicit list marshalling for lists where the
+ first two values are tainted.
+
+ - Collector #671: HTTP Ranges were broken for files and images whose
+ length wasn't exactly divisible by 2**16.
+
+ - ModuleSecurityInfo declarations could be lost if further declarations
+ were made after the Info object already had been applied. Such
+ additional declarations could take place in Python trusted code run
+ after Zope strartup or during a Product refresh.
+
+ - Collector #699: MailHosts created in 2.5 breaks in 2.6.
+
+ - Collector #694: dtml-sendmail mailto specification replaces "To:" header.
+ - Collector #702: DateTime.rfc822() fails without daylight saving
+
+ - Collector #703: KeyErrors raised when unindexing a PathIndex (and
+ TopicIndexes) should be swallowed and logged.
+
+ Zope 2.6.0
+
+ Bugs Fixed
+
+ - Caused many places throughout the code base to use
+ calls to user.getId() rather than user.getUserName(). With
+ most (all?) user folder implementations today, this will have
+ no behavioral change, as getId is always alised to getUserName.
+ However, this makes it possible to write user folder
+ implementations which make the distinction between the user's
+ id and the user's name. These user folders will allow users
+ to change names independent of their identity.
+
+ - WebDAV Lock Manager actually gives the user a chance to
+ specify a starting path **before** searching for locks,
+ shortening query times and memory usage in large Zope
+ instances.
+
+ - PageTemplateFiles were previously owned by whatever object
+ contained them. This resulted in very hard bugs if the user who
+ owned the container was removed. Since PageTemplateFiles come
+ from the filesystem, they are now "unowned", similar to
+ DTMLFiles. Security is still applied, but now it is applied
+ correctly.
+
+ - Collector #411: DateTime.rfc822 is not rfc822 compliant
+
+ Zope 2.6.0 beta 2
+
+
+ Bugs Fixed
+
+ - The ability to add multiple select properties to
+ PropertyManagers was broken (issue 612).
+
+ - Removed the signal handler hung off USR1 for packing the database.
This feature proved dangerous as the pack operation would happen in
- the main thread, causing all asyncore operations to stop until it
+ the main thread, causing all asyncore operations to stop until it
was finished.
- Collector #372: tal:attributes failed when combined with tal:replace.
+
- Don't try to close network connections in the signal handler
for shutdown. This hosed ZEO clients.
@@ -67,12 +173,9 @@
signal.
- Write pidfiles out with trailing newlines.
-
- Zope 2.6.0 beta 1
- Bugs Fixed
-
- - Collector #449: PathIndex did not index the last part of path.
+ - Fix setVirtualRoot in the face of unicode paths (such as occur
+ during an XML-RPC request.
- Collector #539: Fixed rendering of TAL namespace tags with an
'on-error' statement.
@@ -80,21 +183,78 @@
- Collector #586: Generated 'start' scripts had a nonsensical
export of an "INST_HOME" environment variable.
+ - Collector #580: TALES evaluateBoolean() was squishing 'default'.
+
+ - Collector #581: TALES Path traversal should not special-case a blank
+ string in the second element position. It now skips directly
+ to item access when a path element is blank or has a leading '_'.
+
+ - Fixed inconsistent attribute access in TALES Paths.
+
+ - Deprecated hasRole alias failed to return result.
+
- Collector #538: Hybrid path expressions no longer attempt to call
a value returned by the final, non-path alternate.
- Collector #573: ZTUtils Iterator didn't catch AttributeError.
- - Deprecated hasRole alias in User.py failed to return result.
+ - Collector #517: The properties page incorrectly rendered properties
+ with non-latin1 values if there were no unicode properties defined,
+ and incorrectly processed properties with non-ascii names.
+
+ - ZTUtils.SimpleTree could not build a tree with a root other than the
+ ZODB root object. Also, filter functions didn't work at all, let
+ alone in accordance with the documentation in the code.
+
+ - Collector #603: ZTUtils.Tree.encodeExpansion encoded depth with '.'
+ characters, but decodeExpansion could possibly see an encoded node
+ id as an encoded depth when that encoded id started with a '.'.
+
+ - Collector #605: ZTUtils.Tree.decodeExpansion set no limits on the
+ string to be decoded, allowing for a DoS attack with very large
+ strings.
+
+ - The fix for issue #144 broke the ability to create an empty Image or
+ File object. This functionality is now reenabled again.
+
+ - ZTUtils.Zope.TreeSkipMixin allows you to skip unauthorized objects in
+ the tree, but the filter wasn't applied when trying to filter candidate
+ child nodes through a custom setChildAccess filter.
- - Collector #580: TALES evaluateBoolean() was squishing 'default'.
+ - Emails sent through MailHost now automatically include a Date header if
+ not already present, in compliance with RFC822 and RFC2822.
+
+ Features Added
- - Collector #581: TALES Path traversal should not special-case a blank
- string in the second element position. It now skips directly
- to item access when a path element is blank or has a leading '_'.
+ - Add optional 'relative' argument to getURL the method in CatalogBrains.
+ This allows it to generate site relative URLs like absolute_url can.
- - Fixed inconsistent attribute access in TALES Paths.
+ - ZTUtils.Tree.encodeExpansion now will use zlib compression by default,
+ allowing for a far larger number of open tree states to be encoded.
+ decodeExpansion handles compressed expansion states automatically.
+
+ - ZTUtils.Tree.TreeMaker now has additional methods for setting
+ various flags and attributes that influence how the tree is built,
+ making these aspects accessible to PythonScripts.
+ - ZTUtils.Tree.TreeMaker has a new method setStateFunction, which
+ allows you to set a callback function that can influence the state
+ (open, closed, leaf) of each node in the tree.
+
+ - Pidfile handling improved. When Zope is started under
+ zdaemon, it no longer writes its own pidfile. Instead, it
+ passes in the path to Z2.pid to zdaemon as its pidfile name.
+ The 'zProcessManager.pid' file is no longer ever written.
+ This caused a change to the -Z option of z2.py which should be
+ mostly backwards-compatible (unless people were relying on
+ zProcessManager.pid to be written). Now the -Z option is a
+ boolean. -Z1 means use a daemon. -Z0 means dont. The
+ default is -Z1.
+
+ Zope 2.6.0 beta 1
+
+ Bugs Fixed
+
- Collector #587: fixed wrong migration to string methods in
DTMLMethod.py
@@ -107,8 +267,6 @@
- Collector #574: Fixed write on HEAD requests caused by overzealous
ETag support.
- - Fixed broken management form for TopicIndexes.
-
- Fixed bug in z2.py where it would eat certain socket error exceptions
at startup.
@@ -246,9 +404,6 @@
Features Added
- - Add optional 'relative' argument to getURL the method in CatalogBrains.
- This allows it to generate site relative URLs like absolute_url can.
-
- Browser ids can now be encoded in the URL and Zope can be
instructed to automatically include the browser id in its
generated URLs.
@@ -330,8 +485,14 @@
support for the Expat parser for unmarshalling data, which speeds up
things considerably.
- - Added i18n support in TAL processing
+ - Binary builds for Linux are now built against glibc 2.1.3 with large
+ file support enabled.
+ - Binary builds for Solaris are now built against Solaris 8 with large
+ file support enabled.
+
+ - Added i18n support in TAL processing
+
Zope 2.6.0 alpha 1
Features Added
=== Zope/doc/ENVIRONMENT.txt 1.17.2.1 => 1.17.2.2 ===
--- Zope/doc/ENVIRONMENT.txt:1.17.2.1 Sun Nov 24 19:13:39 2002
+++ Zope/doc/ENVIRONMENT.txt Fri Jan 3 01:27:32 2003
@@ -13,14 +13,13 @@
See also: SOFTWARE_HOME
+ SOFTWARE_HOME
- SOFTWARE_HOME
-
- The SOFTWARE_HOME usually keeps the directory name of the
+ The SOFTWARE_HOME usually keeps the directory name of the
Zope core installation.
Order of product initialization:
-
+
All Products are initialized in ascending alphabetical order by
product name, regardless of whether an INSTANCE_HOME exists.
If two products with the same name exist in both SOFTWARE_HOME
@@ -30,13 +29,11 @@
See also: INSTANCE_HOME
-
ZOPE_HOME
ZOPE_HOME is the root of the Zope software, where the ZServer
package, z2.py, and the default import directory may be found.
-
FORCE_PRODUCT_LOAD
This environment variable can be used to force or suppress
@@ -60,6 +57,7 @@
nonempty string set Products are loaded
empty string set Products are not loaded
+
Profiling
PROFILE_PUBLISHER
@@ -75,24 +73,21 @@
If set, all SiteRoots are suppressed (used by SiteAccess products).
-
SUPPRESS_SITEROOT
If set, all site access rules are suppressed (used by SiteAccess
products).
-
ZEO
CLIENT_HOME
CLIENT_HOME allows ZEO clients to easily keep distinct pid and log
- files. This is currently an *experimental* feature.
-
+ files. This is currently an *experimental* feature.
ZEO_CLIENT
-
+
If you want a persistent client cache which retains cache contents
across ClientStorage restarts, you need to define the environment
variable, ZEO_CLIENT, to a unique name for the client. This is
@@ -100,14 +95,17 @@
the client cache is stored in temporary files which are removed
when the ClientStorage shuts down.
-Debugging and Logging
+ ZEO_CACHE_TRACE
- EVENT_LOG_FORMAT or STUPID_LOG_FORMAT
-
- Set this variable if you like to customize the output format of
- Zope event logger. EVENT_LOG_FORMAT is the preferred envvar
- but STUPID_LOG_FORMAT also works.
-
+ To enable cache tracing, set this environment variable to the
+ basename of a file to which the ZEO client process can write.
+ ZEO will append a hyphen and the storage name to the filename,
+ to distinguish different storages. If the file doesn't exist,
+ the ZEO will try to create it. See lib/python/ZEO/README.txt
+ for more information.
+
+
+Debugging and Logging
EVENT_LOG_FILE="path" or STUPID_LOG_FILE="path"
@@ -119,14 +117,12 @@
See also: LOGGING.txt
-
EVENT_LOG_SEVERITY <number> or STUPID_LOG_SEVERITY <number>
If set, Zope logs only messages whose severity is level is
higher than the specified one. EVENT_LOG_SEVERITY is the
preferred envvar but STUPID_LOG_SEVERITY also works.
-
ZSYSLOG="/dev/log"
Setting this environment variable will cause Zope to try and write
@@ -135,7 +131,6 @@
See also: LOGGING.txt
-
ZSYSLOG_FACILITY="facilityname"
Setting this environment variable will cause Zope to use the syslog
@@ -145,7 +140,6 @@
See also: LOGGING.txt
-
ZSYSLOG_SERVER="machine.name:port"
Setting this environment variable tells Zope to connect a UDP
@@ -166,11 +160,11 @@
Z_DEBUG_MODE "yes" or "no"
BOBO_DEBUG_MODE "yes" or "no" (obsolete)
-
+
Run Zope in debug mode if set. Same as -D options (z2.py)
-Misc.
+Miscellaneous
Z_REALM "your realm"
BOBO_REALM "your realm" (obsolete)
@@ -180,13 +174,12 @@
the username/password requester
-Security related
+Security related
NO_SECURITY
Unknown. Used by TAL
-
ZOPE_SECURITY_POLICY
If this variable is set to "PYTHON", Zope will use the traditional
@@ -194,19 +187,16 @@
performance reasons Zope will use the cAccessControl module (Zope
2.5+)
-
ZSP_OWNEROUS_SKIP
If set, will cause the Zope Security Policy to skip checks relating
to ownership, for servers on which ownership is not important.
-
ZSP_AUTHENTICATED_SKIP
If set, will cause the Zope Security Policy to skip checks relating
to authentication, for servers which serve only anonymous content.
-
DISALLOW_LOCAL_PRODUCTS
unknown
@@ -218,8 +208,7 @@
If this variable is set, it should be set to an integer number of
bytes. Additions to the database are not allowed if the database
- size exceeds the quota.
-
+ size exceeds the quota.
ZOPE_READ_ONLY
@@ -229,19 +218,20 @@
time given. Note that changes made by another process after the
database has been opened are not visible.
+
Session related
ZSESSION_ADD_NOTIFY
An optional full Zope path name of a callable object to be set as
the "script to call on object addition" of the session_data
- transient object container created in temp_folder at startup.
+ transient object container created in temp_folder at startup.
ZSESSION_DEL_NOTIFY
An optional full Zope path name of a callable object to be set as
the "script to call on object deletion" of the session_data
- transient object container created in temp_folder at startup.
+ transient object container created in temp_folder at startup.
ZSESSION_TIMEOUT_MINS
@@ -256,24 +246,26 @@
WebDAV
- WEBDAV_SOURCE_PORT_CLIENTS
+ WEBDAV_SOURCE_PORT_CLIENTS
Setting this variable enables the retrieval of the document source
through the standard HTTP port instead of the WebDAV port. The value
of this variable is a regular expression that is matched against
- the user-agent string of the client.
+ the user-agent string of the client.
Example::
-
+
WEBDAV_SOURCE_PORT_CLIENTS="cadaver.*" enables retrieval
- of the document source for the Cadaver WebDAV client
+ of the document source for the Cadaver WebDAV client
+
Structured Text
STX_DEFAULT_LEVEL
Set this variable to change the default level for <Hx> elements.
- The default level is 3.
+ The default level is 3.
+
DTML
@@ -287,16 +279,14 @@
HTML quoted when interpolated with a <dtml-var> or &dtml-;
construct.
-Esoteric
+
+Esoteric
Z_MAX_STACK_SIZE
This variable allows you to customize the size of the Zope stack
used by the SecurityManager (default 100).
-
FORCE_PRODUCT_RELOAD
unknown (Shane's Refresh product ???)
-
-