Kinto Web Service - Store, Sync, Share, and Self-Host.
Project description
Kinto
=====
|irc| |slack| |readthedocs| |pypi| |travis| |master-coverage|
.. |irc| image:: https://img.shields.io/badge/Live%20chat-%23kinto%20on%20freenode-blue.svg
:target: https://kiwiirc.com/client/irc.freenode.net/?#kinto
.. |slack| image:: https://img.shields.io/badge/slack-kinto-e01865.svg
:target: https://slack.kinto-storage.org/
.. |travis| image:: https://travis-ci.org/Kinto/kinto.svg?branch=master
:target: https://travis-ci.org/Kinto/kinto
.. |readthedocs| image:: https://readthedocs.org/projects/kinto/badge/?version=latest
:target: https://kinto.readthedocs.io/en/latest/
:alt: Documentation Status
.. |master-coverage| image::
https://coveralls.io/repos/Kinto/kinto/badge.svg?branch=master
:alt: Coverage
:target: https://coveralls.io/r/Kinto/kinto
.. |pypi| image:: https://img.shields.io/pypi/v/kinto.svg
:target: https://pypi-hypernode.com/pypi/kinto
Kinto is a minimalist JSON storage service with synchronisation and sharing abilities.
* `Online documentation <https://kinto.readthedocs.io/en/latest/>`_
* `Tutorial <https://kinto.readthedocs.io/en/latest/tutorials/first-steps.html>`_
* `Issue tracker <https://github.com/Kinto/kinto/issues>`_
* `Contributing <https://kinto.readthedocs.io/en/latest/community.html#how-to-contribute>`_
* `Try our daily flushed instance at: https://kinto.dev.mozaws.net/v1/ <https://kinto.dev.mozaws.net/v1/>`_
Requirements
------------
* **Python**: 2.7, 3.4+
* **Backends**: In-memory (development), Redis or Postgresql 9.4+ (production)
Changelog
#########
This document describes changes between each past release.
3.3.1 (2016-07-19)
==================
**Protocol**
- Add the ``permissions_endpoint`` capability when the ``kinto.experimental_permissions_endpoint`` is set. (#722)
3.3.0 (2016-07-18)
==================
**Protocol**
- Add new *experimental* endpoint ``GET /v1/permissions`` to retrieve the list of permissions
granted on every kind of object (#600).
Requires setting ``kinto.experimental_permissions_endpoint`` to be set to ``true``.
Protocol is now at version **1.8**. See `API changelog <http://kinto.readthedocs.io/en/latest/api/>`_.
**Bug fixes**
- Fix crash in authorization policy when requesting ``GET /buckets/collections`` (fixes #695)
- Fix crash with PostgreSQL storage backend when provided id in POST is an integer (#688).
Regression introduced in 3.2.0 with #655.
- Fix crash with PostgreSQL storage backend is configured as read-only and reaching
the records endpoint of an unknown collection (fixes #693, related #558)
- Fix events payloads for actions in the default bucket (fixes #704)
- Fix bug in object permissions with memory backend
- Make sure the tombstone is deleted when the record is created with PUT. (#715)
- Allow filtering and sorting by any attribute on buckets, collections and groups list endpoints
- Fix crash in memory backend with Python3 when filtering on unknown field
**Internal changes**
- Resource events constructors signatures were changed. The event payload is now
built immediately when event is fired instead of during transactoin commit (#704).
- Fix crash when a resource is registered without record path.
- Changed behaviour of accessible objects in permissions backend when list of
bound permissions is empty.
- Bump ``last_modified`` on record when provided value is equal to previous
in storage ``update()`` method (#713)
- Add ability to delete records and purge tombstones with just the ``parent_id``
parameter (#711)
- Buckets deletion is now a lot more efficient, since every sub-objects are
deleted with a single operation on storage backend (#711)
- Added ``get_objects_permissions()`` method in ``permission`` backend (#714)
- Changed ``get_accessible_objects()``, ``get_authorized_principals()`` methods
in ``permission`` backend (#714)
- Simplified and improved the code quality of ``kinto.core.authorization``,
mainly by keeping usage of ``get_bound_permissions`` callback in one place only.
3.2.0 (2016-06-14)
==================
**Protocol**
- Allow record IDs to be any string instead of just UUIDs (fixes #655).
Protocol is now at version **1.7**. See `API changelog <https://kinto.readthedocs.io/en/latest/api/>`_.
**New features**
- ``kinto start`` now accepts a ``--port`` option to specify which port to listen to.
**Important**: Because of a limitation in `Pyramid tooling <http://stackoverflow.com/a/21228232/147077>`_,
it won't work if the port is hard-coded in your existing ``.ini`` file. Replace
it by ``%(http_port)s`` or regenerate a new configuration file with ``kinto init``.
- Add support for ``pool_timeout`` option in Redis backend (fixes #620)
- Add new setting ``kinto.heartbeat_timeout_seconds`` to control the maximum duration
of the heartbeat endpoint (fixes #601)
- Ability to define ID generators per object type via the settings
**Bug fixes**
- Fix loss of data attributes when permissions are replaced with ``PUT`` (fixes #601)
- Fix 400 response when posting data with ``id: "default"`` in default bucket.
- Fix 500 on heartbeat endpoint when a check does not follow the specs and raises instead of
returning false.
**Internal changes**
- Renamed some permission backend methods for consistency with other classes (fixes #608)
- Removed some deprecated code that had been in ``kinto.core`` for too long.
**Documentation**
- Mention in groups documentation that the principal of a group to be used in a permissions
definition is the full URI (e.g. ``"write": ["/buckets/blog/groups/authors"]``)
- Fix typo in Github tutorial (thanks @SwhGo_oN, #673)
- New Kinto logo (thanks @AymericFaivre, #676)
- Add a slack badge to the README (#675)
- Add new questions on FAQ (thanks @enguerran, #678)
- Fix links to examples (thanks @maxdow, #680)
3.1.0 (2016-05-24)
==================
**Protocol**
- Added the ``GET /contribute.json`` endpoint for open-source information (fixes #607)
Protocol is now at version **1.6**. See `API changelog <https://kinto.readthedocs.io/en/latest/api/>`_.
**Bug fixes**
- Fix internal storage filtering when an empty list of values is provided.
- Authenticated users are now allowed to obtain an empty list of buckets on
``GET /buckets`` even if no bucket is readable (#454)
- Fix enabling flush enpoint with ``KINTO_FLUSH_ENDPOINT_ENABLED`` environment variable (fixes #588)
- Fix reading settings for events listeners from environment variables (fixes #515)
- Fix principal added to ``write`` permission when a publicly writable object
is created/edited (fixes #645)
- Prevent client to cache and validate authenticated requests (fixes #635)
- Fix bug that prevented startup if old Cliquet configuration values
were still around (#633)
**Documentation**
- Improved documentation about running in production with uWSGI (#543, #545)
3.0.1 (2016-05-20)
==================
**Bug fixes**
- Fix crash when a cache expires setting is set for a specific bucket or collection. (#597)
- Mark old cliquet backend settings as deprecated (but continue to support them). (#596)
3.0.0 (2016-05-18)
==================
- Major version update. Merged cliquet into kinto.core. This is
intended to simplify the experience of people who are new to Kinto.
Addresses #687.
- Removed ``initialize_cliquet()``, which has been deprecated for a while.
- Removed ``cliquet_protocol_version``. Kinto already defines
incompatible API variations as part of its URL format (e.g. ``/v0``,
``/v1``). Services based on kinto.core are free to use
``http_api_version`` to indicate any additional changes to their
APIs.
- Simplify settings code. Previously, ``public_settings`` could be
prefixed with a project name, which would be reflected in the output
of the ``hello`` view. However, this was never part of the API
specification, and was meant to be solely a backwards-compatibility
hack for first-generation Kinto clients. Kinto public settings
should always be exposed unprefixed. Applications developed against
kinto.core can continue using these names even after they transition
clients to the new implementation of their service.
**Bug fixes**
- Add an explicit message when the server is configured as read-only and the
collection timestamp fails to be saved (ref Kinto/kinto#558)
- Prevent the browser to cache server responses between two sessions. (#593)
- Redirects version prefix to hello page when trailing_slash_redirect is enabled. (#700)
- Fix crash when setting empty permission list with PostgreSQL permission backend (fixes Kinto/kinto#575)
- Fix crash when type of values in querystring for exclude/include is wrong (fixes Kinto/kinto#587)
- Fix crash when providing duplicated principals in permissions with PostgreSQL permission backend (fixes #702)
- Add ``app.wsgi`` to the manifest file. This helps address #543.
2.1.1 (2016-04-29)
==================
**Bug fixes**
- Fix crash in JSON schema validation when additional properties are provided (fixes #548)
- Strip internal fields before validating JSON schema (fixes #549)
- Fix migration of triggers in PostgreSQL storage backend when upgrading from Kinto<2.0.
Run the ``migrate`` command will basically re-create them (fixes #559)
**Documentation**
- Fix typo in RHEL installation instructions (#552, thanks @enkidulan!)
- Link to english version of kinto presentation article (#553, thanks @glasserc!)
- Document basics about PostgreSQL privileges (#547)
- Change links from readthedocs.org to readthedocs.io (#557)
- Fix Parse server license in docs (#571, thanks @revolunet!)
2.1.0 (2016-04-19)
==================
**Bug fixes**
- Relax content-type validation when no body is posted (fixes #507)
- Fix creation events not sent for implicit creation of objects in the ``default``
bucket (fixes #529)
- Fix the Dockerfile pip install (#522)
- Fix concurrency control request headers to recreate deleted objects (#512)
**New features**
- Allow groups to store arbitrary properties. (#469)
- A ``cache_prefix`` setting was added for cache backends. (mozilla-services/cliquet#680)
**Documentation**
- Put the cloud provider links in a comparison table (#514)
- Fix the module name of Redis event listener (thanks @happy-tanuki, #516)
- Add Makefile Documentation (thanks @ayusharma, #483)
- Document how to run Docker with custom config file (#525)
- Fix API version title (#523)
- Add a 'upgrade pip' command in the getting-started docs (#531)
- Document how to configure the postgresql backend (#533)
- Document how to upgrade Kinto (#537, #538)
Protocol is now in version **1.5**. See `API changelog <https://kinto.readthedocs.io/en/latest/api/>`_.
2.0.0 (2016-03-08)
==================
**Protocol**
- Allow buckets to store arbitrary properties. (#239, #462)
- Delete every (writable) buckets using ``DELETE /v1/buckets``
- Delete every (writable) collections using ``DELETE /v1/buckets/<bucket-id>/collections``
- Clients are redirected to URLs without trailing slash only if the current URL
does not exist (#656)
- Partial responses can now be specified for nested objects (#445)
For example, ``/records?_fields=address.street``.
- List responses are now sorted by last_modified descending by default (#434,
thanks @ayusharma)
- Server now returns 415 error response if client cannot accept JSON response (#461, mozilla-services/cliquet#667)
- Server now returns 415 error response if client does not send JSON request (#461, mozilla-services/cliquet#667)
- Add the ``__lbheartbeat__`` endpoint, for load balancer membership test.
- Add the ``flush_endpoint``, ``schema`` and ``default_bucket`` to the capabilities
if enabled in settings (#270)
Protocol is now in version **1.4**. See `API changelog <https://kinto.readthedocs.io/en/latest/api/>`_.
**Breaking changes**
- ``kinto.plugins.default_bucket`` plugin is no longer assumed. We invite users
to check that the ``kinto.plugins.default_bucket`` is present in the
``includes`` setting if they expect it. (ref #495)
- ``kinto start`` must be explicitly run with ``--reload`` in order to
restart the server when code or configuration changes (ref #490).
- Errors are not swallowed anymore during the execution of ``ResourceChanged``
events subscribers.
Subscribers are still executed within the transaction like before.
Subscribers are still executed even if the transaction is eventually rolledback.
Every subscriber execution succeeds, or none.
Thus, subscribers of these events should only perform operations that are reversed
on transaction rollback: most likely database storage operations.
For irreversible operations see the new ``AfterResourceChanged`` event.
**New features**
- Event subscribers are now ran synchronously and can thus alter responses (#421)
- Resource events are now merged in batch requests. One event per resource and
per action is emitted when a transaction is committed (mozilla-services/cliquet#634)
- Monitor time of events listeners execution (mozilla-services/cliquet#503)
- Added a new ``AfterResourceChanged`` event, that is sent only when the commit
in database is done and successful.
`See more details <https://cliquet.readthedocs.io/en/latest/reference/notifications.html>`_.
- Track execution time on StatsD for each authentication sub-policy (mozilla-services/cliquet#639)
- Default console log renderer now has colours (mozilla-service/cliquet#671)
- Output Kinto version with ``kinto --version`` (thanks @ayusharma)
**Bug fixes**
- Fix PostgreSQL backend timestamps when collection is empty (#433)
- ``ResourceChanged`` events are not emitted if a batch subrequest fails (mozilla-services/cliquet#634)
There are still emitted if the whole batch transaction is eventually rolledback.
- Fix a migration of PostgreSQL schema introduced that was never executed (mozilla-services/cliquet#604)
- Fix statsd initialization on storage (mozilla-services/cliquet#637)
- Providing bad last modified values on delete now returns 400 (mozilla-services/cliquet#665)
- Providing last modified in the past for delete now follows behaviour create/update (mozilla-services/cliquet#665)
- Do not always return 412 errors when request header ``If-None-Match: *``
is sent on ``POST /collection`` (fixes #489, mozilla-service/cliquet#673)
- Fix secret in ini on Python 3 (fixes #341)
- Error when trying to create an empty directory (fixes #475)
- Text plain body should be rejected with an error (#461)
**Documentation**
- Additions in troubleshooting docs (thanks @ayusharma)
- Add uwsgi bind error to troubleshooting (fixes #447)
- Mention python plugin for Uwsgi (#448)
- Add how to troubleshoot psql encoding problems. (#453)
- Add mini checklist for CDN deployment (#450)
- Replace subjective ligthweight by minimalist (fixes #417)
- Improve synchronisation docs (#451)
- Add the requirements in the Readme (#465)
- Add docs about architecture (fixes #430)
- Add a 'why' paragraph to the docs (Kinto value proposition) (#482)
- Update docs: how to choose the backend (#485, thanks @Enguerran)
- Add a custom id generator tutorial (#464)
**Internal changes**
- Changed default duration between retries on error (``Retry-After`` header)
from 30 to 3 seconds.
- Speed-up startup (ref #490)
- Optimized (and cleaned) usage of (un)authenticated_userid (#424, mozilla-services/cliquet#641)
- Fixed usage of virtualenv in Makefile (#443)
- Add a badge for the irc channel (#459)
- Change phrasing for backend selection (#470)
- Add a CONTRIBUTING file (#471, thanks @magopian)
- Add a contribute.json file (#478, #480, thanks @magopian)
1.11.2 (2016-02-03)
===================
**Bug fixes**
- Expose the ETag header in 304 responses for default bucket (ref mozilla-services/cliquet#631)
**Documentation**
- Add Scalingo *one-click deploy* button (#418, thanks @yannski)
- Improve introduction of notifications tutorial (#419, thanks @tarekziade)
- Fix typos (thanks @magopian)
1.11.1 (2016-02-01)
===================
**Bug fixes**
- Fix wheels for Python 3 that were requiring the functools32 package that is
for Python 2 only (fixes #303).
**Documentation**
- Fix a broken hyperlink in the overview section. (#406, thanks William Hoang)
- Talk about tokens rather than user:password (#393)
1.11.0 (2016-01-28)
===================
**Protocol**
- Forward slashes (``/``) are not escaped anymore in JSON responses (mozilla-services/cliquet#537)
- Fields can be filtered in GET requests using ``_fields=f1,f2`` in querystring (#399)
- New collections can be created via ``POST`` requests (thanks John Giannelos)
- The API capabilities can be exposed in a ``capabilities`` attribute in the
root URL (#628). Clients can rely on this to detect optional features on the
server (e.g. enabled plugins)
Protocol is now version 1.3. See `API changelog <https://kinto.readthedocs.io/en/latest/api/>`_.
**New features**
- Add a Heroku single-clic deploy button (#362)
- Install PostgreSQL libraries on ``kinto init`` (fixes #313)
- Smaller Docker container image (#375, #376, #383)
- Install major plugins in Dockerfile (fixes #317)
- The policy name used to configure authentication in settings is now used for
the user id prefix and StatsD ``authn_type`` counters.
- Check backends configuration at startup (#228)
- Output message for config file creation (#351, thanks Aditya Basin)
- Trigger internal event on server flush (#354)
**Bug fixes**
- Fix validation of collection id in default bucket (fixes #260)
- Fix kinto init failure when the config folder already exists (#349)
- Fix Docker compose startup (fixes #325)
- Run migrate command when Docker container starts (fixes #363)
- Fix listener name logging during startup (#626)
- Do not log batch subrequests twice (#264)
- Fix hmac digest with Python 3 (#288)
- Add explicit dependency for functools32 when Kinto is installed with an old
pip version (fixes #303)
**Documentation**
Highlights:
- Add tutorials about notifications (ref #353)
- Add tutorial how to write a plugin (#382)
- Add tutorial how to setup Github authentication (#390)
- Move default values to dedicated column in docs (fixes #255)
- Move run-kinto to get-started and remove platform specific installation
instructions (#373)
Improved:
- Update features table in overview
- Update overview comparisons (#294, #324, #328)
- Update FAQ (#397, #398)
- Simplify some aspects of the settings page (#374)
- Sharding documentation (#381)
Minor:
- Added missing DELETE endoint for list of records (fixes #238)
- Mention how to restrict private URLs with NGinx (fixes #250)
- Fix link to the freenode #kinto channel in the docs (#333)
- Remove Firefox Account mention from README (fixes #326)
- Move application examples page to wiki (ref #321)
- Move PostgreSQL server docs to wiki (fixes #321)
- Change colors of logo (#359)
- Add invitation for community to point their demos/use cases (fixes #356)
- Remove duplicate glossary in docs (#372)
- Remove troubleshooting paragraph from contributing page (#385)
- Fix wrong groups name and permissions names in the documentation (#389)
- Improve formatting of code block in tutorials (#391, #396)
**Internal changes**
- Default bucket feature is now a built-in plugin (fixes #277, fixes #311, #380)
- Do not require cliquet master branch in dev (#341, #400). Now moved as tox env in TravisCI
1.10.1 (2015-12-11)
===================
**Bug fixes**
- Fix ``kinto init`` when containing folder does not exist (fixes #302)
**Internal changes**
- Added Hoodie in the comparison matrix (#282, thanks @Niraj8!)
- Added a get started button in documentation (#315, thanks @Niraj8!)
1.10.0 (2015-12-01)
===================
**Breaking changes**
- When using *cliquet-fxa*, the setting ``multiauth.policy.fxa.use`` must now
be explicitly set to ``cliquet_fxa.authentication.FxAOAuthAuthenticationPolicy``
- Fields in the root view were renamed (mozilla-services/cliquet#600)
**Bug fixes**
- Fix redis default host in kinto init (fixes #289)
- Fix DockerFile with default configuration (fixes #296)
- Include plugins after setting up components (like authn/authz) so that plugins
can register views with permissions checking
- Remove ``__permissions__`` from impacted records values in ``ResourceChanged``
events (mozilla-services/cliquet#586)
**Protocol**
Changed the naming in the root URL (hello view) (mozilla-services/cliquet#600)
- Added ``http_api_version``
- Renamed ``hello`` to ``project_name``
- Renamed ``protocol_version`` to ``cliquet_protocol_version``
- Renamed ``documentation`` to ``project_docs``
- Renamed ``version`` to ``project_version``
**New features**
- New options in configuration of listeners to specify filtered actions and
resource names (mozilla-services/cliquet#492, mozilla-services/cliquet#555)
- Add ability to be notified on read actions on a resource (disabled by
default) (mozilla-services/cliquet#493)
**Internal changes**
- Clarified how Kinto is versionned in the documentation (#305)
1.9.0 (2015-11-18)
==================
- Upgraded to *Cliquet* 2.11.0
**Breaking changes**
- For PostgreSQL backends, it is recommended to specify ``postgresql://``.
**Protocol**
- In the hello view:
- Add a ``bucket`` attribute in ``user`` mapping allowing clients
to obtain the actual id of their default bucket
- Add the ``protocol_version`` to tell which protocol version is
implemented by the service. (#324)
- ``_since`` and ``_before`` now accepts an integer value between quotes ``"``,
as it would be returned in the ``ETag`` response header.
- A batch request now fails if one of the subrequests fails
(mozilla-services/cliquet#510) (*see new feature about
transactions*)
**New features**
- Add a Kinto command for start and migrate operation. (#129)
- Add a Kinto command to create a configuration file. (#278)
- A transaction now covers the whole request/response cycle (#194).
If an error occurs during the request processing, every operation performed
is rolled back. **Note:** This is only enabled with *PostgreSQL* backends. In
other words, the rollback has no effect on backends like *Redis* or *Memory*.
- New settings for backends when using PostgreSQL: ``*_max_backlog``,
``*_max_overflow``, ``*_pool_recycle``, ``*_pool_timeout`` to
control connections pool behaviour.
**Bug fixes**
- Fix 500 error response (instead of 503) when storage backend fails during
implicit creation of objects on ``default`` bucket. (fixes #236)
- Fixed ``Dockerfile`` for PostgreSQL backends.
- Fix JSON schema crash when no field information is available.
**Internal changes**
- Optimization for retrieval of user principals (#263)
- Do not build the Docker container when using Docker Compose.
- Add Python 3.5 on TravisCI
- Add schema validation loadtest (fixes #201)
- Multiple documentation improvements.
- The PostgreSQL backends now use SQLAlchemy sessions.
See also `*Cliquet* changes <https://github.com/mozilla-services/cliquet/releases/2.11.0>`_
1.8.0 (2015-10-30)
==================
- Upgraded to *Cliquet* 2.10.0
**Protocol breaking changes**
- Moved ``userid`` attribute to a dedicated ``user`` mapping in the hello
view (#242).
**New features**
- Follow redirections in batch subrequests (fixes mozilla-services/cliquet#511)
- Set cache headers only when anonymous (fixes mozilla-services/cliquet#449)
- Add a ``readonly`` setting to run the service in read-only mode. (#241)
- If no client cache is set, add ``Cache-Control: no-cache`` by default,
so that clients are forced to revalidate their cache against the server
(ref Kinto/kinto#231)
**Bug fixes**
- Fixed 503 error message to mention backend errors in addition to unavailability.
- When recreating a record that was previously deleted, status code is now ``201``
(ref mozilla-services/cliquet#530).
- Fix PostgreSQL error when deleting an empty collection in a protected
resource (fixes mozilla-services/cliquet#528)
- Fix PUT not using ``create()`` method in storage backend when tombstone exists
(fixes mozilla-services/cliquet#530)
- Delete tombstone when record is re-created (fixes mozilla-services/cliquet#518)
- Fix crash with empty body for PATCH (fixes mozilla-services/cliquet#477,
fixes mozilla-services/cliquet#516)
- Fix english typo in 404 error message (fixes mozilla-services/cliquet#527)
1.7.0 (2015-10-28)
==================
- Upgraded to *Cliquet* 2.9.0
- Update cliquet-fxa configuration example for cliquet-fxa 1.4.0
- Improve the documentation to get started
**New features**
- Added Pyramid events, triggered when the content of a resource has changed. (#488)
- Added ``kinto.includes`` setting allowing loading of plugins once Kinto
is initialized (unlike ``pyramid.includes``). (#504)
**Protocol**
- Remove the broken git revision ``commit`` field in the hello page. (#495).
`Please read the full Cliquet 2.9.0 changelog for more information <https://github.com/mozilla-services/cliquet/releases/tag/2.9.0>`_
1.6.2 (2015-10-22)
==================
**Bug fixes**
- Handle 412 details with default bucket (#226)
1.6.1 (2015-10-22)
==================
- Upgraded to *Cliquet* 2.8.2
**Bug fixes**
- Return a JSON body for 405 response on the default bucket (#214)
**Internal changes**
- Improve documentation for new comers (#217)
- Do not force host in default configuration (#219)
- Use tox installed in virtualenv (#221)
- Skip python versions unavailable in tox (#222)
1.6.0 (2015-10-14)
==================
- Upgraded to *Cliquet* 2.8.1
**Breaking changes**
- Settings prefixed with ``cliquet.`` are now deprecated, and should be replaced
with non prefixed version instead.
- In the root url response, public settings are exposed without prefix too
(e.g. ``batch_max_requests``).
1.5.1 (2015-10-07)
==================
- Upgraded to *Cliquet* 2.7.0
1.5.0 (2015-09-23)
==================
- Add Disqus comments to documentation (fixes #159)
**New features**
- Allow POST to create buckets (fixes #64)
- Control client cache headers from settings or collection objects (#189)
**Internal changes**
- Remove dead code (#187, ref #53)
- Add pytest-capturelog for better output on test failures (#191)
- Install cliquet middleware (*no-op if disabled*) (#193)
- Many optimizations on ``default`` bucket (#192, #197)
- Many optimizations on number of storage hits (#203)
- Fix contributing docs about tests (#198)
- Added more batched actions to loadtests (#199)
1.4.0 (2015-09-04)
==================
**New features**
- Partial collection of records when user has no ``read`` permission on collection (fixes #76).
Alice can now obtain a list of Bob records on which she has individual ``read`` permission!
- Collection can now specify a JSON schema and validate its records (#31).
The feature is marked as *experimental* and should be explicitly enabled
from settings (#181)
- Accept empty payload on buckets and collections creation (#63)
- Allow underscores in Kinto bucket and collection names (#153, fixes #77)
- Collection records can now be filtered using multiple values (``?in_status=1,2,3``) (mozilla-services/cliquet#39)
- Collection records can now be filtered excluding multiple values (``?exclude_status=1,2,3``) (mozilla-services/readinglist#68)
- Current userid is now provided when requesting the hello endpoint with an ``Authorization``
header (mozilla-services/cliquet#319)
- UUID validation now accepts any kind of UUID, not just v4 (mozilla-services/cliquet#387)
- Querystring parameter ``_to`` on collection records was renamed to ``_before`` (*the former is now
deprecated*) (mozilla-services/cliquet#391)
- Allow to configure info link in error responses with ``cliquet.error_info_link``
setting (mozilla-services/cliquet#395)
**Bug fixes**
- Fix consistency in API to modify permissions with PATCH (fixes #155)
The list of principals for each specified permission is now replaced by the one
provided.
- Use correct HTTP Headers encoding in both Python2 and Python3 (#141)
- ETag is now returned on every verb (fixes #110)
**Internal changes**
- When deleting a collection also remove the records tombstones (#136)
- Complete revamp of the documentation (#156 #167 #168 #169 #170)
- Upgraded to *Cliquet* 2.6.0
1.3.1 (2015-07-15)
==================
- Upgraded to *Cliquet* 2.3.1
**Bug fixes**
- Make sure the default route only catch /buckets/default and
/buckets/default/* routes. (#131)
1.3.0 (2015-07-13)
==================
- Upgraded to *Cliquet* 2.3.0
**Bug fixes**
- Handle CORS with the default bucket. (#126, #135)
- Add a test to make sure the tutorial works. (#118)
**Internal changes**
- List StatsD counters and timers in documentation (fixes #73)
- Update virtualenv dependencies on setup.py modification (fixes #130)
1.2.1 (2015-07-08)
==================
- Upgraded to *Cliquet* 2.2.1
**Bug fixes**
- Improvements and fixes in the tutorial (#107)
- Querystring handling when using the personal bucket (#119)
- Default buckets ID is now a UUID with dashes (#120)
- Handle unknown permission and fix crash on /buckets (#88)
- Fix permissions handling on PATCH /resource (mozilla-services/cliquet#358)
**Internal changes**
- Test with the normal Kinto authentication policy and remove the fake one (#121)
1.2.0 (2015-07-03)
==================
- Upgraded to *Cliquet* 2.2.+
**New features**
- Add the personal bucket ``/buckets/default``, where collections are created
implicitly (#71)
- *Kinto* now uses the memory backend by default, which simplifies its usage
for development (#86, #95)
- Add public settings in hello view (mozilla-services/cliquet#318)
**Bug fixes**
- Fix Docker compose file settings (#100)
- Fix version redirection behaviour for unsupported versions (mozilla-services/cliquet#341)
- Fix overriding backend settings in .ini (mozilla-services/cliquet#343)
**Internal changes**
- Documentation improvements (#75)
- Added tutorial (#79)
- Remove hard dependency on *PostgreSQL* (#100)
- Add pytest-cache (#98)
- Add Pypy test on Travis (#99)
- Update dependencies on ``make install`` (#97)
- Fix URL of readthedocs.io (#90)
1.1.0 (2015-06-29)
==================
**New features**
- Polish default kinto configuration and default to memory backend. (#81)
- Add the kinto group finder (#78)
- Flush endpoint now returns 404 is disabled (instead of 405) (#82)
**Bug fixes**
- ETag not updated on collection update (#80)
**Internal changes**
- Use py.test to run tests instead of nose (#85)
1.0.0 (2015-06-17)
==================
**New features**
- Added notion of buckets, user groups and collections (#48, #58)
- Buckets, collections and records can now have permissions (#59)
**Breaking changes**
- Updated *Cliquet* to 2.0, which introduces a lot of breaking changes
(`see changelog <https://github.com/mozilla-services/cliquet/releases/2.0.0>`_)
- Firefox Accounts is not a dependency anymore and should be installed and
included explictly using the python package ``cliquet-fxa``
(`see documentation <https://github.com/mozilla-services/cliquet-fxa/>`_)
- API is now served under ``/v1``
- Collections are now managed by bucket, and not by user anymore (#44)
.. note::
A list of records cannot be manipulated until its parents objects (bucket and
collection) are created.
Settings
- ``cliquet.permission_backend`` and ``cliquet.permission_url`` are now configured
to use PostgreSQL instead of *Redis* (see default ``config/kinto.ini``)
- ``cliquet.basic_auth_enabled`` is now deprecated (`see *Cliquet*
docs to enable authentication backends
<https://cliquet.readthedocs.io/en/latest/reference/configuration.html#basic-auth>`_)
**Internal changes**
- Added documentation about deployment and data durability (#50)
- Added load tests (#30)
- Several improvements in documentation (#51)
0.2.2 (2015-06-04)
==================
- Upgraded to *cliquet* 1.8.+
**Breaking changes**
- PostgreSQL database initialization process is not run automatically in
production. Add this command to deployment procedure:
::
cliquet --ini config/kinto.ini migrate
**Internal changes**
- Improved documentation (#29)
- Require 100% coverage during tests (#27)
- Basic Auth is now enabled by default in example config
0.2.1 (2015-03-25)
==================
- Upgraded to *cliquet* 1.4.1
**Bug fixes**
- Rely on Pyramid API to build pagination Next-Url (#147)
0.2 (2015-03-24)
================
- Upgraded to *cliquet* 1.4
**Bug fixes**
- Fix behaviour of CloudStorage with backslashes in querystring (mozilla-services/cliquet#142)
- Force PostgreSQl session timezone to UTC (mozilla-services/cliquet#122)
- Fix basic auth ofuscation and prefix (mozilla-services/cliquet#128)
- Make sure the `paginate_by` setting overrides the passed `limit`
argument (mozilla-services/cliquet#129)
- Fix crash of classic logger with unicode (mozilla-services/cliquet#142)
- Fix crash of CloudStorage backend when remote returns 500 (mozilla-services/cliquet#142)
- Fix python3.4 segmentation fault (mozilla-services/cliquet#142)
- Add missing port in Next-Page header (mozilla-services/cliquet#147)
0.1 (2015-03-20)
================
**Initial version**
- Schemaless storage of records
- Firefox Account authentication
- Kinto as a storage backend for *cliquet* applications
Contributors
============
* Aaron Egaas <me@aaronegaas.com>
* Adam Chainz <adam@adamj.eu>
* Aditya Bhasin <conlini@gmail.com>
* Alexis Metaireau <alexis@mozilla.com>
* Andy McKay <amckay@mozilla.com>
* Aymeric Faivre <miho@miho-stories.com>
* Ayush Sharma <ayush.aceit@gmail.com>
* Balthazar Rouberol <br@imap.cc>
* Boris Feld <lothiraldan@gmail.com>
* Chirag B. Jadwani <chirag.jadwani@gmail.com>
* Clément Villain <choclatefr@gmail.com>
* Dan Phrawzty <phrawzty+github@gmail.com>
* David Larlet <david@larlet.fr>
* Enguerran <engcolson@gmail.com>
* Eric Bréhault <ebrehault@gmail.com>
* Éric Lemoine <eric.lemoine@gmail.com>
* Ethan Glasser-Camp <ethan@betacantrips.com>
* Fil <fil@rezo.net>
* FooBarQuaxx
* Greeshma <greeshmabalabadra@gmail.com>
* Hiromipaw <silvia@nopressure.co.uk>
* Jelmer van der Ploeg <jelmer@woovar.com>
* John Giannelos <johngiannelos@gmail.com>
* Julien Bouquillon <contact@revolunet.com>
* Lavish Aggarwal <lucky.lavish@gmail.com>
* Maksym Shalenyi <supamaxy@gmail.com>
* Masataka Takeuchi <masataka.takeuchi@l-is-b.com>
* Mathieu Agopian <mathieu@agopian.info>
* Mathieu Leplatre <mathieu@mozilla.com>
* Maxime Varnier <marmax@gmail.com>
* Michiel de Jong <michiel@unhosted.org>
* Nicolas Hoizey <nicolas@hoizey.com>
* Nicolas Perriault <nperriault@mozilla.com>
* Niraj <https://github.com/niraj8>
* Rektide <rektide@voodoowarez.com>
* Rodolphe Quiédeville <rodolphe@quiedeville.org>
* Rémy Hubscher <rhubscher@mozilla.com>
* Shweta Oak <oakshweta11@gmail.com>
* Sofia Utsch <sofia.utsch@gmail.com>
* SwhGo_oN
* Tarek Ziade <tarek@mozilla.com>
* Taylor Zane Glaeser <tzglaeser@gmail.com>
* Wil Clouser <wclouser@mozilla.com>
* Yann Klis <yann.klis@gmail.com>
=====
|irc| |slack| |readthedocs| |pypi| |travis| |master-coverage|
.. |irc| image:: https://img.shields.io/badge/Live%20chat-%23kinto%20on%20freenode-blue.svg
:target: https://kiwiirc.com/client/irc.freenode.net/?#kinto
.. |slack| image:: https://img.shields.io/badge/slack-kinto-e01865.svg
:target: https://slack.kinto-storage.org/
.. |travis| image:: https://travis-ci.org/Kinto/kinto.svg?branch=master
:target: https://travis-ci.org/Kinto/kinto
.. |readthedocs| image:: https://readthedocs.org/projects/kinto/badge/?version=latest
:target: https://kinto.readthedocs.io/en/latest/
:alt: Documentation Status
.. |master-coverage| image::
https://coveralls.io/repos/Kinto/kinto/badge.svg?branch=master
:alt: Coverage
:target: https://coveralls.io/r/Kinto/kinto
.. |pypi| image:: https://img.shields.io/pypi/v/kinto.svg
:target: https://pypi-hypernode.com/pypi/kinto
Kinto is a minimalist JSON storage service with synchronisation and sharing abilities.
* `Online documentation <https://kinto.readthedocs.io/en/latest/>`_
* `Tutorial <https://kinto.readthedocs.io/en/latest/tutorials/first-steps.html>`_
* `Issue tracker <https://github.com/Kinto/kinto/issues>`_
* `Contributing <https://kinto.readthedocs.io/en/latest/community.html#how-to-contribute>`_
* `Try our daily flushed instance at: https://kinto.dev.mozaws.net/v1/ <https://kinto.dev.mozaws.net/v1/>`_
Requirements
------------
* **Python**: 2.7, 3.4+
* **Backends**: In-memory (development), Redis or Postgresql 9.4+ (production)
Changelog
#########
This document describes changes between each past release.
3.3.1 (2016-07-19)
==================
**Protocol**
- Add the ``permissions_endpoint`` capability when the ``kinto.experimental_permissions_endpoint`` is set. (#722)
3.3.0 (2016-07-18)
==================
**Protocol**
- Add new *experimental* endpoint ``GET /v1/permissions`` to retrieve the list of permissions
granted on every kind of object (#600).
Requires setting ``kinto.experimental_permissions_endpoint`` to be set to ``true``.
Protocol is now at version **1.8**. See `API changelog <http://kinto.readthedocs.io/en/latest/api/>`_.
**Bug fixes**
- Fix crash in authorization policy when requesting ``GET /buckets/collections`` (fixes #695)
- Fix crash with PostgreSQL storage backend when provided id in POST is an integer (#688).
Regression introduced in 3.2.0 with #655.
- Fix crash with PostgreSQL storage backend is configured as read-only and reaching
the records endpoint of an unknown collection (fixes #693, related #558)
- Fix events payloads for actions in the default bucket (fixes #704)
- Fix bug in object permissions with memory backend
- Make sure the tombstone is deleted when the record is created with PUT. (#715)
- Allow filtering and sorting by any attribute on buckets, collections and groups list endpoints
- Fix crash in memory backend with Python3 when filtering on unknown field
**Internal changes**
- Resource events constructors signatures were changed. The event payload is now
built immediately when event is fired instead of during transactoin commit (#704).
- Fix crash when a resource is registered without record path.
- Changed behaviour of accessible objects in permissions backend when list of
bound permissions is empty.
- Bump ``last_modified`` on record when provided value is equal to previous
in storage ``update()`` method (#713)
- Add ability to delete records and purge tombstones with just the ``parent_id``
parameter (#711)
- Buckets deletion is now a lot more efficient, since every sub-objects are
deleted with a single operation on storage backend (#711)
- Added ``get_objects_permissions()`` method in ``permission`` backend (#714)
- Changed ``get_accessible_objects()``, ``get_authorized_principals()`` methods
in ``permission`` backend (#714)
- Simplified and improved the code quality of ``kinto.core.authorization``,
mainly by keeping usage of ``get_bound_permissions`` callback in one place only.
3.2.0 (2016-06-14)
==================
**Protocol**
- Allow record IDs to be any string instead of just UUIDs (fixes #655).
Protocol is now at version **1.7**. See `API changelog <https://kinto.readthedocs.io/en/latest/api/>`_.
**New features**
- ``kinto start`` now accepts a ``--port`` option to specify which port to listen to.
**Important**: Because of a limitation in `Pyramid tooling <http://stackoverflow.com/a/21228232/147077>`_,
it won't work if the port is hard-coded in your existing ``.ini`` file. Replace
it by ``%(http_port)s`` or regenerate a new configuration file with ``kinto init``.
- Add support for ``pool_timeout`` option in Redis backend (fixes #620)
- Add new setting ``kinto.heartbeat_timeout_seconds`` to control the maximum duration
of the heartbeat endpoint (fixes #601)
- Ability to define ID generators per object type via the settings
**Bug fixes**
- Fix loss of data attributes when permissions are replaced with ``PUT`` (fixes #601)
- Fix 400 response when posting data with ``id: "default"`` in default bucket.
- Fix 500 on heartbeat endpoint when a check does not follow the specs and raises instead of
returning false.
**Internal changes**
- Renamed some permission backend methods for consistency with other classes (fixes #608)
- Removed some deprecated code that had been in ``kinto.core`` for too long.
**Documentation**
- Mention in groups documentation that the principal of a group to be used in a permissions
definition is the full URI (e.g. ``"write": ["/buckets/blog/groups/authors"]``)
- Fix typo in Github tutorial (thanks @SwhGo_oN, #673)
- New Kinto logo (thanks @AymericFaivre, #676)
- Add a slack badge to the README (#675)
- Add new questions on FAQ (thanks @enguerran, #678)
- Fix links to examples (thanks @maxdow, #680)
3.1.0 (2016-05-24)
==================
**Protocol**
- Added the ``GET /contribute.json`` endpoint for open-source information (fixes #607)
Protocol is now at version **1.6**. See `API changelog <https://kinto.readthedocs.io/en/latest/api/>`_.
**Bug fixes**
- Fix internal storage filtering when an empty list of values is provided.
- Authenticated users are now allowed to obtain an empty list of buckets on
``GET /buckets`` even if no bucket is readable (#454)
- Fix enabling flush enpoint with ``KINTO_FLUSH_ENDPOINT_ENABLED`` environment variable (fixes #588)
- Fix reading settings for events listeners from environment variables (fixes #515)
- Fix principal added to ``write`` permission when a publicly writable object
is created/edited (fixes #645)
- Prevent client to cache and validate authenticated requests (fixes #635)
- Fix bug that prevented startup if old Cliquet configuration values
were still around (#633)
**Documentation**
- Improved documentation about running in production with uWSGI (#543, #545)
3.0.1 (2016-05-20)
==================
**Bug fixes**
- Fix crash when a cache expires setting is set for a specific bucket or collection. (#597)
- Mark old cliquet backend settings as deprecated (but continue to support them). (#596)
3.0.0 (2016-05-18)
==================
- Major version update. Merged cliquet into kinto.core. This is
intended to simplify the experience of people who are new to Kinto.
Addresses #687.
- Removed ``initialize_cliquet()``, which has been deprecated for a while.
- Removed ``cliquet_protocol_version``. Kinto already defines
incompatible API variations as part of its URL format (e.g. ``/v0``,
``/v1``). Services based on kinto.core are free to use
``http_api_version`` to indicate any additional changes to their
APIs.
- Simplify settings code. Previously, ``public_settings`` could be
prefixed with a project name, which would be reflected in the output
of the ``hello`` view. However, this was never part of the API
specification, and was meant to be solely a backwards-compatibility
hack for first-generation Kinto clients. Kinto public settings
should always be exposed unprefixed. Applications developed against
kinto.core can continue using these names even after they transition
clients to the new implementation of their service.
**Bug fixes**
- Add an explicit message when the server is configured as read-only and the
collection timestamp fails to be saved (ref Kinto/kinto#558)
- Prevent the browser to cache server responses between two sessions. (#593)
- Redirects version prefix to hello page when trailing_slash_redirect is enabled. (#700)
- Fix crash when setting empty permission list with PostgreSQL permission backend (fixes Kinto/kinto#575)
- Fix crash when type of values in querystring for exclude/include is wrong (fixes Kinto/kinto#587)
- Fix crash when providing duplicated principals in permissions with PostgreSQL permission backend (fixes #702)
- Add ``app.wsgi`` to the manifest file. This helps address #543.
2.1.1 (2016-04-29)
==================
**Bug fixes**
- Fix crash in JSON schema validation when additional properties are provided (fixes #548)
- Strip internal fields before validating JSON schema (fixes #549)
- Fix migration of triggers in PostgreSQL storage backend when upgrading from Kinto<2.0.
Run the ``migrate`` command will basically re-create them (fixes #559)
**Documentation**
- Fix typo in RHEL installation instructions (#552, thanks @enkidulan!)
- Link to english version of kinto presentation article (#553, thanks @glasserc!)
- Document basics about PostgreSQL privileges (#547)
- Change links from readthedocs.org to readthedocs.io (#557)
- Fix Parse server license in docs (#571, thanks @revolunet!)
2.1.0 (2016-04-19)
==================
**Bug fixes**
- Relax content-type validation when no body is posted (fixes #507)
- Fix creation events not sent for implicit creation of objects in the ``default``
bucket (fixes #529)
- Fix the Dockerfile pip install (#522)
- Fix concurrency control request headers to recreate deleted objects (#512)
**New features**
- Allow groups to store arbitrary properties. (#469)
- A ``cache_prefix`` setting was added for cache backends. (mozilla-services/cliquet#680)
**Documentation**
- Put the cloud provider links in a comparison table (#514)
- Fix the module name of Redis event listener (thanks @happy-tanuki, #516)
- Add Makefile Documentation (thanks @ayusharma, #483)
- Document how to run Docker with custom config file (#525)
- Fix API version title (#523)
- Add a 'upgrade pip' command in the getting-started docs (#531)
- Document how to configure the postgresql backend (#533)
- Document how to upgrade Kinto (#537, #538)
Protocol is now in version **1.5**. See `API changelog <https://kinto.readthedocs.io/en/latest/api/>`_.
2.0.0 (2016-03-08)
==================
**Protocol**
- Allow buckets to store arbitrary properties. (#239, #462)
- Delete every (writable) buckets using ``DELETE /v1/buckets``
- Delete every (writable) collections using ``DELETE /v1/buckets/<bucket-id>/collections``
- Clients are redirected to URLs without trailing slash only if the current URL
does not exist (#656)
- Partial responses can now be specified for nested objects (#445)
For example, ``/records?_fields=address.street``.
- List responses are now sorted by last_modified descending by default (#434,
thanks @ayusharma)
- Server now returns 415 error response if client cannot accept JSON response (#461, mozilla-services/cliquet#667)
- Server now returns 415 error response if client does not send JSON request (#461, mozilla-services/cliquet#667)
- Add the ``__lbheartbeat__`` endpoint, for load balancer membership test.
- Add the ``flush_endpoint``, ``schema`` and ``default_bucket`` to the capabilities
if enabled in settings (#270)
Protocol is now in version **1.4**. See `API changelog <https://kinto.readthedocs.io/en/latest/api/>`_.
**Breaking changes**
- ``kinto.plugins.default_bucket`` plugin is no longer assumed. We invite users
to check that the ``kinto.plugins.default_bucket`` is present in the
``includes`` setting if they expect it. (ref #495)
- ``kinto start`` must be explicitly run with ``--reload`` in order to
restart the server when code or configuration changes (ref #490).
- Errors are not swallowed anymore during the execution of ``ResourceChanged``
events subscribers.
Subscribers are still executed within the transaction like before.
Subscribers are still executed even if the transaction is eventually rolledback.
Every subscriber execution succeeds, or none.
Thus, subscribers of these events should only perform operations that are reversed
on transaction rollback: most likely database storage operations.
For irreversible operations see the new ``AfterResourceChanged`` event.
**New features**
- Event subscribers are now ran synchronously and can thus alter responses (#421)
- Resource events are now merged in batch requests. One event per resource and
per action is emitted when a transaction is committed (mozilla-services/cliquet#634)
- Monitor time of events listeners execution (mozilla-services/cliquet#503)
- Added a new ``AfterResourceChanged`` event, that is sent only when the commit
in database is done and successful.
`See more details <https://cliquet.readthedocs.io/en/latest/reference/notifications.html>`_.
- Track execution time on StatsD for each authentication sub-policy (mozilla-services/cliquet#639)
- Default console log renderer now has colours (mozilla-service/cliquet#671)
- Output Kinto version with ``kinto --version`` (thanks @ayusharma)
**Bug fixes**
- Fix PostgreSQL backend timestamps when collection is empty (#433)
- ``ResourceChanged`` events are not emitted if a batch subrequest fails (mozilla-services/cliquet#634)
There are still emitted if the whole batch transaction is eventually rolledback.
- Fix a migration of PostgreSQL schema introduced that was never executed (mozilla-services/cliquet#604)
- Fix statsd initialization on storage (mozilla-services/cliquet#637)
- Providing bad last modified values on delete now returns 400 (mozilla-services/cliquet#665)
- Providing last modified in the past for delete now follows behaviour create/update (mozilla-services/cliquet#665)
- Do not always return 412 errors when request header ``If-None-Match: *``
is sent on ``POST /collection`` (fixes #489, mozilla-service/cliquet#673)
- Fix secret in ini on Python 3 (fixes #341)
- Error when trying to create an empty directory (fixes #475)
- Text plain body should be rejected with an error (#461)
**Documentation**
- Additions in troubleshooting docs (thanks @ayusharma)
- Add uwsgi bind error to troubleshooting (fixes #447)
- Mention python plugin for Uwsgi (#448)
- Add how to troubleshoot psql encoding problems. (#453)
- Add mini checklist for CDN deployment (#450)
- Replace subjective ligthweight by minimalist (fixes #417)
- Improve synchronisation docs (#451)
- Add the requirements in the Readme (#465)
- Add docs about architecture (fixes #430)
- Add a 'why' paragraph to the docs (Kinto value proposition) (#482)
- Update docs: how to choose the backend (#485, thanks @Enguerran)
- Add a custom id generator tutorial (#464)
**Internal changes**
- Changed default duration between retries on error (``Retry-After`` header)
from 30 to 3 seconds.
- Speed-up startup (ref #490)
- Optimized (and cleaned) usage of (un)authenticated_userid (#424, mozilla-services/cliquet#641)
- Fixed usage of virtualenv in Makefile (#443)
- Add a badge for the irc channel (#459)
- Change phrasing for backend selection (#470)
- Add a CONTRIBUTING file (#471, thanks @magopian)
- Add a contribute.json file (#478, #480, thanks @magopian)
1.11.2 (2016-02-03)
===================
**Bug fixes**
- Expose the ETag header in 304 responses for default bucket (ref mozilla-services/cliquet#631)
**Documentation**
- Add Scalingo *one-click deploy* button (#418, thanks @yannski)
- Improve introduction of notifications tutorial (#419, thanks @tarekziade)
- Fix typos (thanks @magopian)
1.11.1 (2016-02-01)
===================
**Bug fixes**
- Fix wheels for Python 3 that were requiring the functools32 package that is
for Python 2 only (fixes #303).
**Documentation**
- Fix a broken hyperlink in the overview section. (#406, thanks William Hoang)
- Talk about tokens rather than user:password (#393)
1.11.0 (2016-01-28)
===================
**Protocol**
- Forward slashes (``/``) are not escaped anymore in JSON responses (mozilla-services/cliquet#537)
- Fields can be filtered in GET requests using ``_fields=f1,f2`` in querystring (#399)
- New collections can be created via ``POST`` requests (thanks John Giannelos)
- The API capabilities can be exposed in a ``capabilities`` attribute in the
root URL (#628). Clients can rely on this to detect optional features on the
server (e.g. enabled plugins)
Protocol is now version 1.3. See `API changelog <https://kinto.readthedocs.io/en/latest/api/>`_.
**New features**
- Add a Heroku single-clic deploy button (#362)
- Install PostgreSQL libraries on ``kinto init`` (fixes #313)
- Smaller Docker container image (#375, #376, #383)
- Install major plugins in Dockerfile (fixes #317)
- The policy name used to configure authentication in settings is now used for
the user id prefix and StatsD ``authn_type`` counters.
- Check backends configuration at startup (#228)
- Output message for config file creation (#351, thanks Aditya Basin)
- Trigger internal event on server flush (#354)
**Bug fixes**
- Fix validation of collection id in default bucket (fixes #260)
- Fix kinto init failure when the config folder already exists (#349)
- Fix Docker compose startup (fixes #325)
- Run migrate command when Docker container starts (fixes #363)
- Fix listener name logging during startup (#626)
- Do not log batch subrequests twice (#264)
- Fix hmac digest with Python 3 (#288)
- Add explicit dependency for functools32 when Kinto is installed with an old
pip version (fixes #303)
**Documentation**
Highlights:
- Add tutorials about notifications (ref #353)
- Add tutorial how to write a plugin (#382)
- Add tutorial how to setup Github authentication (#390)
- Move default values to dedicated column in docs (fixes #255)
- Move run-kinto to get-started and remove platform specific installation
instructions (#373)
Improved:
- Update features table in overview
- Update overview comparisons (#294, #324, #328)
- Update FAQ (#397, #398)
- Simplify some aspects of the settings page (#374)
- Sharding documentation (#381)
Minor:
- Added missing DELETE endoint for list of records (fixes #238)
- Mention how to restrict private URLs with NGinx (fixes #250)
- Fix link to the freenode #kinto channel in the docs (#333)
- Remove Firefox Account mention from README (fixes #326)
- Move application examples page to wiki (ref #321)
- Move PostgreSQL server docs to wiki (fixes #321)
- Change colors of logo (#359)
- Add invitation for community to point their demos/use cases (fixes #356)
- Remove duplicate glossary in docs (#372)
- Remove troubleshooting paragraph from contributing page (#385)
- Fix wrong groups name and permissions names in the documentation (#389)
- Improve formatting of code block in tutorials (#391, #396)
**Internal changes**
- Default bucket feature is now a built-in plugin (fixes #277, fixes #311, #380)
- Do not require cliquet master branch in dev (#341, #400). Now moved as tox env in TravisCI
1.10.1 (2015-12-11)
===================
**Bug fixes**
- Fix ``kinto init`` when containing folder does not exist (fixes #302)
**Internal changes**
- Added Hoodie in the comparison matrix (#282, thanks @Niraj8!)
- Added a get started button in documentation (#315, thanks @Niraj8!)
1.10.0 (2015-12-01)
===================
**Breaking changes**
- When using *cliquet-fxa*, the setting ``multiauth.policy.fxa.use`` must now
be explicitly set to ``cliquet_fxa.authentication.FxAOAuthAuthenticationPolicy``
- Fields in the root view were renamed (mozilla-services/cliquet#600)
**Bug fixes**
- Fix redis default host in kinto init (fixes #289)
- Fix DockerFile with default configuration (fixes #296)
- Include plugins after setting up components (like authn/authz) so that plugins
can register views with permissions checking
- Remove ``__permissions__`` from impacted records values in ``ResourceChanged``
events (mozilla-services/cliquet#586)
**Protocol**
Changed the naming in the root URL (hello view) (mozilla-services/cliquet#600)
- Added ``http_api_version``
- Renamed ``hello`` to ``project_name``
- Renamed ``protocol_version`` to ``cliquet_protocol_version``
- Renamed ``documentation`` to ``project_docs``
- Renamed ``version`` to ``project_version``
**New features**
- New options in configuration of listeners to specify filtered actions and
resource names (mozilla-services/cliquet#492, mozilla-services/cliquet#555)
- Add ability to be notified on read actions on a resource (disabled by
default) (mozilla-services/cliquet#493)
**Internal changes**
- Clarified how Kinto is versionned in the documentation (#305)
1.9.0 (2015-11-18)
==================
- Upgraded to *Cliquet* 2.11.0
**Breaking changes**
- For PostgreSQL backends, it is recommended to specify ``postgresql://``.
**Protocol**
- In the hello view:
- Add a ``bucket`` attribute in ``user`` mapping allowing clients
to obtain the actual id of their default bucket
- Add the ``protocol_version`` to tell which protocol version is
implemented by the service. (#324)
- ``_since`` and ``_before`` now accepts an integer value between quotes ``"``,
as it would be returned in the ``ETag`` response header.
- A batch request now fails if one of the subrequests fails
(mozilla-services/cliquet#510) (*see new feature about
transactions*)
**New features**
- Add a Kinto command for start and migrate operation. (#129)
- Add a Kinto command to create a configuration file. (#278)
- A transaction now covers the whole request/response cycle (#194).
If an error occurs during the request processing, every operation performed
is rolled back. **Note:** This is only enabled with *PostgreSQL* backends. In
other words, the rollback has no effect on backends like *Redis* or *Memory*.
- New settings for backends when using PostgreSQL: ``*_max_backlog``,
``*_max_overflow``, ``*_pool_recycle``, ``*_pool_timeout`` to
control connections pool behaviour.
**Bug fixes**
- Fix 500 error response (instead of 503) when storage backend fails during
implicit creation of objects on ``default`` bucket. (fixes #236)
- Fixed ``Dockerfile`` for PostgreSQL backends.
- Fix JSON schema crash when no field information is available.
**Internal changes**
- Optimization for retrieval of user principals (#263)
- Do not build the Docker container when using Docker Compose.
- Add Python 3.5 on TravisCI
- Add schema validation loadtest (fixes #201)
- Multiple documentation improvements.
- The PostgreSQL backends now use SQLAlchemy sessions.
See also `*Cliquet* changes <https://github.com/mozilla-services/cliquet/releases/2.11.0>`_
1.8.0 (2015-10-30)
==================
- Upgraded to *Cliquet* 2.10.0
**Protocol breaking changes**
- Moved ``userid`` attribute to a dedicated ``user`` mapping in the hello
view (#242).
**New features**
- Follow redirections in batch subrequests (fixes mozilla-services/cliquet#511)
- Set cache headers only when anonymous (fixes mozilla-services/cliquet#449)
- Add a ``readonly`` setting to run the service in read-only mode. (#241)
- If no client cache is set, add ``Cache-Control: no-cache`` by default,
so that clients are forced to revalidate their cache against the server
(ref Kinto/kinto#231)
**Bug fixes**
- Fixed 503 error message to mention backend errors in addition to unavailability.
- When recreating a record that was previously deleted, status code is now ``201``
(ref mozilla-services/cliquet#530).
- Fix PostgreSQL error when deleting an empty collection in a protected
resource (fixes mozilla-services/cliquet#528)
- Fix PUT not using ``create()`` method in storage backend when tombstone exists
(fixes mozilla-services/cliquet#530)
- Delete tombstone when record is re-created (fixes mozilla-services/cliquet#518)
- Fix crash with empty body for PATCH (fixes mozilla-services/cliquet#477,
fixes mozilla-services/cliquet#516)
- Fix english typo in 404 error message (fixes mozilla-services/cliquet#527)
1.7.0 (2015-10-28)
==================
- Upgraded to *Cliquet* 2.9.0
- Update cliquet-fxa configuration example for cliquet-fxa 1.4.0
- Improve the documentation to get started
**New features**
- Added Pyramid events, triggered when the content of a resource has changed. (#488)
- Added ``kinto.includes`` setting allowing loading of plugins once Kinto
is initialized (unlike ``pyramid.includes``). (#504)
**Protocol**
- Remove the broken git revision ``commit`` field in the hello page. (#495).
`Please read the full Cliquet 2.9.0 changelog for more information <https://github.com/mozilla-services/cliquet/releases/tag/2.9.0>`_
1.6.2 (2015-10-22)
==================
**Bug fixes**
- Handle 412 details with default bucket (#226)
1.6.1 (2015-10-22)
==================
- Upgraded to *Cliquet* 2.8.2
**Bug fixes**
- Return a JSON body for 405 response on the default bucket (#214)
**Internal changes**
- Improve documentation for new comers (#217)
- Do not force host in default configuration (#219)
- Use tox installed in virtualenv (#221)
- Skip python versions unavailable in tox (#222)
1.6.0 (2015-10-14)
==================
- Upgraded to *Cliquet* 2.8.1
**Breaking changes**
- Settings prefixed with ``cliquet.`` are now deprecated, and should be replaced
with non prefixed version instead.
- In the root url response, public settings are exposed without prefix too
(e.g. ``batch_max_requests``).
1.5.1 (2015-10-07)
==================
- Upgraded to *Cliquet* 2.7.0
1.5.0 (2015-09-23)
==================
- Add Disqus comments to documentation (fixes #159)
**New features**
- Allow POST to create buckets (fixes #64)
- Control client cache headers from settings or collection objects (#189)
**Internal changes**
- Remove dead code (#187, ref #53)
- Add pytest-capturelog for better output on test failures (#191)
- Install cliquet middleware (*no-op if disabled*) (#193)
- Many optimizations on ``default`` bucket (#192, #197)
- Many optimizations on number of storage hits (#203)
- Fix contributing docs about tests (#198)
- Added more batched actions to loadtests (#199)
1.4.0 (2015-09-04)
==================
**New features**
- Partial collection of records when user has no ``read`` permission on collection (fixes #76).
Alice can now obtain a list of Bob records on which she has individual ``read`` permission!
- Collection can now specify a JSON schema and validate its records (#31).
The feature is marked as *experimental* and should be explicitly enabled
from settings (#181)
- Accept empty payload on buckets and collections creation (#63)
- Allow underscores in Kinto bucket and collection names (#153, fixes #77)
- Collection records can now be filtered using multiple values (``?in_status=1,2,3``) (mozilla-services/cliquet#39)
- Collection records can now be filtered excluding multiple values (``?exclude_status=1,2,3``) (mozilla-services/readinglist#68)
- Current userid is now provided when requesting the hello endpoint with an ``Authorization``
header (mozilla-services/cliquet#319)
- UUID validation now accepts any kind of UUID, not just v4 (mozilla-services/cliquet#387)
- Querystring parameter ``_to`` on collection records was renamed to ``_before`` (*the former is now
deprecated*) (mozilla-services/cliquet#391)
- Allow to configure info link in error responses with ``cliquet.error_info_link``
setting (mozilla-services/cliquet#395)
**Bug fixes**
- Fix consistency in API to modify permissions with PATCH (fixes #155)
The list of principals for each specified permission is now replaced by the one
provided.
- Use correct HTTP Headers encoding in both Python2 and Python3 (#141)
- ETag is now returned on every verb (fixes #110)
**Internal changes**
- When deleting a collection also remove the records tombstones (#136)
- Complete revamp of the documentation (#156 #167 #168 #169 #170)
- Upgraded to *Cliquet* 2.6.0
1.3.1 (2015-07-15)
==================
- Upgraded to *Cliquet* 2.3.1
**Bug fixes**
- Make sure the default route only catch /buckets/default and
/buckets/default/* routes. (#131)
1.3.0 (2015-07-13)
==================
- Upgraded to *Cliquet* 2.3.0
**Bug fixes**
- Handle CORS with the default bucket. (#126, #135)
- Add a test to make sure the tutorial works. (#118)
**Internal changes**
- List StatsD counters and timers in documentation (fixes #73)
- Update virtualenv dependencies on setup.py modification (fixes #130)
1.2.1 (2015-07-08)
==================
- Upgraded to *Cliquet* 2.2.1
**Bug fixes**
- Improvements and fixes in the tutorial (#107)
- Querystring handling when using the personal bucket (#119)
- Default buckets ID is now a UUID with dashes (#120)
- Handle unknown permission and fix crash on /buckets (#88)
- Fix permissions handling on PATCH /resource (mozilla-services/cliquet#358)
**Internal changes**
- Test with the normal Kinto authentication policy and remove the fake one (#121)
1.2.0 (2015-07-03)
==================
- Upgraded to *Cliquet* 2.2.+
**New features**
- Add the personal bucket ``/buckets/default``, where collections are created
implicitly (#71)
- *Kinto* now uses the memory backend by default, which simplifies its usage
for development (#86, #95)
- Add public settings in hello view (mozilla-services/cliquet#318)
**Bug fixes**
- Fix Docker compose file settings (#100)
- Fix version redirection behaviour for unsupported versions (mozilla-services/cliquet#341)
- Fix overriding backend settings in .ini (mozilla-services/cliquet#343)
**Internal changes**
- Documentation improvements (#75)
- Added tutorial (#79)
- Remove hard dependency on *PostgreSQL* (#100)
- Add pytest-cache (#98)
- Add Pypy test on Travis (#99)
- Update dependencies on ``make install`` (#97)
- Fix URL of readthedocs.io (#90)
1.1.0 (2015-06-29)
==================
**New features**
- Polish default kinto configuration and default to memory backend. (#81)
- Add the kinto group finder (#78)
- Flush endpoint now returns 404 is disabled (instead of 405) (#82)
**Bug fixes**
- ETag not updated on collection update (#80)
**Internal changes**
- Use py.test to run tests instead of nose (#85)
1.0.0 (2015-06-17)
==================
**New features**
- Added notion of buckets, user groups and collections (#48, #58)
- Buckets, collections and records can now have permissions (#59)
**Breaking changes**
- Updated *Cliquet* to 2.0, which introduces a lot of breaking changes
(`see changelog <https://github.com/mozilla-services/cliquet/releases/2.0.0>`_)
- Firefox Accounts is not a dependency anymore and should be installed and
included explictly using the python package ``cliquet-fxa``
(`see documentation <https://github.com/mozilla-services/cliquet-fxa/>`_)
- API is now served under ``/v1``
- Collections are now managed by bucket, and not by user anymore (#44)
.. note::
A list of records cannot be manipulated until its parents objects (bucket and
collection) are created.
Settings
- ``cliquet.permission_backend`` and ``cliquet.permission_url`` are now configured
to use PostgreSQL instead of *Redis* (see default ``config/kinto.ini``)
- ``cliquet.basic_auth_enabled`` is now deprecated (`see *Cliquet*
docs to enable authentication backends
<https://cliquet.readthedocs.io/en/latest/reference/configuration.html#basic-auth>`_)
**Internal changes**
- Added documentation about deployment and data durability (#50)
- Added load tests (#30)
- Several improvements in documentation (#51)
0.2.2 (2015-06-04)
==================
- Upgraded to *cliquet* 1.8.+
**Breaking changes**
- PostgreSQL database initialization process is not run automatically in
production. Add this command to deployment procedure:
::
cliquet --ini config/kinto.ini migrate
**Internal changes**
- Improved documentation (#29)
- Require 100% coverage during tests (#27)
- Basic Auth is now enabled by default in example config
0.2.1 (2015-03-25)
==================
- Upgraded to *cliquet* 1.4.1
**Bug fixes**
- Rely on Pyramid API to build pagination Next-Url (#147)
0.2 (2015-03-24)
================
- Upgraded to *cliquet* 1.4
**Bug fixes**
- Fix behaviour of CloudStorage with backslashes in querystring (mozilla-services/cliquet#142)
- Force PostgreSQl session timezone to UTC (mozilla-services/cliquet#122)
- Fix basic auth ofuscation and prefix (mozilla-services/cliquet#128)
- Make sure the `paginate_by` setting overrides the passed `limit`
argument (mozilla-services/cliquet#129)
- Fix crash of classic logger with unicode (mozilla-services/cliquet#142)
- Fix crash of CloudStorage backend when remote returns 500 (mozilla-services/cliquet#142)
- Fix python3.4 segmentation fault (mozilla-services/cliquet#142)
- Add missing port in Next-Page header (mozilla-services/cliquet#147)
0.1 (2015-03-20)
================
**Initial version**
- Schemaless storage of records
- Firefox Account authentication
- Kinto as a storage backend for *cliquet* applications
Contributors
============
* Aaron Egaas <me@aaronegaas.com>
* Adam Chainz <adam@adamj.eu>
* Aditya Bhasin <conlini@gmail.com>
* Alexis Metaireau <alexis@mozilla.com>
* Andy McKay <amckay@mozilla.com>
* Aymeric Faivre <miho@miho-stories.com>
* Ayush Sharma <ayush.aceit@gmail.com>
* Balthazar Rouberol <br@imap.cc>
* Boris Feld <lothiraldan@gmail.com>
* Chirag B. Jadwani <chirag.jadwani@gmail.com>
* Clément Villain <choclatefr@gmail.com>
* Dan Phrawzty <phrawzty+github@gmail.com>
* David Larlet <david@larlet.fr>
* Enguerran <engcolson@gmail.com>
* Eric Bréhault <ebrehault@gmail.com>
* Éric Lemoine <eric.lemoine@gmail.com>
* Ethan Glasser-Camp <ethan@betacantrips.com>
* Fil <fil@rezo.net>
* FooBarQuaxx
* Greeshma <greeshmabalabadra@gmail.com>
* Hiromipaw <silvia@nopressure.co.uk>
* Jelmer van der Ploeg <jelmer@woovar.com>
* John Giannelos <johngiannelos@gmail.com>
* Julien Bouquillon <contact@revolunet.com>
* Lavish Aggarwal <lucky.lavish@gmail.com>
* Maksym Shalenyi <supamaxy@gmail.com>
* Masataka Takeuchi <masataka.takeuchi@l-is-b.com>
* Mathieu Agopian <mathieu@agopian.info>
* Mathieu Leplatre <mathieu@mozilla.com>
* Maxime Varnier <marmax@gmail.com>
* Michiel de Jong <michiel@unhosted.org>
* Nicolas Hoizey <nicolas@hoizey.com>
* Nicolas Perriault <nperriault@mozilla.com>
* Niraj <https://github.com/niraj8>
* Rektide <rektide@voodoowarez.com>
* Rodolphe Quiédeville <rodolphe@quiedeville.org>
* Rémy Hubscher <rhubscher@mozilla.com>
* Shweta Oak <oakshweta11@gmail.com>
* Sofia Utsch <sofia.utsch@gmail.com>
* SwhGo_oN
* Tarek Ziade <tarek@mozilla.com>
* Taylor Zane Glaeser <tzglaeser@gmail.com>
* Wil Clouser <wclouser@mozilla.com>
* Yann Klis <yann.klis@gmail.com>
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
kinto-3.3.1.tar.gz
(893.2 kB
view hashes)
Built Distribution
kinto-3.3.1-cp2.cp3-none-any.whl
(244.3 kB
view hashes)
Close
Hashes for kinto-3.3.1-cp2.cp3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | f4dfb4dfefe8be8113246dedacc3c972e960e9d0071f3bd173323a7cc456ee63 |
|
MD5 | 9d8c3c6e8570c2c2fd658e548aa011f9 |
|
BLAKE2b-256 | 4e870a8ab4b89fc2bf69a7fb7951fed83f39d3ff03caed6da5c547338715e101 |