The Pyramid Web Framework, a Pylons project
Project description
Pyramid
Pyramid is a small, fast, down-to-earth, open source Python web framework. It makes real-world web application development and deployment more fun, more predictable, and more productive.
Pyramid is produced by the Pylons Project.
Support and Documentation
See the Pylons Project website to view documentation, report bugs, and obtain support.
License
Pyramid is offered under the BSD-derived Repoze Public License.
1.6a2 (2015-06-30)
Bug Fixes
Ensure that pyramid.httpexceptions.exception_response returns the appropriate “concrete” class for 400 and 500 status codes. See https://github.com/Pylons/pyramid/issues/1832
Fix an infinite recursion bug introduced in 1.6a1 when pyramid.view.render_view_to_response was called directly or indirectly. See https://github.com/Pylons/pyramid/issues/1643
Further fix the JSONP renderer by prefixing the returned content with a comment. This should mitigate attacks from Flash (See CVE-2014-4671). See https://github.com/Pylons/pyramid/pull/1649
Allow periods and brackets ([]) in the JSONP callback. The original fix was overly-restrictive and broke Angular. See https://github.com/Pylons/pyramid/pull/1649
1.6a1 (2015-04-15)
Features
pcreate will now ask for confirmation if invoked with an argument for a project name that already exists or is importable in the current environment. See https://github.com/Pylons/pyramid/issues/1357 and https://github.com/Pylons/pyramid/pull/1837
Make it possible to subclass pyramid.request.Request and also use pyramid.request.Request.add_request.method. See https://github.com/Pylons/pyramid/issues/1529
The pyramid.config.Configurator has grown the ability to allow actions to call other actions during a commit-cycle. This enables much more logic to be placed into actions, such as the ability to invoke other actions or group them for improved conflict detection. We have also exposed and documented the config phases that Pyramid uses in order to further assist in building conforming addons. See https://github.com/Pylons/pyramid/pull/1513
Add pyramid.request.apply_request_extensions function which can be used in testing to apply any request extensions configured via config.add_request_method. Previously it was only possible to test the extensions by going through Pyramid’s router. See https://github.com/Pylons/pyramid/pull/1581
pcreate when run without a scaffold argument will now print information on the missing flag, as well as a list of available scaffolds. See https://github.com/Pylons/pyramid/pull/1566 and https://github.com/Pylons/pyramid/issues/1297
Added support / testing for ‘pypy3’ under Tox and Travis. See https://github.com/Pylons/pyramid/pull/1469
Automate code coverage metrics across py2 and py3 instead of just py2. See https://github.com/Pylons/pyramid/pull/1471
Cache busting for static resources has been added and is available via a new argument to pyramid.config.Configurator.add_static_view: cachebust. Core APIs are shipped for both cache busting via query strings and path segments and may be extended to fit into custom asset pipelines. See https://github.com/Pylons/pyramid/pull/1380 and https://github.com/Pylons/pyramid/pull/1583
Add pyramid.config.Configurator.root_package attribute and init parameter to assist with includeable packages that wish to resolve resources relative to the package in which the Configurator was created. This is especially useful for addons that need to load asset specs from settings, in which case it is may be natural for a developer to define imports or assets relative to the top-level package. See https://github.com/Pylons/pyramid/pull/1337
Added line numbers to the log formatters in the scaffolds to assist with debugging. See https://github.com/Pylons/pyramid/pull/1326
Add new HTTP exception objects for status codes 428 Precondition Required, 429 Too Many Requests and 431 Request Header Fields Too Large in pyramid.httpexceptions. See https://github.com/Pylons/pyramid/pull/1372/files
The pshell script will now load a PYTHONSTARTUP file if one is defined in the environment prior to launching the interpreter. See https://github.com/Pylons/pyramid/pull/1448
Make it simple to define notfound and forbidden views that wish to use the default exception-response view but with altered predicates and other configuration options. The view argument is now optional in config.add_notfound_view and config.add_forbidden_view.. See https://github.com/Pylons/pyramid/issues/494
Greatly improve the readability of the pcreate shell script output. See https://github.com/Pylons/pyramid/pull/1453
Improve robustness to timing attacks in the AuthTktCookieHelper and the SignedCookieSessionFactory classes by using the stdlib’s hmac.compare_digest if it is available (such as Python 2.7.7+ and 3.3+). See https://github.com/Pylons/pyramid/pull/1457
Assets can now be overidden by an absolute path on the filesystem when using the config.override_asset API. This makes it possible to fully support serving up static content from a mutable directory while still being able to use the request.static_url API and config.add_static_view. Previously it was not possible to use config.add_static_view with an absolute path and generate urls to the content. This change replaces the call, config.add_static_view('/abs/path', 'static'), with config.add_static_view('myapp:static', 'static') and config.override_asset(to_override='myapp:static/', override_with='/abs/path/'). The myapp:static asset spec is completely made up and does not need to exist - it is used for generating urls via request.static_url('myapp:static/foo.png'). See https://github.com/Pylons/pyramid/issues/1252
Added pyramid.config.Configurator.set_response_factory and the response_factory keyword argument to the Configurator for defining a factory that will return a custom Response class. See https://github.com/Pylons/pyramid/pull/1499
Allow an iterator to be returned from a renderer. Previously it was only possible to return bytes or unicode. See https://github.com/Pylons/pyramid/pull/1417
pserve can now take a -b or --browser option to open the server URL in a web browser. See https://github.com/Pylons/pyramid/pull/1533
Overall improvments for the proutes command. Added --format and --glob arguments to the command, introduced the method column for displaying available request methods, and improved the view output by showing the module instead of just __repr__. See https://github.com/Pylons/pyramid/pull/1488
Support keyword-only arguments and function annotations in views in Python 3. See https://github.com/Pylons/pyramid/pull/1556
request.response will no longer be mutated when using the pyramid.renderers.render_to_response() API. It is now necessary to pass in a response= argument to render_to_response if you wish to supply the renderer with a custom response object for it to use. If you do not pass one then a response object will be created using the application’s IResponseFactory. Almost all renderers mutate the request.response response object (for example, the JSON renderer sets request.response.content_type to application/json). However, when invoking render_to_response it is not expected that the response object being returned would be the same one used later in the request. The response object returned from render_to_response is now explicitly different from request.response. This does not change the API of a renderer. See https://github.com/Pylons/pyramid/pull/1563
The append_slash argument of `Configurator().add_notfound_view() will now accept anything that implements the IResponse interface and will use that as the response class instead of the default HTTPFound. See https://github.com/Pylons/pyramid/pull/1610
Bug Fixes
The JSONP renderer created JavaScript code in such a way that a callback variable could be used to arbitrarily inject javascript into the response object. https://github.com/Pylons/pyramid/pull/1627
Work around an issue where pserve --reload would leave terminal echo disabled if it reloaded during a pdb session. See https://github.com/Pylons/pyramid/pull/1577, https://github.com/Pylons/pyramid/pull/1592
pyramid.wsgi.wsgiapp and pyramid.wsgi.wsgiapp2 now raise ValueError when accidentally passed None. See https://github.com/Pylons/pyramid/pull/1320
Fix an issue whereby predicates would be resolved as maybe_dotted in the introspectable but not when passed for registration. This would mean that add_route_predicate for example can not take a string and turn it into the actual callable function. See https://github.com/Pylons/pyramid/pull/1306
Fix pyramid.testing.setUp to return a Configurator with a proper package. Previously it was not possible to do package-relative includes using the returned Configurator during testing. There is now a package argument that can override this behavior as well. See https://github.com/Pylons/pyramid/pull/1322
Fix an issue where a pyramid.response.FileResponse may apply a charset where it does not belong. See https://github.com/Pylons/pyramid/pull/1251
Work around a bug introduced in Python 2.7.7 on Windows where mimetypes.guess_type returns Unicode rather than str for the content type, unlike any previous version of Python. See https://github.com/Pylons/pyramid/issues/1360 for more information.
pcreate now normalizes the package name by converting hyphens to underscores. See https://github.com/Pylons/pyramid/pull/1376
Fix an issue with the final response/finished callback being unable to add another callback to the list. See https://github.com/Pylons/pyramid/pull/1373
Fix a failing unittest caused by differing mimetypes across various OSs. See https://github.com/Pylons/pyramid/issues/1405
Fix route generation for static view asset specifications having no path. See https://github.com/Pylons/pyramid/pull/1377
Allow the pyramid.renderers.JSONP renderer to work even if there is no valid request object. In this case it will not wrap the object in a callback and thus behave just like the pyramid.renderers.JSON renderer. See https://github.com/Pylons/pyramid/pull/1561
Prevent “parameters to load are deprecated” DeprecationWarning from setuptools>=11.3. See https://github.com/Pylons/pyramid/pull/1541
Avoiding sharing the IRenderer objects across threads when attached to a view using the renderer= argument. These renderers were instantiated at time of first render and shared between requests, causing potentially subtle effects like pyramid.reload_templates = true failing to work in pyramid_mako. See https://github.com/Pylons/pyramid/pull/1575 and https://github.com/Pylons/pyramid/issues/1268
Avoiding timing attacks against CSRF tokens. See https://github.com/Pylons/pyramid/pull/1574
request.finished_callbacks and request.response_callbacks now default to an iterable instead of None. It may be checked for a length of 0. This was the behavior in 1.5.
Deprecations
Renamed the principal argument to pyramid.security.remember() to userid in order to clarify its intended purpose. See https://github.com/Pylons/pyramid/pull/1399
Docs
Moved the documentation for accept on Configurator.add_view to no longer be part of the predicate list. See https://github.com/Pylons/pyramid/issues/1391 for a bug report stating not_ was failing on accept. Discussion with @mcdonc led to the conclusion that it should not be documented as a predicate. See https://github.com/Pylons/pyramid/pull/1487 for this PR
Removed logging configuration from Quick Tutorial ini files except for scaffolding- and logging-related chapters to avoid needing to explain it too early.
Clarify a previously-implied detail of the ISession.invalidate API documentation.
Improve and clarify the documentation on what Pyramid defines as a principal and a userid in its security APIs. See https://github.com/Pylons/pyramid/pull/1399
Scaffolds
Update scaffold generating machinery to return the version of pyramid and pyramid docs for use in scaffolds. Updated starter, alchemy and zodb templates to have links to correctly versioned documentation and reflect which pyramid was used to generate the scaffold.
Removed non-ascii copyright symbol from templates, as this was causing the scaffolds to fail for project generation.
You can now run the scaffolding func tests via tox py2-scaffolds and tox py3-scaffolds.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for pyramid-1.6a2-py2.py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 1c0a73b7af88c9a04dc90ecfa4ff509331850e3ebd93a8aa14148a1cf9a7c8c0 |
|
| MD5 | 4d64c02b086bc1a9d5b0a34dfbc5484f |
|
| BLAKE2b-256 | 6342c25b38decc7de40670c0ddf97faeab6fe34c20236a3ae97e7ecbec9dca75 |
