######### CHANGELOG ######### >= 6.0.2 ======== Since version 6.0.2, we use `Github releases `_ and autogenerated changelogs. 6.0.1 (2022-01-07) ================== **Internal Changes** - Add deserializer to Cornice params (#565) - Refactory ``unittest`` aliases for Python 3.11 compatibility 6.0.0 (2021-09-29) ================== **Breaking changes** - Drop support of Marshmallow < 3 **New features** - Add ``cornice.always_cors`` setting to force CORS headers in responses when services origins is ``*``. **Bug fixes** - Correctly determine service with pyramid route to ensure filters are applied and apply_cors_post_request is called 5.2.0 (2021-04-06) ================== **Internal Changes** - Support of Pyramid 2 (fixes #555) 5.1.0 (2021-02-18) ================== **New features** - Make services with pyramid routes accessible by current_service utility method (refs #550) - Update the generated service to look like the resource it is wrapping (#544) **Internal Changes** - Switch to Github Actions 5.0.3 (2020-08-31) ================== **Bug fixes** - Fix missing ``body``, ``headers``, ``path``, ``querystring`` when using ``*_validator`` Colander validators (#545) **Internal Changes** - Replaced ``mock`` by standard ``unittest.mock`` - Replaced *Nose* test runner by *pytest* 5.0.2 (2020-08-12) ================== - Rename default renderer from ``cornice`` to ``cornicejson`` (#543) 5.0.1 (2020-05-25) ================== - Add setuptools ``python_requires`` check 5.0.0 (2020-05-19) ================== **Breaking Changes** - Drop Python 2 support - The default JSON renderer does not use ``simplejson.dumps()`` by default anymore, so the requirement has been dropped. Please refer to `upgrading docs `_ for detailed migration instructions. 4.0.1 (2019-12-02) ================== **Bug fixes** - Fix support of schema as class instead of instance (#523) 4.0.0 (2019-12-02) ================== **Breaking changes** - Check for ``MappingSchema`` instance in ``colander_*_validator`` (#503) **Bug fixes** - Fix updating request.validated dict in ``colander_*_validator`` (#503) 3.6.1 (2019-11-13) ================== - Do not return content if response is ``204 No Content`` (fixes #521) 3.6.0 (2019-07-24) ================== - Add validation support for multipart/form-data (#510) 3.5.1 (2019-01-24) ================== - Fix usage of localizer in Errors when l18n is deactivated. (#505) 3.5.0 (2019-01-15) ================== - Translate Error description field when added with ``request.errors.add()`` (#502) 3.4.4 (2018-12-12) ================== **Internal changes** - Remove remaining usage of deprecated ``.best_match()`` 3.4.3 (2018-11-30) ================== **Internal changes** - Remove usage of deprecated ``.best_match()`` (thanks @abk-code) 3.4.2 (2018-10-24) ================== **Internal changes** - Fix DeprecationWarning for unrecognized backslash escapes (#491) 3.4.1 (2018-10-08) ================== **Bug fixes** - support both marshmallow 2.x and 3.x unknown key handling (@ergo, #495) **Internal changes** - Enable support for Python 3.7 - cornice.errors and validation tests now use the builtin `json` module instead of `simplejson` (@okin, #494) - Cleanup tests (@karantan, #488) 3.4.0 (2018-04-12) ================== - Add traverse support. For more information regarding Hybrid Applications see `Pyramid documentation `_ (#483). 3.3.0 (2018-04-11) ================== - Cornice now accepts Marshmallow schemas instead of instances (#482, @ergo) - Marshmallow schemas get request object added to their context during validation (#482, @ergo) 3.2.0 (2018-04-03) ================== **New features** - Add marshmallow request validation support (#475, thanks @ergo) - Allow to reuse Pyramid existing routes in services (#477, thanks @ergo) **Documentation** - Make tutorial work for python3 users (#471, thanks @rvandegrift) **Internal changes** - Remove configuration commit (#476, thanks @ergo) - Remove mentions of ``text/json`` in tests and docs (#478, thanks @wjehenddher) 3.1.0 (2018-02-08) ================== - In addition to the ``colander_body_validator``, there are now three more similar validators: ``colander_headers_validator``, ``colander_path_validator``, and ``colander_querystring_validator``. - six is now a required dependency. 3.0.0 (2017-10-20) ================== **Breaking changes** Please refer to `upgrading docs `_ for detailed migration instructions. - ``acl`` and ``traverse`` parameters are not supported anymore on services - Constructors of resource decorated classed must now be ``__init__(self, request, context=None)`` **Enhancements** - Align Cornice with Pyramid ACL pattern: Dynamic ACLs based on resource are now possible (#452, thanks @wjehenddher) **Bug fixes** - Disable CSRF check on predicate fallback view (fixes #458) - Fix to use own validator for Header Accept (fixes #431) 2.4.0 (2017-01-19) ================== **Enhancements** - Add support for arrays on request body top level. 2.3.0 (2016-12-15) ================== **Enhancements** - Add support for validation with specific JSON Content-Types (i.e application/merge-patch+json). - Add ``X-Content-Type-Options: nosniff`` headers to responses (fixes #102) - Add a ``request.current_service`` attribute (fixes #105) **Bug fixes** - Fix ``cornice.cors.get_cors_preflight_view`` to make it parse `Access-Control-Request-Headers` header correctly event if its value contains zero number of white spaces between commas (#422) **Internal changes** - Clean-up an inconsistency in ``cornice.service.decorate_view()`` function where ``acl`` and ``factory`` were expected as view arguments (whereas deprecated since 1.0) 2.2.0 (2016-11-25) ================== **Enhancements** - Add support of custom predicates in resources (#344, thanks @VDigitall!) **Internal changes** - Assert proper behaviour of UTF-8 content JSON body (#366, thanks @thruflo!) 2.1.0 (2016-10-28) ================== **Enhancements** - ``Cornice.validators.colander_validator`` and ``cornice.validators.colander_body_validator`` now accept colander schema node instances. Previously only schema classes were accepted. For some discussion see #412. **Deprecations** - Passing schema classes to ``Cornice.validators.colander_validator`` and ``cornice.validators.colander_body_validator`` is now deprecated. (See above.) **Bug fixes** - To maintain consistency with cornice 1.2 as to the semantics of ``location='path'``, change ``cornice.validators.extract_cstruct`` so that it places ``request.matchdict`` (rather than ``request.path``) into ``cstruct['path']``. (#411) - Fix ``cornice.validators.colander_validator`` so that it does nothing if ``schema`` is unset (or set to ``None``.) Previously (contrary to its docstring) it was raising a ``TypeError``. **Internal changes** - Raised test coverage to 100% (#417) Huge thanks to @dairiki for his help on this release! 2.0.2 (2016-10-25) ================== **Bug fixes** * Exclude ``tests`` from install (#407, thanks @doctaweeks!) **Internal changes** - Deprecate ``cornice.util.extract_json_data()`` and ``cornice.util.extract_form_urlencoded_data()`` in favor of ``cornice.validators.extract_cstruct()`` (#409) 2.0.1 (2016-10-24) ================== **Bug fixes** - Fix Colander imports to make sure it remains optional (#400) - Fix truncated JSON validation error message when request body does not contain valid JSON (#401) - Fix docs about upgrading deserializers (#402) 2.0.0 (2016-10-20) ================== **Breaking changes** Please refer to `upgrading docs `_ for detailed migration instructions. - Dropped Python 2.6 support (#368) - Got rid of Buildout files (#369) - Got rid of Spore extension (#379) - Moved Sphinx extension to dedicated repo (#379) - Moved project scaffold to dedicated repo (#238, #390) - Completely rework the schema validation features (#376, #386) - Moved examples to dedicated repo (#392) - Custom ``error_handler`` now receives the request instead of errors (#381) - Errors list ``request.errors`` has no ``request`` anymore (#372, #378) - ``request.errors.add()`` now only accepts one of ``header``, ``body``, ``url``, ``path``, ``querystring``, ``cookies`` or ``method`` as first argument (#374) - Remove deprecated features (#382) **Internal changes** - Take ``__version__`` from setup.py (#358) - Remove duplicated list of test deps in tox file (#371) 1.2.1 (2016-03-15) ================== Bug fixes - Properly handle content_type callables returning a single internet media type as scalar. Thanks @amotl (#343) - Do not raise a 415 error when no content-type and no body (#354) Documentation - Improve documentation regarding content type negotiation and media type validation. Thanks @amotl (#91, #343, #350) - Fix typo in testing docs. Thanks peletiah (#348) - Clarify docs for deferred colander validator. Thanks @antoineleclair (#352) 1.2.0 (2016-01-18) ================== - Adding the ability to define services imperatively. (#335) - Clean cornice/statics/ files. (#345) Bug fixes - Convert ``None`` to ``colander.null`` before calling colander's ``deserialize`` function. (#342) - Allow i18n of colander error messages (#206) 1.1.0 (2015-09-29) ================== - Warn if resource collection and record paths are not distinct. Thanks @circlingthesun (#292) Bug fixes - Fix duplicated CORS exposed headers (#301) - Fix setup.py in template. Thanks @areski (#296) - Make resource test less dependent on Pyramid version (#312) - Fix reload in sphinx extension for Python 3. Thanks @JohnBrodie (#295) - Fix usage of Colander ``schema_type()`` and ``schema.typ``. Thanks @tisdall (#309) - Fix check for CORS Allow Credentials. Thanks @treerao (#320) - Fix Access-Control-Max-Age value if undefined on service (#338) Documentation - Fix typos in documentation. Thanks @robvdl, @tisdall (#306, #313) - Rewrite quickstart documentation (#305) - Huge set of documentation improvements. Thanks @areski (#297) 1.0.0 (2015-04-15) ================== Breaking changes: - ACLs are now handled per route and not per view. Thanks @circlingthesun (#287) Other changes: - Display default values in the sphinx documentation extension, Thanks @MikaYuoadas (#284) - Add an option to disable Colander schema request binding. (#288) 0.20.0 (2015-03-17) =================== - Service.cors_supported_headers are now filtered by method and CORS options are now handled in a more consistent way (#281). 0.19.0 (2015-03-02) =================== - Keep fields when colander schema set "unknown=preserve" 0.18.1 (2015-02-26) =================== - Fix CORS protocol that was sometimes returning Access-Control-Expose-Headers on preflight request. 0.18 - 2015-02-24 ================= - Fix CORS OPTIONS permission when using default_permission (#273) - Ensure Colander schemas are a Mapping (#271) - Use the tox matrix with Travis. (#272) - Improve Sphinx documentation for schema attributes (#270) - Set CORS headers when an exception is raised (#261) - Remove Cornice warning when returning string or array instead of JSON (#256) - Fix add_view decorator (#215) - Handle per view permissions (#248) - Handle CORS credentials origin (#263) - Let the user choose the default content_type (#262) - Fix spore documentation (#255) - Handle default values in colander schemas (#253) 0.17 - 2014-08-28 ================= - Use a string for the version number (cornice.__version__); - Fix handling of invalid JSON input; - Fix pyramid configurator route_prefix; - Fix CORS behavior when using "*"; - Support strict validation of querystring and body; - Add support for unflatted in querystring; - If colander defines a default value, put it in request.validated; - Do not require a permission for the fallback view. 0.16.1 - 2013-11-12 =================== - Added the license in the distribution tarball - Updated the license headers of the files (to MPL v2.0) 0.16 - 2013-11-12 ================= - Added venusion depth support to cornice.resource #187 - Add support for validation of input content other than JSON against Colander schemas: built-in support of form-urlencoded and configuration hooks for other content types #192 - Add support for pyramid traversal. #196 - bugfix: schema was only being bound to the first request #197 - bugfix: can now pass the `decorator` add_view parameter to the Service class #198 0.15 - 2013-10-09 ================= - Add support for dynamic validation schemas for resources. - Add support for context factory. - Manually commit configuration changes. - Add support for Colander's drop object - Update sphinxext to not display HEAD. - Allow for explicitely named services created for resources. - Raise exceptions as-is if they are not subclasses of HTTPException. - Add a way to opt-out of the exception handling. 0.14 - 2013-06-06 ================= - Add validation of the ``Content-Type`` header sent in requests against a list of allowed ingress content types - Handle HTTPNotFound and HTTPForbidden in Cornice. Fix some wrong behaviour with CORS support. - implement "415 Unsupported Media Type" - Allow Colander schemas with sequence fields in querystring - Remove PasteScript from the Cornice template. - Support imperative colander schemas - Update JSON CSRF warning filter with a better regex 0.13 - 2013-02-12 ================= - Added Cross-Origin Resource Sharing (CORS) support. 0.12 - 2012-11-21 ================= - Fix auto-define of HEAD views from GET views. - Support for Colander inheritance (introduced in new versions of Colander) - Check for errors in the body of the view and in validators (was only checking in validators previously) - Add a __version__ utility in cornice/__init__.py 0.11 - 2012-10-22 ================= - the sphinx extension is now provided by the `cornice.ext.sphinxext` module [not backward-compatible] - Add support for SPORE - add an optional 'error_handler' to view declarations. - Services.default_{validators, filters} is now used. (Fix #75) 0.10 - 2012-08-29 ================= - use pcreate rather than paster create. - make it possible to add custom values to errors. 0.9 - 2012-07-26 ================ - default schema values are assumed to be in the body - refactored the internal APIs so we are not using decorators anymore. The service definition is now separated from the service registration in the routing mechanism. - added class-level validators and filters - added documentation about cornice internals - deprecated the service.schema attribute. Use service.definitions instead. 0.8 - 2012-04-06 ================ - added support for the 'OPTIONS' HTTP Verb - allow multiple accept definitions for a service. - get validator's docstring for the automatic doc generation - fixed non-ascii documentation problems - add a way to ignore some modules when scanning with venusian.scan. 0.7 - 2012-03-12 ================ - update license to MPL 2.0. - renamed cornice.schemas to cornice.errors - Added `get_view_wrapper` method to Service class to support subclasses wrapping the view callables w/ decorators - added buildout support - added class-based views and the resource decorator - make sure we use Pyramid's exceptions. Not Webob's. - added filters support - added schema support - added json xsrf support - now errors status can be different from 400. 0.6 - 2011-12-21 ================ - various fixes in MANIFEST 0.5 - 2011-12-21 ================ - added a tutorial - stacked @api decorator are now allowed - added a Paster template for a quick start 0.4 - 2011-12-07 ================ - Added a way to plug validators easily. - Fixed documentation - Added a way to automatically document Cornice web services - Fixed license - Added a way to specify the accepted Content-Type values. A 406 is raised if needed 0.3 - 2011-11-23 ================ - remove singleton "_defined" state from Service class; this allows service definitions to be loaded into more than one Configurator. 0.2 - 2011-11-05 ================ - Fixed the MANIFEST 0.1 - 2011-11-03 ================ - Initial release