# This file documents the revision history for Perl extension Catalyst.
-5.90049_004 - TBA
+5.90078 - 2014-12-30
+ - POD corrections (sergey++)
+ - New configuration option to disable the HTTP Exception passthru feature
+ introduced in 5.90060. You can use this if that feature is causing you
+ trouble. (davewood++);
+ - Some additional helper methods for dealing with errors.
+ - More clear exception when $request->body_data tries to parse malformed POSTed
+ data. Added documentation and tests around this.
+
+5.90077 - 2014-11-18
+ - We store the PSGI $env in Catalyst::Engine for backcompat reasons. Changed
+ this so that the storage is a weak reference, so that it goes out of scope
+ with the request. This solves an issue where items in the stash (now in the
+ PSGI env) would not get closed at the end of the request. This caused some
+ regression, primarily in custom testing classes.
+
+5.90076 - 2014-11-13
+ - If throwing an exception object that does the code method, make sure that
+ method returns an expected HTTP status code before passing it on to the
+ HTTP Exception middleware.
+
+5.90075 - 2014-10-06
+ - Documentation patch for $c->req->param to point out the recently discovered
+ potential security issues: http://blog.gerv.net/2014/10/new-class-of-vulnerability-in-perl-web-applications/
+ - You don't need to install this update, but you should read about the exploit
+ and review if your code is vulnerable. If you use the $c->req->param interface
+ you really need to review this exploit.
+
+5.90074 - 2014-10-01
+ - Specify Carp minimum version to avoid pointless test fails (valy++)
+
+5.90073 - 2014-09-23
+ - Fixed a regression caused by the last release where we broke what happened
+ when you tried to set request parameters via $c->req->param('foo', 'bar').
+ You shouldn't do this, but I guess I shouldn't have busted it either :)
+ - Allow the term_width to be regenerated (see Catalyst::Utils::term_width,
+ Frew Schmidt)
+ - More aggressive skipping of value decoding if the value is undefined.
+
+5.90072 - 2014-09-15
+ - In the case where you call $c->req->param(undef), warn with a more useful
+ warning (now gives the line of your code that called param with the undef,
+ so you can go to hunt it out.
+
+5.90071 - 2014-08-10
+ - Travis config now performs basic reverse dependency testing.
+ - Restored deprecated 'env' code in Engine.pm b/c it is still being used out
+ in the wild (Catalyst-Plugin-Authentication-0.10023) - (removed in 5.90070)
+ - Reverted changes to debug log/handling (5.90069_003) to fix
+ rev dep Catalyst-Plugin-Static-Simple-0.32 test suite.
+ - Added italian translation of default error.
+
+5.90070 - 2014-08-07
+ - Retagged previous release as stable; no changes
+
+5.90069_004
+ - Fixed typo in middleware stash that was causing older Perls to fail
+ certain tests. No other changes.
+
+5.90069_003
+ - The default log level is now 'info', not 'debug'.
+ - Finished merging all the encoding plugin code to core code. The encoding
+ plugin is now just an empty package. Also tried to improve encoding docs
+ a bit.
+ - Some additional changes to the stash middleware that should not break
+ anything new.
+ - Documentation around using Sendfile type http headers with a filehandle
+ type response.
+ - Merged from master branch to pick up some additional fixes and documentation
+ improvements.
+
+5.90069_002
+ - Catalyst stash functionality has been moved to Middleware. It should
+ work entirely the same when used as a context method, please report
+ questions or problems!
+ - Removed code related to supporting the long deprecated stand alone
+ PSGI Engine. If you are still using this you code is now broken.
+ Luckily you can just stop using it and likely everything will work
+ under the new PSGI support built into Catalyst for several years.
+ - 'abort_chain_on_error_fix' now defaults to true. If this behavior
+ causes you issues, you can explicitly turn it off by setting it to a
+ non true defined value (0 is a good option here).
+ - When throwing an http style exception, make sure we properly flush the
+ existing log and report other errors in the error stack.
+
+5.90069_001
+ - Set encoding on STDERR when encoding is set in config
+ - documentation and test fixes
+
+5.90065 - 2014-06-04
+ - The Catalyst::Log object now has 'autoflush' (which defaults to true) and
+ causes log messages to be written out in real-time. This is helpful for the
+ test/dev server to be able to see messages during startup as well as before
+ the end of the request when the log is flushed.
+ - Fix spelling, grammar and structural errors in POD
+ - Remove redundant ->setup call in t/head_middleware.t RT#95361
+ - Fix test failures when running under CATALYST_DEBUG. RT#95358
+
+5.90064 - 2014-05-05
+ - Fix for mindless broken tests on Win32 (Haarg++).
+ - Happy Cinco de Mayo!
+
+5.90063 - 2014-05-01
+ - 'end' and other special actions won't catch HTTP style exceptions anymore.
+ - Fix bug where Catalyst did not properly detect the terminal width when in
+ debug mode and thus making the debug output narrow and hard to read.
+ - Documentation corrections for Util methods around localized PSGI $env.
+ - Improvements to auto detection of terminal width.
+ - Updating deprecation list to include Class::Load and ensure_class_loaded
+ - Added a few docs around middleware and corrected the order that middleware
+ is loaded when registering it via ->setup_middleware instead of via
+ configuration.
+ - Added a test case to make sure default middleware order is correct.
+s
+5.90062 - 2014-04-14
+ - HTTP::Exception objects were not properly bubbled up to middleware since
+ there was some code in Catalyst that was triggering stringification.
+
+5.90061 - 2014-03-10
+ - Reverted a change related to how plugins get initialized that was
+ introduced by a change in December.
+
+5.90060 - 2014-02-07
+ - Same as 5.90059_006, just marking it as stable, no functional changes.
+
+
+5.90059_006 - 2014-02-06
+ - MyApp->setup now returns $app to allow class method chaining.
+ - New Util helper functional localize $env to make it easier to mount PSIG
+ applications under controllers and actions. See Catalyst::Utils/PSGI Helpers.
+ - NOTICE: Final Development release for Runner, unless significant issues are
+ raised. Please test.
+
+5.90059_005 - 2014-01-28
+ - Specify newest versions of some middleware in attempt to solve test errors
+ reported while installing.
+5.90059_004 - 2014-01-27
+ - Make sure IO handle objects do 'getline' before sending them to the
+ response callback, to properly support the PSGI specification.
+ - Added some backcompat code when setting a response body to an object
+ that does 'read' but not 'getline'. Added deprecation notice for this
+ case. Added docs to Catalyst::Delta.
+ - Catalyst::Delta contains a list of behaviors which will be considered
+ deprecated immediatelty. Most items have workarounds and tweaks you can
+ make to avoid issues. These deprecations are targeted for removal/enforcement
+ in the Catalyst 6 release. Please review and give your feedback.
+ - More middleware to replace inline code (upasana++)
+ - Documentation around Exceptions and how we handle them.
+ - update copyright notices.
+
+5.90059_003 - 2013-12-24
+ - More documentation about alternative ways to setup middleware.
+ - removed unneeded use of Devel::Dwarn in test case that was causing
+ fails to install (sorry).
+ - When finalizing caught errors, if the error conforms to the interface as
+ described by Plack::Middleware::HTTPExceptions, rethrow it and let the
+ middleware deal with it.
+
+5.90059_002 - 2013-12-21
+ - We now pass a scalar or filehandle directly to you Plack handler, rather
+ than always use the streaming interface (we are still always using a
+ delayed response callback). This means that you can make use of Plack
+ middleware like Plack::Middleware::XSendfile and we expect better use of
+ server features (when they exist) like correct use of chunked encoding or
+ properly non blocking streaming when running under a supporting server like
+ Twiggy. See Catalyst::Delta for more. This change might cause issues if
+ you are making heaving use of streaming (although in general we expect things
+ to work much better.
+ - In the case when we remove a content body from the response because you set
+ an information status or a no content type status, warn that we are doing so
+ when in debug mode. You might see additional debugging information to help
+ you find and remove unneeded response bodies.
+ - Updated the code where Catalyst tries to guess a content length when you
+ fail to provide one. This should cause less issues when trying to guess the
+ length of a funky filehandle. This now uses Plack::Middleware::ContentLength
+ - Removed custom code to remove body content when the request is HEAD and
+ swapped it for Plack::Middleware::Head
+ - Merged fix for regressions from stable..
+
+5.90059_001 - 2013-12-19
+ - Removed deprecated Regexp dispatch type from dependency list. If you are
+ using Regex[p] type dispatching you need to add the standalone distribution
+ 'Catalyst::DispatchType::Regex' to you build system NOW or you application
+ will be broken.
+
+5.90053 - 2013-12-21
+ - Reverted a change in the previous release that moved the setup_log phase
+ to after setup_config. This change was made to allow people to use
+ configuration that is late loaded (such as via the ConfigLoader Plugin)
+ to setup the plugin. However it also broke the ability to use the log
+ during plugin setup (ie, it breaks lots of plugins). Reverting the
+ change. See Catalyst::Delta for workarounds.
+
+5.90052 - 2013-12-18
+
+ - Fixed first block of startup debug messages missing when using a custom
+ logger that gets set at runtime, for example by overriding finalize_config
+ - Give a more descriptive error message when trying to load middleware that
+ does not exist.
+ - Change the way we initialize plugins to fix a bug where when using the
+ populare ConfigLoader plugin, configs merged are not available for setting
+ up middleware and data handlers (and probably other things as well).
+
+ NOTE: This change might cause issues if you had code that was relying on the
+ broken behavior. For example external configuration that was being loaded to
+ late to have effect might now take effect. Please test you code carefully and
+ be aware of this possible issue </NOTE>.
+
+ - You may now also call 'setup_middleware' as a package method if you think
+ that loading middleware via configuration is a weird or broken idea.
+ - Various POD formating fixed.
+ - Improved some documentation about what type of filehandles that ->body can
+ accept and issues that might arise.
+
+5.90051 - 2013-11-06
+ - Be more skeptical of the existance of $request->env to fix a regression
+ introduced in Catalyst::Action::REST by the previous release
+
+5.90050 - 2013-11-05
+ - Previously public predicates on the following attributes are now considered
+ private and their method names have been changed to follow Perl convention
+ for internal methods:
+
+ -- Catalyst::Request->has_io_fh ==> _has_io_fh
+ -- Catalyst::Request->has_env ==> _has_env
+ -- Catalyst::Response->has_write_fh ==> _has_write_fh
+
+ These are breaking changes but these methods were never documented and serve
+ no use for external code. If you are using thing, you need to make the noted
+ change (but please consider finding another way to do what you are trying to
+ do). t0m++ for code review of Hamburg branch.
+
+5.90049_006 - 2013-11-04
+ - Fixed case where test could fail when Starman was partly installed (n0body++)
+ - Fixed missing date information in previous release
+
+5.90049_005 - 2013-10-31
+ - NEW FEATURE: New Controller action attribute 'Consumes', which allows you
+ to specify the content type of the incoming request. This makes it easier
+ to create actions that only handle certain content type POST or PUT, such
+ as actions that only handle JSON or actions that only understand classic
+ HTML forms.
+ - NEW FEATURE: Request->body_data is now also populated from classic HTML
+ Forms using CGI::Struct to support nested data. For non nested data you
+ should use the classic ->body_parameters method.
+ - Removed PSGI $env keys that are added on the 'plack.request.*' namespace
+ since after discussion it was clear those keys are not part of the public
+ API. Keys removed: 'plack.request.query', 'plack.request.body',
+ 'plack.request.merged' and 'plack.request.http.body'. Altered some test
+ cases to reflect this change.
+
+5.90049_004 - 2013-10-18
- JSON Data handler looks for both JSON::MaybeXS and JSON, and uses
whichever is first (prefering to find JSON::MaybeXS). This should
improve compatibility as you likely already have one installed.
- plack.request.body
- plack.request.merged
- plack.request.http.body
+ (NOTE: REMOVED IN 5.90049_005)
- If incoming input (from a POST or PUT) is not buffered, create the
buffer and set the correct psgi env keys to note this for downstream
psgi apps / middleware. This should solve some issues where Catalyst
- NEW FEATURE: Catalyst::Response can now pull response from a PSGI
specification response. This makes it easier to host external Plack
applications under Catalyst. See Catalyst::Response->from_psgi_response
+ - NEW FEATURE: New configuration option 'use_hash_multivalue_in_request'
+ will populate $request methods 'parameters', 'body_parameters' and
+ 'query_parameters' with an instance of Hash::MultiValue instead of a
+ HashRef. This is used by Plack and is intended to reduce the need to
+ write defensive logic since you are never sure if an incoming parameter
+ is a scalar or arrayref.
+ - NEW FEATURE: We now experimentally support Net::Async::HTTP::Server
+ and IO-Async based event loops. Examples will follow.
5.90049_003 - 2013-09-20
- Documented the new body_data method added in the previous release