X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=Changes;h=1ad20c7d148c3f3a872afdebda5899eb3c64664a;hb=bb5f369a82795d55cfe43fa005f0aecc319aa6b6;hp=401c8c80b6584a553deff09063cbf1bf68bd4d4d;hpb=86553855d71e007ee45b60e0e46a3fd1831ba006;p=catagits%2FCatalyst-Plugin-Session.git diff --git a/Changes b/Changes index 401c8c8..1ad20c7 100644 --- a/Changes +++ b/Changes @@ -1,46 +1,136 @@ Revision history for Perl extension Catalyst::Plugin::Session -0.14 2007-01-31 12:19:00 + - Allow ->session to be used as a setter method so that you can say + ->session( key => $value ); + +0.28 2009-10-29 + - Fix session fixation test with LWP 5.833 by calling $cookie_jar->set_cookie + rather than manually stuffing the cookie in the request. + +0.27 2009-10-08 + - Release 0.26_01 as stable without further changes. + +0.26_01 2009-10-06 + - Move actions out of the root application class in tests as this + is deprecated. + - Change configuration key to 'Plugin::Session' by default. The + old 'session' key is still supported, but will issue a warning + in a future release. + +0.26 2009-08-19 + - Remove Test::MockObject from the test suite as prone to failing on + some platforms and perl versions due to it's UNIVERSAL:: package + dependencies. + +0.25 2009-07-08 + - Add the a change_session_id method which can be called after + authentication to change the user's session cookie whilst preserving + their session data. This can be used to provide protection from + Session Fixation attacks. (kmx) + +0.24 2009-06-23 + - Be more paranoid about getting values of $c->req to avoid issues + with old Test::WWW::Mechanize::Catalyst. + - Check we have a modern version of TWMC before doing the tests which + need it. + +0.23 2009-06-16 + - Add the verify_user_agent config parameter (kmx) + - Add a test case to prove that logging in with a session cookie still + causes a new cookie to be issued for you, proving that the code is + not vulnerable to a session fixation attack. (t0m) + +0.22 2009-05-13 + - INSANE HACK to ensure B::Hooks::EndOfScope inlines us a new method right now + in Catalyst::Plugin::Session::Test::Store for Catalyst 5.80004 compatibility. + + This change does not in any way affect normal users - it is just due to the + fairly crazy way that Catalyst::Plugin::Session::Test::Store works, and that + module is _only_ used for unit testing session store plugins pre-installation. + + Session::Test::Store should be replaced with a more sane solution, and other + CPAN modules using it moved away from using it, but this change keeps stops + new Catalyst breaking other distributions right now. + +0.21 2009-04-30 + - Hide the internal packages in Catalyst::Plugin::Session::Test::Store from PAUSE. + - Convert from CAF to Moose with Moosex::Emulate::Class::Accessor::Fast + +0.20 2009-02-05 + - No code changes since 0.19_01 dev release. + - Add IDEAS.txt which is an irc log of discussion about the next-generation + session plugin from discussion on #catalyst-dev + - Remove TODO file, which is no longer relevant. + +0.19_01 2009-01-09 + - Switch from using NEXT to Class::C3 for method re-dispatch. + - Use shipit to package the dist. + - Switch to Module::install. + - Flash data is now stored inside the session (key "__flash") to avoid + duplicate entry errors caused by simultaneous select/insert/delete of + flash rows when using DBI as a Store. (Sergio Salvi) + - Fix session finalization order that caused HTTP responses to be sent + before the session is actually finalized and stored in its Store. + (Sergio Salvi) + +0.19 2007-10-08 + +0.18 2007-08-15 + - Fix Apache engine issue (RT #28845) + +0.17 2007-07-16 + - Skip a test if Cookie is not installed (RT #28137) + +0.16 2007-07-03 + - Stupid makefile + +0.15 2007-06-24 + - Fix the bug that caused sessions to expire immediately when another + session was deleted previously in the same request cycle + - Changed finalize() to redispatch before saving session + so other finalize methods still have access to it. + +0.14 2007-01-31 - Disable verify_address. - update flash to work like session -0.13 +0.13 2006-10-12 - Rerelease with slightly changed test due to a behavior change in Test::MockObject - add `clear_flash` - improve debug logging -0.12 +0.12 2006-08-26 - refactor out a hookable finalize_session method, for plugins - make _clear_session_instance_data call NEXT::, so that plugins can hook on to that too -0.11 +0.11 2006-08-10 - Lazify expiry calculation and store it in a different instance data slot. This provides greater flexibility for implementing hooks like DynamicExpiry the "right" way. -0.10 +0.10 2006-08-01 - Implement a more well defined finalization order for Session stuff. This solves a problem that was introduced by some value cleanups in the 0.06 release. -0.09 +0.09 2006-07-31 - Fix Catalyst::Plugin::Session::Test::Store -0.08 +0.08 2006-07-31 - rerelease because Module::Bane broke the META.yml. HURAAH -0.07 +0.07 2006-07-30 - Make build tool complain loudly on incompatible versions of state plugins. -0.06 +0.06 2006-07-29 - Change State plugin API to be pull oriented - Lazify more correctly (mostly performance improvements) - Don't try to compute digest of hash when there is no hash -0.05 +0.05 2006-01-01 - Un-workaround the Cache::FastMmap (actually Storable) limitation - it's not C::P::Session's business. - add $c->session_expires