X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=Changes;h=83653a2de3676692174d9af708bb992dcd5922f6;hb=rrwo%2Fnot_modified;hp=6dfbc3280b2f9932f9f5fec419fc561addf652c5;hpb=c8ca5f59fd5deaeab0c9c8b42d29588bdec030e0;p=catagits%2FCatalyst-Action-REST.git

diff --git a/Changes b/Changes
index 6dfbc32..83653a2 100644
--- a/Changes
+++ b/Changes
@@ -1,3 +1,87 @@
+Tue 03 Sep 2013 13:00:00 EST - Release 1.12
+
+ WARNING BACK COMPAT BREAKAGE FOLLOWS
+
+ Removed The YAML and HTML parser from the distro.  You 
+ should install these if you actually use them.  They are listed as
+ optional dependencies going forward.
+
+ This is possibly a breaking change, but necessary for security and
+ considered acceptable since those formats have not generally
+ become preferred for web services.
+
+ In addition, the default de/serialization mappings for HTML and YAML
+ have been removed.  You can add that back by adding the following to
+ you Configuration for the subclass of Catalyst::Controller::REST -
+
+    package Foo::Controller::Bar;
+
+    use Moose;
+    use namespace::autoclean;
+
+    BEGIN { extends 'Catalyst::Controller::REST' }
+    __PACKAGE__->config(
+      'map' => {
+        'text/html'          => 'YAML::HTML',
+        'text/x-yaml'        => 'YAML',
+      },
+    );
+
+ You should do this if you are using these de/serialization formats.
+
+Sun 16 Jun 2013 15:23:03 BST - Release 1.11
+ Fix infinite recursion in tests under Catalyst 5.90040
+
+Mon 22 Apr 2013 14:36:53 BST - Release 1.10
+ Use YAML rather than JSON in basic tests
+
+Fri 19 Apr 2013 13:34:38 BST - Release 1.09
+ Don't load Data::Serializer unnecessarily in tests
+
+Tue 16 Apr 2013 08:33:00 BST - Release 1.08
+ Factor Data::Serializable into it's own dist to stop breakages.
+
+   If you use any of:
+
+   * Data::Dumper
+   * Data::Denter
+   * Data::Taxi
+   * Config::General
+   * PHP::Serialization
+
+   You'll need to install Catalyst-Action-Serialize-Data-Serializer and add the
+   appropriate lines to your controller config.  Said lines may be:
+
+         'text/x-data-dumper' => [ 'Data::Serializer', 'Data::Dumper' ],
+         'text/x-data-denter' => [ 'Data::Serializer', 'Data::Denter' ],
+         'text/x-data-taxi'   => [ 'Data::Serializer', 'Data::Taxi'   ],
+         'text/x-config-general'    => [ 'Data::Serializer', 'Config::General' ],
+         'text/x-php-serialization' => [ 'Data::Serializer', 'PHP::Serialization' ],
+
+Thu 11 Apr 2013 20:20:00 BST - Release 1.07
+ Don't serialize if a view is explicitly set.
+
+   If the controller sets the view in $c->stash->{current_view} or
+   $c->stash->{current_view_instance}, then it is explicitly requesting a
+   certain kind of serialization and C::A::Serialize shouldn't override
+   that.
+
+ Remove Storable and FreezeThaw from the list
+ of serialization methods offered by default, and
+ from the docs - they're totally unsafe :/
+
+Tue 11 Dec 2012 22:04:00 GMT - Release 1.06
+ Sort list of allowed methods. RT#81825
+
+Mon  2 Jul 2012 20:13:00 BST - Release 1.05
+ Bugfix get_allowed_methods list:
+  * include HEAD
+  * remove "not_implemented"
+
+Sat  30 Jun 2012 10:25:00 BST - Release 1.04
+ Bugfix to _dispatch_rest_method
+
+Wed  28 Jun 2012 00:40:00 BST - Release 1.03
  Expose _get_allowed_methods to the API (wreis)
 
  Fix default OPTIONS handler: As the ->body is defined, then serialization