X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=Changes;h=928442f204267bda9cac9c94c1f108b79fb60134;hb=0a8aefd7e7d4de162e2c73f7b898e54699a9d8e1;hp=e571b5ec95802810b77af6f51867406b6f3d10ed;hpb=ad9e8de94e240b8668b084ec2714deead7921a98;p=catagits%2FCatalyst-Runtime.git

diff --git a/Changes b/Changes
index e571b5e..928442f 100644
--- a/Changes
+++ b/Changes
@@ -1,7 +1,48 @@
 # This file documents the revision history for Perl extension Catalyst.
 
+5.90078 - 2014-12-30
+  - POD corrections (sergey++)
+  - New configuration option to disable the HTTP Exception passthru feature
+    introduced in 5.90060.  You can use this if that feature is causing you
+    trouble. (davewood++);
+  - Some additional helper methods for dealing with errors.
+  - More clear exception when $request->body_data tries to parse malformed POSTed
+    data.  Added documentation and tests around this.
+
+5.90077 - 2014-11-18
+  - We store the PSGI $env in Catalyst::Engine for backcompat reasons.  Changed
+    this so that the storage is a weak reference, so that it goes out of scope
+    with the request.  This solves an issue where items in the stash (now in the
+    PSGI env) would not get closed at the end of the request.  This caused some
+    regression, primarily in custom testing classes.
+
+5.90076 - 2014-11-13
+  - If throwing an exception object that does the code method, make sure that
+    method returns an expected HTTP status code before passing it on to the
+    HTTP Exception middleware.
+
+5.90075 - 2014-10-06
+  - Documentation patch for $c->req->param to point out the recently discovered
+    potential security issues: http://blog.gerv.net/2014/10/new-class-of-vulnerability-in-perl-web-applications/
+  - You don't need to install this update, but you should read about the exploit
+    and review if your code is vulnerable.  If you use the $c->req->param interface
+    you really need to review this exploit.
+
+5.90074 - 2014-10-01
+  - Specify Carp minimum version to avoid pointless test fails (valy++)
+
+5.90073 - 2014-09-23
+  - Fixed a regression caused by the last release where we broke what happened
+    when you tried to set request parameters via $c->req->param('foo', 'bar').
+    You shouldn't do this, but I guess I shouldn't have busted it either :)
   - Allow the term_width to be regenerated (see Catalyst::Utils::term_width,
     Frew Schmidt)
+  - More aggressive skipping of value decoding if the value is undefined.
+
+5.90072 - 2014-09-15
+  - In the case where you call $c->req->param(undef), warn with a more useful
+    warning (now gives the line of your code that called param with the undef,
+    so you can go to hunt it out.
 
 5.90071 - 2014-08-10
   - Travis config now performs basic reverse dependency testing.