# This file documents the revision history for Perl extension Catalyst.
+5.90077 - 2014-11-18
+ - We store the PSGI $env in Catalyst::Engine for backcompat reasons. Changed
+ this so that the storage is a weak reference, so that it goes out of scope
+ with the request. This solves an issue where items in the stash (now in the
+ PSGI env) would not get closed at the end of the request. This caused some
+ regression, primarily in custom testing classes.
+
+5.90076 - 2014-11-13
+ - If throwing an exception object that does the code method, make sure that
+ method returns an expected HTTP status code before passing it on to the
+ HTTP Exception middleware.
+
+5.90075 - 2014-10-06
+ - Documentation patch for $c->req->param to point out the recently discovered
+ potential security issues: http://blog.gerv.net/2014/10/new-class-of-vulnerability-in-perl-web-applications/
+ - You don't need to install this update, but you should read about the exploit
+ and review if your code is vulnerable. If you use the $c->req->param interface
+ you really need to review this exploit.
+
+5.90074 - 2014-10-01
+ - Specify Carp minimum version to avoid pointless test fails (valy++)
+
+5.90073 - 2014-09-23
+ - Fixed a regression caused by the last release where we broke what happened
+ when you tried to set request parameters via $c->req->param('foo', 'bar').
+ You shouldn't do this, but I guess I shouldn't have busted it either :)
- Allow the term_width to be regenerated (see Catalyst::Utils::term_width,
Frew Schmidt)
+ - More aggressive skipping of value decoding if the value is undefined.
+
+5.90072 - 2014-09-15
+ - In the case where you call $c->req->param(undef), warn with a more useful
+ warning (now gives the line of your code that called param with the undef,
+ so you can go to hunt it out.
5.90071 - 2014-08-10
- Travis config now performs basic reverse dependency testing.