* The xmlattr filter does not allow keys with / solidus, >
greater-than sign, or = equals sign, in addition to disallowing
spaces. Regardless of any validation done by Jinja, user input
should never be used as keys to this filter, or must be separately
validated first.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Jinja2?expand=0&rev=110
- update to 3.1.3 (bsc#1218722, CVE-2024-22195):
* Fix compiler error when checking if required blocks in parent
templates are xmlattr filter does not allow keys with spaces.
* Make error messages stemming from invalid nesting of {% trans
%} blocks more helpful. :pr:`1916`
- Security issue: Corrected the security fix for the cache folder.
- avoid rebuildcycle with vim
- Add suggests for vim and emacs in their respective
OBS-URL: https://build.opensuse.org/request/show/1138254
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Jinja2?expand=0&rev=51
* Fix compiler error when checking if required blocks in parent
templates are xmlattr filter does not allow keys with spaces.
* Make error messages stemming from invalid nesting of {% trans
%} blocks more helpful. :pr:`1916`
- Security issue: Corrected the security fix for the cache folder.
- avoid rebuildcycle with vim
- Add suggests for vim and emacs in their respective
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Jinja2?expand=0&rev=106
- update to 3.1.2:
* Add parameters to ``Environment.overlay`` to match ``__init__``.
* Handle race condition in ``FileSystemBytecodeCache``. :issue:`1654`
- specfile:
* update copyright year
* require python-base >= 3.7
- update to version 3.1.1:
* The template filename on Windows uses the primary path separator.
:issue:`1637`
- changes from version 3.1.0:
* Drop support for Python 3.6. :pr:`1534`
* Remove previously deprecated code. :pr:`1544`
+ "WithExtension" and "AutoEscapeExtension" are built-in now.
+ "contextfilter" and "contextfunction" are replaced by
"pass_context". "evalcontextfilter" and "evalcontextfunction"
are replaced by "pass_eval_context". "environmentfilter" and
"environmentfunction" are replaced by "pass_environment".
+ "Markup" and "escape" should be imported from MarkupSafe.
+ Compiled templates from very old Jinja versions may need to be
recompiled.
+ Legacy resolve mode for "Context" subclasses is no longer
supported. Override "resolve_or_missing" instead of "resolve".
+ "unicode_urlencode" is renamed to "url_quote".
* Add support for native types in macros. :issue:`1510`
* The "{% trans %}" tag can use "pgettext" and "npgettext" by
passing a context string as the first token in the tag, like "{%
trans "title" %}". :issue:`1430`
* Update valid identifier characters from Python 3.6 to 3.7.
:pr:`1571`
* Filters and tests decorated with "@async_variant" are pickleable.
:pr:`1612`
* Add "items" filter. :issue:`1561`
* Subscriptions ("[0]", etc.) can be used after filters, tests, and
calls when the environment is in async mode. :issue:`1573`
* The "groupby" filter is case-insensitive by default, matching
other comparison filters. Added the "case_sensitive" parameter
to control this. :issue:`1463`
* Windows drive-relative path segments in template names will not
result in "FileSystemLoader" and "PackageLoader" loading from
drive-relative paths. :pr:`1621`
OBS-URL: https://build.opensuse.org/request/show/1034833
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Jinja2?expand=0&rev=47
- update to 2.11.1
* Fix a bug that caused callable objects with __getattr__, like
:class:~unittest.mock.Mock to be treated as a
:func:contextfunction. :issue:1145
* Update wordcount filter to trigger :class:Undefined methods
by wrapping the input in :func:soft_unicode. :pr:1160
* Fix a hang when displaying tracebacks on Python 32-bit.
:issue:1162
* Showing an undefined error for an object that raises
AttributeError on access doesn't cause a recursion error.
:issue:1177
* Revert changes to :class:~loaders.PackageLoader from 2.10 which
removed the dependency on setuptools and pkg_resources, and added
limited support for namespace packages. The changes caused issues
when using Pytest. Due to the difficulty in supporting Python 2 and
:pep:451 simultaneously, the changes are reverted until 3.0.
:pr:1182
* Fix line numbers in error messages when newlines are stripped.
:pr:1178
* The special namespace() assignment object in templates works in
async environments. :issue:1180
* Fix whitespace being removed before tags in the middle of lines when
lstrip_blocks is enabled. :issue:1138
* :class:~nativetypes.NativeEnvironment doesn't evaluate
intermediate strings during rendering. This prevents early
evaluation which could change the value of an expression.
:issue:1186
OBS-URL: https://build.opensuse.org/request/show/800006
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Jinja2?expand=0&rev=84
- disable tests on 32bit archs
- update to 2.11.1
* Fix a bug that prevented looking up a key after an attribute
({{ data.items[1:] }}) in an async template
* Drop support for Python 2.6, 3.3, and 3.4. This will be the last version
to support Python 2.7 and 3.5.
* Added a new ChainableUndefined class to support getitem and getattr
on an undefined object.
* Allow {%+ syntax (with NOP behavior) when lstrip_blocks is disabled.
* Added a default parameter for the map filter.
* Exclude environment globals from meta.find_undeclared_variables().
* Float literals can be written with scientific notation, like 2.56e-3.
* Int and float literals can be written with the ‘_’ separator
for legibility, like 12_345.
* Fix a bug causing deadlocks in LRUCache.setdefault
* The trim filter takes an optional string of characters to trim.
* A new jinja2.ext.debug extension adds a {% debug %} tag to quickly dump
the current context and available filters and tests.
* Lexing templates with large amounts of whitespace is much faster.
* Parentheses around comparisons are preserved, so {{ 2 * (3 < 5) }} outputs
“2” instead of “False”.
* Add new boolean, false, true, integer and float tests.
* The environment’s finalize function is only applied to the output of expressions
(constant or not), not static template data.
* When providing multiple paths to FileSystemLoader, a template can have
the same name as a directory.
* Always return Undefined when omitting the else clause in a {{ 'foo' if bar }}
expression, regardless of the environment’s undefined class. Omitting
OBS-URL: https://build.opensuse.org/request/show/778074
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Jinja2?expand=0&rev=38
* Fix a bug that prevented looking up a key after an attribute
({{ data.items[1:] }}) in an async template
* Drop support for Python 2.6, 3.3, and 3.4. This will be the last version
to support Python 2.7 and 3.5.
* Added a new ChainableUndefined class to support getitem and getattr
on an undefined object.
* Allow {%+ syntax (with NOP behavior) when lstrip_blocks is disabled.
* Added a default parameter for the map filter.
* Exclude environment globals from meta.find_undeclared_variables().
* Float literals can be written with scientific notation, like 2.56e-3.
* Int and float literals can be written with the ‘_’ separator
for legibility, like 12_345.
* Fix a bug causing deadlocks in LRUCache.setdefault
* The trim filter takes an optional string of characters to trim.
* A new jinja2.ext.debug extension adds a {% debug %} tag to quickly dump
the current context and available filters and tests.
* Lexing templates with large amounts of whitespace is much faster.
* Parentheses around comparisons are preserved, so {{ 2 * (3 < 5) }} outputs
“2” instead of “False”.
* Add new boolean, false, true, integer and float tests.
* The environment’s finalize function is only applied to the output of expressions
(constant or not), not static template data.
* When providing multiple paths to FileSystemLoader, a template can have
the same name as a directory.
* Always return Undefined when omitting the else clause in a {{ 'foo' if bar }}
expression, regardless of the environment’s undefined class. Omitting
the else clause is a valid shortcut and should not raise an error when using
StrictUndefined.
* Fix behavior of loop control variables such as length and revindex0 when
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Jinja2?expand=0&rev=76
- Update to 2.10.3:
* Fix Python 3.7 deprecation warnings.
* Using range in the sandboxed environment uses xrange on Python 2 to avoid memory use. :issue:`933`
* Use Python 3.7's better traceback support to avoid a core dump when using debug builds of Python 3.7. :issue:`1050`
* Fix a typo in Babel entry point in setup.py that was preventing installation.
- Remove merged python38.patch
OBS-URL: https://build.opensuse.org/request/show/735867
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Jinja2?expand=0&rev=37
* Fix Python 3.7 deprecation warnings.
* Using range in the sandboxed environment uses xrange on Python 2 to avoid memory use. :issue:`933`
* Use Python 3.7's better traceback support to avoid a core dump when using debug builds of Python 3.7. :issue:`1050`
* Fix a typo in Babel entry point in setup.py that was preventing installation.
- Remove merged python38.patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Jinja2?expand=0&rev=74
- Update to 2.8
- Added `target` parameter to urlize function.
- Added support for `followsymlinks` to the file system loader.
- The truncate filter now counts the length.
- Added equalto filter that helps with select filters.
- Changed cache keys to use absolute file names if available
instead of load names.
- Fixed loop length calculation for some iterators.
- Changed how Jinja2 enforces strings to be native strings in
Python 2 to work when people break their default encoding.
- Added :func:`make_logging_undefined` which returns an undefined
object that logs failures into a logger.
- If unmarshalling of cached data fails the template will be
reloaded now.
- Implemented a block ``set`` tag.
- Default cache size was incrased to 400 from a low 50.
- Fixed ``is number`` test to accept long integers in all Python versions.
- Changed ``is number`` to accept Decimal as a number.
- Added a check for default arguments followed by non-default arguments. This
change makes ``{% macro m(x, y=1, z) %}...{% endmacro %}`` a syntax error. The
previous behavior for this code was broken anyway (resulting in the default
value being applied to `y`).
- Add ability to use custom subclasses of ``jinja2.compiler.CodeGenerator`` and
``jinja2.runtime.Context`` by adding two new attributes to the environment
(`code_generator_class` and `context_class`) (pull request ``#404``).
- added support for context/environment/evalctx decorator functions on
the finalize callback of the environment.
- escape query strings for urlencode properly. Previously slashes were not
escaped in that place.
- Add 'base' parameter to 'int' filter.
OBS-URL: https://build.opensuse.org/request/show/345259
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Jinja2?expand=0&rev=47
- update to 2.7.1:
- Fixed a bug with ``call_filter`` not working properly on environment
and context filters.
- Fixed lack of Python 3 support for bytecode caches.
- Reverted support for defining blocks in included templates as this
broke existing templates for users.
- Fixed some warnings with hashing of undefineds and nodes if Python
is run with warnings for Python 3.
- Added support for properly hashing undefined objects.
- Fixed a bug with the title filter not working on already uppercase
strings. (forwarded request 186916 from dirkmueller)
OBS-URL: https://build.opensuse.org/request/show/186936
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Jinja2?expand=0&rev=15
- update to 2.7.1:
- Fixed a bug with ``call_filter`` not working properly on environment
and context filters.
- Fixed lack of Python 3 support for bytecode caches.
- Reverted support for defining blocks in included templates as this
broke existing templates for users.
- Fixed some warnings with hashing of undefineds and nodes if Python
is run with warnings for Python 3.
- Added support for properly hashing undefined objects.
- Fixed a bug with the title filter not working on already uppercase
strings.
OBS-URL: https://build.opensuse.org/request/show/186916
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Jinja2?expand=0&rev=25
- update to 2.7:
- Choice and prefix loaders now dispatch source and template lookup
separately in order to work in combination with module loaders as
advertised.
- Fixed filesizeformat.
- Added a non-silent option for babel extraction.
- Added `urlencode` filter that automatically quotes values for
URL safe usage with utf-8 as only supported encoding. If applications
want to change this encoding they can override the filter.
- Added `keep-trailing-newline` configuration to environments and
templates to optionally preserve the final trailing newline.
- Accessing `last` on the loop context no longer causes the iterator
to be consumed into a list.
- Python requirement changed: 2.6, 2.7 or >= 3.3 are required now,
supported by same source code, using the "six" compatibility library.
- Allow `contextfunction` and other decorators to be applied to `__call__`.
- Added support for changing from newline to different signs in the `wordwrap`
filter.
- Added support for ignoring memcache errors silently.
- Added support for keeping the trailing newline in templates.
- Added finer grained support for stripping whitespace on the left side
of blocks.
- Added `map`, `select`, `reject`, `selectattr` and `rejectattr`
filters.
- Added support for `loop.depth` to figure out how deep inside a recursive
loop the code is.
- Disabled py_compile for pypy and python 3. (forwarded request 182834 from dirkmueller)
OBS-URL: https://build.opensuse.org/request/show/182845
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Jinja2?expand=0&rev=14
- update to 2.7:
- Choice and prefix loaders now dispatch source and template lookup
separately in order to work in combination with module loaders as
advertised.
- Fixed filesizeformat.
- Added a non-silent option for babel extraction.
- Added `urlencode` filter that automatically quotes values for
URL safe usage with utf-8 as only supported encoding. If applications
want to change this encoding they can override the filter.
- Added `keep-trailing-newline` configuration to environments and
templates to optionally preserve the final trailing newline.
- Accessing `last` on the loop context no longer causes the iterator
to be consumed into a list.
- Python requirement changed: 2.6, 2.7 or >= 3.3 are required now,
supported by same source code, using the "six" compatibility library.
- Allow `contextfunction` and other decorators to be applied to `__call__`.
- Added support for changing from newline to different signs in the `wordwrap`
filter.
- Added support for ignoring memcache errors silently.
- Added support for keeping the trailing newline in templates.
- Added finer grained support for stripping whitespace on the left side
of blocks.
- Added `map`, `select`, `reject`, `selectattr` and `rejectattr`
filters.
- Added support for `loop.depth` to figure out how deep inside a recursive
loop the code is.
- Disabled py_compile for pypy and python 3.
OBS-URL: https://build.opensuse.org/request/show/182834
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Jinja2?expand=0&rev=23
- Update to version 2.6:
* internal attributes now raise an internal attribute error now instead
of returning an undefined. This fixes problems when passing undefined
objects to Python semantics expecting APIs.
* traceback support now works properly for PyPy. (Tested with 1.4)
* implemented operator intercepting for sandboxed environments. This
allows application developers to disable builtin operators for better
security. (For instance limit the mathematical operators to actual
integers instead of longs)
* groupby filter now supports dotted notation for grouping by attributes
of attributes.
* scoped blocks not properly treat toplevel assignments and imports.
Previously an import suddenly "disappeared" in a scoped block.
* automatically detect newer Python interpreter versions before loading code
from bytecode caches to prevent segfaults on invalid opcodes. The segfault
in earlier Jinja2 versions here was not a Jinja2 bug but a limitation in
the underlying Python interpreter. If you notice Jinja2 segfaulting in
earlier versions after an upgrade of the Python interpreter you don't have
to upgrade, it's enough to flush the bytecode cache. This just no longer
makes this necessary, Jinja2 will automatically detect these cases now.
* the sum filter can now sum up values by attribute. This is a backwards
incompatible change. The argument to the filter previously was the
optional starting index which defaultes to zero. This now became the
second argument to the function because it's rarely used.
* like sum, sort now also makes it possible to order items by attribute.
* like sum and sort, join now also is able to join attributes of objects
as string.
* the internal eval context now has a reference to the environment.
* added a mapping test to see if an object is a dict or an object with
a similar interface.
OBS-URL: https://build.opensuse.org/request/show/83867
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Jinja2?expand=0&rev=3
* internal attributes now raise an internal attribute error now instead
of returning an undefined. This fixes problems when passing undefined
objects to Python semantics expecting APIs.
* traceback support now works properly for PyPy. (Tested with 1.4)
* implemented operator intercepting for sandboxed environments. This
allows application developers to disable builtin operators for better
security. (For instance limit the mathematical operators to actual
integers instead of longs)
* groupby filter now supports dotted notation for grouping by attributes
of attributes.
* scoped blocks not properly treat toplevel assignments and imports.
Previously an import suddenly "disappeared" in a scoped block.
* automatically detect newer Python interpreter versions before loading code
from bytecode caches to prevent segfaults on invalid opcodes. The segfault
in earlier Jinja2 versions here was not a Jinja2 bug but a limitation in
the underlying Python interpreter. If you notice Jinja2 segfaulting in
earlier versions after an upgrade of the Python interpreter you don't have
to upgrade, it's enough to flush the bytecode cache. This just no longer
makes this necessary, Jinja2 will automatically detect these cases now.
* the sum filter can now sum up values by attribute. This is a backwards
incompatible change. The argument to the filter previously was the
optional starting index which defaultes to zero. This now became the
second argument to the function because it's rarely used.
* like sum, sort now also makes it possible to order items by attribute.
* like sum and sort, join now also is able to join attributes of objects
as string.
* the internal eval context now has a reference to the environment.
* added a mapping test to see if an object is a dict or an object with
a similar interface.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Jinja2?expand=0&rev=3
