Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 09 Jan 2017 19:42:43 +0000
From:      bugzilla-noreply@freebsd.org
To:        python@FreeBSD.org
Subject:   [Bug 215651] devel/py-Jinja2: Update to 2.8.1
Message-ID:  <bug-215651-21822-ahSWk72BS3@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-215651-21822@https.bugs.freebsd.org/bugzilla/>
References:  <bug-215651-21822@https.bugs.freebsd.org/bugzilla/>

next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D215651

Vladimir Krstulja <vlad-fbsd@acheronmedia.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Flags|                            |merge-quarterly?
                 CC|                            |python@FreeBSD.org
           Severity|Affects Only Me             |Affects Some People
           Keywords|                            |needs-qa

--- Comment #4 from Vladimir Krstulja <vlad-fbsd@acheronmedia.com> ---
Uh, wait. If Jinja2 >=3D 2.9 uses async, then 2.8.1 is still py3 compliant.=
 We're
using 2.8.1 in production with Python 3.5 (pip installed in virtualenv, tho=
',
it's one of few packages we haven't yet switched to ports) and there's no
problem, at least not to our use case (main HTML/XML renderer for a rather
large flask web app).

As for update from 2.8 to 2.8.1, I'm adding merge-quarterly request, these =
are
the changes:

(bugfix release, released on December 29th 2016)

- Fixed the `for_qs` flag for `urlencode`.
- Fixed regression when applying `int` to non-string values.
- SECURITY: if the sandbox mode is used format expressions are now sandboxed
  with the same rules as in Jinja.  This solves various information leakage
problems that can occur with format strings.

* https://github.com/pallets/jinja/blob/master/CHANGES

Please revise the change and leave Python3 support for 2.8.1.

--=20
You are receiving this mail because:
You are on the CC list for the bug.=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-215651-21822-ahSWk72BS3>