repoze.bfg 0.6.5 was just put into the index.  This release has a couple of
new features, but it's mostly a speed micro-optimization release. As a result, a
repoze.bfg "hello world" application runs (for me) at somewhere between 900 and
1100 req/sec on a MacBook 2GHz machine, up from somewhere around 700 req/sec or
so in 0.6.3.

0.6.5 (2009-01-26)


- You can now override the NotFound and Unauthorized responses that
  :mod:`repoze.bfg` generates when a view cannot be found or cannot be
  invoked due to lack of permission.  See the "ZCML Hooks" chapter in
  the docs for more information.

- Added Routes ZCML directive attribute explanations in documentation.

- Added a ``traversal_path`` API to the traversal module; see the
  "traversal" API chapter in the docs.  This was a function previously
  known as ``split_path`` that was not an API but people were using it
  anyway.  Unlike ``split_path``, it now returns a tuple instead of a
  list (as its values are cached).

Behavior Changes

- The ``repoze.bfg.view.render_view_to_response`` API will no longer
  raise a ValueError if an object returned by a view function it calls
  does not possess certain attributes (``headerlist``, ``app_iter``,
  ``status``).  This API used to attempt to perform a check using the
  ``is_response`` function in ``repoze.bfg.view``, and raised a
  ``ValueError`` if the ``is_response`` check failed.  The
  responsibility is now the caller's to ensure that the return value
  from a view function is a "real" response.

- WSGI environ dicts passed to ``repoze.bfg`` 's Router must now
  contain a REQUEST_METHOD key/value; if they do not, a KeyError will
  be raised (speed).

- It is no longer permissible to pass a "nested" list of principals to
  ``repoze.bfg.ACLAuthorizer.permits`` (e.g. ``['fred', ['larry',
  'bob']]``).  The principals list must be fully expanded.  This
  feature was never documented, and was never an API, so it's not a
  backwards incompatibility.

- It is no longer permissible for a security ACE to contain a "nested"
  list of permissions (e.g. ``(Allow, Everyone, ['read', ['view',
  ['write', 'manage']]])`)`.  The list must instead be fully expanded
  (e.g. ``(Allow, Everyone, ['read', 'view', 'write', 'manage])``).  This
  feature was never documented, and was never an API, so it's not a
  backwards incompatibility.

- The ``repoze.bfg.urldispatch.RoutesRootFactory`` now injects the
  ``wsgiorg.routing_args`` environment variable into the environ when
  a route matches.  This is a tuple of ((), routing_args) where
  routing_args is the value that comes back from the routes mapper
  match (the "match dict").

- The ``repoze.bfg.traversal.RoutesModelTraverser`` class now wants to
  obtain the ``view_name`` and ``subpath`` from the
  ``wsgiorgs.routing_args`` environment variable.  It falls back to
  obtaining these from the context for backwards compatibility.

Implementation Changes

- Get rid of ````: the
  ``ACLSecurityPolicy`` now does what it did inline.

- Get rid of ``repoze.bfg.interfaces.NoAuthorizationInformation``
  exception: it was used only by ``ACLAuthorizer``.

- Use a homegrown NotFound error instead of ``webob.exc.HTTPNotFound``
  (the latter is slow).

- Use a homegrown Unauthorized error instead of
  ``webob.exc.Unauthorized`` (the latter is slow).

- the ``repoze.bfg.lru.lru_cached`` decorator now uses functools.wraps
  in order to make documentation of LRU-cached functions possible.

- Various speed micro-tweaks.

Bug Fixes

- ``repoze.bfg.testing.DummyModel`` did not have a ``get`` method;
  it now does.

Repoze-dev mailing list

Reply via email to