1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
=======
CHANGES
=======
3.6.0 - unreleased
------------------
- ...
3.5.2 - 2008-07-27
------------------
- Made C code compatible with Python 2.5 on 64bit architectures.
3.5.1 - 2008-06-04
-------------------
- Add `frozenset`, `set`, `reversed`, and `sorted` to the list of safe
builtins.
3.5.0 - 2008-03-05
-------------------
- Changed title for ``zope.security.management.system_user`` to be more
presentable.
3.4.0 - 2007/10/02
------------------
- Updated meta-data.
3.4.0b5 - 2007/08/15
--------------------
- Bug: Fixed a circular import in the C implementation.
3.4.0b4 - 2007/08/14
--------------------
- Bug: ``zope.security.management.system_user`` had an ugly/brittle id.
3.4.0b3 - 2007/08/14
--------------------
- ``zope.security`` now works on Python 2.5
- Bug: ``zope.security.management.system_user`` wasn't a valid principal
(didn't provide IPrincipal).
- Bug: Fixed inclusion of doctest to use the doctest module from
``zope.testing``. Now tests can be run multiple times without
breaking. (#98250)
3.4.0b2 - 2007/06/15
--------------------
- Bug: Removed stack extraction in newInteraction. When using eggs this is an
extremly expensive function. The publisher is now more than 10 times faster
when using eggs and about twice as fast with a zope trunk checkout.
3.4.0b1
-------
- Temporarily fixed the hidden (and accidental) dependency on zope.testing to
become optional.
Note: The releases between 3.2.0 and 3.4.0b1 where not tracked as an
individual package and have been documented in the Zope 3 changelog.
3.2.0 - 2006/01/05
------------------
- Corresponds to the verison of the zope.security package shipped as part of
the Zope 3.2.0 release.
- Removed deprecated helper functions, 'proxy.trustedRemoveSecurityProxy' and
'proxy.getProxiedObject'.
- Made handling of 'management.{end,restore}Interaction' more careful w.r.t.
edge cases.
- Made behavior of 'canWrite' consistent with 'canAccess': if 'canAccess'
does not raise 'ForbiddenAttribute', then neither will 'canWrite'. See:
http://www.zope.org/Collectors/Zope3-dev/506
- Code style / documentation / test fixes.
3.1.0 - 2005/10/03
------------------
- Added support for use of the new Python 2.4 datatypes, 'set' and
'frozenset', within checked code.
- C security proxy acquired a dependency on the 'proxy.h' header from the
'zope.proxy' package.
- XXX: the spelling of the '#include' is bizarre! It seems to be related to
'zpkg'-based builds, and should likely be revisited. For the moment, I have
linked in the 'zope.proxy' package into our own 'include' directory. See
the subversion checkin: http://svn.zope.org/Zope3/?rev=37882&view=rev
- Updated checker to avoid re-proxying objects which have and explicit
'__Security_checker__' assigned.
- Corresponds to the verison of the zope.security package shipped as part of
the Zope 3.1.0 release.
- Clarified contract of 'IChecker' to indicate that its 'check*' methods may
raise only 'Forbidden' or 'Unauthorized' exceptions.
- Added interfaces, ('IPrincipal', 'IGroupAwarePrincipal', 'IGroup', and
'IPermission') specifying contracts of components in the security framework.
- Code style / documentation / test fixes.
3.0.0 - 2004/11/07
------------------
- Corresponds to the version of the zope.security package shipped as part of
the Zope X3.0.0 release.
|