Initial Update #25

pyup-bot · 2016-10-19T09:55:31Z

This is my first visit to this fine repo so I have bundled all updates in a single pull request to make things easier for you to merge.

Close this pull request and delete the branch if you want me to start with single pull requests right away

Here's the executive summary:

Updates

Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.

Flask-WTF	0.10.3	»	0.13.1	PyPi \| Changelog \| Repo \| Docs
Flask-Babel	0.9	»	0.11.1	PyPi \| Repo \| Docs
passlib	1.6.2	»	1.6.5	PyPi \| Changelog \| Repo \| Docs
WTForms	1.0.5	»	2.1	PyPi \| Changelog \| Homepage \| Docs
mongoengine	0.8.7	»	0.10.6	PyPi \| Changelog \| Homepage
pyasn1-modules	0.0.5	»	0.0.8	PyPi \| Homepage
blinker	1.3	»	1.4	PyPi \| Changelog \| Homepage \| Docs
ndg-httpsclient	0.4.2	»	0.4.2	PyPi \| Repo \| Docs
ndg-httpsclient	0.4.2	»	0.4.2	PyPi \| Repo \| Docs
Flask-Security	1.7.4	»	1.7.5	PyPi \| Changelog \| Repo \| Docs
uritemplate	0.6	»	3.0.0	PyPi \| Changelog \| Docs
oauthlib	0.7.2	»	2.0.0	PyPi \| Changelog \| Repo
Flask-Admin	1.0.9	»	1.4.2	PyPi \| Repo \| Docs
Werkzeug	0.9.6	»	0.11.11	PyPi \| Homepage
requests	2.5.1	»	2.11.1	PyPi \| Changelog \| Homepage
python-twitter	2.2	»	3.1	PyPi \| Repo
google-api-python-client	1.3.1	»	1.5.4	PyPi \| Changelog \| Repo
Jinja2	2.7.3	»	2.8	PyPi \| Changelog \| Homepage
httplib2	0.9	»	0.9.2	PyPi \| Changelog \| Repo
pymongo	2.7.2	»	3.3.0	PyPi \| Changelog \| Repo
six	1.9.0	»	1.10.0	PyPi \| Changelog \| Homepage \| Docs
Flask-BabelEx	0.9.2	»	0.9.3	PyPi \| Repo \| Docs
requests-oauthlib	0.4.2	»	0.7.0	PyPi \| Changelog \| Repo
rsa	3.1.4	»	3.4.2	PyPi \| Changelog \| Homepage
python-twitter	3.1	»	3.1	PyPi \| Repo
python-twitter	3.1	»	3.1	PyPi \| Repo
Flask-Login	0.2.11	»	0.3.2	PyPi \| Changelog \| Repo \| Docs
Flask-Script	2.0.5	»	2.0.5	PyPi \| Changelog \| Repo \| Docs
Flask-Script	2.0.5	»	2.0.5	PyPi \| Changelog \| Repo \| Docs
facebook-sdk	0.4.0	»	2.0.0	PyPi \| Changelog \| Repo
PyOpenSSL	16.2.0	»	16.2.0	PyPi \| Docs
PyOpenSSL	16.2.0	»	16.2.0	PyPi \| Docs
oauth2client	1.4.5	»	4.0.0	PyPi \| Changelog \| Repo
Flask-SQLAlchemy	2.1	»	2.1	PyPi \| Changelog \| Repo \| Docs
Flask-SQLAlchemy	2.1	»	2.1	PyPi \| Changelog \| Repo \| Docs
pytz	2014.10	»	2016.7	PyPi \| Homepage \| Docs
Babel	1.3	»	2.3.4	PyPi \| Changelog \| Homepage \| Docs
pyasn1	0.1.7	»	0.1.9	PyPi \| Homepage
simplejson	3.6.5	»	3.8.2	PyPi \| Changelog \| Repo
Flask	0.10.1	»	0.11.1	PyPi \| Changelog \| Repo
flask-mongoengine	0.7.1	»	0.8	PyPi \| Changelog \| Repo
pyasn1	0.1.9	»	0.1.9	PyPi \| Homepage
pyasn1	0.1.9	»	0.1.9	PyPi \| Homepage
oauth2	1.5.211	»	1.9.0.post1	PyPi \| Repo

Changelogs

Flask-WTF 0.10.3 -> 0.13.1

0.13.1

Released 2016/10/6

Deprecation warning for Form is shown during __init__ instead of immediately when subclassing. (262_)

Don't use pkg_resources to get version, for compatibility with GAE. (261_)

.. _261: wtforms/flask-wtf#261
.. _262: wtforms/flask-wtf#262

0.13

Released 2016/09/29

Form is renamed to FlaskForm in order to avoid name collision with WTForms's base class. Using Form will show a deprecation warning. (250_)

hidden_tag no longer wraps the hidden inputs in a hidden div. This is valid HTML5 and any modern HTML parser will behave correctly. (217, 193)

flask_wtf.html5 is deprecated. Import directly from wtforms.fields.html5. (251_)

is_submitted is true for PATCH and DELETE in addition to POST and PUT. (187_)

generate_csrf takes a token_key parameter to specify the key stored in the session. (206_)

generate_csrf takes a url_safe parameter to allow the token to be used in URLs. (206_)

fom.data can be accessed multiple times without raising an exception. (248_)

File extension with multiple parts (.tar.gz) can be used in the FileAllowed validator. (201_)

.. _187: wtforms/flask-wtf#187
.. _193: wtforms/flask-wtf#193
.. _201: wtforms/flask-wtf#201
.. _206: wtforms/flask-wtf#206
.. _217: wtforms/flask-wtf#217
.. _248: wtforms/flask-wtf#248
.. _250: wtforms/flask-wtf#250
.. _251: wtforms/flask-wtf#251

0.12

Released 2015/07/09

Abstract protect_csrf() into a separate method

Update reCAPTCHA configuration

Fix reCAPTCHA error handle

0.11

Released 2015/01/21

Use the new reCAPTCHA API via 164_.

.. _164: wtforms/flask-wtf#164

WTForms 1.0.5 -> 2.1

2.1

Released December 15, 2015

Added render_kw to allow default rendering time options.

Updated / added a number of localizations

Updated docs

Allow widgets to set flags

2.0.2

Released January 18, 2015

Added more localizations and updated some.

Validators for email and URL can validate IDNA-encoded domain names and new TLDs

Better DeprecationWarnings

Support localization files in /usr/share/locale (for distro packaging)

2.0.1

Released July 1, 2014

Update wheel install to conditionally install ordereddict for python 2.6.

Doc improvements

2.0

Released May 20, 2014

Add new class Meta paradigm for much more powerful customization
of WTForms.

Move i18n into core. Deprecate wtforms.ext.i18n.

Move CSRF into core. Deprecate wtforms.ext.csrf.

Fix issue rendering SelectFields with value=True

Make DecimalField able to use babel locale-based number formatting.

Drop Python 3.2 support (Python3 support for 3.3+ only)

passing attr=False to WTForms widgets causes the value to be ignored.

Unique validator in wtforms.ext.sqlalchemy has been removed.

blinker 1.3 -> 1.4

1.4

Released July 23, 2015

Verified Python 3.4 support (no changes needed)

Additional bookkeeping cleanup for non-ANY connections at disconnect
time.

Added Signal._cleanup_bookeeping() to prune stale bookkeeping on
demand

Flask-Security 1.7.4 -> 1.7.5

1.7.5

Released December 2nd 2015

Added SECURITY_TOKEN_MAX_AGE configuration setting

Fixed calls to SQLAlchemyUserDatastore.get_user(None) (this now returns False instead of raising a TypeError

Fixed URL generation adding extra slashes in some cases (see GitHub 343)

Fixed handling of trackable IP addresses when the X-Forwarded-For header contains multiple values

Include WWW-Authenticate headers in auth_required authentication checks

Fixed error when check_token function is used with a json list

Added support for custom AnonymousUser classes

Restricted forgot_password endpoint to anonymous users

Allowed unauthorized callback to be overridden

Fixed issue where passwords cannot be reset if currently set to None

Ensured that password reset tokens are invalidated after use

Updated is_authenticated and is_active functions to support Flask-Login changes

Various documentation improvements

uritemplate 0.6 -> 3.0.0

2.0.0

Relicense uritemplate.py as Apache 2 and BSD (See
Relicense uritemplate.py python-hyper/uritemplate#23)

1.0.1

Fix some minor packaging problems.

1.0.0

Fix handling of Unicode values on Python 2.6 and 2.7 for urllib.quote.

Confirm public stable API via version number.

oauthlib 0.7.2 -> 2.0.0

2.0.0

(New Feature) OpenID support.

Documentation improvements and fixes.

1.1.2

(Fix) Query strings should be able to include colons.

(Fix) Cast body to a string to ensure that we can perform a regex substitution on it.

1.1.1

(Enhancement) Better sanitisation of Request objects repr.

1.1.0

(Fix) '(', ')', '/' and '?' are now safe characters in url encoded strings.

(Enhancement) Added support for specifying if refresh tokens should be created on authorization code grants.

(Fix) OAuth2Token now handles None scopes correctly.

(Fix) Request token is now available for OAuth 1.

(Enhancement) OAuth2Token is declared with slots for smaller memory footprint.

(Enhancement) RefreshTokenGrant now allows to set issue_new_refresh_tokens.

Documentation improvements and fixes.

1.0.3

(Fix) Changed the documented return type of the invalidate_request_token() method from the RSA key to None since nobody is using the return type.

(Enhancement) Added a validator log that will store what the endpoint has computed for debugging and logging purposes (OAuth 1 only for now).

1.0.2

(Fix) Allow client secret to be null for public applications that do not mandate it's specification in the query parameters.

(Fix) Encode request body before hashing in order to prevent encoding errors in Python 3.

1.0.1

(Fix) Added token_type_hint to the list of default Request parameters.

1.0.0

(Breaking Change) Replace pycrypto with cryptography from https://cryptography.io

(Breaking Change) Update jwt to 1.0.0 (which is backwards incompatible) no oauthlib api changes
were made.

(Breaking Change) Raise attribute error for non-existing attributes in the Request object.

(Fix) Strip whitespace off of scope string.

(Change) Don't require to return the state in the access token response.

(Change) Hide password in logs.

(Fix) Fix incorrect invocation of prepare_refresh_body in the OAuth2 client.

(Fix) Handle empty/non-parsable query strings.

(Fix) Check if an RSA key is actually needed before requiring it.

(Change) Allow tuples for list_to_scope as well as sets and lists.

(Change) Add code to determine if client authentication is required for OAuth2.

(Fix) Fix error message on invalid Content-Type header for OAtuh1 signing.

(Fix) Allow ! character in query strings.

(Fix) OAuth1 now includes the body hash for requests that specify any content-type that isn't x-www-form-urlencoded.

(Fix) Fixed error description in oauth1 endpoint.

(Fix) Revocation endpoint for oauth2 will now return an empty string in the response body instead of 'None'.

Increased test coverage.

Performance improvements.

Documentation improvements and fixes.

requests 2.5.1 -> 2.11.1

2.11.1

+++++++++++++++++++

Bugfixes

Fixed a bug when using iter_content with decode_unicode=True for
streamed bodies would raise AttributeError. This bug was introduced in
2.11.

Strip Content-Type and Transfer-Encoding headers from the header block when
following a redirect that transforms the verb from POST/PUT to GET.

2.11.0

+++++++++++++++++++

Improvements

Added support for the ALL_PROXY environment variable.

Reject header values that contain leading whitespace or newline characters to
reduce risk of header smuggling.

Bugfixes

Fixed occasional TypeError when attempting to decode a JSON response that
occurred in an error case. Now correctly returns a ValueError.

Requests would incorrectly ignore a non-CIDR IP address in the NO_PROXY
environment variables: Requests now treats it as a specific IP.

Fixed a bug when sending JSON data that could cause us to encounter obscure
OpenSSL errors in certain network conditions (yes, really).

Added type checks to ensure that iter_content only accepts integers and
None for chunk sizes.

Fixed issue where responses whose body had not been fully consumed would have
the underlying connection closed but not returned to the connection pool,
which could cause Requests to hang in situations where the HTTPAdapter
had been configured to use a blocking connection pool.

Miscellaneous

Updated bundled urllib3 to 1.16.

Some previous releases accidentally accepted non-strings as acceptable header values. This release does not.

2.10.0

+++++++++++++++++++

New Features

SOCKS Proxy Support! (requires PySocks; $ pip install requests[socks])

Miscellaneous

Updated bundled urllib3 to 1.15.1.

2.9.2

++++++++++++++++++

Improvements

Change built-in CaseInsensitiveDict (used for headers) to use OrderedDict
as its underlying datastore.

Bugfixes

Don't use redirect_cache if allow_redirects=False

When passed objects that throw exceptions from tell(), send them via
chunked transfer encoding instead of failing.

Raise a ProxyError for proxy related connection issues.

2.9.1

++++++++++++++++++

Bugfixes

Resolve regression introduced in 2.9.0 that made it impossible to send binary
strings as bodies in Python 3.

Fixed errors when calculating cookie expiration dates in certain locales.

Miscellaneous

Updated bundled urllib3 to 1.13.1.

2.9.0

++++++++++++++++++

Minor Improvements (Backwards compatible)

The verify keyword argument now supports being passed a path to a
directory of CA certificates, not just a single-file bundle.

Warnings are now emitted when sending files opened in text mode.

Added the 511 Network Authentication Required status code to the status code
registry.

Bugfixes

For file-like objects that are not seeked to the very beginning, we now
send the content length for the number of bytes we will actually read, rather
than the total size of the file, allowing partial file uploads.

When uploading file-like objects, if they are empty or have no obvious
content length we set Transfer-Encoding: chunked rather than
Content-Length: 0.

We correctly receive the response in buffered mode when uploading chunked
bodies.

We now handle being passed a query string as a bytestring on Python 3, by
decoding it as UTF-8.

Sessions are now closed in all cases (exceptional and not) when using the
functional API rather than leaking and waiting for the garbage collector to
clean them up.

Correctly handle digest auth headers with a malformed qop directive that
contains no token, by treating it the same as if no qop directive was
provided at all.

Minor performance improvements when removing specific cookies by name.

Miscellaneous

Updated urllib3 to 1.13.

2.8.1

++++++++++++++++++

Bugfixes

Update certificate bundle to match certifi 2015.9.6.2's weak certificate
bundle.

Fix a bug in 2.8.0 where requests would raise ConnectTimeout instead of
ConnectionError

When using the PreparedRequest flow, requests will now correctly respect the
json parameter. Broken in 2.8.0.

When using the PreparedRequest flow, requests will now correctly handle a
Unicode-string method name on Python 2. Broken in 2.8.0.

2.8.0

++++++++++++++++++

Minor Improvements (Backwards Compatible)

Requests now supports per-host proxies. This allows the proxies
dictionary to have entries of the form
{'<scheme>://<hostname>': '<proxy>'}. Host-specific proxies will be used
in preference to the previously-supported scheme-specific ones, but the
previous syntax will continue to work.

Response.raise_for_status now prints the URL that failed as part of the
exception message.

requests.utils.get_netrc_auth now takes an raise_errors kwarg,
defaulting to False. When True, errors parsing .netrc files cause
exceptions to be thrown.

Change to bundled projects import logic to make it easier to unbundle
requests downstream.

Changed the default User-Agent string to avoid leaking data on Linux: now
contains only the requests version.

Bugfixes

The json parameter to post() and friends will now only be used if
neither data nor files are present, consistent with the
documentation.

We now ignore empty fields in the NO_PROXY environment variable.

Fixed problem where httplib.BadStatusLine would get raised if combining
stream=True with contextlib.closing.

Prevented bugs where we would attempt to return the same connection back to
the connection pool twice when sending a Chunked body.

Miscellaneous minor internal changes.

Digest Auth support is now thread safe.

Updates

Updated urllib3 to 1.12.

2.7.0

++++++++++++++++++

This is the first release that follows our new release process. For more, see
our documentation <http://docs.python-requests.org/en/latest/community/release-process/>_.

Bugfixes

Updated urllib3 to 1.10.4, resolving several bugs involving chunked transfer
encoding and response framing.

2.6.2

++++++++++++++++++

Bugfixes

Fix regression where compressed data that was sent as chunked data was not
properly decompressed. (2561)

2.6.1

++++++++++++++++++

Bugfixes

Remove VendorAlias import machinery introduced in v2.5.2.

Simplify the PreparedRequest.prepare API: We no longer require the user to
pass an empty list to the hooks keyword argument. (c.f. 2552)

Resolve redirects now receives and forwards all of the original arguments to
the adapter. (2503)

Handle UnicodeDecodeErrors when trying to deal with a unicode URL that
cannot be encoded in ASCII. (2540)

Populate the parsed path of the URI field when performing Digest
Authentication. (2426)

Copy a PreparedRequest's CookieJar more reliably when it is not an instance
of RequestsCookieJar. (2527)

2.6.0

++++++++++++++++++

Bugfixes

CVE-2015-2296: Fix handling of cookies on redirect. Previously a cookie
without a host value set would use the hostname for the redirected URL
exposing requests users to session fixation attacks and potentially cookie
stealing. This was disclosed privately by Matthew Daley of
BugFuzz <https://bugfuzz.com>_. This affects all versions of requests from
v2.1.0 to v2.5.3 (inclusive on both ends).

Fix error when requests is an install_requires dependency and python setup.py test is run. (2462)

Fix error when urllib3 is unbundled and requests continues to use the
vendored import location.

Include fixes to urllib3's header handling.

Requests' handling of unvendored dependencies is now more restrictive.

Features and Improvements

Support bytearrays when passed as parameters in the files argument.
(2468)

Avoid data duplication when creating a request with str, bytes, or
bytearray input to the files argument.

2.5.3

++++++++++++++++++

Bugfixes

Revert changes to our vendored certificate bundle. For more context see
(2455, 2456, and http://bugs.python.org/issue23476)

2.5.2

++++++++++++++++++

Features and Improvements

Add sha256 fingerprint support. (shazow/urllib3540_)

Improve the performance of headers. (shazow/urllib3544_)

Bugfixes

Copy pip's import machinery. When downstream redistributors remove
requests.packages.urllib3 the import machinery will continue to let those
same symbols work. Example usage in requests' documentation and 3rd-party
libraries relying on the vendored copies of urllib3 will work without having
to fallback to the system urllib3.

Attempt to quote parts of the URL on redirect if unquoting and then quoting
fails. (2356)

Fix filename type check for multipart form-data uploads. (2411)

Properly handle the case where a server issuing digest authentication
challenges provides both auth and auth-int qop-values. (2408)

Fix a socket leak. (shazow/urllib3549_)

Fix multiple Set-Cookie headers properly. (shazow/urllib3534_)

Disable the built-in hostname verification. (shazow/urllib3526_)

Fix the behaviour of decoding an exhausted stream. (shazow/urllib3535_)

Security

Pulled in an updated cacert.pem.

Drop RC4 from the default cipher list. (shazow/urllib3551_)

.. _shazow/urllib3551: urllib3/urllib3#551
.. _shazow/urllib3549: urllib3/urllib3#549
.. _shazow/urllib3544: urllib3/urllib3#544
.. _shazow/urllib3540: urllib3/urllib3#540
.. _shazow/urllib3535: urllib3/urllib3#535
.. _shazow/urllib3534: urllib3/urllib3#534
.. _shazow/urllib3526: urllib3/urllib3#526

google-api-python-client 1.3.1 -> 1.5.4

1.5.4

Version 1.5.4

Bugfix release

Properly handle errors when the API returns a mapping or sequence. (289)

Upgrade to unified uritemplate 3.0.0. (293)

Allow oauth2client 4.0.0, with the caveat that file-based discovery
caching is disabled.

1.5.3

Version 1.5.3

Bugfix release

Fixed import error with oauth2client >= 3.0.0. (270)

1.5.2

Version 1.5.2

Bugfix release

Allow using oauth2client >= 1.5.0, < 4.0.0. (265)

Fix project_id argument description. (257)

Retry chunk uploaded on rate limit exceeded errors. (255)

Obtain access token if necessary in BatchHttpRequest.execute(). (232)

Warn when running tests using HttpMock without having a cache. (261)

1.5.1

Version 1.5.1

Bugfix release

Allow using versions of oauth2client < 2.0.0. (197)

Check both current and new API discovery URL. (202)

Retry http requests on connection errors and timeouts. (218)

Retry http requests on rate limit responses. (201)

Import guards for ssl (for Google App Engine). (220)

Use named loggers instead of the root logger. (206)

New search console example. (212)

1.5.0

Version 1.5.0

Release to support oauth2client >= 2.0.0.

Fix file stream recognition in Python 3 (141)

Fix non-resumable binary uploads in Python 3 (147)

Default to 'octet-stream' if mimetype detection fails (157)

Handle SSL errors with retries (160)

Fix incompatibility with oauth2client v2.0.0 (182)

1.4.2

Version 1.4.2

Add automatic caching for the discovery docs.

1.4.1

Version 1.4.1

Add the googleapiclient.discovery.Resource.new_batch_http_request method.

1.4.0

Version 1.4.0

Python 3 support.

1.3.2

Version 1.3.2

Small bugfix release.

Fix an infinite loop for downloading small files.

Fix a unicode error in error encoding.

Better handling of content-length in media requests.

Add support for methodPath entries containing colon.

Jinja2 2.7.3 -> 2.8

2.8

(codename Replacement, released on July 26th 2015)

Added target parameter to urlize function.

Added support for followsymlinks to the file system loader.

The truncate filter now counts the length.

Added equalto filter that helps with select filters.

Changed cache keys to use absolute file names if available
instead of load names.

Fixed loop length calculation for some iterators.

Changed how Jinja2 enforces strings to be native strings in
Python 2 to work when people break their default encoding.

Added :func:make_logging_undefined which returns an undefined
object that logs failures into a logger.

If unmarshalling of cached data fails the template will be
reloaded now.

Implemented a block set tag.

Default cache size was incrased to 400 from a low 50.

Fixed is number test to accept long integers in all Python versions.

Changed is number to accept Decimal as a number.

Added a check for default arguments followed by non-default arguments. This
change makes {% macro m(x, y=1, z) %}...{% endmacro %} a syntax error. The
previous behavior for this code was broken anyway (resulting in the default
value being applied to y).

Add ability to use custom subclasses of jinja2.compiler.CodeGenerator and
jinja2.runtime.Context by adding two new attributes to the environment
(code_generator_class and context_class) (pull request 404).

added support for context/environment/evalctx decorator functions on
the finalize callback of the environment.

escape query strings for urlencode properly. Previously slashes were not
escaped in that place.

Add 'base' parameter to 'int' filter.

httplib2 0.9 -> 0.9.2

0.9.2

Fixes in this release:

jcgregorio/httplib2#313

Fix incorrect ResponseNotReady exceptions, retry on transient errors.

0.9.1

Fixes in this release:

jcgregorio/httplib2#296
   There was a problem with headers when a binary string is passed (like
   b&#39;Authorization&#39;).
jcgregorio/httplib2#276
   Default to doing DNS resolution through a proxy server if present.

pymongo 2.7.2 -> 3.3.0

3.3

C extensions support on big endian systems.

Kerberos authentication support on Windows using WinKerberos <https://pypi.python.org/pypi/winkerberos>_.

A new ssl_clrfile option to support certificate revocation lists.

A new ssl_pem_passphrase option to support encrypted key files.

Support for publishing server discovery and monitoring events. See
:mod:~pymongo.monitoring for details.

New connection pool options minPoolSize and maxIdleTimeMS.

New heartbeatFrequencyMS option controls the rate at which background
monitoring threads re-check servers. Default is once every 10 seconds.

.. warning:: PyMongo 3.3 drops support for MongoDB versions older than 2.4.
It also drops support for python 3.2 (pypy3 continues to be supported).

Issues Resolved
...............

See the PyMongo 3.3 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.3 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16005

3.2.2

a fix for using the connect option in the MongoDB URI and support for setting
the batch size for a query to 1 when using MongoDB 3.2+.

Issues Resolved
...............

See the PyMongo 3.2.2 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.2.2 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16538

3.2.1

running the mapreduce command twice when calling the
:meth:~pymongo.collection.Collection.inline_map_reduce method and a
:exc:TypeError being raised when calling
:meth:~gridfs.GridFSBucket.download_to_stream. This release also
improves error messaging around BSON decoding.

Issues Resolved
...............

See the PyMongo 3.2.1 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.2.1 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16312

3.2

Version 3.2 implements the new server features introduced in MongoDB 3.2.

Highlights include:

Full support for MongoDB 3.2 including:

Support for :class:~pymongo.read_concern.ReadConcern

:class:~pymongo.write_concern.WriteConcern is now applied to
:meth:~pymongo.collection.Collection.find_one_and_replace,
:meth:~pymongo.collection.Collection.find_one_and_update, and
:meth:~pymongo.collection.Collection.find_one_and_delete.

Support for the new bypassDocumentValidation option in write
helpers.

Support for reading and writing raw BSON with
:class:~bson.raw_bson.RawBSONDocument

.. note:: Certain :class:~pymongo.mongo_client.MongoClient properties now
block until a connection is established or raise
:exc:~pymongo.errors.ServerSelectionTimeoutError if no server is available.
See :class:~pymongo.mongo_client.MongoClient for details.

3.1.1

regression in error handling for oversize command documents and interrupt
handling issues in the C extensions.

Issues Resolved
...............

See the PyMongo 3.1.1 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.1.1 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16211

3.1

of 3.0.3.

Highlights include:

Command monitoring support. See :mod:~pymongo.monitoring for details.

Configurable error handling for :exc:UnicodeDecodeError. See the
unicode_decode_error_handler option of
:class:~bson.codec_options.CodecOptions.

Optional automatic timezone conversion when decoding BSON datetime. See the
tzinfo option of :class:~bson.codec_options.CodecOptions.

An implementation of :class:~gridfs.GridFSBucket from the new GridFS spec.

Compliance with the new Connection String spec.

Reduced idle CPU usage in Python 2.

Changes in internal classes
...........................

The private PeriodicExecutor class no longer takes a condition_class
option, and the private thread_util.Event class is removed.

Issues Resolved
...............

See the PyMongo 3.1 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.1 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/14796

3.0.3

feature breaking bug in the GSSAPI implementation.

Issues Resolved
...............

See the PyMongo 3.0.3 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.0.3 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/15528

3.0.2

importantly a bug that could route operations to replica set members
that are not in primary or secondary state when using
:class:~pymongo.read_preferences.PrimaryPreferred or
:class:~pymongo.read_preferences.Nearest. It is a recommended upgrade for
all users of PyMongo 3.0.x.

Issues Resolved
...............

See the PyMongo 3.0.2 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.0.2 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/15430

3.0.1

importantly a bug in GridFS.delete that could prevent file chunks from
actually being deleted.

Issues Resolved
...............

See the PyMongo 3.0.1 release notes in JIRA_ for the list of resolved issues
in this release.

.. _PyMongo 3.0.1 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/15322

3.0

PyMongo 3.0 is a partial rewrite of PyMongo bringing a large number of
improvements:

A unified client class. MongoClient is the one and only client class for
connecting to a standalone mongod, replica set, or sharded cluster. Migrating
from a standalone, to a replica set, to a sharded cluster can be accomplished
with only a simple URI change.

MongoClient is much more responsive to configuration changes in your MongoDB
deployment. All connected servers are monitored in a non-blocking manner.
Slow to respond or down servers no longer block server discovery, reducing
application startup time and time to respond to new or reconfigured
servers and replica set failovers.

A unified CRUD API. All official MongoDB drivers now implement a standard
CRUD API allowing polyglot developers to move from language to language
with ease.

Single source support for Python 2.x and 3.x. PyMongo no longer relies on
2to3 to support Python 3.

A rewritten pure Python BSON implementation, improving performance
with pypy and cpython deployments without support for C extensions.

Better support for greenlet based async frameworks including eventlet.

Immutable client, database, and collection classes, avoiding a host of thread
safety issues in client applications.

PyMongo 3.0 brings a large number of API changes. Be sure to read the changes
listed below before upgrading from PyMongo 2.x.

.. warning:: PyMongo no longer supports Python 2.4, 2.5, or 3.1. If you
must use PyMongo with these versions of Python the 2.x branch of PyMongo
will be minimally supported for some time.

SONManipulator changes
......................

The :class:~pymongo.son_manipulator.SONManipulator API has limitations as a
technique for transforming your data. Instead, it is more flexible and
straightforward to transform outgoing documents in your own code before passing
them to PyMongo, and transform incoming documents after receiving them from
PyMongo.

Thus the :meth:~pymongo.database.Database.add_son_manipulator method is
deprecated. PyMongo 3's new CRUD API does not apply SON manipulators to
documents passed to :meth:~pymongo.collection.Collection.bulk_write,
:meth:~pymongo.collection.Collection.insert_one,
:meth:~pymongo.collection.Collection.insert_many,
:meth:~pymongo.collection.Collection.update_one, or
:meth:~pymongo.collection.Collection.update_many. SON manipulators are not
applied to documents returned by the new methods
:meth:~pymongo.collection.Collection.find_one_and_delete,
:meth:~pymongo.collection.Collection.find_one_and_replace, and
:meth:~pymongo.collection.Collection.find_one_and_update.

SSL/TLS changes
...............

When ssl is True the ssl_cert_reqs option now defaults to
:attr:ssl.CERT_REQUIRED if not provided. PyMongo will attempt to load OS
provided CA certificates to verify the server, raising
:exc:~pymongo.errors.ConfigurationError if it cannot.

Gevent Support
..............

In previous versions, PyMongo supported Gevent in two modes: you could call
gevent.monkey.patch_socket() and pass use_greenlets=True to
:class:~pymongo.mongo_client.MongoClient, or you could simply call
gevent.monkey.patch_all() and omit the use_greenlets argument.

In PyMongo 3.0, the use_greenlets option is gone. To use PyMongo with
Gevent simply call gevent.monkey.patch_all().

For more information,
see :doc:PyMongo's Gevent documentation <examples/gevent>.

:class:~pymongo.mongo_client.MongoClient changes
..................................................

:class:~pymongo.mongo_client.MongoClient is now the one and only
client class for a standalone server, mongos, or replica set.
It includes the functionality that had been split into
MongoReplicaSetClient: it can connect to a replica set, discover all its
members, and monitor the set for stepdowns, elections, and reconfigs.
:class:~pymongo.mongo_client.MongoClient now also supports the full
:class:~pymongo.read_preferences.ReadPreference API.

The obsolete classes MasterSlaveConnection, Connection, and
ReplicaSetConnection are removed.

The :class:~pymongo.mongo_client.MongoClient constructor no
longer blocks while connecting to the server or servers, and it no
longer raises :class:~pymongo.errors.ConnectionFailure if they
are unavailable, nor :class:~pymongo.errors.ConfigurationError
if the user's credentials are wrong. Instead, the constructor
returns immediately and launches the connection process on
background threads. The connect option is added to control whether
these threads are started immediately, or when the client is first used.

Therefore the alive method is removed since it no longer provides meaningful
information; even if the client is disconnected, it may discover a server in
time to fulfill the next operation.

In PyMongo 2.x, :class:~pymongo.mongo_client.MongoClient accepted a list of
standalone MongoDB servers and used the first it could connect to::

MongoClient(['host1.com:27017', 'host2.com:27017'])

A list of multiple standalones is no longer supported; if multiple servers
are listed they must be members of the same replica set, or mongoses in the
same sharded cluster.

The behavior for a list of mongoses is changed from "high availability" to
"load balancing". Before, the client connected to the lowest-latency mongos in
the list, and used it until a network error prompted it to re-evaluate all
mongoses' latencies and reconnect to one of them. In PyMongo 3, the client
monitors its network latency to all the mongoses continuously, and distributes
operations evenly among those with the lowest latency.
See :ref:mongos-load-balancing for more information.

The client methods start_request, in_request, and end_request
are removed, and so is the auto_start_request option. Requests were
designed to make read-your-writes consistency more likely with the w=0
write concern. Additionally, a thread in a request used the same member for
all secondary reads in a replica set. To ensure read-your-writes consistency
in PyMongo 3.0, do not override the default write concern with w=0, and
do not override the default :ref:read preference <secondary-reads> of
PRIMARY.

Support for the slaveOk (or slave_okay), safe, and
network_timeout options has been removed. Use
:attr:~pymongo.read_preferences.ReadPreference.SECONDARY_PREFERRED instead of
slave_okay. Accept the default write concern, acknowledged writes, instead of
setting safe=True. Use socketTimeoutMS in place of network_timeout (note that
network_timeout was in seconds, where as socketTimeoutMS is milliseconds).

The max_pool_size option has been removed. It is replaced by the
maxPoolSize MongoDB URI option. maxPoolSize is now a supported URI
option in PyMongo and can be passed as a keyword argument.

The copy_database method is removed, see the
:doc:copy_database examples </examples/copydb> for alternatives.

The disconnect method is removed. Use
:meth:~pymongo.mongo_client.MongoClient.close instead.

The get_document_class method is removed. Use
:attr:~pymongo.mongo_client.MongoClient.codec_options instead.

The get_lasterror_options, set_lasterror_options, and
unset_lasterror_options methods are removed. Write concern options
can be passed to :class:~pymongo.mongo_client.MongoClient as keyword
arguments or MongoDB URI options.

The :meth:~pymongo.mongo_client.MongoClient.get_database method is added for
getting a Database instance with its options configured differently than the
MongoClient's.

The following read-only attributes have been added:

:attr:~pymongo.mongo_client.MongoClient.codec_options

The following attributes are now read-only:

:attr:~pymongo.mongo_client.MongoClient.read_preference

:attr:~pymongo.mongo_client.MongoClient.write_concern

The following attributes have been removed:

:attr:~pymongo.mongo_client.MongoClient.document_class
(use :attr:~pymongo.mongo_client.MongoClient.codec_options instead)

:attr:~pymongo.mongo_client.MongoClient.host
(use :attr:~pymongo.mongo_client.MongoClient.address instead)

:attr:~pymongo.mongo_client.MongoClient.min_wire_version

:attr:~pymongo.mongo_client.MongoClient.max_wire_version

:attr:~pymongo.mongo_client.MongoClient.port
(use :attr:~pymongo.mongo_client.MongoClient.address instead)

:attr:~pymongo.mongo_client.MongoClient.safe
(use :attr:~pymongo.mongo_client.MongoClient.write_concern instead)

:attr:~pymongo.mongo_client.MongoClient.slave_okay
(use :attr:~pymongo.mongo_client.MongoClient.read_preference instead)

:attr:~pymongo.mongo_client.MongoClient.tag_sets
(use :attr:~pymongo.mongo_client.MongoClient.read_preference instead)

:attr:~pymongo.mongo_client.MongoClient.tz_aware
(use :attr:~pymongo.mongo_client.MongoClient.codec_options instead)

The following attributes have been renamed:

:attr:~pymongo.mongo_client.MongoClient.secondary_acceptable_latency_ms is
now :attr:~pymongo.mongo_client.MongoClient.local_threshold_ms and is now
read-only.

:class:~pymongo.cursor.Cursor changes
.......................................

The conn_id property is renamed to :attr:~pymongo.cursor.Cursor.address.

Cursor management changes
.........................

:class:~pymongo.cursor_manager.CursorManager and
:meth:~pymongo.mongo_client.MongoClient.set_cursor_manager are no longer
deprecated. If you subclass :class:~pymongo.cursor_manager.CursorManager
your implementation of :meth:~pymongo.cursor_manager.CursorManager.close
must now take a second parameter, address. The BatchCursorManager class
is removed.

The second parameter to :meth:~pymongo.mongo_client.MongoClient.close_cursor
is renamed from _conn_id to address.
:meth:~pymongo.mongo_client.MongoClient.kill_cursors now accepts an address
parameter.

:class:~pymongo.database.Database changes
...........................................

The connection property is renamed to
:attr:~pymongo.database.Database.client.

The following read-only attributes have been added:

:attr:~pymongo.database.Database.codec_options

The following attributes are now read-only:

:attr:~pymongo.database.Database.read_preference

:attr:~pymongo.database.Database.write_concern

Use :meth:~pymongo.mongo_client.MongoClient.get_database for getting a
Database instance with its options configured differently than the
MongoClient's.

The following attributes have been removed:

:attr:~pymongo.database.Database.safe

:attr:~pymongo.database.Database.secondary_acceptable_latency_ms

:attr:~pymongo.database.Database.slave_okay

:attr:~pymongo.database.Database.tag_sets

The following methods have been added:

:meth:~pymongo.database.Database.get_collection

The following methods have been changed:

:meth:~pymongo.database.Database.command. Support for as_class,
uuid_subtype, tag_sets, and secondary_acceptable_latency_ms have been
removed. You can instead pass an instance of
:class:~bson.codec_options.CodecOptions as codec_options and an instance
of a read preference class from :mod:~pymongo.read_preferences as
read_preference. The fields and compile_re options are also removed.
The fields options was undocumented and never really worked. Regular
expressions are always decoded to :class:~bson.regex.Regex.

The following methods have been deprecated:

:meth:~pymongo.database.Database.add_son_manipulator

The following methods have been removed:

The get_lasterror_options, set_lasterror_options, and
unset_lasterror_options methods have been removed. Use
:class:~pymongo.write_concern.WriteConcern with
:meth:~pymongo.mongo_client.MongoClient.get_database instead.

:class:~pymongo.collection.Collection changes
...............................................

The following read-only attributes have been added:

:attr:~pymongo.collection.Collection.codec_options

The following attributes are now read-only:

:attr:~pymongo.collection.Collection.read_preference

:attr:~pymongo.collection.Collection.write_concern

Use :meth:~pymongo.database.Database.get_collection or
:meth:~pymongo.collection.Collection.with_options for getting a Collection
instance with its options configured differently than the Database's.

The following attributes have been removed:

:attr:~pymongo.collection.Collection.safe

:attr:~pymongo.collection.Collection.secondary_acceptable_latency_ms

:attr:~pymongo.collection.Collection.slave_okay

:attr:~pymongo.collection.Collection.tag_sets

The following methods have been added:

:meth:~pymongo.collection.Collection.bulk_write

:meth:~pymongo.collection.Collection.insert_one

:meth:~pymongo.collection.Collection.insert_many

:meth:~pymongo.collection.Collection.update_one

:meth:~pymongo.collection.Collection.update_many

:meth:~pymongo.collection.Collection.replace_one

:meth:~pymongo.collection.Collection.delete_one

:meth:~pymongo.collection.Collection.delete_many

:meth:~pymongo.collection.Collection.find_one_and_delete

:meth:~pymongo.collection.Collection.find_one_and_replace

:meth:~pymongo.collection.Collection.find_one_and_update

:meth:~pymongo.collection.Collection.with_options

:meth:~pymongo.collection.Collection.create_indexes

:meth:~pymongo.collection.Collection.list_indexes

The following methods have changed:

:meth:~pymongo.collection.Collection.aggregate now always returns an
instance of :class:~pymongo.command_cursor.CommandCursor. See the
documentation for all options.

:meth:~pymongo.collection.Collection.count now optionally takes a filter
argument, as well as other options supported by the count command.

:meth:~pymongo.collection.Collection.distinct now optionally takes a filter
argument.

:meth:~pymongo.collection.Collection.create_index no longer caches
indexes, therefore the cache_for parameter has been removed. It also
no longer supports the bucket_size and drop_dups aliases for bucketSize
and dropDups.

The following methods are deprecated:

:meth:~pymongo.collection.Collection.save

:meth:~pymongo.collection.Collection.insert

:meth:~pymongo.collection.Collection.update

:meth:~pymongo.collection.Collection.remove

:meth:~pymongo.collection.Collection.find_and_modify

:meth:~pymongo.collection.Collection.ensure_index

The following methods have been removed:

The get_lasterror_options, set_lasterror_options, and
unset_lasterror_options methods have been removed. Use
:class:~pymongo.write_concern.WriteConcern with
:meth:~pymongo.collection.Collection.with_options instead.

Changes to :meth:~pymongo.collection.Collection.find and :meth:~pymongo.collection.Collection.find_one
The following find/find_one options have been renamed:

These renames only affect your code if you passed these as keyword arguments,
like find(fields=[&#39;fieldname&#39;]). If you passed only positional parameters these
changes are not significant for your application.

- spec -&gt; filter
- fields -&gt; projection
- partial -&gt; allow_partial_results

The following find/find_one options have been added:

- cursor_type (see :class:`~pymongo.cursor.CursorType` for values)
- oplog_replay
- modifiers

The following find/find_one options have been removed:

- network_timeout (use :meth:`~pymongo.cursor.Cursor.max_time_ms` instead)
- slave_okay (use one of the read preference classes from
 :mod:`~pymongo.read_preferences` and
 :meth:`~pymongo.collection.Collection.with_options` instead)
- read_preference (use :meth:`~pymongo.collection.Collection.with_options`
 instead)
- tag_sets (use one of the read preference classes from
 :mod:`~pymongo.read_preferences` and
 :meth:`~pymongo.collection.Collection.with_options` instead)
- secondary_acceptable_latency_ms (use the `localThresholdMS` URI option
 instead)
- max_scan (use the new `modifiers` option instead)
- snapshot (use the new `modifiers` option instead)
- tailable (use the new `cursor_type` option instead)
- await_data (use the new `cursor_type` option instead)
- exhaust (use the new `cursor_type` option instead)
- as_class (use :meth:`~pymongo.collection.Collection.with_options` with
 :class:`~bson.codec_options.CodecOptions` instead)
- compile_re (BSON regular expressions are always decoded to
 :class:`~bson.regex.Regex`)

The following find/find_one options are deprecated:

- manipulate

The following renames need special handling.

- timeout -&gt; no_cursor_timeout -
 The default for `timeout` was True. The default for `no_cursor_timeout` is
 False. If you were previously passing False for `timeout` you must pass
 **True** for `no_cursor_timeout` to keep the previous behavior.

:mod:`~pymongo.errors` changes
..............................

The exception classes ``UnsupportedOption`` and ``TimeoutError`` are deleted.

:mod:`~gridfs` changes
......................

Since PyMongo 1.6, methods ``open`` and ``close`` of :class:`~gridfs.GridFS`
raised an ``UnsupportedAPI`` exception, as did the entire ``GridFile`` class.
The unsupported methods, the class, and the exception are all deleted.

:mod:`~bson` changes
....................

The `compile_re` option is removed from all methods
that accepted it in :mod:`~bson` and :mod:`~bson.json_util`. Additionally, it
is removed from :meth:`~pymongo.collection.Collection.find`,
:meth:`~pymongo.collection.Collection.find_one`,
:meth:`~pymongo.collection.Collection.aggregate`,
:meth:`~pymongo.database.Database.command`, and so on.
PyMongo now always represents BSON regular expressions as
:class:`~bson.regex.Regex` objects. This prevents errors for incompatible
patterns, see `PYTHON-500`_. Use :meth:`~bson.regex.Regex.try_compile` to
attempt to convert from a BSON regular expression to a Python regular
expression object.

PyMongo now decodes the int64 BSON type to :class:`~bson.int64.Int64`, a
trivial wrapper around long (in python 2.x) or int (in python 3.x). This
allows BSON int64 to be round tripped without losing type information in
python 3. Note that if you store a python long (or a python int larger than
4 bytes) it will be returned from PyMongo as :class:`~bson.int64.Int64`.

The `as_class`, `tz_aware`, and `uuid_subtype` options are removed from all
BSON encoding and decoding methods. Use
:class:`~bson.codec_options.CodecOptions` to configure these options. The
APIs affected are:

- :func:`~bson.decode_all`
- :func:`~bson.decode_iter`
- :func:`~bson.decode_file_iter`
- :meth:`~bson.BSON.encode`
- :meth:`~bson.BSON.decode`

This is a breaking change for any application that uses the BSON API directly
and changes any of the named parameter defaults. No changes are required for
applications that use the default values for these options. The behavior
remains the same.

.. _PYTHON-500: https://jira.mongodb.org/browse/PYTHON-500

Issues Resolved
...............

See the `PyMongo 3.0 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 3.0 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/12501



### 2.9.3

thread safety issues in :meth:`~pymongo.collection.Collection.ensure_index`,
:meth:`~pymongo.collection.Collection.drop_index`, and
:meth:`~pymongo.collection.Collection.drop_indexes`.

Issues Resolved
...............

See the `PyMongo 2.9.3 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 2.9.3 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16539



### 2.9.2

improves an error message when decoding BSON as well as fixes a couple other
issues including :meth:`~pymongo.collection.Collection.aggregate` ignoring
:attr:`~pymongo.collection.Collection.codec_options` and
:meth:`~pymongo.database.Database.command` raising a superfluous
`DeprecationWarning`.

Issues Resolved
...............

See the `PyMongo 2.9.2 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 2.9.2 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16303



### 2.9.1

adapts a test case for a behavior change in MongoDB 3.2.

Issues Resolved
...............

See the `PyMongo 2.9.1 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 2.9.1 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/16208



### 2.9

from PyMongo 3.0 have been backported in a backward compatible way, allowing
applications to be written against PyMongo &gt;= 2.9, rather then PyMongo 2.x or
PyMongo 3.x. See the :doc:`/migrate-to-pymongo3` for detailed examples.

.. note:: There are a number of new deprecations in this release for features
 that were removed in PyMongo 3.0.

 :class:`~pymongo.mongo_client.MongoClient`:
   - :attr:`~pymongo.mongo_client.MongoClient.host`
   - :attr:`~pymongo.mongo_client.MongoClient.port`
   - :attr:`~pymongo.mongo_client.MongoClient.use_greenlets`
   - :attr:`~pymongo.mongo_client.MongoClient.document_class`
   - :attr:`~pymongo.mongo_client.MongoClient.tz_aware`
   - :attr:`~pymongo.mongo_client.MongoClient.secondary_acceptable_latency_ms`
   - :attr:`~pymongo.mongo_client.MongoClient.tag_sets`
   - :attr:`~pymongo.mongo_client.MongoClient.uuid_subtype`
   - :meth:`~pymongo.mongo_client.MongoClient.disconnect`
   - :meth:`~pymongo.mongo_client.MongoClient.alive`

 :class:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient`:
   - :attr:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.use_greenlets`
   - :attr:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.document_class`
   - :attr:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.tz_aware`
   - :attr:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.secondary_acceptable_latency_ms`
   - :attr:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.tag_sets`
   - :attr:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.uuid_subtype`
   - :meth:`~pymongo.mongo_replica_set_client.MongoReplicaSetClient.alive`

 :class:`~pymongo.database.Database`:
   - :attr:`~pymongo.database.Database.secondary_acceptable_latency_ms`
   - :attr:`~pymongo.database.Database.tag_sets`
   - :attr:`~pymongo.database.Database.uuid_subtype`

 :class:`~pymongo.collection.Collection`:
   - :attr:`~pymongo.collection.Collection.secondary_acceptable_latency_ms`
   - :attr:`~pymongo.collection.Collection.tag_sets`
   - :attr:`~pymongo.collection.Collection.uuid_subtype`

.. warning::
 In previous versions of PyMongo, changing the value of
 :attr:`~pymongo.mongo_client.MongoClient.document_class` changed
 the behavior of all existing instances of
 :class:`~pymongo.collection.Collection`::

   &gt;&gt;&gt; coll = client.test.test
   &gt;&gt;&gt; coll.find_one()
   {u&#39;_id&#39;: ObjectId(&#39;5579dc7cfba5220cc14d9a18&#39;)}
   &gt;&gt;&gt; from bson.son import SON
   &gt;&gt;&gt; client.document_class = SON
   &gt;&gt;&gt; coll.find_one()
   SON([(u&#39;_id&#39;, ObjectId(&#39;5579dc7cfba5220cc14d9a18&#39;))])

 The document_class setting is now configurable at the client,
 database, collection, and per-operation level. This required breaking
 the existing behavior. To change the document class per operation in a
 forward compatible way use
 :meth:`~pymongo.collection.Collection.with_options`::

   &gt;&gt;&gt; coll.find_one()
   {u&#39;_id&#39;: ObjectId(&#39;5579dc7cfba5220cc14d9a18&#39;)}
   &gt;&gt;&gt; from bson.codec_options import CodecOptions
   &gt;&gt;&gt; coll.with_options(CodecOptions(SON)).find_one()
   SON([(u&#39;_id&#39;, ObjectId(&#39;5579dc7cfba5220cc14d9a18&#39;))])

Issues Resolved
...............

See the `PyMongo 2.9 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 2.9 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/14795



### 2.8.1

2.8. It is a recommended upgrade for all users of PyMongo 2.x.

Issues Resolved
...............

See the `PyMongo 2.8.1 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 2.8.1 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/15324



### 2.8

fixes a number of bugs.

Special thanks to Don Mitchell, Ximing, Can Zhang, Sergey Azovskov, and Heewa
Barfchin for their contributions to this release.

Highlights include:

- Support for the SCRAM-SHA-1 authentication mechanism (new in MongoDB 3.0).
- JSON decoder support for the new $numberLong and $undefined types.
- JSON decoder support for the $date type as an ISO-8601 string.
- Support passing an index name to :meth:`~pymongo.cursor.Cursor.hint`.
- The :meth:`~pymongo.cursor.Cursor.count` method will use a hint if one
 has been provided through :meth:`~pymongo.cursor.Cursor.hint`.
- A new socketKeepAlive option for the connection pool.
- New generator based BSON decode functions, :func:`~bson.decode_iter`
 and :func:`~bson.decode_file_iter`.
- Internal changes to support alternative storage engines like wiredtiger.

.. note:: There are a number of deprecations in this release for features that
 will be removed in PyMongo 3.0. These include:

 - :meth:`~pymongo.mongo_client.MongoClient.start_request`
 - :meth:`~pymongo.mongo_client.MongoClient.in_request`
 - :meth:`~pymongo.mongo_client.MongoClient.end_request`
 - :meth:`~pymongo.mongo_client.MongoClient.copy_database`
 - :meth:`~pymongo.database.Database.error`
 - :meth:`~pymongo.database.Database.last_status`
 - :meth:`~pymongo.database.Database.previous_error`
 - :meth:`~pymongo.database.Database.reset_error_history`
 - :class:`~pymongo.master_slave_connection.MasterSlaveConnection`

 The JSON format for :class:`~bson.timestamp.Timestamp` has changed from
 &#39;{&quot;t&quot;: &lt;int&gt;, &quot;i&quot;: &lt;int&gt;}&#39; to &#39;{&quot;$timestamp&quot;: {&quot;t&quot;: &lt;int&gt;, &quot;i&quot;: &lt;int&gt;}}&#39;.
 This new format will be decoded to an instance of
 :class:`~bson.timestamp.Timestamp`. The old format will continue to be
 decoded to a python dict as before. Encoding to the old format is no
 longer supported as it was never correct and loses type information.

Issues Resolved
...............

See the `PyMongo 2.8 release notes in JIRA`_ for the list of resolved issues
in this release.

.. _PyMongo 2.8 release notes in JIRA: https://jira.mongodb.org/browse/PYTHON/fixforversion/14223

six 1.9.0 -> 1.10.0

1.10.0

Issue 122: Improve the performance of six.int2byte on Python 3.

Pull request 55 and issue 99: Don't add the winreg module to six.moves
on non-Windows platforms.

Pull request 60 and issue 108: Add six.moves.getcwd and
six.moves.getcwdu.

Pull request 64: Add create_unbound_method to create unbound methods.

requests-oauthlib 0.4.2 -> 0.7.0

0.7.0

++++++++++++++++++++++++++

Allowed OAuth2Session.request to take the client_id and
client_secret parameters for the purposes of automatic token refresh,
which may need them.

0.6.2

+++++++++++++++++++++

Use client_id and client_secret for the Authorization header if
provided.

Allow explicit bypass of the Authorization header by setting auth=False.

Pass through the proxies kwarg when refreshing tokens.

Miscellaneous cleanups.

0.6.1

+++++++++++++++++++++++++

Fixed a bug when sending authorization in headers with no username and
password present.

Make sure we clear the session token before obtaining a new one.

Some improvements to the Slack compliance fix.

Avoid timing problems around token refresh.

Allow passing arbitrary arguments to requests when calling
fetch_request_token and fetch_access_token.

0.6.0

+++++++++++++++++++++++++

Add compliance fix for Slack.

Add compliance fix for Mailchimp.

TokenRequestDenied exceptions now carry the entire response, not just the
status code.

Pass through keyword arguments when refreshing tokens automatically.

Send authorization in headers, not just body, to maximize compatibility.

More getters/setters available for OAuth2 session client values.

Allow sending custom headers when refreshing tokens, and set some defaults.

0.5.0

+++++++++++++++++++

Fix TypeError being raised instead of TokenMissing error.

Raise requests exceptions on 4XX and 5XX responses in the OAuth2 flow.

Avoid AttributeError when initializing the OAuth2Session class
without complete client information.

rsa 3.1.4 -> 3.4.2

3.4.2

Fixed dates in CHANGELOG.txt

3.4.1

Included tests/private.pem in MANIFEST.in

Included README.md and CHANGELOG.txt in MANIFEST.in

3.4

Moved development to Github: https://github.com/sybrenstuvel/python-rsa

Solved side-channel vulnerability by implementing blinding, fixes 19

Deprecated the VARBLOCK format and rsa.bigfile module due to security issues, see
Vulnerability in bigfile.py sybrenstuvel/python-rsa#13

Integration with Travis-CI 1, Coveralls [2] and Code Climate [3]

Deprecated the old rsa._version133 and rsa._version200 submodules, they will be
completely removed in version 4.0.

Add an 'exponent' argument to key.newkeys()

Switched from Solovay-Strassen to Miller-Rabin primality testing, to
comply with NIST FIPS 186-4 [4] as probabilistic primality test
(Appendix C, subsection C.3):

Fixed bugs 12, 14, 27, 30, 49

1 https://travis-ci.org/sybrenstuvel/python-rsa
[2] https://coveralls.io/github/sybrenstuvel/python-rsa
[3] https://codeclimate.com/github/sybrenstuvel/python-rsa
[4] http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf

3.3

Thanks to Filippo Valsorda: Fix BB'06 attack in verify() by
switching from parsing to comparison. See 1 for more information.

Simplified Tox configuration and dropped Python 3.2 support. The
coverage package uses a u'' prefix, which was reintroduced in 3.3
for ease of porting.

1 https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/

3.2.3

Added character encoding markers for Python 2.x

3.2.1

Added per-file licenses

Added support for wheel packages

Made example code more consistent and up to date with Python 3.4

3.2

Mentioned support for Python 3 in setup.py

Flask-Login 0.2.11 -> 0.3.2

0.3.2

Released on October 8th, 2015

Fixes Python 2.6 compatibility.

Updates SESSION_KEYS to include "remember".

0.3.1

Released on September 30th, 2015

Fixes removal of non-Flask-Login keys from session object when using 'strong'
protection.

0.3.0

Released on September 10th, 2015

Fixes handling of X-Forward-For header.

Update to use SHA512 instead of MD5 for session identifier creation.

Fixes session creation for every view.

BREAKING: UTC used to set cookie duration.

BREAKING: Non-fresh logins now returns HTTP 401.

Support unicode user IDs in cookie.

Fixes user_logged_out signal invocation.

Support for per-Blueprint login views.

BREAKING: The is_authenticated, is_active, and is_anonymous members of
the user class are now properties, not methods. Applications should update
their user classes accordingly.

Various other improvements including documentation and code clean up.

Flask-Script -> 2.0.5

0.6.7

Released on February 16, 2014

Expose app instance in a command commands (manage.app). 83

Show full help for submanagers if called without arguments. 85

Fix ShowUrls command conflict. 88

0.6.6

Released on December 6, 2013

Fix global being passed after command by not expliciting checking for the 'parents' argument.

0.6.5

Released on December 5, 2013

Change warning from UserWarning to DeprecationWarning so it is ignored by default

0.6.4

Released on December 5, 2013

Only pass parents argument if a command's create_parser accepts it. Workaround for 71

0.6.3

Released on November 11, 2013

Separate usage into usage/help/description

Allow for command auto detection

0.6.2

Released on August 10, 2013

FIXED: 0.6.1 fails to embed ipython at all

0.6.1

Released on August 9, 2013

FIXED: IPython Shell embedding fails after upgrade to IPython 1.0

0.6.0

Released on August 7, 2013.

Drop support for Python 2.5

Support Python 2.6/2.7 and >= 3.3 using same source code.
Import necessary compatibility code from flask._compat module of current
Flask repo code.

Use proper argparse subparsers

Tab completion using argcomplete

Remove question marks from automatically being appended to prompt_bool and prompt_choices

FIXED: ipython with disabled bpython

FIXED: debug parameter no longer passed in from flask_script

0.5.3

Released on January 9, 2013.

Fix nasty bug in Clean command that deletes all files

0.5.2

Released on December 26, 2012.

Change from module to package and refactor project structure

Add BPython shell support

Add Clean and ShowUrls commands

Add Group, a simple way to group arguments

0.5.1

Released on October 2nd, 2012.

Fixed an issue where debug settings were being overridden if present in config.

Expose 'passthrough_errors' on Server to disable error catching (useful to hook debuggers in (ex. pdb))

0.5.0

Released on September 22, 2012.

Sub-Manager support (see: http://flask-script.readthedocs.org/en/latest/index.htmlsub-managers)

Flask-Script -> 2.0.5

0.6.7

Released on February 16, 2014

Expose app instance in a command commands (manage.app). 83

Show full help for submanagers if called without arguments. 85

Fix ShowUrls command conflict. 88

0.6.6

Released on December 6, 2013

Fix global being passed after command by not expliciting checking for the 'parents' argument.

0.6.5

Released on December 5, 2013

Change warning from UserWarning to DeprecationWarning so it is ignored by default

0.6.4

Released on December 5, 2013

Only pass parents argument if a command's create_parser accepts it. Workaround for 71

0.6.3

Released on November 11, 2013

Separate usage into usage/help/description

Allow for command auto detection

0.6.2

Released on August 10, 2013

FIXED: 0.6.1 fails to embed ipython at all

0.6.1

Released on August 9, 2013

FIXED: IPython Shell embedding fails after upgrade to IPython 1.0

0.6.0

Released on August 7, 2013.

Drop support for Python 2.5

Support Python 2.6/2.7 and >= 3.3 using same source code.
Import necessary compatibility code from flask._compat module of current
Flask repo code.

Use proper argparse subparsers

Tab completion using argcomplete

Remove question marks from automatically being appended to prompt_bool and prompt_choices

FIXED: ipython with disabled bpython

FIXED: debug parameter no longer passed in from flask_script

0.5.3

Released on January 9, 2013.

Fix nasty bug in Clean command that deletes all files

0.5.2

Released on December 26, 2012.

Change from module to package and refactor project structure

Add BPython shell support

Add Clean and ShowUrls commands

Add Group, a simple way to group arguments

0.5.1

Released on October 2nd, 2012.

Fixed an issue where debug settings were being overridden if present in config.

Expose 'passthrough_errors' on Server to disable error catching (useful to hook debuggers in (ex. pdb))

0.5.0

Released on September 22, 2012.

Sub-Manager support (see: http://flask-script.readthedocs.org/en/latest/index.htmlsub-managers)

facebook-sdk 0.4.0 -> 2.0.0

2.0.0

Add support for Graph API versions 2.6 and 2.7.

Remove support for Graph API version 2.0 and FQL.

Change default Graph API version to 2.1.

Fix bug with debug_access_token method not working when the
GraphAPI object's access token was set (276).

Allow offline generation of application access tokens.

1.0.0

Python 3 support.

More comprehensive test coverage.

Full Unicode support.

Better exception handling.

Vastly improved documentation.

oauth2client 1.4.5 -> 4.0.0

4.0.0

New features:

New Django samples. (636)

Add support for RFC7636 PKCE. (588)

Release as a universal wheel. (665)

Bug fixes:

Fix django authorization redirect by correctly checking validity of credentials. (651)

Correct query loss when using parse_qsl to dict. (622)

Switch django models from pickle to jsonpickle. (614)

Support new MIDDLEWARE Django 1.10 aetting. (623)

Remove usage of os.environ.setdefault. (621)

Handle missing storage files correctly. (576)

Try to revoke token with POST when getting a 405. (662)

Internal changes:

Use transport module for GCE environment check. (612)

Remove author lines and add contributors.md. (627)

Clean up imports. (625)

Use transport.request in tests. (607)

Drop unittest2 dependency (610)

Remove backslash line continuations. (608)

Use transport helpers in system tests. (606)

Clean up usage of HTTP mocks in tests. (605)

Remove all uses of MagicMock. (598)

Migrate test runner to pytest. (569)

Merge util.py and _helpers.py. (579)

Remove httplib2 imports from non-transport modules. (577)

Breaking changes:

Drop Python 3.3 support. (603)

Drop Python 2.6 support. (590)

Remove multistore_file. (589)

3.0.0

Populate token_expiry for GCE credentials. (473)

Move GCE metadata interface to a separate module. (520)

Populate scopes for GCE credentials. (524)

Fix Python 3.5 compatibility. (531)

Add oauth2client.contrib.sqlalchemy, a SQLAlchemy-based credential store. (527)

Improve error when an invalid client secret is provided. (530)

Add oauth2client.contrib.multiprocess_storage. This supersedes the functionality in oauth2client.contrib.multistore_file. (504)

Pull httplib2 usage into a separate transport module. (559, 561)

Refactor all django-related code into oauth2client.contrib.django_util. Add DjangoORMStorage, remove FlowField. (546)

Fix application default credentials resolution order. (570)

Add configurable timeout for GCE metadata server check. (571)

Add warnings when using deprecated approval_prompt='force'. (572)

Add deprecation warning to oauth2client.contrib.multistore_file. (574)

(Hygiene) PEP8 compliance and various style fixes (537, 540, 552, 562)

(Hygiene) Remove duplicated exception classes in oauth2client.contrib.appengine. (533)

NOTE: The next major release of oauth2client (v4.0.0) will remove the oauth2client.contrib.multistore_file module.

2.2.0

Added support to override token_uri and revoke_uri in oauth2client.service_account.ServiceAccountCredentials. (510)

oauth2client.contrib.multistore_file now handles OSError in addition to IOError because Windows may raise OSError where other platforms will raise IOError.

oauth2client.contrib.django_util and oauth2client.contrib.django_orm have been updated to support Django 1.8 - 1.10. Versions of Django below 1.8 will not work with these modules.

2.1.0

Add basic support for JWT access credentials. (503)

Fix oauth2client.client.DeviceFlowInfo to use UTC instead of the system timezone when calculating code expiration.

2.0.2

Fix issue where flask_util.UserOAuth2.required would accept expired credentials (452).

Fix issue where flask_util would fill the session with Flow objects (498).

Fix issue with Python 3 binary strings in Flow.step2_exchange (446).

Improve test coverage to 100%.

2.0.1

Making scopes optional on Google Compute Engine AppAssertionCredentials
and adding a warning that GCE won't honor scopes (419)

Adding common sign_blob() to service account types and a
service_account_email property. (421)

Improving error message in P12 factory
ServiceAccountCredentials.from_p12_keyfile when pyOpenSSL is
missing. (424)

Allowing default flags in oauth2client.tools.run_flow()
rather than forcing users to create a dummy argparser (426)

Removing oauth2client.util.dict_to_tuple_key() from public
interface (429)

Adding oauth2client.contrib._appengine_ndb helper module
for oauth2client.contrib.appengine and moving most code that
uses the ndb library into the helper (434)

Fix error in django_util sample code (438)

2.0.0post1

Fix Google Compute Engine breakage (411, breakage introduced in 387) that
made it impossible to obtain access tokens

Implement ServiceAccountCredentials.from_p12_keyfile_buffer()
to allow passing a file-like object in addition to the factory
constructor that uses a filename directly (413)

Implement ServiceAccountCredentials.create_delegated()
to allow upgrading a credential to one that acts on behalf
of a given subject (420)

2.0.0

Add django_util (332)

Avoid OAuth2Credentials id_token going out of sync after a token
refresh (337)

Move to a contrib sub-package code not considered a core part of
the library (346, 353, 370, 375, 376, 382)

Add token_expiry to devshell credentials (372)

Move Storage locking into a base class (379)

Added dictionary storage (380)

Added to_json and from_json methods to all Credentials
classes (385)

Fall back to read-only credentials on EACCES errors (389)

Coalesced the two ServiceAccountCredentials
classes (395, 396, 397, 398, 400)

Special Note About ServiceAccountCredentials:

For JSON keys, you can create a credential via
from oauth2client.service_account import ServiceAccountCredentials
credentials = ServiceAccountCredentials.from_json_keyfile_name(
   key_file_name, scopes=[...])
You can still rely on
from oauth2client.client import GoogleCredentials
credentials = GoogleCredentials.get_application_default()
returning these credentials when you set the GOOGLE_APPLICATION_CREDENTIALS
environment variable.

For .p12 keys, construct via
credentials = ServiceAccountCredentials.from_p12_keyfile(
   service_account_email, key_file_name, scopes=[...])
though we urge you to use JSON keys (rather than .p12 keys) if you can.

This is equivalent to the previous method
PRE-oauth2client 2.0.0 EXAMPLE CODE!
from oauth2client.client import SignedJwtAssertionCredentials

with open(key_file_name, &#39;rb&#39;) as key_file:
   private_key = key_file.read()

credentials = SignedJwtAssertionCredentials(
   service_account_email, private_key, scope=[...])
1.5.2

Add access token refresh error class that includes HTTP status (310)

Python3 compatibility fixes for Django (316, 318)

Fix incremental auth in flask_util (322)

Fall back to credential refresh on EDEADLK in multistore_file (336)

1.5.1

Fix bad indent in tools.run_flow() (301, bug was
introduced when switching from 2 space indents to 4)

1.5.0

Fix (more like clarify) bytes / str handling in crypto
methods. (203, 250, 272)

Replacing webapp with webapp2 in oauth2client.appengine (217)

Added optional state parameter to
step1_get_authorize_url. (219 and 222)

Added flask_util module that provides a Flask extension to aid
with using OAuth2 web server flow. This provides the same functionality
as the appengine.webapp2 OAuth2Decorator, but will work with any Flask
application regardless of hosting environment. (226, 273)

Track scopes used on credentials objects (230)

Moving docs to readthedocs.org(237, 238, 244)

Removing old_run module. Was deprecated July 2, 2013. (285)

Avoid proxies when querying for GCE metadata (to check if
running on GCE) (114, 293)

1.4.12

Fix OS X flaky test failure (189).

Fix broken OpenSSL import (191).

Remove util.positional from wrapped request in Credentials.authorize()
(196, 197).

Changing pinned dependencies to >= (200, 204).

Support client authentication using Authorization header (206).

Clarify environment check in case where GAE imports succeed but GAE services
aren't available (208).

1.4.11

Better environment detection with Managed VMs.

Better OpenSSL detection in exotic environments.

1.4.10

Update the OpenSSL check to be less strict about finding crypto.py in
the OpenSSL directory.

tox updates for new environment handling in tox.

1.4.9

Ensure that the ADC fails if we try to write the well-known file to a
directory that doesn't exist, but not if we try to read from one.

1.4.8

Better handling of body during token refresh when body is a stream.

Better handling of expired tokens in storage.

Cleanup around openSSL import.

Allow custom directory for the well_known_file.

Integration tests for python2 and python3. (!!!)

Stricter file permissions when saving the well_known_file.

Test cleanup around config file locations.

1.4.7

Add support for Google Developer Shell credentials.

Better handling of filesystem errors in credential refresh.

python3 fixes

Add NO_GCE_CHECK for skipping GCE detection.

Better error messages on InvalidClientSecretsError.

Comment cleanup on run_flow.

1.4.6

Add utility function to convert PKCS12 key to PEM. (115)

Change GCE detection logic. (93)

Add a tox env for doc generation.

Flask-SQLAlchemy -> 2.1

2.1

Released on October 23rd 2015, codename Caesium

Table names are automatically generated in more cases, including
subclassing mixins and abstract models.

Allow using a custom MetaData object.

Add support for binds parameter to session.

2.0

Released on August 29th 2014, codename Bohrium

Changed how the builtin signals are subscribed to skip non Flask-SQLAlchemy
sessions. This will also fix the attribute error about model changes
not existing.

Added a way to control how signals for model modifications are tracked.

Made the SignallingSession a public interface and added a hook
for customizing session creation.

If the bind parameter is given to the signalling session it will no
longer cause an error that a parameter is given twice.

Added working table reflection support.

Enabled autoflush by default.

Consider SQLALCHEMY_COMMIT_ON_TEARDOWN harmful and remove from docs.

1.0

Released on July 20th 2013, codename Aurum

Added Python 3.3 support.

Dropped 2.5 compatibility.

Various bugfixes

Changed versioning format to do major releases for each update now.

0.16

New distribution format (flask_sqlalchemy)

Added support for Flask 0.9 specifics.

0.15

Added session support for multiple databases

0.14

Make relative sqlite paths relative to the application root.

0.13

Fixed an issue with Flask-SQLAlchemy not selecting the correct binds.

0.12

Added support for multiple databases.

Expose Flask-SQLAlchemy's BaseQuery as db.Query.

Set default query_class for db.relation, db.relationship, and
db.dynamic_loader to Flask-SQLAlchemy's BaseQuery.

Improved compatibility with Flask 0.7.

0.11

Fixed a bug introduced in 0.10 with alternative table constructors.

0.10

Added support for signals.

Table names are now automatically set from the class name unless
overriden.

Model.query now always works for applications directly passed to
the SQLAlchemy constructor. Furthermore the property now raises
an RuntimeError instead of being None.

added session options to constructor.

fixed a broken __repr__

db.Table is now a factor function that creates table objects.
This makes it possible to omit the metadata.

0.9

applied changes to pass the Flask extension approval process.

0.8

added a few configuration keys for creating connections.

automatically activate connection recycling for MySQL connections.

added support for the Flask testing mode.

0.7

Initial public release

Flask-SQLAlchemy -> 2.1

2.1

Released on October 23rd 2015, codename Caesium

Table names are automatically generated in more cases, including
subclassing mixins and abstract models.

Allow using a custom MetaData object.

Add support for binds parameter to session.

2.0

Released on August 29th 2014, codename Bohrium

Changed how the builtin signals are subscribed to skip non Flask-SQLAlchemy
sessions. This will also fix the attribute error about model changes
not existing.

Added a way to control how signals for model modifications are tracked.

Made the SignallingSession a public interface and added a hook
for customizing session creation.

If the bind parameter is given to the signalling session it will no
longer cause an error that a parameter is given twice.

Added working table reflection support.

Enabled autoflush by default.

Consider SQLALCHEMY_COMMIT_ON_TEARDOWN harmful and remove from docs.

1.0

Released on July 20th 2013, codename Aurum

Added Python 3.3 support.

Dropped 2.5 compatibility.

Various bugfixes

Changed versioning format to do major releases for each update now.

0.16

New distribution format (flask_sqlalchemy)

Added support for Flask 0.9 specifics.

0.15

Added session support for multiple databases

0.14

Make relative sqlite paths relative to the application root.

0.13

Fixed an issue with Flask-SQLAlchemy not selecting the correct binds.

0.12

Added support for multiple databases.

Expose Flask-SQLAlchemy's BaseQuery as db.Query.

Set default query_class for db.relation, db.relationship, and
db.dynamic_loader to Flask-SQLAlchemy's BaseQuery.

Improved compatibility with Flask 0.7.

0.11

Fixed a bug introduced in 0.10 with alternative table constructors.

0.10

Added support for signals.

Table names are now automatically set from the class name unless
overriden.

Model.query now always works for applications directly passed to
the SQLAlchemy constructor. Furthermore the property now raises
an RuntimeError instead of being None.

added session options to constructor.

fixed a broken __repr__

db.Table is now a factor function that creates table objects.
This makes it possible to omit the metadata.

0.9

applied changes to pass the Flask extension approval process.

0.8

added a few configuration keys for creating connections.

automatically activate connection recycling for MySQL connections.

added support for the Flask testing mode.

0.7

Initial public release

Babel 1.3 -> 2.3.4

2.3

(Feature release, released on April 8th)

Internal improvements
* The CLI frontend and Distutils commands use a shared implementation (https://github.com/python-babel/babel/pull/311)
* PyPy3 is supported (https://github.com/python-babel/babel/pull/343)

Features
CLDR: Add an API for territory language data (Territory languages python-babel/babel#315)

Core: Character order and measurement system data is imported and exposed (Character order and measurement systems python-babel/babel#368)

Dates: Add an API for time interval formatting (Implement date interval formatting python-babel/babel#316)

Dates: More pattern formats and lengths are supported (Additional Support for Date Time pattern formats python-babel/babel#347)

Dates: Period IDs are imported and exposed (Day period API python-babel/babel#349)

Dates: Support for date-time skeleton formats has been added (Add support for date-time skeletons python-babel/babel#265)

Dates: Timezone formatting has been improved (Fix #325 Support more format for timezone python-babel/babel#338)

Messages: JavaScript extraction now supports dotted names, ES6 template strings and JSX tags (Improved JavaScript extraction python-babel/babel#332)

Messages: npgettext is recognized by default (Extract: Add npgettext to default keywords map python-babel/babel#341)

Messages: The CLI learned to accept multiple domains (Frontend: Add multi-domain support to compile_catalog command python-babel/babel#335)

Messages: The extraction commands now accept filenames in addition to directories (Support extraction by filename as well as directory python-babel/babel#324)

Units: A new API for unit formatting is implemented (Add unit and compound unit formatting python-babel/babel#369)

Bugfixes
* Core: Mixed-case locale IDs work more reliably (https://github.com/python-babel/babel/pull/361)
* Dates: S...S formats work correctly now (https://github.com/python-babel/babel/pull/360)
* Messages: All messages are now sorted correctly if sorting has been specified (https://github.com/python-babel/babel/pull/300)
* Messages: Fix the unexpected behavior caused by catalog header updating (e0e7ef1) (https://github.com/python-babel/babel/pull/320)
* Messages: Gettext operands are now generated correctly (https://github.com/python-babel/babel/pull/295)
* Messages: Message extraction has been taught to detect encodings better (https://github.com/python-babel/babel/pull/274)



### 2.2

-----------

(Feature release, released on January 2nd 2016)

Bugfixes
General: Add hash to Locale. (303) (2aa8074)

General: Allow files with BOM if they're UTF-8 (189) (da87edd)

General: localedata directory is now locale-data (109) (2d1882e)

General: odict: Fix pop method (0a9e97e)

General: Removed uses of datetime.date class from *.dat files (174) (94f6830)

Messages: Fix plural selection for Chinese (531f666)

Messages: Fix typo and add semicolon in plural_forms (5784501)

Messages: Flatten NullTranslations.files into a list (ad11101)

Times: FixedOffsetTimezone: fix display of negative offsets (d816803)

Features
* CLDR: Update to CLDR 28 (292) (9f7f4d0)
* General: Add __copy__ and __deepcopy__ to LazyProxy. (a1cc3f1)
* General: Add official support for Python 3.4 and 3.5
* General: Improve odict performance by making key search O(1) (6822b7f)
* Locale: Add an ordinal_form property to Locale (270) (b3f3430)
* Locale: Add support for list formatting (37ce4fa, be6e23d)
* Locale: Check inheritance exceptions first (3ef0d6d)
* Messages: Allow file locations without line numbers (279) (79bc781)
* Messages: Allow passing a callable to `extract()` (289) (3f58516)
* Messages: Support &#39;Language&#39; header field of PO files (76) (3ce842b)
* Messages: Update catalog headers from templates (e0e7ef1)
* Numbers: Properly load and expose currency format types (201) (df676ab)
* Numbers: Use cdecimal by default when available (b6169be)
* Numbers: Use the CLDR&#39;s suggested number of decimals for format_currency (139) (201ed50)
* Times: Add format_timedelta(format=&#39;narrow&#39;) support (edc5eb5)



### 2.1

-----------

(Bugfix/minor feature release, released on September 25th 2015)

- Parse and honour the locale inheritance exceptions
 (https://github.com/python-babel/babel/issues/97)
- Fix Locale.parse using ``global.dat`` incompatible types 
 (https://github.com/python-babel/babel/issues/174)
- Fix display of negative offsets in ``FixedOffsetTimezone``
 (https://github.com/python-babel/babel/issues/214)
- Improved odict performance which is used during localization file
 build, should improve compilation time for large projects
- Add support for &quot;narrow&quot; format for ``format_timedelta``
- Add universal wheel support
- Support &#39;Language&#39; header field in .PO files 
 (fixes https://github.com/python-babel/babel/issues/76)
- Test suite enhancements (coverage, broken tests fixed, etc)
- Documentation updated



### 2.0

-----------

(Released on July 27th 2015, codename Second Coming)

- Added support for looking up currencies that belong to a territory
 through the :func:`babel.numbers.get_territory_currencies`
 function.
- Improved Python 3 support.
- Fixed some broken tests for timezone behavior.
- Improved various smaller things for dealing with dates.



### 1.4

-----------

(bugfix release, release date to be decided)

- Fixed a bug that caused deprecated territory codes not being
 converted properly by the subtag resolving.  This for instance
 showed up when trying to use ``und_UK`` as a language code
 which now properly resolves to ``en_GB``.
- Fixed a bug that made it impossible to import the CLDR data
 from scratch on windows systems.

simplejson 3.6.5 -> 3.8.2

3.8.2

Fix implicit cast compiler warning in _speedups.c

simplejson is now available as wheels for OS X and Windows thanks to Travis-CI
and AppVeyor respectively! Many thanks to aebrahim for getting this party
started.
build windows wheels on appveyor simplejson/simplejson#130
wheels for simplejson simplejson/simplejson#122

3.8.1

Fix issue with iterable_as_array and indent option
simplejson generates invalid json with iterable_as_array and indent is set simplejson/simplejson#128

Fix typo in keyword argument name introduced in 3.8.0
removed from _speedups.c forgotten "iterable_as_array" without comma after string simplejson/simplejson#123

3.8.0

New iterable_as_array encoder option to perform lazy serialization of
any iterable objects, without having to convert to tuple or list.

3.7.3

Fix typo introduced in 3.7.0 (behavior should be indistinguishable)
simplejson/simplejson@e18cc09b688ea1f3305c27616fd3cadd2adc6d31commitcomment-11443842

3.7.2

Do not cache Decimal class in encoder, only reference the decimal module.
This may make reload work in more common scenarios.

3.7.1

Fix compilation with MSVC
_speedups.c fails to compile with msvc simplejson/simplejson#119

3.7.0

simplejson no longer trusts custom str/repr methods for int, long, float
subclasses. These instances are now formatted as if they were exact
instances of those types.
Cant JSON serialize sqlalchemy.util.langhelpers.symbol simplejson/simplejson#118

Flask 0.10.1 -> 0.11.1

0.11.1

Bugfix release, released on June 7th 2016.

Fixed a bug that prevented FLASK_APP=foobar/__init__.py from working. See
pull request 1872.

0.11

Released on May 29th 2016, codename Absinthe.

Added support to serializing top-level arrays to :func:flask.jsonify. This
introduces a security risk in ancient browsers. See
:ref:json-security for details.

Added before_render_template signal.

Added **kwargs to :meth:flask.Test.test_client to support passing
additional keyword arguments to the constructor of
:attr:flask.Flask.test_client_class.

Added SESSION_REFRESH_EACH_REQUEST config key that controls the
set-cookie behavior. If set to True a permanent session will be
refreshed each request and get their lifetime extended, if set to
False it will only be modified if the session actually modifies.
Non permanent sessions are not affected by this and will always
expire if the browser window closes.

Made Flask support custom JSON mimetypes for incoming data.

Added support for returning tuples in the form (response, headers)
from a view function.

Added :meth:flask.Config.from_json.

Added :attr:flask.Flask.config_class.

Added :meth:flask.Config.get_namespace.

Templates are no longer automatically reloaded outside of debug mode. This
can be configured with the new TEMPLATES_AUTO_RELOAD config key.

Added a workaround for a limitation in Python 3.3's namespace loader.

Added support for explicit root paths when using Python 3.3's namespace
packages.

Added :command:flask and the flask.cli module to start the local
debug server through the click CLI system. This is recommended over the old
flask.run() method as it works faster and more reliable due to a
different design and also replaces Flask-Script.

Error handlers that match specific classes are now checked first,
thereby allowing catching exceptions that are subclasses of HTTP
exceptions (in werkzeug.exceptions). This makes it possible
for an extension author to create exceptions that will by default
result in the HTTP error of their choosing, but may be caught with
a custom error handler if desired.

Added :meth:flask.Config.from_mapping.

Flask will now log by default even if debug is disabled. The log format is
now hardcoded but the default log handling can be disabled through the
LOGGER_HANDLER_POLICY configuration key.

Removed deprecated module functionality.

Added the EXPLAIN_TEMPLATE_LOADING config flag which when enabled will
instruct Flask to explain how it locates templates. This should help
users debug when the wrong templates are loaded.

Enforce blueprint handling in the order they were registered for template
loading.

Ported test suite to py.test.

Deprecated request.json in favour of request.get_json().

Add "pretty" and "compressed" separators definitions in jsonify() method.
Reduces JSON response size when JSONIFY_PRETTYPRINT_REGULAR=False by removing
unnecessary white space included by default after separators.

JSON responses are now terminated with a newline character, because it is a
convention that UNIX text files end with a newline and some clients don't
deal well when this newline is missing. See
Add JSONIFY_END_WITH_NEWLINE config variable pallets/flask#1262 -- this came up originally as a
part of https://github.com/kennethreitz/httpbin/issues/168

The automatically provided OPTIONS method is now correctly disabled if
the user registered an overriding rule with the lowercase-version
options (issue 1288).

flask.json.jsonify now supports the datetime.date type (pull request
1326).

Don't leak exception info of already catched exceptions to context teardown
handlers (pull request 1393).

Allow custom Jinja environment subclasses (pull request 1422).

flask.g now has pop() and setdefault methods.

Turn on autoescape for flask.templating.render_template_string by default
(pull request 1515).

flask.ext is now deprecated (pull request 1484).

send_from_directory now raises BadRequest if the filename is invalid on
the server OS (pull request 1763).

Added the JSONIFY_MIMETYPE configuration variable (pull request 1728).

Exceptions during teardown handling will no longer leave bad application
contexts lingering around.

0.10.2

(bugfix release, release date to be announced)

Fixed broken test_appcontext_signals() test case.

Raise an :exc:AttributeError in :func:flask.helpers.find_package with a
useful message explaining why it is raised when a PEP 302 import hook is used
without an is_package() method.

Fixed an issue causing exceptions raised before entering a request or app
context to be passed to teardown handlers.

Fixed an issue with query parameters getting removed from requests in
the test client when absolute URLs were requested.

Made before_first_request into a decorator as intended.

Fixed an etags bug when sending a file streams with a name.

Fixed send_from_directory not expanding to the application root path
correctly.

Changed logic of before first request handlers to flip the flag after
invoking. This will allow some uses that are potentially dangerous but
should probably be permitted.

Fixed Python 3 bug when a handler from app.url_build_error_handlers
reraises the BuildError.

flask-mongoengine 0.7.1 -> 0.8

0.8

Dropped MongoEngine 0.7 support

Added MongoEngine 0.10 support

Added PyMongo 3 support

Added Python3 support up to 3.5

Allowed empying value list in SelectMultipleField

Fixed paginator issues

Use InputRequired validator to allow 0 in required field

Made help_text Field attribute optional

Added "radio" form_arg to convert field into RadioField

Added "textarea" form_arg to force conversion into TextAreaField

Added field parameters (validators, filters...)

Fixed 'False' connection settings ignored

Fixed bug to allow multiple instances of extension

Added MongoEngineSessionInterface support for PyMongo's tz_aware option

Support arbitrary primary key fields (not "id")

Configurable httponly flag for MongoEngineSessionInterface

Various bugfixes, code cleanup and documentation improvements

Move from deprecated flask.ext.* to flask_* syntax in imports

Added independent connection handler for FlaskMongoEngine

All MongoEngine connection calls are proxied via FlaskMongoEngine connection handler

Added backward compatibility for settings key names

Added support for MongoMock and temporary test DB

Fixed issue with multiple DB support

Various bugfixes

Once you have closed this pull request, I'll create seperate pull requests for every update as soon as I find them.

That's it for now!

Happy merging! 🤖

pyup-bot added 30 commits October 19, 2016 11:54

Update flask-wtf from 0.10.3 to 0.13.1

6804cd0

Update flask-babel from 0.9 to 0.11.1

dea85ec

Update passlib from 1.6.2 to 1.6.5

257e866

Update wtforms from 1.0.5 to 2.1

9a33c43

Update mongoengine from 0.8.7 to 0.10.6

3b0f7c0

Update pyasn1-modules from 0.0.5 to 0.0.8

b0c7792

Update blinker from 1.3 to 1.4

3b230a2

Pin ndg-httpsclient to latest version 0.4.2

7d4e38c

Pin ndg-httpsclient to latest version 0.4.2

489f071

Update flask-security from 1.7.4 to 1.7.5

d4c4b2e

Update uritemplate from 0.6 to 3.0.0

98c3aea

Update oauthlib from 0.7.2 to 2.0.0

98a577f

Update flask-admin from 1.0.9 to 1.4.2

2cc279e

Update werkzeug from 0.9.6 to 0.11.11

e4cb700

Update requests from 2.5.1 to 2.11.1

414438b

Update python-twitter from 2.2 to 3.1

1b69067

Update google-api-python-client from 1.3.1 to 1.5.4

4e332c8

Update jinja2 from 2.7.3 to 2.8

943ac2c

Update httplib2 from 0.9 to 0.9.2

417e50d

Update pymongo from 2.7.2 to 3.3.0

51434d8

Update six from 1.9.0 to 1.10.0

0181ce4

Update flask-babelex from 0.9.2 to 0.9.3

d2898ae

Update requests-oauthlib from 0.4.2 to 0.7.0

1b5f9cf

Update rsa from 3.1.4 to 3.4.2

7c9a452

Pin python-twitter to latest version 3.1

a68f284

Pin python-twitter to latest version 3.1

e7f3d26

Update flask-login from 0.2.11 to 0.3.2

052938a

Pin flask-script to latest version 2.0.5

00baeee

Pin flask-script to latest version 2.0.5

cfaf6fb

Update facebook-sdk from 0.4.0 to 2.0.0

536b429

pyup-bot added 14 commits October 19, 2016 11:55

Pin pyopenssl to latest version 16.2.0

5504b8e

Pin pyopenssl to latest version 16.2.0

81d7eb5

Update oauth2client from 1.4.5 to 4.0.0

246969a

Pin flask-sqlalchemy to latest version 2.1

2d2c7e1

Pin flask-sqlalchemy to latest version 2.1

79d4e8e

Update pytz from 2014.10 to 2016.7

7b1387d

Update babel from 1.3 to 2.3.4

c7e6c1c

Update pyasn1 from 0.1.7 to 0.1.9

e3f07b6

Update simplejson from 3.6.5 to 3.8.2

9ace832

Update flask from 0.10.1 to 0.11.1

03dff0d

Update flask-mongoengine from 0.7.1 to 0.8

64e60d5

Pin pyasn1 to latest version 0.1.9

80f8d82

Pin pyasn1 to latest version 0.1.9

645cad4

Update oauth2 from 1.5.211 to 1.9.0.post1

ea89b52

wooyek merged commit 7c7a76f into develop Nov 1, 2016

wooyek deleted the pyup-initial-update branch November 2, 2016 11:32

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Initial Update #25

Initial Update #25

pyup-bot commented Oct 19, 2016

Initial Update #25

Initial Update #25

Conversation

pyup-bot commented Oct 19, 2016

Updates

Changelogs

Flask-WTF 0.10.3 -> 0.13.1

0.13.1

0.13

0.12

0.11

WTForms 1.0.5 -> 2.1

2.1

2.0.2

2.0.1

2.0

blinker 1.3 -> 1.4

1.4

Flask-Security 1.7.4 -> 1.7.5

1.7.5

uritemplate 0.6 -> 3.0.0

2.0.0

1.0.1

1.0.0

oauthlib 0.7.2 -> 2.0.0

2.0.0

1.1.2

1.1.1

1.1.0

1.0.3

1.0.2

1.0.1

1.0.0

requests 2.5.1 -> 2.11.1

2.11.1

2.11.0

2.10.0

2.9.2

2.9.1

2.9.0

2.8.1

2.8.0

2.7.0

2.6.2

2.6.1

2.6.0

2.5.3

2.5.2

google-api-python-client 1.3.1 -> 1.5.4

1.5.4

1.5.3

1.5.2

1.5.1

1.5.0

1.4.2

1.4.1

1.4.0

1.3.2

Jinja2 2.7.3 -> 2.8

2.8

httplib2 0.9 -> 0.9.2

0.9.2

0.9.1

pymongo 2.7.2 -> 3.3.0

3.3

3.2.2

3.2.1

3.2

3.1.1

3.1

3.0.3

3.0.2

3.0.1

3.0

six 1.9.0 -> 1.10.0

1.10.0

requests-oauthlib 0.4.2 -> 0.7.0

0.7.0

0.6.2

0.6.1

Special Note About `ServiceAccountCredentials`: