Skip to content

Commit

Permalink
Update constraints, prepare 5.2.10.2
Browse files Browse the repository at this point in the history
  • Loading branch information
mauritsvanrees committed Dec 21, 2022
1 parent f3453dd commit cb7c053
Show file tree
Hide file tree
Showing 3 changed files with 80 additions and 79 deletions.
22 changes: 14 additions & 8 deletions release/RELEASE-NOTES.md
Original file line number Diff line number Diff line change
@@ -1,22 +1,28 @@
# Release notes for Plone 5.2.10.1
# Release notes for Plone 5.2.10.2

* Released: Monday December 19, 2022
* Released: Wednesday December 21, 2022
* Check the [release schedule](https://plone.org/download/release-schedule).
* Read the [upgrade guide](https://5.docs.plone.org/manage/upgrading/version_specific_migration/upgrade_to_52.html), explaining the biggest changes compared to 5.1.
* Canonical place for these [release notes](https://dist.plone.org/release/5.2.10.1/RELEASE-NOTES.md) and the full [packages changelog](https://dist.plone.org/release/5.2.10.1/changelog.txt).
* Canonical place for these [release notes](https://dist.plone.org/release/5.2.10.2/RELEASE-NOTES.md) and the full [packages changelog](https://dist.plone.org/release/5.2.10.2/changelog.txt).

For technical wizards who want to jump straight in, here are two important links:

* With pip you can use the constraints file at [https://dist.plone.org/release/5.2.10.1/constraints.txt](https://dist.plone.org/release/5.2.10.1/constraints.txt)
* With Buildout you can use the versions file at [https://dist.plone.org/release/5.2.10.1/versions.cfg](https://dist.plone.org/release/5.2.10.1/versions.cfg).
* With pip you can use the constraints file at [https://dist.plone.org/release/5.2.10.2/constraints.txt](https://dist.plone.org/release/5.2.10.2/constraints.txt)
* With Buildout you can use the versions file at [https://dist.plone.org/release/5.2.10.2/versions.cfg](https://dist.plone.org/release/5.2.10.2/versions.cfg).


## Highlights

Major changes since 5.2.10:
Major changes since 5.2.10.1:

* Zope: Security fix for a Cross Site Scripting vulnerability. See [announcement](https://community.plone.org/t/zope-4-8-4-and-5-7-1-released/15992). The security fix is in Zope 4.8.4, but there were a few regressions, so we use 4.8.6.
* plone.protect: fix test that failed after the security fix.
* `plone.app.blocks`: Fix regression after Zope security fix. The `layout_view` was rendered as plain text instead of html.
Note that this is not used by core Plone, but is in use by several tile-related ecosystem packages, for example Mosaic.

* Zope: revert updates to dependency package versions.

* Plone 5.2.10 extends the versions.cfg or constraints from Zope 4.8.3.
* Plone 5.2.10.1 extends the versions.cfg or constraints from Zope 4.8.6. This has the security fix and related regression fixes, plus lots of dependency package updates. This includes a Datetime update which can cause problems on Python 2. There may be other problems that we have not seen yet.
* Plone 5.2.10.2 now extends the versions.cfg or constraints from Zope 4.8.3, and only overrides the Zope version pin to 4.8.6. So you have the security fix and related regression fixes, but keep the dependency package versions the same as originally.


## Python compatibility
Expand Down
21 changes: 10 additions & 11 deletions release/changelog.txt
Original file line number Diff line number Diff line change
@@ -1,16 +1,15 @@
Zope: 4.8.34.8.6
-------------------
plone.app.blocks: 5.2.05.2.1
-------------------------------

Security fix for a Cross Site Scripting vulnerability.
See https://community.plone.org/t/zope-4-8-4-and-5-7-1-released/15992
- Fix ``layout_view`` and ``tile_layout_view`` to work with the Zope security fix.
Needed when you use Plone 5.2.10.1 or Plone 6.0.0.1.
Fixes `issue 101 <https://github.com/plone/plone.app.blocks/issues/101>_`.
[maurits]


plone.protect: 4.1.6 → 4.1.8
----------------------------
plone.app.caching: 2.1.0 → 2.1.1
--------------------------------
Bug fixes:

- Testing: explicitly set response content type header to html. [jeromeperrin] (#97)

- Add missing z3c.zcmlhook dependency. [icemac] (#96)

- Fix tests to work with the Zope security fix.
[maurits] (#106)

116 changes: 56 additions & 60 deletions release/constraints.txt
Original file line number Diff line number Diff line change
@@ -1,16 +1,15 @@
AccessControl==4.3
Acquisition==4.13
Acquisition==4.10
AuthEncoding==4.3
BTrees==4.11.3
BTrees==4.10.0
Babel==2.9.1; python_version < "3.0"
Babel==2.11.0; python_version >= "3.0"
Chameleon==3.9.1; python_version < "3.0"
Chameleon==3.10.1; python_version >= "3.0"
DateTime==4.8
Babel==2.10.1; python_version >= "3.0"
Chameleon==3.9.1
DateTime==4.4
Deprecated==1.2.13
DocumentTemplate==3.4; python_version < "3.0"
DocumentTemplate==4.1; python_version >= "3.0"
ExtensionClass==4.9
DocumentTemplate==4; python_version >= "3.0"
ExtensionClass==4.6
FormEncode==1.3.1; python_version < "3.0"
FormEncode==2.0.1; python_version >= "3.0"
Genshi==0.7.7
Expand All @@ -19,16 +18,15 @@ Jinja2==2.11.3; python_version < "3.0"
Jinja2==3.1.2; python_version >= "3.0"
MarkupSafe==1.1.1; python_version < "3.0"
MarkupSafe==2.1.1; python_version >= "3.0"
Missing==4.2
Missing==4.1
MultiMapping==4.1
Paste==3.5.2
PasteDeploy==2.1.1; python_version < "3.0"
PasteDeploy==3.0.1; python_version >= "3.0"
Persistence==3.6
Paste==3.5.0
PasteDeploy==2.1.1
Persistence==3.3
Plone==5.2.10
Products.ATContentTypes==3.0.7; python_version < "3.0"
Products.Archetypes==1.16.6; python_version < "3.0"
Products.BTreeFolder2==4.4
Products.BTreeFolder2==4.3
Products.CMFCore==2.6.0
Products.CMFDiffTool==3.3.3
Products.CMFDynamicViewFTI==6.0.3
Expand Down Expand Up @@ -74,8 +72,8 @@ PyGithub==1.45; python_version < "3.0"
PyGithub==1.47; python_version >= "3.0"
PyYAML==5.3.1
Pygments==2.5.2; python_version < "3.0"
Pygments==2.13.0; python_version >= "3.0"
Record==3.6
Pygments==2.12.0; python_version >= "3.0"
Record==3.5
RestrictedPython==5.2
SecretStorage==2.3.1; python_version < "3.0"
SecretStorage==3.1.2; python_version >= "3.0"
Expand All @@ -85,9 +83,9 @@ WSGIProxy2==0.5.1; python_version >= "3.0"
WebOb==1.8.7
WebTest==2.0.35; python_version < "3.0"
WebTest==3.0.0; python_version >= "3.0"
ZConfig==3.6.1
ZConfig==3.6.0
ZEO==5.3.0
ZODB==5.8.0
ZODB==5.7.0
ZODB3==3.11.0
ZServer==4.0.2; python_version < "3.0"
Zope==4.8.6
Expand Down Expand Up @@ -117,10 +115,9 @@ cachecontrol==0.12.11; python_version >= "3.0"
cached-property==1.5.2
calmjs.parse==1.2.5
certifi==2020.4.5.1; python_version < "3.0"
certifi==2022.12.7; python_version >= "3.0"
cffi==1.15.1
chardet==4.0.0; python_version < "3.0"
chardet==5.1.0; python_version >= "3.0"
certifi==2021.10.8; python_version >= "3.0"
cffi==1.15.0
chardet==4.0.0
check-manifest==0.41; python_version < "3.0"
check-manifest==0.45; python_version >= "3.0"
click==7.1.2
Expand Down Expand Up @@ -159,7 +156,7 @@ filelock==3.8.0; python_version >= "3.0"
five.customerize==2.1.0
five.globalrequest==99.1
five.intid==1.2.6
five.localsitemanager==3.4
five.localsitemanager==3.3
freezegun==0.3.15
funcsigs==1.0.2
functools32==3.2.3.post2; python_version < "3.0"
Expand All @@ -172,8 +169,8 @@ httplib2==0.18.1
i18ndude==5.5.0
icalendar==4.1.0
idna==2.10; python_version < "3.0"
idna==3.4; python_version >= "3.0"
imagesize==1.4.1
idna==3.3; python_version >= "3.0"
imagesize==1.3.0
importlib-metadata==0.23
importlib-resources==3.3.1
incremental==17.5.0
Expand Down Expand Up @@ -206,14 +203,14 @@ oauthlib==3.1.1; python_version >= "3.0"
olefile==0.46
ordereddict==1.1
packaging==20.9; python_version < "3.0"
packaging==22.0; python_version >= "3.0"
packaging==21.3; python_version >= "3.0"
pathlib==1.0.1
pathlib2==2.3.7.post1
pathtools==0.1.2
pbr==5.11.0
pbr==5.9.0
pdbpp==0.10.3
pep517==0.9.1
persistent==4.9.3
persistent==4.9.0
piexif==1.1.3
pillow==6.2.2
pip==20.3.4; python_version < "3.0"
Expand All @@ -222,8 +219,8 @@ platformdirs==2.0.2
plone.alterego==1.1.5
plone.api==1.11.1
plone.app.blob==1.8.2; python_version < "3.0"
plone.app.blocks==5.2.0
plone.app.caching==2.1.0
plone.app.blocks==5.2.1
plone.app.caching==2.1.1
plone.app.collection==1.2.8; python_version < "3.0"
plone.app.content==3.8.9
plone.app.contentlisting==2.0.8
Expand Down Expand Up @@ -347,12 +344,11 @@ pyrsistent==0.15.7
pyscss==1.3.7
python-dateutil==2.8.2
python-dotenv==0.15.0
python-gettext==4.1
pytz==2022.6
python-gettext==4.0
pytz==2022.1
readme-renderer==28.0
repoze.xmliter==0.6.1
requests==2.27.1; python_version < "3.0"
requests==2.28.1; python_version >= "3.0"
requests==2.27.1
requests-toolbelt==0.9.1
robotframework==3.1.2
robotframework-debuglibrary==1.2.1
Expand All @@ -376,7 +372,7 @@ snowballstemmer==2.2.0
soupsieve==1.9.6; python_version < "3.0"
soupsieve==2.3.2.post1; python_version >= "3.0"
sourcecodegen==0.6.14; python_version < "3.0"
sphinx-rtd-theme==1.1.1
sphinx-rtd-theme==1.0.0
stdlib-list==0.6.0
tempstorage==5.2
testresources==2.0.1
Expand All @@ -390,7 +386,7 @@ twine==1.15.0; python_version < "3.0"
twine==3.1.1; python_version >= "3.0"
typing==3.10.0.0; python_version < "3.0"
unidecode==0.04.1
urllib3==1.26.13
urllib3==1.26.9
virtualenv==20.14.1
wadllib==1.3.6
waitress==1.4.4; python_version < "3.0"
Expand Down Expand Up @@ -427,28 +423,28 @@ zc.recipe.testrunner==2.2
zc.relation==1.1.post2
zc.relationship==2.0.post1
zc.sourcefactory==1.1
zdaemon==4.4
zdaemon==4.3
zest.pocompile==1.5.0
zest.releaser==6.22.2
zestreleaser.towncrier==1.2.0
zipp==1.1.1
zodbpickle==2.6
zodbpickle==2.3
zodbupdate==1.5
zodbverify==1.2.0
zope.annotation==4.8
zope.annotation==4.7.0
zope.app.intid==3.7.1
zope.app.locales==4.1
zope.browser==2.4
zope.browsermenu==4.4
zope.browserpage==4.4.0
zope.browserresource==4.4
zope.cachedescriptors==4.4
zope.cachedescriptors==4.3.1
zope.component==4.6.2
zope.componentvocabulary==2.3.0
zope.configuration==4.4.1
zope.container==4.10
zope.container==4.5.0
zope.contentprovider==4.2.1
zope.contenttype==4.6
zope.contenttype==4.5.0
zope.copy==4.2
zope.copypastemove==4.1.0
zope.datetime==4.3.0
Expand All @@ -457,42 +453,42 @@ zope.deprecation==4.4.0
zope.dottedname==4.3; python_version < "3.0"
zope.dottedname==5.0; python_version >= "3.0"
zope.dublincore==4.2.0
zope.event==4.6
zope.exceptions==4.6
zope.event==4.5.0
zope.exceptions==4.5
zope.filerepresentation==5.0.0
zope.formlib==5.0.1
zope.globalrequest==1.6
zope.hookable==5.4
zope.globalrequest==1.5
zope.hookable==5.1.0
zope.i18n==4.9.0
zope.i18nmessageid==5.1.1
zope.interface==5.5.2
zope.i18nmessageid==5.0.1
zope.interface==5.4.0
zope.intid==4.3.0
zope.keyreference==4.2.0
zope.lifecycleevent==4.4
zope.location==4.3
zope.location==4.2
zope.mkzeoinstance==4.1
zope.pagetemplate==4.6.0
zope.password==4.3.1
zope.processlifetime==2.4
zope.proxy==4.6.1
zope.processlifetime==2.3.0
zope.proxy==4.5.0
zope.ptresource==4.3.0
zope.publisher==6.1.0
zope.ramcache==2.4
zope.schema==6.2.1
zope.security==5.8
zope.sendmail==5.3
zope.schema==6.2.0
zope.security==5.3
zope.sendmail==5.2
zope.sequencesort==4.2
zope.site==4.6.1
zope.size==4.4
zope.site==4.5.0
zope.size==4.3
zope.structuredtext==4.4
zope.tal==4.5
zope.tales==5.2
zope.tales==5.1
zope.testbrowser==5.6.1
zope.testing==4.10
zope.testrunner==5.6
zope.testrunner==5.4.0
zope.traversing==4.4.1
zope.viewlet==4.3
charset-normalizer==2.1.1; python_version >= "3.0"
charset-normalizer==2.0.12; python_version >= "3.0"
jeepney==0.4.3; python_version >= "3.0"
sgmllib3k==1.0.0; python_version >= "3.0"
sphinxcontrib-applehelp==1.0.2; python_version >= "3.0"
Expand All @@ -502,4 +498,4 @@ sphinxcontrib-jsmath==1.0.1; python_version >= "3.0"
sphinxcontrib-qthelp==1.0.3; python_version >= "3.0"
sphinxcontrib-serializinghtml==1.1.5; python_version >= "3.0"
sphinxcontrib-websupport==1.2.4; python_version >= "3.0"
typing-extensions==4.4.0; python_version >= "3.0"
typing-extensions==4.1.1; python_version >= "3.0"

0 comments on commit cb7c053

Please sign in to comment.