Plone 4.3.8 soft-released

Development
1

Plone 4.3.8 has been soft-released. Please give it a try and let me know if there are any critical issues. http://dist.plone.org/release/4.3.8-pending/versions.cfg

For those who haven't run across soft-releases before, this is the
last step before the final release. Because things haven't been
finalized yet, some packages may change between now and the release. It
is not recommended to use soft-releases in production.

Eric

Changelog

setuptools: 0.6c11 → 20.1.1

plone.recipe.zope2instance: 4.2.18 → 4.2.19

New:

zest.releaser: 3.43 → 6.6.2

plone.app.robotframework: 0.9.9 → 0.9.15

Fixes:

  • Do not require argparse, decorator, and simplejson in Python 2.7,
    only lower. [maurits]

  • Replace import of zope.testing.testrunner with zope.testrunner.
    [thet]

  • With lazy sandbox-server shutdown, let test layers to declare themselves
    dirty and force sandbox rebuild when required
    [datakurre]

  • Fix PloneRobotFixture to know its deployment state and declare itself
    dirty when required for lazy sandbox-server shutdown support
    [datakurre]

  • Add support for lazy sandbox-server (Zope2Server) shutdown with
    pybot --listener plone.app.framework.server.LazyStop or with
    Sphinx extension plone.app.robotframeworks.server to allow
    sequential Sphinx documents to share the same server for screenshots
    generation
    [datakurre]

  • Fix CSRF errors on content creation keywords
    [vangheem]

  • Fix issue where 'use_email_as_login' was not found in registry
    [datakurre]

  • Fix selenium2library link in documentation
    [gotcha]

  • Inline sample robot code for mentioned example into docs
    [pjoshi]

  • Update good known versions.
    [gotcha]

  • "Create content" keyword fix: creation of random images in ATCT did not
    work when dexterity was installed.
    [gotcha]

repoze.xmliter: 0.5 → 0.6

  • Python 3 compatibility
    [Lennart Regebro]

WebOb: 1.0.8 → 1.4.1

Plone: 4.3.7 → 4.3.8

  • Release Plone 4.3.8
    [esteele

Products.ATContentTypes: 2.1.16 → 2.1.18

Fixes:

  • Backport CSRF fixes.
    [vangheem] [gforcada]

  • Tests: use POST for discussion_reply.
    [maurits]

Products.CMFDiffTool: 2.1.1 → 2.1.2

  • Added collective.testcaselayer to test requirements.
    [maurits]

Products.CMFEditions: 2.2.16 → 2.2.19

Fixes:

  • Fixed sometimes failing test. [maurits]

  • Removed executable bit from various files. And do a quick release,
    as on a test server the previous release was somehow missing a file.
    [maurits]

  • Made storage statistics test more robust.
    See https://github.com/plone/Products.CMFEditions/issues/31
    [tschorr]

Products.CMFPlacefulWorkflow: 1.5.11 → 1.5.13

Fixes:

  • Ignore the Topic content type, since it may not be available if
    plone.app.collection is installed
    [cdw9]

  • Fixed test after new default dependency strategy for GenericSetup.
    [pbauer]

Products.CMFPlone: 4.3.7 → 4.3.8c1

Fixes:

  • Add dl.portalMessage.warning to common_content_filter in popupforms.js so
    warnings get also pulled into the popup. [pcdummy]

  • Disabled CSRF protection on site creation form and upgrade form. [maurits]

  • When migration fails, do not upgrade addons or recatalog or
    update roles.
    [maurits]

  • Let plone-final import step also depend on the workflow step.
    Otherwise the plone-final step installs plone.app.discussion with an
    extra workflow, and then our own workflow step throws it away again.
    Closes #1041_.
    [maurits]

  • Purge profile upgrade versions from portal_setup when applying our
    default CMFPlone:plone profile. This signals that nothing has been
    installed yet, so depencies will get reapplied instead of possibly
    upgraded. This could cause problems mostly in tests. Closes
    #1041_.
    [maurits]

  • Add syndication for plone.app.contenttypes collections.
    [do3cc]

  • Add CSRF authenticator in createObject script
    [ebrehault]

  • Let set_own_login_name use the update(Own)LoginName method from PAS.
    Part of PLIP 13419.
    [maurits]

Products.CMFQuickInstallerTool: 3.0.12 → 3.0.13

New:

  • Use unsetLastVersionForProfile from Products.GenericSetup 1.8.1.
    [maurits]

Products.GenericSetup: 1.7.7 → 1.8.2

  • Added optional pre_handler and post_handler to
    registerProfile directive. When set, these dotted names are
    resolved to a function and are passed the setup tool as single
    argument. They are called before and after applying all import
    steps of the profile they are registered for. [maurits]

  • Sorted import profiles alphabetically lowercase. Allow selecting a
    profile by title or id. [maurits]

  • Do not show dependency options on the full import tab when there are
    no dependencies. [maurits]

  • Do not select a profile by default in the import tabs. [maurits]

  • Added simple toggle for all steps on the advanced import tab.
    Also added this on the export tab.
    [maurits]

  • Fixed importing a tarball. This got an AttributeError: "'NoneType'
    object has no attribute 'startswith'".
    [maurits]

  • Split overly complex Import tab into three tabs: Import (for
    importing a full profile), Advanced Import (the original
    manage_importSteps url leads to this tab), and Tarball Import.
    [maurits]

  • Show note on import tab when there are pending upgrades. Especially
    show this for the currently selected profile.
    [maurits]

  • Upgrades tab: show profiles with pending upgrades separately. These
    are the most important ones. This avoids the need to manually go
    through the whole list in order to find profiles that may need
    action. This uses new methods on the setup tool:
    hasPendingUpgrades, listProfilesWithPendingUpgrades,
    listUptodateProfiles.
    [maurits]

  • Purge the profile upgrade versions before applying a base profile.

  • Added purgeProfileVersions method to portal_setup. This
    removes the all profiles profile upgrade versions.

  • Added unsetLastVersionForProfile method to portal_setup. This
    removes the profile id from the profile upgrade versions. Calling
    setLastVersionForProfile with unknown as version now has the
    same effect.

  • Be more forgiving when dealing with profile ids with or without
    profile- at the start. All functions that accept a profile id
    argument and only work when the id does not have this string at
    the start, will now strip it off if it is there. For example,
    getLastVersionForProfile will give the same answer whether you
    ask it for the version of profile id foo or profile-foo.

  • Dependency profiles from metadata.xml that are already applied,
    are not applied again. Instead, its upgrade steps, if any, are
    applied. In code you can choose the old behavior of always applying
    the dependencies, by calling runAllImportStepsFromProfile with
    dependency_strategy=DEPENDENCY_STRATEGY_REAPPLY. There are four
    strategies, which you can choose in the ZMI.

Products.PlonePAS: 4.1.5 → 5.0.9

Products.PluggableAuthService: 1.10.0 → 1.11.0

  • Add new event to be able to notify group deletion.

  • Fix usage of os.path.split(). Could result in Errors during import
    on Windows.

Products.PluginRegistry: 1.3 → 1.4

  • Fix usage of os.path.split(). Could result in Errors during import
    on Windows.

Products.PortalTransforms: 2.1.10 → 2.1.11

Fixes:

  • Fix output of TransformTest to not contain binary in case of failure. This
    broke the test result parser.
    [jensens]

  • cleanup: autopep8, isort sorted imports, utf8 header, security decorators,
    zca decorators, minor manual edits
    [jensens]

Products.TinyMCE: 1.3.14 → 1.3.18

Fixes:

  • Fixed bug where the plonebrowser dialog wouldn't properly populate the
    anchors if the HTML5 schema was used.
    [msom]

  • Show the anchor dropdown for internal links again if it was empty once.
    [msom]

  • Change default search method and results order used when searching for content on internal links.
    Now we search by Title (as it is faster than SearchableText) and return results sorted by relevance instead of sortable_title.
    [hvelarde]

  • Fixed bug where the plonebrowser dialog wouldn't properly populate the
    anchors if the HTML5 schema was used.
    [msom]

  • Let upload adapter check permissions
    [tschorr]

  • fix path expression in wysiwyg_support;
    plone.app.z3cform support for collective.ckeditor where
    ckeditor_wysiwyg_support is a view rather than a skin

  • Fixed dexterity upload file from plonebrowser using tinymce-upload
    view when uploading to a dexterity plone.app.contenttypes. default
    file or image.
    [sneridagh]

archetypes.referencebrowserwidget: 2.5.4 → 2.5.7

Fixes:

  • Fixed to work with Plone 5. [vangheem]

  • Updated to work with new plone.batching pagination selector as
    well as with old one. [thet]

  • Do not fail if a level of the path we are adding the object using
    the ReferenceBrowser widget is not accessible by the current user.
    [gbastien]

  • Show elements that the reader has no access to as "Undisclosed" instead of
    throwing Unauthorized.
    [pbauer]

diazo: 1.0.6 → 1.1.3

Fixes:

  • Fixed tests on Python 2.6.
    [maurits]

  • Allow inline content for after and before.
    [ebrehault]

  • Fixed issue with remote themes via https connections
    [loechel]

  • Make flake8 happy by moving imports to top of file.
    [elro]

  • Python 3 support.
    [regebro, elro]

plone.app.blob: 1.5.16 → 1.5.17

Fixes:

  • Made catalog migration test clearer in case of failure. [maurits]

plone.app.contentrules: 3.0.8 → 3.0.9

Fixes:

  • CSRF fix: safe write on read.
    [gforcada]

plone.app.dexterity: 2.0.16 → 2.0.17

Fixes:

  • Avoid re-adding the UUID on an upgrade step.
    [gforcada]

plone.app.discussion: 2.2.15 → 2.2.16

Fixes:

  • Fixed possible test failure by not overriding an existing user. [maurits]

plone.app.folder: 1.1.0 → 1.1.2

New:

  • Use registry lookup for types_use_view_action_in_listings.
    [esteele]

Fixes:

  • Reverted to Plone 4 way of looking up types_use_view_action_in_listings.
    [maurits]

  • Fixed test in combination with Products.BTreeFolder2 2.13.4 and
    higher.
    [maurits]

plone.app.form: 2.2.6 → 2.2.7

  • More context for WYSIWYG editor
    [gotcha]

plone.app.imaging: 1.0.11 → 1.0.13

New:

  • add item here

Fixes:

  • Disable csrf protection when scale is generated and traversed to.
    [vangheem]

  • Fixed incompatibilities with five.pt and chameleon (closes #16_).
    [rodfersou, maurits]

  • Fixed 404 NotFound error when accessing image scales via webdav.
    [maurits]

plone.app.iterate: 2.1.13 → 2.1.14

Fixes:

  • Keep the default page setting when checking in a document.
    [maurits]

plone.app.layout: 2.3.13 → 2.3.14

Fixes:

  • Fixed possible test failure by not comparing member objects, but
    member ids and user names. [maurits]

plone.app.linkintegrity: 1.5.6 → 1.5.8

New:

  • add item here

Fixes:

  • add item here

  • make handler.findObject() work when the webserver rewrites the portal name
    [tschorr]

  • Make import from Dexterity conditional. Fixes #29.
    [pbauer]

plone.app.locales: 4.3.7 → 4.3.10

  • Fix vietnamese error in label_filed_under message.

  • Include messages from plone.formwidget.namedfile, plone.formwidget.datetime,
    plone.formwidget.contenttree which now use the plone domain.

  • Updated pt-BR translations.
    [idgserpro]

  • Add 46 new messages extracted mainly from zcml files.

  • Really include plone.protect messages, the previous release didn't include
    them.

  • Update Spanish translation and glossary of terms

  • Include plone.protect messages

plone.app.querystring: 1.2.7 → 1.2.9

Fixes:

  • Fixed flake8 warnings.
    [maurits]

  • Updated compatibility information in README.
    [maurits]

  • Fixed Sortable Indexes to not return ZCTextIndex type indexes.
    [winstonf88]

plone.app.upgrade: 1.3.18 → 1.3.21

New:

  • Registry upgrades for Plone 5.0.3
    [vangheem]

  • Hidden the v50 module from the installable products, just like our
    other modules. [maurits]

  • reapply profile for site-controlpanel
    plone/Products.CMFPlone#124
    [fgrcon]

  • extended step to501 to recreate metadata for getIcon, see
    plone/Products.CMFPlone#1226, #58, #60, #61
    [fgrcon, gagaro, jensens]

  • Removed fake kupu tool and related settings and resources.
    [maurits]

  • Cleanup the skins tool.
    [maurits]

  • Cleanup uninstalled products. Remove uninstalled products from QI
    and mark their installed profile version as unknown.
    [maurits]

  • If non installable profiles (really: hidden profiles) have been
    installed in GS, mark their products as installed in the QI. This
    does not work when also that product is marked as non installable,
    because in normal operation (outside of plone.app.upgrade) this does
    not happen either.
    [maurits]

  • Unmark installed profiles that are no longer available.
    [maurits]

Fixes:

  • Use unsetLastVersionForProfile from GenericSetup 1.8.1 and
    higher. [maurits]

  • Fix cleanUpProductRegistry to not break when Control_Panel cannot be found.
    Fixes test failures with Zope 4.
    [thet]

  • Run missing upgrade-step of plone.app.querystring when upgrading to 5.0.2.
    [pbauer]

  • Fixed removal of Large Plone Folder when migrating from Plone 3.
    [maurits]

plone.app.users: 1.2.2 → 1.2.4

Fixes:

  • Fixed possible test failure by opening a file in a standard way
    instead of via pkg_resources. [maurits]

  • Fixed changelog. 1.2.2 was already released in June, but the commit
    did not make it to github.
    [maurits]

  • Added more tests in password.txt.
    [maurits]

plone.app.viewletmanager: 2.0.8 → 2.0.9

  • Fix manage-viewlets for Plone 5
    [pbauer]

plone.app.vocabularies: 2.1.20 → 2.1.23

Fixes:

  • Restrict Catalog vocabulary to search current Navigation Root unless
    path is specified.
    [alecm]

  • Reverted changes of release 2.1.21 as they are incompatible with
    Plone 4.3. The 2.1.x series will remain compatible with Plone 4.3
    (and 4.1 and 4.2).
    [maurits]

  • Pull available_editors values from the configuration registry.
    [esteele]

plone.autoform: 1.6.1 → 1.6.2

Fixes:

  • Fix test for changed zope.interface comparison method, which
    incorrectly reports two different Interfaces from the same module
    but with empty name as being equal. [thet]

plone.batching: 1.0.5 → 1.0.8

New:

  • Make ellipses stylable and provide more CSS hooks to pagination
    markup. This also deprecates the CSS class listingBar in favor
    of more commonly used pagination, which will be the canonical
    one in Plone 5.0.2 and up. [davilima6]

  • Introduce a "omit_params" option for the make_link method and filter out
    ajax_load by default. When loading the contents with batchnavigation via
    ajax, it doesn't render the links with ajax_load enabled, which would
    probably lead to usability troubles.
    [thet]

Fixes:

  • Fixed missing test in released package.
    [thet]

  • PEP 8, UTF 8 headers, docs cleanup.
    [thet]

plone.behavior: 1.1 → 1.1.1

Fixes:

  • Make doctest comparison more robust against zope.component repr changes.
    [thet]

plone.browserlayer: 2.1.5 → 2.1.6

Fixes:

  • Minor cleanup in order to follow plone code style conventions.
    [jensens]

plone.cachepurging: 1.0.9 → 1.0.11

Fixes:

  • Fixed typo.
    [ale-rt]

  • Changed i18n_domain to "plone".
    [staeff]

plone.contentrules: 2.0.4 → 2.0.5

Fixes:

  • CSRF fix: safe write on read.
    [gforcada]

plone.dexterity: 2.2.4 → 2.2.6

New:

  • Use attribute for DefaultAddForm and DefaultEditForm success message so it can
    be easily customized.
    [cedricmessiant]

Fixes:

  • Sync schema when schema_policy name is changed (issue #44)
    [sgeulette]

plone.formwidget.namedfile: 1.0.13 → 1.0.14

New:

Fixes:

  • Specify doctest encoding and make doctest more robust against formatting changes.
    [thet]

  • Replace deprecated zope.testing.doctestunit import with doctest module from stdlib.
    [thet]

plone.indexer: 1.0.3 → 1.0.4

Fixes:

  • Replace deprecated zope.testing.doctestunit import with doctest
    module from stdlib.
    [thet]

  • Reformat according to the Plone styleguide.
    [thet]

plone.intelligenttext: 2.0.3 → 2.1.0

New:

  • Make compatible with Python 3.
    [davisagli]

Fixes:

  • Minor cleanup (pep8, readability, ReST)
    [jensens]

plone.locking: 2.0.8 → 2.0.9

Fixes:

  • Locks stored on annotations are a safe write on read.
    [gforcada]

plone.memoize: 1.1.1 → 1.1.2

Fixes:

  • Restructure docs.
    [thet]

  • Minor PEP 8.
    [thet]

plone.namedfile: 2.0.9 → 3.0.7

plone.outputfilters: 1.15 → 1.15.1

Fixes:

  • Declared GenericSetup dependencies: our profile depends on
    Products.MimetypesRegistry.
    [do3cc]

plone.portlet.collection: 2.1.8 → 2.1.10

Fixes:

  • Fix 'Select random items' when used with new-style collections
    with more results than the batch size.
    [davisagli]

  • Fixed sometimes failing test due to sorting.
    [maurits]

  • Fixed show_dates test to actually test for a real date.
    [timo, maurits]

plone.portlets: 2.2 → 2.2.2

Fixes:

  • Rerelease to fix problem on test server. [maurits]

  • Do not break in placeless portlet retriever if there is no underlying code
    available for existing portlet assignment.
    [vipod]

  • Prevent possible unicode errors when creating portlet hashes. [wichert]

plone.protect: 2.0.2 → 2.0.3

Fixes:

  • Added token to @@authenticator view. For forward
    compatibility with plone.protect 3. [maurits]

  • Added plone.protect.interfaces.IDisableCSRFProtection from
    plone.protect 3. It has no effect in this version. It is only here
    to avoid having to do conditional imports when you want to disable
    csrf protection that is not actually in this version. [maurits]

plone.registry: 1.0.2 → 1.0.3

Fixes:

  • Replace deprecated zope.testing.doctestunit import with doctest
    module from stdlib.
    [thet]

  • Cleanup: Pep8, utf8 headers, whitespace fixes, readability, ReST-fixes,
    doc-style, etc.
    [jensens]

plone.reload: 2.0 → 2.0.1

Fixes:

  • Minor packaging fixes. [gforcada, maurits]

plone.resource: 1.0.4 → 1.0.5

Fixes:

  • Test fix: clearZCML was removed from zope.component.tests.
    [thet]

  • Cleanup: PEP8, plone-coding conventions, ReST fixes, documentation
    overhaul, et al.
    [jensens]

plone.rfc822: 1.1.1 → 1.1.2

Fixes:

  • Fix test isolation problem.
    [thet]

  • Replace deprecated zope.testing.doctest import with doctest module from stdlib.
    [thet]

plone.scale: 1.3.5 → 1.4.1

plone.subrequest: 1.6.9 → 1.6.11

  • propagate IDisableCSRFProtection interface on subrequest to parent request object
    [vangheem]

  • propagate registered safe writes from plone.protect to parent request object.
    [vangheem]

plone.supermodel: 1.2.6 → 1.2.7

Fixes:

  • Add temporary fix for a test failure within a Zope 4 environment.
    [pbauer]

plone.testing: 4.0.15 → 4.1.1

Fixes:

  • Fix tests for Zope 4, where the app root Control_Panel is not available anymore.
    [thet]

  • Rename all txt doctest files to rst. Reformat doctests.
    [thet]

  • PEP 8.
    [thet]

  • Depend on zope.testrunner, which was moved out from
    zope.testing.testrunner.
    [thet]

  • Add support for Zope 4.
    [thet]

plone.transformchain: 1.0.4 → 1.1.0

New:

  • Require Zope2 >= 2.13.23
    [jensens]

Fixes:

  • PEP8 et al. use zca decorators, ...
    [jensens]

z3c.form: 3.2.4 → 3.2.9

  • Correctly handled noValueToken in RadioWidget. This avoids a
    LookupError: --NOVALUE--. [gaudenz,ale-rt]

  • Added json method for forms and json_data method for
    widgets. [mmilkin]

  • Change javascript for updating ordered select widget hidden structure so it
    works again on IE11 and doesn't send back an empty list that deletes all
    selections on save. Fixes https://github.com/zopefoundation/z3c.form/issues/23
    [fredvd]

  • Started on Dutch translations.
    [maurits]

  • Standardized namespace init. [agroszer]

  • Remove "cannot move farther up/down" messages
    in ordered select widget.
    [esteele]

  • Updated Traditional Chinese translation.
    [l34marr]

  • Fixed warnings in headers of locales files.
    Checked with msgfmt -c.
    [maurits]

  • Added Finnish translation.
    [petri]

  • Added Traditional Chinese translation.
    [l34marr]

  • Fixed error on Python 3: NameError: global name 'basestring' is not
    defined. This fixes a bug introduced in version 3.2.1.
    [maurits]

z3c.formwidget.query: 0.11 → 0.12

collective.js.jqueryui: 1.10.3 → 1.10.4

plone.app.lockingbehavior: 1.0.1 → 1.0.3

plone.app.referenceablebehavior: 0.7.0 → 0.7.4

plone.directives.form: 2.0.1 → 2.0.2

Fixes:

  • Changed i18n_domain to "plone".
    [staeff]

  • Removed unneeded i18n-attribute.
    [staeff]

plone.formwidget.autocomplete: 1.2.8 → 1.2.9

Fixes:

  • Use plone i18n domain
    [staeff]

plone.formwidget.contenttree: 1.0.9 → 1.0.13

New:

  • Translations moved to plone.app.locales in plone domain.
    [staeff]

  • Remove unnecessary test setup.
    [timo]

  • Fix HTML entities in browse button title
    [gaudenz]

  • Implement len for PathSource
    [gaudenz]

  • Add missing test dependency declaration.
    [MatthewWilkes]

  • Add support for providing defaults to contenttrees. This wasn't reliable
    previously as only defaults that were found by the initial query were
    rendered. Now SourceBinders take an optional default or defaultFactory
    argument, in the same format as schema.Choice.
    [MatthewWilkes]

  • Render CSS as link, no css-import. This allows cooking with other
    link rendered css and gives better asynchronous download behavior.
    [thet]

  • Add support for navigating into objects with spaces in their ids
    [MatthewWilkes]

1 Like
2

I have tried it and found no issues.
Thanks!

3

Looks good here when tried on a client project, upgrading from 4.3.6 to 4.3.8.

4

Same for me, upgrade works nicely on client project.

5

a new release Great!

There are 3 packages referring to plone5, should't they be in there own branch?

plone.app.viewletmanager: 2.0.8 → 2.0.9
Fix manage-viewlets for Plone 5

archetypes.referencebrowserwidget: 2.5.4 → 2.5.7
Fixed to work with Plone 5. [vangheem]

plone.app.upgrade: 1.3.18 → 1.3.21
Registry upgrades for Plone 5.0.3

6

No, those package versions can be used just fine on Plone 4.3.
"Fixed for Plone 5" is not the same as "Broken for Plone 4.3". Well, not in these cases anyway. :wink:

7

Builds cleanly with the Unified Installer.

8

@esteele seems that plone.app.imaging is missing a version bump (1.0.14).

9

Sorry for the noise, the release version is fine, I'm just too sleepy :-/

10

Looks good in my tests. But: There is now a folder http://dist.plone.org/release/4.3.8-latest/ that holds the release but no folder http://dist.plone.org/release/4.3.8 and http://dist.plone.org/release/4.3-latest still points to http://dist.plone.org/release/4.3.7.

11

The changelog on https://plone.org/products/plone/releases/4.3.8 has several Docutils System Messages at the bottom.

12

Bah. I messed up renaming that.

Currently sitting at 4.3.8-pending waiting on a potential version conflict:

plone.protect                         = 2.0.3
plone4.csrffixes                      = 1.0.9

But the setup for plone4.csrffixes 1.0.9 pins plone.protect to >=3.0.11

13

I thought that @mauritsvanrees patch was without plone4.csrffixes.

14

Correct. Plone 4.3.8 should ship with plone.protect 2.0.3 by default and without plone4.csrffixes. With 3.x we get lots of test failures. See https://github.com/plone/buildout.coredev/pull/181

The plone4.csrffixes pin is only there as a curtesy for people who use it. We can remove it if we think it will be confusing.

15

I was the one who noticed the version conflict, and I've realized that the buildout that produced it had plone4.csrffixes in the egg list. Sorry about that!

16

Ok. 4.3.8 has been released. Installers are on their way.

1 Like
17

Hi,

the release page still says the release has not been released, yet (I love that). Who am I to believe?