https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215651
Vladimir Krstulja <vlad-fbsd at acheronmedia.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |merge-quarterly?
CC| |python at FreeBSD.org
Severity|Affects Only Me |Affects Some People
Keywords| |needs-qa
--- Comment #4 from Vladimir Krstulja <vlad-fbsd at acheronmedia.com> ---
Uh, wait. If Jinja2 >= 2.9 uses async, then 2.8.1 is still py3 compliant. We're
using 2.8.1 in production with Python 3.5 (pip installed in virtualenv, tho',
it's one of few packages we haven't yet switched to ports) and there's no
problem, at least not to our use case (main HTML/XML renderer for a rather
large flask web app).
As for update from 2.8 to 2.8.1, I'm adding merge-quarterly request, these are
the changes:
(bugfix release, released on December 29th 2016)
- Fixed the `for_qs` flag for `urlencode`.
- Fixed regression when applying `int` to non-string values.
- SECURITY: if the sandbox mode is used format expressions are now sandboxed
with the same rules as in Jinja. This solves various information leakage
problems that can occur with format strings.
* https://github.com/pallets/jinja/blob/master/CHANGES
Please revise the change and leave Python3 support for 2.8.1.
--
You are receiving this mail because:
You are on the CC list for the bug.