Dancer2 0.204002 is now available, fixes public_dir option, adds plugin convenience

Your early holiday gift from the Dancer Core Team has arrived - Dancer2 0.204002 is on its way to your favorite CPAN mirror. This release provides the following:

  • A fix for public_dir: When using public_dir , Dancer2 now waits for the configuration to be read before deciding where static content should be served from
  • A new plugin helper method, find_plugin(), that lets you import another plugin’s DSL for use in your own custom plugin
  • A variety of documentation fixes and enhancements

Make sure to check out the Dancer Advent Calendar! It features a number of great articles not only from the Dancer Core Team, but a number of our community members too.

The Dancer Core Team would like to thank all of our contributors and community members for another great year. Simply put, you are the reason we keep working hard at Dancer, and we are grateful to have such a great community of users and developers around us. Here’s to a great 2017… Hope you all have a safe and happy holiday season!

Dancer2 0.204001 restores 5.8 support, fixes Test::Perl::Critic dependencies

Dancer2 0.204001 is on its way to a CPAN mirror near you. There are several important updates in this release that are worth noting:

  • Support for Perl 5.8 support has been restored. We used a named capture in a regex in resolving an issue in Dancer2 0.204000 and in the process, made Dancer2 unusable on Perl 5.8. This has been fixed. Thanks veryrusty!

  • Dancer2 0.204000 unintentionally required that Test::Perl::Critic be installed, and that we pass Perl::Critic tests to install properly. This has been reverted. We apologize for the inconvenience.

The full changelog is here:

0.204001  2016-10-17 08:29:00-05:00 America/Chicago

[ BUG FIXES ]
* Restore 5.8 support (fix test which required captures).
  (Russell @veryrusty Jenkins)
* PR #1271: fix wrong regex check against $_ (Mickey Nasriachi)

[ ENHANCEMENTS ]
* GH #1262: Add 'encode_json' and 'decode_json' DSL, which are
  recommended instead of 'to_json' and 'from_json'.
  (Dennis @episodeiv lichtenthäler)

[ DOCUMENTATION ]
* Fix some typos.(Dennis @episodeiv lichtenthäler)
* GH #1031: Remove D2::Core::Context remnants from docs.
  (Sawyer X)

[ PACKAGING ]
* GH #1273: Do not require Test::Perl::Critic to install.
  (Dennis lichtenthäler)

Thanks to Dennis @episodeiv Lichtenthäler for contributing to this release.

Happy Dancing!

Dancer2 0.204000 improves app config, content caching, and dependency management

Fresh off of Perl.Dance 2016 is Dancer2 0.204000. The latest version of Dancer2 is on its way to a CPAN mirror near you.

This version brings some compelling enhancements and features:

  • Improved configuration handling (Jonathan Duff):

You can now create a local version of your configuration files which you then do not need to commit to any repository. If you create a file called config_local.yml, you will have a local config.yml. You can do the same with any configuration file, just change the filename to end with _local.

You can now set the DANCER_CONFIG_EXT environment variable in order to only load configuration files of a particular type (such as JSON). For example: DANCER_CONFIG_EXT=json plackup bin/app.psgi

You can now get some diagnostics information about loaded conifguration files by setting the DANCER_CONFIG_VERBOSE environment variable to a true value.

  • Improved static content caching:

Plack::Middleware::Static does not, out of the box, send a 304 Not Modified status for static resources that have not changed since they were last requested. By using Plack::Middleware::Conditional and Plack::Middleware::ConditionalGET, we were able to improve caching for users without a front-end static proxy (Theo van Hoesel).

  • Dependencies have been moved from dist.ini to cpanfile, allowing developers to use [Carton] (https://metacpan.org/pod/Carton) to easily deploy and run Dancer2 apps entirely from a local or deployment directory.

  • If you want to create a sample application skeleton that uses Template Toolkit-style variable markers ([% %]), you can now do so. App skeletons now use [d2% %2d] for variables that Dancer2 needs to produce new application skeletons. Thanks, Jason Lewis!

  • If you need full control of the evals run by Dancer2 (if, for example, you write an eval frame unrolling code), you can now provide your own code to be run via $EVAL_SHIM. Thanks to Yves Orton (demerphq) for contributing!

  • Numerous bug fixes and documentation improvements.

The full changelog is as follows:

0.204000  2016-10-10 20:56:51-05:00 America/Chicago

[ BUG FIXES ]
* GH #1255: Fix hook overriding in plugin. (Yves Orton)
* GH #1191: Named capture prior to dispatch breaks dispatch.
  (Yves Orton)
* GH #1235: Clean up descriptions for HTTP codes 303 and 305.
  (Yanick Champoux)
* Remove duplicate (and errornous) 451 error message.
  (Sawyer X)
* GH #1116, #1245: Ensure cached Hash::MultiValue parameters are cloned
  into the new request. (Russell @veryrusty Jenkins)
[ ENHANCEMENTS ]
* You can now provide a $EVAL_SHIM to Dancer2::Core::App in order
  to have custom code run on eval{} calls. One example of this
  is to handle proper counting of stack frames when you want to
  unwind/unroll the stack for custom error reporting.
  (Yves Orton)
* Added a cpanfile to allow installing local dependencies with 
  carton. (Mickey Nasriachi)
* GH #1260: Specify optional charset to send_file and send_as
  (Russell @veryrusty Jenkins)
* PR #1162: Change skeleton template tags so skeletons can generate
  applications that use Template Toolkit default tags (Jason Lewis)
* GH #1149: Fix config loading inconsistencies, support local config
  files in addition to standard Dancer conf files (Jonathan Scott Duff)
* PR #1269: Stash decoded body_parameters separately from those 
  in Plack::Request (Russell @veryrusty Jenkins)
* GH #1253: Static middleware should send 304 Not Modified to enable
  intermediate level caching. (Russell @veryrusty Jenkins)
[ DOCUMENTATION ]
* GH #608: Remove extra general COPYRIGHT notice in Tutorial.
  (Sawyer X)
* Simplify upload example. (Alberto Simões, Sawyer X)

Thanks to all the sponsors, attendees, and speakers who participated in this year’s Dancer conference, Perl.Dance 2016. It was another highly successful conference, and we are already looking forward to next year’s gathering. We are currently working on the videos of this year’s talks, and hope to have them uploaded shortly.

If you have any questions, please find us at irc.perl.org#dancer. Happy Dancing!

Dancer2 0.203001 improves speed of apps, fixes missing dependency

Dancer2 0.203001 is on its way to a CPAN mirror near you. It is essentially a maintenance release, with only two minor changes:

  • Class::Load was replaced by Module::Runtime. This will result in a slightly faster execution time for your Dancer2 apps. This had been applied previously, but was erroneously undone by another commit. Thanks to veryrusty for noticing and fixing!

  • The minimum version of List::Util needed by Dancer2 was omitted from 0.203000, causing some headaches for users of older versions of List::Util.

The full changelog follows:

0.203001  2016-09-03 20:59:47-05:00 America/Chicago

[ BUG FIXES ]
* GH #1237: Specify minimum version of List::Util required for pair*
  functionals. (Russell @veryrusty Jenkins)

[ ENHANCEMENTS ]
* PR #1242: Replace Class::Load with Module::Runtime (Russell 
  Jenkins - @veryrusty)

You can always find us at irc.perl.org#dancer if you have any questions.

The Perl Dancer 2016 conference is just a few short weeks away! It’s not too late to attend. Check out the conference website for more information.

Happy Dancing!

Dancer2 0.203000 improves session security, fixes decoding bugs

Dancer2 0.203000 is on its way to a CPAN mirror near you. This version brings some important security improvements and bugfixes:

  • It is considered good security practice to change a session ID whenever any change in privilege level occurs (such as logging into an app). Not only is this a good practice, but it is a requirement of some established security standards. To account for this, a new method, change_session_id() was added to make it easy for developers to issue a new session ID on privilege change.

At some point in the not-too-distant future, session drivers will be required to implement a _change_id() method to support this. In the meantime, Dancer2 will perform the operation for session drivers that lack this method.

Thanks to Ctrl O and InfoSaaS for sponsoring SysPete’s work on this important functionality!

  • An error made it possible for a request to have serialized data that wouldn’t be deserialized into body_parameters if any middleware had previously created a Plack::Request object and parsed the request body. A bugfix by veryrusty forces deserialization of body data even when an existing Plack::Request object has already parsed the request body.

  • A bug introduced in Dancer2 0.200000 was double-decoding deserialized data. This has been fixed.

  • Three functions were introduced for developer convenience: code_mapping(), status_mapping() and all_mappings(). These methods allow your code to access copies of Dancer’s HTTP_CODES table, rather than having to copy the table for your own use. See the docs for Dancer2::Core::HTTP for more information.

  • Several documentation improvements were made by Racke, including documentation of a session’s data() method.

The full changelog is as follows:

0.203000  2016-08-24 22:09:56-05:00 America/Chicago

[ BUG FIXES ]
* GH #1232: Force deserialization of body data even when an existing 
  Plack::Request object has already parsed request body. Don't double
  decode deserialized data. (Russell Jenkins - @veryrusty)

[ ENHANCEMENTS ]
* GH #1195: Add change_session_id() method - both as a good security 
  practice and to comply with other established security standards.
  (Peter Mottram)
* GH #1234: Add convenience functions to access Dancer's HTTP_CODES
  table. (Yanick Champoux)

[ DOCUMENTATION ]
* Fix Typo (Stefan Hornburg - Racke)
* Document $session->data (Stefan Hornburg - Racke)

If you have any questions, please find us at irc.perl.org#dancer.

Just a reminder, the Dancer conference in Vienna, Austria is quickly approaching (it’s just a month away!). If you are interested in attending or giving a talk, please visit the conference website.

Happy Dancing!