docs: Add release notes for 6.3

58b5b60d · Ben Darnell · 3e96c7cb · 58b5b60d · 58b5b60d · 58b5b60d
Showing with 109 addition and 0 deletion

docs/conf.py docs/conf.py +1 -0

docs/releases.rst docs/releases.rst +1 -0

docs/releases/v6.2.0.rst docs/releases/v6.2.0.rst +4 -0

docs/releases/v6.3.0.rst docs/releases/v6.3.0.rst +103 -0

未找到文件。
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -129,6 +129,7 @@ missing_references = {
    "tornado.ioloop._S",
    "tornado.ioloop._T",
    "tornado.ioloop._Selectable",
+    "tornado.iostream._IOStreamType",
    "tornado.locks._ReleasingContextManager",
    "tornado.queues._T",
    "tornado.options._Mockable",

--- a/docs/releases.rst
+++ b/docs/releases.rst
@@ -4,6 +4,7 @@ Release notes
 .. toctree::
   :maxdepth: 2

+   releases/v6.3.0
   releases/v6.2.0
   releases/v6.1.0
   releases/v6.0.4

--- a/docs/releases/v6.2.0.rst
+++ b/docs/releases/v6.2.0.rst
@@ -7,6 +7,10 @@ Jul 3, 2022
 Deprecation notice
 ~~~~~~~~~~~~~~~~~~

+- April 2023 update: Python 3.12 reversed some of the changes described below.
+  In Tornado 6.3, `.AsyncTestCase`, `.AsyncHTTPTestCase`, and the behavior
+  of the `.IOLoop` constructor related to the ``make_current`` parameter
+  are no longer deprecated. 
 - Python 3.10 has begun the process of significant changes to the APIs for
  managing the event loop. Calls to methods such as `asyncio.get_event_loop` may
  now raise `DeprecationWarning` if no event loop is running. This has

--- a/docs/releases/v6.3.0.rst
+++ b/docs/releases/v6.3.0.rst
+What's new in Tornado 6.3.0
+===========================
+
+In progress
+-----------
+
+Highlights
+~~~~~~~~~~
+
+- The new `.Application` setting ``xsrf_cookie_name`` can now be used to
+  take advantage of the ``__Host`` cookie prefix for improved security.
+  To use it, add ``{"xsrf_cookie_name": "__Host-xsrf", "xsrf_cookie_kwargs": 
+  {"secure": True}}`` to your `.Application` settings. Note that this feature
+  currently only works when HTTPS is used.
+- `.WSGIContainer` now supports running the application in a ``ThreadPoolExecutor`` so
+  the event loop is no longer blocked.
+- `.AsyncTestCase` and `.AsyncHTTPTestCase`, which were deprecated in Tornado 6.2,
+  are no longer deprecated.
+- WebSockets are now much faster at receiving large messages split into many
+  fragments.
+
+General changes
+~~~~~~~~~~~~~~~
+
+- Python 3.7 is no longer supported; the minimum supported Python version is 3.8.
+  Python 3.12 is now supported.
+- To avoid spurious deprecation warnings, users of Python 3.10 should upgrade
+  to at least version 3.10.9, and users of Python 3.11 should upgrade to at least
+  version 3.11.1. 
+- Tornado submodules are now imported automatically on demand. This means it is
+  now possible to use a single ``import tornado`` statement and refer to objects
+  in submodules such as `tornado.web.RequestHandler`. Note that this automatic
+  import is not currently compatible with type checkers such as mypy, so users
+  of these tools may still wish to import the submodules explicitly.
+
+Deprecation notices
+~~~~~~~~~~~~~~~~~~~
+
+- In Tornado 7.0, `tornado.testing.ExpectLog` will match ``WARNING``
+  and above regardless of the current logging configuration, unless the
+  ``level`` argument is used.
+- `.RequestHandler.get_secure_cookie` is now a deprecated alias for
+  `.RequestHandler.get_signed_cookie`. `.RequestHandler.set_secure_cookie`
+  is now a deprecated alias for `.RequestHandler.set_signed_cookie`.
+- `.RequestHandler.clear_all_cookies` is deprecated. No direct replacement
+  is provided; `.RequestHandler.clear_cookie` should be used on individual
+  cookies.
+- Calling the `.IOLoop` constructor without a ``make_current`` argument, which was
+  deprecated in Tornado 6.2, is no longer deprecated.
+- `.AsyncTestCase` and `.AsyncHTTPTestCase`, which were deprecated in Tornado 6.2,
+  are no longer deprecated.
+- `.AsyncTestCase.get_new_ioloop` is deprecated. 
+
+``tornado.auth``
+~~~~~~~~~~~~~~~~
+
+- New method `.GoogleOAuth2Mixin.get_google_oauth_settings` can now be overridden
+  to get credentials from a source other than the `.Application` settings.
+
+``tornado.gen``
+~~~~~~~~~~~~~~~
+
+- `contextvars` now work properly when a ``@gen.coroutine`` calls a native coroutine.
+
+``tornado.options``
+~~~~~~~~~~~~~~~~~~~
+
+- `~.OptionParser.parse_config_file` now recognizes single comma-separated strings (in addition to
+  lists of strings) for options with ``multiple=True``.
+
+``tornado.web``
+~~~~~~~~~~~~~~~
+
+- New `.Application` setting ``xsrf_cookie_name`` can be used to change the
+  name of the XSRF cookie. This is most useful to take advantage of the
+  ``__Host-`` cookie prefix. 
+- `.RequestHandler.get_secure_cookie` and `.RequestHandler.set_secure_cookie`
+  (and related methods and attributes) have been renamed to
+  `~.RequestHandler.get_signed_cookie` and `~.RequestHandler.set_signed_cookie`.
+  This makes it more explicit what kind of security is provided, and avoids
+  confusion with the ``Secure`` cookie attribute and ``__Secure-`` cookie prefix.
+  The old names remain supported as deprecated aliases.
+- `.RequestHandler.clear_cookie` now accepts all keyword arguments accepted by
+  `~.RequestHandler.set_cookie`. In some cases clearing a cookie requires certain
+  arguments to be passed the same way in which it was set. 
+- `.RequestHandler.clear_all_cookies` now accepts additional keyword arguments
+  for the same reason as ``clear_cookie``. However, since the requirements
+  for additional arguments mean that it cannot reliably clear all cookies,
+  this method is now deprecated.
+
+
+``tornado.websocket``
+~~~~~~~~~~~~~~~~~~~~~
+
+- It is now much faster (no longer quadratic) to receive large messages that
+  have been split into many fragments.
+- `.WebSocketClientConnection` now accepts a ``resolver`` parameter.
+
+``tornado.wsgi``
+~~~~~~~~~~~~~~~~
+
+- `.WSGIContainer` now accepts an ``executor`` parameter which can be used
+  to run the WSGI application on a thread pool. 
\ No newline at end of file