Changelog

Version 2.10.3

Released 2019-10-04

  • Fix a typo in Babel entry point in setup.py that was preventinginstallation.

Version 2.10.2

Released 2019-10-04

  • Fix Python 3.7 deprecation warnings.

  • Using range in the sandboxed environment uses xrange onPython 2 to avoid memory use. #933

  • Use Python 3.7’s better traceback support to avoid a core dump whenusing debug builds of Python 3.7. #1050

Version 2.10.1

Released 2019-04-06

  • SandboxedEnvironment securely handles str.format_map inorder to prevent code execution through untrusted format strings.The sandbox already handled str.format.

Version 2.10

Released 2017-11-08

  • Added a new extension node called OverlayScope which can be usedto create an unoptimized scope that will look up all variables froma derived context.

  • Added an in test that works like the in operator. This can beused in combination with reject and select.

  • Added previtem and nextitem to loop contexts, providingaccess to the previous/next item in the loop. If such an item doesnot exist, the value is undefined.

  • Added changed(*values) to loop contexts, providing an easy wayof checking whether a value has changed since the last iteration (orrather since the last call of the method)

  • Added a namespace function that creates a special object whichallows attribute assignment using the set tag. This can be usedto carry data across scopes, e.g. from a loop body to code thatcomes after the loop.

  • Added a trimmed modifier to {% trans %} to strip linebreaksand surrounding whitespace. Also added a new policy to enable thisfor all trans blocks.

  • The random filter is no longer incorrectly constant folded andwill produce a new random choice each time the template is rendered.#478

  • Added a unique filter. #469

  • Added min and max filters. #475

  • Added tests for all comparison operators: eq, ne, lt,le, gt, ge. #665

  • import statement cannot end with a trailing comma. #617,#618

  • indent filter will not indent blank lines by default. #685

  • Add reverse argument for dictsort filter. #692

  • Add a NativeEnvironment that renders templates to native Pythontypes instead of strings. #708

  • Added filter support to the block set tag. #489

  • tojson filter marks output as safe to match documented behavior.#718

  • Resolved a bug where getting debug locals for tracebacks couldmodify template context.

  • Fixed a bug where having many {% elif … %} blocks resulted ina “too many levels of indentation” error. These blocks now compileto native elif ..: instead of else: if ..: #759

Version 2.9.6

Released 2017-04-03

  • Fixed custom context behavior in fast resolve mode #675

Version 2.9.5

Released 2017-01-28

  • Restored the original repr of the internal _GroupTuple becausethis caused issues with ansible and it was an unintended change.#654

  • Added back support for custom contexts that override the oldresolve method since it was hard for people to spot that thiscould cause a regression.

  • Correctly use the buffer for the else block of for loops. Thiscaused invalid syntax errors to be caused on 2.x and completelywrong behavior on Python 3 #669

  • Resolve an issue where the {% extends %} tag could not be usedwith async environments. #668

  • Reduce memory footprint slightly by reducing our unicode databasedump we use for identifier matching on Python 3 #666

  • Fixed autoescaping not working for macros in async compilation mode.#671

Version 2.9.4

Released 2017-01-10

  • Solved some warnings for string literals. #646

  • Increment the bytecode cache version which was not done due to anoversight before.

  • Corrected bad code generation and scoping for filtered loops.#649

  • Resolved an issue where top-level output silencing after knownextend blocks could generate invalid code when blocks wherecontained in if statements. #651

  • Made the truncate.leeway default configurable to improvecompatibility with older templates.

Version 2.9.3

Released 2017-01-08

  • Restored the use of blocks in macros to the extend that was possiblebefore. On Python 3 it would render a generator repr instead of theblock contents. #645

  • Set a consistent behavior for assigning of variables in inner scopeswhen the variable is also read from an outer scope. This now setsthe intended behavior in all situations however it does not restorethe old behavior where limited assignments to outer scopes waspossible. For more information and a discussion see #641

  • Resolved an issue where block scoped would not take advantage ofthe new scoping rules. In some more exotic cases a variableoverriden in a local scope would not make it into a block.

  • Change the code generation of the with statement to be in linewith the new scoping rules. This resolves some unlikely bugs in edgecases. This also introduces a new internal With node that can beused by extensions.

Version 2.9.2

Released 2017-01-08

  • Fixed a regression that caused for loops to not be able to use thesame variable for the target as well as source iterator.#640

  • Add support for a previously unknown behavior of macros. It used tobe possible in some circumstances to explicitly provide a callerargument to macros. While badly buggy and unintended it turns outthat this is a common case that gets copy pasted around. To notcompletely break backwards compatibility with the most common casesit’s now possible to provide an explicit keyword argument for callerif it’s given an explicit default. #642

Version 2.9.1

Released 2017-01-07

  • Resolved a regression with call block scoping for macros. Nestedcaller blocks that used the same identifiers as outer macros couldrefer to the wrong variable incorrectly.

Version 2.9

Released 2017-01-07, codename Derivation

  • Change cache key definition in environment. This fixes a performanceregression introduced in 2.8.

  • Added support for generator_stop on supported Python versions(Python 3.5 and later)

  • Corrected a long standing issue with operator precedence of mathoperations not being what was expected.

  • Added support for Python 3.6 async iterators through a new asyncmode.

  • Added policies for filter defaults and similar things.

  • Urlize now sets “rel noopener” by default.

  • Support attribute fallback for old-style classes in 2.x.

  • Support toplevel set statements in extend situations.

  • Restored behavior of Cycler for Python 3 users.

  • Subtraction now follows the same behavior as other operators onundefined values.

  • map and friends will now give better error messages if youforgot to quote the parameter.

  • Depend on MarkupSafe 0.23 or higher.

  • Improved the truncate filter to support better truncation incase the string is barely truncated at all.

  • Change the logic for macro autoescaping to be based on the runtimeautoescaping information at call time instead of macro define time.

  • Ported a modified version of the tojson filter from Flask toJinja2 and hooked it up with the new policy framework.

  • Block sets are now marked safe by default.

  • On Python 2 the asciification of ASCII strings can now be disabledwith the compiler.ascii_str policy.

  • Tests now no longer accept an arbitrary expression as first argumentbut a restricted one. This means that you can now properly usemultiple tests in one expression without extra parentheses. Inparticular you can now write foo is divisibleby 2 or foo isdivisibleby 3 as you would expect.

  • Greatly changed the scoping system to be more consistent with whattemplate designers and developers expect. There is now no more magicdifference between the different include and import constructs.Context is now always propagated the same way. The only remainingdifferences is the defaults for with context and withoutcontext.

  • The with and autoescape tags are now built-in.

  • Added the new select_autoescape function which helps configuringbetter autoescaping easier.

  • Fixed a runtime error in the sandbox when attributes of asyncgenerators were accessed.

Version 2.8.1

Released 2016-12-29

  • Fixed the for_qs flag for urlencode.

  • Fixed regression when applying int to non-string values.

  • SECURITY: if the sandbox mode is used format expressions are nowsandboxed with the same rules as in Jinja. This solves variousinformation leakage problems that can occur with format strings.

Version 2.8

Released 2015-07-26, codename Replacement

  • Added target parameter to urlize function.

  • Added support for followsymlinks to the file system loader.

  • The truncate filter now counts the length.

  • Added equalto filter that helps with select filters.

  • Changed cache keys to use absolute file names if available insteadof load names.

  • Fixed loop length calculation for some iterators.

  • Changed how Jinja2 enforces strings to be native strings in Python 2to work when people break their default encoding.

  • Added make_logging_undefined() which returns an undefinedobject that logs failures into a logger.

  • If unmarshalling of cached data fails the template will be reloadednow.

  • Implemented a block set tag.

  • Default cache size was increased to 400 from a low 50.

  • Fixed is number test to accept long integers in all Pythonversions.

  • Changed is number to accept Decimal as a number.

  • Added a check for default arguments followed by non-defaultarguments. This change makes {% macro m(x, y=1, z) %} a syntaxerror. The previous behavior for this code was broken anyway(resulting in the default value being applied to y).

  • Add ability to use custom subclasses ofjinja2.compiler.CodeGenerator and jinja2.runtime.Context byadding two new attributes to the environment(code_generator_class and context_class) (pull request:issue:404).

  • Added support for context/environment/evalctx decorator functions onthe finalize callback of the environment.

  • Escape query strings for urlencode properly. Previously slashes werenot escaped in that place.

  • Add ‘base’ parameter to ‘int’ filter.

Version 2.7.3

Released 2014-06-06

  • Security issue: Corrected the security fix for the cache folder.This fix was provided by RedHat.

Version 2.7.2

Released 2014-01-10

  • Prefix loader was not forwarding the locals properly to innerloaders. This is now fixed.

  • Security issue: Changed the default folder for the filesystem cacheto be user specific and read and write protected on UNIX systems.See Debian bug 734747 for more information.

Version 2.7.1

Released 2013-08-07

  • Fixed a bug with call_filter not working properly on environmentand context filters.

  • Fixed lack of Python 3 support for bytecode caches.

  • Reverted support for defining blocks in included templates as thisbroke existing templates for users.

  • Fixed some warnings with hashing of undefineds and nodes if Pythonis run with warnings for Python 3.

  • Added support for properly hashing undefined objects.

  • Fixed a bug with the title filter not working on already uppercasestrings.

Version 2.7

Released 2013-05-20, codename Translation

  • Choice and prefix loaders now dispatch source and template lookupseparately in order to work in combination with module loaders asadvertised.

  • Fixed filesizeformat.

  • Added a non-silent option for babel extraction.

  • Added urlencode filter that automatically quotes values for URLsafe usage with utf-8 as only supported encoding. If applicationswant to change this encoding they can override the filter.

  • Added keep-trailing-newline configuration to environments andtemplates to optionally preserve the final trailing newline.

  • Accessing last on the loop context no longer causes the iteratorto be consumed into a list.

  • Python requirement changed: 2.6, 2.7 or >= 3.3 are required now,supported by same source code, using the “six” compatibilitylibrary.

  • Allow contextfunction and other decorators to be applied tocall.

  • Added support for changing from newline to different signs in thewordwrap filter.

  • Added support for ignoring memcache errors silently.

  • Added support for keeping the trailing newline in templates.

  • Added finer grained support for stripping whitespace on the leftside of blocks.

  • Added map, select, reject, selectattr andrejectattr filters.

  • Added support for loop.depth to figure out how deep inside arecursive loop the code is.

  • Disabled py_compile for pypy and python 3.

Version 2.6

Released 2011-07-24, codename Convolution

  • Internal attributes now raise an internal attribute error nowinstead of returning an undefined. This fixes problems when passingundefined objects to Python semantics expecting APIs.

  • Traceback support now works properly for PyPy. (Tested with 1.4)

  • Implemented operator intercepting for sandboxed environments. Thisallows application developers to disable builtin operators forbetter security. (For instance limit the mathematical operators toactual integers instead of longs)

  • Groupby filter now supports dotted notation for grouping byattributes of attributes.

  • Scoped blocks now properly treat toplevel assignments and imports.Previously an import suddenly “disappeared” in a scoped block.

  • Automatically detect newer Python interpreter versions beforeloading code from bytecode caches to prevent segfaults on invalidopcodes. The segfault in earlier Jinja2 versions here was not aJinja2 bug but a limitation in the underlying Python interpreter. Ifyou notice Jinja2 segfaulting in earlier versions after an upgradeof the Python interpreter you don’t have to upgrade, it’s enough toflush the bytecode cache. This just no longer makes this necessary,Jinja2 will automatically detect these cases now.

  • The sum filter can now sum up values by attribute. This is abackwards incompatible change. The argument to the filter previouslywas the optional starting index which defaults to zero. This nowbecame the second argument to the function because it’s rarely used.

  • Like sum, sort now also makes it possible to order items byattribute.

  • Like sum and sort, join now also is able to join attributes ofobjects as string.

  • The internal eval context now has a reference to the environment.

  • Added a mapping test to see if an object is a dict or an object witha similar interface.

Version 2.5.5

Released 2010-10-18

  • Built documentation is no longer part of release.

Version 2.5.4

Released 2010-10-17

  • Fixed extensions not loading properly with overlays.

  • Work around a bug in cpython for the debugger that causes segfaultson 64bit big-endian architectures.

Version 2.5.3

Released 2010-10-17

  • Fixed an operator precedence error introduced in 2.5.2. Statementslike “-foo.bar” had their implicit parentheses applied around thefirst part of the expression (“(-foo).bar”) instead of the morecorrect “-(foo.bar)”.

Version 2.5.2

Released 2010-08-18

  • Improved setup.py script to better work with assumptions peoplemight still have from it (—with-speedups).

  • Fixed a packaging error that excluded the new debug support.

Version 2.5.1

Released 2010-08-17

  • StopIteration exceptions raised by functions called from templatesare now intercepted and converted to undefineds. This solves a lotof debugging grief. (StopIteration is used internally to aborttemplate execution)

  • Improved performance of macro calls slightly.

  • Babel extraction can now properly extract newstyle gettext calls.

  • Using the variable num in newstyle gettext for something elsethan the pluralize count will no longer raise a KeyError.

  • Removed builtin markup class and switched to markupsafe. Forbackwards compatibility the pure Python implementation still existsbut is pulled from markupsafe by the Jinja2 developers. The debugsupport went into a separate feature called “debugsupport” and isdisabled by default because it is only relevant for Python 2.4

  • Fixed an issue with unary operators having the wrong precedence.

Version 2.5

Released 2010-05-29, codename Incoherence

  • Improved the sort filter (should have worked like this for a longtime) by adding support for case insensitive searches.

  • Fixed a bug for getattribute constant folding.

  • Support for newstyle gettext translations which result in a nicerin-template user interface and more consistent catalogs.(Whitespace Trimming)

  • It’s now possible to register extensions after an environment wascreated.

Version 2.4.1

Released 2010-04-20

  • Fixed an error reporting bug for undefined.

Version 2.4

Released 2010-04-13, codename Correlation

  • The environment template loading functions now transparently passthrough a template object if it was passed to it. This makes itpossible to import or extend from a template object that was passedto the template.

  • Added a ModuleLoader that can load templates fromprecompiled sources. The environment now features a method tocompile the templates from a configured loader into a zip file orfolder.

  • The _speedups C extension now supports Python 3.

  • Added support for autoescaping toggling sections and support forevaluation contexts (Evaluation Context).

  • Extensions have a priority now.

Version 2.3.1

Released 2010-02-19

  • Fixed an error reporting bug on all python versions

  • Fixed an error reporting bug on Python 2.4

Version 2.3

Released 2010-02-10, codename 3000 Pythons

  • Fixes issue with code generator that causes unbound variables to begenerated if set was used in if-blocks and other small identifierproblems.

  • Include tags are now able to select between multiple templates andtake the first that exists, if a list of templates is given.

  • Fixed a problem with having call blocks in outer scopes that have anargument that is also used as local variable in an inner frame#360.

  • Greatly improved error message reporting #339

  • Implicit tuple expressions can no longer be totally empty. Thischange makes {% if %} a syntax error now. #364

  • Added support for translator comments if extracted via babel.

  • Added with-statement extension.

  • Experimental Python 3 support.

Version 2.2.1

Released 2009-09-14

  • Fixes some smaller problems for Jinja2 on Jython.

Version 2.2

Released 2009-09-13, codename Kong

  • Include statements can now be marked with ignore missing to skipnon existing templates.

  • Priority of not raised. It’s now possible to write not foo inbar as an alias to foo not in bar like in python. Previouslythe grammar required parentheses (not (foo in bar)) which wasodd.

  • Fixed a bug that caused syntax errors when defining macros or usingthe {% call %} tag inside loops.

  • Fixed a bug in the parser that made {{ foo[1, 2] }} impossible.

  • Made it possible to refer to names from outer scopes in includedtemplates that were unused in the callers frame #327

  • Fixed a bug that caused internal errors if names where used asiteration variable and regular variable after the loop if thatvariable was unused before the loop. #331

  • Added support for optional scoped modifier to blocks.

  • Added support for line-comments.

  • Added the meta module.

  • Renamed (undocumented) attribute “overlay” to “overlayed” on theenvironment because it was clashing with a method of the same name.

  • Speedup extension is now disabled by default.

Version 2.1.1

Released 2008-12-25

  • Fixed a translation error caused by looping over empty recursiveloops.

Version 2.1

Released 2008-11-23, codename Yasuzō

  • Fixed a bug with nested loops and the special loop variable. Beforethe change an inner loop overwrote the loop variable from the outerone after iteration.

  • Fixed a bug with the i18n extension that caused the explicitpluralization block to look up the wrong variable.

  • Fixed a limitation in the lexer that made {{ foo.0.0 }}impossible.

  • Index based subscribing of variables with a constant value returnsan undefined object now instead of raising an index error. This wasa bug caused by eager optimizing.

  • The i18n extension looks up foo.ugettext now followed byfoo.gettext if an translations object is installed. This makesdealing with custom translations classes easier.

  • Fixed a confusing behavior with conditional extending. loops werepartially executed under some conditions even though they were notpart of a visible area.

  • Added sort filter that works like dictsort but for arbitrarysequences.

  • Fixed a bug with empty statements in macros.

  • Implemented a bytecode cache system. (Bytecode Cache)

  • The template context is now weakref-able

  • Inclusions and imports “with context” forward all variables now, notonly the initial context.

  • Added a cycle helper called cycler.

  • Added a joining helper called joiner.

  • Added a compile_expression method to the environment that allowscompiling of Jinja expressions into callable Python objects.

  • Fixed an escaping bug in urlize

Version 2.0

Released 2008-07-17, codename Jinjavitus

  • The subscribing of objects (looking up attributes and items) changedfrom slightly. It’s now possible to give attributes or items ahigher priority by either using dot-notation lookup or the bracketsyntax. This also changed the AST slightly. Subscript is goneand was replaced with Getitem andGetattr. For more information see theimplementation details.

  • Added support for preprocessing and token stream filtering forextensions. This would allow extensions to allow simplified gettextcalls in template data and something similar.

  • Added jinja2.environment.TemplateStream.dump().

  • Added missing support for implicit string literal concatenation.{{ "foo" "bar" }} is equivalent to {{ "foobar" }}

  • else is optional for conditional expressions. If not given itevaluates to false.

  • Improved error reporting for undefined values by providing aposition.

  • filesizeformat filter uses decimal prefixes now per default andcan be set to binary mode with the second parameter.

  • Fixed bug in finalizer

Version 2.0rc1

Released 2008-06-09

  • First release of Jinja2