The loop object now has nextitem and previtem attributes, as
well as a changed method, for the common case of outputting
something as a value in the loop changes. More complicated cases can
use the namespace object.
http://jinja.pocoo.org/docs/2.10/templates/#for
Added a new extension node called OverlayScope which can be used to create an unoptimized scope that will look up all variables from a derived context.
Added an in test that works like the in operator. This can be used in combination with reject and select.
Added previtem and nextitem to loop contexts, providing access to the previous/next item in the loop. If such an item does not exist, the value is undefined.
Added changed(*values) to loop contexts, providing an easy way of checking whether a value has changed since the last iteration (or rather since the last call of the method)
Added a namespace function that creates a special object which allows attribute assignment using the set tag. This can be used to carry data across scopes, e.g. from a loop body to code that comes after the loop.
Added a trimmed modifier to {% trans %} to strip linebreaks and surrounding whitespace. Also added a new policy to enable this for all trans blocks.
The random filter is no longer incorrectly constant folded and will produce a new random choice each time the template is rendered. (#478)
tojson filter marks output as safe to match documented behavior. (#718)
Resolved a bug where getting debug locals for tracebacks could modify template context.
Fixed a bug where having many {% elif ... %} blocks resulted in a "too many levels of indentation" error. These blocks now compile to native elif ..: instead of else: if ..: (#759)
SandboxedEnvironment securely handles str.format_map in
order to prevent code execution through untrusted format strings.
The sandbox already handled str.format.
Version 2.10
Released 2017-11-08
Added a new extension node called OverlayScope which can be used
to create an unoptimized scope that will look up all variables from
a derived context.
Added an in test that works like the in operator. This can be
used in combination with reject and select.
Added previtem and nextitem to loop contexts, providing
access to the previous/next item in the loop. If such an item does
not exist, the value is undefined.
Added changed(*values) to loop contexts, providing an easy way
of checking whether a value has changed since the last iteration (or
rather since the last call of the method)
Added a namespace function that creates a special object which
allows attribute assignment using the set tag. This can be used
to carry data across scopes, e.g. from a loop body to code that
comes after the loop.
Added a trimmed modifier to {% trans %} to strip linebreaks
and surrounding whitespace. Also added a new policy to enable this
for all trans blocks.
The random filter is no longer incorrectly constant folded and
will produce a new random choice each time the template is rendered.
:pr:478
Added a unique filter. :pr:469
Added min and max filters. :pr:475
Added tests for all comparison operators: eq, ne, lt,
le, gt, ge. :pr:665
import statement cannot end with a trailing comma. :pr:617,
:pr:618
indent filter will not indent blank lines by default. :pr:685
Add reverse argument for dictsort filter. :pr:692
Add a NativeEnvironment that renders templates to native Python
types instead of strings. :pr:708
Added filter support to the block set tag. :pr:489
tojson filter marks output as safe to match documented behavior.
:pr:718
Resolved a bug where getting debug locals for tracebacks could
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Data4Democracy/nyc-accessibility/network/alerts).
Bumps jinja2 from 2.9.5 to 2.10.1.
Release notes
Sourced from jinja2's releases.
Changelog
Sourced from jinja2's changelog.
... (truncated)
Commits
c4c4088
release 2.10.1a2a6c93
sandbox str.format_map78d2f67
Bump version number to 2.10d9d3fc3
clean up MANIFEST.in072cdf9
Support filters in set blockd17c7db
Merge pull request #708 from jctanner/NATIVE_TYPES6a7a263
Merge branch 'master' into NATIVE_TYPES31f92b5
Fix typo in docstring (#779)c314761
codecov needs argparse on 2.64750cf7
Minor docstring grammar fix (#772)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Data4Democracy/nyc-accessibility/network/alerts).