1 |
Revision history for Perl extension JSON::XS |
2 |
|
3 |
TODO: maybe detect and croak on more invalid inputs (e.g. +-inf/nan) |
4 |
TODO: maybe avoid the reblessing and better support readonly objects. |
5 |
TODO: how to cope with tagged values and standard json decoders |
6 |
TODO: investigate magic (Eric Brine) |
7 |
TODO: [PATCH] Types::Serialiser: Inline true(), false() and error() functions |
8 |
TODO: replace bool_stash by BOOL_STASH seems to work with mod_perl, make a compile time option? |
9 |
|
10 |
TODO: validate_utf8, apparewntly some people confuse themselves. |
11 |
TODO: security considerations |
12 |
|
13 |
4.03 Tue Oct 27 19:05:01 CET 2020 |
14 |
- when parsing comments in relaxed mode, JSON::XS would detect garbage |
15 |
after the JSON text if the comment is after the end and does not end in |
16 |
a newline (reported by Felipe Gasper). |
17 |
|
18 |
4.02 Wed Mar 6 08:31:24 CET 2019 |
19 |
- undo the fix from 4.01, it breaks more things than it fixes |
20 |
(another testcase by Wesley Schwengle). |
21 |
- try a proper fix this time. |
22 |
|
23 |
4.01 Sun Feb 24 05:03:30 CET 2019 |
24 |
- fix some stack corruption caused mostly when calling methods |
25 |
in list context (testcase by Wesley Schwengle). |
26 |
|
27 |
4.0 Fri Nov 16 00:06:54 CET 2018 |
28 |
- SECURITY IMPLICATION: this release enables allow_nonref by default |
29 |
for compatibility with RFC 7159 and newer. See "old" vs. "new" |
30 |
JSON under SECURITY CONSIDERATIONS. |
31 |
- reworked the "old" vs. "new" JSON section. |
32 |
- add ->boolean_values to provide the values to which booleans |
33 |
decode (requested by Aristotle Pagaltzis). |
34 |
- decode would wrongly accept ASCII NUL characters instead of |
35 |
reporting them as trailing garbage. |
36 |
- work around what smells like a perl bug w.r.t. exceptions |
37 |
thrown in callbacks. |
38 |
- incremental parser now more or less respects allow_nonref. |
39 |
- json_xs json-pretty now enables canonical mode. |
40 |
- add documentation section about I-JSON. |
41 |
- minor documentation fixes/updates. |
42 |
|
43 |
3.04 Thu Aug 17 04:30:47 CEST 2017 |
44 |
- change exponential realloc algorithm on encoding and string decoding to be |
45 |
really exponential (this helps slow/debugging allocators such as libumem) |
46 |
(reported by Matthew Horsfall). |
47 |
- string encoding would needlessly overallocate output space |
48 |
(testcase by Matthew Horsfall). |
49 |
- be very paranoid about extending buffer lengths and croak if buffers get too large, |
50 |
which might (or might not) improve security. |
51 |
- add cbor-packed type to json_xs. |
52 |
- switch from YAML to YAML::XS in json_xs, as YAML is way too buggy and outdated. |
53 |
|
54 |
3.03 Wed Nov 16 20:20:59 CET 2016 |
55 |
- fix a bug introduced by a perl bug workaround that would cause |
56 |
incremental parsing to fail with a sv_chop panic. |
57 |
- json_xs: toformat failure error message fixed. |
58 |
- json_xs: allow cyclic data structures in CBOR. |
59 |
|
60 |
3.02 Fri Feb 26 22:45:20 CET 2016 |
61 |
- allow_nonref now affects booleans (\1, $Types::Serialiser::Boolean) |
62 |
as well (reported by Alex Efros). |
63 |
- allow literal tabs in strings in relaxed mode (patch by |
64 |
lubo.rintel@gooddata.com). |
65 |
- support "cbor" format in json_xs tool. |
66 |
- support (and fix) calling encode and decode in list context |
67 |
(reported by Вадим Власов). |
68 |
- work around a bug in older perls crashing when presented |
69 |
with shared hash keys (Reini Urban). |
70 |
- use stability canary. |
71 |
|
72 |
3.01 Tue Oct 29 16:55:15 CET 2013 |
73 |
- backport to perls < 5.18 (reported by Paul Howarth). |
74 |
|
75 |
3.0 Tue Oct 29 01:35:37 CET 2013 |
76 |
- implemented an object tagging extension (using the |
77 |
Types::Serialiser serialisation protocol). |
78 |
- reworked the documentation regarding object serialisation, |
79 |
add a new OBJECT SERIALISATION section that explains th |
80 |
whole process. |
81 |
- new setting: allow_tags. |
82 |
- switch to Types::Serialiser booleans. |
83 |
- remove to_json/from_json. |
84 |
- other minor improvements to the documentation. |
85 |
|
86 |
2.34 Thu May 23 11:30:34 CEST 2013 |
87 |
- work around bugs in perl 5.18 breaking more than 100 |
88 |
widely used modules, without a fix in sight because |
89 |
p5pers don't care about CPAN anymore. |
90 |
- when canonicalising, only allocate up to 64 hash key |
91 |
pointers on the stack. for larger hashes, use the heap, |
92 |
to avoid using too much stackspace. |
93 |
- discuss the problem with setlocale (reported by a few victims). |
94 |
|
95 |
2.33 Wed Aug 1 21:03:52 CEST 2012 |
96 |
- internal encode/decode XS wrappers did not expect stack |
97 |
moves caused by callbacks (analyzed and testcase by Jesse Luehrs). |
98 |
- add bencode as to/from option in bin/json_xs. |
99 |
- add -e option to json_xs, and none and string in/out formats. |
100 |
|
101 |
2.32 Thu Aug 11 19:06:38 CEST 2011 |
102 |
- fix a bug in the initial whitespace accumulation. |
103 |
|
104 |
2.31 Wed Jul 27 17:53:05 CEST 2011 |
105 |
- don't accumulate initial whitespace in the incremental buffer |
106 |
(this can be useful to allow whitespace-keepalive on a tcp |
107 |
connection without triggering the max_size limit). |
108 |
- properly croak on some invalid inputs that are not strings |
109 |
(e.g. undef) when trying to decode a json text (reported |
110 |
and analyzed by Goro Fuji). |
111 |
|
112 |
2.3 Wed Aug 18 01:26:47 CEST 2010 |
113 |
- make sure decoder doesn't change the decoding in the incremental |
114 |
parser (testcase provided by Hendrik Schumacher). |
115 |
- applied patch by DaTa for Data::Dumper support in json_xs. |
116 |
- added -t dump support to json_xs, using Data::Dump. |
117 |
- added -f eval support to json_xs. |
118 |
|
119 |
2.29 Wed Mar 17 02:39:12 CET 2010 |
120 |
- fix a memory leak when callbacks set using filter_json_object |
121 |
or filter_json_single_key_object were called (great testcase |
122 |
by Eric Wilhelm). |
123 |
|
124 |
2.28 Thu Mar 11 20:30:46 CET 2010 |
125 |
- implement our own atof function - perl's can be orders of |
126 |
magnitudes slower than even the system one. on the positive |
127 |
side, ours seems to be more exact in general than perl's. |
128 |
(testcase provided by Tim Meadowcroft). |
129 |
- clarify floating point conversion issues a bit. |
130 |
- update jpsykes csrf article url. |
131 |
- updated benchmark section - JSON::PP became much faster! |
132 |
|
133 |
2.27 Thu Jan 7 07:35:08 CET 2010 |
134 |
- support relaxed option inside the incremental parser |
135 |
(testcase provided by IKEGAMI via Makamaka). |
136 |
|
137 |
2.26 Sat Oct 10 03:26:19 CEST 2009 |
138 |
- big integers could become truncated (based on patch |
139 |
by Strobl Anton). |
140 |
- output format change: indent now adds a final newline, which is |
141 |
more expected and more true to the documentation. |
142 |
|
143 |
2.25 Sat Aug 8 12:04:41 CEST 2009 |
144 |
- the perl debugger completely breaks lvalue subs - try to work |
145 |
around the issue. |
146 |
- ignore RMAGICAL hashes w.r.t. CANONICAL. |
147 |
- try to work around a possible char signedness issue on aix. |
148 |
- require common sense. |
149 |
|
150 |
2.24 Sat May 30 08:25:45 CEST 2009 |
151 |
- the incremental parser did not update its parse offset |
152 |
pointer correctly when parsing utf8-strings (nicely |
153 |
debugged by Martin Evans). |
154 |
- appending a non-utf8-string to the incremental parser |
155 |
in utf8 mode failed to upgrade the string. |
156 |
- wording of parse error messages has been improved. |
157 |
|
158 |
2.232 Sun Feb 22 11:12:25 CET 2009 |
159 |
- use an exponential algorithm to extend strings, to |
160 |
help platforms with bad or abysmal==windows memory |
161 |
allocater performance, at the expense of some memory |
162 |
wastage (use shrink to recover this extra memory). |
163 |
(nicely analysed by Dmitry Karasik). |
164 |
|
165 |
2.2311 Thu Feb 19 02:12:54 CET 2009 |
166 |
- add a section "JSON and ECMAscript" to explain some |
167 |
incompatibilities between the two (problem was noted by |
168 |
various people). |
169 |
- add t/20_faihu.t. |
170 |
|
171 |
2.231 Thu Nov 20 04:59:08 CET 2008 |
172 |
- work around 5.10.0 magic bugs where manipulating magic values |
173 |
(such as $1) would permanently damage them as perl would |
174 |
ignore the magicalness, by making a full copy of the string, |
175 |
reported by Dmitry Karasik. |
176 |
- work around spurious warnings under older perl 5.8's. |
177 |
|
178 |
2.23 Mon Sep 29 05:08:29 CEST 2008 |
179 |
- fix a compilation problem when perl is not using char * as, well, |
180 |
char *. |
181 |
- use PL_hexdigit in favour of rolling our own. |
182 |
|
183 |
2.2222 Sun Jul 20 18:49:00 CEST 2008 |
184 |
- same game again, broken 5.10 finds yet another assertion |
185 |
failure, and the workaround causes additional runtime warnings. |
186 |
Work around the next assertion AND the warning. 5.10 seriously |
187 |
needs to adjust it's attitude against working code. |
188 |
|
189 |
2.222 Sat Jul 19 06:15:34 CEST 2008 |
190 |
- you work around one -DDEBUGGING assertion bug in perl 5.10 |
191 |
just to hit the next one. work around this one, too. |
192 |
|
193 |
2.22 Tue Jul 15 13:26:51 CEST 2008 |
194 |
- allow higher nesting levels in incremental parser. |
195 |
- error out earlier in some cases in the incremental parser |
196 |
(as suggested by Yuval Kogman). |
197 |
- improve incr-parser test (Yuval Kogman). |
198 |
|
199 |
2.21 Tue Jun 3 08:43:23 CEST 2008 |
200 |
- (hopefully) work around a perl 5.10 bug with -DDEBUGGING. |
201 |
- remove the experimental status of the incremental parser interface. |
202 |
- move =encoding around again, to avoid bugs with search.cpan.org. |
203 |
when can we finally have utf-8 in pod??? |
204 |
- add ->incr_reset method. |
205 |
|
206 |
2.2 Wed Apr 16 20:37:25 CEST 2008 |
207 |
- lifted the log2 rounding restriction of max_depth and max_size. |
208 |
- make booleans mutable by creating a copy instead of handing out |
209 |
the same scalar (reported by pasha sadri). |
210 |
- added support for incremental json parsing (still EXPERIMENTAL). |
211 |
- implemented and added a json_xs command line utility that can convert |
212 |
from/to a number of serialisation formats - tell me if you need more. |
213 |
- implement allow_unknown/get_allow_unknown methods. |
214 |
- fixed documentation of max_depth w.r.t. higher and equal. |
215 |
- moved down =encoding directive a bit, too much breaks if it's the first |
216 |
pod directive :/. |
217 |
- removed documentation section on other modules, it became somewhat |
218 |
outdated and is nowadays mostly of historical interest. |
219 |
|
220 |
2.1 Wed Mar 19 23:23:18 CET 2008 |
221 |
- update documentation here and there: add a large section |
222 |
about utf8/latin1/ascii flags, add a security consideration |
223 |
and extend and clarify the JSON and YAML section. |
224 |
- medium speed enhancements when encoding/decoding non-ascii chars. |
225 |
- minor speedup in number encoding case. |
226 |
- extend and clarify the section on incompatibilities |
227 |
between YAML and JSON. |
228 |
- switch to static inline from just inline when using gcc. |
229 |
- add =encoding utf-8 to the manpage, now that perl 5.10 supports it. |
230 |
- fix some issues with UV to JSON conversion of unknown impact. |
231 |
- published the yahoo locals search result used in benchmarks as the |
232 |
original url changes so comparison is impossible. |
233 |
|
234 |
2.01 Wed Dec 5 11:40:28 CET 2007 |
235 |
- INCOMPATIBLE API CHANGE: to_json and from_json have been |
236 |
renamed to encode_json/decode_json for JSON.pm compatibility. |
237 |
The old functions croak and might be replaced by JSON.pm |
238 |
comaptible versions in some later release. |
239 |
|
240 |
2.0 Tue Dec 4 11:30:46 CET 2007 |
241 |
- this is supposed to be the first version of JSON::XS |
242 |
compatible with version 2.0+ of the JSON module. |
243 |
Using the JSON module as frontend to JSON::XS should be |
244 |
as fast as using JSON::XS directly, so consider using it |
245 |
instead. |
246 |
- added get_* methods for all "simple" options. |
247 |
- make JSON::XS subclassable. |
248 |
|
249 |
1.53 Tue Nov 13 23:58:33 CET 2007 |
250 |
- minor doc clarifications. |
251 |
- fixed many doc typos (patch by Thomas L. Shinnick). |
252 |
|
253 |
1.52 Mon Oct 15 03:22:06 CEST 2007 |
254 |
- remove =encoding pod directive again, it confuses too many pod |
255 |
parsers :/. |
256 |
|
257 |
1.51 Sat Oct 13 03:55:56 CEST 2007 |
258 |
- encode empty arrays/hashes in a compact way when pretty is enabled. |
259 |
- apparently JSON::XS was used to find some bugs in the |
260 |
JSON_checker testsuite, so add (the corrected) JSON_checker tests to |
261 |
the testsuite. |
262 |
- quite a bit of doc updates/extension. |
263 |
- require 5.8.2, as this seems to be the first unicode-stable version. |
264 |
|
265 |
1.5 Tue Aug 28 04:05:38 CEST 2007 |
266 |
- add support for tied hashes, based on ideas and testcase by |
267 |
Marcus Holland-Moritz. |
268 |
- implemented relaxed parsing mode where some extensions are being |
269 |
accepted. generation is still JSON-only. |
270 |
|
271 |
1.44 Wed Aug 22 01:02:44 CEST 2007 |
272 |
- very experimental process-emulation support, slowing everything down. |
273 |
the horribly broken perl threads are still not supported - YMMV. |
274 |
|
275 |
1.43 Thu Jul 26 13:26:37 CEST 2007 |
276 |
- convert big json numbers exclusively consisting of digits to NV |
277 |
only when there is no loss of precision, otherwise to string. |
278 |
|
279 |
1.42 Tue Jul 24 00:51:18 CEST 2007 |
280 |
- fix a crash caused by not handling missing array elements |
281 |
(report and testcase by Jay Kuri). |
282 |
|
283 |
1.41 Tue Jul 10 18:21:44 CEST 2007 |
284 |
- fix compilation with NDEBUG (assert side-effect), |
285 |
affects convert_blessed only. |
286 |
- fix a bug in decode filters calling ENTER; SAVETMPS; |
287 |
one time too often. |
288 |
- catch a typical error in TO_JSON methods. |
289 |
- antique-ised XS.xs again to work with outdated |
290 |
C compilers (windows...). |
291 |
|
292 |
1.4 Mon Jul 2 10:06:30 CEST 2007 |
293 |
- add convert_blessed setting. |
294 |
- encode did not catch all blessed objects, encoding their |
295 |
contents in most cases. This has been fixed by introducing |
296 |
the allow_blessed setting. |
297 |
- added filter_json_object and filter_json_single_key_object |
298 |
settings that specify a callback to be called when |
299 |
all/specific json objects are encountered. |
300 |
- assume that most object keys are simple ascii words and |
301 |
optimise this case, penalising the general case. This can |
302 |
speed up decoding by 30% in typical cases and gives |
303 |
a smaller and faster perl hash. |
304 |
- implemented simpleminded, optional resource size checking |
305 |
in decode_json. |
306 |
- remove objToJson/jsonToObj aliases, as the next version |
307 |
of JSON will not have them either. |
308 |
- bit the bullet and converted the very simple json object |
309 |
into a more complex one. |
310 |
- work around a bug where perl wrongly claims an integer |
311 |
is not an integer. |
312 |
- unbundle JSON::XS::Boolean into own pm file so Storable |
313 |
and similar modules can resolve the overloading when thawing. |
314 |
|
315 |
1.3 Sun Jun 24 01:55:02 CEST 2007 |
316 |
- make JSON::XS::true and false special overloaded objects |
317 |
and return those instead of 1 and 0 for those json atoms |
318 |
(JSON::PP compatibility is NOT achieved yet). |
319 |
- add JSON::XS::is_bool predicate to test for those special |
320 |
values. |
321 |
- add a reference to |
322 |
http://jpsykes.com/47/practical-csrf-and-json-security. |
323 |
- removed require 5.8.8 again, it is just not very expert-friendly. |
324 |
Also try to be more compatible with slightly older versions, |
325 |
which are not recommended (because they are buggy). |
326 |
|
327 |
1.24 Mon Jun 11 05:40:49 CEST 2007 |
328 |
- added informative section on JSON-as-YAML. |
329 |
- get rid of some c99-isms again. |
330 |
- localise dec->cur in decode_str, speeding up |
331 |
string decoding considerably (>15% on my amd64 + gcc). |
332 |
- increased SHORT_STRING_LEN to 16kb: stack space is |
333 |
usually plenty, and this actually saves memory |
334 |
when !shrinking as short strings will fit perfectly. |
335 |
|
336 |
1.23 Wed Jun 6 20:13:06 CEST 2007 |
337 |
- greatly improved small integer encoding and decoding speed. |
338 |
- implement a number of µ-optimisations. |
339 |
- updated benchmarks. |
340 |
|
341 |
1.22 Thu May 24 00:07:25 CEST 2007 |
342 |
- require 5.8.8 explicitly as older perls do not seem to offer |
343 |
the required macros. |
344 |
- possibly made it compile on so-called C compilers by microsoft. |
345 |
|
346 |
1.21 Wed May 9 18:40:32 CEST 2007 |
347 |
- character offset reported for trailing garbage was random. |
348 |
|
349 |
1.2 Wed May 9 18:35:01 CEST 2007 |
350 |
- decode did not work with magical scalars (doh!). |
351 |
- added latin1 flag to produce JSON texts in the latin1 subset |
352 |
of unicode. |
353 |
- flag trailing garbage as error. |
354 |
- new decode_prefix method that returns the number |
355 |
of characters consumed by a decode. |
356 |
- max octets/char in perls UTF-X is actually 13, not 11, |
357 |
as pointed out by Glenn Linderman. |
358 |
- fixed typoe reported by YAMASHINA Hio. |
359 |
|
360 |
1.11 Mon Apr 9 07:05:49 CEST 2007 |
361 |
- properly 0-terminate sv's returned by encode to help |
362 |
C libraries that expect that 0 to be there. |
363 |
- partially "port" JSON from C to microsofts fucking broken |
364 |
pseudo-C. They should be burned to the ground for pissing |
365 |
on standards. And I should be stoned for even trying to |
366 |
support this filthy excuse for a c compiler. |
367 |
|
368 |
1.1 Wed Apr 4 01:45:00 CEST 2007 |
369 |
- clarify documentation (pointed out by Quinn Weaver). |
370 |
- decode_utf8 sometimes did not correctly flag errors, |
371 |
leading to segfaults. |
372 |
- further reduced default nesting depth to 512 due to the test |
373 |
failure by that anonymous "chris" whose e-mail address seems |
374 |
to be impossible to get. Tests on other freebsd systems indicate |
375 |
that this is likely a problem in his/her configuration and not this |
376 |
module. |
377 |
- renamed json => JSON in error messages. |
378 |
- corrected the character offset in some error messages. |
379 |
|
380 |
1.01 Sat Mar 31 16:15:40 CEST 2007 |
381 |
- do not segfault when from_json/decode gets passed |
382 |
a non-string object (reported by Florian Ragwitz). |
383 |
This has no effect on normal operation. |
384 |
|
385 |
1.0 Thu Mar 29 04:43:34 CEST 2007 |
386 |
- the long awaited (by me) 1.0 version. |
387 |
- add \0 (JSON::XS::false) and \1 (JSON::XS::true) mappings to JSON |
388 |
true and false. |
389 |
- add some more notes to shrink, as suggested by Alex Efros. |
390 |
- improve testsuite. |
391 |
- halve the default nesting depth limit, to hopefully make it |
392 |
work on Freebsd (unfortunately, the cpan tester did not |
393 |
send me his report, so I cannot ask about the stack limit on fbsd). |
394 |
|
395 |
0.8 Mon Mar 26 00:10:48 CEST 2007 |
396 |
- fix a memleak when decoding hashes. |
397 |
- export jsonToBj and objToJson as aliases |
398 |
to to_json and from_json, to reduce incompatibilities |
399 |
between JSON/JSON::PC and JSON::XS. (experimental). |
400 |
- implement a maximum nesting depth for both en- and de-coding. |
401 |
- added a security considerations sections. |
402 |
|
403 |
0.7 Sun Mar 25 01:46:30 CET 2007 |
404 |
- code cleanup. |
405 |
- fix a memory overflow bug when indenting. |
406 |
- pretty-printing now up to 15% faster. |
407 |
- improve decoding speed of strings by |
408 |
up to 50% by specialcasing short strings. |
409 |
- further decoding speedups for strings using |
410 |
lots of \u escapes. |
411 |
- improve utf8 decoding speed for U+80 .. U+7FF. |
412 |
|
413 |
0.5 Sat Mar 24 20:41:51 CET 2007 |
414 |
- added the UTF-16 encoding example hinted at in previous |
415 |
versions. |
416 |
- minor documentation fixes. |
417 |
- fix a bug in and optimise canonicalising fastpath |
418 |
(reported by Craig Manley). |
419 |
- remove a subtest that breaks with bleadperl (reported |
420 |
by Andreas König). |
421 |
|
422 |
0.31 Sat Mar 24 02:14:34 CET 2007 |
423 |
- documentation updates. |
424 |
- do some casting to hopefully fix Andreas' problem. |
425 |
- nuke bogus json rpc stuff. |
426 |
|
427 |
0.3 Fri Mar 23 19:33:21 CET 2007 |
428 |
- remove spurious PApp::Util reference (John McNamara). |
429 |
- adapted lots of tests from other json modules |
430 |
(idea by Chris Carline). |
431 |
- documented mapping from json to perl and vice versa. |
432 |
- improved the documentation by adding more examples. |
433 |
- added short escaping forms, reducing the created |
434 |
json texts a bit. |
435 |
- added shrink flag. |
436 |
- when flag methods are called without enable argument |
437 |
they will by default enable their flag. |
438 |
- considerably improved string encoding speed (at least |
439 |
with gcc 4). |
440 |
- added a test that covers lots of different characters. |
441 |
- clarified some error messages. |
442 |
- error messages now use correct character offset |
443 |
with F_UTF8. |
444 |
- improve the "no bytes" and "no warnings" hacks in |
445 |
case the called functions do... stuff. |
446 |
- croak when encoding to ascii and an out-of-range |
447 |
(non-unicode) codepoint is encountered. |
448 |
|
449 |
0.2 Fri Mar 23 00:23:34 CET 2007 |
450 |
- the "could not sleep without debugging release". |
451 |
it should basically work now, with many bugs as |
452 |
no production tests have been run yet. |
453 |
- added more testcases. |
454 |
- the expected shitload of bugfixes. |
455 |
- handle utf8 flag correctly in decode. |
456 |
- fix segfault in decoder. |
457 |
- utf8n_to_uvuni sets retlen to -1, but retlen is an |
458 |
unsigned types (argh). |
459 |
- fix decoding of utf-8 strings. |
460 |
- improved error diagnostics. |
461 |
- fix decoding of 'null'. |
462 |
- fix parsing of empty array/hashes |
463 |
- silence warnings when we prepare the croak message. |
464 |
|
465 |
0.1 Thu Mar 22 22:13:43 CET 2007 |
466 |
- first release, very untested, basically just to claim |
467 |
the namespace. |
468 |
|
469 |
0.01 Thu Mar 22 06:08:12 CET 2007 |
470 |
- original version; cloned from Convert-Scalar |
471 |
|