This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
PATCH [perl 116252]: Correct nested pod bullets in perl5177delta.pod
[perl5.git] / pod / perl5177delta.pod
CommitLineData
6253ee75
DR
1=encoding utf8
2
3=head1 NAME
4
5perl5177delta - what is new for perl v5.17.7
6
7=head1 DESCRIPTION
8
9This document describes differences between the 5.17.6 release and the 5.17.7
10release.
11
12If you are upgrading from an earlier release such as 5.17.5, first read
13L<perl5176delta>, which describes differences between 5.17.5 and 5.17.6.
14
15=head1 Core Enhancements
16
17=head2 $&, $` and $' are no longer slow
18
19These three infamous variables have been redeemed and no longer slow down
20your program when used. Hence, the /p regular expression flag now does
21nothing.
22
23=head1 Security
24
25=head2 C<Storable> security warning in documentation
26
27The documentation for C<Storable> now includes a section which warns readers
28of the danger of accepting Storable documents from untrusted sources. The
29short version is that deserializing certain types of data can lead to loading
30modules and other code execution. This is documented behavior and wanted
31behavior, but this opens an attack vector for malicious entities.
32
33=head2 C<Locale::Maketext> allowed code injection via a malicious template
34
35If users could provide a translation string to Locale::Maketext, this could be
36used to invoke arbitrary Perl subroutines available in the current process.
37
38This has been fixed, but it is still possible to invoke any method provided by
39C<Locale::Maketext> itself or a subclass that you are using. One of these
40methods in turn will invoke the Perl core's C<sprintf> subroutine.
41
42In summary, allowing users to provide translation strings without auditing
43them is a bad idea.
44
45This vulnerability is documented in CVE-2012-6329.
46
47=head1 Incompatible Changes
48
49=head2 readline() with C<$/ = \N> now reads N characters, not N bytes
50
51Previously, when reading from a stream with I/O layers such as
52C<encoding>, the readline() function, otherwise known as the C<< <> >>
53operator, would read I<N> bytes from the top-most layer. [perl #79960]
54
55Now, I<N> characters are read instead.
56
57There is no change in behaviour when reading from streams with no
58extra layers, since bytes map exactly to characters.
59
60=head2 Lexical subroutine warnings have moved
61
62The warning about the use of an experimental feature emitted when lexical
63subroutines (added in 5.17.4) are used now happens when the subroutine
64itself is declared, not when the "lexical_subs" feature is activated via
65C<use feature>.
66
67This stops C<use feature ':all'> from warning, but causes
68C<my sub foo; my sub bar> to warn twice.
69
70=head2 Overridden C<glob> is now passed one argument
71
72C<glob> overrides used to be passed a magical undocumented second argument
73that identified the caller. Nothing on CPAN was using this, and it got in
74the way of a bug fix, so it was removed. If you really need to identify
75the caller, see L<Devel::Callsite> on CPAN.
76
77=head1 Deprecations
78
79=head2 Lexical $_ is now deprecated
80
81Since it was introduced in Perl 5.10, it has caused much confusion with no
82obvious solution:
83
84=over
85
86=item *
87
88Various modules (e.g., List::Util) expect callback routines to use the
89global $_. C<use List::Util 'first'; my $_; first { $_ == 1 } @list> does
90not work as one would expect.
91
92=item *
93
94A C<my $_> declaration earlier in the same file can cause confusing closure
95warnings.
96
97=item *
98
99The "_" subroutine prototype character allows called subroutines to access
100your lexical $_, so it is not really private after all.
101
102=item *
103
104Nevertheless, subroutines with a "(@)" prototype and methods cannot access
105the caller's lexical $_, unless they are written in XS.
106
107=item *
108
109But even XS routines cannot access a lexical $_ declared, not in the
110calling subroutine, but in an outer scope, iff that subroutine happened not
111to mention $_ or use any operators that default to $_.
112
113=back
114
115=head2 Various XS-callable functions are now deprecated
116
117The following functions will be removed from a future version of Perl,
118and should not be used. With participating C compilers (e.g., gcc),
119compiling any file that uses any of these will generate a warning.
120These were not intended for public use; there are equivalent, faster,
121macros for most of them. See L<perlapi/Character classes>:
122C<is_uni_ascii>, C<is_uni_ascii_lc>, C<is_uni_blank>, C<is_uni_blank_lc>,
123C<is_uni_cntrl>, C<is_uni_cntrl_lc>, C<is_uni_idfirst_lc>, C<is_uni_space>,
124C<is_uni_space_lc>, C<is_uni_xdigit>, C<is_uni_xdigit_lc>, C<is_utf8_ascii>,
125C<is_utf8_blank>, C<is_utf8_cntrl>, C<is_utf8_idcont>, C<is_utf8_idfirst>,
126C<is_utf8_perl_space>, C<is_utf8_perl_word>, C<is_utf8_posix_digit>,
127C<is_utf8_space>, C<is_utf8_xdigit>. C<is_utf8_xidcont>, C<is_utf8_xidfirst>,
128C<to_uni_lower_lc>, C<to_uni_title_lc>, and C<to_uni_upper_lc>.
129
130=head1 Performance Enhancements
131
132=over 4
133
134=item *
135
136Perl has a new copy-on-write mechanism that avoids the need to copy the
137internal string buffer when assigning from one scalar to another. This
138makes copying large strings appear much faster. Modifying one of the two
139(or more) strings after an assignment will force a copy internally. This
140makes it unnecessary to pass strings by reference for efficiency.
141
142=back
143
144=head1 Modules and Pragmata
145
146=head2 Updated Modules and Pragmata
147
148=over 4
149
150=item *
151
152L<File::DosGlob> has been upgraded from version 1.08 to 1.09. The internal
153cache of file names that it keeps for each caller is now freed when that
154caller is freed. This means
155C<< use File::DosGlob 'glob'; eval 'scalar <*>' >> no longer leaks memory.
156
157=item *
158
159L<File::Glob> has been upgraded from version 1.18 to 1.19. File::Glob has
160had exactly the same fix as File::DosGlob. Since it is what Perl's own
161C<glob> operator itself uses (except on VMS), this means
162C<< eval 'scalar <*>' >> no longer leaks.
163
164=item *
165
166L<GDBM_File> has been upgraded from version 1.14 to 1.15. The undocumented
167optional fifth parameter to C<TIEHASH> has been removed. This was intended
168to provide control of the callback used by C<gdbm*> functions in case of
169fatal errors (such as filesystem problems), but did not work (and could
170never have worked). No code on CPAN even attempted to use it. The callback
171is now always the previous default, C<croak>. Problems on some platforms with
172how the C<C> C<croak> function is called have also been resolved.
173
174=item *
175
176L<Module::CoreList> has been upgraded from version 2.78 to 2.79.
177
178=back
179
180=head1 Documentation
181
182=head2 Changes to Existing Documentation
183
184=head3 L<perlapi/Character classes>
185
186=over 4
187
188=item *
189
190There are quite a few macros callable from XS modules that classify
191characters into things like alphabetic, punctuation, etc. More of these
192are now documented, including ones which work on characters whose code
193points are outside the Latin-1 range.
194
195=back
196
197=head1 Diagnostics
198
199The following additions or changes have been made to diagnostic output,
200including warnings and fatal error messages. For the complete list of
201diagnostic messages, see L<perldiag>.
202
203=head2 Changes to Existing Diagnostics
204
205=over 4
206
207=item *
208
209L<Constant(%s): Call to &{$^H{%s}} did not return a defined value|perldiag/Constant(%s): Call to &{$^H{%s}} did not return a defined value>
210
211Constant overloading that returns C<undef> results in this error message.
212For numeric constants, it used to say "Constant(undef)". "undef" has been
213replaced with the number itself.
214
215=back
216
217=head1 Internal Changes
218
219=over 4
220
221=item *
222
223SvUPGRADE() is no longer an expression. Originally this macro (and its
224underlying function, sv_upgrade()) were documented as boolean, although
225in reality they always croaked on error and never returned false. In 2005
226the documentation was updated to specify a void return value, but
227SvUPGRADE() was left always returning 1 for backwards compatibility. This
228has now been removed, and SvUPGRADE() is now a statement with no return
229value.
230
231So this is now a syntax error:
232
233 if (!SvUPGRADE(sv)) { croak(...); }
234
235If you have code like that, simply replace it with
236
237 SvUPGRADE(sv);
238
239or to to avoid compiler warnings with older perls, possibly
240
241 (void)SvUPGRADE(sv);
242
243=item *
244
245Perl has a new copy-on-write mechanism that allows any SvPOK scalar to be
246upgraded to a copy-on-write scalar. A reference count on the string buffer
247is stored in the string buffer itself.
248
249This breaks a few XS modules by allowing copy-on-write scalars to go
250through code paths that never encountered them before.
251
252This behaviour can still be disabled by running F<Configure> with
253B<-Accflags=-DPERL_NO_COW>. This option will probably be removed in Perl
2545.20.
255
256=item *
257
258Copy-on-write no longer uses the SvFAKE and SvREADONLY flags. Hence,
259SvREADONLY indicates a true read-only SV.
260
261Use the SvIsCOW macro (as before) to identify a copy-on-write scalar.
262
263=item *
264
265C<PL_sawampersand> is now a constant. The switch this variable provided
266(to enable/disable the pre-match copy depending on whether C<$&> had been
267seen) has been removed and replaced with copy-on-write, eliminating a few
268bugs.
269
270The previous behaviour can still be enabled by running F<Configure> with
271B<-Accflags=-DPERL_SAWAMPERSAND>.
272
273=item *
274
275PL_glob_index is gone.
276
277=back
278
279=head1 Selected Bug Fixes
280
281=over 4
282
283=item *
284
285C<sort {undef} ...> under fatal warnings no longer crashes. It started
286crashing in Perl 5.16.
287
288=item *
289
290Stashes blessed into each other
291(C<bless \%Foo::, 'Bar'; bless \%Bar::, 'Foo'>) no longer result in double
292frees. This bug started happening in Perl 5.16.
293
294=item *
295
296Numerous memory leaks have been fixed, mostly involving fatal warnings and
297syntax errors.
298
299=item *
300
301Lexical constants (C<my sub answer () { 42 }>) no longer cause double
302frees.
303
304=item *
305
306Constant subroutine redefinition warns by default, but lexical constants
307were accidentally exempt from default warnings. This has been corrected.
308
309=item *
310
311Some failed regular expression matches such as C<'f' =~ /../g> were not
312resetting C<pos>. Also, "match-once" patterns (C<m?...?g>) failed to reset
313it, too, when invoked a second time [perl #23180].
314
315=item *
316
317Accessing C<$&> after a pattern match now works if it had not been seen
318before the match. I.e., this applies to C<${'&'}> (under C<no strict>) and
319C<eval '$&'>. The same applies to C<$'> and C<$`> [perl #4289].
320
321=item *
322
323Several bugs involving C<local *ISA> and C<local *Foo::> causing stale
324MRO caches have been fixed.
325
326=item *
327
328Defining a subroutine when its typeglob has been aliased no longer results
329in stale method caches. This bug was introduced in Perl 5.10.
330
331=item *
332
333Localising a typeglob containing a subroutine when the typeglob's package
334has been deleted from its parent stash no longer produces an error. This
335bug was introduced in Perl 5.14.
336
337=item *
338
339Under some circumstances, C<local *method=...> would fail to reset method
340caches upon scope exit.
341
342=item *
343
344C</[.foo.]/> is no longer an error, but produces a warning (as before) and
345is treated as C</[.fo]/> [perl #115818].
346
347=item *
348
349C<goto $tied_var> now calls FETCH before deciding what type of goto
350(subroutine or label) this is.
351
352=item *
353
354Renaming packages through glob assignment
355(C<*Foo:: = *Bar::; *Bar:: = *Baz::>) in combination with C<m?...?> and
356C<reset> no longer makes threaded builds crash.
357
358=item *
359
360An earlier release in the 5.17.x series could crash if user code prevented
361_charnames from loading via C<$INC{'_charnames.pm'}++>.
362
363=item *
364
365A number of bugs related to assigning a list to hash have been fixed. Many of
366these involve lists with repeated keys like C<(1, 1, 1, 1)>.
367
7a4cf484 368=over 4
6253ee75 369
7a4cf484 370=item *
6253ee75
DR
371
372The expression C<scalar(%h = (1, 1, 1, 1))> now returns C<4>, not C<2>.
373
7a4cf484 374=item *
6253ee75
DR
375
376The return value of C<%h = (1, 1, 1)> in list context was wrong. Previously
377this would return C<(1, undef, 1)>, now it returns C<(1, undef)>.
378
7a4cf484 379=item *
6253ee75
DR
380
381Perl now issues the same warning on C<($s, %h) = (1, {})> as it does for
382C<(%h) = ({})>, "Reference found where even-sized list expected".
383
7a4cf484 384=item *
6253ee75
DR
385
386A number of additional edge cases in list assignment to hashes were
387corrected. For more details see commit 23b7025ebc.
388
389=back
390
391=back
392
393=head1 Known Problems
394
395There may be a failure in the F<t/op/require_errors.t> test if you run the
396test suite as the root user.
397
398=head1 Acknowledgements
399
400Perl 5.17.7 represents approximately 4 weeks of development since Perl 5.17.6
401and contains approximately 30,000 lines of changes across 490 files from 26
402authors.
403
404Perl continues to flourish into its third decade thanks to a vibrant community
405of users and developers. The following people are known to have contributed the
406improvements that became Perl 5.17.7:
407
408Alexandr Ciornii, Bob Ernst, Brian Carlson, Chris 'BinGOs' Williams, Craig A.
409Berry, Daniel Dragan, Dave Rolsky, David Mitchell, Father Chrysostomos, Hugo
410van der Sanden, James E Keenan, Joel Berger, Karl Williamson, Lukas Mai, Martin
411Hasch, Matthew Horsfall, Nicholas Clark, Ricardo Signes, Ruslan Zakirov, Sergey
412Alekseev, Steffen Müller, Sullivan Beck, Sven Strickroth, Sébastien
413Aperghis-Tramoni, Tony Cook, Yves Orton.
414
415The list above is almost certainly incomplete as it is automatically generated
416from version control history. In particular, it does not include the names of
417the (very much appreciated) contributors who reported issues to the Perl bug
418tracker.
419
420Many of the changes included in this version originated in the CPAN modules
421included in Perl's core. We're grateful to the entire CPAN community for
422helping Perl to flourish.
423
424For a more complete list of all of Perl's historical contributors, please see
425the F<AUTHORS> file in the Perl source distribution.
426
427=head1 Reporting Bugs
428
429If you find what you think is a bug, you might check the articles recently
430posted to the comp.lang.perl.misc newsgroup and the perl bug database at
431http://rt.perl.org/perlbug/ . There may also be information at
432http://www.perl.org/ , the Perl Home Page.
433
434If you believe you have an unreported bug, please run the L<perlbug> program
435included with your release. Be sure to trim your bug down to a tiny but
436sufficient test case. Your bug report, along with the output of C<perl -V>,
437will be sent off to perlbug@perl.org to be analysed by the Perl porting team.
438
439If the bug you are reporting has security implications, which make it
440inappropriate to send to a publicly archived mailing list, then please send it
441to perl5-security-report@perl.org. This points to a closed subscription
442unarchived mailing list, which includes all the core committers, who will be
443able to help assess the impact of issues, figure out a resolution, and help
444co-ordinate the release of patches to mitigate or fix the problem across all
445platforms on which Perl is supported. Please only use this address for
446security issues in the Perl core, not for modules independently distributed on
447CPAN.
448
449=head1 SEE ALSO
450
451The F<Changes> file for an explanation of how to view exhaustive details on
452what changed.
453
454The F<INSTALL> file for how to build Perl.
455
456The F<README> file for general stuff.
457
458The F<Artistic> and F<Copying> files for copyright information.
459
460=cut