Commit | Line | Data |
---|---|---|
7e7cfa2d FR |
1 | =encoding utf8 |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | perl5175delta - what is new for perl v5.17.5 | |
6 | ||
7 | =head1 DESCRIPTION | |
8 | ||
9 | This document describes differences between the 5.17.4 release and the 5.17.5 | |
10 | release. | |
11 | ||
12 | If you are upgrading from an earlier release such as 5.17.3, first read | |
13 | L<perl5174delta>, which describes differences between 5.17.3 and 5.17.4. | |
14 | ||
15 | =head1 Core Enhancements | |
16 | ||
17 | =head2 Upgrade to Unicode 6.2 | |
18 | ||
19 | Perl now supports the final version of Unicode 6.2. Earlier releases in | |
20 | the 5.17 series supported Unicode 6.2 beta versions. There were no | |
21 | substantive changes in the final Unicode 6.2 version from the most | |
22 | recent beta, included in Perl 5.17.4. A list of changes from Unicode | |
23 | 6.1 is at L<http://www.unicode.org/versions/Unicode6.2.0>. | |
24 | ||
25 | =head1 Security | |
26 | ||
27 | =head2 Avoid calling memset with a negative count | |
28 | ||
29 | Poorly written perl code that allows an attacker to specify the count to perl's | |
30 | C<x> string repeat operator can already cause a memory exhaustion | |
31 | denial-of-service attack. A flaw in versions of perl before 5.15.5 can escalate | |
32 | that into a heap buffer overrun; coupled with versions of glibc before 2.16, it | |
33 | possibly allows the execution of arbitrary code. | |
34 | ||
35 | The flaw addressed to this commit has been assigned identifier CVE-2012-5195. | |
36 | ||
37 | =head1 Incompatible Changes | |
38 | ||
39 | =head2 New Restrictions in Multi-Character Case-Insensitive Matching in Regular Expression Bracketed Character Classes | |
40 | ||
41 | Unicode has now withdrawn their previous recommendation for regular | |
42 | expressions to automatically handle cases where a single character can | |
43 | match multiple characters case-insensitively; for example, the letter | |
44 | LATIN SMALL LETTER SHARP S and the sequence C<ss>. This is because | |
45 | it turns out to be impracticable to do this correctly in all | |
46 | circumstances. Because Perl has tried to do this as best it can, it | |
47 | will continue to do so. (We are considering an option to turn it off.) | |
48 | However, a new restriction is being added on such matches when they | |
49 | occur in [bracketed] character classes. People were specifying | |
50 | things such as C</[\0-\xff]/i>, and being surprised that it matches the | |
51 | two character sequence C<ss> (since LATIN SMALL LETTER SHARP S occurs in | |
52 | this range). This behavior is also inconsistent with the using a | |
53 | property instead of a range: C<\p{Block=Latin1}> also includes LATIN | |
54 | SMALL LETTER SHARP S, but C</[\p{Block=Latin1}]/i> does not match C<ss>. | |
55 | The new rule is that for there to be a multi-character case-insensitive | |
56 | match within a bracketed character class, the character must be | |
57 | explicitly listed, and not as an end point of a range. This more | |
58 | closely obeys the Principle of Least Astonishment. See | |
59 | L<perlrecharclass/Bracketed Character Classes>. Note that a bug [perl | |
60 | #89774], now fixed as part of this change, prevented the previous | |
61 | behavior from working fully. | |
62 | ||
63 | =head2 Change to Warnings About Lexical Subroutines | |
64 | ||
65 | The warnings category for lexical subroutines is now | |
66 | "experimental::lexical_subs", with two colons, not | |
67 | "experimental:lexical_subs"; | |
68 | ||
69 | =head1 Modules and Pragmata | |
70 | ||
71 | =head2 Updated Modules and Pragmata | |
72 | ||
73 | =over 4 | |
74 | ||
75 | =item * | |
76 | ||
77 | L<AutoLoader> has been upgraded from version 5.72 to 5.73. | |
78 | ||
79 | =item * | |
80 | ||
81 | L<B::Deparse> has been upgraded from version 1.17 to 1.18. It no longer | |
82 | dies when deparsing C<sort> without arguments. It now correctly omits the | |
83 | comma for C<system $prog @args> and C<exec $prog @args>. | |
84 | ||
85 | =item * | |
86 | ||
87 | L<bignum>, L<bigint> and L<bigrat> have been upgraded from version 0.30 to | |
88 | 0.31. The overrides for C<hex> and C<oct> have been rewritten, eliminating | |
89 | several problems, and making one incompatible change: | |
90 | ||
91 | =over | |
92 | ||
93 | =item * | |
94 | ||
95 | Formerly, whichever of C<use bigint> or C<use bigrat> was compiled later | |
96 | would take precedence over the other, causing C<hex> and C<oct> not to | |
97 | respect the other pragma when in scope. | |
98 | ||
99 | =item * | |
100 | ||
101 | Using any of these three pragmata would cause C<hex> and C<oct> anywhere | |
102 | else in the program to evalute their arguments in list context and prevent | |
103 | them from inferring $_ when called without arguments. | |
104 | ||
105 | =item * | |
106 | ||
107 | Using any of these three pragmata would make C<oct("1234")> return 1234 | |
108 | (for any number not beginning with 0) anywhere in the program. Now "1234" | |
109 | is translated from octal to decimal, whether within the pragma's scope or | |
110 | not. | |
111 | ||
112 | =item * | |
113 | ||
114 | The global overrides that facilitate lexical use of C<hex> and C<oct> now | |
115 | respect any existing overrides that were in place before the new overrides | |
116 | were installed, falling back to them outside of the scope of C<use bignum>. | |
117 | ||
118 | =item * | |
119 | ||
120 | C<use bignum "hex">, C<use bignum "oct"> and similar invocations for bigint | |
121 | and bigrat now export a C<hex> or C<oct> function, instead of providing a | |
122 | global override. | |
123 | ||
124 | =back | |
125 | ||
126 | =item * | |
127 | ||
128 | L<Carp> has been upgraded from version 1.26 to 1.27. The C<longmess()> and | |
129 | C<shortmess()> functions are now documented. | |
130 | ||
131 | =item * | |
132 | ||
133 | L<CPANPLUS> has been upgraded from version 0.9131 to 0.9133. | |
134 | ||
135 | =item * | |
136 | ||
137 | L<Data::Dumper> has been upgraded from version 2.135_07 to 2.136. This promotes | |
138 | the previous development release to a stable release. | |
139 | ||
140 | =item * | |
141 | ||
142 | L<Digest::SHA> has been upgraded from version 5.71 to 5.72. | |
143 | ||
144 | =item * | |
145 | ||
146 | L<ExtUtils::CBuilder> has been upgraded from version 0.280208 to 0.280209. A | |
147 | list of symbols to export can now be passed to C<link()> when on Windows, as on | |
148 | other OSes [perl #115100]. | |
149 | ||
150 | =item * | |
151 | ||
152 | L<feature> has been upgraded from version 1.30 to 1.31. | |
153 | ||
154 | =item * | |
155 | ||
156 | L<File::Glob> has been upgraded from version 1.17 to 1.18. A | |
157 | space-separated list of patterns return long lists of results no longer | |
158 | results in memory corruption or crashes. This bug was introduced in Perl | |
159 | 5.16.0. [perl #114984] | |
160 | ||
161 | =item * | |
162 | ||
163 | L<HTTP::Tiny> has been upgraded from version 0.022 to 0.024. This improves | |
164 | SSL support. | |
165 | ||
166 | =item * | |
167 | ||
168 | L<Module::CoreList> has been upgraded from version 2.73 to 2.75. | |
169 | ||
170 | =item * | |
171 | ||
172 | L<PerlIO::encoding> has been upgraded from version 0.15 to 0.16. This is | |
173 | the module implementing the ":encoding(...)" I/O layer. It no longer | |
174 | corrupts memory or crashes when the encoding back-end reallocates the | |
175 | buffer or gives it a typeglob or shared hash key scalar. | |
176 | ||
177 | =item * | |
178 | ||
179 | L<threads::shared> has been upgraded from version 1.41 to 1.42. This adds | |
180 | support for dual-valued values as created by | |
181 | L<Scalar::Util::dualvar|Scalar::Util/"dualvar NUM, STRING">. | |
182 | ||
183 | =item * | |
184 | ||
185 | L<Unicode::Collate> hsa been upgraded from version 0.89 to 0.90. | |
186 | ||
187 | =item * | |
188 | ||
189 | L<Unicode::Normalize> has been upgraded from version 1.14 to 1.15. | |
190 | ||
191 | =item * | |
192 | ||
193 | L<warnings> has been upgraded from version 1.14 to 1.15. | |
194 | ||
195 | =item * | |
196 | ||
197 | L<Win32CORE> has been upgraded from version 0.03 to 0.04. | |
198 | ||
199 | =back | |
200 | ||
201 | =head1 Diagnostics | |
202 | ||
203 | The following additions or changes have been made to diagnostic output, | |
204 | including warnings and fatal error messages. For the complete list of | |
205 | diagnostic messages, see L<perldiag>. | |
206 | ||
207 | =head2 Changes to Existing Diagnostics | |
208 | ||
209 | =over 4 | |
210 | ||
211 | =item * | |
212 | ||
213 | The error produced when a module cannot be loaded now includes a hint that | |
214 | the module may need to be installed: "Can't locate hopping.pm in @INC (you | |
215 | may need to install the hopping module) (@INC contains: ...)" | |
216 | ||
217 | =back | |
218 | ||
219 | =head1 Utility Changes | |
220 | ||
221 | =head3 L<h2xs> | |
222 | ||
223 | =over 4 | |
224 | ||
225 | =item * | |
226 | ||
227 | F<h2xs> no longer produces invalid code for empty defines. [perl #20636] | |
228 | ||
229 | =back | |
230 | ||
231 | =head1 Platform Support | |
232 | ||
233 | =head2 Discontinued Platforms | |
234 | ||
235 | =over 4 | |
236 | ||
237 | =item MPE/IX | |
238 | ||
239 | Support for MPE/IX has been removed. | |
240 | ||
241 | =back | |
242 | ||
243 | =head2 Platform-Specific Notes | |
244 | ||
245 | =over 4 | |
246 | ||
247 | =item Win32 | |
248 | ||
249 | The option to build without USE_SOCKETS_AS_HANDLES has been removed. | |
250 | ||
251 | =back | |
252 | ||
253 | =head1 Internal Changes | |
254 | ||
255 | =over 4 | |
256 | ||
257 | =item * | |
258 | ||
259 | Case-insensitive matching inside a [bracketed] character class with a | |
260 | multi-character fold, no longer excludes one of the possibilities in the | |
261 | circumstances that it used to. [perl #89774]. | |
262 | ||
263 | =item * | |
264 | ||
265 | C<PL_formfeed> has been removed. | |
266 | ||
267 | =item * | |
268 | ||
269 | The regular expression engine no longer reads one byte past the end of the | |
270 | target string. While for all internally well-formed scalars this should | |
271 | never have been a problem, this change facilitates clever tricks with | |
272 | string buffers in CPAN modules. [perl #73542] | |
273 | ||
274 | =item * | |
275 | ||
276 | Inside a BEGIN block, C<PL_compcv> now points to the currently-compiling | |
277 | subroutine, rather than the BEGIN block itself. | |
278 | ||
279 | =item * | |
280 | ||
281 | C<mg_length> has been deprecated. | |
282 | ||
283 | =item * | |
284 | ||
285 | C<sv_len> now always returns a byte count and C<sv_len_utf8> a character | |
286 | count. Previously, C<sv_len> and C<sv_len_utf8> were both buggy and would | |
287 | sometimes returns bytes and sometimes characters. C<sv_len_utf8> no longer | |
288 | assumes that its argument is in UTF8. Neither of these creates UTF8 caches | |
289 | for tied or overloaded values or for non-PVs any more. | |
290 | ||
291 | =item * | |
292 | ||
293 | C<sv_mortalcopy> now copies string buffers of shared hash key scalars when | |
294 | called from XS modules [perl #79824]. | |
295 | ||
296 | =item * | |
297 | ||
298 | C<RXf_SPLIT> and C<RXf_SKIPWHITE> are no longer used. They are now | |
299 | #defined as 0. | |
300 | ||
301 | =item * | |
302 | ||
303 | The new C<RXf_MODIFIES_VARS> flag can be set by custom regular expression | |
304 | engines to indicate that the execution of the regular expression may cause | |
305 | variables to be modified. This lets C<s///> know to skip certain | |
306 | optimisations. Perl's own regular expression engine sets this flag for the | |
307 | special backtracking verbs that set $REGMARK and $REGERROR. | |
308 | ||
309 | =back | |
310 | ||
311 | =head1 Selected Bug Fixes | |
312 | ||
313 | =over 4 | |
314 | ||
315 | =item * | |
316 | ||
317 | A bug, case-insensitive regex with UTF8-flagged strings, introduced | |
318 | earlier in the 5.17 series has been fixed. [perl #114982] | |
319 | ||
320 | =item * | |
321 | ||
322 | Attributes applied to lexical variables no longer leak memory. | |
323 | [perl #114764] | |
324 | ||
325 | =item * | |
326 | ||
327 | C<dump>, C<goto>, C<last>, C<next>, C<redo> or C<require> followed by a | |
328 | bareword (or version) and then an infix operator is no longer a syntax | |
329 | error. It used to be for those infix operators (like C<+>) that have a | |
330 | different meaning where a term is expected. [perl #105924] | |
331 | ||
332 | =item * | |
333 | ||
334 | C<require a::b . 1> and C<require a::b + 1> no longer produce erroneous | |
335 | ambiguity warnings. [perl #107002] | |
336 | ||
337 | =item * | |
338 | ||
339 | Class method calls are now allowed on any string, and not just strings | |
340 | beginning with an alphanumeric character. [perl #105922] | |
341 | ||
342 | =item * | |
343 | ||
344 | An empty pattern created with C<qr//> used in C<m///> no longer triggers | |
345 | the "empty pattern reuses last pattern" behaviour. [perl #96230] | |
346 | ||
347 | =item * | |
348 | ||
349 | Tying a hash during iteration no longer results in a memory leak. | |
350 | ||
351 | =item * | |
352 | ||
353 | Freeing a tied hash during iteration no longer results in a memory leak. | |
354 | ||
355 | =item * | |
356 | ||
357 | List assignment to a tied array or hash that dies on STORE no longer | |
358 | results in a memory leak. | |
359 | ||
360 | =item * | |
361 | ||
362 | If the hint hash (C<%^H>) is tied, compile-time scope entry (which copies | |
363 | the hint hash) no longer leaks memory if FETCH dies. [perl #107000] | |
364 | ||
365 | =item * | |
366 | ||
367 | Constant folding no longer inappropriately triggers the special | |
368 | C<split " "> behaviour. [perl #94490] | |
369 | ||
370 | =item * | |
371 | ||
372 | C<defined scalar(@array)>, C<defined do { &foo }>, and similar constructs | |
373 | now treat the argument to C<defined> as a simple scalar. [perl #97466] | |
374 | ||
375 | =item * | |
376 | ||
377 | Running a custom debugging that defines no C<*DB::DB> glob or provides a | |
378 | subroutine stub for C<&DB::DB> no longer results in a crash, but an error | |
379 | instead. [perl #114990] | |
380 | ||
381 | =item * | |
382 | ||
383 | C<reset ""> now matches its documentation. C<reset> only resets C<m?...?> | |
384 | patterns when called with no argument. An empty string for an argument now | |
385 | does nothing. (It used to be treated as no argument.) [perl #97958] | |
386 | ||
387 | =item * | |
388 | ||
389 | C<printf> with an argument returning an empty list no longer reads past the | |
390 | end of the stack, resulting in erratic behaviour. [perl #77094] | |
391 | ||
392 | =item * | |
393 | ||
394 | C<--subname> no longer produces erroneous ambiguity warnings. | |
395 | [perl #77240] | |
396 | ||
397 | =item * | |
398 | ||
399 | C<v10> is now allowed as a label or package name. This was inadvertently | |
400 | broken when v-strings were added in Perl 5.6. [perl #56880] | |
401 | ||
402 | =item * | |
403 | ||
404 | A regression introduced in 5.17.2 has been fixed, which made C</[\@\\]||/> | |
405 | result in a "panic" error. [perl #115050] | |
406 | ||
407 | =item * | |
408 | ||
409 | C<length>, C<pos>, C<substr> and C<sprintf> could be confused by ties, | |
410 | overloading, references and typeglobs if the stringification of such | |
411 | changed the internal representation to or from UTF8. [perl #114410] | |
412 | ||
413 | =item * | |
414 | ||
415 | utf8::encode now calls FETCH and STORE on tied variables. utf8::decode now | |
416 | calls STORE (it was already calling FETCH). | |
417 | ||
418 | =item * | |
419 | ||
420 | C<$tied =~ s/$non_utf8/$utf8/> no longer loops infinitely if the tied | |
421 | variable returns a Latin-1 string, shared hash key scalar, or reference or | |
422 | typeglob that stringifies as ASCII or Latin-1. This is a regression from | |
423 | 5.12.x. | |
424 | ||
425 | =item * | |
426 | ||
427 | C<s///> without /e is now better at detecting when it needs to forego | |
428 | certain optimisations, fixing some buggy cases: | |
429 | ||
430 | =over | |
431 | ||
432 | =item * | |
433 | ||
434 | Match variables in certain constructs (C<&&>, C<||>, C<..> and others) in | |
435 | the replacement part; e.g., C<s/(.)/$l{$a||$1}/g>. [perl #26986] | |
436 | ||
437 | =item * | |
438 | ||
439 | Aliases to match variables in the replacement. | |
440 | ||
441 | =item * | |
442 | ||
443 | $REGERROR or $REGMARK in the replacement. [perl #49190] | |
444 | ||
445 | =item * | |
446 | ||
447 | An empty pattern (C<s//$foo/>) that causes the last-successful pattern to | |
448 | be used, when that pattern contains code blocks that modify the variables | |
449 | in the replacement. | |
450 | ||
451 | =back | |
452 | ||
453 | =item * | |
454 | ||
455 | The taintedness of the replacement string no longer affects the taintedness | |
456 | of the return value of C<s///e>. | |
457 | ||
458 | =item * | |
459 | ||
460 | The C<$|> autoflush variable is created on-the-fly when needed. If this | |
461 | happened (e.g., if it was mentioned in a module or eval) when the | |
462 | currently-selected filehandle was a typeglob with an empty IO slot, it used | |
463 | to crash. [perl #115206] | |
464 | ||
465 | =item * | |
466 | ||
467 | Line numbers at the end of a string eval are no longer off by one. | |
468 | [perl #114658] | |
469 | ||
470 | =item * | |
471 | ||
472 | @INC filters (subroutines returned by subroutines in @INC) that set $_ to a | |
473 | copy-on-write scalar no longer cause the parser to modify that string | |
474 | buffer in place. | |
475 | ||
476 | =item * | |
477 | ||
478 | C<length($object)> no longer returns the undefined value if the object has | |
479 | string overloading that returns undef. [perl #115260] | |
480 | ||
481 | =item * | |
482 | ||
483 | The use of C<PL_stashcache>, the stash name lookup cache for method calls, has | |
484 | been restored, | |
485 | ||
486 | Commit da6b625f78f5f133 in August 2011 inadvertently broke the code that looks | |
487 | up values in C<PL_stashcache>. As it's a only cache, quite correctly everything | |
488 | carried on working without it. | |
489 | ||
490 | =back | |
491 | ||
492 | =head1 Acknowledgements | |
493 | ||
494 | Perl 5.17.5 represents approximately 4 weeks of development since Perl 5.17.4 | |
495 | and contains approximately 17,000 lines of changes across 310 files from 32 | |
496 | authors. | |
497 | ||
498 | Perl continues to flourish into its third decade thanks to a vibrant community | |
499 | of users and developers. The following people are known to have contributed the | |
500 | improvements that became Perl 5.17.5: | |
501 | ||
502 | Aaron Crane, Adrian M. Enache, Andy Dougherty, Brad Gilbert, Chris 'BinGOs' | |
503 | Williams, Colin Kuskie, Craig A. Berry, Daniel Dragan, David Golden, David | |
504 | Mitchell, Dominic Hargreaves, Eric Brine, Father Chrysostomos, Florian Ragwitz, | |
505 | H.Merijn Brand, James E Keenan, Jerry D. Hedden, Jesse Luehrs, Karl Williamson, | |
506 | Nicholas Clark, Niko Tyni, Paul Johnson, Peter Martini, Reini Urban, Ricardo | |
507 | Signes, Ruslan Zakirov, Sawyer X, Smylers, Steffen Müller, Steve Hay, Tony | |
508 | Cook, Yves Orton. | |
509 | ||
510 | The list above is almost certainly incomplete as it is automatically generated | |
511 | from version control history. In particular, it does not include the names of | |
512 | the (very much appreciated) contributors who reported issues to the Perl bug | |
513 | tracker. | |
514 | ||
515 | Many of the changes included in this version originated in the CPAN modules | |
516 | included in Perl's core. We're grateful to the entire CPAN community for | |
517 | helping Perl to flourish. | |
518 | ||
519 | For a more complete list of all of Perl's historical contributors, please see | |
520 | the F<AUTHORS> file in the Perl source distribution. | |
521 | ||
522 | =head1 Reporting Bugs | |
523 | ||
524 | If you find what you think is a bug, you might check the articles recently | |
525 | posted to the comp.lang.perl.misc newsgroup and the perl bug database at | |
526 | http://rt.perl.org/perlbug/ . There may also be information at | |
527 | http://www.perl.org/ , the Perl Home Page. | |
528 | ||
529 | If you believe you have an unreported bug, please run the L<perlbug> program | |
530 | included with your release. Be sure to trim your bug down to a tiny but | |
531 | sufficient test case. Your bug report, along with the output of C<perl -V>, | |
532 | will be sent off to perlbug@perl.org to be analysed by the Perl porting team. | |
533 | ||
534 | If the bug you are reporting has security implications, which make it | |
535 | inappropriate to send to a publicly archived mailing list, then please send it | |
536 | to perl5-security-report@perl.org. This points to a closed subscription | |
537 | unarchived mailing list, which includes all the core committers, who will be | |
538 | able to help assess the impact of issues, figure out a resolution, and help | |
539 | co-ordinate the release of patches to mitigate or fix the problem across all | |
540 | platforms on which Perl is supported. Please only use this address for | |
541 | security issues in the Perl core, not for modules independently distributed on | |
542 | CPAN. | |
543 | ||
544 | =head1 SEE ALSO | |
545 | ||
546 | The F<Changes> file for an explanation of how to view exhaustive details on | |
547 | what changed. | |
548 | ||
549 | The F<INSTALL> file for how to build Perl. | |
550 | ||
551 | The F<README> file for general stuff. | |
552 | ||
553 | The F<Artistic> and F<Copying> files for copyright information. | |
554 | ||
555 | =cut |