[ this is a template for a new perldelta file. Any text flagged as XXX needs
to be processed before release. ]
-perldelta - what is new for perl v5.25.5
+perldelta - what is new for perl v5.25.9
=head1 DESCRIPTION
-This document describes differences between the 5.25.4 release and the 5.25.5
+This document describes differences between the 5.25.8 release and the 5.25.9
release.
-If you are upgrading from an earlier release such as 5.25.3, first read
-L<perl5254delta>, which describes differences between 5.25.3 and 5.25.4.
+If you are upgrading from an earlier release such as 5.25.7, first read
+L<perl5258delta>, which describes differences between 5.25.7 and 5.25.8.
=head1 Notice
vulnerabilities closed should be noted here rather than in the
L</Selected Bug Fixes> section.
-=head2 "Escaped" colons and relative paths in PATH
-
-On Unix systems, Perl treats any relative paths in the PATH environment
-variable as tainted when starting a new process. Previously, it was
-allowing a backslash to escape a colon (unlike the OS), consequently
-allowing relative paths to be considered safe if the PATH was set to
-something like C</\:.>. The check has been fixed to treat C<.> as tainted
-in that example.
+[ List each security issue as a =head2 entry ]
=head1 Incompatible Changes
=head1 Deprecations
-XXX Any deprecated features, syntax, modules etc. should be listed here.
+=head2 String delimiters that aren't stand-alone graphemes are now
+deprecated
+
+In order for Perl to eventually allow string delimiters to be Unicode
+grapheme clusters (which look like a single character, but may be
+a sequence of several ones), we have to stop allowing a single char
+delimiter that isn't a grapheme by itself. These are unlikely to exist
+in actual code, as they would typically display as attached to the
+character in front of them.
=head2 Module removals
=item *
-L<Filter::Simple> has been upgraded from version 0.92 to 0.93.
+L<XXX> has been upgraded from version A.xx to B.yy.
+
+=item *
+
+L<B::Xref> has been upgraded from version 1.05 to 1.06.
+
+=item *
+
+L<Compress::Raw::Bzip2> has been upgraded from version 2.069 to 2.070.
+
+=item *
+
+L<Compress::Raw::Zlib> has been upgraded from version 2.069 to 2.070.
+
+=item *
+
+L<DB_File> has been upgraded from version 1.838 to 1.840.
+
+=item *
+
+L<Devel::SelfStubber> has been upgraded from version 1.05 to 1.06.
+
+=item *
+
+L<diagnostics> has been upgraded from version 1.35 to 1.36.
+
+=item *
+
+L<DynaLoader> has been upgraded from version 1.40 to 1.41.
+
+=item *
+
+L<Errno> has been upgraded from version 1.27 to 1.28.
+
+=item *
+
+L<ExtUtils::Embed> has been upgraded from version 1.33 to 1.34.
+
+=item *
+
+L<I18N::LangTags> has been upgraded from version 0.41 to 0.42.
+
+=item *
+
+L<lib> has been upgraded from version 0.63 to 0.64.
+
+=item *
+
+L<Module::CoreList> has been upgraded from version 5.20161220 to 5.20170120.
+
+=item *
+
+L<OS2::Process> has been upgraded from version 1.11 to 1.12.
+
+=item *
+
+L<perl5db.pl> has been upgraded from version 1.50 to 1.51.
+
+=item *
+
+L<Storable> has been upgraded from version 2.59 to 2.61.
+
+=item *
+
+L<Symbol> has been upgraded from version 1.07 to 1.08.
+
+=item *
+
+L<Term::ReadLine> has been upgraded from version 1.15 to 1.16.
+
+=item *
+
+L<Test> has been upgraded from version 1.29 to 1.30.
+
+=item *
-It no longer treats C<no MyFilter> immediately following C<use MyFilter> as
-end-of-file. [perl #107726]
+L<threads::shared> has been upgraded from version 1.52 to 1.53.
+
+=item *
+
+L<Unicode::UCD> has been upgraded from version 0.67 to 0.68.
+
+=item *
+
+L<VMS::DCLsym> has been upgraded from version 1.07 to 1.08.
+
+=item *
+
+L<XSLoader> has been upgraded from version 0.24 to 0.26.
=back
However, any changes to F<pod/perldiag.pod> should go in the L</Diagnostics>
section.
-=head3 L<perlinterp>
+=head3 L<XXX>
=over 4
=item *
-L<perlinterp> has been expanded to give a more detailed example of how to
-hunt around in the parser to how a given operator is handled.
+XXX Description of the change here
=back
=over 4
-=item VMS
-
-=over 4
-
-=item *
-
-The path separator for the C<PERL5LIB> and C<PERLLIB> environment entries is
-now a colon (C<:>) when running under a Unix shell. There is no change when
-running under DCL (it's still C<|>).
+=item XXX-some-platform
-=back
+XXX
=back
=item *
-XXX
+New versions of macros like C<isALPHA_utf8> and C<toLOWER_utf8> have
+been added, each with the
+suffix C<_safe>, like C<isSPACE_utf8_safe>. These take an extra
+parameter, giving an upper limit of how far into the string it is safe
+to read. Using the old versions could cause attempts to read beyond the
+end of the input buffer if the UTF-8 is not well-formed, and ther use
+now raises a deprecation warning. Details are at
+L<perlapi/Character classification>.
+
+=item *
+
+Calling macros like C<isALPHA_utf8> on malformed UTF-8 have issued a
+deprecation warning since Perl v5.18. They now die.
+Similarly, macros like C<toLOWER_utf8> on malformed UTF-8 now die.
+
+=item *
+
+Calling the functions C<utf8n_to_uvchr> and its derivatives, while
+passing a string length of 0 is now asserted against in DEBUGGING
+builds, and otherwise returns the Unicode REPLACEMENT CHARACTER. If
+you have nothing to decode, you shouldn't call the decode function.
+
+=item *
+
+The functions C<utf8n_to_uvchr> and its derivatives now return the
+Unicode REPLACEMENT CHARACTER if called with UTF-8 that has the overlong
+malformation, and that malformation is allowed by the input parameters.
+This malformation is where the UTF-8 looks valid syntactically, but
+there is a shorter sequence that yields the same code point. This has
+been forbidden since Unicode version 3.1.
+
+=item *
+
+The functions C<utf8n_to_uvchr> and its derivatives now accept an input
+flag to allow the overflow malformation. This malformation is when the
+UTF-8 may be syntactically valid, but the code point it represents is
+not capable of being represented in the word length on the platform.
+What "allowed" means in this case is that the function doesn't return an
+error, and advances the parse pointer to beyond the UTF-8 in question,
+but it returns the Unicode REPLACEMENT CHARACTER as the value of the
+code point (since the real value is not representable).
=back
=item *
-Invalid assignments to a reference constructor (e.g., C<\eval=time>) could
-sometimes crash in addition to giving a syntax error. [perl #125679]
-
-=item *
-
-The parser could sometimes crash if a bareword came after C<evalbytes>.
-[perl #129196]
+Under C<use utf8>, the entire Perl program is now checked that the UTF-8
+is wellformed. This resolves [perl #126310].
=back
XXX Generate this with:
- perl Porting/acknowledgements.pl v5.25.4..HEAD
+ perl Porting/acknowledgements.pl v5.25.5..HEAD
=head1 Reporting Bugs
https://perl5.git.perl.org / perl5.git / blobdiff