summaryrefslogtreecommitdiff
path: root/pod/perldelta.pod
diff options
context:
space:
mode:
Diffstat (limited to 'pod/perldelta.pod')
-rw-r--r--pod/perldelta.pod442
1 files changed, 371 insertions, 71 deletions
diff --git a/pod/perldelta.pod b/pod/perldelta.pod
index 0e30f9f44f..a805175869 100644
--- a/pod/perldelta.pod
+++ b/pod/perldelta.pod
@@ -2,129 +2,429 @@
=head1 NAME
-perldelta - what is new for perl v5.28.3
+[ this is a template for a new perldelta file. Any text flagged as XXX needs
+to be processed before release. ]
+
+perldelta - what is new for perl v5.28.4
=head1 DESCRIPTION
-This document describes differences between the 5.28.2 release and the 5.28.3
+This document describes differences between the 5.28.3 release and the 5.28.4
release.
-If you are upgrading from an earlier release such as 5.28.1, first read
-L<perl5282delta>, which describes differences between 5.28.1 and 5.28.2.
+If you are upgrading from an earlier release such as 5.28.2, first read
+L<perl5283delta>, which describes differences between 5.28.2 and 5.28.3.
+
+=head1 Notice
+
+XXX Any important notices here
+
+=head1 Core Enhancements
+
+XXX New core language features go here. Summarize user-visible core language
+enhancements. Particularly prominent performance optimisations could go
+here, but most should go in the L</Performance Enhancements> section.
+
+[ List each enhancement as a =head2 entry ]
=head1 Security
-=head2 [CVE-2020-10543] Buffer overflow caused by a crafted regular expression
+XXX Any security-related notices go here. In particular, any security
+vulnerabilities closed should be noted here rather than in the
+L</Selected Bug Fixes> section.
-A signed C<size_t> integer overflow in the storage space calculations for
-nested regular expression quantifiers could cause a heap buffer overflow in
-Perl's regular expression compiler that overwrites memory allocated after the
-regular expression storage space with attacker supplied data.
+[ List each security issue as a =head2 entry ]
-The target system needs a sufficient amount of memory to allocate partial
-expansions of the nested quantifiers prior to the overflow occurring. This
-requirement is unlikely to be met on 64-bit systems.
+=head1 Incompatible Changes
-Discovered by: ManhND of The Tarantula Team, VinCSS (a member of Vingroup).
+XXX For a release on a stable branch, this section aspires to be:
-=head2 [CVE-2020-10878] Integer overflow via malformed bytecode produced by a crafted regular expression
+ There are no changes intentionally incompatible with 5.XXX.XXX
+ If any exist, they are bugs, and we request that you submit a
+ report. See L</Reporting Bugs> below.
-Integer overflows in the calculation of offsets between instructions for the
-regular expression engine could cause corruption of the intermediate language
-state of a compiled regular expression. An attacker could abuse this behaviour
-to insert instructions into the compiled form of a Perl regular expression.
+[ List each incompatible change as a =head2 entry ]
-Discovered by: Hugo van der Sanden and Slaven Rezic.
+=head1 Deprecations
-=head2 [CVE-2020-12723] Buffer overflow caused by a crafted regular expression
+XXX Any deprecated features, syntax, modules etc. should be listed here.
-Recursive calls to C<S_study_chunk()> by Perl's regular expression compiler to
-optimize the intermediate language representation of a regular expression could
-cause corruption of the intermediate language state of a compiled regular
-expression.
+=head2 Module removals
-Discovered by: Sergey Aleynikov.
+XXX Remove this section if not applicable.
-=head2 Additional Note
+The following modules will be removed from the core distribution in a
+future release, and will at that time need to be installed from CPAN.
+Distributions on CPAN which require these modules will need to list them as
+prerequisites.
-An application written in Perl would only be vulnerable to any of the above
-flaws if it evaluates regular expressions supplied by the attacker. Evaluating
-regular expressions in this fashion is known to be dangerous since the regular
-expression engine does not protect against denial of service attacks in this
-usage scenario.
+The core versions of these modules will now issue C<"deprecated">-category
+warnings to alert you to this fact. To silence these deprecation warnings,
+install the modules in question from CPAN.
-=head1 Incompatible Changes
+Note that these are (with rare exceptions) fine modules that you are encouraged
+to continue to use. Their disinclusion from core primarily hinges on their
+necessity to bootstrapping a fully functional, CPAN-capable Perl installation,
+not usually on concerns over their design.
+
+=over
+
+=item XXX
+
+XXX Note that deprecated modules should be listed here even if they are listed
+as an updated module in the L</Modules and Pragmata> section.
+
+=back
+
+[ List each other deprecation as a =head2 entry ]
+
+=head1 Performance Enhancements
+
+XXX Changes which enhance performance without changing behaviour go here.
+There may well be none in a stable release.
+
+[ List each enhancement as an =item entry ]
+
+=over 4
+
+=item *
-There are no changes intentionally incompatible with Perl 5.28.2. If any
-exist, they are bugs, and we request that you submit a report. See
-L</Reporting Bugs> below.
+XXX
+
+=back
=head1 Modules and Pragmata
+XXX All changes to installed files in F<cpan/>, F<dist/>, F<ext/> and F<lib/>
+go here. If Module::CoreList is updated, generate an initial draft of the
+following sections using F<Porting/corelist-perldelta.pl>. A paragraph summary
+for important changes should then be added by hand. In an ideal world,
+dual-life modules would have a F<Changes> file that could be cribbed.
+
+The list of new and updated modules is modified automatically as part of
+preparing a Perl release, so the only reason to manually add entries here is if
+you're summarising the important changes in the module update. (Also, if the
+manually-added details don't match the automatically-generated ones, the
+release manager will have to investigate the situation carefully.)
+
+[ Within each section, list entries as an =item entry ]
+
+=head2 New Modules and Pragmata
+
+=over 4
+
+=item *
+
+XXX Remove this section if not applicable.
+
+=back
+
=head2 Updated Modules and Pragmata
=over 4
=item *
-L<Module::CoreList> has been upgraded from version 5.20190419 to 5.20200601_28.
+L<XXX> has been upgraded from version A.xx to B.yy.
+
+If there was something important to note about this change, include that here.
+
+=back
+
+=head2 Removed Modules and Pragmata
+
+=over 4
+
+=item *
+
+XXX
+
+=back
+
+=head1 Documentation
+
+XXX Changes to files in F<pod/> go here. Consider grouping entries by
+file and be sure to link to the appropriate page, e.g. L<perlfunc>.
+
+=head2 New Documentation
+
+XXX Changes which create B<new> files in F<pod/> go here.
+
+=head3 L<XXX>
+
+XXX Description of the purpose of the new file here
+
+=head2 Changes to Existing Documentation
+
+We have attempted to update the documentation to reflect the changes
+listed in this document. If you find any we have missed, send email
+to L<perlbug@perl.org|mailto:perlbug@perl.org>.
+
+XXX Changes which significantly change existing files in F<pod/> go here.
+However, any changes to F<pod/perldiag.pod> should go in the L</Diagnostics>
+section.
+
+Additionally, the following selected changes have been made:
+
+=head3 L<XXX>
+
+=over 4
+
+=item *
+
+XXX Description of the change here
+
+=back
+
+=head1 Diagnostics
+
+The following additions or changes have been made to diagnostic output,
+including warnings and fatal error messages. For the complete list of
+diagnostic messages, see L<perldiag>.
+
+XXX New or changed warnings emitted by the core's C<C> code go here. Also
+include any changes in L<perldiag> that reconcile it to the C<C> code.
+
+=head2 New Diagnostics
+
+XXX Newly added diagnostic messages go under here, separated into New Errors
+and New Warnings
+
+=head3 New Errors
+
+=over 4
+
+=item *
+
+XXX L<message|perldiag/"message">
+
+=back
+
+=head3 New Warnings
+
+=over 4
+
+=item *
+
+XXX L<message|perldiag/"message">
+
+=back
+
+=head2 Changes to Existing Diagnostics
+
+XXX Changes (i.e. rewording) of diagnostic messages go here
+
+=over 4
+
+=item *
+
+XXX Describe change here
+
+=back
+
+=head1 Utility Changes
+
+XXX Changes to installed programs such as F<perlbug> and F<xsubpp> go here.
+Most of these are built within the directory F<utils>.
+
+[ List utility changes as a =head2 entry for each utility and =item
+entries for each change
+Use L<XXX> with program names to get proper documentation linking. ]
+
+=head2 L<XXX>
+
+=over 4
+
+=item *
+
+XXX
+
+=back
+
+=head1 Configuration and Compilation
+
+XXX Changes to F<Configure>, F<installperl>, F<installman>, and analogous tools
+go here. Any other changes to the Perl build process should be listed here.
+However, any platform-specific changes should be listed in the
+L</Platform Support> section, instead.
+
+[ List changes as an =item entry ].
+
+=over 4
+
+=item *
+
+XXX
=back
=head1 Testing
-Tests were added and changed to reflect the other additions and changes in this
-release.
+XXX Any significant changes to the testing of a freshly built perl should be
+listed here. Changes which create B<new> files in F<t/> go here as do any
+large changes to the testing harness (e.g. when parallel testing was added).
+Changes to existing files in F<t/> aren't worth summarizing, although the bugs
+that they represent may be covered elsewhere.
-=head1 Acknowledgements
+XXX If there were no significant test changes, say this:
+
+Tests were added and changed to reflect the other additions and changes
+in this release.
+
+XXX If instead there were significant changes, say this:
+
+Tests were added and changed to reflect the other additions and
+changes in this release. Furthermore, these significant changes were
+made:
+
+[ List each test improvement as an =item entry ]
+
+=over 4
+
+=item *
+
+XXX
+
+=back
+
+=head1 Platform Support
+
+XXX Any changes to platform support should be listed in the sections below.
+
+[ Within the sections, list each platform as an =item entry with specific
+changes as paragraphs below it. ]
+
+=head2 New Platforms
+
+XXX List any platforms that this version of perl compiles on, that previous
+versions did not. These will either be enabled by new files in the F<hints/>
+directories, or new subdirectories and F<README> files at the top level of the
+source tree.
+
+=over 4
+
+=item XXX-some-platform
+
+XXX
+
+=back
+
+=head2 Discontinued Platforms
+
+XXX List any platforms that this version of perl no longer compiles on.
+
+=over 4
+
+=item XXX-some-platform
+
+XXX
-Perl 5.28.3 represents approximately 13 months of development since Perl 5.28.2
-and contains approximately 3,100 lines of changes across 48 files from 16
-authors.
+=back
+
+=head2 Platform-Specific Notes
+
+XXX List any changes for specific platforms. This could include configuration
+and compilation changes or changes in portability/compatibility. However,
+changes within modules for platforms should generally be listed in the
+L</Modules and Pragmata> section.
+
+=over 4
+
+=item XXX-some-platform
+
+XXX
+
+=back
+
+=head1 Internal Changes
+
+XXX Changes which affect the interface available to C<XS> code go here. Other
+significant internal changes for future core maintainers should be noted as
+well.
+
+[ List each change as an =item entry ]
-Excluding auto-generated files, documentation and release tools, there were
-approximately 1,700 lines of changes to 9 .pm, .t, .c and .h files.
+=over 4
+
+=item *
+
+XXX
+
+=back
-Perl continues to flourish into its fourth decade thanks to a vibrant community
-of users and developers. The following people are known to have contributed
-the improvements that became Perl 5.28.3:
+=head1 Selected Bug Fixes
+
+XXX Important bug fixes in the core language are summarized here. Bug fixes in
+files in F<ext/> and F<lib/> are best summarized in L</Modules and Pragmata>.
+
+[ List each fix as an =item entry ]
+
+=over 4
+
+=item *
-Chris 'BinGOs' Williams, Dan Book, Hugo van der Sanden, James E Keenan, John
-Lightsey, Karen Etheridge, Karl Williamson, Matthew Horsfall, Max Maischein,
-Nicolas R., Renee Baecker, Sawyer X, Steve Hay, Tom Hukins, Tony Cook, Zak B.
-Elep.
+XXX
-The list above is almost certainly incomplete as it is automatically generated
-from version control history. In particular, it does not include the names of
-the (very much appreciated) contributors who reported issues to the Perl bug
-tracker.
+=back
+
+=head1 Known Problems
+
+XXX Descriptions of platform agnostic bugs we know we can't fix go here. Any
+tests that had to be C<TODO>ed for the release would be noted here. Unfixed
+platform specific bugs also go here.
+
+[ List each fix as an =item entry ]
+
+=over 4
+
+=item *
+
+XXX
+
+=back
+
+=head1 Errata From Previous Releases
+
+=over 4
+
+=item *
+
+XXX Add anything here that we forgot to add, or were mistaken about, in
+the perldelta of a previous release.
+
+=back
+
+=head1 Obituary
+
+XXX If any significant core contributor or member of the CPAN community has
+died, add a short obituary here.
+
+=head1 Acknowledgements
-Many of the changes included in this version originated in the CPAN modules
-included in Perl's core. We're grateful to the entire CPAN community for
-helping Perl to flourish.
+XXX Generate this with:
-For a more complete list of all of Perl's historical contributors, please see
-the F<AUTHORS> file in the Perl source distribution.
+ perl Porting/acknowledgements.pl v5.28.3..HEAD
=head1 Reporting Bugs
-If you find what you think is a bug, you might check the perl bug database at
-L<https://github.com/Perl/perl5/issues>. There may also be information at
-L<https://www.perl.org/>, the Perl Home Page.
+If you find what you think is a bug, you might check the perl bug database
+at L<https://rt.perl.org/> . There may also be information at
+L<http://www.perl.org/> , the Perl Home Page.
-If you believe you have an unreported bug, please open an issue at
-L<https://github.com/Perl/perl5/issues>. Be sure to trim your bug down to a
-tiny but sufficient test case.
+If you believe you have an unreported bug, please run the L<perlbug> program
+included with your release. Be sure to trim your bug down to a tiny but
+sufficient test case. Your bug report, along with the output of C<perl -V>,
+will be sent off to perlbug@perl.org to be analysed by the Perl porting team.
If the bug you are reporting has security implications which make it
-inappropriate to send to a public issue tracker, then see
-L<perlsec/SECURITY VULNERABILITY CONTACT INFORMATION> for details of how to
-report the issue.
+inappropriate to send to a publicly archived mailing list, then see
+L<perlsec/SECURITY VULNERABILITY CONTACT INFORMATION>
+for details of how to report the issue.
=head1 Give Thanks
-If you wish to thank the Perl 5 Porters for the work we had done in Perl 5, you
-can do so by running the C<perlthanks> program:
+If you wish to thank the Perl 5 Porters for the work we had done in Perl 5,
+you can do so by running the C<perlthanks> program:
perlthanks
View Lorry Controller Status