angular.js/CHANGELOG.md

# <angular/> 0.9.2 faunal-mimicry (in-progress) #

### Testability
- binding DSL in Scenario can now match bindings without specifying filters
- dsl statements now accept a label argument to make test output more readable (issue #94)
- dsl element() statement now implements most of the jQuery API (issue #106)
- file:// URLs are no longer supported for running a scenario. You must use a web server that implements HEAD
- new browser() dsl statement for getting info about the emulated browser running the app (issue #109)
- navigateTo() is now browser().navigateTo(). Old code must be updated
- navigating to about:blank is no longer supported. It results in a sandbox error
- scenario runner is now compatible with IE8 (issue #93)
- scenarior runner checks if URL would return a non-success status code (issue #100)


# <angular/> 0.9.1 repulsion-field (2010-10-26) #

### Security
- added html sanitizer to fix the last few known security issues (issues #33 and #34)

### API
- new ng:submit directive for creating onSubmit handlers on forms (issue #76)
- the date filter now accepts milliseconds as well as date strings (issue #78)
- the html filter now supports 'unsafe' option to bypass html sanitization

### Testability
- lots of improvements related to the scenario runner (commit 40d7e66f)

### Demo
- added a new demo application: Personal Log (src example/personalLog)

### Chores
- lots of fixes to get all tests pass on IE
- added TzDate type to allow us to create timezone idependent tests (issue #88)

### Breaking changes
- $cookieStore service is not globally published any more, if you use it, you must request it via
  $inject as any other non-global service
- html filter now sanitizes html content for XSS attacks which may result in different behavior


# <angular/> 0.9.0 dragon-breath (2010-10-20) #

### Security
- angular.fromJson not safer (issue #57)
- readString consumes invalid escapes (issue #56)
- use new Function instead of eval (issue #52)

### Speed
- css cleanup + inline all css and images in the main js (issue #64)

### Testability
- initial version of the built-in end-to-end scenario runner (issues #50, #67, #70)

### API
- allow ng:controller nesting (issue #39)
- new built-in date format filter (issue #45)
- $location needs method you call on updates (issue #32)


### Chores
- release versioning + file renaming (issue #69)

### Breaking changes
- $location.parse was replaced with $location.update
- all css and img files were inlined into the main js file, to support IE7 and older app must host
  angular-ie-compat.js file

### Big Thanks to Our Community Contributors
- Vojta Jina
start new release 0.9.2 faunal-mimicry 2010-10-27 05:48:34 +00:00			`# <angular/> 0.9.2 faunal-mimicry (in-progress) #`

Provide browser DSL with location() to expect the iframe URL parts. Also move navigateTo() under the browser DSL. 2010-10-29 23:02:57 +00:00			`### Testability`
			`- binding DSL in Scenario can now match bindings without specifying filters`
			`- dsl statements now accept a label argument to make test output more readable (issue #94)`
			`- dsl element() statement now implements most of the jQuery API (issue #106)`
			`- file:// URLs are no longer supported for running a scenario. You must use a web server that implements HEAD`
			`- new browser() dsl statement for getting info about the emulated browser running the app (issue #109)`
			`- navigateTo() is now browser().navigateTo(). Old code must be updated`
			`- navigating to about:blank is no longer supported. It results in a sandbox error`
			`- scenario runner is now compatible with IE8 (issue #93)`
			`- scenarior runner checks if URL would return a non-success status code (issue #100)`

start new release 0.9.2 faunal-mimicry 2010-10-27 05:48:34 +00:00
updating CHANGELOG.md for the 0.9.1 release 2010-10-27 05:17:37 +00:00			`# <angular/> 0.9.1 repulsion-field (2010-10-26) #`

			`### Security`
			`- added html sanitizer to fix the last few known security issues (issues #33 and #34)`

			`### API`
			`- new ng:submit directive for creating onSubmit handlers on forms (issue #76)`
			`- the date filter now accepts milliseconds as well as date strings (issue #78)`
			`- the html filter now supports 'unsafe' option to bypass html sanitization`

			`### Testability`
			`- lots of improvements related to the scenario runner (commit 40d7e66f)`

			`### Demo`
			`- added a new demo application: Personal Log (src example/personalLog)`

			`### Chores`
			`- lots of fixes to get all tests pass on IE`
			`- added TzDate type to allow us to create timezone idependent tests (issue #88)`
$cookieStore should not be a global service you must use $inject to $inject it as any other non-global service 2010-10-22 18:09:43 +00:00
			`### Breaking changes`
			`- $cookieStore service is not globally published any more, if you use it, you must request it via`
			`$inject as any other non-global service`
create HTML sanitizer to allow inclusion of untrusted HTML in safe manner. Sanitization works in two phases: 1) We parse the HTML into sax-like events (start, end, chars). HTML parsing is very complex, and so it may very well be that what most browser consider valid HTML may not pares properly here, but we do best effort. We treat this parser as untrusted. 2) We have safe sanitizeWriter which treats its input (start, end, chars) as untrusted content and escapes everything. It only allows elements in the whitelist and only allows attributes which are whitelisted. Any attribute value must not start with 'javascript:'. This check is performed after escaping for entity (&xAB; etc..) and ignoring any whitespace. - Correct linky filter to use safeHtmlWriter - Correct html filter to use safeHtmlWriter Close #33; Close #34 2010-10-19 04:20:47 +00:00			`- html filter now sanitizes html content for XSS attacks which may result in different behavior`
$cookieStore should not be a global service you must use $inject to $inject it as any other non-global service 2010-10-22 18:09:43 +00:00

adding CHANGELOG.md with 0.9.0 release notes 2010-10-21 00:00:36 +00:00			`# <angular/> 0.9.0 dragon-breath (2010-10-20) #`

			`### Security`
create HTML sanitizer to allow inclusion of untrusted HTML in safe manner. Sanitization works in two phases: 1) We parse the HTML into sax-like events (start, end, chars). HTML parsing is very complex, and so it may very well be that what most browser consider valid HTML may not pares properly here, but we do best effort. We treat this parser as untrusted. 2) We have safe sanitizeWriter which treats its input (start, end, chars) as untrusted content and escapes everything. It only allows elements in the whitelist and only allows attributes which are whitelisted. Any attribute value must not start with 'javascript:'. This check is performed after escaping for entity (&xAB; etc..) and ignoring any whitespace. - Correct linky filter to use safeHtmlWriter - Correct html filter to use safeHtmlWriter Close #33; Close #34 2010-10-19 04:20:47 +00:00			`- angular.fromJson not safer (issue #57)`
adding CHANGELOG.md with 0.9.0 release notes 2010-10-21 00:00:36 +00:00			`- readString consumes invalid escapes (issue #56)`
			`- use new Function instead of eval (issue #52)`

			`### Speed`
			`- css cleanup + inline all css and images in the main js (issue #64)`

			`### Testability`
			`- initial version of the built-in end-to-end scenario runner (issues #50, #67, #70)`

			`### API`
			`- allow ng:controller nesting (issue #39)`
			`- new built-in date format filter (issue #45)`
			`- $location needs method you call on updates (issue #32)`


			`### Chores`
			`- release versioning + file renaming (issue #69)`

			`### Breaking changes`
			`- $location.parse was replaced with $location.update`
			`- all css and img files were inlined into the main js file, to support IE7 and older app must host`
			`angular-ie-compat.js file`

			`### Big Thanks to Our Community Contributors`
			`- Vojta Jina`