CAT-SOOP is a flexible, programmable learning management system based on the Python programming language. https://catsoop.mit.edu
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
 
 
 

2129 строки
63 KiB

  1. ########################
  2. # Current Developments #
  3. ########################
  4. Work toward next release. Currently under development.
  5. ADDED:
  6. * Added `.catsoop` as a content file extension, parsed using the same parser
  7. as content files with the `.md` extension.
  8. * Added rudimentary support for syntax highlighting of `.catsoop` files in
  9. Vim.
  10. * Added `cs_ui_config_flags`, including option to automatically view
  11. explanations when viewing answers, and to highlight the 'view explanation'
  12. button.
  13. * Added `cs_user_config`, including option to specify which variable should
  14. be used for grouping when managing groups.
  15. * Added `csq_result_as_string` option to `pythoncode` question types,
  16. allowing the result to come back as a string (useful for custom types as
  17. return values from `pythoncode` or `pythonic` question types, where
  18. evaluation would otherwise fail).
  19. * Added `logread`, `logwrite`, and `logedit` commands for working with log
  20. entries in a human-readable format.
  21. CHANGED:
  22. * File locks are now stored with a `.lock` extension, to avoid potential
  23. collisions with directory names.
  24. * Changed the name of the `util` module to `user` to better reflect its
  25. purpose.
  26. * CAT-SOOP will use date-based versioning moving forward. Planned regular
  27. releases are 20XX.9 and 20XX.2 (September and February, corresponding with
  28. the start of the fall and spring terms at MIT, respectively).
  29. * Upgraded KaTeX to v0.10.2.
  30. * Reverted changes to `language` module from 14.0.0.
  31. * Changed the solution display for the `richtext` question type.
  32. * `util.read_user_file` now does not raise an exception if there is an error
  33. in a user's file. Rather, it always returns a dictionary, but includes
  34. error information in the case of an error.
  35. * Logs are now stored in a binary format in order to improve the efficiency
  36. of reading/writing log entries.
  37. DEPRECATED:
  38. REMOVED:
  39. * Removed several deprecated features:
  40. * `__MEDIA__` can no longer be used as a name for directories containing
  41. static files. `__STATIC__` should be used instead.
  42. * `csm_tools` no longer points to utility functions from third-party
  43. libraries. Use `csm_thirdparty` instead.
  44. * `cs_print` has been removed. Use `print` instead.
  45. * `csq_multiplechoice_renderer` and `csq_multiplechoice_soln_mode`
  46. variables for multieplchoice questions have been renamed to
  47. `csq_renderer` and `csq_soln_mode`, respectively.
  48. * `cs_score_message` has been removed as a special variable. Use
  49. `csq_score_message` instead.
  50. FIXED:
  51. * Fixed an issue whereby "set()" could not be accepted as an answer to a
  52. `pythonic` or `pythonliteral` question.
  53. * Fix for malformed HTML in `multiexpression` question output.
  54. * Fix for "preview" in `richtext` question type.
  55. * Fixed an issue related to complex numbers in the `expression` question
  56. type.
  57. * Implemented a fix for the long-standing issue with empty lines in
  58. `showhide` tags escaping out of them.
  59. * Fixed an issue with the checker process, whereby submissions would forever
  60. be marked as 'running' if they experienced an error during page load or
  61. when looking up the question to submit.
  62. * Fixed the lack of decompression of uploaded files when downloaded via the
  63. 'Download Most Recent Submission' link.
  64. SECURITY:
  65. DOCUMENTATION:
  66. ##################
  67. # Version 14.0.3 #
  68. ##################
  69. FIXED:
  70. * Fix for issue with multiple blank lines in output from `pythoncode`
  71. questions.
  72. ##################
  73. # Version 14.0.2 #
  74. ##################
  75. FIXED:
  76. * Fix for a UI issue with the alignment of the timer when used in an iframe.
  77. * Fixed an issue with the `post_load` hook not being able to affect page
  78. content.
  79. * Fixed the LTI behavior by passing form POSTs through, if the session is
  80. already LTI authenticated.
  81. * Fixed a regression from `language.py` changes that prevented content after
  82. the last question on a page from being rendered.
  83. * Fixed a regression from `language.py` that prevented footnotes from being
  84. shown in most cases.
  85. * Fixes for Python unicode.
  86. ##################
  87. # Version 14.0.1 #
  88. ##################
  89. FIXED:
  90. * Fix for a problem with unicode characters in the `pythoncode` question type
  91. when using the `'ace'` interface.
  92. * Fixed an issue with older Pythons by using an `OrderedDict` to store
  93. `cs_internal_qinfo` in `language.py`.
  94. ##################
  95. # Version 14.0.0 #
  96. ##################
  97. ADDED:
  98. * Added the `dummy` question type, which can be used as a placeholder for a
  99. question that should be removed (but without affecting
  100. automatically-generated `csq_name`s for questions that follow.
  101. * Added support for using CAT-SOOP as an LTI Tool Provider (courtesy of Ike
  102. Chuang).
  103. * Added a few unit tests (courtesy of Ike Chuang).
  104. * Added `cs_debug_logger`, an instance of `logging.Logger`, for debugging
  105. (courtesy of Ike Chuang).
  106. * Added `'do_rlimits'` key to the `'python'` sandbox, which can be used to
  107. disable setting resource limits (workaround for Cygwin issue).
  108. * Several additional features were added to `pythoncode` questions:
  109. * `pythoncode` check functions now have a lot of additional information
  110. available to them, beyond the value that was returned (including `stdout`,
  111. `stderr`, information about any exceptions that were raised, and
  112. information about timing).
  113. * Added the option to selectively show/hide `stderr` (`test['show_stderr']`).
  114. * Added the option to count the number of executed opcodes, and to set
  115. timeouts based on number of executed opcodes.
  116. * Added the `csq_test_defaults` option to provide default per-test-case
  117. options within a single question.
  118. * Brought back breadcrumbs in the default theme.
  119. * The CAT-SOOP source distribution now includes the Ace code editor
  120. (https://ace.c9.io/).
  121. * Added `cs_custom_tags` for specifying custom tags for a course.
  122. CHANGED:
  123. * Updated KaTeX to version 0.10.0.
  124. * Updated CAT-SOOP to use Python-Markdown version 3+.
  125. * Replaced default favicon with one that does not have the letters "CS" in
  126. it.
  127. * Modified the default theme to ensure the body of a page is always at least
  128. 900px wide.
  129. * CAT-SOOP now exists as a proper Python package.
  130. * Moved file locks to a subdirectory of `cs_data_root`.
  131. * Sessions are now stored in `cs_data_root/_sessions` instead of
  132. `cs_data_root/__SESSIONS__`.
  133. * Logs are now stored in `cs_data_root/_logs` instead of
  134. `cs_data_root/__LOGS__`.
  135. * Improved display of test case results for `pythoncode` questions.
  136. * Per-test-case sandbox options for `pythoncode` questions are now specified
  137. via `test['sandbox_options']`.
  138. * The `run_code` function for Python sandboxes now returns a dictionary,
  139. rather than a 3-tuple.
  140. * Changed the structure of JS web labels for LibreJS, to make it clearer
  141. which parts of a page's Javascript are explicitly licensed under AGPLv3.
  142. FIXED:
  143. * `js_files` now preserves the order of its arguments.
  144. * Fixed an issue with Microsoft Edge not accepting button presses.
  145. * Fixed an issue with the default handler's timer not properly synchronizing
  146. with the server's time.
  147. * Fixed an type issue related to mpmath objects in numpy arrays.
  148. * Fixed confusing results from 'pythonic' question type by making sure that
  149. the submission constitutes a single Python expression.
  150. * Fixed a bug in the `pythonic` and `pythonliteral` question types so that
  151. answers with leading whitespace are allowed.
  152. * Fixed a bug whereby non-JSON-serializable objects in someone's `__USERS__`
  153. file would break the `get_user_information` API endpoint.
  154. * Fixed an issue with `expression` question types, whereby if all values were
  155. specified in `csq_names`, the question would use the specified values,
  156. likely `int`s or `float`s (instead of `mpmath.mpf`) to represent them,
  157. occasionally causing corect answers to be marked as incorrect due to a loss
  158. of precision.
  159. * Fixed an issue with the Python sandbox's `sandbox_run_code` by making it
  160. respect `csq_sandbox_options`.
  161. * Fixed bugs with multiple functions in the `catsoop.check` module.
  162. * Fixed bug in `cs_ajax.js` related to submitting manual grades.
  163. * Fixed an issue with proper display of whitespace in `pythoncode` question
  164. types' inputs/outputs.
  165. * Fixed an issue that caused `'last_submit'` values to be updated too soon
  166. (before checking to see if a submission was allowed).
  167. * Fixed an issue that caused bare content files starting with `_` or `.` to
  168. be web-accessible.
  169. * Fixed the 'permissions' field in cs_user_info to make sure it is always a
  170. set.
  171. * Fixed the 'Show/Hide Detailed Results' button in the 'pythoncode' question
  172. type to have the same styling as other buttons.
  173. * Fixed a bug with `catsoop.modal` Javascript that caused an error if
  174. `cancel` was set to `false`.
  175. * Fixes for reporting line numbers in `<python>` tags.
  176. DOCUMENTATION:
  177. * The CAT-SOOP web site is now included in the distribution, and includes a
  178. new page to automatically generate API documentation.
  179. ##################
  180. # Version 13.0.0 #
  181. ##################
  182. ADDED:
  183. * Added the `<tableofcontents/>` tag, which produces a table of contents for
  184. a page.
  185. * Added support for question types to have a `js_files` function that returns
  186. a list of Javsacript files that should be loaded before rendering the
  187. question.
  188. * The decimal precision of numbers in the `expression` question type can now
  189. be altered via the `csq_precision` variable.
  190. * Added the `multiexpression` question type for questions about multiple
  191. related expressions.
  192. * Made CAT-SOOP work properly with LibreJS
  193. (https://www.gnu.org/software/librejs/).
  194. * Added support for Python sandboxing via bubblewrap
  195. (https://github.com/projectatomic/bubblewrap)
  196. * The `cs_question_type_defaults` variable can be used to set default values
  197. of variables for specific question types.
  198. * The `catsoop.check` module is now available. It provides access to a small
  199. library of common check functions (to be used as `csq_check_function` or
  200. similar). It is accessible during normal page loads as `csm_check`.
  201. * CAT-SOOP can now optionally encrypt log entries, with keys specified via
  202. `cs_log_encryption_passphrase` and `cs_log_encryption_salt`
  203. * CAT-SOOP can now optionally compress log entries, by setting
  204. `cs_log_compression = True`.
  205. * Added support for Python 3.7.
  206. CHANGED:
  207. * Updated KaTeX to version 0.10.0-rc.1.
  208. * Updated MathJax to version 2.7.5.
  209. * Updated highlight.js to version 9.12.0.
  210. * The location and format in which uploaded files are stored on disk as
  211. changed.
  212. * The URL format for static files has changed (`__STATIC__` -> `_static`).
  213. * The URL format for utilities has changed (`cs_util` -> `_util`).
  214. * `csq_threshold` and `csq_ratio_check` have been replaced with
  215. `csq_ratio_threshold` and `csq_absolute_threshold` in the `expression`
  216. question type. The more lenient of the two thresholds is used. Default
  217. behavior is the same as before.
  218. DEPRECATED:
  219. * The special directory name `__MEDIA__` has been renamed to `__STATIC__` to
  220. better reflect its purpose. `__MEDIA__` will be removed in a future
  221. version. Use `__STATIC__` instead.
  222. * The `catsoop.tools` library was renamed to `catsoop.thirdparty` to better
  223. reflect its contents. The `csm_tools` pointer to these libraries will be
  224. removed in a future version. Use `csm_thirdparty` instead. Many of the
  225. libraries themselves were also removed (and should be imported directly,
  226. rather than accessed via `csm_thirdparty`)
  227. * `print` should now be used instead of `cs_print` to inject page content
  228. from within `<python>` tags. `cs_print` will be removed in a future
  229. version.
  230. * The `csq_multiplechoice_renderer` and `csq_multiplechoice_soln_mode`
  231. variables have been renamed to `csq_renderer` and `csq_soln_mode`. The
  232. options including `_multiplechoice` will be removed in a future version.
  233. REMOVED:
  234. * Removed jQuery, Bootstrap, and SweetAlert2 (replaced with our own JS/CSS).
  235. * Removed `cs_util/process_theme` and removed dependence on outside fonts.
  236. * Removed many bundled third-party applications, in favor of installation via
  237. `pip`.
  238. * `cs_login_aes_key_location` has been removed. The `cs_log_encryption*`
  239. variables should be used instead.
  240. FIXED:
  241. * Fixed a bug that assigned the wrong ` qtype` variable to question types
  242. that inherit from other question types.
  243. * Fixed an issue with error reporting when trying to log a tuple that
  244. contains an element that can't be logged.
  245. * Fixed an issue that caused CAT-SOOP's main page to crash if a course with a
  246. malformed preload.py was present.
  247. * Removed some redundant calls to `cslog.most_recent` from the default
  248. handler to improve efficiency.
  249. * Fixed multiple instances of improper handling of questions with multiple
  250. boxes.
  251. * Fixed a bug related to improper handling of internal links with trailing
  252. slashes.
  253. * "Log In" and "Log Out" no longer discard the query string associated with
  254. the current page.
  255. * Fixed the `'check'` action so that it respects `csq_grading_mode` and
  256. checks to see whether checking is allowed before actually running the
  257. check.
  258. SECURITY:
  259. * Prevent submissions from being able to access materials defined in
  260. `csq_code_pre` from pythoncode questions.
  261. ##################
  262. # Version 12.1.1 #
  263. ##################
  264. FIXED:
  265. * Fixed an issue with unintentional "broadcasting" of numpy arrays in certain
  266. `expression` questions.
  267. * Fixed an issue that prevented `datetime` and `timedelta` objects from being
  268. logged.
  269. ##################
  270. # Version 12.1.0 #
  271. ##################
  272. ADDED:
  273. * Added questions' types and grading modes to the `question_info` cache.
  274. * `datetime` and `timedelta` objects (from the datetime module) are now
  275. allowed in log entries.
  276. CHANGED:
  277. * The automatic source code download no longer saves cached copies, to avoid
  278. accidentally filling small disks.
  279. * Upgraded KaTeX to version 0.9.0.
  280. * Upgraded SweetAlert2 to version 7.15.1.
  281. * Upgraded MathJax to version 2.7.3.
  282. * Upgraded PLY to version 3.11.
  283. REMOVED:
  284. * `'questions'` is no longer a valid key for `tutor.compute_page_stats`, as
  285. it is redundant with `'question_info'`.
  286. FIXED:
  287. * Fixed an issue where invalid question names were failing silently.
  288. * Prevented scroll bars from showing up in the CAT-SOOP logo at the bottom of
  289. the page.
  290. * The `question_info` cache is now checked/updated after the pre_handle
  291. plugin is executed, rather than after.
  292. * `expression` questions now support implicit multiplication by j (the
  293. imaginary unit).
  294. * Fixed an issue that caused scores in the `problemstate` log to be
  295. overwritten with None when the "check" button was used.
  296. * Entering an empty expression and entering an invalid expression to a
  297. `pythonic` question now produce the same error message.
  298. * Fixed a bug where API token was not being properly set when impersonating a
  299. user.
  300. * In the default handler, ensure `handle_check` creates all `problemstate`
  301. fields if they don't already exist.
  302. * The checker script is now aware of the `cs_now` variable.
  303. * Fixed an issue that caused a misleading error message when the remote
  304. Python sandbox couldn't be reached.
  305. * Fixed a misleading error message about how to install `jose` when using the
  306. `'openid_connect'` authentication type.
  307. * Fixed a broken link after an error message when using the
  308. `'openid_connect'` authentication type.
  309. SECURITY:
  310. * Prevented `as_role` from affecting the `'role'` field in `cs_user_info` if
  311. the user does not have the `'impersonate'` permission.
  312. ##################
  313. # Version 12.0.0 #
  314. ##################
  315. ADDED:
  316. * Added a cache of question information, to avoid having to fake a page load
  317. to get question information in `tutor.compute_page_stats`.
  318. CHANGED:
  319. * CAT-SOOP can optionally be configured to use uWSGI, and the options for
  320. configuring the WSGI server have changed.
  321. * Logs are now stored in plain-text files, as opposed to binary log file.
  322. * Page views are no longer logged in the `problemactions` log.
  323. * Updated KaTeX to 0.9.0-beta1.
  324. * `'question_points'` is no longer a valid key in `tutor.compute_page_stats`.
  325. `'question_info'` should be used instead.
  326. FIXED:
  327. * Fixed a bug with rendering of scores when manual grades are submitted.
  328. ##################
  329. # Version 11.1.2 #
  330. ##################
  331. ADDED:
  332. * Added "Log In" / "Log Out" to top menu by default, and gave authentication
  333. types the ability to populate that menu.
  334. CHANGED:
  335. * Separated WSGI server into separate process, and allow
  336. `cs_wsgi_server_port` to be a list to start multiple servers (for load
  337. balancing).
  338. * Updated `wsgi.py` so that it can be used by an external WSGI server (such
  339. as uWSGI).
  340. * `csq_nosubmit_message` is now sent only on an actual submission (not when
  341. viewing the page), so that the submit button still appears when loading
  342. pages with `cs_nosubmit_message` set.
  343. * Buttons are now always created under 'view' mode in the default handler.
  344. * `cs_nosubmit_message` was replaced with `csq_nosubmit_message` (specific to
  345. each question).
  346. FIXED:
  347. * Fixed an issue where checker results were stored in an invalid location in
  348. the case of some errors.
  349. * Fixed an issue with the checker updating scores for problems that don't yet
  350. have a `problemstate` log.
  351. * Added CSS to prevent scrollbars from appearing on the CAT-SOOP logo in page
  352. footers.
  353. * Fixed key generation for AES encryption in `'login'` authentication mode.
  354. * Fixed a bug with changing password in `'login'` authentication mode.
  355. * Fixed a bug with client-side password hashing so that the hash is now a
  356. proper PBKDF2 hash of the given password.
  357. * The `'last_submit_time'` and `'last_submit_times'` entries in the
  358. `problemstate` log are now only updated if the submission was successful.
  359. * Fixed a bug whereby some compound expressions were treated as literals in
  360. the `pythonliteral` question type.
  361. * Fixed a bug with rendering of `<` and `>` in the `richtext` question type.
  362. * Fixed an issue with empty `<python>` tags.
  363. * Fixed a broken link in the OpenID Connect login page.
  364. ##################
  365. # Version 11.1.1 #
  366. ##################
  367. ADDED:
  368. * Added the `'legacy'` grading mode, which does not use the asynchronous
  369. checker.
  370. CHANGED:
  371. * Separated checker results into subdirectories to prevent a single directory
  372. growing too large.
  373. * Helper scripts are now launched using `sys.executable`, rather than a
  374. hard-coded `python3`.
  375. * Checks run through the asynchronous checker now cache their results in the
  376. `problemstate` directory, to avoid having to do a double-lookup.
  377. * Attempts at improved error reporting throughout CAT-SOOP.
  378. REMOVED:
  379. * Removed the `PKiller` class, which is no longer used anywhere.
  380. FIXED:
  381. * Temporary workaround for automatic scrolling to location of anchor.
  382. * Fixed a bug with username/password-based access to the
  383. `get_user_information` API endpoint.
  384. * Fixed a bug with the name of uploaded files.
  385. SECURITY:
  386. * The current session ID and API token are now filtered from error messages.
  387. DOCUMENTATION:
  388. * Added (hopefully) meaningful docstrings to almost everything in the
  389. codebase.
  390. ##################
  391. # Version 11.1.0 #
  392. ##################
  393. ADDED:
  394. * Added `cheroot` (https://github.com/cherrypy/cheroot) as a `catsoop.tools`
  395. package.
  396. * Added `websockets` (https://github.com/aaugustin/websockets) as a
  397. `catsoop.tools` package.
  398. CHANGED:
  399. * `cheroot` is now used instead of uWSGI.
  400. * File names for uploaded files now include the `csq_name` of the question
  401. they were uploaded for.
  402. FIXED:
  403. * Fixed an issue whereby the Python sandbox could leave handles to deleted
  404. files open (eventually leading to an error from having too many files
  405. open).
  406. * Changed the Python sandbox to use `sys.executable` (instead of hard-coded
  407. path to an assumed location of a Python interpreter) when
  408. `csq_python_interpreter` is not set.
  409. SECURITY:
  410. * File names for uploaded files now include a hash of their contents to limit
  411. the feasibility of a brute-force attack to grab a different user's files.
  412. ##################
  413. # Version 11.0.5 #
  414. ##################
  415. ADDED:
  416. * Added the `get_upload` utility for downloading uploaded files.
  417. * Added `'extra_data'` field to checker results.
  418. * Added `tutor.read_checker_result` for quickly reading checker results.
  419. * Added `csq_npoints` as an option to the `pythoncode` question type. If
  420. specified, it overrides any point values assigned to the individual test
  421. cases.
  422. CHANGED:
  423. * Changed the default checker used for multiple-choice-multiple-answer
  424. problems.
  425. * The `fileupload` question type now uses `get_upload` to download user
  426. files, rather than a data URI.
  427. * Made changes to make sure that files are always closed after being opened.
  428. FIXED:
  429. * Fixed a potential race condition in the `pythoncode` question type.
  430. * Fixed an issue with the `expression` question type, where overzealous type
  431. checking led to some correct answers being marked as incorrect.
  432. * Fixed issues with the circuit simulator question type that prevented an AC
  433. analysis from being run interactively, and that caused incorrect AC results
  434. to be sent to the checker.
  435. * Changes to make sure that reasonable fonts are used (particularly in
  436. `<pre>`, `<code>`, and `<tt>`) even if our fonts are not loaded.
  437. * Some small temporary fixes to AC analysis in the circuit simulator for the
  438. `circuit` question type.
  439. SECURITY:
  440. * Fixed an issue whereby `get_upload` could be used to read arbitrary files
  441. from disk via a carefully constructed request.
  442. ##################
  443. # Version 11.0.4 #
  444. ##################
  445. FIXED:
  446. * Fixed issue with matrix comparison in `expression` question type.
  447. * Fixed typo (`SyntaxError`) in handout handler.
  448. ##################
  449. # Version 11.0.3 #
  450. ##################
  451. FIXED:
  452. * Use https://github.com/aaugustin/websockets for websocket connections.
  453. REMOVED:
  454. * Removed the included simple websockets implementation.
  455. * Remove more traces of the abandoned queue.
  456. ##################
  457. # Version 11.0.2 #
  458. ##################
  459. FIXED:
  460. * Moving a file from `running` to `results` in the checker is now implemented
  461. as an atomic operation, to avoid the potential for corrupted results files.
  462. ##################
  463. # Version 11.0.1 #
  464. ##################
  465. FIXED:
  466. * Changes to the way the 'reporter' process handles websocket connections.
  467. ##################
  468. # Version 11.0.0 #
  469. ##################
  470. ADDED:
  471. * Added script to migrate SQLite logs (and checker) to new format.
  472. CHANGED:
  473. * Logs are now, once again, stored in `catsoopdb` format. No other options.
  474. * The checker's state is now stored via the filesystem, rather than through
  475. SQLite.
  476. * File upload paths are now stored relative to `cs_data_root` to make moving
  477. between systems easier. Old (absolute) paths still work, but the system
  478. will now store relative paths.
  479. * Results from completed checks are now loaded in a way that avoids requiring
  480. a websocket connection.
  481. * The checker and reporter are now two separate processes.
  482. FIXED:
  483. * Fixed serious bug (deadlock) with checker script / logging.
  484. * Fixed HTML rendering of pythoncode question type.
  485. ##################
  486. # Version 10.4.0 #
  487. ##################
  488. ADDED:
  489. * Added a means of viewing a page with different (lower) permissions by
  490. spoofing your role (the `as_role` query string argument).
  491. * Added a `'dummy'` auth type to make authentication on local testing setups
  492. easier.
  493. * Added preliminary support for running on MacOS and Windows (Cygwin) hosts
  494. by fixing a number of Mac-specific issues.
  495. * The 'score' display can now be changed on a per-problem basis via
  496. `csq_score_message`.
  497. CHANGED:
  498. * pycs compiled files are now stored in `<cs_data_root>/_cached`, to avoid
  499. polluting the course itself.
  500. * The body of the CAT-SOOP default template is now slightly wider.
  501. * Local Python sandboxes now write their stdout and stderr to files instead
  502. of relying on low-level hacks involving pipes.
  503. * Updated KaTeX to version 0.8.2.
  504. * Updated python-markdown to version 2.6.9.
  505. * The magic variable controlling the checker's location is now
  506. `cs_checker_websocket` instead of `cs_websocket_location` (which is now
  507. ambiguous).
  508. * Added more options to modify the styling of the "login required" page.
  509. * Cross/check images are now preceded by a newline.
  510. DEPRECATED:
  511. * `cs_score_message` has been deprecated, in favor of `csq_score_message`.
  512. `cs_score_message` will be removed in a future version.
  513. REMOVED:
  514. * Removed lots of unused imports, unused local variables, etc, courtesy of
  515. `pyflakes`.
  516. FIXED:
  517. * Fixed a race condition related to clearing expired session data.
  518. * Fixed serious bug (deadlock) with checker script / logging.
  519. * Modified the way `PKiller` kills processes to avoid a potential race
  520. condition.
  521. * Fixed several breaking issues with the grouping mechanism related to the
  522. version 10 changes.
  523. * Fixed a bug that prevented WHDW from loading students' scores.
  524. * Fixed a bug that caused some `<showhide>` tags' buttons to affect other
  525. `showhide` elements on the page instead of themselves.
  526. * Fixed an issue with error reporting in the `'openid_connect'` auth type.
  527. * Fixed an issue with the `'login'` authentication type that caused false
  528. negatives when checking passwords from different browsers.
  529. * Fixed an issue with broken loading of uploaded files from the database.
  530. * Fixed an issue that caused an error message not to be shown when `cs_form`
  531. was not defined.
  532. * Replaced a lingering instance of `xrange`.
  533. * Questions with the `checkoff` question type now render as totally empty if
  534. the description and name are empty, rather than as a single colon.
  535. SECURITY:
  536. * `nohup.out` files are now ignored when generating the .zip files of the
  537. CAT-SOOP source.
  538. ##################
  539. # Version 10.3.0 #
  540. ##################
  541. CHANGED:
  542. * Moved all logs to one central location to make backups easier.
  543. ##################
  544. # Version 10.2.2 #
  545. ##################
  546. REMOVED:
  547. * Removed several calls to the deprecated `cs_print` from the default "main"
  548. page.
  549. * Removed "Acknowledgments" section from the default "main" page.
  550. FIXED:
  551. * Removed an extraneous print statement from the default handler.
  552. * Remove HTML formatting from course name in `source.zip` downloads.
  553. ##################
  554. # Version 10.2.1 #
  555. ##################
  556. CHANGED:
  557. * Prevented the creation of extra directories when reading nonexistent logs.
  558. REMOVED:
  559. * Removed the defunct `checker_reporter.js` script.
  560. FIXED:
  561. * Fixed a number of issues with sessions.
  562. * Fixed an issue with serializing Python sets for logging.
  563. ##################
  564. # Version 10.2.0 #
  565. ##################
  566. ADDED:
  567. * Added more options to modify the styling of the "login required" box.
  568. CHANGED:
  569. * Submission IDs are no longer visible by default, though they can be made
  570. visible with `cs_show_submission_id`.
  571. * Logs once again use SQLite instead of RethinkDB.
  572. REMOVED:
  573. * Removed RethinkDB completely.
  574. FIXED:
  575. * Updated the location of the default remote sandbox.
  576. ##################
  577. # Version 10.1.0 #
  578. ##################
  579. ADDED:
  580. * `cs_user_info` and `cs_username` are now always defined, even on pages that
  581. don't require authentication
  582. CHANGED:
  583. * The built-in `print` function can now be used instead of `cs_print` to
  584. inject page content from within `<python>` tags.
  585. DEPRECATED:
  586. * `print` should now be used instead of `cs_print` to inject page content
  587. from within `<python>` tags. `cs_print` will be removed in a future
  588. version.
  589. FIXED:
  590. * Fixed issue with clearing session data.
  591. * Fixed an issue with QTYPEs' `init` functions being called with incorrect
  592. arguments.
  593. ##################
  594. # Version 10.0.1 #
  595. ##################
  596. CHANGED:
  597. * RethinkDB is now used to store session data, as opposed to the file-based
  598. storage used in the past.
  599. * Slight changes to the way version numbers are displayed in the default
  600. template.
  601. FIXED:
  602. * Fixed multiple large issues with manually-graded submissions.
  603. * Fixed multiple large issues with the `fileupload` question type.
  604. ##################
  605. # Version 10.0.0 #
  606. ##################
  607. ADDED:
  608. * Added the dot product operator to `expression` question type.
  609. * Added `process.py`, containing some common operations relating to process
  610. management.
  611. * Added support for storing uploaded files on disk rather than in the
  612. database directly.
  613. CHANGED:
  614. * RethinkDB is now a hard dependency.
  615. * The API for logging functions was changed, to avoid a special character as
  616. a separator.
  617. * Submissions are now handled asynchronously, and results are retrieved via
  618. web sockets.
  619. * Markdown no longer outputs `<em>` or `<strong>`, preferring `<i>` and `<b>`
  620. to improve browser compatibility.
  621. * Many images are now included in pages as data URI's rather than being
  622. loaded from a separate request.
  623. * Replaced the CSS-based loading spinner with an image.
  624. * Changed the password hashing scheme for the login authentication type to
  625. one based on:
  626. https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/
  627. * Re-styled buttons throughout the system.
  628. REMOVED:
  629. * Removed CSS-only spinner, replaced with data URI for image in the base
  630. context.
  631. * Removed images for check/cross/favicon, replaced with data URI's in the
  632. base context.
  633. * Removed SQLite and catsoopdb as backends for logging.
  634. FIXED:
  635. * Improved the Javascript code responsible for making sure the top menu
  636. doesn't block text when moving around a page.
  637. * Errors in the registration form now prevent submitting the form.
  638. #################
  639. # Version 9.4.3 #
  640. #################
  641. ADDED:
  642. * Added the `circuit` question type.
  643. * Added support for nonscalar values in `expression` questions.
  644. FIXED:
  645. * Changed exponentiation to be right-associative in the `expression` question
  646. type.
  647. * Fixed a bug with rendering implicit multiplication in `expression`
  648. questions.
  649. * Fixed a bug with rendering of chained exponentiation in `expression`
  650. questions.
  651. * Fixed a bug with order of operations when using the Python syntax in
  652. `expression` questions.
  653. #################
  654. # Version 9.4.2 #
  655. #################
  656. ADDED:
  657. * Added the `<section*>` family of tags, for unnumbered sections.
  658. * Added the `<include>` tag, to include the contents of another file.
  659. * Added the ability to add an additional message to the default page, via
  660. `cs_main_page_text`.
  661. FIXED:
  662. * Fixed an issue whereby expressions utilizing binary subtraction were not
  663. properly parenthesized in the "Check Syntax" rendering of `expression`
  664. questions.
  665. #################
  666. # Version 9.4.1 #
  667. #################
  668. FIXED:
  669. * Fixed an issue with rendering of certain test cases in the `pythoncode`
  670. question type.
  671. * Modified the handling of streams in the Python sandbox to avoid buffers
  672. filling up.
  673. * Modified error message handling in the Python sandbox to avoid long-running
  674. regex searches.
  675. #################
  676. # Version 9.4.0 #
  677. #################
  678. ADDED:
  679. * Added support for custom "submissions not allowed" messages via
  680. `cs_nosubmit_message`.
  681. * Added the `cs_now` variable to page load contexts.
  682. * Added the `code_pre` option to tests in the `pythoncode` question type, for
  683. code to be run before submitted code.
  684. CHANGED:
  685. * Code is now licensed under the GNU Affero General Public License, v3+.
  686. Footer text has been updated to reflect this change.
  687. * `cs_nsubmits_message` was replaced by `csq_nsubmits_message`.
  688. * Updated MathJax to version 2.7.1, and updated it to use a future-proof
  689. renderer.
  690. * Updated PLY to version 3.10.
  691. * Updated Markdown to version 2.6.8.
  692. * Updated BeautifulSoup to version 4.6.0.
  693. * Fixed several issues with rendering of `pythoncode` question types.
  694. * Updated the "Formatting Help" page of the `richtext` question type.
  695. REMOVED:
  696. * Removed large pieces of the default MathJax install because they will not
  697. be used.
  698. FIXED:
  699. * Fixed broken "home" link for pages in the `cs_util` "pseudo-course."
  700. * Fixed issue with HTML tags not rendering inside of `<section>` tags.
  701. * Fixed error messages for expressions that can't be parsed in the
  702. `expression` question type.
  703. * Fixed a crash when the `<cs_data_root>/courses` directory did not exist or
  704. was not writeable by the web server.
  705. * Fixed a bug with HTML tags being ignored inside `<ref>` tags.
  706. #################
  707. # Version 9.3.0 #
  708. #################
  709. ADDED:
  710. * Default handler now logs scores of all questions in the `problemactions`
  711. log on `'submit'` actions.
  712. * Added the `csq_always_show_tests` option to `pythoncode` questions, to
  713. enable/disable the "Show/Hide Detailed Results" button.
  714. * New plugin infrastructure.
  715. * `catsoop.ajaxrequest` now accepts a callback function that can be executed
  716. once the request has completed.
  717. * More options for rendering pages (`content_only` and `raw_html`).
  718. CHANGED:
  719. * Code is now released under version 2 of the Soopycat License.
  720. * Math expressions are now rerendered in all responses to AJAX calls.
  721. * Updated KaTeX to version 0.7.0
  722. * Updated MathJax to version 2.7.0
  723. * Python syntax highlighting updated.
  724. * Several improvements to WHDW and stats displays.
  725. REMOVED:
  726. * Errors related to evaluating the expression are no longer displayed in the
  727. `pythonic` question type.
  728. FIXED:
  729. * Allowed `pythonic` question type to accept tuples without parentheses.
  730. * Fixed issue with `expression` question type, with `csq_ratio_check = True`
  731. and `csq_soln = 0`.
  732. * Switched to different CDN for loading Ace editor code.
  733. * Fixed an issue related to automatic locking when no answers have been
  734. viewed.
  735. * Fixed a regression related to rendering the answers to `multiplechoice`
  736. questions using the `checkbox` renderer.
  737. * Fixed a regression related to answer checking in `multiplechoice`
  738. questions.
  739. * Fixed issue related to handling empty `<python>` or `<question>` tags.
  740. * Fixed issue related to incorrectly filtering user information when
  741. generating API tokens.
  742. * Fixed issues with type errors from decoding data URI's in the `pythoncode`
  743. and `fileupload` question types.
  744. * Fixed several issues related to invalid HTML output in response to
  745. `pythoncode` submission.
  746. * Fixed `source.zip` generation to be more pedantic about when to re-build
  747. the file.
  748. * Fixed rendering of questions via `'rerender'` in the default handler.
  749. * Fixed problem with trying to render a template from a context where not all
  750. variables are defined.
  751. * Fixed rendering of check/cross images in expression question type.
  752. * Manual grading interface now displays more relevant feedback to the grader
  753. after submission (exactly the score and comments as the student will see
  754. them).
  755. * Fixed the display of answers to `pythoncode` questions so that syntax
  756. highlights properly.
  757. * Fixed issue with processes not being properly closed with the Python
  758. sandbox.
  759. SECURITY:
  760. * Fixed a regression that opened a XSS vulnerability in `pythoncode`
  761. questions.
  762. DOCUMENTATION:
  763. * Use American spelling in documentation.
  764. #################
  765. # Version 9.2.0 #
  766. #################
  767. ADDED:
  768. * Added `render_single_question` to the default handler, for rendering a
  769. single question's contents.
  770. * Added ability to customize how e-mail address is created from available
  771. information when using OpenID Connect.
  772. * Added the ability to override `get_group`'s section lookup and instead use
  773. the specified section.
  774. * Added `stats` and `whdw` (Who Has Done What) actions to the default
  775. handler.
  776. CHANGED:
  777. * Better checks and display for `checkoff` question type.
  778. * Improved error handling in the `pythonic` question type.
  779. * Improved the formatting of HTML in the `pythoncode` question type to
  780. prevent Beautiful Soup from modifying it too much.
  781. * `None` is now a special category that is skipped when assigning groups.
  782. * Improved formatting of answers to `pythoncode` questions.
  783. * Cells in HTML tables are no longer automatically center-aligned.
  784. * Removed confusing answer display from `checkoff` question type.
  785. FIXED:
  786. * Fixed a bug with `cs_path_info` not being defined in certain situations.
  787. * Fixed the stylesheet so that pages can be printed again.
  788. * Fixed a bug with reporting error messages related to malformed questions.
  789. * Fixed a type error in `list_groups` that prevented students' sections from
  790. being determined correctly.
  791. * Brought the `richtext` question type up to speed with current CAT-SOOP.
  792. * Brought the `multiplechoice` question type up to speed with current
  793. CAT-SOOP.
  794. * Brought the `handout` handler up to speed with current CAT-SOOP and
  795. improved its error reporting.
  796. * Fixed a regression that rendered `pythonliteral` questions unusable.
  797. * Fixed a typo in dispatch that broke proper 404 handling of handouts.
  798. * Fixed a regression with the permissions check for the "Save" button.
  799. * Several fixes for the `fileupload`, `richtext`, and `pythoncode` question
  800. types.
  801. * Prevented a misleading error message from being displayed when
  802. automatically viewing answers on a timed exercise.
  803. * Several fixes for `catsoop.tools.data_uri`.
  804. * Fixed a bug that prevented per-user randomness from functioning as
  805. expected.
  806. * Updated automatic source downloader to use `spoof_early_load`, fixing a
  807. bug.
  808. * Fixed a typo in the `checkoff` question type.
  809. #################
  810. # Version 9.1.0 #
  811. #################
  812. ADDED:
  813. * Added `catsoop.path_info` to javascript (for groups).
  814. * Added `cs_pre_handle` for normal use and `pre_handle.py` for plugins.
  815. * The state of the context is now stored after every `preload.py` file in the
  816. chain has been executed (in `cs_loader_states`), to allow, e.g., looking up
  817. parents' names.
  818. * Added "breadcrumbs" to the default theme.
  819. * Fleshed out the interactive group management page.
  820. CHANGED:
  821. * Navigational menu entries can now optionally be specified in a more
  822. straightforward (Pythonic) manner.
  823. * `csq_names` are now automatically assigned as part of the XML parsing step,
  824. rather than in the default handler.
  825. * Changed "Are you sure you want to view the answer" dialog to use
  826. SweetAlert2 (https://limonte.github.io/sweetalert2/).
  827. * Nicer-looking tables in default theme.
  828. * Added a more complete message to the "log in" box for OpenID Connect.
  829. FIXED:
  830. * Fixed bug with `cs_view_without_auth` flag.
  831. * Fixed bug with listing groups.
  832. * Fixed bug with file locking stemming from a change in 9.0.0.
  833. * `cs_post_load` and plugins' `post-load` hooks now fire at the right time
  834. (after `<python>` tags are evaluated).
  835. * Fixed bug with additional files in the Python sandbox.
  836. * Fixed several bugs related to HTML parsing/display.
  837. * Internal Server Errors in AJAX callbacks now display an error message.
  838. * Fixed a bug that prevented saving entries to questions.
  839. * Fixed a bug that prevented reading user information from the `__USERS__`
  840. directory from `catsoop.util.read_user_file`.
  841. SECURITY:
  842. * Logins are no longer carried over between courses (user must log in to each
  843. course separately).
  844. #################
  845. # Version 9.0.0 #
  846. #################
  847. ADDED:
  848. * Added back the catsoopdb format (last seen in version 4.0.1), with
  849. improvements to prevent collisions and a few bugfixes.
  850. * Added Beautiful Soup to the distribution.
  851. (https://www.crummy.com/software/BeautifulSoup/)
  852. * Included Bootstrap (http://getbootstrap.com/) in the distribution, and
  853. updated the default theme to use it (also moved `main.template` and
  854. `base.css` to `old.template` and `old.css`, respectively, to make room for
  855. new style).
  856. * Added the `cs_base_color` variable, for switching the main color of the
  857. default theme.
  858. * Added syntax highlighting to code blocks, `via highlight.js`
  859. (https://highlightjs.org/). If no language is explicitly specified for
  860. syntax highlighting, the value stored in `cs_default_code_language` will be
  861. used (default is no syntax highlighting; explicitly setting that value to
  862. `None` will cause `highlight.js` to guess the appropriate language for each
  863. block).
  864. * Added support for authentication via OpenID Connect
  865. (http://openid.net/connect/).
  866. * Added support for default courses via `cs_default_course`.
  867. * Added the `list_questions` and `get_state` API endpoints to the default
  868. handler.
  869. * Added an easier way to spoof context loading with
  870. `loader.spoof_early_load`.
  871. * Added `cslog.modify_most_recent`, which updates the most recent log entry
  872. atomically.
  873. * Added method for sending e-mail to a CAT-SOOP user from the API without
  874. knowing their e-mail address.
  875. * Added support for input checks and ratio checking (rather than absolute
  876. error checking) to the `expression` question type.
  877. * Added `number` question type for single numbers (or simple fractions).
  878. * Added `__PLUGINS__` directory for plugins which work in ways other than
  879. defining a new QTYPE or handler (ability to affect the context before or
  880. after preload, before or after content load, and after handler is invoked).
  881. CHANGED:
  882. * CAT-SOOP is now only compatible with Python version 3.5+. Python 2
  883. compatibility was dropped intentionally, but versions 3.0.0 <= x < 3.5 are
  884. not supported because CAT-SOOP does some strange things with imports.
  885. * CAT-SOOP no longer runs on Windows hosts.
  886. * Drastically improved inheritance for question types (requiring far less
  887. manual work) via `tutor.qtype_inherit`.
  888. * CAT-SOOP XML parsing is now largely handled by BeautifulSoup instead of by
  889. regular expressions.
  890. * Renamed `gb.py` -> `base_context.py` to more accurately reflect its usage.
  891. * Modified the `'login'` authentication type to use Python's built-in
  892. implementation of PBKDF2.
  893. * Changed the way authentication is handled in AJAX requests, in preparation
  894. for including the public-facing API.
  895. * Themes are now run through a pre-processor that handles `<python>` and
  896. `<printf>` tags (including `@{...}` syntax).
  897. * Passwords (in all forms) are now hashed both before and after being sent to
  898. the server (passwords are now never sent in plain-text).
  899. * Navigation links should now be held in `cs_top_menu` instead of
  900. `cs_navigation`.
  901. * `<ref>` tags can now take the relevant label as `label="x"` in addition to
  902. just as `x`.
  903. * Improved error pages shown on 404 File Not Found.
  904. * Default permissions now include the `'view'` permission.
  905. * Modified the default "loading" spinner to use CSS instead of an image
  906. * `csq_check_function` can now return a dictionary mapping `'score'` to the
  907. score and `'msg'` to a message to be returned, eliminating the need for
  908. `csq_msg_function` when it is more convenent to compute the score and
  909. message at the same time. Alternatively, it can return a tuple `(score,
  910. message)`. The old form is still supported.
  911. * `csq_msg_function`, if used, can now optionally take a second argument
  912. representing the solution (the message doe not need to be computed from the
  913. submission alone).
  914. * Replaced `"response"` field with `"message"` in JSON returned by the
  915. default handler's AJAX calls, to avoid duplicate use of `"response"`.
  916. * The CAT-SOOP cat changes when displaying a 404 or 500 error message.
  917. * Improved error reporting in `pythonic` question type.
  918. FIXED:
  919. * Tracebacks in CAT-SOOP error messages now actually show useful information.
  920. * Pre-compiled CAT-SOOP (`.pycs`) files' names now include the Python
  921. implementation's cache tag, so that the same course can be migrated to a
  922. CAT-SOOP instance running on a different version of Python without issue.
  923. * Fixed a bug whereby an empty entry in a `multiplechoice` question (--) was
  924. interpreted as being the last element in the `csq_options` list.
  925. * Missing files/directories are now always handled as 404 errors, rather than
  926. 500.
  927. * Fixed a bug resulting from a nonexistent `courses` directory.
  928. * The `cs_post_load` hook is now invoked at a time when `cs_content` is still
  929. relevant.
  930. * Fixed bug with `expression` question type erroring when using multiple
  931. values for a variable.
  932. * Prevented PLY from writing its parsing tables to disk.
  933. SECURITY:
  934. * Included the option to tune the number of iterations used with PBKDF2, and
  935. increased the default number of iterations from 50,000 to 250,000.
  936. * Minimum password length in the login authentication type is now 8 instead
  937. of 5, per the NIST recommendation at:
  938. https://pages.nist.gov/800-63-3/sp800-63b.html
  939. #################
  940. # Version 8.0.0 #
  941. #################
  942. ADDED:
  943. * `<label>` and `<ref>` tags are now available, for easier referencing of
  944. sections within a CAT-SOOP page.
  945. * Answers and explanations can now be automatically viewed in certain
  946. situations (running out of submissions, earning 100% score).
  947. * Added a check for non-ASCII characters in input, and an error message to be
  948. displayed in this case.
  949. * Most CAT-SOOP options related to the default handler can now be specified
  950. as functions that return the appropriate value, rather than the value
  951. itself, which allows them to be set in a way that depends on the current
  952. context.
  953. * Added a way to compute stats about a particular page (for use in making
  954. gradebooks).
  955. * Question types can now have multiple form fields by having names starting
  956. with `__QNAME__`, where `QNAME` is the name of the question.
  957. * The `multiplechoice` question type has two new modes which allow for
  958. arbitrary formatting (including math) in the options: `'checkbox'`, which
  959. allows multiple answers to be selected; and `'radio'`, which allows only
  960. one answer to be selected.
  961. * Added the `cs_debug` function, which can be used to log arbitrary
  962. information to a file during execution of a preload or content file.
  963. * Resources can now be loaded from arbitrarily-named files (e.g.,
  964. `<root>/path/to/foo.md` instead of `<root>/path/to/foo/content.md`).
  965. * In the `pythoncode` question type, it is now possible to hide the code
  966. associated with test cases.
  967. * Added `data_uri` module from https://gist.github.com/zacharyvoase/5538178
  968. for better handling of file uploads.
  969. * Users can now log in with their e-mail addresses instead of their usernames
  970. when using the `'login'` authentication type.
  971. * Permissions can now be specified directly via `cs_permissions`, instead of
  972. exclusively via roles.
  973. * The `pythoncode` question type can now handle Python 3 code.
  974. * Handlers and question types can now have viewable pages inside them,
  975. viewable at, for example, `<url_root>/__HANDLER__/default/page_name`.
  976. * Every page footer now links to both the terms of the license, and also to
  977. the "download source" link.
  978. * Added a module for sending e-mails, primarily for use in the `'login'`
  979. authentication type.
  980. * MathJax (https://www.mathjax.org/) is now included directly, rather than
  981. loaded from their CDN.
  982. CHANGED:
  983. * Functions inside of question types no longer need to manually load default
  984. values; values from the defaults variable are automatically used when not
  985. specified inside the `<question>` tag.
  986. * The `'login'` authentication type was much improved, including the option
  987. to send confirmation e-mails, change passwords, and recover lost passwords;
  988. and to customize the types of e-mail addresses that are accepted.
  989. * Improved error reporting in the `'login'` auth type.
  990. * The `cs_post_load` hook now executes before the page's handler is invoked,
  991. and a new hook `cs_post_handle` was introduced, which is called after the
  992. handler is invoked.
  993. * CAT-SOOP's handling of HTML tags is now case-insensitive.
  994. * The "view as" page was updated to show more accurately what the user in
  995. question would see.
  996. * Many options related to the default handler (primarily related to which
  997. actions should be allowed) are now specified on a per-question basis rather
  998. than a per-page basis.
  999. * Locking a user out of a problem has been separated from viewing the answer
  1000. to that question.
  1001. * Improved rendering in the `expression` question type.
  1002. * `name_map` is now stored as an ordered dictionary.
  1003. * Results from the `pythonic` question type are now evaluated in the
  1004. question's scope, rather than in the question type's scope.
  1005. * The number of rows to be displayed in the ACE interface for coding
  1006. questions is now customizable.
  1007. * Answers in the `smallbox` and `bigbox` question types are no longer wrapped
  1008. in `<tt></tt>`.
  1009. * Markdown and/or custom XML, depending on the source type used, is now
  1010. interpreted inside of answers and explanations (including math rendering).
  1011. * All CAT-SOOP modules are now available inside of the source files for
  1012. handlers and question types.
  1013. * The `cs_scripts` string is now injected into the template after jQuery,
  1014. katex, MathJax, and `cs_math` have been loaded.
  1015. * Modified the generation of per-user random seeds to (eventually) allow for
  1016. re-generating of random seeds.
  1017. * Moved much of the Javascript code from the default handler to separate
  1018. files.
  1019. * Moved WSGI file and changed the way imports are handled in order to make
  1020. sure everything can access the CAT-SOOP modules/subpackages.
  1021. * Moved handling of `csq_prompt` out of individual question types and into
  1022. the default handler to avoid duplicating code.
  1023. * Removed logo image from main page.
  1024. * `cs_source_format` is now inferred (rather than specified explicitly).
  1025. * In question type specifications, `handle_submission` now returns a
  1026. dictionary instead of a tuple.
  1027. * Restructured authentication types to make adding more types in the future
  1028. easier.
  1029. * Section labels are now rendered as id's of the associated headers.
  1030. FIXED:
  1031. * Fixed a bug whereby `$` characters could not be escaped with backslash.
  1032. * Fixed issues with certain tags' internals being parsed as Markdown (script,
  1033. pre, question, etc).
  1034. * Trying to access a resource that doesn't exist on disk now gives a 404
  1035. error instead of crashing.
  1036. * Fixed several bugs related to uploading multiple files in a single
  1037. submission.
  1038. * Spaces are now allowed in question names.
  1039. * CAT-SOOP no longer crashes on a malformed `<question>`, but rather displays
  1040. an error message.
  1041. * Fixed an issue with intermittent WSGI failures by re-trying failed actions.
  1042. * Updated MathJax to version 2.6.1 to fix a rendering issue in Chrome.
  1043. * Updated the URL of the default Python sandbox to reflect changes in the
  1044. CAT-SOOP web site.
  1045. * Improved handling of query strings and fragment identifiers when rewriting
  1046. URLs.
  1047. * Improved handling of implicit multiplication in the `expression` question
  1048. type.
  1049. * Added unary `+` to Python syntax in the `expression` question type.
  1050. * `cslog.most_recent` now returns the default value when the log file does
  1051. not exist, instead of crashing.
  1052. * Fixed handling of temporary files on Windows hosts.
  1053. * Fixed validation of user information when registering under the `'login'`
  1054. authenatication type.
  1055. * Fixed several bugs with manual grading, reported from 6.02.
  1056. * Log files are no longer created when trying to read from a nonexistent log.
  1057. * Mercurial temporary files (`.orig`) are now ignored in the zip generated
  1058. when downloading the source.
  1059. * `<pre>` tags are now used instead of `<tt>` for wrapping answers in the
  1060. `pythoncode` question type.
  1061. * Fixed an issue in the `pythoncode` sanboxes whereby a `MEMORY` limit of `0`
  1062. actually allowed `0` bytes of heap storage, rather than unlimited.
  1063. * Prevent a crash if `<cs_data_root>/courses` does not exist.
  1064. * Modified to always use the local markdown package, even if one is installed
  1065. globally, to make sure Markdown extensions are loaded properly.
  1066. * Buttons are now re-enabled on page load, to prevent an issue whereby
  1067. buttons would remain disabled after a refresh on Firefox.
  1068. SECURITY:
  1069. * PBKDF2 (https://en.wikipedia.org/wiki/PBKDF2) is now used for the `'login'`
  1070. authentication mode.
  1071. * Closed a XSS vulnerability in the `pythoncode` question type.
  1072. * Closed a security hole in session handling that allowed for arbitrary code
  1073. execution under certain circumstances by validating session ids and
  1074. modifying the way session data are stored.
  1075. * Logs can no longer be accessed/created outside of the appropriate
  1076. `__LOGS__` directories.
  1077. #################
  1078. # Version 7.1.1 #
  1079. #################
  1080. FIXED:
  1081. * Fixed an issue that prevented the last question on each page from being
  1082. displayed.
  1083. #################
  1084. # Version 7.1.0 #
  1085. #################
  1086. ADDED:
  1087. * Added the option to grade questions manually, from 6.02 fall 2015.
  1088. * Added a `richtext` question type, which allows for formatting of text using
  1089. CAT-SOOP-flavored Markdown.
  1090. * Added the `fileupload` question type, which allows users to upload
  1091. arbitrary files.
  1092. * Added checks for valid configuration options.
  1093. CHANGED:
  1094. * Rewrote the `expression` question type to use PLY for parsing, and included
  1095. a default syntax for expressions that is more approachable to users not
  1096. familiar with Python.
  1097. #################
  1098. # Version 7.0.1 #
  1099. #################
  1100. FIXED:
  1101. * Fixed a syntax error in the `expression` question type.
  1102. #################
  1103. # Version 7.0.0 #
  1104. #################
  1105. ADDED:
  1106. * Included KaTeX (https://khan.github.io/KaTeX/).
  1107. * Added three new handlers: `passthrough`, which displays `cs_content`
  1108. without modification; `raw_response`, which allows sending a raw HTTP
  1109. response; and `redirect`, for redirecting to other resources easily.
  1110. * Added support for Markdown (https://daringfireball.net/projects/markdown/)
  1111. as an alternative source format, and included
  1112. python-markdown (https://pypi.python.org/pypi/Markdown) in the
  1113. distribution.
  1114. * Question type specifications can now include an arbitrary action (beyond
  1115. saving/submitting) that will be executed when a user presses a new button.
  1116. * Added support for streaming content (via returning a generator instead of a
  1117. string), and for automatic streaming of large static files.
  1118. * Added support for inline (runnable by users) test cases in `pythoncode`
  1119. question types.
  1120. * Added `cs_util` resources: `time`, which yields the current time (according
  1121. to the server) for synchronization purposes; `source.zip`, which downloads
  1122. a zip archive containing the CAT-SOOP source code; and `license`, which
  1123. contains the text of CAT-SOOP's license.
  1124. * Added a `'string'` mode to the `pythonic` question type, which allows the
  1125. answer to be specified as a string to be evaluated. Also added the
  1126. `csq_code_pre` variable to this question type, for setting up the
  1127. environment into which `csq_soln` will be evaluated in string mode.
  1128. CHANGED:
  1129. * Math rendering now uses KaTeX (fast, but limited support) when possible,
  1130. and falls back to MathJax (slow, but more support) when necessary.
  1131. * "Special" CAT-SOOP variables are now prefixed with `cs_` (for page-specific
  1132. values) or `csq_` (for question-specific values) to prevent accidental
  1133. shadowing
  1134. * Changed nomenclature: "activity type" -> "handler"
  1135. * Complete rewrite of default handler.
  1136. * Reorganization of sandboxing for Python code.
  1137. * `gb.py` should no longer be changed; rather, global configuration values
  1138. should be overwritten via `config.py` (which is loaded into `gb.py`)
  1139. * Improved handling of footnotes.
  1140. REMOVED:
  1141. * Removed `jquery_typing` plugin, which is no longer needed for expression
  1142. questions.
  1143. FIXED:
  1144. * Fixed bug with newline handling in CGI interface.
  1145. * Fixed bugs related to static files when using the CGI interface running on
  1146. Windows hosts.
  1147. * The default theme now handles resizing of the containing window more
  1148. smoothly.
  1149. STYLE:
  1150. * Mostly embraced PEP8 style (https://www.python.org/dev/peps/pep-0008/).
  1151. #################
  1152. # Version 6.0.0 #
  1153. #################
  1154. ADDED:
  1155. * Added `post_load` hook, which is executed after the content file is
  1156. executed.
  1157. * Added support for XML as an additional source format, and set it to be the
  1158. default format.
  1159. * Change names `EARLY_LOAD.py` -> `preload.py` and `LATE_LOAD.py` ->
  1160. `content.xml`.
  1161. * Added the `pythonliteral` question type, which behaves much like
  1162. `pythonic`, but requires that the submission be a literal value (rather
  1163. than the result of a more complicated expression).
  1164. CHANGED:
  1165. * Modified handling of footnotes.
  1166. * File containing user information should now end in `.py` (e.g.,
  1167. `username.py` instead of just `username`).
  1168. * Reorganized `python` question types to properly inherit from one another to
  1169. avoid duplicate code.
  1170. REMOVED:
  1171. * The `problem` activity type was removed, in favor of `ajaxproblem`.
  1172. FIXED:
  1173. * Fixed an issue where `last_submit` was keeping information only about the
  1174. most recent submission overall, instead of the most recent submission for
  1175. each question.
  1176. * The `__LOGS__` directory will now be created if it does not exist, rather
  1177. than crashing CAT-SOOP.
  1178. SECURITY:
  1179. * Error messages now show less information, to avoid displaying sensitive
  1180. information.
  1181. #################
  1182. # Version 5.0.0 #
  1183. #################
  1184. ADDED:
  1185. * Added support for footnotes via `<footnote>`
  1186. * Added support for page organization via `<section>`, `<subsection>`, etc.
  1187. * The ability to save and submit are now controllable via special variables
  1188. in the problem activity type.
  1189. * Added a warning message upon clicking the 'view solution' button to
  1190. indicate that users will not be able to submit after doing so. Also
  1191. maintained the ability to bypass this check, for things like automatically
  1192. submitting at the end of a timed exercise.
  1193. * Added the `handout` activity type, which allows for showing a static file,
  1194. but with access controls (releasing after a particular date, only viewable
  1195. by particular role, etc).
  1196. * Added support for displaying explanations in addition to answers in
  1197. particular question types.
  1198. CHANGED:
  1199. * Logs are now stored in [SQLite](https://www.sqlite.org/) databases.
  1200. * The logo in the main page is now displayed as text, rather than as an
  1201. image.
  1202. * Buttons in `ajaxproblem` question types are now disabled before processing
  1203. the request, to avoid multiple identical submissions from mis-clicks.
  1204. REMOVED:
  1205. * Removed catsoopdb format, in favor of SQLite.
  1206. FIXED:
  1207. * Renamed `logging.py` to `cslog.py` to prevent accidentically importing
  1208. Python's built-in logging module.
  1209. * Fixed rendering of math when viewing solution to an `expression` question.
  1210. * Scores are now properly handled in the `ajaxproblem` activity type.
  1211. * Fixed a bug with displaying the solution for `pythonic` question types
  1212. whose solutions are tuples.
  1213. * Fixed a bug with displaying the solution for `pythonic` question types
  1214. whose solutions are strings.
  1215. * Fixed a bug related to handling of dynamic pages in the `__BASE__` course.
  1216. * Fixed numerous `ajaxproblem` bugs.
  1217. * Improved detection of static files.
  1218. SECURITY:
  1219. * Error messages no longer show information about the location of CAT-SOOP
  1220. (or the course in question) on disk
  1221. #################
  1222. # Version 4.0.1 #
  1223. #################
  1224. FIXED:
  1225. * Fixed issue whereby a missing `EARLY_LOAD.py` would crash CAT-SOOP.
  1226. * Fixed bug with caching of static files.
  1227. * Fixed bug related to authenticating in `'login'` mode.
  1228. REMOVED:
  1229. * Removed rendering time from default template.
  1230. #################
  1231. # Version 4.0.0 #
  1232. #################
  1233. ADDED:
  1234. * Added the `ajaxproblem` activity type, which allows submitting individual
  1235. questions without reloading the entire page. Made `ajaxproblem` the
  1236. default activity type.
  1237. * Added support for skipping ahead or behind by weeks in relative
  1238. timestrings, using `+` or `-` (e.g., `M+:17:00` means _next_ Monday at
  1239. 5pm).
  1240. * Solutions for individual students are now displayed when impersonating
  1241. them.
  1242. * Source for pages is now cached in a marshaled format, to prevent having to
  1243. re-parse the source of pages that have not changed.
  1244. * Added support for authenticating via login (username and password) rather
  1245. than via client certificate.
  1246. * Added support for per-user randomness (users see the same numbers upon
  1247. returning to a page, but different users may see different numbers).
  1248. * Added documentation (via `epydoc`-compatible docstrings) throughout.
  1249. * CAT-SOOP now asks the browser to use cached versions of static files where
  1250. appropriate.
  1251. * Allowed question types and activity types to be specified in the course
  1252. rather than in the base system.
  1253. CHANGED:
  1254. * Changed internal nomenclature: `meta` -> `context` everywhere to represent
  1255. the context in which a page is rendered.
  1256. REMOVED:
  1257. * Removed several references to `sicp-s2.mit.edu` in the code.
  1258. FIXED:
  1259. * Fixed impersonation glitch whereby permissions were inherited from the
  1260. impersonated user.
  1261. * Fixed glaring bug with static file handling.
  1262. * Fixed inheritance bug in the `pythonic` question type.
  1263. #################
  1264. # Version 3.1.0 #
  1265. #################
  1266. ADDED:
  1267. * Added WSGI interface (and moved main function elsewhere so WSGI and CGI can
  1268. share code).
  1269. * Questions are automatically given names if they were not explicitly given a
  1270. name.
  1271. * Question types and activity types are now pre-compiled to avoid having to
  1272. re-parse them on every load.
  1273. #################
  1274. # Version 3.0.0 #
  1275. #################
  1276. ADDED:
  1277. * `problem` activities now store due dates, to account for changes in due
  1278. date after submitting.
  1279. * Added support for the ACE code editor (https://ace.c9.io/) in
  1280. `pythoncode` questions.
  1281. CHANGED:
  1282. * Separated loading from `METADATA.py` into `EARLY_LOAD.py` and
  1283. `LATE_LOAD.py`. `EARLY_LOAD` files are executed all the way down the
  1284. source tree (for the sake of inheritance, as with `METADATA.py`), but only
  1285. the `LATE_LOAD.py` associated with the leaf node is executed (to allow some
  1286. code execution to be avoided when working down the tree).
  1287. * Moved/improved impersonation code.
  1288. * Refactored logging code.
  1289. * Refactored main control loop.
  1290. FIXED:
  1291. * Better sandboxing of Python code.
  1292. * Fixed an issue with `submitAs` control for questions with randomness.
  1293. * Fixed handling of paths on Windows hosts.
  1294. * Modified `expression` question type to be compatible with Python 2.6.
  1295. * Several bug fixes in `pythoncode` question type.
  1296. SECURITY:
  1297. * Prune out `'..'` and `'.'` from URLs to avoid escaping the CAT-SOOP tree.
  1298. #################
  1299. # Version 2.0.0 #
  1300. #################
  1301. Complete re-write. First version used in 6.01 (spring 2013). First version
  1302. with any similarity to the current code.
  1303. #################
  1304. # Version 1.0.0 #
  1305. #################
  1306. The original version, used in 6.003 fall 2011, and described in
  1307. http://dspace.mit.edu/handle/1721.1/77086. This version has _very little_ in
  1308. common with later versions.