CMF 1.5.6 (2006/02/26)

  Bug Fixes

    - In certain circumstances file-based PythonScripts with foreign line
      endings were not handled correctly. PythonScripts are now read using
      Python's universal line-endings support.
      (http://www.zope.org/Collectors/CMF/403)


CMF 1.5.6-beta (2006/02/19)

  Bug Fixes

    - CMFDefault.DiscussionTool: Ensure that isDiscussionAllowedFor will
      not accidentally acquire discussion settings from the content
      object's parent.
      (http://www.zope.org/Collectors/CMF/398)

    - CMFDefault.RegistrationTool: Adding single quotes to the allowed
      characters in the local part of an email address.
      (http://www.zope.org/Collectors/CMF/401)

    - CMFCore.FSPythonScript: FSPythonScripts forgot to add __file__ to
      the script globals. This broke warnings.warn() when a stacklevel
      argument pointing into the script was passed (2).

    - CMFSetup.workflow: Workflows managing no permissions at all could
      make the CMFSetup workflow exporter fail.
      (http://www.zope.org/Collectors/CMF/397)

    - CMFDefault.DiscussionItem: Deleting a discussion reply would not
      recurse and left items below the deleted reply still cataloged
      (http://www.zope.org/Collectors/CMF/391)

    - Corrected the HelpSystem documentation for DCWorkflow Guards
      (http://www.zope.org/Collectors/CMF/394)

    - CMFCore utils: Synced _checkPermission with Zope 2.8.5 code.
      checkPermission of Zope 2.8.5 and later contains bug fixes and respects
      proxy roles, but for backwards compatibility CMF 1.5 still needs its own
      implementation.

  Others

    - Made unit tests close the request properly.

    - Made cut / copy / paste tests more independent from implementation
      details of '_verifyObjectPaste'.

    - Modified several deprecation warnings to indicate point-of-use of the
      deprecated feature.


CMF 1.5.5 (2005/11/20)

  Bug Fixes

    - DefaultWorkflowDefinition: Changed meta_type to make it unique.
      (http://www.zope.org/Collectors/CMF/298)

    - CMFSetup: fixed empty attribute parsing when an encoding is
      defined.

  Others

    - CMFCore: removed old backward compatibility code that slowed down
      TypeInformation.allowType and gave PortalFolder.allowedContentTypes
      quadratic complexity.

    - Removed deprecated 'all_cmf_tests.py' and supporting 'test_all.py'
      from products (use 'zopectl test' to run CMF tests instead).


CMF 1.5.5-beta (2005/11/06)

  Bug Fixes

    - CMFCore.DynamicType/ActionProviderBase: If an action cannot be looked
      up, provide a more helpful debugging message for the error log.

    - CMFCore.MemberDataTool: Fixed the pruneMemberData functionality in the
      ZMI: Now it is enough to press the button once.

    - Collector #381:  CMFCore unit tests depended on CMFDefault / workflow.

    - CalendarTool: If an event ends at exactly midnight, don't show it
      in the list of events for the day starting at midnight.
      (http://www.zope.org/Collectors/CMF/246)

  Features

    - CMFCore:  added 'skinname' to the thread-specific tuple created by
      the Skinnable base class to cache the skin path lookup, to facilitate
      querying later;  added a 'getCurrentSkinName' to the Skinnable API
      to do the query.  Thanks to Laurent Rowe for the patch.

    - CMFSetup: added support for importing and exporting workflow script
      metadata for scripts that are External Methods. One very important
      difference to other scripts remains: Since the CMFSetup machinery
      cannot access the filesystem code for external methods it only
      saves the data needed to instantiate the ZODBi-based External Method 
      object. If, during an import, the filesystem-based code cannot be
      found, the import will fail.

    - CMFActionIcons:  added support for exporting / importing
      action icons tool configuration (via GenericSetup).

    - CMFSetup:  added support for configuring content type registry.

    - CMFSetup:  added support for configuring caching policy manager.

    - CMFSetup:  added support for configuring cookie authentication and
      mailhost tools (http://www.zope.org/Collectors/CMF/387).

    - CMFCore.CachingPolicyManager: Caching policies can now control all the 
      Cache-Control tokens defined in the HTTP 1.1 spec (s-maxage, public, 
      private, no-transform).  When no-cache is enabled, a Pragma: no-cache 
      header is also sent for HTTP 1.0 clients. Thanks go to Geoff Davis
      for contributing the necessary patches.

    - CMFCore.FSPageTemplate:  These now have the option to return a status 
      304 and no content when a conditional GET is sent.  This is a potential 
      significant win for sites. This behavior is activated on the
      CachingPolicyManager by using policies that set suitable ETag headers
      when delivering the content. Geoff Davis invested the time to add
      this feature.

  Others

    - Removed deprecated 'all_cmf_tests.py' and supporting 'test_all.py'
      from products (use 'zopectl test' to run CMF tests instead).

    - CMFDefault.Portal:  deprecated 'manage_addCMFSite'.

    - Collectors #384:  Added '__traceback_info__' to FSDTMLMethod's
      call-stack etnry.

    - Collector #383:  Added tab to 'portal_uidhandler' tool to allow
      querying objects given UID.

    - CMFCatalogAware: refactoring. Defines now 2 methods,
      _getCatalogTool() and _getWorkflowTool(), that are used to find
      the catalog and workflow tool. It's now possible to override
      these methods using inheritence for a given content type to
      specify another catalog or workflow tool the content type can
      use

    - CMFSetup: allow export of properties of old objects that were
      stored as lists (instead of tuples now).

CMF 1.5.4 (2005/09/04)

  Bug Fixes

    - CatalogTool: Made sure the catalog_object method works with Zope 2.8.
      The new 'pghandler' argument was missing. This broke at least the
      refreshCatalog method used by 'Update Catalog'.
      (http://www.zope.org/Collectors/CMF/379)

CMF 1.5.4-beta (2005/08/28)

  Bug Fixes

    - CMFCore.utils: The return value from _mergedLocalRoles allowed
      direct manipulation of objects' local role settings since it
      contained references to the actual values instead of copies.
      (http://www.zope.org/Collectors/CMF/376)

    - CMFTopic.DateCriteria: The behavior and naming of date criteria
      operators was very confusing and in many cases unexpected and 
      wrong. For that reason e.g. Plone replaced the implementation
      with a more user-friendly handling which is hereby introduced
      to CMF proper. (http://www.zope.org/Collectors/CMF/339)

    - CMFCore.PortalContent, CMFCore.FSSTXMethod, CMFTopic.Topic,
      CMFDefault.SkinnedFolder: Cache headers from the Caching Policy Manager
      never got set for DTML-based skins due to the way the view template
      __call__ method was invoked. (http://www.zope.org/Collectors/CMF/374)

    - CMFCore.FSImage and FSFile: Unlike the current behavior of Zope itself,
      FSImage and FSFile would set a content-length response header for 304
      (not modified) responses, which should not be done according to 
      RFC 2616. It won't do so anymore, but Zope itself will still force a
      content-length header in ZServer.HTTPResponse. This misbehavior
      has been filed as a Zope issue (http://www.zope.org/Collectors/Zope/1866).
      (http://www.zope.org/Collectors/CMF/372)

    - PortalFolder: Improved the _checkId method.
      Method Aliases mask objects with matching IDs. Thus _checkId() and
      checkIdAvailable() now make sure non-managers can't create objects with
      IDs already taken by Method Aliases of the current folder.

    - CMFDefault.Image and CMFDefault.File: When calling the constructor,
      any intelligent content type detection would be destroyed by the
      call to initialize Dublin Core values, which would overwrite the
      content_type. It is now preserved, if possible.
      (http://www.zope.org/Collectors/CMF/370)

  Features

    - CMFTopic.Topic: Made Topics a tad more useful by subclassing from
      CMFDefault.SkinnedFolder instead of CMFCore.PortalFolder, because
      SkinnedFolder is CatalogAware. Topics now offer useful information
      for Title, Description and SearchableText, so Topic objects can
      be located in the portal by using the standars search facilities.
      (http://www.zope.org/Collectors/CMF/53)

  Others

    - CMFCore.PortalFolder._checkId() allows root doted prefixed name
      object overrides.

CMF 1.5.3 (2005/08/07)

  Bugs fixed

    - When the CMFBTreeFolder was moved into CMFCore, its base class was
      changed to PortalFolderBase. This broke an assumption in the
      portal_syndication tool that relied on all syndication containers
      deriving from PortalFolder (http://www.zope.org/Collectors/CMF/369)

CMF 1.5.3-beta (2005/08/02)

  Bugs Fixed

    - Changed the INSTALL_SVN instructions to conform to the new branch
      and tag naming scheme instituted for the subversion repository.

    - Apply an interim fix for slow pathwalking implementation in
      development mode on Windows (http://www.zope.org/Collectors/CMF/367)
      Note that a better fix would be to leverage pywin32 APIs for
      file / directory monitoring.

    - FSObject.manage_doCustomize() was broken for folderish objects on Zope
      2.8 because manage_permission requires a context to work.
      (see http://www.zope.org/Collectors/CMF/368)
      
    - CMFCore/FSPropertiesObject and CMFCore/FSMetadata: Removed a wrongly 
      inserted DeprecationWarning in the FSPropertiesObject class and
      put it into the FSMetadata class. We are not deprecating ".props"
      files, but ".properties" and ".security".

    - Change CVS checkout documentation to their equivalent Subversion
      instructions

    - In CMFSetup, make sure to give special treatment to both CVS and 
      .svn folders where this is necessary (e.g. to implicitly skip them
      when importing profiles)

    - Made sure FSDVTest always deletes its temporary folder on tearDown.
      (http://www.zope.org/Collectors/CMF/106)

    - Fix DefaultWorkflowDefinition bug on isActionSupported() for the
      keywargs support to reflect DCWorkflowDefinition changes. Add a
      test case for this definition as well.

  Others

    - CMFCatalogAware: reindexObjectSecurity() now always reindexes the
      catalog objects without changing their catalog uid. This is useful
      for third-party code that indexes objects with special uids.

CMF 1.5.2 (2005/07/17)

  Bugs Fixed

    - CMFCore/ActionInformation.py: Permissions of action categories starting
      with 'document' are now evaluated in the object context instead of the
      portal context. This should probably be generalized some more.

    - Added testing framework to suppress / examine output from warnings
      module and from zLOG.

    - CMFUid/UniqueIdGeneratorTool.py: Replaced the old BTree.Length.Length
      implementation by a simple counter. Using a BTree.Length.Length object
      as counter may have caused setting the same unique id to multiple 
      objects under high load. The tools counter gets automigrated on the 
      first access.

  Others

    - CMFCore/CMFBTreeFolder.py:  Moved here from Zope core's
      Products/BTreeFolder2;  conditional import, with module alias, into
      __init__.py, for compatibility with Zope 2.7;  2.8.0 has BTreeFolder2
      in the core (see http://www.zope.org/Collectors/Zope/1813).

CMF 1.5.2beta2 (2005/07/08)

  Features Added

    - CMFDefault/skins/zpt_generic/talkback_tree:  Add link to allow
      managers to delete replies (http://www.zope.org/Collectors/CMF/38).

  Bugs Fixed

    - CMFDefault.utils.parseHeadersBody:  use standard library's 'rfc822'
      module to parse metadata headers, to take advantage of better handling
      of edge cases.

    - CMFDefault.utils.formatRFC822Headers:  strip trailing blank line
      of multi-line value, to prevent premature halt of parsing.
      (http://www.zope.org/Collectors/CMF/230)

    - CMFCore.MembershipTool:  allow 'getMemberById' to crawl up the
      hierarchy of user folders until it finds the user.  This means that
      users from any user folder in or above the portal will be treated
      as full members of the portal.
      (http://www.zope.org/Collectors/CMF/354, also
       http://www.zope.org/Collectors/CMF/63)

    - CatalogTool: Added manage_convertIndexes.
      This method should not be used with Zope 2.7. It overrides the broken
      manage_convertIndexes of Zope 2.8.0.
      (http://www.zope.org/Collectors/CMF/357)

    - CMFCore.WorkflowTool:  Make (deprecated) WorkflowInformation objects
      schema-compatible with current ActionInformation.
      (http://www.zope.org/Collectors/CMF/355)

    - CMFCore.utils.ToolInit: For icon registration to work with ToolInit
      you would have to have the same product_name parameter as the actual
      product name of the product. product_name is now optional, defaulting 
      to the real product name. It is also deprecated, and starting with 
      CMF1.6 product_name it will be ignored.

    - CMFSetup.workflow: scripts were not exported, they're now in a
      'scripts' subdirectory, and encoding was not propagated at import
      time.

  Others

    - Moved tests which used to 'import Zope' to try 'import Zope2'
      (with a fallback for Zope 2.7).  Thanks to sacco for the patch!
      (http://www.zope.org/Collectors/CMF/362)

    - CatalogTool: Removed obsolete Vocabulary.

CMF 1.5.2beta (2005/06/26)

  New Features

    - CMFDefault browser: Added browser package and five_template.
      This allows to use the main_template for forms generated by Five.

    - CMFDefault skins: Added style_slot to main_template.

    - CMFCore.PortalFolder: A new class PortalFolderBase was added. The
      class is a subclass of Folder while PortalFolder is a subclass of
      PortalFolderBase and OrderedFolder. It was added for software which
      is incompatible w/ the ordered interface.

    - CMFCore.ActionProviderBase: Add the methods _getOAI and _getExprContext
      which can be used to hook in custom version of getOAI() and
      getExprContext().

    - CMFCore.TypesTool.TypeInformation.queryMethodID(): Add new argument
      context=None and change all calls of queryMethodID to apply the context.

    - Interfaces: Added newstyle (Zope 3) interfaces.
      This change has no effect on Zope 2.7 without Five.

    - CMFSetup.skins: Small featurelet that adds a new keyword to the
      "layer" tag in skins.xml named "remove". If "remove" is
      specified, the named layer will be explicitly removed from the 
      skins path(s).

    - CMFCatalogAware: reindexObjectSecurity() now supports an
      optional argument 'skip_self' that prevents the object itself
      from being reindexed, but its descendants still are. Allows an
      optimization when you want to reindex all the idxs *and* the
      security in a single shot with reindexObject().

    - CMFCatalogAware: allow easy subclassing of the "security indexes"
      that are reindexed by reindexObjectSecurity(), through the
      attribute _cmf_security_indexes.

    - doActionFor() propagates **kw to isActionSupported() through
      _checkTransitionGuard() until the guard.check() method so that
      StateChangeInfo() can be constructed with those kwargs.

  Bug Fixes

    - ActionInfo: Make 'setActionExpression' sane if passed a string
      which is already prefixed with "string;".

    - ActionInfo: Fixed copy method.

    - CMFTopic.Topic/CMFCore.PortalContent: Clean up a previous change
      by changing __call__ methods to be aligned with what's on CVS
      HEAD and using the old _getViewFor function as a fallback to
      retain backwards compatibility.

    - DCWorkflow: Add a note to the Transitions and States forms
      explaining that the renaming actions will not automatically
      update any items in the workflow that might be affected by
      the change. (http://www.zope.org/Collectors/CMF/89)

    - CMFDefault.SyndicationTool: Zope 2.8 raises AttributeError where
      earlier Zopes used to raise KeyError.

    - Set cache headers in 304 responses from FSImage / FSFile
      (http://www.zope.org/Collectors/CMF/355)

    - CMFCore.DirectoryView: Do not cause ZODB writes or ConflictError
      if an old DirectoryView with a non-existing path is left. Sends a
      warning to stderr about those.
      (http://www.zope.org/Collectors/CMF/347)

    - CMFSetup utils: Fixed handling of comments and empty descriptions.
      (http://www.zope.org/Collectors/CMF/352)

    - CMFDefault.MetadataTool: When asked for a non-existing metadata
      policy, the tool would return the default policy unwrapped. This
      means, at a minimum, that the security declarations on the 
      MetadataElementPolicy instance would never be applied correctly.
      (http://www.zope.org/Collectors/CMF/342)

    - CMFSetup.workflow: Make sure to set the "permissions" attribute on
      DCWorkflow definitions to a tuple, which is expected throughout
      the DCWorkflow code. (http://www.zope.org/Collectors/CMF/346)

    - CMFCore.FSObject: Try to find and call the appropriate method to
      determine the skins tool name instead of hardcoding "portal_skins".
      (http://www.zope.org/Collectors/CMF/349)

    - CMFCore.FSZSQLMethod: Add the forgotten setting to allow simple 
      direct traversal for ZSQL methods to the list of settings recognized 
      and applied by FSZSQLMethods during instantiation and customization.
      (http://www.zope.org/Collectors/CMF/350)

    - CMFCore.FSObject: When customizing filesystem objects in the skins 
      tool, some security-related settings were not transferred to the 
      customized object, namely proxy roles and permission settings.
      (http://www.zope.org/Collectors/CMF/351)

    - Sync catalog metadata column with correct name of DublinCore string
      ExpirationDate method. (http://www.zope.org/Collectors/CMF/345)

  Others

    - CMFSetup: the import/export of portal types uses a new XML format
      that can hold arbitrary properties, to facilitate subclassing. The
      old format is still recognized when importing.

    - WorkflowTool: Marked WorkflowInformation and getActionsFor deprecated.
      getActionsFor is superseded by listActionInfos and WorkflowInformation
      was just used by getActionsFor.

CMF-1.5.1 (2005/04/24)

  Other

    - Made INSTALL.txt more general so it does not refer to specific CMF
      version numbers in the 1.5 series and thus won't look outdated from
      one release to the next.

    - CMFCatalogAware: reindexObjectSecurity() optimizations in case
      of an indexable container.

  Bug Fixes

    - CMFDefault.SyndicationTool: Coerce property values into correct
      types. (http://www.zope.org/Collectors/CMF/344)

    - CMFCore.Skinnable: Don't catch ConflictError in __of__.

    - CMFCore.CMFCatalogAware: In reindexObjectSecurity, use
      _unrestrictedGetObject when available, and LOG when the object
      cannot be retrieved.

CMF-1.5.1beta2 (2005/04/17)

  New Features

    - MemberDataTool: setSecurityProfile (called by MembershipTool's
      setPassword) now uses the userFolderEditUser() API of the user
      folder to change user information.

    - DCWorkflow: To bridge some of the bound variable name differences
      between TALES expressions used in DCWorkflow and those used elsewhere
      in the CMF, added two "aliases" to the expression context that reflect
      the CMF conventions: "object" points to "here", and "folder" points
      to "container" (http://www.zope.org/Collectors/CMF/338)

    - CMFSetup: Improved update directives for extension profiles.
      See the new PROFILES.txt for details.

    - CMFCore.DirectoryView: Made list of file names to ignore configurable.
      The previously hardcoded list of files to ignore when creating their
      ZODB representations can now be configured by passing a sequence of
      names to registerDirectory, which will be ignored in addition to the
      standard list of ignored names (http://www.zope.org/Collectors/CMF/319).

    - CMFCalendar: Added extension profile.
      You can now set up CMFCalendar in one step together with a new site or
      add calendar support to an existing site using the portal_setup tool.

    - CMFSetup: Added support for extension profiles.
      Extension profiles are profile fragments used to modify base profiles.
      They can be shipped with add-on products or used for customization
      steps. Importing an extension profile adds or overwrites existing
      settings in a fine-grained way. You can't export extension profiles.
      Snapshots and exports always represent the merged settings.

    - CMFSetup: Sometimes it is not necessary or desirable to create a 
      snapshot upon initial site creation. Matter of fact when run in a unit 
      test situation, addConfiguredSite can throw permission errors during the
      snapshot-taking because no specific SecurityManager has been set up.
      Add new flag "snapshot" to factory.addConfiguredSite to turn off
      snapshotting if desired

  Bug Fixes

    - TypesTool: Removed _checkViewType.
      The control-content-creating-by-typeinfo-view-permission feature did
      never work. Use DCWorkflow's allowCreate method instead.
      (http://www.zope.org/Collectors/CMF/114)

    - CMFDefault.DublinCore: Force local timezone when displaying date
      metadata. (http://www.zope.org/Collectors/CMF/325)

    - CMFCore.SkinsTool: Prevent adding skin layers with invalid path elements
      There is a disconnect between the ability to define what can be ignored
      inside DirectoryViews and what can be put into skins paths in
      the SkinsTool. Now a check is done inside addSkinSelection that makes 
      sure the same ignore-policy that is used for the DirectoryView is 
      applied to the elements of a skin path.
      (http://www.zope.org/Collectors/CMF/336)

    - CMFCore.FSZSQLMethod: Added configuration parameters that were left out.
      Some of the configuration parameters to ZSQL methods, specifically 
      those describing custom pluggable brains classes and the
      connection_hook, were not implemented in FSZSQLMethod. Also added a 
      first small unittest module for FSZSQLMethod testing.
      (http://www.zope.org/Collectors/CMF/335)

    - CMFSetup utils: Modified ConfiguratorBase.
      If the DEFAULT value is used, CONVERTER is no longer called. This makes
      setting DEFAULT more intuitive. While very unlikely, the change might
      break existing third party configurators.

    - CMFSetup: Reduced probability of profile ID conflicts.
      The first argument of 'registerProfile' is now 'name' instead of
      'profile_id'. The profile ID combines 'name' and 'product'.

    - CMFSetup.skins made the assumption that the CMF site can always
      acquire REQUEST and would set up the current skin with it. Added a test
      to see if REQUEST is available and if it is not, skip the step that
      sets up the current skin.

    - CMFCalendar zpt skin: Removed dependency on dtml layer.

    - CMFCalendar: Modified install script.
      Adds date indexes instead of field indexes. No longer adds the dtml
      layer to zpt skins.

    - CMFCore.utils: Added 'transaction' for backwards compatibility.
      CMF now uses the Zope 2.8 transaction API und uses utils.transaction as
      fallback in Zope 2.7.

    - CMFCore.TypesTool: Added backwards compatibility code to the fix for
      collector issue 49. (http://www.zope.org/Collectors/CMF/49)

    - CMFCore.Skinnable: Changed the way layers (skindata) are stored
      (no more _v_ attribute) to prevent them being lost in the middle
      of a request when memory pressure is high. This change is
      incompatible with SpeedPack, but includes one of its two
      optimizations about skins. (http://www.zope.org/Collectors/CMF/198)

    - DublinCore: Fixed creators upgrade to not call a potentially
      costly method on the user folder.
      (http://www.zope.org/Collectors/CMF/300)

    - CMFCatalogAware: When reindexing security, all subobjects must be
      reindexed even if they are not visible by the current user. Also
      fixed to work correctly with Zope >= 2.7.6.

CMF 1.5.1beta (2005/03/24)

  New Features

    - CMFCore.TypesTool and CMFCore.PortalFolder: If invokeFactory is 
      called from code it will now hand back the created object's ID. This
      does not change any behavior when called directly from the web. Both
      methods returned None before, so there is no dependencies anywhere
      on their return values, anyway. (http://www.zope.org/Collectors/CMF/331)

    - CMFSetup: When importing skins configurations you can now specify a
      layer to be inserted after a given layer. Previously you could only
      insert before a given layer.

    - CatalogTool: All default FieldIndex instances used for indexing
      DateTime values are now created as DateIndex instances instead. All
      default TextIndex instances are now created as ZCTextIndex instances.
      (CMF collector issues http://www.zope.org/Collectors/CMF/191 and
      http://www.zope.org/Collectors/CMF/302)

    - CMFSetup: Improved 'skip purge' behavior of the skins import handler.
      If purging is disabled, it's now possible to modify existing skin
      configurations. You can use '*' as wildcard for skin-path ids and a
      'insert-before' attribute to specify where to insert a new layer.

    - CMFSetup tool: Improved 'Properties' tab.
      The active site configuration can now be selected from a list of
      registered profiles and stored snapshots.
      (http://www.zope.org/Collectors/CMF/264)

    - CMFSetup: Added handlers for site properties.

    - CMFSetup utils: Added 'ConfiguratorBase' class.
      It's now recommended to use this class as base for all configurators.
      The class includes some generic methods to handle subobjects and
      properties.

    - FSObject: Now FSObject-derived items like FSImage or FSFile can have 
      security declarations inside the metadata file.
      (http://www.zope.org/Collectors/CMF/289)

    - profiles: Moved 'default' profile to CMFDefault.
      Using the new 'importVarious' handler this profile now allows to create
      CMF sites identical to those created with manage_addCMFSite. 

    - CMFDefault: Added 'importVarious' setup handler.
      This provisional handler will be removed again as soon as full handlers
      are implemented for these steps.

    - CachePolicyManager: You can now set a ETag using a TALES expression
      (http://www.zope.org/Collectors/CMF/236) 

    - RegistrationTool: The regular expression that limits what people
      can put in as a valid member ID is now configurable TTW in the
      portal_registration tool (http://www.zope.org/Collectors/CMF/117)

  Bug Fixes
  
    - CMFCore.MembershipTool: Change a couple conditional tests that tried to
      determine if the MemberDataTool had been found to explicitly test for
      None as the return value instead of a truth test on the tool itself, which
      would fail unexpectedly on folderish MemberDataTool implementations 
      that don't have actual content (http://www.zope.org/Collectors/CMF/330)

    - CMFCore.CachingPolicyManager and CMFCore.ActionInformation: The names
      available to TALES expressions throughout the CMF showed some
      inconsistencies. To prevent confusion the names "content" and 
      "content_url" that were used for Cache Policy Manager policies as well
      as the special ActionInformation.oai class are now deprecated and will
      be removed in CMF 1.7. The canonical names to be used are "object" and
      "object_url", which matches all other CMF expression contexts with
      DCWorkflow being the only exception due to its non-CMF roots.
      (http://www.zope.org/Collectors/CMF/328)

    - CMFCore.PortalFolder: Cataloging portal folders was prevented by
      overriding the typical indexing calls, but one of them was forgotten,
      so they still got cataloged.  (http://www.zope.org/Collectors/CMF/309)

    - CMFCore.DirectoryView: A special __setattr__ on the
      DirectoryViewSurrogate class made sure to write changes through to the
      underlying DirectoryView, but there was no equivalent __delattr__
      cleanup. (http://www.zope.org/Collectors/CMF/316)

    - CMFDefault.RegistrationTool: Allow email addresses with an underscore
      as the last element of the alias part.
      (http://www.zope.org/Collectors/CMF/326)

    - FSPageTemplate: Ensure that if a content type is specified using a
      .metadata file we respect it (http://www.zope.org/Collectors/CMF/320)

    - CMFCore.tests.test_PortalFolder:  fixed testing bug copied forward
      from OFS.tests.testCopySupport.

    - CMFDefault.RegistrationTool: Allow '+' in e-mail addresses.
      (http://www.zope.org/Collectors/CMF/322)

    - ActionInfo: Fixed issue with oldstyle Action info mappings.
      The 'allowed' key was broken for non-empty 'permissions'.

    - CMFDefault.DiscussionTool: 'getDiscussionFor' sometimes returned
      unwrapped talkback objects.

    - CMFSite: Made 'title' and 'description' properties undeletable.
      This change has no effect on existing sites.

    - FSObject: Ensure that a cache manager association on a Filesystem-based
      object in the Skins Tool gets applied to the customized object in the
      ZODB upon customization. (http://www.zope.org/Collectors/CMF/304)

    - TypesTool: Changed the way available factory_type_informations are
      presented on the dropdown list when adding a new type from a 
      filesystem FTI to the Types Tool. The new representation includes
      the "id" as set in the FTI instead of just the product name and the
      meta_type. (http://www.zope.org/Collectors/CMF/49)

    - CMFSetup: Fixed import of workflow bindings.
      The 'workflow' import step has to be run after the 'typeinfo' step.
      (http://www.zope.org/Collectors/CMF/265)

    - CMFCore.CatalogTool: Take into account query restrictions on
      'effective' or 'expires' attributes during a search.
      (http://www.zope.org/Collectors/CMF/120)

    - WorkflowTool: Fixed 'setChainForPortalTypes'.
      If 'chain' was an empty string, it wasn't set correctly.

    - FSFile, FSImage: Made available to caching policy manager as
      standard content. (http://www.zope.org/Collectors/CMF/299)

    - FSDTMLMethod: Small code cleanup to remove duplicate variable
      definition (http://www.zope.org/Collectors/CMF/291)

    - Portal: Fixed 'setupDefaultProperties'.
      Backwards compatibility was broken and the 'default_charset' argument
      was ignored.

    - Document/NewsItem: If the "plain text" format is selected the
      content will no longer be tested for HTML and reduced to text
      between opening and closing "body" tags
      (http://www.zope.org/Collectors/CMF/214)

    - Document/NewsItem: A call to setFormat will now re-cook the
      document content if the format has been changed (arising from
      discussion about http://www.zope.org/Collectors/CMF/214)

    - DirectoryViews/FSMetadata: Corrected some erroneous docstrings
      about proxy role handling using .metadata files
      (http://www.zope.org/Collectors/CMF/177)

  Other

    - CMFCore.FSPropertiesObject: Added a deprecation warning to announce the
      fact that .properties files will disappear in CMF 1.7 and should be 
      replaced with CMFCore.FSMetadata (.metadata) files.

CMF 1.5.0 (2004/10/21)

  New Features

    - Portal: Added 'default_charset' property.
      (http://www.zope.org/Collectors/CMF/261)

    - CMFDefault utils: Added 'toUnicode' function.
      (http://www.zope.org/Collectors/CMF/261)

  Bug Fixes

    - ZPT skin: Fixed 'RSS'.
      Values are now converted to unicode, using 'default_charset'.
      (http://www.zope.org/Collectors/CMF/261)

    - DublinCore: Added 'setCreators' method.  Note that
      'notifyModified' also modifies creators. If the current user
      should not be added to creators, make sure notifyModified() is not
      called after setCreators().  (http://www.zope.org/Collectors/CMF/61)

    - ZPT skin: Fixed '*metadata_edit_form'.
      Setting "Enable Discussion?" to 'Off' was broken.

    - CMFSetup: Made sure imported values are converted to strings.
      For now imports and exports work only with 'ascii' encoding.
      (http://www.zope.org/Collectors/CMF/287)

    - FSPageTemplate: Don't hide sub-tracebacks in development mode.

    - TypesTool: Removed again the "add properties from the ZMI" feature.
      That feature existed only in 1.5.0beta2.

    - ActionProviderBase: Modified exceptions raised by 'getActionInfo'.
      Now Unauthorized is raised if at least one Action was found but
      the user is not allowed to access any of them.

    - RegistrationTool: Generated passwords no longer contain 'OQ0Il1'.

    - The permalink feature is now turned off by default and may be turned
      on by setting the boolean property 'enable_permalink' in the cmfs
      root property sheet through the ZMI. Through the 'get_permalink'
      script the permanent link of an content object can be asked for.
      Additionaly the site may be asked if the permalink feature is turned
      on or not by adding 'isAvailable' instead of an unique id
      (http://www.example.com/permalink/isAvailable). Returns '1' or '0'.
      Also removed the badly designed 'tal:on-error' directive in
      'main_template'.

CMF 1.5.0beta2 (2004/09/27)

  New Features

    - CookieCrumbler: Merged changes from standalone version.
      Cookies set on an HTTPS connection are now marked as secure, meaning
      they will not be transmitted over HTTP.

    - PortalFolder: New 'Folderish' Interface defines the 'content*'
      methods.

    - PortalFolder: Improved WebDAV folder listings.
      Hidden sub-objects like tools are now filtered out. To see all
      sub-objects, you need the 'Manage portal' permission.

    - TypesTool: New properties can be added from the ZMI to
      TypeInformation objects.

  Bug Fixes

    - CMFDefault/Document:  store / return size of "raw" source text for
      'get_size'.

    - ZPT skin: Refactored registered_notify_template.
      For security reasons, it no longer adds the password to the login URL.

    - PortalFolder: Fixed '_checkId' policy.
      In a subfolder, members without 'Manage portal' permission were not
      able to create content items whose names clashed with content items
      in the portal root.

    - CookieCrumbler: Improved 'came_from' URL.
      Problems in connection with stack manipulation on traversal or usage
      of 'traverse_subpath' should be fixed now.

    - PortalFolder: Public 'content*' methods or no longer publishable.
      This prevents expensive anonymous calls to contentItems(),
      contentIds() and contentValues() via URLs. They still can be used
      in TTW code.

    - ZPT skin: Added missing mail_password_template.

    - TypeInformation: Simplified Method Aliases API.
      The new queryMethodID() replaces getMethodPath() and getMethodURL().
      Aliases for method paths are no longer supported.

    - FSFile: Allow setting a content_type value using a .metadata file
      (http://www.zope.org/Collectors/CMF/281)

    - FSPageTemplate: Refine the XML content type detection so that
      addtional data such as encoding is preserved
      (http://www.zope.org/Collectors/CMF/228)

    - ActionInformation: If a path expression ending in an object that
      gets called using __render_with_namespace__ (such as DTML objects
      and Scripts (Python)) is used a KeyError for "here" would be thrown
      inside PageTemplates.ZRPythonExpr.call_with_ns. call_with_ns
      expects the namespace to contain "here", which the context coming
      from CMFCore.Expressions.createExprContext did not provide. Added
      "here" as an alias pointing to the provided "object"
      (http://www.zope.org/Collectors/CMF/171)

    - DiscussionItem: Made sure that the workflow is notified of their
      creation.
      (http://www.zope.org/Collectors/CMF/280)

    - CMFCatalogAware: When pasting a content item, local roles were not
      changed to reflect the new ownership.
      (http://www.zope.org/Collectors/CMF/205)

    - ZPT skin: Added missing RSS script and template.
      (http://www.zope.org/Collectors/CMF/279)

    - DirectoryView: Improved createDirectoryView() backwards compatibility.
      Using platform specific path separators is deprecated.

    - UniqueIdAnnotation: Fixed manage_after* methods.
      They didn't work correctly in nested folders.

    - Workflow: Marked WorkflowMethod alias WorkflowAction as deprecated.

    - ZPT skin: Improved folder_copy_control and folder_cut_control.
      They now catch CopyErrors.

    - DirectoryView: Readded expandpath() for backwards compatibility.
      Some products still import expandpath from DirectoryView because
      it was once defined there. Note that importing expandpath from
      DirectoryView is deprecated and doesn't work with CMF HEAD / 1.6.

    - RegistrationTool: An optional password can now be passed to
      registeredNotify() (Issue #277).

    - Tool icons can now reside in subdirectories (Issue #144).

CMF 1.5.0beta (2004/08/12)

  New Features

    - The CMF is now under the terms of version 2.1 of the Zope Public
      License (ZPL); it was previously under ZPL version 2.0.

    - TypeInfos: Marked getActionById as deprecated.
      Use getActionInfo if you need an URL or getMethodPath if you need a
      method.

    - CatalogTool.CatalogTool now has a private 'unrestrictedSearchResults'
      method bypassing the effective and expiry date and roles. The new
      method has to be used with care to not expose security holes in
      applications using the CatalogTool.

    - CMFCalendar.CalendarTool: Made workflow states configurable TTW.
      (http://www.zope.org/Collectors/CMF/110)

    - Minor featurelet: The "Action Providers" ZMI tab on the portal_actions
      tool now links directly to the tools shown
      (http://www.zope.org/Collectors/CMF/181)

    - CMFCore.utils: Introduced contributorsplitter() utility function
      along the lines of keywordsplitter().

    - Actions and Action providers: Further refactoring.

      o Removed again OldstyleActionProvider Interface and
        OldstyleActionProviderBase that existed only in 1.5.0-alpha.
        ActionProvider now also works with oldstyle Action mappings.

      o listActionInfos() and getActionInfo() now return ActionInfo objects
        instead of Action info mappings. ActionInfo objects have a backwards
        compatible mapping interface.

    - Added CMFUid product which provides tools for generating,
      registering, and storing unique IDs for content (gregweb).

      o As an example of how to use unique ids, enhanced CMFDefault.Favorite
        content class, using unique ids to track moved or renamed
        content items.

      o At the bottom of the page the permanent link to the content object
        is shown (http://www.example.com/<cmf_root>/permalink/1234, where
        1234 is the unique id of the content object)

    - Added __init__ method to the IOpaqueItems.ICallableOpaqueItem
      interface.

    - CookieCrumber now supports logging the authenticated user id to
      the access log just like basic auth.

    - 'portal_setup' tool can now disply / download diffs between profiles
      and / or snapshots.

    - The 'find' tab on the 'portal_skins' tool will now mark the object that
      would be returned when using the specified skin

  Bug Fixes

    - CMFCore.PortalFolder: Enforce check of "Delete objects" permission
      during cut + paste.
      (http://www.zope.org/Collectors/CMF/259)

      N.B.  This fix depends on an update to the underlying Zope software,
            e.g., Zope 2.7.3 or later.  Two new unit tests fail on
            Zope 2.7.2 and earlier.

    - CMFDefault.MetadataTool: Validation would disallow
      vocabulary-constrained metadata elements to be empty
      (http://www.zope.org/Collectors/CMF/217)

    - CMFDefault.DiscussionItem: Replies were not sorted chronologically
      (http://www.zope.org/Collectors/CMF/211)

    - CMFDefault.Image and CMFDefault.File: When copy/pasting Image and File
      objects the review state did not revert to "private".
      (http://www.zope.org/Collectors/CMF/176)

    - CMFSetup: Refactored rolemap.
      Converted the roles attribute to role sub-elements. Fixed an
      acquisition bug that caused incomplete exports. Updated default
      profile.

    - CMFWiki: Prevent deprecation notice for the deprecated
      CMFWikiPermissions module by replacing its usage in CMFWiki.__init__
      with the new permissions module.

    - CMFTopic: Change topic_view template to show title and ID (it only
      showed title before)
      (http://www.zope.org/Collectors/CMF/180)

    - CMFCore.PortalFolder: Unlike other content, only Managers were able
      to create PortalFolders using mkdir in FTP. Fixed by inserting
      missing security declaration for PortalFolder.manage_addFolder
      (http://www.zope.org/Collectors/CMF/167)

    - Default text format for NewsItems is now structured-text, just like
      it is for Documents, tuhs removing a spurious difference.
      (http://www.zope.org/Collectors/CMF/138)

    - CMFCalendar.CalendarTool: (Lost) fix for issues 65 and 159.
      The determination of the date/time range constituting a specific month
      was faulty.

    - CMFDefault.DublinCore: Use the portal_metadata tool's 'getPublisher'
      for the DublinCore 'Publisher' element (thanks to Eric Brown for the
      patch).

    - CMFCalendar.CalendarTool: Code assumed US datetime format throughout.
      At least since Zope 2.7 users can change that.

    - CMFCalendar.Event: Day, month, and year were processed in the wrong
      order by Event.edit().
      (http://www.zope.org/Collectors/CMF/202)

    - CMFCore.PortalFolder: _verifyObjectPaste() did not check the
      container's allowed content types, enabling users to paste objects
      they were not allowed to add.
      (http://www.zope.org/Collectors/CMF/216)

    - CMFDefault.File and CMFDefault.Image: setFormat() failed to update
      the content_type property causing index_html() to use a stale mimetype
      when serving the file or image.
      (http://www.zope.org/Collectors/CMF/226)

    - CMFDefault.Document, CMFDefault.Link, and CMFCalendar.Event:
      WebDAV PUT() caused improper splitting of 'Contributors' metadata
      header.

    - CMFCore.PortalFolder: Fixed missing import of BadRequest exception.

    - DCWorkflow DefaultWorkflowClassic: Fixed 'pending' state permissions.

    - CMFSetup: Refactored actions, type-infos and workflow definition.
      Changed some XML attributes. Converted list items and descriptions to
      sub-elements.

    - ActionInformation: Some attribute cleanup.
      Enforced usage of 'Title' instead of 'Name', 'URL' or
      'URL (Expression)' instead of 'Action'. Enforced boolean type of
      'Visible'.

    - DiscussionTool: Fixed two acquisition bugs.
      (Collector #119 and #201)

    - Change default CookieCrumbler Cache-Control header value from
      "no-cache" to "private" to allow browser caches to cache cookie
      authenticated pages but not proxies and HTTP accellerators.

    - ActionInformation: Correctly store an empty tuple for permissions
      if no permission is given (Collector #242).

    - DublinCore: Use a default ceiling date that is parsable by
      DateIndex (Collector #132).

    - RSS: Creates correct XML by always quoting arguments (Collector #170).

CMF 1.5.0alpha (2004/07/09)

  New Features

    - CMFActionIcons product is now shipped as part of the CMF release.

    - New portal_setup tool provides export / import of various site
      configuration choices, both as tarballs and as TTW "snapshots".
      See the "README":CMFSetup/README.txt.

    - zpt skin: Some forms are now scripts.
      These scripts are dispatchers that call validators and controllers and
      set redirect depending on the selected button. If redirect is not set,
      the script calls a template and returns the resulting HTML page.

    - ActionProviderBase, ActionInformation: Added methods to modify/edit
      actions. New method 'getActionObject' in 'ActionProviderBase' and
      'edit' method in 'ActionInformation' (Collector 195).
      An action now may be modified/edited the following way::

        action_provider.getActionObject('object/view').edit(title='VIEW')

    - Topic objects now support syndication (Collector #203).

    - PortalFolder and zpt skin: PortalFolder now inherits from
      OrderedFolder.

      o Added buttons to 'folder_contents' that allow to set a default
        sorting for each PortalFolder or to order the sub-objects by hand.

      o Modified 'index_html' to show sub-objects in the selected order. The
        old 'index_html' is still available as 'index_html_categorized'.

    - CMFDefault utils: Added 'html_marshal' function.
      This is similar to ZTUtils.make_hidden_input(), but returns a sequence
      of (name, value) pairs instead of html code.

    - CMFCore utils and content types: Marked _getViewFor as deprecated.
      __call__() and view() methods using _getViewFor() are deprecated as
      well. Use Method Aliases instead.

    - CMFDefault Site: Now adds the 'Classic' DCWorkflow on creation.
      If DCWorkflow is not installed, no default workflow is added.

    - DynamicType: Added 'getActionInfo' method.
      This is a shortcut to getActionInfo() of the related TypeInformation.

    - DublinCore: setModificationDate is now guarded by
      'ModifyPortalContent'.

    - zpt skin: Reimplemented 'folder_contents' and related controllers.
      Uses a dispatcher script that calls the right validators and
      controllers if a form button is pushed. The result looks almost
      the same as before.

    - PortalFolder and SkinnedFolder: Added 'new' and 'rename_items' Actions.
      Used for redirects they are invisible by default.

    - CMFCore exceptions: Added some Exceptions.
      AccessControl.Unauthorized is a subclass of zExceptions.Unauthorized,
      so for best results use 'AccessControl_Unauthorized' to raise
      Unauthorized and 'zExceptions_Unauthorized' to catch them all.
      'CopyError' and 'ResourceLockedError' are now also available for
      TTW code.  'EditingConflict' is a new CMF class replacing the old
      string exception.

    - Callable Opaque Items, CMFCatalogAware: Added an interface
      'ICallableOpaqueItemWithHooks'. CMF now calls the manage_after*
      and manage_before* hooks of a marked opaque item on copying,
      moving or deleting the containing content object.

    - DublinCore: Creator element no longer depends on Ownership.
      (Collector #25)

      o Added listCreators() and listContributors() to the DublinCore
        Interface. Creator() now returns the first element of listCreators().
        Contributors() is now a deprecated alias of listContributors() and
        might change in a future version.

      o Updated DublinCore implementation in DefaultDublinCoreImpl and
        DiscussionItem. Added new addCreator() method that is called by
        notifyModified(). SkinnedFolder also uses the new methods.

      o Updated ContentFilter to work with listCreators().

      o Updated CatalogTool to index listCreators. Creator index and metadata
        are deprecated and might be removed in a future version.

      o Updated skins to search listCreators() and show all creators.

    - TypeInfos: _finishConstruction() now calls reindexObject().
      This makes sure changes made by ScriptableTypeInformation scripts are
      indexed and notifyModified() is called after content creation.

    - Document: Removed WorkflowMethod wrapper of setFormat().
      This was the only wrapped MutableDublinCore method and caused an ugly
      second reindexObject() / notifyModified() call in the middle of
      _editMetadata().

    - CatalogTool: Updated to post Zope 2.6.2 ZCatalog interface.
      'catalog_object()' and 'reindexObject()' now support the new
      'update_metadata' argument. 'reindexObjectSecurity()' doesn't update
      catalog metadata anymore.

    - Added new hook to CookieCrumbler "twiddleAuthCookie". The
      twiddleAuthCookie skin script, if present is called on each request
      where a cookie authentication token is present. It is passed the auth
      cookie name and value so that it can perform such functions as
      extending the expiration of the cookie. A twiddleAuthCookie script
      along with a setAuthCookie script could create login sessions that
      timeout after a period of inactivity for example.

    - Refactored ActionsTool and Action providers:

      o Added listActionInfos() and getActionInfo() to the ActionProvider
        Interface, added 'object' argument to listActions().

      o Added OldstyleActionProvider Interface and OldstyleActionProviderBase
        for Action providers still not using ActionInformation objects.
        WorkflowTool and CMFCore DiscussionTool use this.

      o Action providers queried by ActionsTool should implement the new
        ActionProvider Interface. Action providers subclassing
        ActionProviderBase inherit the necessary methods.

      o To ease transition it will be sufficient to implement the
        OldstyleActionProvider Interface, using OldstyleActionProviderBase.
        The use of Action providers not implementing one of these Interfaces
        is deprecated. Support for them will be removed after CMF 1.5.

      o Added helper methods getOAI() and getExprContext() to get computed
        contexts from REQUEST cache or create new ones.

    - CMFDefault MembershipTool and zpt skin: Added 'Manage members' Action.
      The skin now provides basic membership management: Browsing members,
      registering new members and deleting members including their member
      data, member area and Local Roles.

    - The caching policy manager now sets the header
      'X-Cache-Headers-Set-By' when it sets cache headers
      in a response.

    - FSDTMLMethods now play nicely with the caching policy manager.

    - zpt skin: Added batch_widgets.pt and getBatchNavigation.py.
      roster and search use now the new navigation macro. Looks like before,
      but i18n works better and it's easier to reuse or replace the code.

    - zpt skin: Added zpt version of registered_notify_template.

    - CMFCorePermissions: Made them available for import by Scripts.

    - CMFCore MembershipTool and MemberDataTool: Added 'delete' methods.

      o deleteMemberData() deletes the member data of a member.

      o deleteMemberArea() deletes the member area of a member.

      o deleteLocalRoles() now has a 'recursive' argument.

      o deleteMembers() deletes members including member data, member area
        and Local Roles.

    - CMFCore MembershipTool: Changed interface.

      o createMemberarea() is now called createMemberArea(). For backwards
        compatibility createMemberarea is a deprecated alias.

      o getMembersFolder() is now also part of the CMFCore interface.

    - CMFCorePermissions: Added 'Change local roles' Permission.
      PortalFolder's 'Local Roles' Action and MembershipTool's Local Roles
      methods are now guarded by 'Change local roles' of the object.

    - Added CMFCore 'exceptions.py': Errors defined in this module are
      available for import by Scripts.

    - CMFCore and CMFDefault MembershipTool: Changed permissions.
      'createMemberarea()' for someone else and 'getRoster()' including
      hidden members are now protected by 'Manage users'. 'getMemberById()',
      listMemberIds() and listMembers() as well.

    - Document and NewsItem: Un-hardwired 'manage_FTPget()' for 'text/html'.
      Added 'source_html.dtml' and 'source_html.pt'. 'manage_FTPget()' now
      has a 'gethtml' hook and uses 'source_html' by default.
      (Collector #168)

    - TypeInformation: Added Method Aliases.

      o TypesTool and TypeInformation now have an 'Aliases' tab to configure
        Method Aliases TTW.

      o factory_type_information now has a key 'aliases' to configure Method
        Aliases in a product. This key is required, but may be empty: If it
        doesn't exist, TypeInformation will try to update by guessing
        aliases.

      o DynamicType manipulates 'TraversalRequestNameStack' depending on
        Method Aliases. '(Default)' and 'view' aliases bypass __call__() and
        view() methods on traversal.

      o PortalFolder's 'mkdir' hook now makes use of Method Aliases.

    - CMFCore and CMFDefault MembershipTool: Changed member area creation.
      'wrapUser()' does no longer call 'createMemberarea()'.
      'createMemberarea()' should now be called from the 'logged_in' page.

    - CMFDefault MembershipTool: Added a customization hook to
      'createMemberarea()'. A 'createMemberContent' script placed inside the
      tool overrides default member content creation.

  Bug Fixes

    - zpt skin: Removed dependency on dtml layers.

    - CMFCore utils: Marked 'format_stx' function as deprecated.
      It's no longer necessary to work around default STX handling.

    - DirectoryView: Refactored path handling.
      Should now work with any products path setup. (Collector #210)

    - Enforced new "local permissions" pattern:  each top-level CMF product
      should have a 'permissions.py' module which imports / declares all
      permissions used within the product;  other modules within the product
      should import from there.  Likewise for 'exceptions.py'.

    - Removed pre Zope 2.7.0 compatibility code. Now Zope 2.7.0 or a later
      platform is required for CMF.

    - CatalogTool: Marked the 'meta_type' index as deprecated.

    - PortalFolder: Marked the 'spec' argument as deprecated.
      Use the 'filter' argument with 'portal_type' instead for
      contentItems(), contentIds(), contentValues() and listFolderContents().

    - PortalFolder: Fixed portal_type acquisition bug in ContentFilter.

    - DynamicType: Added 'getPortalTypeName()' to the interface.

    - Collector #227:  expose ZPT filename in tracebacks which include
      FSPageTemplates.

    - zpt skin: Switched base tag policy back to that of dtml skin.
      This makes the use of relative URLs in content easier. If you have
      content that depends on the old policy you can customize getBaseTag.pt
      and add a slash. (Collector #66)

    - Actions of folderish types: Fixed some inconsistencies.
      Whatever the old CMFDefault policy was - this is the current policy:
      "object" is used for Actions related to the object itself, "folder" is
      used for Actions related to the container of the object.

      o Changed the category of PortalFolder and SkinnedFolder Actions to
        'object'.

      o Moved 'folderContents' of folderish types from ActionsTool to
        PortalFolder's type info. Other folderish types now have to declare
        their own 'folderContents' Action if they need one.

      o Renamed Topic's 'subtopics' and SkinnedFolder's 'foldercontents'
        Action to 'folderContents' to get them in sync.

    - StrippingParser: Added 'big', 'small', 'sub' and 'sup' to valid tags.

    - _checkPermission: Added check for executable owner and proxy roles.

    - SkinsContainer: Fixed context wrappers returned by getSkinByPath().
      The original context of skin folders is now removed. This avoids having
      SkinTool attributes added to the CMFSite root object.

    - CatalogTool: Removed deprecated 'id' from default indexes and metadata.

    - Skins: Fixed a DateTime related issue in search_form and doFormSearch.
      Added one second to epoch to work around the problem that the timezone
      gets lost if time is 00:00:00.

    - CMFCore.PortalFolder: Explicitly declare base interfaces.

    - Tests: CachingPolicyManager tests don't fail on Windows anymore.
      (Collector #107)

    - SkinsTool: Fixed cookie paths.
      clearSkinCookie() now uses the same cookie path as updateSkinCookie()
      which is now "inside-out" hosting safe.

    - DefaultDublinCoreImpl: Changed accessor permissions.
      As defined in the interface accessors are now protected by 'View'.

    - CMFDefault utils: Made 'tuplize()' work correctly with string types.

    - CMFCore utils: Reverted obsolete workaround in _checkPermission.

    - Skin scripts: Made except statements safer by being more specific. Hope
      this still catches all relevant errors.

    - Removed some pre 'Zope 2.4.3 with PageTemplates' backwards
      compatibility cruft. A later platform is required since CMF 1.3.

    - Collector #153: CookieCrumbler didn't preserve query strings.


CMF 1.4.7 (2004/08/11)

  New Features

    - Minor featurelet: The "Action Providers" ZMI tab on the portal_actions 
      tool now links directly to the tools shown 
      (http://zope.org/Collectors/CMF/181)

  Bug Fixes

    - CMFCore.PortalFolder: Enforce check of "Delete objects" permission
      during cut + paste. (http://zope.org/Collectors/CMF/259)

      Note: This fix depends on an update to the underlying Zope software,
            e.g., Zope 2.7.3 or later.  Two new unit tests fail on
            Zope 2.7.2 and earlier.

    - CMFDefault.MetadataTool: Validation would disallow
      vocabulary-constrained metadata elements to be empty
      (http://zope.org/Collectors/CMF/217)

    - CMFDefault.DiscussionItem: Replies were not sorted chronologically
      (http://zope.org/Collectors/CMF/211)

    - CMFDefault.Image and CMFDefault.File: When copy/pasting Image and File
      objects the review state did not revert to "private".
      (http://zope.org/Collectors/CMF/176)

    - CMFTopic: Change topic_view template to show title and ID (it only
      showed title before; http://zope.org/Collectors/CMF/180)

    - CMFCore.PortalFolder: Unlike other content, only Managers were able
      to create PortalFolders using mkdir in FTP. Fixed by inserting
      missing security declaration for PortalFolder.manage_addFolder 
      (http://zope.org/Collectors/CMF/167)

    - Default text format for NewsItems is now structured-text, just like
      it is for Documents, thus removing a spurious difference
      (http://zope.org/Collectors/CMF/138).

    - CMFCalendar.CalendarTool: (Lost) fix for issues 65 and 159.
      The determination of the date/time range constituting a specific month
      was faulty.

    - CMFDefault.DublinCore: Use the portal_metadata tool's 'getPublisher'
      for the DublinCore 'Publisher' element (thanks to Eric Brown for the 
      patch).

    - CMFDefault.Document: Make Document render compliant XHTML when format
      is 'plain' (thanks to Eric Brown for the patch).

CMF 1.4.6 (2004/07/30)

  Bug Fixes

    - CMFCalendar.Event: Fixed long-standing bug where day, month, and year
      were processed in the wrong order by Event.edit().
      (http://zope.org/Collectors/CMF/202)

    - CMFCalendar.Event: PUT() caused improper splitting of 'Contributors'
      metadata header.

    - CMFCalendar.CalendarTool: Code assumed US datetime format throughout.
      At least since Zope 2.7 users can change that.
      (http://plone.org/collector/3218)

    - CMFCore.PortalFolder: _verifyObjectPaste() did not check the
      container's allowed content types, enabling users to paste objects
      they were not allowed to add.
      (http://plone.org/collector/2183)

    - CMFDefault.File and CMFDefault.Image: setFormat() failed to update
      the content_type property causing a stale mimetype to be used when
      serving the file or image.
      (http://plone.org/collector/1323)

    - CMFDefault.Document and CMFDefault.Link: PUT() caused improper
      splitting of 'Contributors' metadata header.
      (http://plone.org/collector/3217)
      
    - CMFCore.utils: Introduced contributorsplitter() utility function.

    - CMFCore.PortalFolder: checkIdAvailable() failed to catch 
      zExceptions.BadRequest.

CMF 1.4.5 (2004/07/08)

  Bug Fixes

    - When someone customises something twice, rather than raise an error,
      show them a nice message and takes them to the already customised
      object.

    - FSImage didn't recognize '.bmp' files (Collector #245).

    - Further hardening of member property, 'email', to prevent trickier
      header injection into system-generated e-mails (Collector #243 redux).

CMF 1.4.4 (2004/05/14)

  Bug Fixes

    - Unchecked member property, 'email', could allow header injection
      into system-generated e-mails (Collector #243).

CMF 1.4.3 (2004/04/22)

  Bug Fixes

    - CMFCalendar.CalendarTool: Converted '_usage' queries to dictionary
      syntax. Shuts up DeprecationWarnings in Zope 2.7.

    - CMFCore.CachingPolicyManager:  make REQUEST argument optional
      for public methods, to ease scripting policy operations from
      setup code. (Collector #234)

    - Action definitions: Removed leading spaces. (Collector #229)

CMF 1.4.3-rc1 (2004/02/05)

  Bug Fixes

    - CMFCore.PortalFolder: Explicitly declare base interfaces.

    - CMFCore.MembershipTool: Don't swallow ConflictError during wrapUser.

    - CMFDefault.SkinnedFolder: Creator() method now resembles the one from
      DublinCore. This allows for unowned objects and shuts up a deprecation
      warning in Zope 2.6.4/2.7.0.

    - CMFCore.CookieCrumbler: No longer disregards an existing cookie auth
      token for DAV requests (like PROPFIND) that occur over the main HTTP
      port. Eliminates additional user challenges for browser-based DAV
      clients like MS WebFolders.

    - CMFCore.FSMetadata: the "acquire" flag for permission mappings was
      not converted to an int;  '0' was therefore coming through as true.

    - CMFCore.FSPageTemplate.py: compatibiltity with Python 2.3 (can't
      mutate a class' __dict__ directly;  use setattr(klass, name, value)
      instead).

CMF 1.4.2 (2003/10/27)

  Bug Fixes

    - CMFDefault RegistrationTool:  enforced using the member's e-mail
      address, rather than the one passed in from the request.

    - CMFCore MembershipTool: Fixed 'getCandidateLocalRoles()'.
      Didn't work without having 'Member' role. (Collector #148 and #169)

    - CMFCore MembershipTool: Changed the permission for searchMembers to
      'List portal members'. By default Anonymous users are no longer able to
      list member ids and email addresses. (Collector #189)

CMF 1.4.1 (2003/09/08)

  Bug Fixes

    - Initialize class security correctly on ActionProviderBase
      (Collector #186).

    - Filesystem-based scripts should open their files in text mode, not
      binary (Collector #185).

    - Remove ownership from filesystem-based skin methods, which
      can't be trojaned, and therefore need not pay the performance
      penalty of ownership checking.

    - CMFCore/MembershipTool.py:  include traceback in log messages
      for errors during 'wrapUser'.

    - CMFDefault/skins: Fix permission name and html in roster.

    - CMFCore/TypesTool.py: Make sure oldstyle FactoryTypeInformation
      data is always converted.  Actions are now completely migrated during
      TypeInformation creation.

    - CMFCore/utils.py: Fix buglet in 'minimalpath()', which caused
      proudct lookup to fail when a second 'Products' directory was
      in the path.

    - CMFCore/Skinnable.py: Fix acquisition wrapping so that getPhysicalPath
      is not spoofed during funny traversals.

    - CMFCore/TypesTool.py:  Fix ownership of constructor scripts used by
      ScriptableTypeInformation (Collector #165).

    - CMFDefault/skins: Fix some minor template issues in ZPT skins
      (Collector #156 and other).

    - CMFDefault and CMFCalendar skins: Fix stylesheets (Collector #164).

    - CMFCalendar:  fix bug in month-spanning events (patch from Helge
      Tesdal).

    - CMFCore and CMFDefault MembershipTool: Make sure 'createMemberarea()'
      always grants the right Ownership and Owner role for new member folders.
      This doesn't fix existing member folders with wrong Owner roles.
      If you use a customized MembershipTool, make sure your createMemberarea
      method does the Right Thing.
      (Collector #162)

CMF 1.4 (2003/05/19)

  Bug Fixes

    - The memberdata tool now fetches properties from member objects using
      'getProperty' when returning search results, rather than performing
      direct attribute access on the member.

    - The CookieCrumber now functions for HEAD requests.

    - type actions: They are now absolute URLs by default.
      For 'getActionById' and '_getViewFor' they are converted to relative
      URLs. (Collector #152)

CMF 1.4beta1 (2003/04/28)

  New Features

    - Made TypeInformation objects derive from CMFCore.ActionProviderBase:
      their actions are now TALES expressions, and they have conditions
      (like all the "tool actions").

    - zpt skins (CMFDefault): Added i18n attributes.
      See INSTALL.txt for installing internationalization support.
      (Collector #122, thanks to Gitte Wange for her contribution)

    - zpt skins (CMFDefault): Added 'zpt_content/transition_form.pt'.
      'content_*_form.pt' now use this template.

    - skins (CMFDefault): Made scripts independent of submit button 'values'.

    - Added .css to the extensions that create FSFile objects in
      DirectoryViews (see CMFCore/FSFile.py)
      All sites upgrading which expected css extension to be dropped and to
      contain DTML will be required to rename their css files to foo.dtml.
      (Collector #129)

    - Added .js to the extensions that create FSFile objects in
      DirectoryViews

    - MembershipTool (CMFDefault): Un-hardwired members folder.
      You now can get the members folder object using 'getMembersFolder()'.
      If you want to change the id of the members folder, rename the folder
      and set the members folder using portal_membership's configuration tab.
      (Collector #128)

    - utils: Changed behavior of 'bodyfinder' and 'html_headcheck'.
      The head check in html_headcheck is now a bit different, but the result
      should be closer to what people expect.
      The head check in bodyfinder is removed. In most cases you want to call
      bodyfinder only if html_headcheck is true.

    - Added FSFile skin object, in order to allow .swf files (et al.) in
      skins

    - Added 'listMetaTags' skin method, which filters the DublinCore
      metadata into a form suitable for inclusion as <meta> tags.

    - Added .metadata file for FSObjects, which allows the easy addition of
      more features without adding lots and lots of files. ConfigParser format.

    - Added proxy roles to FS Python Scripts and FS DTML Methods via the proxy
      property in .metadata files.

  Bug Fixes

    - utils: Changed behavior of 'StrippingParser' and 'scrubHTML'.
      They now close empty tags.
      (Collector #108, thanks to 'tanghus' for the patch)

    - Removed deprecated 'register' module and 'PortalContentRegistration'
      interface.

    - Moved URLTool to CMFCore. Added interface and basic tests.
      (Collector #67)

    - Protected the Pending review action in DefaultWorkflow by
      ReviewPortalContent (Collector #52).

    - Raise ValueError instead of TypeError in TypesTool.getActionById
      if the action is not found (Collector #56).

    - Cleaned up Interfaces and API Help (Collector #96):

      o Removed redundant 'Syndicatable' and 'IndexableContent' interfaces.

      o Removed unfixable 'Membership' and 'ReviewableContent' interfaces.

      o Removed listActions() from 'Contentish' and 'portal_workflow'
        interface.

      o Removed redundant or 'None' overriding of listActions().

      o Updated all interfaces to work with new Zope 2.6 Interface API.

      o Added 'portal_properties' and 'Dynamic' interfaces.

      o Added many interface implementation tests and made them pass.

    - MembershipTool (CMFDefault): Fixed acquisition bug. (Collector #102)

    - Skinnable: Changed docstring for setupCurrentSkin and added
      docstring to changeSkin: the latter is now used to set skin
      manually mid-request. (Collector #27)

    - Document: Ensured that setFormat('text/plain') does not overwrite
      text_format if text_format is 'plain'. (Collector #140)

    - Action providers: Default _actions' are now tuples, not lists.
      (Collector #123)

    - Document: Ensured that 'edit()' and 'PUT()' strip of xhtml headers and
      html headers including DOCTYPE declarations. (Collector #41)

    - Fixed some minor buglets. (Collector #80, #94 and #95)

    - Ensure that a couple of calls to string.split only split into a
      maximum of two parts.
      (Collector #82)

    - Enabled the CMF to be installed in a PRODUCTS_PATH.
      In doing so, also made it easier to move CMF sites between
      Windows and Unix.
      (Collector #64)

    - Multimodule checkin to convert calls from user.getUserName() to
      user.getId() where appropriate.  User names should not be used
      as immutable references, while user ids should.  The distinction
      is not clearly enforcd in the stock user folder or any current user
      folder implementations, but newer user folder implementations
      will rely upon it.

    - Remove redundant VERSION.txt files;  the canonical spelling is
      'version.txt' (Collector #13).

    - Correct security assertion on CMFDefault.Image's manage_afterAdd
      (Collector #141).

    - Ensure that the security attributes are reindexed on all
      subobjects too when a folderish object changes state in the
      workflow (Collector #115).

    - Backport fix of CMFCore/tests/test_FSImage.py to work with
      recent Zopes (> 2.6), which force HTTP headers to be strings.

    - Use return instead of raise in RegistrationTool.testPropertiesValidity
      if id is incorrect (Collector #48).

    - Correctly cleanup temporaries in CMFCore.MemberDataTool when
      wrapping a user object (Collector #136).

CMF 1.3.3 (2003/10/26)

  Bug Fixes

    - Ensure that e-mail address to which we mail the user's password
      in 'registeredNotify' comes from the member, rather than the
      request (thanks to Yvo Schubbe for the report).

    - Restrict ability to search members to users who have the 'List
      portal members' permission (Collector #189).

CMF 1.3.2 (2003/09/05)

  Bug Fixes

    - Initialize class security correctly on ActionProviderBase
      (Collector #186).

    - Remove ownership from filesystem-based skin methods, which
      can't be trojaned, and therefore need not pay the performance
      penalty of ownership checking.

    - Skinnable: Fix __of__ method so that it does not remove previous
      acquisition wrappers, which leads to invalid UIDs in the catalog
      when indexing objects using methods acquired from "above" the CMF
      site.

    - Sort candiate selection list when adding a FilesystemTypeInfo
      or ScriptableTypeInfo object to the types tool.

    - Open filesystem-based skin methods as text files, to avoid
      platform-specific line-ending issues (Collector #185).

    - Correct security assertion on CMFDefault.Image's manage_afterAdd
      (Collector #141).

    - Ensure that the security attributes are reindexed on all
      subobjects too when a folderish object changes state in the
      workflow (Collector #115).

    - Backport fix of CMFCore/tests/test_FSImage.py to work with
      recent Zopes (> 2.6), which force HTTP headers to be strings.

    - Use return instead of raise in RegistrationTool.testPropertiesValidity
      if id is incorrect (Collector #48).

    - CookieCrumbler: Accept authentication on HEAD requests. 
      Thanks to Brent Hendricks.

    - Correctly cleanup temporaries in CMFCore.MemberDataTool when
      wrapping a user object (Collector #136).

CMF 1.3.1 (2003/03/06)

  Bug Fixes

    - Fixed editSyInformationProperties in SyndicationTool to ensure  
      that updateBase is saved as a DateTime instance.

CMF 1.3.1beta1 (2003/02/26)

  New Features

    - Implemented PUT and GET support to CMFCalendar.Event for
      editing via FTP/WebDAV (thanks to Sidnei da Silva).

  Bug Fixes

    - Fixed incorrect security declaration in File.py (Collector #91).

    - Remove over-helpful default argument values in
      'CMFDefault.DefaultDublinCoreImpl._editMetadata'.  Now, if
      called without a value for an argument, the method will not
      change that value.  Collector #10.

    - Remove workaround in CMFCore.utils for recognizing links in
      StructuredText:  STX in CMF content should now recognize exactly
      the same links as the underlying Zope.  Note that we *do* still
      provide a customized HTML class, to permit embedding images without
      generating the "whole" page.  Collector #6.

    - Remove bizarre, shadowing import of CMFCore.utils as 'utils'
      into package namespace of CMFDefault;  instead, import specific
      names from that package directly (thanks to Paul Winkler for
      pointing out the incongruity).

    - Fix (theoretical) bug in CMFCore.DirectoryView which allowed
      non-registered directories to slip through (UI didn't exercise it).

    - Merge Christian Theune's fix for funky default argument values on
      CMFCalendar.Event's constructor and edit methods (collector #76).

    - FSPageTemplates overwrote a user-generated 'Content-Type' header.
      We now check to make sure a Content-Type header is not already set
      before allowing a page template to set its own.

    - Fixed bugs around 'addActionProvider' in ActionsTool (Collector #42).

    - Fixed race condition in lazy initialization of filesystem-based skin
      methods;  the bug led to odd name errors on 'context' for
      FSPythonScripts (Collector #37).

    - Removed crufty 'isDesktop' stuff from 'folder_factories' and
      'folder_contents' methods.

    - Fixed HTML-invalidating call to 'filterCookie' in 'folder_contents'.
    
    - Fixed unclosed 'tr' element  in ZPT version of 'folder_edit_form'
      (Collector #57).

    - Fixed CalendarTool to use portal_type and not Type to search for
      events in the catalog (Collector #28, thanks to Heimo Laukkanen
      for the report).

    - Fixed a bug in CalendarTool where events were not showing on the
      last day of the month.

CMF 1.3 (2002/08/06)

  New Features
  
    - FSPageTemplates now autodetect XML if a document has the standard
      '&lt;?xml version="xx"?&gt;' at the top, setting the content_type to
      "text/xml" so that it is parsed and served as XML.

    - Added a 'Workflows' tab in the ZMI that displays the workflow
      state of the object.

    - Wired 'scrubHTML' check into default versions of 'document_edit'
      and 'newsitem_edit' skins (site managers who prefer to allow
      JavaScript in content can customize to remove the check).

    - Added utility methods for checking / scrubbing HTML content of
      unwanted tags:  

      CMFDefault.utils:  scrubHTML, isHTMLSafe

      Known bad tags ('script', 'applet', 'embed', 'object'),
      attributes (starting with 'on'), and values (starting with
      'javascript:') cause 'scrubHTML' to raise an exception;  unknown
      tags are silently dropped.  'isHTMLSafe' returns true if
      'scrubHTML' would not raise an exception on the same text.

    - Exposed useful utility methods to scripting / skinning.

      CMFCore.utils:  getToolByName, cookString, tuplize, format_stx,
        keywordsplitter, normalize, expandpath, minimalpath

      CMFDefault.utils:  formatRFC822Headers, parseHeadersBody,
        semi_split, comma_split, seq_strip, tuplize, bodyfinder,
        html_headcheck.

    - Added two utility functions, 'isHTMLSafe' and 'scrubHTML', to
      CMFDefault utils;  these modules check for / remove undesirable
      tags from textual content.

    - Made public functions of 'CMFCore.utils' and 'CMFDefault.utils'
      available for scripting.

    - Allowed Portal Folders to be discussable.

    - Improved the ActionsTool so that permission checking for actions
      is done in the context of the object for all categories that start
      with 'object' or 'workflow', in the context of the folder for
      those that start with 'folder', and in the context of the portal
      otherwise. This is useful for admin-defined additional categories.

  Bug Fixes

    - Fixed Image and File so that they reindex on PUT.

    - Fixed WorkflowTool so that it doesn't pretend to workflow non-CMF
      objects (Collector #19).

    - Removed redundant block of code from CMFDefault/Link.py (Collector
      #18).

    - Fixed discussion tree display not to embed entire HTML document
      (Collector #17, thanks to Jeffrey Shell for the inspiration).

    - Fixed CookieCrumbler to emit "Basic" and not "basic" auth as per
      HTTP spec (Collector #14, thanks to Simon Eisenmann for the
      report). This fixes some WebDAV locking problems with (rightfully)
      picky clients, like ExternalEditor.

    - Made old ListCriterion instances forward-compatible across earlier
      addition of 'operator' field.

    - Defaulted CMFCore.MembershipTool's createMemberArea flag to true,
      to preserve existing behavior:  member area should be created by
      default on first login (Collector #5).

    - Hardened DefaultDublinCoreImpl's EffectiveDate() and
      ExpirationDate() methods to deal better with older / uninitialzed
      content.

    - Refactored content construction in the Types tool to make
      cataloguing and workflow notification more uniform.

    - Made Undo work again by removing any LF in transaction ids.

    - Made WorkflowTool.updateRoleMappings update security-related
      indexes.

    - Append '/' to links in skin templates to the root of the site, to
      pacify clients which won't send Basic Auth tokens because the path
      doesn't match.

    - Removed the binding of Folder and Topic types to the default
      workflow for newly-created CMFSites (Collector #4).  Note that
      existing sites will still need to remove these bindings manually,
      as indicated in the "Upgrading" section of INSTALL.txt.

    - Updated initial action reported by CMFDefault's DefaultWorkflow:
      was "joined", now "created".

    - Fix 'index_html' template to filter using 'View' permission
      (folders which were not viewable were triggering authentication,
      instead of being skipped).

    - Repair free-form subject entry on 'full_metadata_edit_form' (was
      merging all keywords onto the same line, plus soft-wrapping!).
      Likewise the "Contributors" textarea.

    - Ensured that Link, File, and Image content objects reindex
      themselves after edit (wrapping 'edit' as a WorkflowMethod no
      longer guarantees that).

    - Fixed CMFCalendar's "day view" to accomodate the removal of
      'title' metadata from catalog in favor of 'Title' (thanks to
      Dieter Maurer for pointing this out).

    - Corrected a skins performance optimization (the version as
      released in the beta did not take effect).

CMF 1.3 beta2 (2002/07/07)

  New Features

    - Changed the modification date so that it is updated at reindex
      time and does not rely anymore on bobobase_modification_time. This
      makes export+import of objects not lose the modification date.
      Before exporting objects created with an older CMF version,
      reindex the "modified" index in the catalog (you just have to do
      it once, and only if you need to export objects).

    - Made the workflow tool compute chains using type names, as well
      as instances (Tracker #441).

    - Made the DCWorkflow worklists accept a list of formatted values
      for cataloged variable matches. The separator is a semicolon
      (Tracker #496).

    - Made the security-related indexes of the portal catalog be updated
      for all impacted objects whenever local roles are changed (Tracker
      #494). This feature makes use of the 'path' index.

    - Made 'path' (PathIndex) a standard index inside CMF. When
      upgrading from earlier versions this index will have to be created
      by hand.

    - Enabled "within day" queries for FriendlyDateCriteria E.g.,
      field="modified", value="Now", operation="within_day",
      daterange="old" -> content which was modified "today".
      (Tracker #474).

    - Made the id of the current user available to old action providers
      (DCWorkflow being a prime example) as 'user_id' (Tracker #495,
      thanks to Luca Olivetti for the patch).

    - Modified the 'standard_error_message' page template to show the
      'error_log_url', if passed in (Zope 2.6 will pass this argument
      if an error log is installed).

    - Extended the metadata tool to permit passing the type name
      directly (e.g., when building a new object, one might need to know
      the allowed subjects before construction).

    - Added a working calendar implementation to the CMFCalendar product,
      which had previously provided only an Event content type.  Thanks to
      Andy Dawkins for the work.

    - Updated FS-based skin methods to read optional '.security files,
      whcih control the role-permission mappings for each skin method.
      See CMFCore/tests/fake_skins/fake_skin/test4.py.security for an
      example.

  Bugs Fixed

    - Fixed PortalFolder's filtering so that it correctly restricts
      itself to the portal types allowed by the TypesTool (Tracker #483).

    - Fixed the TypesTool so that TypeInformation's Title is
      decorrelated from its Id (the old TypeInformation.Type() should
      not be used anymore). The Id is what gets put in the "portal_type"
      attribute of a content object, which one gets at using
      somecontent.getPortalTypeName(). The Title is returned by
      somecontent.Type(). "portal_type" is now indexed, and in most
      cases should be used when doing catalog queries instead of "Type".

    - Provided all default skins (content_hide_form, content_show_form)
      for the DCWorkflow default workflow [rev 2]. Note that, when using
      this workflow, the descriptions in the retract and reject forms
      are slightly incorrect as they mention the "private" state but in
      fact go to the "visible" state.

    - Fixed verification of portal types in the TypesTool to work in the
      presence of portal types with a non-empty title (Tracker #497).

    - Removed unintentional sharing of ActionInformation data between
      class defaults and persistent instances derived from
      ActionProviderBase.  Likewise for TypeInformation instances.

    - Enabled creation of "My Stuff" folder for users (e.g., the manager)
      authenticated "above" the normal user folder (Tracker #485, thanks
      to Dieter Maurer for the patch).

    - Fixed handling of discussion items so that they are correctly
      indexed, unindexed and reinserted into the workflows when copied
      or moved.

    - Correctly reindex the just-reset workflow variables of an object
      in a DCWorkflow after a paste.

    - Correctly insert into the workflows the objects created by a
      Scriptable Type.

    - Fixed Friendly Date Criterion edit form to correctly display the
      duration in its menu (Tracker #475, thanks to Axel Joester for the
      patch).

    - Fixed relative URL in metadata_edit_form that broke if the
      main_template had a base tag (Tracker #506).

    - Made discussion replies work correctly when hitting Enter in the
      title field (Tracker #515), and corrected discussion Preview
      followed by an Edit that lost body information (Tracker #516).

    - Fixed the deletion of replies (Tracker #513, thanks to Stefan H.
      Holek for the patch).

    - Made the Link objects deal correctly with empty remote urls
      (Tracker #507) and not strip trailing slashes (Tracker #451).

    - Made content_type_registry deal correctly with TypeInfos that have
      a title (Tracker #465, thanks to Juan Antonio Valio Garca for
      the patch).

    - Changed CMFDefault.MembershipTool to not create a member folder at
      member creation time when the memberareaCreationFlag is false
      (Tracker #519). Note that any code that depended on the member
      folder being created after addMember will fail, that code should
      call createMemberarea directly if needed.

    - Fixed CMFDefault.RegistrationTool to correctly check the lack of
      'email' property when creating a new member or when checking
      member's properties validity (Tracker #508).

    - Fixed addtoFavorites to correctly add a favorite of someone else's
      document (Tracker #501).

    - Fixed CatalogTool to create a meta_type index; this is needed now
      that ZCatalog doesn't create any default indexes when
      instantiated.

    - Fixed recent_news to use 'Title' instead of 'title' to display the
      title of each news ('title' isn't indexed anymore).

    - Fixed listFolderContents to take into account its optional 'spec'
      argument.

    - Fixed index_html to correctly filter out unauthorized subfolders
      (Tracker #503).

    - Fixed exception handling to not use a string exception in
      PortalFolder (Tracker #512).

    - Changed the permission protecting the "Join" action provided by
      the default registration tool from "View" to "Add portal member"
      (Tracker #509).

    - Removed redundant "Syndication" action from SkinnedFolder; the
      SyndicationTool provides this aciton. (Tracker #481)

    - Updated INSTALL.txt to note the dependency of CMF on the TAL and
      ZTUtils packages and on the PageTemplates product for Zopes < 2.5.
      (Tracker #489).

    - Updated CatalogTool to create a Vocabulary if none present (as
      won't be for catalogs created under Zope 2.6).

    - Adapted interface checks to work with new spellings in Zope 2.6
      (older Zopes should still work).

    - Removed '##bind' headers from FSPythonScripts where they only
      repeat the defaults.

    - Corrected patterns used for "HTML body stripping" to avoid
      HTML embedded within structured text.

    - Fixed computed action of form in 'folder_rename_form' (Tracker #511;
      thanks to "yuppie" for the patch).

    - Improved cacheability of skin images by using absolute URLs.

    - Suppressed repeated load of FSImage content from filesystem
      (should only happen when in debug mode).

    - Repaired skin methods' read of '.properties' files, which hold
      additional metadata about the skin method beyond what can be
      expressed in the body.

    - Updated caching policy manager tool to use correct date format
      (RFC 1123 instead of RFC 822).

CMF 1.3 beta 1 (2001/04/03)

 New Features

   - CMFDefault Documents, News Items and Discussion Items now support
     a 'plain' text format, which simply HTML-quote's the text before
     displaying it.

   - Added CachingPolicyManager tool, which manages caching policies
     for skin methods, and updated FSPageTemplate to use a CPM if
     found.

   - Added functionality such that only users who have the
     view permission on the relevent Type object can create
     content of that type.

   - Added the ability to limit what types of object an
     object of a given Portal Type can be created in. 

     If 'Implicity Addable' is set (the default), then 
     objects of that Type can be added anywhere.

     If it is not set, then objects of that Type can only be 
     added to objects whose Type's allowed_content_types
     contains the Type.

   - Enabled querying actions from workflow tool in absence
     of actions tool (Tracker #401).

   - Added 'operator' attribute to CMFTopic.ListCriterion, to permit
     specifying an operator ('and', for the most part) for indexes which
     support it, e.g., KeywordIndex (Tracker #442).

   - Added ZMI interface for editing Link URL (Tracker #364).

 Bugs Fixed

   - Make ZMI editing of NewsItems safe (Tracker #472).

   - Made generated home pages for new members participate fully in
     workflow (Tracker #467).

   - Added 'text_format' wiget to NewsItem's edit forms (Tracker #460).

   - Fix sharing bug pointed out by Dieter Maurer (Tracker #484)
     in ActionProviderBase.  Thanks for the patch!

   - Added forwared-compatibility for "old" content (pre CMF 1.0!;
     Tracker #454, thanks to Lucas Hofman for the patch).

   - Made 'PortalFolder.invokeFactory' enforce the 'filter_content_types'
     property of the folder's type information object.

   - Added stripping of leading / trailing whitespace from
     Subject keywords (Tracker #479, thanks to Lucas Hofman
     for the patch!)

   - Gave URL tool explicit __roles__, to enable use in 'nocall:'
     expressions.

   - Turned off auto-expansion of customized FSPageTemplates
     (Tracker #477).
     
   - Fixed ActionProvidorBase for the case when no permission 
     is specified for an action that is added TTW.

   - Fixed ActionsTool so that duplicate actions are stripped.

   - Caused CMFDefault Portal constructor to strip passed-in id
     before creating a portal object with that id.

   - Allowed the ActionsTool to gracefully handle objects
     which return ActionInformation objects. Thanks to 
     Andy Dawkins for the analysis. (Tracker #457)

   - Made workflow Expressions use the correct ModuleImporter
     so that they operate correctly in their restricted 
     environment. Thanks to Dieter Maurer for the patch.
     (Tracker 463)

   - Fixed incorrent permissions in "pending" state of default 
     DCWorkflows. Thanks for Lynn Walton for the report and 
     Florent Guillaume for the patch. (Tracker #464)

   - Fixed missing comma that affected manager permission to modify
     in the published state. Thanks to Florent Guillaume for the 
     patch (Tracker #459)

   - html_quote'd errors raised by FSPageTemplates. Thanks to 
     Dieter Maurer for the patch. (Tracker #462)

   - Fixed typo in zpt_stylesheet.css. Thanks to Florent Guillaume
     for the patch. (Tracker #461)

   - Fixed long standing bug in FSPythonScript where get_size returned
     the incorrect length. This broke editing using EMACS via FTP or
     WebDAV. Thanks to John Glavin at South River Technologies for
     help finding the bug.

   - Reworked functionality added in Tracker #409 which broke the 
     Types Tool. (Tracker #458)

   - Fixed bug whereby DirectoryView instances were not noticing
     some of the changes they should when Zope was running in debug mode
     on Windows (Tracker #305)

   - Fixed a bug where the workflow notifyCreated method was called during
     manage_afterAdd in PortalContent, making it possible for the
     notification to occur on the wrong workflow.  The notification has 
     moved to the contstructInstance method on the TypesTool after
     the _setPortalTypeName method has been called on the object.

   - Extended TypesTool to permit registration of new TypeInformation
     implementations (Tracker #409, thanks to Jeffrey Shell for the
     work!)

   - Fixed a bug in Favorites.getObject to use restrictedTraverse on the portal
     object.

   - Made all tool-generated actions configurable through-the-web,
     via an "Actions" tab on each tool;  made the list of ActionProviders
     configurable TTW as well.

   - Fixed setting the Link.format to URL_FORMAT so the initially returned
     metadata headers would return 'text/url' properly.  Added unittests.

   - Enabled querying actions from workflow tool in absence
     of actions tool (Tracker #401).

   - Fixed CMFDefault.utils.parseHeadersBody to properly handle the headers
     generated on a windows app (i.e. Dreamweaver) with /r/n; added the
     compiled regular expression object to the method signature.

   - Added full webdav sipport code to Link.py.  Changed _writeFromPUT to call
     _editMetadata instead of editMetadata.

   - Made links emitted by 'topic_view' play nice with virtual hosting
     (Tracker #433).

   - Cleaned up emission of RFC822-style headers (Tracker #407),
     terminating headers must be terminated with CRLF, and padding
     continuation lines (for values with embedded newlines) with
     leading whitespace).

   - Ensure that package initialization files are non-empty, to prevent
       suspicion that they were corrupted in download (Tracker #426).

   - Added external method update_catalogIndexes.py to run as part of a
     upgrade to CMFs migrating to Zope2.4+ from from CMF sites which were built
     using Zope2.3 catalog

   - Use ID to label Favorite when target has an empty Title (Tracker #440).

   - Allowed sub-folders to have different syndication properties 
     than parents (Tracker #421).

   - Added 'CMFDefault.Upgrade.upgrade_decor_skins' external method to
     convert existing sites which had installed skin directories from the
     now-deprecated 'CMFDecor' product (Tracker #434).  Added note
     explaining the issue, and the workaround, to 'ISSUES.txt'.

   - Ensure that Favorites display the correct, absolute URL to their
     target, without needing to have <base> tag set (Tracker #419).

   - Worked around Opera's strange insistence on selecting an option,
     even for multi-select lists (Tracker #332).

   - Hardened CMFCore to initialize correctly in the absence of
     the PageTemplates product (Tracker #430).

   - Restored slot in <head> of ZPT main template into which content
     can insert the <base> tag (Tracker #418).

   - Fixed 'CMFTopic.SimpleIntegerCriterion.edit' to require a pair
     of values when 'direction' is 'min:max';  updated skins to use
     new 'getValueString', which renders such values properly
     (Tracker #439).

   - Ensured that Documents created with initial STX get cooked
     (Tracker #435).

   - Made links emitted by 'topic_view' play nice with virtual hosting
     (Tracker #433).

   - Made 'CMFCore/interfaces/__init__.py' non-empty, to remove suspicion
     that the file was corrupted in the download (Tracker #426).

CMF 1.2 beta (2001/12/07)

  New features

    - Added docs from the crack ZC docs guys; these docs live in
      the top-level 'docs' directory.

    - Merged CMFDecor product's artifacts into CMFCore /
      CMFDefault;  theses aretifacts allow use of filesystem-based
      Zope Page Templates as skins.

      Note that the CMFDecor skin is the one which will be
      receiving all our development focus:  we will fix bugs in the
      DTML skins, but are not likely to invest significant effort
      in upgrading it.

    - Hooked 'manage_addFolder' to allow creation of PortalFolders
      from both WebDAV, FTP, and ZMI.

    - Improved tracebacks from broken FSDTMLMethods, which no longer
      indicate that every problem is in RestrictedDTML.

    - Made it possible to add CookieCrumblers in nested folders.
      You can just drop in a cookie crumbler anywhere to change the
      login form for that area of the site.  In fact, now you don't
      have to create a user folder just to change the login
      process.

    - Made Link objects editable via FTP / WebDAV.

    - Merged Chris Withers' FSSQLMethod into CMFCore.

    - Added documentation for installing from CVS.

    - Moved permission checking inside personalize_form to make
      sure Anonymous cannot access it without logging in (CMF Tracker
      Issue 349, thanks go to Bill Anderson).

    - Added initial CMF use cases as FSSTXMethods in CMFDefault/help.

    - Made validation methods of 'portal_metadata' available to
      scripts.

    - Made skinned 'index_html' reflect generic view on folder
      content, rather than simple title/description of the portal.

    - Added "Change and View" submit button to content editing
      forms;  added check for this button to POST handlers in CMFDefault,
      and indirected redirect targets in those methods through
      'getActionByID'.

    - Added knob for skin cookie persistence to SkinsTool's
      "properties" tab.  The default policy (unchanged) is that
      skin cookies expire at the end of the browser session.  if
      Skin Cookie Persistence is checked the cookie will last a
      full yesr.

    - Added an API to the 'portal_actions' interface for querying,
      adding, and removing action providers.

    - Added a "multi-review" form, enabling a reviewer to publish
      or reject multiple items at once, using a common comment.

    - Added ZMI tab to DirectoryView to allow re-basing the
      filesystem path.

    - Added "breadcrumbs" to CMFDecor skins.

    - Added initial support for WebDAV locaking to PortalContent.

    - Added SortCriterion to list of criterion types for Topics,
      to permit sorting of results.

    - Added "Local Roles" action to folders to ease collaboration.

    - Add scarecrow assertions for the CMF-centric interfaces, and
      made the actual interfaces compatible with the standard
      Zope Interface package.

    - Made FSSTXMethod display skinnable, and added ZPT version.

    - Added 'visible' attribute to TypeInformation actions, to
      permit indirection (via 'getActionById') without exposing the
      action in the CMF UI.

    - Extended MetadataTool to allow adding / removing element specs
      (i.e., it can now manage policies for "custom" schemas, as
      well as Dublin Core).

  Bug fixes

    - Refactored content and metadata editing methods of
      DefaultDublinCoreImpl, Document, and NewsItem to disentangle
      the excessive coupling.  Each "path" for editing now has a
      "presentation"-level method, which directs traffic and
      reindexes the object;  the underlying methods are much
      simplified.

    - Fixed inner / named links in Document / News Item (thanks to 
      Kenichi Sato for the patch!)

    - Ensured that editing methods handle WebDAV locks correctly,
      using a new 'failIfLocked' assertion.

    - Added cookString method to CMFCore.utils for taking a string
      and making it id friendly, it also does a string.lower on the
      resultant regex.  Changed TypesTool to utilize cookString to
      ensure that action ids are properly formated if the name is
      being used as the id.

    - Added 'getReply' to CMFDefault.DiscussionItem.DiscussionItemContainer,
      to permit access to an individual reply without needing to
      do traversal.

    - Corrected pass-through of 'file' and 'seatbelt' arguments in
      new 'CMFDefault.Document.edit' method;  also sync'ed ZMI edit
      method for documents with standard protocol (Tracker #417).

    - Added cookString method to CMFCore.utils for taking a string and
      making it id friendly, it also does a string.lower on the resultant
      regex.
      
    - Made examples in INSTALL.txt less terse, and added notes on
      Windows-specific issues (thanks to Johan Mukhsein for the
      suggestions).

    - Made error message generated by FSPropertiesObject capture the
      offending line and line #;  also, added logic to allow blank
      lines and comment lines beginning with '#' (tracker #338).

    - Added fixup to Link objects for user-entered URLs which don't
      supply scheme:  for example, fix up 'www.zope.com' to
      'http://www.zope.com'.  (tracker #361)

    - Updated CMFCore.CatalogTool to allow new, optional 'idxs'
      argument to 'catalog_object' (tracker #405).

    - Added a workaround for the problem where the CookieCrumber
      set cookies even though the user entered an incorrect password.
      RESPONSE.unauthorized() now cancels the cookie response
      header.  The new login_form and logged_in form both try to
      invoke unauthorized(), so make sure you install the new
      forms.

    - Implement the notional 'search results item' interface for
      SkinnedFolder.

    - Corrected solecism in Topic (use of 'criteria' for singular);
      removed the need to know about the funky generated IDs for
      criterion objects.  Fixed derived bug in skins (tracker #408).

    - Modified error-logging code to avoid potential leaks of
      traceback frame.

    - Made Document's 'manage_FTPget' use 'EditableBody', rather than
      accessing 'text' attribute directly (improves reusability).
      Likewise 'Document.SearchableText'.

    - Merged Seb Bacon's refactoring of 'getDefaultView' into
      'CMFCore.utils._getView'; clients can now specify a view by name,
      as well.

    - Made the default content type for Image 'image/png', instead
      of the unintuitive 'text/html' inherited from DefaultDublinCoreImpl
      (tracker #384).

    - Corrected typo in ActionsTool which broke actions for the root
      portal object (tracker #379).

    - Updated the MemberDataTool to use an OOBTree, instead of the
      old-style BTree, to store member data wrappers (CMF Tracker 375).

    - Corrected 'personalize_form' to use 'getProperty' where feasible,
      rather than relying on direct attribute access (tracker #372).

    - Removed an incompatibility with LoginManager in
      CMFCore.MembershipTool (tracker #365).

    - Removed an infinite loop condition that arises when
      MembershipTool.createMemberArea gets called inside wrapUser
      (this could only happen if "Create Member Area" was checked
      in the Membership tool.)

    - Added new 'TitleOrId' skin method, and updated skins to
      depend on it rather than SimpleItem.title_or_id.

    - Made unit tests runnable without reliance on 'zctl test'.

    - Corrected initial column set in catalog to include
      "ModificationDate" instead of "ModifiedDate".

    - Ensured that object is recatalogued (e.g., after setting
      'portal_type';  thanks to Florent Guillaume).

    - Removed silly dependency of 'CatalogTool.searchResults' on
      REQUEST (catalog already does the Right Thing (tm) when no
      REQUEST is available).  Note that this requires updates to
      the 'search' skins, as they didn't pass it in.

    - Changed redirect target after rejecting an item to the search
      page for pending content items;  this resolves the problem
      that the non-Manager reviewr who rejects an item no longer
      has View permission on it, and therefore gets an Unauthorized
      when redirecting to the object's view action.

    - Moved generation of the "Add to Favorites" and "My Favorites"
      links from the CMFCore/ActionsTool into the
      CMFDefault/MembershipTool, which is a more logical location
      for it because it relies on information from the membership tool.

    - Made Topic directly publishable (like PortalContent), using its
      'view' action (or the first action found, if view is not present).

    - Set title for newly-created member folders;  fixes
      breadcrumbs that expect a title on the object.

    - Allow URLs with query strings in StructuredText links.

    - Update 'news_box' to search based on 'Type', rather than
      'meta_type'.

    - Fix 'SkinnedFolder.Creator()' to call 'getOwner()' with
      info argument.

    - Made CookieCrumbler check for 'WEBDAV_SOURCE_PORT'
      environment variable (supplied by Zope 2.4.1+), and bail on
      intercepting authentication if found.

    - Included 'Owner' in list of significant roles returned by
      'MembershipTool.getPortalRoles' (e.g., so that the
     "Local Roles" interface can allow assignment of it).

    - Allow users with local role of "Reviewer" to see the "pending
      review" action.

    - Made TypesTool, rather than individual type objects,
      responsible for generating "immediate view" URL;  type
      objects now return the newly-created object, which makes
      scripting them much simpler.

    - Remove fossilized reference to 'getSecurityManager' from
      'PortalContent._verifyActionPermissions'.

    - Modified the redirect after "Add to Favorites" to us the
      view action, rather than 'view'.

    - Fixed 'Document.guessFormat()' to use
      'utils.html_headcheck()' instead of 'bodyfinder' regex to
      detect structured text versus html;  avoids recursion limit
      for large HTML files.

    - Removed spurious 'afterCreate' protocol for content objects.

    - Added mapping of 'css' file extension to FSDTMLMethods.

    - Modifed PortalFolder.listFolderContents to handle
      permission-based filtering; duplicates what skip_unauthorized
      is doing in DocumentTemplate/DT_IN.py (but works for ZPT as
      well).

    - Modified CMFDefault.RegistrationTool.addMember to avoid
      flunking validation if properties are not passed (Tracker
      #335).

    - Applied patch from Chris Withers to 'register' skin method;
      the patch which avoids quoting problems for the error message
      if a problem occurs (Tracker #339).

    - Added 'DiscussionItem.replyCount' (Tracker #328).
      'DiscussionItem.hasReplies' now returns only a boolean value.
      Standard skins don't call 'replyCount' due to performance
      concerns.

    - Factored content filtering logic into a Python Script.

    - Improved handling of multiple rename targets (thanks to Chris
      Withers for the patch.)

    - Completed conversion of form targets from DTML Methods to
      Python Scripts.

    - Improved compatibility with Zope 2.4:

      o support for new "restricted execution" mode;

      o support for new catalog initialization API.
    
      o updated 'test_all' unit test drivers to use standard
        'unittest' module from Python 2.1 (it no longer has
        'JUnitTestTextRunner' class).

CMF 1.1 final (2001/06/20)

  New features

    - Landed "skinned folder" module, which permits creation of
      "folderish" types with customized replacements for 'index_html'.

    - Added 'run_all_tests' script, to simplify running all unit
      tests for CMF-related products.

    - Factored out index and column lists, to ease customization
      (Tracker #289)

    - Modified DefaultDublinCoreImpl#setContributors() to use new
      tuplize functionality (the ability to pass in a different
      splitter function).  If a string is passed in to
      setContributors(), it gets split on semicolons.  This allows
      setting of contributor strings to be like

       "Doe, John E (john@doe.a.deer); The Mertz Family Foundation; PBS"

      If one so deeply and dearly desired.  (The above would turn
      into a three element tuple).

    - Made it possible to map "normal" Zope objects as content
      (Tracker #283):

      o Skin and tool code which used to query the object
        for its Type in order to then ask the types tool for a
        TypeInfo object now just asks the types tool for type
        TypeInfo object directly.
     
      o Modified the TypesTool interface to signal that passing an
        object to 'getTypeInfo' is acceptable, with the semantic
        that the tool will attempt to find a TypeInfo object based
        on the tool's type or metatype.

    - Expanded signature of Document.CookedBody to change the
      header levels Structured Text starts rendering at, and
      whether to preserve those changes, following the following
      logic:

        If the format is html, and 'stx_level' is not passed in or
        is the same as the object's current settings, return the
        cached cooked text.  Otherwise, recook.  If we recook and
        'setlevel' is true, then set the recooked text and
        stx_level on the object.

  Bug fixes

   - Hardened DirectoryView against objects which raise exceptions
     during initial reads (typically due to permission problems);
     these objects now capture and log the exception, and create
     a BadFile object which allows browsing the traceback via the
     ZMI (Tracker #317).

   - Stopped polluting the browser with persistent skin cookie;
     clear it as well on logout (Tracker #304).

   - Cleaned up folder content filtering (Tracker #298, thanks
     to Chris Withers for the patch).

   - Implement new "List folder contents" permission (Tracker
     #320), to prevent non-privileged users from being able to
     browse 'folder_contents' (permission is by default mapped
     to 'Owner' and 'Manager').

     Note that this is really only a UI change:
     'PortalFolder.contentIds', 'PortalFolder.contentValues', and
     'PortalFolder.contentItems' are still public, to allow for
     reasonable "site map" views on folders.

   - Use saner type ID listing in 'search_form' (Tracker #324).

   - Rewired "POST target" skin methods, replacing filesystem-based
     DTML Methods with filesystem-based Python Scripts (from
     Tracker #301 -- thanks to Chris Withers).

   - Implemented *LARGE* patch to CMFDefault.DiscussionItem and
     CMFDefault.DiscussionTool, plus removal of
     CMFDefault.Discussions:  changed threading strategy to remove
     dependency on the path of the "host" content object.  Includes
     an ExternalMethod, CMFDefault/Extensions/update_discussion.py,
     which must be run to convert existing content which contains
     discussion.

   - Overrode DublinCore's isEffective in CMFCalendar.Event to
     always return true;  this change prevents blocking view of
     the event by standard_html_header.

   - Updated INSTALL.txt to note that:

      o Use with Zope 2.4.0a1 is *not* recommended.

      o CMFDecor requires Zope Page Templates (Tracker #291).

     and to describe upgrade process from CMF 1.0.

   - Fixed typo in 'Unauthorized' exception raised by
     'PortalContent._getDefaultView'.

   - Made all content types findable by catalog (Tracker #286).

   - Ensured that ContentTypeRegistry's "Test" tab doesn't puke if
     no MIMEtype is entered, or if one is entered which doesn't
     have a '/' in it (Tracker #292).

   - Suppressed overwrite of Subject when no 'Subject' or
     'Keywords' headers were present (Tracker #294).

   - Ensured that 'Type' is indexed in newly-created
     'portal_catalog'.

   - Fixed acquisition stripping in PortalContent.objectItems().

   - Modified CMFDefault.DublinCore.getMetadataHeaders() to join
     Subject by commas, instead of spaces.  Since we parse/split
     Subject on commas or semicolons now when a document is saved
     by FTP or WebDAV, we need to feed it out in the same format.

   - Fleshed out security declarations for 'portal_metadata' tool.

   - Corrected pathname of 'MemberDataTool.memberdataContents' to
     account for use of '_dtmldir' (thanks to Ricardo Newbery for
     the patch!).

   - Fixed buglet resulting from uninitialized local in
     'PortalContent.objectItems' (thanks to Seb Bacon for the
     patch).

   - Modified stock 'search_form' to query 'Type' rather than
     'meta_type'.

   - Removed debugging / "paranoia" print statements (thanks to
     Chris Withers for the patches).

CMF 1.1 beta (2001/06/01)

  New features

    - Added CMFCore.utils.keywordsplitter to construct 'Subject'
      dublin core header from both 'Keywords' and 'Subject' headers
      passed in (meta tags/rfc822).

    - CMF Document now uses StructuredTextNG for structured text
      handling.  Nicely enough, it uses the "with images" features, and
      also enables named and inner links.

    - CMF Document exposes two new accessor methods for getting at the
      "cooked" and editable body, 'CookedBody()', and 'EditableBody()'.
      Using the 'cooked_text' and 'text' instance attributes should be
      considered deprecated.

    - Added new "exemplar" content product, CMFCalendar, which
      (for now) adds a simple content object, Event.  This product
      serves a similar didactic purpose as CMFTopic (which is now
      "in the core"):  it shows how to build new content types as
      filesystem products.

    - Implemented improved "safety belt" for concurrent Document
      editing.  See the dogbowl proposal,
       http://cmf.zope.org/rqmts/proposals/ContentSafetyBelt

    - Added new filesystem-based skin method type, FSSTXMethod, for
      creating "methods" which render STX.

    - Exposed "controlled vocabulary" for Subject in
      'metadata_edit_form'.

    - Gave 'portal_skins' tool its own PUT_factory (Tracker #238).
      Allows site builder to create skin methods via WebDAV/FTP,
      including ZPT, PythonScripts, etc.

    - Implemented "outbound" segment of the "Syndication tool"
      proposal, q.v.,
       http://cmf.zope.org/CMF/Members/andrew/folderRSS

    - Made 'PUT_factory' use new 'content_type_registry' tool.

    - Made 'PUT_factory' use 'invokeFactory', so that objects
      created via PUT have their 'portal_type' set properly.

    - Added ContentTypeRegistry class and related predicates for
      mapping PUT requests (name,content_type,body) to type object
      names.

    - Allowed Reviewers to "retract" published content owned by
      others.

    - Added "Overview" ZMI view to tools.

    - Added "Dublin Core" ZMI view to PortalContent;  added an
      editing view for Document and derivatives.

    - Added "drop-in" workflow objects to the WorkflowTool,
      including the ability to map workflows onto content types.

    - Changed CMFDefault.Portal to install CMF Topic by default
      when building a new CMF Site.

    - Added a new criteria type, *FriendlyDateCriterion*, to
      CMFTopic for building queries like 'When effective_date is
      less than five days old'.

    - Implemented 'portal_metadata' tool.  See the dogbowl
      proposal,
      http://cmf.zope.org/rqmts/proposals/completed/metadata_tool. 

    - Extended DirectoryView objects to reload when the directory
      they represent has changed, if Zope is running in debug mode.

    - Added hooks to CookieCrumbler to permit site managers to
      customize seting/expiring of the authentication cookie by
      adding PythonScripts; two default filesystem implementations
      are in CMFDefault's "control" skin.

    - Extended TypesTool to deal appropriately with DTML factory
      methods (e.g., for ZClasses).

    - Made FSDTMLMethods searchable from the ZMI (Issue PTK(251)[]).

  Bug Fixes

    - Added 'manage_beforeDelete' to DiscussionItemContainer class,
      and propagated to it from content deletion (Tracker #269).

    - Only display the "join" action if the user has the "Add
      portal member" permission.

    - Check for appropriate REQUEST variables before invoking
      CopySupport machinery, return a nice 'portal_status_message'
      instead of allowing the traceback to kick in (Tracker #247).

    - Initialize default DublinCore metadata for the site, so that
      *some* value is available everywhere (Tracker #285).

    - Add module-level globals aliases, to permit other products
      to use elements of skins (Tracker #273).

    - Replaced 'metadata_edit' DTMLMethod with PythonScript.

    - Updated 'metadata_edit' to avoid clearing values not passed
      in REQUEST (Tracker #268).

    - Removed spurious whitespace being added to Subject.

    - Fixed FSPythonScript to open file in text mode, so that
      Windows verstions with CR don't cause the parser to choke
      (Tracker #284).

    - Simplified login-disabling logic in CookieCrumbler.

    - Added '<base>' tag to headers of Document, NewsItem, and
      DiscussionItem so that relative links work properly.

    - Fixed the ActionsTool to suppress adding a trailing '/' to
      "empty" action URL's.

    - Fixed Document's content type sniffing to deal with odd case
      in which "entire" HTML document was embedded as an STX
      example.

    - Replaced literal string permissins with "named permissions",
      imported from modules in most places. (Please report any
      which escaped!)

    - Moved 'factory_type_information' registry entries back out
      to the relevant modules (instead of lumping them in
      CMFDefault.Portal).

    - Simplified NewsItem to "Document with a twist" (NewsItems now
      inherit lots of useful behavior from Document.

    - Aliased DublinCore's Format() as 'content_type', so that
      Zope's WebDAV support will do the Right Thing (TM) when
      handling a PROPFIND.

    - Suppressed "eager redirect" behavior in CookieCrumbler for
      FTP or WebDAV (note that WebDAV fix only works for "extra"
      HTTP methods; GET/PUT/POST still redirect).

    - Made sure to update the catalog when a content object's
      parent is deleted / moved (Tracker #261).

    - Fixed lossage to File objects when no upload supplied
      (Tracker #271).

    - Fixed "Add to Favorites" when applied to Folders.

    - Suppressed "Members" link in topbar (pointed to 'roster' method)
      for users who would not be able to see it.

    - Fixed irritating bugs in setting of skin-selection cookie.

    - Removed ugly '_mimetype_registry' hack for 'PUT_factory'.

    - Fixed a bug in CMFDefault.Document with PUT that only affected
      FTP: when a StructuredText document that contained a full HTML
      example (complete with <html>, <head>, and <body> tags) in its
      body, it would pass the "does it smell like HTML" test and throw
      everything away that wasn't inside the first matching pair of
      <body> tags it found.  Funnily enough, this bug was exposed when
      trying to save an article about how to use FTP with Zope and the
      CMF that contained such an example.

    - Fixed glitch caused by '<dtml-return>' in
      CMFDefault/skins/control/reconfig.dtml.  Thanks to Hans de Wit
      <hw@scp.nl> for reporting this!

    - Allowed 'portal_type' to be a method, as well as an attribute
      (eases ZClass-as-content).

    - Fixed search form to pass 'created' instead of 'date' (probably
      need 'modified', too);  also, added selection list for 'Subject',
      and fixed the "Last Month" option value.

    - Fixed non-import in CMFCore/WorkflowCore.py (Tracker #239,
      thanks to 'snej' for the patch).

    - Updated CatalogTool to handle searchable vs. displayable DublinCore
      dates properly.

    - Replaced usage of .id with .getId() all through the CMF, to
      conform with the new SimpleItem API. Thanks to Jens Quade
      <jq@jquade.de> for pointing this out. (Issue PTK(241)[]).

    - Extended 'index_html' to render portal description using STX
      (Tracker #246).

    - Updated CMFDefault skins to use Contentish.getIcon, including
      the portal catalog. This greatly simplifies using ZClasses as
      content. In CMFDefault/scripts you will find
      'convertCatalogGetIconColumn.pys), a Python Script that will
      convert your existing Catalog to use 'getIcon' instead of
      'icon' (Issue PTK(244)[]). Also, synched interface definition
      to show the 'relative_to_portal' argument.

    - Extended 'folder_factories' to filter type objects using
      'isConstructionAllowed' in 'PortalFolder.allowedContentTypes'
      (Tracker #249).

    - Fixed display of replies on discussion items.

    - Made appropriate use of 'portal_url', instead of BASEPATH
      ad hockery, in skin methods (Tracker #259).

    - Synched interface definition of 'Contentish.getIcon' with
      reality (documented 'relative' parameter).

    - Fixed "Ever" entry in 'search_form' to use a value safe in
      timezones east of GMT (Tracker #236).

    - Deprecated the CMFDefault.File.download method; it is still
      available, but is no longer called by the current CMF skin,
      nor is index_html aliased to it.

      The method was necessary when the "View' method was the
      default action when calling the URL of the File object, this
      is no longer the case. The setting of the Content-Disposition
      header is not needed when using the absolute URL of the
      object, and causes certain browsers to misbehave.

CMF 1.0 final (2001/03/29)

  Bug Fixes

    - Removed embedded spaces in 'portal_status_message' strings
      (thanks to Dieter Maurer for pointing this out)

    - Added 'index_html' (copy/paste from CMFCore.PortalContent?!?) so
      that topics become directly publishable (thanks to Dieter
      Maurer for pointing this out).

    - Removed references to 'Images/' in skin DTML, adding an extra
      item to the default skins' lookup path. In CMFDefault/scripts
      you will find 'addImagesToSkinPaths.pys', a Python Script that
      adds the extra name to all your skin paths. (Tracker issue
      #205).

    - Added FSPythonScripts, allowing filesystem-based skins to
      expose customizable PythonScripts.

    - Fixed CMF Tracker item (207), "HTML test when editing a Portal
      Document is ambiguous".  Now, the same regular expression used
      to scoop out the contents of the <body> tags, which is case
      insensitive, is also used to detect whether the document may
      be HTML.

    - Converted physical path to string (Tracker #224).

    - Fixed 'Creator' metadata for DiscussionItems (tracker issue
      #206, thanks to Jeff Sasmor for the patch!).

    - Added simple search field for 'Subject' (Tracker #213).

    - Fixed CMF Tracker issue 211, "Topics have Folder icon" by
      finally moving the Topic icon into the skins, and writing a
      custom icon() method that uses getIcon (Subclassing from
      PortalFolder made this behavior strange).

    - Changed CMFDefault.Document__init__ to call self.edit at the
      end, instead of self._parse, which means that HTML can finally
      be passed into the constructor.  Unit tests verify that
      initializing with just the 'id' gives the proper results.

    - Added installation script (external method) for CMFTopic.

    - Ensured that content metatypes show up in the types list of the
      portal_catalog tool (Tracker issue #209, thanks to Jeff
      Sasmor).

    - Fixed unwanted multiple font reductions on 'recent_news'
      (Tracker issue #215).

    - Changed visited link color to enhance readability.

    - Fixed PNG transparency of logo (for NS 4.7).

    - Allowed Contributors to publish content directly (Tracker
      issue #216).

    - Gave more real estate to skin path fields (Tracker issue
      #226).

    - Added simple listing of subtopics to the default view (Tracker
      issue #214).

    - Regularized DiscussionItem.absolute_url (further work on
      Tracker issues #203 & #206).

    - Made 'addToFavorites' work as skinned method of target, and
      work for DiscussionItems (Tracker issue #227).

    - Moved actual mail sending into CMFDefault.RegistrationTool, to
      avoid having to give proxy roles to the skin methods involved
      (Tracker issue #160).

    - Add member count to roster display.

    - Made 'review_state' workflow info publically visible.

    - Made DiscussionItem.getReplies() and
      DiscussionItemContainter.getReplies() show only 'published'
      replies (allows retraction, for now).

    - Fixed WorkflowAction.__call__ to use the correct method name
      for exception notification (Tracker issue #232).

    - Ensure that reply's Creator propagates through preview (thanks
      to Jeff Sasmor for reporting that our fix to Tracker issue
      #206 missed the "Preview" case).

    - Removed crufty calls to registerPortalContent.

    - Trimmed over-long item IDs in actions box (Tracker issue #
      234;  thanks to Jeff Sasmor and Steve Alexandar for the patch).

CMF 1.0 beta (2001/03/05)

  Changes

   - Migrated from old PTK repository on cvs.zope.org.

   - Changed package and module names:  'PTKBase' has become
     (mostly) 'CMFCore';  'PTKDemo', 'CMFDefault'.

   - Added package 'CMFTopic', which provides a new content type,
     'Topic';  topics are "logical" folders, which aggregate
     content based on catalog searches against metadata.
   
   - Revised discussion mechanism to store discussion with its
     underlying content (rather than in members' "Correspondence"
     folders).

   - Made the membership system agnostic to the kind of user
     folder, including whether it is found in the portal or not.

   - "Skinned" the portal UI and all the content objects,
     enabling portal managers to replace it "piecemeal", safely.

   - Implemented local type registration, allowing portal
     managers to configure and extend the types addable in the
     portal.

   - Add 'PortalFolder.allowedContentTypes' and supporting machinery
     in type info objects, to permit configuration of the content
     types addable to a given folder type.

CMF 0.10alpha (2001/02/02)

  Changes

    - Fixed breakage of "reply" feature introduced by new
      constructor regime (PTK Tracker #159).

    - Make creation of an 'acl_users' in the portal itself optional.

    - Add mapping of external roles (i.e., belonging to a user
      retrieved from an acquired user folder) onto "portal-specific"
      roles.  For example, users from the root user folder may
      have the "Employee" role;  the 'portal_membership' tool can
      map this role onto the "Member" role needed by the portal.

    - Corrected HTML quoting of Document text (PTK Tracker #154).

    - If content_url is not None and the user has their own member
      folder (as returned by 'portal_membership.getHomeUrl') then
      two new actions will show up in the user-related action box:

      o "Add to Favorites", adds an item to the user's "Favorites"
        folder, which will get created underneath the user's home
        folder if not present.

      o "My Favorites", linked to the Favorites folder (if the
        member has one).

    - Add 'Favorites' content type (derived from 'Link', optimized
      for objects within the same site).

    - Add 'PTKBase.interfaces.Contentish', an interface describing
      non-metadata methods for all content objects.

    - Added cool new portal icon -- thanks to Michael Bernstein!

    - Add 'simple_metadata' and 'metadata_help' methods, for easing
      "constructorish" capture of metadata.  Also demos "skinning"
      object-specific DTML.

    - Rearranged base classes to deal with the fact that SimpleItem
      now has a _setId() method.

    - Added a "quick start" script for creating a new INSTANCE_HOME
      sandbox (e.g., to allow easy experimentation with new-style
      portal).
    
    - Remove "metadata" editing from most "normal" edit forms.

    - Tweak stylesheets to make Netscrape 4.x more happy (links on
      secondary accent areas wouldn't show).

    - Enforced standard construction interface (only 'id' is
      required) on all "stock" content types.

    - Added default factory registration in 'portal_types' for all
      "stock" content types.

    - Add 'portal_types' tool, allowing registry of type / constructor
      information about portal content which may be created in a given
      portal instance (replaces 'Wizards' folder as type registry).

    - Added the description property to those attributes shown on the
      "view" screen for a file object (PTK Tracker #153).

    - Added credentialsChanged hook which can now work with
      CookieCrumblers.

    - Added Shane Hathaway's CookieCrumbler product, which spoofs
      HTTP Basic Auth for "don't know from cookies" user folders.

    - Add object for mapping property lists as filesystem object (to
      support parameterized stylesheet).  These objects are
      customized as normal Folders, which allows a great deal of
      flexibility.

    - Corrected 'PTKDemo.File.edit' to avoid replacing file contents
      with empty string when no file is uploaded (PTK Tracker #152).

    - Remove distribution-tab verisons of TTW products.

    - Remove derived UML model files (UML-HTML).

    - Added the PortalGenerator class, which is a subclassable portal
      instance creator, and created a new addable meta type.

    - Removed ZClass dependency from PropertiesTool.

    - Corrected glitch that 'PTKDemo.PortalObject.manage_options'
      was inherited from ObjectManager rather than PortalFolder.

    - Add 'PUT_factory' to PTKBase.PortalFolder (make it replaceable,
      too!)

    - Register PTKDemo content class metatypes with PTKBase.PortalFolder's
      MIME-type registry.

    - Unscrew PTKDemo.Document's dependence on vanished
      NullPortalResource.

    - Clean up CSS in DemoPortal (PTK Tracker #124).

    - Remove dependency on PythonMethod in DemoPortal (PTK Tracker #151).

    - Integrated user preference for "skin" with 'portal_skins'
      options.

    - Added capability to filter * 'PortalFolder.content{Ids,ValuesItems}'
      based on metadata queries.

    - Migrated skins from 'DemoPortal/Interfaces' folders into
      filesystem skins directories.

    - Improved integration of FSDTMLMethod and FSImage with output from
      the FSDump product.

    - New tab for the member data tool: 'contents' displays the number
      of members stored in the member data tool and also the number
      of "orphaned" members, meaning those that do not appear in the
      underlying acl_users anymore. a button is provided to "prune"
      those orphaned members.

    - Added methods to examine the contents of the meber data tool and to
      prune all those members who have been deleted out of the underlying
      'acl_users'.

    - Fixed bug when adding the mailhost during Portal initialization.

    - Added the portal_memberdata tool, which can wrap any user object with
      member properties.  Yeehaw!  the portal no longer needs a special
      user folder!

    - Add 'portal_skins' tool, enabling safe TTW customization of the default
      portal UI, which will be delivered as filesystem-based skin folders.
      Huge kudos to Shane Hathaway, who figured out a sane way to do this!

    - Extend fix for PTK Tracker #149 to 'generic' and 'sweng' interfaces.

    - Append '/view' to search results in order to allow navigation
      to objects which don't use standard header/footer in their
      'index_html', e.g., Images.  (PTK Tracker Issue #149)

    - Add meta_type to DiscussionItem (PTK Tracker Issue #150).

    - Integrate Dan Pierson's patch to show discussion threads inline
      (PTK Tracker issue #93).

    - Fix PTK Tracker #145 (PTKDemo/Portal.py or MailHost broken):  the
      2000/12/08 hotfix removed the "legacy" name, 'manage_addMailHost'.

    - Fix PTK Tracker #148 ('Table rows need vertical align')

    - Fix PTK Tracker #147 ("PTKDemo's Metadata HTML is ugly").

    - Fix PTK Tracker issue #136 ('CSS selection broken').

    - Fix Tracker issue #141 ('Wizard product has broken subobjects list').

    - Remove redundant 'description' arg from constructors (PTK Tracker
      issue #142;  thanks to jon@totient.demon.co.uk for reporting this).

    - Enable FTP upload/creation of NewsItems

    - Add the ability to query and set DublinCore metadata via FTP:

      o Updated PTKDemo.DemoDublinCore.DemoDublinCore to add a
        method, 'getMetadataHeaders()', which builds a list of
        DublinCore headers, suitable for inclusion in <meta> tags
        or in "Structured Text Headers".  

      o Updated PTKDemo.Document.Document to export/import the
        metadata when accessed via FTP.

    - Fix PortalFolder.all_meta_types() to allow non-content.

    - Fix PortalFolder.listActions() to return a tuple, not a list
