Skip to content

Releases: lmfit/asteval

1.0.6

19 Jan 21:35
Compare
Choose a tag to compare
  • drop testing and support for Python3.8, add Python 3.13, change document to reflect this.
  • implement safe_getattr and safe_format functions; fix bugs in UNSAFE_ATTRS and UNSAFE_ATTRS_DTYPES usage
  • make all procedure attributes private to curb access to AST nodes, which can be exploited
  • improvements to error messages, including use ast functions to construct better error messages
  • remove import of numpy.linalg, as documented
  • update doc description for security advisory

Special thanks to @SteakEnthusiast for the security-related fixes

1.0.5

30 Sep 01:13
Compare
Choose a tag to compare

bugfix:

  • more work on handling errors, including fixing #133 and adding more comprehensive tests for #129 and #132

1.0.4

14 Sep 16:55
Compare
Choose a tag to compare

bugfix:

  • fix error handling that might result in null exception

1.0.3

13 Sep 03:26
Compare
Choose a tag to compare

bug fixes, a few feature enhancements:

  • functions ("Procedures") defined within asteval have a _signature() method, now use in repr
  • add support for deleting subscript
  • nested symbol tables now have a Group() function
  • update coverage config
  • cleanups of exception handling : errors must now have an exception
  • several related fixes to suppress repeated exceptions: see GH #132 and #129
  • make non-boolean return values from comparison operators behave like Python - not immediately testing as bool

1.0.2

02 Aug 01:32
Compare
Choose a tag to compare

bug fixes:

  • fix NameError handling in expression code
  • make exception messages more Python-like

1.0.1

11 Jul 18:35
Compare
Choose a tag to compare

security fixes, based on audit by Andrew Effenhauser, Ayman Hammad, and Daniel Crowley, IBM X-Force Security Research division

  • remove numpy modules polynomial, fft, linalg by default for security concerns
  • disallow string.format(), improve security of f-string evaluation

1.0.0

01 Jul 16:12
Compare
Choose a tag to compare

Asteval 1.0.0

Asteval has been fairly mature for a while, with major improvements since version 0.9.29 over the past year or so making it feel like it has reached a point where the features and API are stable enough to call version 1.0.0.

Changes compared to 0.9.33:

  • fix (again) nested list comprehension (Issues #127 and #126).
  • add more testing of multiple list comprehensions.
  • more complete support for Numpy 2, and removal of many Numpy symbols that have been long deprecated.
  • remove AST nodes deprecated in Python 3.8.
  • clean up build files and outdated tests.
  • fixes to codecov configuration.
  • update docs.

0.9.33

23 May 15:37
Compare
Choose a tag to compare

Fixes:

  • fixes for multiple list comprehensions (addressing #126)
  • add testing with optionally installed numpy_financial to CI
  • test existence of all numpy imports to better safeguard against missing functions (for safer numpy 2 transition)
  • update rendered doc to include PDF and zipped HTML

0.9.32

03 Mar 18:50
Compare
Choose a tag to compare
  • add deprecations message for numpy functions to be removed in numpy 2.0 (#122)
  • comparison operations use try/except for short-circuiting instead of checking for numpy arrays (addressing #123)
  • add Python 3.12 to testing
  • move repository from "newville" to "lmfit" organization
  • update doc theme, GitHub locations pointed to by docs, other doc tweaks.

0.9.31

16 Jul 18:33
Compare
Choose a tag to compare
  • cleanup numpy imports to avoid deprecated functions, add financial functions from numpy_financial module, if installed.
  • prefer 'user_symbols' when initializing Interpreter, but still support 'usersyms' argument. Will deprecate and remove eventually.
  • add support of optional (off-by default) "nested symbol table", based on a Group object that can be accessed from Python either with dict syntax (ie aeval.symtable['x']) or with object attribute access (aeval.symtable.x). In addition, symbols can be found by looking first in the top-level symbol table and then in sub-Groups named in symtable._searchgroups, allowing for a more hierarchical, nested symbol table. This should be considered experimental and is off by default. The make_symbol_table() function gains a nested=False argument to control whether to use this option.
  • update tests to run most tests with symbol tables of dict and nested group type.
  • general code and testing cleanup.