Change log

These are all the changes for Zope 5, starting with the alpha releases, since the branch point at Zope 4.1.2.

The change log for the previous version, Zope 4, is at

5.1 (unreleased)

  • Fix length for page template repeat variables (#913)
  • Restore the ZMI Debug Information control panel page (#898)
  • Update isort to version 5. (#892)
  • Update to newest versions of dependencies.

5.0 (2020-10-08)

Backwards incompatible changes

  • Drop support for Python 3.5 as it will run out of support soon. (#841)


  • HTTP header encoding support (#905)
  • Add support for Python 3.9.
  • New interface Products.PageTemplates.interfaces.IZopeAwareEngine. It can be used as the “provides” of an adapter registration to adapt a non Zope tales engine to an engine to be used by Zope page templates (#864). Currently, the adaptation is used only when the template is rendered with chameleon; with zope.pagetemplate, the engine is used as is - this may change in the future.
  • Allow (some) builtins as first element of a (TALES) path expression: in an untrusted context, the builtins from AccessControl.safe_builtins are allowed; in a trusted context, all Python builtins are allowed in addition (and take precedence) (zope.tales#23).
  • Support the attrs predefined template variable again (as far as chameleon allows it) (#860).
  • Use Chameleon (>= 3.7.2) configuration to get better information for errors detected during template execution (#837).


  • Provide a more senseful to avoid bugs by use of deprecated direct id access (as e.g. (#903).
  • Update to zope.interface > 5.1.0 to fix a memory leak.
  • Fix export of files with non-latin-1 compatible names (#890)
  • Avoid unsolicited translations (#876)
  • Make “chameleon-zope context wrapping” more faithful. (#873)
  • Let “unicode conflict resolution” work for all templates (not just ZopePageTemplate). (#872)
  • Make “Unicode Conflict Resolution” available for templates rendered with chameleon (Products.CMFPlone#3145).
  • Improve documentation of CONTEXTS in the “Zope Book”.
  • Decrease cookie size for copy/paste clipboard cookie (#854)
  • Fix default keyword handling in page templates (#846)
  • Fix parsing of package version and show correct major version in the ZMI
  • Improve solidity of the debugError method. (#829)
  • Fix that ZTUtils.LazyFilter could not be imported inside a restricted Python script. (#901)

Other changes

  • Add pyupgrade via pre-commit (#859)
  • Add tal:switch test

5.0a2 (2020-04-24)

Bug fixes

  • Pin AccessControl 4.2 for the Manage WebDAV Locks permission
  • Fix HEAD requests on registered views (#816)
  • Improve chameleon –> zope.tales context wrapper (support for template variable injection) (#812).
  • Require zope.tales>=5.0.2
  • Fix issue 717 by fully honoring the engine returned by PageTemplate.pt_getEngine (#717). The engine also decides about the use of zope.tales (engine is an instance of zope.pagetemplate.engine.ZopeBaseEngine) or chameleon.tales (otherwise) TALES expressions.
  • Fixed encoding issue of displayname WebDAV property (#797)
  • Fixed fallback implementation of manage_DAVget (#799)

Other changes

  • Update to newest versions of dependencies.

5.0a1 (2020-02-28)

Backwards incompatible changes

  • Drop support for Python 2.7 aka Zope 5 cannot be run on Python 2 any more. If you are still running on Python 2.7 upgrade to the latest Zope 4 version first, migrate to Python 3 and than switch to Zope 5. (#692)
  • Remove all backwards-compatibility code marked to go away in Zope 5 (#478)
  • Drop support for running Zope with ZServer as it is Python 2 only. (#592)
  • Remove deprecated postProcessInputs request method. (#782)
  • Remove deprecated module ZPublisher.maybe_lock. (#758)
  • Remove Help System methods from the product context. (#756)
  • Remove more deprecated code. (#757)
  • Updated Zope documentation sources for Zope 5. (#659)

New features

Bug fixes

  • Only use wsgi.file_wrapper for response bodies with a read method. (#763)
  • Improve detection of HTTPS requests. (#680)
  • Fix several ZMI links so they respect virtual hosting. (#788)
  • Fix sort link URLs on manage_main (#748)
  • More tests to make sure all __str__ implementations return native strings. (#692)
  • Fix longstanding test bug by forcing the page template engine. Many tests in Products.PageTemplates used the old Zope page template engine because the correct one was not registered during setup.
  • Close opened db during shutdown (as ZServer is already doing). (#740)
  • The method unrestrictedTraverse raises an error when the argument path is not something it can work with. (#674)
  • Improve ZMI Security Tab usability for high numbers of roles. (#730)
  • Some small ZMI rendering fixes. (#729)
  • Fix error when using database minimize in the ZMI. (#726)
  • Fix __getattr__ signature in UnauthorizedBinding. (#703)
  • Fix VirtualHostMonster not being able to set mappings under Python 3. (#708)
  • Reduce the danger of acquiring built-in names on the ZMI Find tab. (#712)
  • Restore the mistakenly removed Properties ZMI tab on Image objects (#706)
  • Fix OFS.Image.File.__str__ for Pdata contents (#711)
  • Set REMOTE_USER in wsgi environ using Zope user authentication (#713)
  • Add Paste as extras_require dependency to pull in Paste when installing with pip and constraints.txt to prevent startup errors. This requires adding the [wsgi] extra in the egg specification. (#734)

Other changes

  • Move retried request delay handling out of supports_retry (#474)
  • Improve documentation for Zope’s error logging services.