Changelog history

3.23 (24 June 2016)

New features

  • Python 3.x support in CubicWeb itself is now complete, except for the twisted package (since Twisted does not completely support Python 3.x itself). The skeleton for new cube should also be Python 3 compatible, in particular its got updated.
  • The source-sync command can now synchronize all sources in the database, if no <source> argument is provided.
  • Datafeed source synchronization is now asynchronous when requested from user interface.

Database handling

  • Most indexes and constraints will be rebuilt during the migration, because they are now named after a md5 hash to control the name’s size.
  • Index are renamed upon renaming of an entity type, so they are still correctly tracked.
  • A new db-check-index command is added to cubicweb-ctl, to display the differences between the indexes in the database and those expected by the schema. It’s recommended to run this command after the migration to 3.23 and to adjust things manually for cases that are not easily handled by the migration script, such as indexes of entity types that have been renamed. It should be mostly about dropping extra indexes.


  • Deprecated MetaGenerator in favor of slightly adapted API in MetadataGenerator (more consistent, giving more control to sub-classes and suitable for usage with the MassiveObjectStore)
  • Major cleanups of the MassiveObjectStore and its PGHelper companion class:
    • dropped a bunch of unnecessary / unused attributes
    • refactored / renamed internal methods
    • added support for a metadata generator, the now recommended way to control metadata generation
  • Deprecated SQLGenObjectStore, MassiveObjectStore should be used instead.

Backwards-incompatible changes

  • Generative tests à la logilab-common are not supported anymore in CubicWebTC. It is advised to use the subtests API (available on CubicWebTC either from the standard library as of Python 3.4 or through unittest2 package otherwise).
  • CubicWebTC‘s set_description method (comming from logilab.common.testlib.TestCase) is no longer available.

3.22 (4 January 2016)

New features

  • a huge amount of changes were done towards python 3.x support (as yet incomplete). This introduces a new dependency on six, to handle python2/python3 compatibility.
  • new cubicweb.dataimport.massive_store module, a postgresql-specific store using the COPY statement to accelerate massive data imports. This functionality was previously part of cubicweb-dataio (there are some API differences with that previous version, however).
  • cubes custom sql scripts are executed before creating tables. This allows them to create new types or extensions.
  • the ejsonexport view can be specialized using the new ISerializable entity adapter. By default, it will return an entity’s (non-Bytes and non-Password) attributes plus the special cw_etype and cw_source keys.
  • cubes that define custom final types are now handled by the add_cube migration command.
  • synchronization of external sources can be triggered from the web interface by suitably privileged users with a new cw.source-sync action.

User-visible changes

  • the ldapfeed source now depends on the ldap3 module instead of python-ldap.
  • replies don’t get an Expires header by default. However when they do, they also get a coherent Cache-Control.
  • data files are regenerated at each request, they are no longer cached by cubicweb.web.PropertySheet. Requests for data files missing the instance hash are handled with a redirection instead of a direct reply, to allow correct cache-related reply headers.

API changes

  • config.repository() creates a new Repository object each time, instead of returning a cached object. WARNING: this may cause unexpected issues if several repositories end up being used.
  • migration scripts, as well as other scripts executed by cubicweb-ctl shell, are loaded with the print_function flag enabled (for backwards compatibility, if that fails they are re-loaded without that flag)
  • the cw_fti_index_rql_queries method on entity classes is replaced by cw_fti_index_rql_limit, a generator which yields ResultSet objects containing entities to be indexed. By default, entities are returned 1000 at a time.
  • IDownloadableAdapter API is clarified: download_url, download_content_type and download_file_name return unicode objects, download_data returns bytes.
  • the Repository.extid2eid() entry point for external sources is deprecated. Imports should use one of the stores from the cubicweb.dataimport package instead.
  • the cubicweb.repoapi.get_repository() function’s uri argument should no longer be used.
  • the generic datafeed xml parser is deprecated in favor of the “store” API introduced in cubicweb 3.21.
  • the session manager lives in the sessions registry instead of components.
  • TZDatetime attributes are returned as timezone-aware python datetime objects. WARNING: this will break client applications that compare or use arithmetic involving timezone-naive datetime objects.
  • creation_date and modification_date attributes for all entities are now timezone-aware (TZDatetime) instead of localtime (Datetime). More generally, the Datetime type should be considered as deprecated.

Deprecated code drops

  • the cubicweb.server.hooksmanager module was removed
  • the Repository.pinfo() method was removed
  • the cubicweb.utils.SizeConstrainedList class was removed
  • the ‘startorder’ file in configuration directory is no longer honored

3.21 (10 July 2015)

New features

  • the datadir-url configuration option lets one choose where static data files are served (instead of the default ${base-url}/data/)

  • some integrity checking that was previously implemented in Python was moved to the SQL backend. This includes some constraints, and referential integrity. Some consequences are that:

    • disabling integrity hooks no longer disables those checks
    • upgrades that modify constraints will fail when running on sqlite (but upgrades aren’t supported on sqlite anyway)

    Note: as of 3.21.0, the upgrade script only works on PostgreSQL. The migration for SQLServer will be added in a future bugfix release.

  • for easier instance monitoring, cubicweb can regularly dump some statistics (basically those exposed by the ‘info’ and ‘gc’ views) in json format to a file

User-visible changes

  • the use of fckeditor for text form fields is disabled by default
  • the ‘https-deny-anonymous’ configuration setting no longer exists

Code movement

The cubicweb.web.views.timeline module (providing the timeline-json, timeline and static-timeline views) has moved to a standalone cube

API changes

  • req.set_cookie’s “expires” argument, if not None, is expected to be a date or a datetime in UTC. It was previously interpreted as localtime with the UTC offset the server started in, which was inconsistent (we are not aware of any users of that API).

  • the way to run tests on a postgresql backend has changed slightly, use cubicweb.devtools.{start,stop}pgcluster in setUpModule and tearDownModule

  • the Connection and ClientConnection objects introduced in CubicWeb 3.19 have been unified. To connect to a repository, use:

    session = repo.new_session(login, password=...)
    with session.new_cnx() as cnx:

    In tests, the ‘repo_cnx’ and ‘client_cnx’ methods of RepoAccess are now aliases to ‘cnx’.

Deprecated code drops

  • the user_callback api has been removed; people should use plain ajax functions instead
  • the Pyro and Zmq-pickle remote repository access methods have been entirely removed (emerging alternatives such as rqlcontroller and cwclientlib should be used instead). Note that as a side effect, “repository-only” instances (i.e. without a http component) are no longer possible. If you have any such instances, you will need to rename the configuration file from repository.conf to all-in-one.conf and run cubicweb-ctl upgrade to update it. Likewise, remote cubicweb-ctl shell is no longer available.
  • the old (deprecated since 3.19) DBAPI api is completely removed
  • cubicweb.toolsutils.config_connect() has been removed

3.20 (06/01/2015)

New features

  • virtual relations: a new ComputedRelation class can be used in; its rule attribute is an RQL snippet that defines the new relation.

  • computed attributes: an attribute can now be defined with a formula argument (also an RQL snippet); it will be read-only, and updated automatically.

    Both of these features are described in CWEP-002, and the updated “Data model” chapter of the CubicWeb book.

  • cubicweb-ctl plugins can use the cubicweb.utils.admincnx function to get a Connection object from an instance name.

  • new ‘tornado’ wsgi backend

  • session cookies have the HttpOnly flag, so they’re no longer exposed to javascript

  • rich text fields can be formatted as markdown

  • the edit controller detects concurrent editions, and raises a ValidationError if an entity was modified between form generation and submission

  • cubicweb can use a postgresql “schema” (namespace) for its tables

  • “cubicweb-ctl configure” can be used to set values of the admin user credentials in the sources configuration file

  • in debug mode, setting the _cwtracehtml parameter on a request allows tracing where each bit of output is produced

API Changes

  • ucsvreader() and ucsvreader_pb() from the dataimport module have 2 new keyword arguments delimiter and quotechar to replace the separator and quote arguments respectively. This makes the API match that of Python’s csv.reader(). The old arguments are still supported though deprecated.
  • the migration environment’s remove_cube function is now called drop_cube.
  • cubicweb.old.css is now cubicweb.css. The previous “new” cubicweb.css, along with its cubicweb.reset.css companion, have been removed.
  • the jquery-treeview plugin was updated to its latest version

Deprecated Code Drops

  • most of 3.10 and 3.11 backward compat is gone; this includes:
    • CtxComponent.box_action() and CtxComponent.build_link()
    • cubicweb.devtools.htmlparser.XMLDemotingValidator
    • various methods and properties on Entities, replaced by cw_edited and cw_attr_cache
    • ‘commit_event’ method on hooks, replaced by ‘postcommit_event’
    • server.hook.set_operation(), replaced by Operation.get_instance(...).add_data()
    • View.div_id(), View.div_class() and View.create_url()
    • *VComponent classes
    • in forms, Field.value() and must take the form and the field itself as arguments
    • form.render() must get w as a named argument, and renderer.render() must take w as first argument
    • in breadcrumbs, the optional recurs argument must be a set, not False
    • cubicweb.web.views.idownloadable.{download_box,IDownloadableLineView}
    • primary views no longer have render_entity_summary and summary methods
    • WFHistoryVComponent’s cell_call method is replaced by render_body
    • cubicweb.dataimport.ObjectStore.add(), replaced by create_entity
    • ManageView.{folders,display_folders}

3.19 (28/04/2015)

New functionalities

  • implement Cross Origin Resource Sharing (CORS) (see #2491768)
  • system_source.create_eid can get a range of IDs, to reduce overhead of batch entity creation

Behaviour Changes

  • The anonymous property of Session and Connection are now computed from the related user login. If it matches the anonymous-user in the config the connection is anonymous. Beware that the anonymous-user config is web specific. Therefore, no session may be anonymous in a repository only setup.

New Repository Access API

Connection replaces Session

A new explicit Connection object replaces Session as the main repository entry point. Connection holds all the necessary methods to be used server-side (execute, commit, rollback, call_service, entity_from_eid, etc...). One obtains a new Connection object using session.new_cnx(). Connection objects need to have an explicit begin and end. Use them as a context manager to never miss an end:

with session.new_cnx() as cnx:
    cnx.execute('INSERT Elephant E, E name "Babar"')
    cnx.execute('INSERT Elephant E, E name "Celeste"')
# Once you get out of the "with" clause, the connection is closed.

Using the same Connection object in multiple threads will give you access to the same Transaction. However, Connection objects are not thread safe (hence at your own risks).

repository.internal_session is deprecated in favor of repository.internal_cnx. Note that internal connections are now safe by default, i.e. the integrity hooks are enabled.

Backward compatibility is preserved on Session.

dbapi vs repoapi

A new API has been introduced to replace the dbapi. It is called repoapi.

There are three relevant functions for now:

  • repoapi.get_repository returns a Repository object either from an URI when used as repoapi.get_repository(uri) or from a config when used as repoapi.get_repository(config=config).
  • repoapi.connect(repo, login, **credentials) returns a ClientConnection associated with the user identified by the credentials. The ClientConnection is associated with its own Session that is closed when the ClientConnection is closed. A ClientConnection is a Connection-like object to be used client side.
  • repoapi.anonymous_cnx(repo) returns a ClientConnection associated with the anonymous user if described in the config.

repoapi.ClientConnection replace dbapi.Connection and company

On the client/web side, the Request is now using a repoapi.ClientConnection instead of a dbapi.connection. The ClientConnection has multiple backward compatible methods to make it look like a dbapi.Cursor and dbapi.Connection.

Session used on the Web side are now the same than the one used Server side. Some backward compatibility methods have been installed on the server side Session to ease the transition.

The authentication stack has been altered to use the repoapi instead of the dbapi. Cubes adding new element to this stack are likely to break.

Session data can be accessed using the dictionary, while transaction data is available through cnx.transaction_data. These replace the [gs]et_shared_data methods with optional txid kwarg.

New API in tests

All current methods and attributes used to access the repo on CubicWebTC are deprecated. You may now use a RepoAccess object. A RepoAccess object is linked to a new Session for a specified user. It is able to create Connection, ClientConnection and web side requests linked to this session:

access = self.new_access('babar') # create a new RepoAccess for user babar
with access.repo_cnx() as cnx:
    # some work with server side cnx

with access.client_cnx() as cnx:
    # some work with client side cnx

with access.web_request(elephant='babar') as req:
    # some work with client side cnx
    elephant_name = req.form['elephant']

By default testcase.admin_access contains a RepoAccess object for the default admin session.

API changes

  • RepositorySessionManager.postlogin is now called with two arguments, request and session. And this now happens before the session is linked to the request.
  • SessionManager and AuthenticationManager now take a repo object at initialization time instead of a vreg.
  • The async argument of _cw.call_service has been dropped. All calls are now synchronous. The zmq notification bus looks like a good replacement for most async use cases.
  • repo.stats() is now deprecated. The same information is available through a service (_cw.call_service('repo_stats')).
  • repo.gc_stats() is now deprecated. The same information is available through a service (_cw.call_service('repo_gc_stats')).
  • repo.register_user() is now deprecated. The functionality is now available through a service (_cw.call_service('register_user')).
  • request.set_session no longer takes an optional user argument.
  • CubicwebTC does not have repo and cnx as class attributes anymore. They are standard instance attributes. set_cnx and _init_repo class methods become instance methods.
  • set_cnxset and free_cnxset are deprecated. cnxset are now automatically managed.
  • The implementation of cascading deletion when deleting composite entities has changed. There comes a semantic change: merely deleting a composite relation does not entail any more the deletion of the component side of the relation.
  • _cw.user_callback and _cw.user_rql_callback are deprecated. Users are encouraged to write an actual controller (e.g. using ajaxfunc) instead of storing a closure in the session data.
  • A new entity.cw_linkable_rql method provides the rql to fetch all entities that are already or may be related to the current entity using the given relation.

Deprecated Code Drops

  • session.hijack_user mechanism has been dropped.
  • EtypeRestrictionComponent has been removed, its functionality has been replaced by facets a while ago.
  • the old multi-source support has been removed. Only copy-based sources remain, such as datafeed or ldapfeed.

3.18 (10/01/2014)

The migration script does not handle sqlite nor mysql instances.

New functionalities

  • add a security debugging tool (see #2920304)
  • introduce an add permission on attributes, to be interpreted at entity creation time only and allow the implementation of complex update rules that don’t block entity creation (before that the update attribute permission was interpreted at entity creation and update time)
  • the primary view display controller (uicfg) now has a set_fields_order method similar to the one available for forms
  • new method to retrive a single entity and enforce the result has only one row (see #3352314)
  • new method RequestSessionBase.find to look for entities (see #3361290)
  • the embedded jQuery copy has been updated to version 1.10.2, and jQuery UI to version 1.10.3.
  • initial support for wsgi for the debug mode, available through the new wsgi cubicweb-ctl command, which can use either python’s builtin wsgi server or the werkzeug module if present.
  • a rql-table directive is now available in ReST fields
  • cubicweb-ctl upgrade can now generate the static data resource directory directly, without a manual call to gen-static-datadir.

API changes

  • not really an API change, but the entity permission checks are now systematically deferred to an operation, instead of a) trying in a hook and b) if it failed, retrying later in an operation
  • The default value storage for attributes is no longer String, but Bytes. This opens the road to storing arbitrary python objects, e.g. numpy arrays, and fixes a bug where default values whose truth value was False were not properly migrated.
  • symmetric relations are no more handled by an rql rewrite but are now handled with hooks (from the activeintegrity category); this may have some consequences for applications that do low-level database manipulations or at times disable (some) hooks.
  • unique together constraints (multi-columns unicity constraints) get a name attribute that maps the CubicWeb contraint entities to corresponding backend index.
  • BreadCrumbEntityVComponent’s open_breadcrumbs method now includes the first breadcrumbs separator
  • entities can be compared for equality and hashed
  • the on_fire_transition predicate accepts a sequence of possible transition names
  • the GROUP_CONCAT rql aggregate function no longer repeats duplicate values, on the sqlite and postgresql backends


  • pyrorql sources have been deprecated. Multisource will be fully dropped in the next version. If you are still using pyrorql, switch to datafeed NOW!
  • the old multi-source system
  • find_one_entity and find_entities in favor of find (see #3361290)
  • the TmpFileViewMixin and TmpPngView classes (see #3400448)

Deprecated Code Drops

  • ldapuser have been dropped; use ldapfeed now (see #2936496)
  • action GotRhythm was removed, make sure you do not import it in your cubes (even to unregister it) (see #3093362)
  • all 3.8 backward compat is gone
  • all 3.9 backward compat (including the javascript side) is gone
  • the twisted (web-only) instance type has been removed

3.17 (02/05/2013)

New functionalities

  • add a command to compare db schema and file system schema (see #464991)
  • Add CubicWebRequestBase.content with the content of the HTTP request (see #2742453) (see #2742453)
  • Add directive bookmark to ReST rendering (see #2545595)
  • Allow user defined final type (see #124342)

API changes

  • drop typed_eid() in favour of int() (see #2742462)
  • The SIOC views and adapters have been removed from CubicWeb and moved to the sioc cube.
  • The web page embedding views and adapters have been removed from CubicWeb and moved to the embed cube.
  • The email sending views and controllers have been removed from CubicWeb and moved to the massmailing cube.
  • RenderAndSendNotificationView is deprecated in favor of ActualNotificationOp the new operation use the more efficient data idiom.
  • Looping task can now have a interval <= 0. Negative interval disable the looping task entirely.
  • We now serve html instead of xhtml. (see #2065651)


  • ldapuser have been deprecated. It’ll be fully dropped in the next version. If you are still using ldapuser switch to ldapfeed NOW!
  • hijack_user have been deprecated. It will be dropped soon.

Deprecated Code Drops

  • The progress views and adapters have been removed from CubicWeb. These classes were deprecated since 3.14.0. They are still available in the iprogress cube.
  • API deprecated since 3.7 have been dropped.

3.16 (25/01/2013)

New functionalities

  • Add a new dataimport store (SQLGenObjectStore). This store enables a fast import of data (entity creation, link creation) in CubicWeb, by directly flushing information in SQL. This may only be used with PostgreSQL, as it requires the ‘COPY FROM’ command.

API changes

  • Orm: set_attributes and set_relations are unified (and deprecated) in favor of cw_set that works in all cases.

  • db-api/configuration: all the external repository connection information is now in an URL (see #2521848), allowing to drop specific options of pyro nameserver host, group, etc and fix broken ZMQ source. Configuration related changes:

    • Dropped ‘pyro-ns-host’, ‘pyro-instance-id’, ‘pyro-ns-group’ from the client side configuration, in favor of ‘repository-uri’. NO MIGRATION IS DONE, supposing there is no web-only configuration in the wild.
    • Stop discovering the connection method through repo_method class attribute of the configuration, varying according to the configuration class. This is a first step on the way to a simpler configuration handling.

    DB-API related changes:

    • Stop indicating the connection method using ConnectionProperties.
    • Drop _cnxtype attribute from Connection and cnxtype from Session. The former is replaced by a is_repo_in_memory property and the later is totaly useless.
    • Turn repo_connect into _repo_connect to mark it as a private function.
    • Deprecate in_memory_cnx which becomes useless, use _repo_connect instead if necessary.
  • the “tcp://” uri scheme used for ZMQ communications (in a way reminiscent of Pyro) is now named “zmqpickle-tcp://”, so as to make room for future zmq-based lightweight communications (without python objects pickling).

  • Request.base_url gets a secure=True optional parameter that yields an https url if possible, allowing hook-generated content to send secure urls (e.g. when sending mail notifications)

  • Dataimport ucsvreader gets a new boolean ignore_errors parameter.

Unintrusive API changes

  • Drop of cubicweb.web.uicfg.AutoformSectionRelationTags.bw_tag_map, deprecated since 3.6.

User interface changes

  • The RQL search bar has now some auto-completion support. It means relation types or entity types can be suggested while typing. It is an awesome improvement over the current behaviour !
  • The action box associated with table views (from has been transformed into a nice-looking series of small tabs; it means that the possible actions are immediately visible and need not be discovered by clicking on an almost invisible icon on the upper right.
  • The uicfg module has moved to web/views/ and ui configuration objects are now selectable. This will reduce the amount of subclassing and whole methods replacement usually needed to customize the ui behaviour in many cases.
  • Remove changelog view, as neither cubicweb nor known cubes/applications were properly feeding related files.

Other changes

  • ‘pyrorql’ sources will be automatically updated to use an URL to locate the source rather than configuration option. ‘zmqrql’ sources were broken before this change, so no upgrade is needed...
  • Debugging filters for Hooks and Operations have been added.
  • Some cubicweb-ctl commands used to show the output of msgcat and msgfmt; they don’t anymore.

3.15 (12/04/2012)

New functionnalities

  • Add Zmq server, based on the cutting edge ZMQ ( socket library. This allows to access distant instance, in a similar way as Pyro.
  • Publish/subscribe mechanism using ZMQ for communication among cubicweb instances. The new zmq-address-sub and zmq-address-pub configuration variables define where this communication occurs. As of this release this mechanism is used for entity cache invalidation.
  • Improved WSGI support. While there is still some caveats, most of the code which was twisted only is now generic and allows related functionalities to work with a WSGI front-end.
  • Full undo/transaction support : undo of modification has eventually been implemented, and the configuration simplified (basically you activate it or not on an instance basis).
  • Controlling HTTP status code used is not much more easier :
    • WebRequest now has a status_out attribut to control the response status ;
    • most web-side exceptions take an optional status argument.

API changes

  • The base registry implementation has been moved to a new logilab.common.registry module (see #1916014). This includes code from :

    • cubicweb.vreg (the whole things that was in there)
    • cw.appobject (base selectors and all).

    In the process, some renaming was done:

    • the top level registry is now RegistryStore (was VRegistry), but that should not impact cubicweb client code ;
    • former selectors functions are now known as “predicate”, though you still use predicates to build an object’selector ;
    • for consistency, the objectify_selector decoraror has hence be renamed to objectify_predicate ;
    • on the CubicWeb side, the selectors module has been renamed to predicates.

    Debugging refactoring dropped the more need for the lltrace decorator. There should be full backward compat with proper deprecation warnings. Notice the yes predicate and objectify_predicate decorator, as well as the traced_selection function should now be imported from the logilab.common.registry module.

  • All login forms are now submitted to <app_root>/login. Redirection to requested page is now handled by the login controller (it was previously handle by the session manager).

  • Publisher.publish has been renamed to Publisher.handle_request. This method now contains generic version of logic previously handled by Twisted. Controller.publish is not affected.

Unintrusive API changes

  • New ‘ldapfeed’ source type, designed to replace ‘ldapuser’ source with data-feed (i.e. copy based) source ideas.
  • New ‘zmqrql’ source type, similar to ‘pyrorql’ but using ømq instead of Pyro.
  • A new registry called services has appeared, where you can register server-side cubicweb.server.Service child classes. Their call method can be invoked from a web-side AppObject instance using new self._cw.call_service method or a server-side one using self.session.call_service. This is a new way to call server-side methods, much cleaner than monkey patching the Repository class, which becomes a deprecated way to perform similar tasks.
  • a new ajax-func registry now hosts all remote functions (i.e. functions callable through the asyncRemoteExec JS api). A convenience ajaxfunc decorator will let you expose your python function easily without all the appobject standard boilerplate. Backward compatibility is preserved.
  • the ‘json’ controller is now deprecated in favor of the ‘ajax’ one.
  • WebRequest.build_url can now take a __secure__ argument. When True cubicweb try to generate an https url.

User interface changes

A new ‘undohistory’ view expose the undoable transactions and give access to undo some of them.

3.14 (09/11/2011)

First notice CW 3.14 depends on yams 0.34 (which is incompatible with prior cubicweb releases regarding instance re-creation).

API changes

  • Entity.fetch_rql restriction argument has been deprecated and should be replaced with a call to the new Entity.fetch_rqlst method, get the returned value (a rql Select node) and use the RQL syntax tree API to include the above-mentionned restrictions.

    Backward compat is kept with proper warning.

  • Entity.fetch_order and Entity.fetch_unrelated_order class methods have been replaced by Entity.cw_fetch_order and Entity.cw_fetch_unrelated_order with a different prototype:

    • instead of taking (attr, var) as two string argument, they now take (select, attr, var) where select is the rql syntax tree beinx constructed and var the variable node.
    • instead of returning some string to be inserted in the ORDERBY clause, it has to modify the syntax tree

    Backward compat is kept with proper warning, BESIDE cases below:

    • custom order method return something else the a variable name with or without the sorting order (e.g. cases where you sort on the value of a registered procedure as it was done in the tracker for instance). In such case, an error is logged telling that this sorting is ignored until API upgrade.
    • client code use direct access to one of those methods on an entity (no code known to do that).
  • Entity._rest_attr_info class method has been renamed to Entity.cw_rest_attr_info

    No backward compat yet since this is a protected method an no code is known to use it outside cubicweb itself.

  • AnyEntity.linked_to has been removed as part of a refactoring of this functionality (link a entity to another one at creation step). It was replaced by a EntityFieldsForm.linked_to property.

    In the same refactoring, cubicweb.web.formfield.relvoc_linkedto, cubicweb.web.formfield.relvoc_init and cubicweb.web.formfield.relvoc_unrelated were removed and replaced by RelationField methods with the same names, that take a form as a parameter.

    No backward compatibility yet. It’s still time to cry for it. Cubes known to be affected: tracker, vcsfile, vcreview.

  • CWPermission entity type and its associated require_permission relation type (abstract) and require_group relation definitions have been moved to a new localperms cube. With this have gone some functions from the cubicweb.schemas package as well as some views. This makes cubicweb itself smaller while you get all the local permissions stuff into a single, documented, place.

    Backward compat is kept for existing instances, though you should have installed the localperms cubes. A proper error should be displayed when trying to migrate to 3.14 an instance the use CWPermission without the new cube installed. For new instances / test, you should add a dependancy on the new cube in cubes using this feature, along with a dependancy on cubicweb >= 3.14.

  • jQuery has been updated to 1.6.4 and jquery-tablesorter to 2.0.5. No backward compat issue known.

  • Table views refactoring : new RsetTableView and EntityTableView, as well as rewritten an enhanced version of PyValTableView on the same bases, with logic moved to some column renderers and a layout. Those should be well documented and deprecates former TableView, EntityAttributesTableView and CellView, which are however kept for backward compat, with some warnings that may not be very clear unfortunatly (you may see your own table view subclass name here, which doesn’t make the problem that clear). Notice that _cw.view(‘table’, rset, *kwargs) will be routed to the new RsetTableView or to the old TableView depending on given extra arguments. See #1986413.

  • display_name don’t call .lower() anymore. This may leads to changes in your user interface. Different msgid for upper/lower cases version of entity type names, as this is the only proper way to handle this with some languages.

  • IEditControlAdapter has been deprecated in favor of EditController overloading, which was made easier by adding dedicated selectors called match_edited_type and match_form_id.

  • Pre 3.6 API backward compat has been dropped, though data migration compatibility has been kept. You may have to fix errors due to old API usage for your instance before to be able to run migration, but then you should be able to upgrade even a pre 3.6 database.

  • Deprecated cubicweb.web.views.iprogress in favor of new iprogress cube.

  • Deprecated cubicweb.web.views.flot in favor of new jqplot cube.

Unintrusive API changes

  • Refactored properties forms (eg user preferences and site wide properties) as well as pagination components to ease overridding.

  • New cubicweb.web.uihelper module with high-level helpers for uicfg.

  • New anonymized_request decorator to temporary run stuff as an anonymous user, whatever the currently logged in user.

  • New ‘verbatimattr’ attribute view.

  • New facet and form widget for Integer used to store binary mask.

  • New js_href function to generated proper javascript href.

  • match_kwargs and match_form_params selectors both accept a new once_is_enough argument.

  • printable_value is now a method of request, and may be given dict of

    formatters to use.

  • [Rset]TableView allows to set None in ‘headers’, meaning the label should be fetched from the result set as done by default.

  • Field vocabulary computation on entity creation now takes __linkto information into accounet.

  • Started a cubicweb.pylintext pylint plugin to help pylint analyzing cubes.


  • Support for HAVING in ‘SET’ and ‘DELETE’ queries.
  • new AT_TZ function to get back a timestamp at a given time-zone.
  • new WEEKDAY date extraction function

User interface changes

  • Datafeed source now present an history of the latest import’s log, including global status and debug/info/warning/error messages issued during imports. Import logs older than a configurable amount of time are automatically deleted.
  • Breadcrumbs component is properly kept when creating an entity with ‘__linkto’.
  • users and groups management now really lead to that (i.e. includes groups management).
  • New ‘jsonp’ controller with ‘jsonexport’ and ‘ejsonexport’ views.


  • Added option ‘resources-concat’ to make javascript/css files concatenation optional.