0.10.2

• Added io.mkdir as an alias for io.makedir
• Added io.mkdirs as an alias for io.makedirs
• Fixed class preparsing issues with 'switch' & 'do' statements
• Fixed not being able to use reserved identifiers with colon call syntax

0.10.1

• Compatibility: Fixed not inferring that a keyword should be disabled from parameter
• Universal Block Opener: Fixed do not being accepted instead of then for catch and $if
• FFI library: Improved cdef parsing and error reporting
• Crypto library: Fixed returning incorrect hex digest for MD5 in some cases
• Socket library: Fixed an issue where the remote closing a connection too soon could cause recv/peek to never see some data that was sent

0.10.0

• Added chained comparisons (e.g. 1 <= i <= #t)
• Added private methods to classes
• Private fields (and methods) can be declared and accessed anywhere inside the class now. Previously, you needed to define a private field before you accessed it. This is no longer a restriction.
• Pluto now automatically detects if non-compatible keywords should be enabled or disabled based on usage
  • This is overwritten by the scripter using pluto_use or the integrator or user managing compatibility mode, so it only applies when absolutely zero configuration has been applied. This is a significant improvement for lua source code compatibility.
• do can now be used instead of then and begin
• if expressions are now no longer deprecated but require an end (e.g. print(if a then b else c end))
• $define statement now requires an assignment
• Fixed not being able to load Lua C modules on Linux
  • For simplicity in this regard, Pluto now always uses the C ABI to export lua_ functions and the C++ ABI for pluto_ functions.

Standard library:

• Added canvas library
• Added ffi library
• Added regex library
• Added assert.contains
• Added bigint.eq, bigint.lt, & bigint.le
• Added crypto.ripemd160
• Added crypto.exportkey & crypto.importkey
• Added crypto.decompress
• Added string.tohex & string.fromhex
• Added table.findindex/findkey, table.back, table.keys, table.modget, table.modset, table.slice, table.countvalues, & table.chunk
• Added socket.getpeer, socket.peek, socket.getside, socket.istls, & socket.isopen
• Added optional limit argument to string.split
• Added io.cwd and io.chdir as aliases for io.currentdir
• socket.starttls can now be used on server sockets
• Optimized json.encode with __order
• Fixed handling when an invalid RSA private key is passed to crypto.encrypt, crypto.decrypt, crypto.sign

0.9.5

• Fixed io.contents not returning an empty string for empty files on Windows
• Fixed table.clear not resetting cached length
• Fixed http.request allowing header values to contain CR and LF (CVE-2024-45597)
• Fixed strings implicitly concatenating with each other
• Fixed incorrect formatting with some instances of VM dumping
• PHP build scripts now pass on additional arguments to the compiler

From Lua:

• Fixed wrong code gen for indices with comparisons

0.9.4

• Improved field-shadow warning to say which field is shadowed
• Improved handing of parent keyword
• Improved error message for if then
• Fixed an 'else if' warning false-positive
• Fixed compile-time concat sometimes causing a parse error
• Fixed infinite loop with nested switch expressions when flow should go to default case
• Fixed exception when raising argument type mismatch warning when expected type is a function
• Fixed a compatibility issue with return case

Standard library:

• Made string.replace binary-safe and faster
• CaT module now supports the optional value encoding feature

0.9.3

• Added a warning for '(' being used instead of '|' for pipe operator arguments
• Improved error reporting when an invalid parent is given to 'extends'
• Fixed extending a global class unexpectedly pushing _G
• Fixed incorrect results when using 'not' on result of null coalescing operator
  • As a result of this fix, the null coalescing operator is now bytecode-compatible with Lua
• Fixed parsing ambiguities with ternary expressions in switch cases

Standard library:

• Fixed json.encode(json.decode(..., json.withnull + json.withorder)) producing unexpected artifacts
• Fixed data corruption when json.decode is used on large data
• Fixed insufficient TLS peer verification in HTTP library and socket.starttls in non-WASM builds (CVE-2024-32973)

0.9.2

This release fixes several regressions made in 0.9.1:

• Fixed failing to compile on aarch64
• Fixed method calls no longer working in ternary expressions even with parentheses
• Fixed walrus operator no longer being usable within unary operator expressions

Furthermore, it improves the walrus operator in regards to disallowing UB and clarifying related error messages.

0.9.1

• Improved try/catch
• Improved parsing of for-as loops
• Deprecated if expressions (if a then b else c) in favor of ternary expressions (a ? b : c)
• Fixed instances of : starting method call when it should delimit ternary expression
• Fixed unreachable-code triggering for non-constant values
• Fixed repeat + continue being able to read uninitialized variables
• Fixed break and continue possibly not closing upvalues
• Fixed continue not working as expected when passing through switch statement
• Fixed switch cases being able to read uninitialized variables
• Fixed inconsistent behavior with safe navigtion method calls and multiple return values
• Fixed walrus operator being able to cause UB or corrupt the stack
• Fixed pipe operator possibly generating incorrect code

Huge thanks to @XmiliaH for reporting the majority of bugs fixed in this update and helping fix them.

0.9.0

• Added $define statement
• Added pipe operator (|>)
• Added compound XOR operator (~=)
• Added optional global keyword and 'implicit-global' warning
• Added @fallthrough annotation and 'unannotated-fallthrough' warning
• Added <nodiscard> function attribute and 'discarded-return' warning
• Added 'field-shadow' warning
• Lambdas can now have full bodies by starting with 'do' (e.g. |a| -> do return a end)
• pluto_use can now also be used via @pluto_use in comments
• new operator now also supports static 'new' function
• Deprecated ** operator (use ^ instead)
• Deprecated let statement (use local instead)
• Deprecated const statement (use local with <const> or $define instead)
• Deprecated <constexpr> attribute (replaced by $define statement)
• Re-added compile-time concat optimization
• Fixed switch cases being able to jump into the scope of a variable
• Fixed being able to set nil as a default argument

Standard library:

• Added '*' library
• Added 'cat' library
• Added 'http' library
• Added 'socket' library
• Added 'xml' library
• Added 'bigint' class
• Added 'scheduler' class
• Added os.platform constant
• Added range function
• Added io.contents function
• Added io.relative function
• Added copying variants of existing functions (table.sorted, table.mapped, table.filtered, table.reversed, table.reordered)
• Added table.size function
• Added table.clear function
• Added table.reduce, table.min, & table.max functions
• Added table.find function
• Added table.checkall function
• Added coroutine.sleep function
• Added crypto.generatekeypair function
• Added crypto.encrypt & crypto.decrypt functions
• Added crypto.sign & crypto.verify functions
• Added crypto.sha1, crypto.sha384, & crypto.sha512 functions
• Added crypto.adler32 function
• Added url.parse function
• Added math.round function
• json.encode now supports __order for objects
• json.decode now has an optional flags parameter, they can be combined via binary OR
  • json.withnull makes it decode JSON nulls as json.null instead of nil
  • json.withorder makes it produce __order field for objects
• coroutines/threads now have a metatable by default
• base64.encode & base32.encode changed padding parameter's default value from false to true (base64.urlencode is unchanged)
• Fixed crypto.fnv1 & crypto.fnv1a producing incorrect hashes for non-ASCII strings

CLI:

• Added '-c' flag to pluto & plutoc to enable compatibility mode

For integrators:

• Added PLUTO_READ_FILE_HOOK & PLUTO_WRITE_FILE_HOOK
• Added PLUTO_HTTP_REQUEST_HOOK
• Removed PLUTO_USE_THROW as we now default to using C++ exceptions for Lua errors to avoid breaking RAII semantics. You can still specify LUA_USE_LONGJMP if you want long jumps.

0.8.2

• Added variable scoping warnings to switch statements to highlight code that will break in 0.9.0
• Improved some error messages
• Fixed base32 & base64 functions not being binary-safe
• Removed compile-time concat optimization because it could produce incorrect results