The NetBSD Project

CVS log for pkgsrc/security/py-itsdangerous/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / security / py-itsdangerous

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.12: download - view: text, markup, annotated - select for diffs
Fri Apr 19 04:40:49 2024 UTC (6 months, 2 weeks ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2024Q3-base, pkgsrc-2024Q3, pkgsrc-2024Q2-base, pkgsrc-2024Q2, HEAD
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +7 -4 lines
py-itsdangerous: updated to 2.2.0

Version 2.2.0
- Drop support for Python 3.7. :pr:`372`
- Use modern packaging metadata with ``pyproject.toml`` instead of ``setup.cfg``.
  :pr:`326`
- Use ``flit_core`` instead of ``setuptools`` as build backend.
- Deprecate the ``__version__`` attribute. Use feature detection, or
  ``importlib.metadata.version("itsdangerous")``, instead. :issue:`371`
- ``Serializer`` and the return type of ``dumps`` is generic for type checking.
  By default it is ``Serializer[str]`` and ``dumps`` returns a ``str``. If a
  different ``serializer`` argument is given, it will try to infer the return
  type of its ``dumps`` method. :issue:`347`
- The default ``hashlib.sha1`` may not be available in FIPS builds. Don't
  access it at import time so the developer has time to change the default.
  :issue:`375`

Revision 1.11: download - view: text, markup, annotated - select for diffs
Fri Apr 29 12:05:02 2022 UTC (2 years, 6 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2024Q1-base, pkgsrc-2024Q1, pkgsrc-2023Q4-base, pkgsrc-2023Q4, pkgsrc-2023Q3-base, pkgsrc-2023Q3, pkgsrc-2023Q2-base, pkgsrc-2023Q2, pkgsrc-2023Q1-base, pkgsrc-2023Q1, pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3, pkgsrc-2022Q2-base, pkgsrc-2022Q2
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +4 -3 lines
py-itsdangerous: update to 2.1.2.

Version 2.1.2
-------------

Released 2022-03-24

-   Handle date overflow in timed unsign on 32-bit systems. :pr:`299`


Version 2.1.1
-------------

Released 2022-03-09

-   Handle date overflow in timed unsign. :pr:`296`


Version 2.1.0
-------------

Released 2022-02-17

-   Drop support for Python 3.6. :pr:`272`
-   Remove previously deprecated code. :pr:`273`

    -   JWS functionality: Use a dedicated library such as Authlib
        instead.
    -   ``import itsdangerous.json``: Import ``json`` from the standard
        library instead.


Version 2.0.1
-------------

Released 2021-05-18

-   Mark top-level names as exported so type checking understands
    imports in user projects. :pr:`240`
-   The ``salt`` argument to ``Serializer`` and ``Signer`` can be
    ``None`` again. :issue:`237`


Version 2.0.0
-------------

Released 2021-05-11

-   Drop support for Python 2 and 3.5.
-   JWS support (``JSONWebSignatureSerializer``,
    ``TimedJSONWebSignatureSerializer``) is deprecated. Use a dedicated
    JWS/JWT library such as authlib instead. :issue:`129`
-   Importing ``itsdangerous.json`` is deprecated. Import Python's
    ``json`` module instead. :pr:`152`
-   Simplejson is no longer used if it is installed. To use a different
    library, pass it as ``Serializer(serializer=...)``. :issue:`146`
-   ``datetime`` values are timezone-aware with ``timezone.utc``. Code
    using ``TimestampSigner.unsign(return_timestamp=True)`` or
    ``BadTimeSignature.date_signed`` may need to change. :issue:`150`
-   If a signature has an age less than 0, it will raise
    ``SignatureExpired`` rather than appearing valid. This can happen if
    the timestamp offset is changed. :issue:`126`
-   ``BadTimeSignature.date_signed`` is always a ``datetime`` object
    rather than an ``int`` in some cases. :issue:`124`
-   Added support for key rotation. A list of keys can be passed as
    ``secret_key``, oldest to newest. The newest key is used for
    signing, all keys are tried for unsigning. :pr:`141`
-   Removed the default SHA-512 fallback signer from
    ``default_fallback_signers``. :issue:`155`
-   Add type information for static typing tools. :pr:`186`

Revision 1.10: download - view: text, markup, annotated - select for diffs
Tue Jan 4 20:54:41 2022 UTC (2 years, 9 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2022Q1-base, pkgsrc-2022Q1
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +2 -1 lines
*: bump PKGREVISION for egg.mk users

They now have a tool dependency on py-setuptools instead of a DEPENDS

Revision 1.9: download - view: text, markup, annotated - select for diffs
Tue Jul 9 11:29:30 2019 UTC (5 years, 3 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2021Q4-base, pkgsrc-2021Q4, pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2, pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4, pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +2 -2 lines
Use https for pythonhosted.org.

Revision 1.8: download - view: text, markup, annotated - select for diffs
Sat Nov 10 17:27:36 2018 UTC (5 years, 11 months ago) by kleink
Branches: MAIN
CVS tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +2 -2 lines
Update py-itsdangerous to 1.1.0.


Version 1.1.0
-------------

Released 2018-10-26

-   Change default signing algorithm back to SHA-1. (`#113`_)
-   Added a default SHA-512 fallback for users who used the yanked 1.0.0
    release which defaulted to SHA-512. (`#114`_)
-   Add support for fallback algorithms during deserialization to
    support changing the default in the future without breaking existing
    signatures. (`#113`_)
-   Changed capitalization of packages back to lowercase as the change
    in capitalization broke some tooling. (`#113`_)

.. _#113: https://github.com/pallets/itsdangerous/pull/113
.. _#114: https://github.com/pallets/itsdangerous/pull/114


Version 1.0.0
-------------

Released 2018-10-18

YANKED

*Note*: This release was yanked from PyPI because it changed the default
algorithm to SHA-512. This decision was reverted in 1.1.0 and it remains
at SHA1.

-   Drop support for Python 2.6 and 3.3.
-   Refactor code from a single module to a package. Any object in the
    API docs is still importable from the top-level ``itsdangerous``
    name, but other imports will need to be changed. A future release
    will remove many of these compatibility imports. (`#107`_)
-   Optimize how timestamps are serialized and deserialized. (`#13`_)
-   ``base64_decode`` raises ``BadData`` when it is passed invalid data.
    (`#27`_)
-   Ensure value is bytes when signing to avoid a ``TypeError`` on
    Python 3. (`#29`_)
-   Add a ``serializer_kwargs`` argument to ``Serializer``, which is
    passed to ``dumps`` during ``dump_payload``. (`#36`_)
-   More compact JSON dumps for unicode strings. (`#38`_)
-   Use the full timestamp rather than an offset, allowing dates before
    2011. (`#46`_)
-   Detect a ``sep`` character that may show up in the signature itself
    and raise a ``ValueError``. (`#62`_)
-   Use a consistent signature for keyword arguments for
    ``Serializer.load_payload`` in subclasses. (`#74`_, `#75`_)
-   Change default intermediate hash from SHA-1 to SHA-512. (`#80`_)
-   Convert JWS exp header to an int when loading. (`#99`_)

.. _#13: https://github.com/pallets/itsdangerous/pull/13
.. _#27: https://github.com/pallets/itsdangerous/pull/27
.. _#29: https://github.com/pallets/itsdangerous/issues/29
.. _#36: https://github.com/pallets/itsdangerous/pull/36
.. _#38: https://github.com/pallets/itsdangerous/issues/38
.. _#46: https://github.com/pallets/itsdangerous/issues/46
.. _#62: https://github.com/pallets/itsdangerous/issues/62
.. _#74: https://github.com/pallets/itsdangerous/issues/74
.. _#75: https://github.com/pallets/itsdangerous/pull/75
.. _#80: https://github.com/pallets/itsdangerous/pull/80
.. _#99: https://github.com/pallets/itsdangerous/pull/99
.. _#107: https://github.com/pallets/itsdangerous/pull/107

Revision 1.7: download - view: text, markup, annotated - select for diffs
Wed Jun 8 17:43:38 2016 UTC (8 years, 4 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +2 -2 lines
Switch to MASTER_SITES_PYPI.

Revision 1.6: download - view: text, markup, annotated - select for diffs
Thu Apr 3 08:40:28 2014 UTC (10 years, 7 months ago) by kleink
Branches: MAIN
CVS tags: pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4, pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1, pkgsrc-2014Q4-base, pkgsrc-2014Q4, pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +2 -2 lines
Update py-itsdangerous to 0.24.

Version 0.24
~~~~~~~~~~~~

- Added a `BadHeader` exception that is used for bad headers
  that replaces the old `BadPayload` exception that was reused
  in those cases.

Revision 1.5: download - view: text, markup, annotated - select for diffs
Sat Jan 25 10:30:20 2014 UTC (10 years, 9 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +1 -3 lines
Mark packages as not ready for python-3.x where applicable;
either because they themselves are not ready or because a
dependency isn't. This is annotated by
PYTHON_VERSIONS_INCOMPATIBLE=  33 # not yet ported as of x.y.z
or
PYTHON_VERSIONS_INCOMPATIBLE=  33 # py-foo, py-bar
respectively, please use the same style for other packages,
and check during updates.

Use versioned_dependencies.mk where applicable.
Use REPLACE_PYTHON instead of handcoded alternatives, where applicable.
Reorder Makefile sections into standard order, where applicable.

Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default
with the next commit.

Whitespace cleanups and other nits corrected, where necessary.

Revision 1.4: download - view: text, markup, annotated - select for diffs
Sun Jan 12 09:45:24 2014 UTC (10 years, 9 months ago) by wiz
Branches: MAIN
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +1 -2 lines
PYTHON_VERSIONS_INCOMPATIBLE cleanup.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Mon Aug 12 18:17:22 2013 UTC (11 years, 2 months ago) by kleink
Branches: MAIN
CVS tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +2 -2 lines
Update py-itsdangerous to 0.23.

Version 0.23
~~~~~~~~~~~~

- Fixed a packaging mistake that caused the tests and license
  files to not be included.

Revision 1.2: download - view: text, markup, annotated - select for diffs
Tue Jul 9 16:49:16 2013 UTC (11 years, 3 months ago) by kleink
Branches: MAIN
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +2 -2 lines
Update py-itsdangerous to 0.22.

Version 0.22
~~~~~~~~~~~~

- Added support for `TimedJSONWebSignatureSerializer`.
- made it possible to override the signature verification function
  to allow implementing asymmetrical algorithms.

Revision 1.1: download - view: text, markup, annotated - select for diffs
Fri Jun 14 09:41:01 2013 UTC (11 years, 4 months ago) by kleink
Branches: MAIN
CVS tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2
Import itsdangerous-0.21 as security/py-itsdangerous.

It's Dangerous
   ... so better sign this

Various helpers to pass data to untrusted environments and to get it back
safe and sound.

This repository provides a module that is a port of the django signing
module.  It's not directly copied but some changes were applied to
make it work better on its own.

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>