The NetBSD Project

CVS log for pkgsrc/www/py-flask-security/distinfo

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / py-flask-security

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.10 / (download) - annotate - [select for diffs], Thu Nov 22 03:16:18 2018 UTC (6 months ago) by markd
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, HEAD
Changes since 1.9: +5 -5 lines
Diff to previous 1.9 (colored)

py-flask-security: update to 3.0.0

- Fixed a bug when user clicking confirmation link after confirmation
  and expiration causes confirmation email to resend.
- Added support for I18N.
- Added options `SECURITY_EMAIL_PLAINTEXT` and `SECURITY_EMAIL_HTML`
  for sending respecively plaintext and HTML version of email.
- Fixed validation when missing login information.
- Fixed condition for token extraction from JSON body.
- Better support for universal bdist wheel.
- Added port of CLI using Click configurable using options
  `SECURITY_CLI_USERS_NAME` and `SECURITY_CLI_ROLES_NAME`.
- Added new configuration option `SECURITY_DATETIME_FACTORY` which can
  be used to force default timezone for newly created datetimes.
- Better IP tracking if using Flask 0.12.
- Renamed deprecated Flask-WFT base form class.
- Added tests for custom forms configured using app config.
- Added validation and tests for next argument in logout endpoint.
- Bumped minimal required versions of several packages.
- Extended test matric on Travis CI for minimal and released package
  versions.
- Added of .editorconfig and forced tests for code style.
- Fixed a security bug when validating a confirmation token, also checks
  if the email that the token was created with matches the user's current
  email.
- Replaced token loader with request loader.
- Changed trackable behavior of `login_user` when IP can not be detected
  from a request from 'untrackable' to `None` value.
- Use ProxyFix instead of inspecting X-Forwarded-For header.
- Fix identical problem with app as with datastore.
- Removed always-failing assertion.
- Fixed failure of init_app to set self.datastore.
- Changed to new style flask imports.
- Added proper error code when returning JSON response.
- Changed obsolete Required validator from WTForms to DataRequired. Bumped
  Flask-WTF to 0.13.
- Fixed missing `SECURITY_SUBDOMAIN` in config docs.
- Added cascade delete in PeeweeDatastore.
- Added notes to docs about `SECURITY_USER_IDENTITY_ATTRIBUTES`.
- Inspect value of `SECURITY_UNAUTHORIZED_VIEW`.
- Send password reset instructions if an attempt has expired.
- Added "Forgot password?" link to LoginForm description.
- Upgraded passlib, and removed bcrypt version restriction.
- Removed a duplicate line ('retype_password': 'Retype Password') in
  forms.py.
- Various documentation improvement.

Revision 1.9 / (download) - annotate - [select for diffs], Fri Jan 8 17:52:33 2016 UTC (3 years, 4 months ago) by kleink
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-
Changes since 1.8: +5 -5 lines
Diff to previous 1.8 (colored)

Update py-flask-security to 1.7.5.


Version 1.7.5
-------------

Released December 2nd 2015

- Added `SECURITY_TOKEN_MAX_AGE` configuration setting
- Fixed calls to `SQLAlchemyUserDatastore.get_user(None)` (this now returns
  `False` instead of raising a `TypeError`
- Fixed URL generation adding extra slashes in some cases (see GitHub #343)
- Fixed handling of trackable IP addresses when the `X-Forwarded-For`
  header contains multiple values
- Include WWW-Authenticate headers in `@auth_required` authentication
  checks
- Fixed error when `check_token` function is used with a json list
- Added support for custom `AnonymousUser` classes
- Restricted `forgot_password` endpoint to anonymous users
- Allowed unauthorized callback to be overridden
- Fixed issue where passwords cannot be reset if currently set to `None`
- Ensured that password reset tokens are invalidated after use
- Updated `is_authenticated` and `is_active` functions to support
  Flask-Login changes
- Various documentation improvements

Revision 1.8 / (download) - annotate - [select for diffs], Wed Nov 4 02:47:28 2015 UTC (3 years, 6 months ago) by agc
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base, pkgsrc-2015Q4
Changes since 1.7: +2 -1 lines
Diff to previous 1.7 (colored)

Add SHA512 digests for distfiles for www category

Problems found locating distfiles:
	Package haskell-cgi: missing distfile haskell-cgi-20001206.tar.gz
	Package nginx: missing distfile array-var-nginx-module-0.04.tar.gz
	Package nginx: missing distfile encrypted-session-nginx-module-0.04.tar.gz
	Package nginx: missing distfile headers-more-nginx-module-0.261.tar.gz
	Package nginx: missing distfile nginx_http_push_module-0.692.tar.gz
	Package nginx: missing distfile set-misc-nginx-module-0.29.tar.gz
	Package nginx-devel: missing distfile echo-nginx-module-0.58.tar.gz
	Package nginx-devel: missing distfile form-input-nginx-module-0.11.tar.gz
	Package nginx-devel: missing distfile lua-nginx-module-0.9.16.tar.gz
	Package nginx-devel: missing distfile nginx_http_push_module-0.692.tar.gz
	Package nginx-devel: missing distfile set-misc-nginx-module-0.29.tar.gz
	Package php-owncloud: missing distfile owncloud-8.2.0.tar.bz2

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.

Revision 1.7 / (download) - annotate - [select for diffs], Thu Oct 23 14:34:42 2014 UTC (4 years, 7 months ago) by kleink
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1, pkgsrc-2014Q4-base, pkgsrc-2014Q4
Changes since 1.6: +4 -4 lines
Diff to previous 1.6 (colored)

Update py-flask-security to 1.7.4.

Version 1.7.4
-------------

Released October 13th 2014

- Fixed a bug related to changing existing passwords from plaintext to
  hashed
- Fixed a bug in form validation that did not enforce case insensivitiy
- Fixed a bug with validating redirects

Revision 1.6 / (download) - annotate - [select for diffs], Fri Jun 13 15:43:08 2014 UTC (4 years, 11 months ago) by kleink
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2
Changes since 1.5: +4 -4 lines
Diff to previous 1.5 (colored)

Update py-flask-security to 1.7.3.

Version 1.7.3
-------------

Released June 10th 2014

- Fixed a bug where redirection to `SECURITY_POST_LOGIN_VIEW` was not
  respected
- Fixed string encoding in various places to be friendly to unicode
- Now using `werkzeug.security.safe_str_cmp` to check tokens
- Removed user information from JSON output on `/reset` responses
- Added Python 3.4 support

Revision 1.5 / (download) - annotate - [select for diffs], Thu May 15 14:41:15 2014 UTC (5 years ago) by kleink
Branch: MAIN
Changes since 1.4: +4 -5 lines
Diff to previous 1.4 (colored)

Update py-flask-security to 1.7.2.

Version 1.7.2
-------------

- Fixed a bug regarding the `password_changed` signal.

Revision 1.4 / (download) - annotate - [select for diffs], Fri Jan 24 09:49:34 2014 UTC (5 years, 4 months ago) by kleink
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.3: +2 -1 lines
Diff to previous 1.3 (colored)

Add patch-flask_security_script.py to fix the py33 build;
also submitted upstream as #214.

Revision 1.3 / (download) - annotate - [select for diffs], Wed Jan 15 09:20:15 2014 UTC (5 years, 4 months ago) by kleink
Branch: MAIN
Changes since 1.2: +4 -4 lines
Diff to previous 1.2 (colored)

Update py-flask-security to 1.7.1.

Version 1.7.1
-------------

Released January 14th 2014

- Fixed a bug where passwords would fail to verify when specifying a password hash algorithm


Version 1.7.0
-------------

Released January 10th 2014

- Python 3.3 support!
- Dependency updates
- Fixed a bug when `SECURITY_LOGIN_WITHOUT_CONFIRMATION = True` did not allow users to log in
- Added `SECURITY_SEND_PASSWORD_RESET_NOTICE_EMAIL` configuraiton option to optionally send password reset notice emails
- Add documentation for `@security.send_mail_task`
- Move to `request.get_json` as `request.json` is now deprecated in Flask
- Fixed a bug when using AJAX to change a user's password
- Added documentation for select functions in the `flask_security.utils` module
- Fixed a bug in `flask_security.forms.NextFormMixin`
- Added `CHANGE_PASSWORD_TEMPLATE` configuration option to optionally specify a different change password template
- Added the ability to specify addtional fields on the user model to be used for identifying the user via the `USER_IDENTITY_ATTRIBUTES` configuration option
- An error is now shown if a user tries to change their password and the password is the same as before. The message can be customed with the `SECURITY_MSG_PASSWORD_IS_SAME` configuration option
- Fixed a bug in `MongoEngineUserDatastore` where user model would not be updated when using the `add_role_to_user` method
- Added `SECURITY_SEND_PASSWORD_CHANGE_EMAIL` configuration option to optionally disable password change email from being sent
- Fixed a bug in the `find_or_create_role` method of the PeeWee datastore
- Removed pypy tests
- Fixed some tests
- Include CHANGES and LICENSE in MANIFEST.in
- A bit of documentation cleanup
- A bit of code cleanup including removal of unnecessary utcnow call and simplification of get_max_age method

Revision 1.2 / (download) - annotate - [select for diffs], Fri Aug 23 16:52:27 2013 UTC (5 years, 9 months ago) by kleink
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3
Changes since 1.1: +4 -4 lines
Diff to previous 1.1 (colored)

Update py-flask-security to 1.6.9.

Version 1.6.9
-------------

Released August 20th 2013

- Fix bug in SQLAlchemy datastore's `get_user` function
- Fix bug in PeeWee datastore's `remove_role_from_user` function
- Fixed import error caused by new Flask-WTF release

Revision 1.1 / (download) - annotate - [select for diffs], Mon Aug 5 17:54:51 2013 UTC (5 years, 9 months ago) by kleink
Branch: MAIN

Import Flask-Security-1.6.8 as www/py-flask-security.

Flask-Security allows you to quickly add common security mechanisms
to your Flask application.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>