You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.
If I no longer pass None in version 2.0.0 as the salt, the default is taken from Serializer and is therefore different from when I explicitly passed None in 1.1.0 and it was taken from Signer. This can be fixed in my own code fairly easily:
# do stuffreturnSerializer(secret, salt)
We caught this in our tests, but others may not be so lucky, so I at least wanted to document this new behaviour here.
Python version: python3.8
ItsDangerous version: 2.0.0
The text was updated successfully, but these errors were encountered:
I didn't think using None just to replace it with a string made sense, typically the "default None" pattern is used for mutable or complex defaults. I also didn't expect users to be passing None, either they would not pass it and get the serializer's default b"itsdangerous", or they would pass it explicitly and get that value for namespace purposes.
Since it can affect the validity of tokens, I'll make a bugfix release. However, I'd recommend you set an explicit default regardless, as it makes more sense to set a default namespace that is related to your own project.