Added SHA-512 fallback by default #114
Merged
Conversation
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
Nov 10, 2018
Version 1.1.0
-------------
Released 2018-10-26
- Change default signing algorithm back to SHA-1. (`#113`_)
- Added a default SHA-512 fallback for users who used the yanked 1.0.0
release which defaulted to SHA-512. (`#114`_)
- Add support for fallback algorithms during deserialization to
support changing the default in the future without breaking existing
signatures. (`#113`_)
- Changed capitalization of packages back to lowercase as the change
in capitalization broke some tooling. (`#113`_)
.. _#113: pallets/itsdangerous#113
.. _#114: pallets/itsdangerous#114
Version 1.0.0
-------------
Released 2018-10-18
YANKED
*Note*: This release was yanked from PyPI because it changed the default
algorithm to SHA-512. This decision was reverted in 1.1.0 and it remains
at SHA1.
- Drop support for Python 2.6 and 3.3.
- Refactor code from a single module to a package. Any object in the
API docs is still importable from the top-level ``itsdangerous``
name, but other imports will need to be changed. A future release
will remove many of these compatibility imports. (`#107`_)
- Optimize how timestamps are serialized and deserialized. (`#13`_)
- ``base64_decode`` raises ``BadData`` when it is passed invalid data.
(`#27`_)
- Ensure value is bytes when signing to avoid a ``TypeError`` on
Python 3. (`#29`_)
- Add a ``serializer_kwargs`` argument to ``Serializer``, which is
passed to ``dumps`` during ``dump_payload``. (`#36`_)
- More compact JSON dumps for unicode strings. (`#38`_)
- Use the full timestamp rather than an offset, allowing dates before
2011. (`#46`_)
- Detect a ``sep`` character that may show up in the signature itself
and raise a ``ValueError``. (`#62`_)
- Use a consistent signature for keyword arguments for
``Serializer.load_payload`` in subclasses. (`#74`_, `#75`_)
- Change default intermediate hash from SHA-1 to SHA-512. (`#80`_)
- Convert JWS exp header to an int when loading. (`#99`_)
.. _#13: pallets/itsdangerous#13
.. _#27: pallets/itsdangerous#27
.. _#29: pallets/itsdangerous#29
.. _#36: pallets/itsdangerous#36
.. _#38: pallets/itsdangerous#38
.. _#46: pallets/itsdangerous#46
.. _#62: pallets/itsdangerous#62
.. _#74: pallets/itsdangerous#74
.. _#75: pallets/itsdangerous#75
.. _#80: pallets/itsdangerous#80
.. _#99: pallets/itsdangerous#99
.. _#107: pallets/itsdangerous#107
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
No description provided.