Navigation:
Browse pkgsrc
(this page)| 2022-01-04 21:55:40 by Thomas Klausner | Files touched by this commit (1595) |
Log message: *: bump PKGREVISION for egg.mk users They now have a tool dependency on py-setuptools instead of a DEPENDS |
| 2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605) |
Log message: security: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Unfetchable distfiles (fetched conditionally?): ./security/cyrus-sasl/distinfo \ cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2 |
| 2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606) |
Log message: security: Remove SHA1 hashes for distfiles |
2019-11-13 16:06:44 by Adam Ciarcinski | Files touched by this commit (2) |  |
Log message: py-mohawk: updated to 1.1.0 1.1.0: Support passing file-like objects (those implementing .read(n)) as the content \ parameter for Resources. See mohawk.Sender for details. |
| 2019-01-17 14:22:00 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-mohawk: updated to 1.0.0 1.0.0: Security related: Bewit MACs were not compared in constant time and were thus \ possibly circumventable by an attacker. Breaking change: Escape characters in header values (such as a back slash) are \ no longer allowed, potentially breaking clients that depended on this behavior. \ See https://github.com/kumar303/mohawk/issues/34 A sender is allowed to omit the content hash as long as their request has no \ content. The mohawk.Receiver will skip the content hash check in this situation, \ regardless of the value of accept_untrusted_content. See Empty requests for more \ details. Introduced max limit of 4096 characters in the Authorization header Changed default values of content and content_type arguments to \ mohawk.base.EmptyValue in order to differentiate between misconfiguration and \ cases where these arguments are explicitly given as None (as with some web \ frameworks). See Skipping content checks for more details. Failing to pass content and content_type arguments to mohawk.Receiver or \ mohawk.Sender.accept_response() without specifying accept_untrusted_content=True \ will now raise mohawk.exc.MissingContent instead of ValueError. |
| 2017-07-03 23:03:29 by Adam Ciarcinski | Files touched by this commit (4) |
Log message: Mohawk is an alternate Python implementation of the Hawk HTTP authorization scheme. Hawk lets two parties securely communicate with each other using messages signed by a shared key. It is based on HTTP MAC access authentication (which was based on parts of OAuth 1.0). The Mohawk API is a little different from that of the Node library (i.e. the living Hawk spec). It was redesigned to be more intuitive to developers, less prone to security problems, and more Pythonic. |
New packages: