pkgsrc.se | The NetBSD package collection

./security/py-itsdangerous, Helpers to pass trusted data to untrusted environments and back

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.2.0nb1, Package name: py312-itsdangerous-2.2.0nb1, Maintainer: kleink

It's Dangerous
... so better sign this

Various helpers to pass data to untrusted environments and to get it back
safe and sound.

This repository provides a module that is a port of the django signing
module. It's not directly copied but some changes were applied to
make it work better on its own.

Required to run:
[devel/py-setuptools] [lang/python37]

Required to build:
[pkgtools/cwrappers]

Master sites:

https://files.pythonhosted.org/packages/source/i/itsdangerous/ (Download)

Filesize: 53.135 KB

Version history: (Expand)

(2025-02-23) Updated to version: py312-itsdangerous-2.2.0nb1
(2024-04-19) Updated to version: py311-itsdangerous-2.2.0
(2023-02-09) Updated to version: py310-itsdangerous-2.1.2
(2022-04-29) Updated to version: py39-itsdangerous-2.1.2
(2022-01-05) Updated to version: py39-itsdangerous-1.1.0nb1
(2021-10-07) Updated to version: py39-itsdangerous-1.1.0

CVS history: (Expand)

2025-02-23 19:35:36 by Thomas Klausner | Files touched by this commit (2)

Log message:
py-itsdangerous: adapt for flit_core 3.11.

Bump PKGREVISION.

2024-04-19 06:40:49 by Adam Ciarcinski | Files touched by this commit (3) | Package updated

Log message:
py-itsdangerous: updated to 2.2.0

Version 2.2.0
- Drop support for Python 3.7. :pr:`372`
- Use modern packaging metadata with ``pyproject.toml`` instead of ``setup.cfg``.
  :pr:`326`
- Use ``flit_core`` instead of ``setuptools`` as build backend.
- Deprecate the ``__version__`` attribute. Use feature detection, or
  ``importlib.metadata.version("itsdangerous")``, instead. :issue:`371`
- ``Serializer`` and the return type of ``dumps`` is generic for type checking.
  By default it is ``Serializer[str]`` and ``dumps`` returns a ``str``. If a
  different ``serializer`` argument is given, it will try to infer the return
  type of its ``dumps`` method. :issue:`347`
- The default ``hashlib.sha1`` may not be available in FIPS builds. Don't
  access it at import time so the developer has time to change the default.
  :issue:`375`

2022-04-29 14:05:02 by Thomas Klausner | Files touched by this commit (3) | Package updated

Log message:
py-itsdangerous: update to 2.1.2.

Version 2.1.2
-------------

Released 2022-03-24

-   Handle date overflow in timed unsign on 32-bit systems. :pr:`299`

Version 2.1.1
-------------

Released 2022-03-09

-   Handle date overflow in timed unsign. :pr:`296`

Version 2.1.0
-------------

Released 2022-02-17

-   Drop support for Python 3.6. :pr:`272`
-   Remove previously deprecated code. :pr:`273`

    -   JWS functionality: Use a dedicated library such as Authlib
        instead.
    -   ``import itsdangerous.json``: Import ``json`` from the standard
        library instead.

Version 2.0.1
-------------

Released 2021-05-18

-   Mark top-level names as exported so type checking understands
    imports in user projects. :pr:`240`
-   The ``salt`` argument to ``Serializer`` and ``Signer`` can be
    ``None`` again. :issue:`237`

Version 2.0.0
-------------

Released 2021-05-11

-   Drop support for Python 2 and 3.5.
-   JWS support (``JSONWebSignatureSerializer``,
    ``TimedJSONWebSignatureSerializer``) is deprecated. Use a dedicated
    JWS/JWT library such as authlib instead. :issue:`129`
-   Importing ``itsdangerous.json`` is deprecated. Import Python's
    ``json`` module instead. :pr:`152`
-   Simplejson is no longer used if it is installed. To use a different
    library, pass it as ``Serializer(serializer=...)``. :issue:`146`
-   ``datetime`` values are timezone-aware with ``timezone.utc``. Code
    using ``TimestampSigner.unsign(return_timestamp=True)`` or
    ``BadTimeSignature.date_signed`` may need to change. :issue:`150`
-   If a signature has an age less than 0, it will raise
    ``SignatureExpired`` rather than appearing valid. This can happen if
    the timestamp offset is changed. :issue:`126`
-   ``BadTimeSignature.date_signed`` is always a ``datetime`` object
    rather than an ``int`` in some cases. :issue:`124`
-   Added support for key rotation. A list of keys can be passed as
    ``secret_key``, oldest to newest. The newest key is used for
    signing, all keys are tried for unsigning. :pr:`141`
-   Removed the default SHA-512 fallback signer from
    ``default_fallback_signers``. :issue:`155`
-   Add type information for static typing tools. :pr:`186`

2022-01-04 21:55:40 by Thomas Klausner | Files touched by this commit (1595)

Log message:
*: bump PKGREVISION for egg.mk users

They now have a tool dependency on py-setuptools instead of a DEPENDS

2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605)

Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2

2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606)

Log message:
security: Remove SHA1 hashes for distfiles

2019-07-09 13:29:30 by Nia Alarie | Files touched by this commit (6)

Log message:
Use https for pythonhosted.org.

2018-11-11 17:20:42 by Klaus Klein | Files touched by this commit (1)

Log message:
Sort PLIST; missed in previous.

No functional change.