Accepting request 1311065 from devel:languages:python
- Update to 1.6.5 (fixes CVE-2025-61920, bsc#1251921)
* RFC7591 generate_client_info and generate_client_secret take a request
parameter.
* Add size limitation when decode JWS/JWE to prevent DoS.
* Add size limitation for DEF JWE zip algorithm.
- Update to 1.6.4
* fix(jose): prevent public/unprotected header overwriting protected header
by @lepture in #809
* Fix InsecureTransportError raising by @azmeuk in #810
* Add conventional-commits pre-commit hook by @azmeuk in #811
* Fix response_mode=form_post with Starlette client by @azmeuk in #812
* Specify README.md as project long description by @EpicWink in #817
* Migrate tests to pytest paradigm by @azmeuk in #813
* jose/jws: Reject unprotected ‘crit’ and enforce type; add tests
by @AL-Cybision in #823
* Use explicit *.test urls in unit tests by @azmeuk in #824
- Update to 1.6.3
* Add diff-cover check in GHA by @azmeuk in #803
* Run GHA unit tests with uv by @azmeuk in #805
* Move from pre-commit to prek by @azmeuk in #804
* Sign OIDC id_token according to id_token_signed_response_alg client
metadata by @azmeuk in #802
- Update to 1.6.2
* Allow insecure transport for 127.0.0.1 for debugging
by @geigerzaehler in #788
* Raise a MissingCodeError when code parameter is missing by @lepture in #786
* Temporarily restore OAuth2Request body parameter by @azmeuk in #791
* Raise MissingCodeException when code parameter is missing
by @lepture in #794
* Fix id_token generation with EdDSA alg by @azmeuk in #800
- Update test requirements (forwarded request 1311035 from nkrapp)
OBS-URL: https://build.opensuse.org/request/show/1311065
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=26
This commit is contained in:
Git OBS Bridge
@@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:d714698f818fd478161666c319e275f9ffedee3259b9a259360462734c24b5a2
|
||||
size 341053
|
||||
3
authlib-1.6.5.tar.gz
Normal file
3
authlib-1.6.5.tar.gz
Normal file
@@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:488ea98a032cb803e3af502cef6db616d76735b631097bc661b2a9dd10db73cc
|
||||
size 328496
|
||||
@@ -1,3 +1,38 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Oct 13 08:51:01 UTC 2025 - Nico Krapp <nico.krapp@suse.com>
|
||||
|
||||
- Update to 1.6.5 (fixes CVE-2025-61920, bsc#1251921)
|
||||
* RFC7591 generate_client_info and generate_client_secret take a request
|
||||
parameter.
|
||||
* Add size limitation when decode JWS/JWE to prevent DoS.
|
||||
* Add size limitation for DEF JWE zip algorithm.
|
||||
- Update to 1.6.4
|
||||
* fix(jose): prevent public/unprotected header overwriting protected header
|
||||
by @lepture in #809
|
||||
* Fix InsecureTransportError raising by @azmeuk in #810
|
||||
* Add conventional-commits pre-commit hook by @azmeuk in #811
|
||||
* Fix response_mode=form_post with Starlette client by @azmeuk in #812
|
||||
* Specify README.md as project long description by @EpicWink in #817
|
||||
* Migrate tests to pytest paradigm by @azmeuk in #813
|
||||
* jose/jws: Reject unprotected ‘crit’ and enforce type; add tests
|
||||
by @AL-Cybision in #823
|
||||
* Use explicit *.test urls in unit tests by @azmeuk in #824
|
||||
- Update to 1.6.3
|
||||
* Add diff-cover check in GHA by @azmeuk in #803
|
||||
* Run GHA unit tests with uv by @azmeuk in #805
|
||||
* Move from pre-commit to prek by @azmeuk in #804
|
||||
* Sign OIDC id_token according to id_token_signed_response_alg client
|
||||
metadata by @azmeuk in #802
|
||||
- Update to 1.6.2
|
||||
* Allow insecure transport for 127.0.0.1 for debugging
|
||||
by @geigerzaehler in #788
|
||||
* Raise a MissingCodeError when code parameter is missing by @lepture in #786
|
||||
* Temporarily restore OAuth2Request body parameter by @azmeuk in #791
|
||||
* Raise MissingCodeException when code parameter is missing
|
||||
by @lepture in #794
|
||||
* Fix id_token generation with EdDSA alg by @azmeuk in #800
|
||||
- Update test requirements
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 5 07:34:40 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
|
||||
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
%define modname authlib
|
||||
%{?sle15_python_module_pythons}
|
||||
Name: python-Authlib
|
||||
Version: 1.6.1
|
||||
Version: 1.6.5
|
||||
Release: 0
|
||||
Summary: Python library for building OAuth and OpenID Connect servers
|
||||
License: BSD-3-Clause
|
||||
@@ -41,7 +41,9 @@ BuildRequires: %{python_module cachelib}
|
||||
BuildRequires: %{python_module cryptography}
|
||||
BuildRequires: %{python_module httpx}
|
||||
BuildRequires: %{python_module pytest-asyncio}
|
||||
BuildRequires: %{python_module pytest-django}
|
||||
BuildRequires: %{python_module pytest}
|
||||
BuildRequires: %{python_module python-multipart}
|
||||
BuildRequires: %{python_module requests}
|
||||
BuildRequires: %{python_module starlette}
|
||||
BuildRequires: %{python_module typing_extensions}
|
||||
@@ -75,10 +77,9 @@ $python -mpytest tests/flask
|
||||
# gh#lepture/authlib#456
|
||||
# $python -mpytest tests/jose -k 'not (test_dir_alg_xc20p or test_xc20p_content_encryption_decryption)'
|
||||
$python -mpytest tests/jose
|
||||
export DJANGO_SETTINGS_MODULE=tests.clients.test_django.settings
|
||||
export DJANGO_SETTINGS_MODULE=tests.django_settings
|
||||
$python -mpytest tests/clients
|
||||
# export DJANGO_SETTINGS_MODULE=tests.django.settings
|
||||
# $python -mpytest tests/django
|
||||
$python -mpytest tests/django
|
||||
}
|
||||
|
||||
%files %{python_files}
|
||||
|
||||
Reference in New Issue
Block a user