python-Flask-Security-Too/python-Flask-Security-Too.changes

-------------------------------------------------------------------
Wed Jul  1 10:13:03 UTC 2020 - Marketa Calabkova <mcalabkova@suse.com>

- Update to 3.4.3
  * Minor fixes for a regression and a couple other minor changes

-------------------------------------------------------------------
Thu May 14 07:12:48 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>

- Decrease dependencies which aren't really required so we can build
  in SLE/Leap:
  * Werkzeug 0.15.5 requirement decreased to 0.14.1
  * cryptography 2.3.1 requirement decreased to 2.1.4
  * bcrypt 3.1.5 requirement decreased to 3.1.4
  * peewee 3.11.2 requirement decreased to 3.7.1
  * Remove python-pony requirement
- Add patch that applies previous dependency changes:
  * fix-dependencies.patch

-------------------------------------------------------------------
Thu May 14 06:27:54 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>

- Add patch to not pull in babel/twine/pytest-runner as
  upstream needs those but we really don't require them during
  a rpm build:
  * no-setup-dependencies.patch

-------------------------------------------------------------------
Thu May  7 10:42:20 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>

- Update to 3.4.2:
  * The flask-security repo was moved to a github organization
    Flask-Middleware.

- Update to 3.4.1:
  * Fix a bunch of bugs in new unified sign in along with a couple
    other major issues.
  * (:issue:`298`) Alternative ID feature ran afoul of
    postgres/psycopg2 finickiness.
  * (:issue:`300`) JSON 401 responses had WWW-Authenticate Header
    attached - that caused browsers to pop up their own login/password
    form. Not what applications want.
  * (:issue:`280`) Allow admin/api to setup TFA (and unified sign in)
    out of band. Please see :meth:`.UserDatastore.tf_set`,
    :meth:`.UserDatastore.tf_reset`, :meth:`.UserDatastore.us_set`,
    :meth:`.UserDatastore.us_reset` and
    :meth:`.UserDatastore.reset_user_access`.
  * (:pr:`305`) We used form._errors which wasn't very pythonic,
    and it was removed in WTForms 2.3.0.
  * (:pr:`310`) WTForms 2.3.0 made email_validator optional,
    we need it.

- Added Requires python-bcrypt and python-email_validator,
  Recommends python-PyQRCode, python-SQLAlchemy, python-zxcvbn
  and Suggests python-argon2_cffi and python-phonenumbers

-------------------------------------------------------------------
Sun Apr  5 07:58:15 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>

- Update to 3.4.0:
  * (:pr:`257`) Support a unified sign in feature.
    Please see :ref:`unified-sign-in`.
  * (:pr:`265`) Add phone number validation class. This is used in
    both unified sign in as well as two-factor when using sms.
  * (:pr:`274`) Add support for 'freshness' of caller's authentication.
    This permits endpoints to be additionally protected by ensuring a
    recent authentication.
  * (:issue:`99`, :issue:`195`) Support pluggable password validators.
    Provide a default validator that offers complexity and breached support.
  * (:issue:`266`) Provide interface to two-factor send_token so that
    applications can provide error mitigation. Defaults to returning
    errors if can't send the verification code.
  * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add
    fields necessary for the new unified sign in feature and changed
    'username' to be unique (but not required).
  * (:pr:`245`) Use fs_uniquifier as the default Flask-Login
    'alternative token'. Basically this means that changing the
    fs_uniquifier will cause outstanding auth tokens, session and
    remember me cookies to be invalidated. So if an account gets
    compromised, an admin can easily stop access. Prior to this cookies
    were storing the 'id' which is the user's primary key - difficult
    to change! (kishi85)
- Enable the testing
- Add patch to not require mongodb during testing:
  * no-mongodb.patch

-------------------------------------------------------------------
Tue Mar 24 15:35:47 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>

- Initial release of python-Flask-Security-Too 3.3.0
Accepting request 818071 from home:mcalabkova:branches:devel:languages:python:flask - Update to 3.4.3 * Minor fixes for a regression and a couple other minor changes OBS-URL: https://build.opensuse.org/request/show/818071 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=10 2020-07-09 15:20:13 +00:00			`-------------------------------------------------------------------`
			`Wed Jul 1 10:13:03 UTC 2020 - Marketa Calabkova <mcalabkova@suse.com>`

			`- Update to 3.4.3`
			`* Minor fixes for a regression and a couple other minor changes`

Accepting request 805559 from home:alarrosa:branches:devel:languages:python:flask - Decrease dependencies which aren't really required so we can build in SLE/Leap: * Werkzeug 0.15.5 requirement decreased to 0.14.1 * cryptography 2.3.1 requirement decreased to 2.1.4 * bcrypt 3.1.5 requirement decreased to 3.1.4 * peewee 3.11.2 requirement decreased to 3.7.1 * Remove python-pony requirement - Add patch that applies previous dependency changes: * fix-dependencies.patch OBS-URL: https://build.opensuse.org/request/show/805559 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=8 2020-05-14 10:21:18 +00:00			`-------------------------------------------------------------------`
			`Thu May 14 07:12:48 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>`

			`- Decrease dependencies which aren't really required so we can build`
			`in SLE/Leap:`
			`* Werkzeug 0.15.5 requirement decreased to 0.14.1`
			`* cryptography 2.3.1 requirement decreased to 2.1.4`
			`* bcrypt 3.1.5 requirement decreased to 3.1.4`
			`* peewee 3.11.2 requirement decreased to 3.7.1`
			`* Remove python-pony requirement`
			`- Add patch that applies previous dependency changes:`
			`* fix-dependencies.patch`

- Add patch to not pull in babel/twine/pytest-runner as upstream needs those but we really don't require them during a rpm build: * no-setup-dependencies.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=7 2020-05-14 06:36:28 +00:00			`-------------------------------------------------------------------`
			`Thu May 14 06:27:54 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>`

			`- Add patch to not pull in babel/twine/pytest-runner as`
			`upstream needs those but we really don't require them during`
			`a rpm build:`
			`* no-setup-dependencies.patch`

Accepting request 801217 from home:alarrosa:branches:devel:languages:python:flask - Update to 3.4.2: * The flask-security repo was moved to a github organization Flask-Middleware. - Update to 3.4.1: * Fix a bunch of bugs in new unified sign in along with a couple other major issues. * (:issue:`298`) Alternative ID feature ran afoul of postgres/psycopg2 finickiness. * (:issue:`300`) JSON 401 responses had WWW-Authenticate Header attached - that caused browsers to pop up their own login/password form. Not what applications want. * (:issue:`280`) Allow admin/api to setup TFA (and unified sign in) out of band. Please see :meth:`.UserDatastore.tf_set`, :meth:`.UserDatastore.tf_reset`, :meth:`.UserDatastore.us_set`, :meth:`.UserDatastore.us_reset` and :meth:`.UserDatastore.reset_user_access`. * (:pr:`305`) We used form._errors which wasn't very pythonic, and it was removed in WTForms 2.3.0. * (:pr:`310`) WTForms 2.3.0 made email_validator optional, we need it. - Added Requires python-bcrypt and python-email_validator, Recommends python-PyQRCode, python-SQLAlchemy, python-zxcvbn and Suggests python-argon2_cffi and python-phonenumbers * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a OBS-URL: https://build.opensuse.org/request/show/801217 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=5 2020-05-07 17:13:58 +00:00			`-------------------------------------------------------------------`
			`Thu May 7 10:42:20 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>`

			`- Update to 3.4.2:`
			`* The flask-security repo was moved to a github organization`
			`Flask-Middleware.`

			`- Update to 3.4.1:`
			`* Fix a bunch of bugs in new unified sign in along with a couple`
			`other major issues.`
			* (:issue:`298`) Alternative ID feature ran afoul of
			`postgres/psycopg2 finickiness.`
			* (:issue:`300`) JSON 401 responses had WWW-Authenticate Header
			`attached - that caused browsers to pop up their own login/password`
			`form. Not what applications want.`
			* (:issue:`280`) Allow admin/api to setup TFA (and unified sign in)
			out of band. Please see :meth:`.UserDatastore.tf_set`,
			:meth:`.UserDatastore.tf_reset`, :meth:`.UserDatastore.us_set`,
			:meth:`.UserDatastore.us_reset` and
			:meth:`.UserDatastore.reset_user_access`.
			* (:pr:`305`) We used form._errors which wasn't very pythonic,
			`and it was removed in WTForms 2.3.0.`
			* (:pr:`310`) WTForms 2.3.0 made email_validator optional,
			`we need it.`

			`- Added Requires python-bcrypt and python-email_validator,`
			`Recommends python-PyQRCode, python-SQLAlchemy, python-zxcvbn`
			`and Suggests python-argon2_cffi and python-phonenumbers`

- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3 2020-04-05 08:37:47 +00:00			`-------------------------------------------------------------------`
			`Sun Apr 5 07:58:15 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>`

			`- Update to 3.4.0:`
Accepting request 801217 from home:alarrosa:branches:devel:languages:python:flask - Update to 3.4.2: * The flask-security repo was moved to a github organization Flask-Middleware. - Update to 3.4.1: * Fix a bunch of bugs in new unified sign in along with a couple other major issues. * (:issue:`298`) Alternative ID feature ran afoul of postgres/psycopg2 finickiness. * (:issue:`300`) JSON 401 responses had WWW-Authenticate Header attached - that caused browsers to pop up their own login/password form. Not what applications want. * (:issue:`280`) Allow admin/api to setup TFA (and unified sign in) out of band. Please see :meth:`.UserDatastore.tf_set`, :meth:`.UserDatastore.tf_reset`, :meth:`.UserDatastore.us_set`, :meth:`.UserDatastore.us_reset` and :meth:`.UserDatastore.reset_user_access`. * (:pr:`305`) We used form._errors which wasn't very pythonic, and it was removed in WTForms 2.3.0. * (:pr:`310`) WTForms 2.3.0 made email_validator optional, we need it. - Added Requires python-bcrypt and python-email_validator, Recommends python-PyQRCode, python-SQLAlchemy, python-zxcvbn and Suggests python-argon2_cffi and python-phonenumbers * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a OBS-URL: https://build.opensuse.org/request/show/801217 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=5 2020-05-07 17:13:58 +00:00			* (:pr:`257`) Support a unified sign in feature.
			Please see :ref:`unified-sign-in`.
			* (:pr:`265`) Add phone number validation class. This is used in
			`both unified sign in as well as two-factor when using sms.`
			* (:pr:`274`) Add support for 'freshness' of caller's authentication.
			`This permits endpoints to be additionally protected by ensuring a`
			`recent authentication.`
			* (:issue:`99`, :issue:`195`) Support pluggable password validators.
			`Provide a default validator that offers complexity and breached support.`
			* (:issue:`266`) Provide interface to two-factor send_token so that
			`applications can provide error mitigation. Defaults to returning`
			`errors if can't send the verification code.`
			* (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add
			`fields necessary for the new unified sign in feature and changed`
			`'username' to be unique (but not required).`
			* (:pr:`245`) Use fs_uniquifier as the default Flask-Login
			`'alternative token'. Basically this means that changing the`
			`fs_uniquifier will cause outstanding auth tokens, session and`
			`remember me cookies to be invalidated. So if an account gets`
			`compromised, an admin can easily stop access. Prior to this cookies`
			`were storing the 'id' which is the user's primary key - difficult`
			`to change! (kishi85)`
- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3 2020-04-05 08:37:47 +00:00			`- Enable the testing`
			`- Add patch to not require mongodb during testing:`
			`* no-mongodb.patch`

Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1 2020-03-25 12:00:22 +00:00			`-------------------------------------------------------------------`
			`Tue Mar 24 15:35:47 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>`

			`- Initial release of python-Flask-Security-Too 3.3.0`