- Update to 5.3.0:
* Improvements to recoverability and confirmation to align with OWASP best practices and reduce possible exploitation. * Webauthn Updates to handling of transport. * Fix MongoDB support by eliminating dependency on flask-mongoengine. Improve MongoDB quickstart. * Fix Quickstart for SQLAlchemy with scoped session. * Login no longer, by default, checks for email deliverability. * Token authentication is no longer accepted on endpoints which only allow 'session' as authentication-method. (N247S) * /reset and /confirm and GENERIC_RESPONSES and additional form args don't mix. * Reset password can be exploited and other OWASP improvements. * Confirmation can be exploited and other OWASP improvements. * Convert to pyproject.toml, build, remove setup.py/.cfg. * the tf_validity feature now ONLY sets a cookie - and the token is no longer returned as part of a JSON response. * Fix login/unified signin templates to properly send CSRF token. Add more tests. * Improve Social Oauth example code. - 5.2.0: * Small updates to work with latest Flask/Werkzeug. * Drop support for Python 3.7 * Drop support for older versions of dependent packages (such as Flask). * Remove old Werkzeug compatibility check. * Compatibility with Quart. * Remove dependence on pkg_resources / setuptools (use importlib_resources package) * Fix tests to work with latest Werkzeug/Flask. Update requirements_low to match current releases. * Drop support for Python 3.7 - 5.1.2: * Hungarian translations not working. * Fix documentation for send_mail. (gg) * Fix for latest mongoengine and mongomock. * Fix inappropriate use of &thinsp& in French translations. (maxdup) * Improve documentation around subclassing forms. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=31
This commit is contained in:
parent
4f393c44e1
commit
a16a39baaa
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:0a0b653cfd1c5d252994bd87b1f112431cec2d5cacedfa49b36e1740da21c37d
|
||||
size 586251
|
3
Flask-Security-Too-5.3.0.tar.gz
Normal file
3
Flask-Security-Too-5.3.0.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:9f5d830913eac66f18845795ae5f7d044bdd0d836aeabccfebadab6a29f79354
|
||||
size 607422
|
@ -1,12 +1,12 @@
|
||||
Index: Flask-Security-Too-5.1.1/pytest.ini
|
||||
Index: Flask-Security-Too-5.3.0/pytest.ini
|
||||
===================================================================
|
||||
--- Flask-Security-Too-5.1.1.orig/pytest.ini
|
||||
+++ Flask-Security-Too-5.1.1/pytest.ini
|
||||
@@ -21,6 +21,7 @@ filterwarnings =
|
||||
ignore:.*Setting 'json_encoder'.*:DeprecationWarning:flask:0
|
||||
ignore:.*'JSONEncoder'.*:DeprecationWarning:flask:0
|
||||
--- Flask-Security-Too-5.3.0.orig/pytest.ini
|
||||
+++ Flask-Security-Too-5.3.0/pytest.ini
|
||||
@@ -20,6 +20,7 @@ filterwarnings =
|
||||
ignore:.*'locked_cached_property'.*:DeprecationWarning:flask:0
|
||||
ignore:.*'flask.Markup'.*:DeprecationWarning:flask:0
|
||||
ignore::DeprecationWarning:mongoengine:
|
||||
+ ignore:.*pkg_resources.*:DeprecationWarning::
|
||||
ignore::DeprecationWarning:flask_login:0
|
||||
ignore:.*passwordless feature.*:DeprecationWarning:flask_security:0
|
||||
ignore:.*passing settings to bcrypt.*:DeprecationWarning:passlib:0
|
||||
ignore:.*'crypt' is deprecated.*:DeprecationWarning:passlib:0
|
||||
|
@ -1,3 +1,37 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 3 11:48:11 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com>
|
||||
|
||||
- Update to 5.3.0:
|
||||
* Improvements to recoverability and confirmation to align with
|
||||
OWASP best practices and reduce possible exploitation.
|
||||
* Webauthn Updates to handling of transport.
|
||||
* Fix MongoDB support by eliminating dependency on flask-mongoengine. Improve MongoDB quickstart.
|
||||
* Fix Quickstart for SQLAlchemy with scoped session.
|
||||
* Login no longer, by default, checks for email deliverability.
|
||||
* Token authentication is no longer accepted on endpoints which only allow 'session' as authentication-method. (N247S)
|
||||
* /reset and /confirm and GENERIC_RESPONSES and additional form args don't mix.
|
||||
* Reset password can be exploited and other OWASP improvements.
|
||||
* Confirmation can be exploited and other OWASP improvements.
|
||||
* Convert to pyproject.toml, build, remove setup.py/.cfg.
|
||||
* the tf_validity feature now ONLY sets a cookie - and the token is no longer returned as part of a JSON response.
|
||||
* Fix login/unified signin templates to properly send CSRF token. Add more tests.
|
||||
* Improve Social Oauth example code.
|
||||
- 5.2.0:
|
||||
* Small updates to work with latest Flask/Werkzeug.
|
||||
* Drop support for Python 3.7
|
||||
* Drop support for older versions of dependent packages (such as Flask).
|
||||
* Remove old Werkzeug compatibility check.
|
||||
* Compatibility with Quart.
|
||||
* Remove dependence on pkg_resources / setuptools (use importlib_resources package)
|
||||
* Fix tests to work with latest Werkzeug/Flask. Update requirements_low to match current releases.
|
||||
* Drop support for Python 3.7
|
||||
- 5.1.2:
|
||||
* Hungarian translations not working.
|
||||
* Fix documentation for send_mail. (gg)
|
||||
* Fix for latest mongoengine and mongomock.
|
||||
* Fix inappropriate use of &thinsp& in French translations. (maxdup)
|
||||
* Improve documentation around subclassing forms.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Apr 11 05:12:22 UTC 2023 - Steve Kowalik <steven.kowalik@suse.com>
|
||||
|
||||
|
@ -17,7 +17,7 @@
|
||||
|
||||
|
||||
Name: python-Flask-Security-Too
|
||||
Version: 5.1.1
|
||||
Version: 5.3.0
|
||||
Release: 0
|
||||
Summary: Security for Flask apps
|
||||
License: MIT
|
||||
@ -30,54 +30,59 @@ Patch1: use-pyqrcodeng.patch
|
||||
Patch2: filterwarnings-ignore-pkg_resources.patch
|
||||
BuildRequires: %{python_module Authlib}
|
||||
BuildRequires: %{python_module Babel >= 2.10.0}
|
||||
BuildRequires: %{python_module Flask >= 1.1.1}
|
||||
BuildRequires: %{python_module Flask-Babel >= 2.0.0}
|
||||
BuildRequires: %{python_module Flask-Login >= 0.4.1}
|
||||
BuildRequires: %{python_module Flask >= 2.3.2}
|
||||
BuildRequires: %{python_module Flask-Babel >= 3.1.0}
|
||||
BuildRequires: %{python_module Flask-Login >= 0.6.2}
|
||||
BuildRequires: %{python_module Flask-Mailman >= 0.3.0}
|
||||
BuildRequires: %{python_module Flask-Principal >= 0.4.0}
|
||||
BuildRequires: %{python_module Flask-SQLAlchemy >= 3.0.2}
|
||||
BuildRequires: %{python_module Flask-WTF >= 0.14.3}
|
||||
BuildRequires: %{python_module Flask-SQLAlchemy >= 3.0.3}
|
||||
BuildRequires: %{python_module Flask-WTF >= 1.1.1}
|
||||
BuildRequires: %{python_module PyQRCode >= 1.2}
|
||||
BuildRequires: %{python_module SQLAlchemy >= 1.4.35}
|
||||
BuildRequires: %{python_module SQLAlchemy}
|
||||
BuildRequires: %{python_module WTForms-lang}
|
||||
BuildRequires: %{python_module WTForms}
|
||||
BuildRequires: %{python_module Werkzeug >= 0.14.1}
|
||||
BuildRequires: %{python_module argon2_cffi >= 19.1.0}
|
||||
BuildRequires: %{python_module Werkzeug >= 2.3.3}
|
||||
BuildRequires: %{python_module argon2_cffi >= 21.3.0}
|
||||
BuildRequires: %{python_module bcrypt >= 4.0.1}
|
||||
BuildRequires: %{python_module bleach >= 5.0.0}
|
||||
BuildRequires: %{python_module bleach >= 6.0.0}
|
||||
BuildRequires: %{python_module blinker >= 1.4}
|
||||
BuildRequires: %{python_module cachetools >= 3.1.0}
|
||||
BuildRequires: %{python_module cryptography >= 37.0.4}
|
||||
BuildRequires: %{python_module cryptography >= 40.0.2}
|
||||
BuildRequires: %{python_module dateutil}
|
||||
BuildRequires: %{python_module email-validator >= 1.1.1}
|
||||
BuildRequires: %{python_module importlib_resources >= 5.10.0}
|
||||
BuildRequires: %{python_module itsdangerous >= 1.1.0}
|
||||
BuildRequires: %{python_module passlib >= 1.7.2}
|
||||
BuildRequires: %{python_module peewee >= 3.7.1}
|
||||
BuildRequires: %{python_module phonenumbers >= 8.12.18}
|
||||
BuildRequires: %{python_module pony}
|
||||
BuildRequires: %{python_module passlib >= 1.7.4}
|
||||
BuildRequires: %{python_module peewee >= 3.16.2}
|
||||
BuildRequires: %{python_module phonenumbers}
|
||||
BuildRequires: %{python_module pip}
|
||||
BuildRequires: %{python_module pony if %python-base < 3.11}
|
||||
BuildRequires: %{python_module pytest >= 6.2.5}
|
||||
BuildRequires: %{python_module setuptools}
|
||||
BuildRequires: %{python_module wheel}
|
||||
BuildRequires: %{python_module zxcvbn >= 4.4.28}
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: python-rpm-macros
|
||||
Requires: python-Flask >= 1.1.1
|
||||
Requires: python-Flask-Babel >= 2.0.0
|
||||
Requires: python-Flask-Login >= 0.4.1
|
||||
Requires: python-Flask >= 2.3.2
|
||||
Requires: python-Flask-Babel >= 3.1.0
|
||||
Requires: python-Flask-Login >= 0.6.2
|
||||
Requires: python-Flask-Principal >= 0.4.0
|
||||
Requires: python-Flask-WTF >= 0.14.3
|
||||
Requires: python-Werkzeug >= 0.14.1
|
||||
Requires: python-Flask-WTF >= 1.1.1
|
||||
Requires: python-WTForms >= 3.0.0
|
||||
Requires: python-Werkzeug >= 2.3.3
|
||||
Requires: python-bcrypt >= 4.0.1
|
||||
Requires: python-bleach >= 5.0.0
|
||||
Requires: python-bleach >= 6.0.0
|
||||
Requires: python-blinker >= 1.4
|
||||
Requires: python-cryptography >= 37.0.4
|
||||
Requires: python-cryptography >= 40.0.2
|
||||
Requires: python-email-validator >= 1.1.1
|
||||
Requires: python-importlib_resources >= 5.10.0
|
||||
Requires: python-itsdangerous >= 1.1.0
|
||||
Requires: python-passlib >= 1.7.2
|
||||
Requires: python-passlib >= 1.7.4
|
||||
Recommends: python-PyQRCode >= 1.2
|
||||
Recommends: python-SQLAlchemy >= 1.4.35
|
||||
Recommends: python-SQLAlchemy
|
||||
Recommends: python-zxcvbn >= 4.4.28
|
||||
Suggests: python-argon2_cffi >= 19.1.0
|
||||
Suggests: python-phonenumbers >= 8.12.18
|
||||
Suggests: python-argon2_cffi >= 21.3.0
|
||||
Suggests: python-phonenumbers
|
||||
Conflicts: python-Flask-Security < 3.2.0
|
||||
Obsoletes: python-Flask-Security < 3.2.0
|
||||
Provides: python-Flask-Security = %{version}
|
||||
@ -99,20 +104,19 @@ rm tests/test_trackable.py
|
||||
%endif
|
||||
|
||||
%build
|
||||
%python_build
|
||||
%pyproject_wheel
|
||||
|
||||
%install
|
||||
%python_install
|
||||
%pyproject_install
|
||||
%python_expand %fdupes %{buildroot}%{$python_sitelib}
|
||||
|
||||
%check
|
||||
# gh#Flask-Middleware/flask-security#605 for test_two_factor_flag
|
||||
%pytest -k 'not test_two_factor_flag'
|
||||
%pytest -k 'not test_login_email_whatever'
|
||||
|
||||
%files %{python_files}
|
||||
%doc AUTHORS CHANGES.rst README.rst
|
||||
%license LICENSE
|
||||
%{python_sitelib}/flask_security
|
||||
%{python_sitelib}/Flask_Security_Too-%{version}-py%{python_version}.egg-info
|
||||
%{python_sitelib}/Flask_Security_Too-%{version}*-info
|
||||
|
||||
%changelog
|
||||
|
Loading…
x
Reference in New Issue
Block a user