From e9860f1d835aeb396eb11f516c24063ed3b88a558d3ce5ccc66b329c3018bf45 Mon Sep 17 00:00:00 2001 From: Steve Kowalik Date: Fri, 3 Mar 2023 06:22:07 +0000 Subject: [PATCH] - Update to 5.1.1: * Fix 2 Flask apps in same thread with USERNAME_ENABLE set. There was a too aggressive config check. * Fix json/flask backwards compatibility hack. * Fix unified signup when two-factor not enabled. (sebdroid) * Add dependency on setuptools (pkg_resources). (hroncok) * Option to encrypt recovery codes. * Support for authentication via 'social' oauth. * Support for Python 3.11 * Fixes for Flask-SQLAlchemy 3.0.0. (jrast) * Fixes for sqlalchemy 2.0.0 (jrast) * Webauthn and Unified signin features now properly take into account blueprint prefixes. * Properly propagate ?next=/xx - the verify, webauthn, and unified signin endpoints, that had multiple redirects, needed fixes. * Two factor redirects ignored url_prefix. Added a SECURITY_TWO_FACTOR_ERROR_VIEW configuration option. * Add configurations for static folder/URL and make sure templates reference blueprint relative static folder. * Send entire context to MailUtil::send_mail (patrickyan) * Support for Flask-Babel 3.0.0 * Add configuration option SECURITY_TWO_FACTOR_POST_SETUP_VIEW which is redirected to upon successful change of a two factor method. * The ability to pass in a LoginManager instance which was deprecated in 5.0 has been removed. - Drop patch support-Flask-SQLAlchemy-3.0.patch, now included upstream. - Refresh all other patches. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=27 --- Flask-Security-Too-5.0.2.tar.gz | 3 -- Flask-Security-Too-5.1.1.tar.gz | 3 ++ no-mongodb.patch | 10 +++--- python-Flask-Security-Too.changes | 31 ++++++++++++++++++ python-Flask-Security-Too.spec | 26 +++++++--------- support-Flask-SQLAlchemy-3.0.patch | 50 ------------------------------ use-pyqrcodeng.patch | 14 ++++----- 7 files changed, 57 insertions(+), 80 deletions(-) delete mode 100644 Flask-Security-Too-5.0.2.tar.gz create mode 100644 Flask-Security-Too-5.1.1.tar.gz delete mode 100644 support-Flask-SQLAlchemy-3.0.patch diff --git a/Flask-Security-Too-5.0.2.tar.gz b/Flask-Security-Too-5.0.2.tar.gz deleted file mode 100644 index 75c6033..0000000 --- a/Flask-Security-Too-5.0.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:36fee0da5d1b3d211caf274553b7753478c208997c624abb84ebba4261de65c2 -size 556637 diff --git a/Flask-Security-Too-5.1.1.tar.gz b/Flask-Security-Too-5.1.1.tar.gz new file mode 100644 index 0000000..5faebaf --- /dev/null +++ b/Flask-Security-Too-5.1.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0a0b653cfd1c5d252994bd87b1f112431cec2d5cacedfa49b36e1740da21c37d +size 586251 diff --git a/no-mongodb.patch b/no-mongodb.patch index 742eabd..a939079 100644 --- a/no-mongodb.patch +++ b/no-mongodb.patch @@ -1,8 +1,8 @@ -Index: Flask-Security-Too-5.0.2/tests/conftest.py +Index: Flask-Security-Too-5.1.1/tests/conftest.py =================================================================== ---- Flask-Security-Too-5.0.2.orig/tests/conftest.py -+++ Flask-Security-Too-5.0.2/tests/conftest.py -@@ -862,7 +862,7 @@ def client_nc(request, sqlalchemy_app): +--- Flask-Security-Too-5.1.1.orig/tests/conftest.py ++++ Flask-Security-Too-5.1.1/tests/conftest.py +@@ -879,7 +879,7 @@ def client_nc(request, sqlalchemy_app): return app.test_client(use_cookies=False) @@ -11,7 +11,7 @@ Index: Flask-Security-Too-5.0.2/tests/conftest.py def clients(request, app, tmpdir, realdburl, realmongodburl): if request.param == "cl-sqlalchemy": ds = sqlalchemy_setup(request, app, tmpdir, realdburl) -@@ -908,7 +908,7 @@ def get_message_local(app): +@@ -925,7 +925,7 @@ def get_message_local(app): @pytest.fixture( diff --git a/python-Flask-Security-Too.changes b/python-Flask-Security-Too.changes index d532359..df04d98 100644 --- a/python-Flask-Security-Too.changes +++ b/python-Flask-Security-Too.changes @@ -1,3 +1,34 @@ +------------------------------------------------------------------- +Fri Mar 3 06:08:25 UTC 2023 - Steve Kowalik + +- Update to 5.1.1: + * Fix 2 Flask apps in same thread with USERNAME_ENABLE set. There was a + too aggressive config check. + * Fix json/flask backwards compatibility hack. + * Fix unified signup when two-factor not enabled. (sebdroid) + * Add dependency on setuptools (pkg_resources). (hroncok) + * Option to encrypt recovery codes. + * Support for authentication via 'social' oauth. + * Support for Python 3.11 + * Fixes for Flask-SQLAlchemy 3.0.0. (jrast) + * Fixes for sqlalchemy 2.0.0 (jrast) + * Webauthn and Unified signin features now properly take into account + blueprint prefixes. + * Properly propagate ?next=/xx - the verify, webauthn, and unified signin + endpoints, that had multiple redirects, needed fixes. + * Two factor redirects ignored url_prefix. Added a + SECURITY_TWO_FACTOR_ERROR_VIEW configuration option. + * Add configurations for static folder/URL and make sure templates + reference blueprint relative static folder. + * Send entire context to MailUtil::send_mail (patrickyan) + * Support for Flask-Babel 3.0.0 + * Add configuration option SECURITY_TWO_FACTOR_POST_SETUP_VIEW which is + redirected to upon successful change of a two factor method. + * The ability to pass in a LoginManager instance which was deprecated in + 5.0 has been removed. +- Drop patch support-Flask-SQLAlchemy-3.0.patch, now included upstream. +- Refresh all other patches. + ------------------------------------------------------------------- Fri Jan 6 03:54:08 UTC 2023 - Steve Kowalik diff --git a/python-Flask-Security-Too.spec b/python-Flask-Security-Too.spec index d8636a8..d2eb097 100644 --- a/python-Flask-Security-Too.spec +++ b/python-Flask-Security-Too.spec @@ -16,10 +16,8 @@ # -%define skip_python2 1 -%{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-Flask-Security-Too -Version: 5.0.2 +Version: 5.1.1 Release: 0 Summary: Security for Flask apps License: MIT @@ -28,27 +26,25 @@ Source: https://files.pythonhosted.org/packages/source/F/Flask-Security- Patch0: no-mongodb.patch # PATCH-FIX-OPENSUSE Use pyqrcodeng, we do not ship qrcode in OpenSUSE. Patch1: use-pyqrcodeng.patch -# PATCH-FIX-UPSTREAM gh#Flask-Middleware/flask-security#9632a0eab5d3be4280c185e7e934a57fc24057a2 -Patch2: support-Flask-SQLAlchemy-3.0.patch -BuildRequires: %{python_module Babel >= 2.9.1} +BuildRequires: %{python_module Babel >= 2.10.0} BuildRequires: %{python_module Flask >= 1.1.1} BuildRequires: %{python_module Flask-Babel >= 2.0.0} BuildRequires: %{python_module Flask-Login >= 0.4.1} BuildRequires: %{python_module Flask-Mailman >= 0.3.0} BuildRequires: %{python_module Flask-Principal >= 0.4.0} -BuildRequires: %{python_module Flask-SQLAlchemy >= 2.5.1} +BuildRequires: %{python_module Flask-SQLAlchemy >= 3.0.2} BuildRequires: %{python_module Flask-WTF >= 0.14.3} BuildRequires: %{python_module PyQRCode >= 1.2} -BuildRequires: %{python_module SQLAlchemy >= 1.3.24} +BuildRequires: %{python_module SQLAlchemy >= 1.4.35} BuildRequires: %{python_module WTForms-lang} BuildRequires: %{python_module WTForms} BuildRequires: %{python_module Werkzeug >= 0.14.1} BuildRequires: %{python_module argon2_cffi >= 19.1.0} -BuildRequires: %{python_module bcrypt >= 3.1.4} -BuildRequires: %{python_module bleach >= 3.3.1} +BuildRequires: %{python_module bcrypt >= 4.0.1} +BuildRequires: %{python_module bleach >= 5.0.0} BuildRequires: %{python_module blinker >= 1.4} BuildRequires: %{python_module cachetools >= 3.1.0} -BuildRequires: %{python_module cryptography >= 3.4.8} +BuildRequires: %{python_module cryptography >= 37.0.4} BuildRequires: %{python_module dateutil} BuildRequires: %{python_module email-validator >= 1.1.1} BuildRequires: %{python_module itsdangerous >= 1.1.0} @@ -67,15 +63,15 @@ Requires: python-Flask-Login >= 0.4.1 Requires: python-Flask-Principal >= 0.4.0 Requires: python-Flask-WTF >= 0.14.3 Requires: python-Werkzeug >= 0.14.1 -Requires: python-bcrypt >= 3.1.4 -Requires: python-bleach >= 3.3.1 +Requires: python-bcrypt >= 4.0.1 +Requires: python-bleach >= 5.0.0 Requires: python-blinker >= 1.4 -Requires: python-cryptography >= 3.4.8 +Requires: python-cryptography >= 37.0.4 Requires: python-email-validator >= 1.1.1 Requires: python-itsdangerous >= 1.1.0 Requires: python-passlib >= 1.7.2 Recommends: python-PyQRCode >= 1.2 -Recommends: python-SQLAlchemy >= 1.3.24 +Recommends: python-SQLAlchemy >= 1.4.35 Recommends: python-zxcvbn >= 4.4.28 Suggests: python-argon2_cffi >= 19.1.0 Suggests: python-phonenumbers >= 8.12.18 diff --git a/support-Flask-SQLAlchemy-3.0.patch b/support-Flask-SQLAlchemy-3.0.patch deleted file mode 100644 index 859ef43..0000000 --- a/support-Flask-SQLAlchemy-3.0.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 9632a0eab5d3be4280c185e7e934a57fc24057a2 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=BCrg=20Rast?= -Date: Mon, 26 Sep 2022 16:35:31 +0200 -Subject: [PATCH] Fixed issues related to upcomming flask-sqlalchemy 3.0.0 - release (#678) - -- rename of get_debug_queries to get_recorded_queries (and move to to new module) -- SQLALCHEMY_RECORD_QUERIES must be set explicit ---- - tests/conftest.py | 4 ++++ - tests/test_utils.py | 11 ++++++++--- - 2 files changed, 12 insertions(+), 3 deletions(-) - -diff --git a/tests/conftest.py b/tests/conftest.py -index b9076413..f5e41a43 100644 ---- a/tests/conftest.py -+++ b/tests/conftest.py -@@ -410,6 +410,10 @@ def sqlalchemy_setup(request, app, tmpdir, realdburl): - else: - app.config["SQLALCHEMY_DATABASE_URI"] = "sqlite:///:memory:" - -+ # In Flask-SQLAlchemy >= 3.0.0 queries are no longer logged automatically, -+ # even in debug or testing mode. -+ app.config["SQLALCHEMY_RECORD_QUERIES"] = True -+ - db = SQLAlchemy(app) - - fsqla.FsModels.set_db_info(db) -diff --git a/tests/test_utils.py b/tests/test_utils.py -index df569a74..5c63dc55 100644 ---- a/tests/test_utils.py -+++ b/tests/test_utils.py -@@ -201,9 +201,14 @@ def get_num_queries(datastore): - return None if datastore doesn't support this. - """ - if is_sqlalchemy(datastore): -- from flask_sqlalchemy import get_debug_queries -- -- return len(get_debug_queries()) -+ try: -+ # Flask-SQLAlachemy >= 3.0.0 -+ from flask_sqlalchemy.record_queries import get_recorded_queries -+ except ImportError: -+ # Flask-SQLAlchemy < 3.0.0 -+ from flask_sqlalchemy import get_debug_queries as get_recorded_queries -+ -+ return len(get_recorded_queries()) - return None - - diff --git a/use-pyqrcodeng.patch b/use-pyqrcodeng.patch index 97d3678..24644e3 100644 --- a/use-pyqrcodeng.patch +++ b/use-pyqrcodeng.patch @@ -1,8 +1,8 @@ -Index: Flask-Security-Too-5.0.2/flask_security/core.py +Index: Flask-Security-Too-5.1.1/flask_security/core.py =================================================================== ---- Flask-Security-Too-5.0.2.orig/flask_security/core.py -+++ Flask-Security-Too-5.0.2/flask_security/core.py -@@ -1523,7 +1523,7 @@ class Security: +--- Flask-Security-Too-5.1.1.orig/flask_security/core.py ++++ Flask-Security-Too-5.1.1/flask_security/core.py +@@ -1579,7 +1579,7 @@ class Security: and "authenticator" in cv("TWO_FACTOR_ENABLED_METHODS", app=app) ) if need_qrcode: @@ -11,10 +11,10 @@ Index: Flask-Security-Too-5.0.2/flask_security/core.py need_sms = ( cv("UNIFIED_SIGNIN", app=app) -Index: Flask-Security-Too-5.0.2/flask_security/totp.py +Index: Flask-Security-Too-5.1.1/flask_security/totp.py =================================================================== ---- Flask-Security-Too-5.0.2.orig/flask_security/totp.py -+++ Flask-Security-Too-5.0.2/flask_security/totp.py +--- Flask-Security-Too-5.1.1.orig/flask_security/totp.py ++++ Flask-Security-Too-5.1.1/flask_security/totp.py @@ -140,15 +140,11 @@ class Totp: .. versionadded:: 4.0.0 """