forked from pool/python-checkdmarc
- Update to version 5.10.6
* Fix BIMI certificate validation error generation.
* Add support for the avp bimi tag.
- Update to version 5.10.5
* Switch from DNS over UDP to DNS over TCP for DNSSEC and TLSA
queries.
- Update to version 5.9.3
* Clarify warnings for DMARC p=none and sp=none.
* Use a different warning if DMARC pct is set to 0.
* Add location to the JSON output for BIMI.
- Update to version 5.9.1
* Fix BIMI record parsing error introduced in 5.9.0.
- Update to version 5.9.0
Bug fixes:
* Remove zero-width characters from domain inputs.
* Add a warning when the DMARC record p or sp value is none.
* Evaluate DMARC when checking BIMI.
* Do lot show a BIMI certificate warning when the l tag is set
to "".
* Include warnings if a domain is using BIMI, but does not have
an enforced DMARC policy.
New features:
* Parsed SPF record details are now provided even if it uses
too many DNS lookups.
API changes:
* Require keyword arguments to be passed as keyword=value pairs
instead of positional arguments.
* Add the option ignore_too_many_lookups to
checkdmarc.spf.parse_spf_record()
+ This option will stop checkdmarc.spf.parse_spf_record() from
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-checkdmarc?expand=0&rev=19
This commit is contained in:
Git OBS Bridge
228
python-checkdmarc.changes
Normal file
228
python-checkdmarc.changes
Normal file
@@ -0,0 +1,228 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Sep 12 18:38:37 UTC 2025 - Martin Hauke <mardnh@gmx.de>
|
||||
|
||||
- Update to version 5.10.6
|
||||
* Fix BIMI certificate validation error generation.
|
||||
* Add support for the avp bimi tag.
|
||||
- Update to version 5.10.5
|
||||
* Switch from DNS over UDP to DNS over TCP for DNSSEC and TLSA
|
||||
queries.
|
||||
- Update to version 5.9.3
|
||||
* Clarify warnings for DMARC p=none and sp=none.
|
||||
* Use a different warning if DMARC pct is set to 0.
|
||||
* Add location to the JSON output for BIMI.
|
||||
- Update to version 5.9.1
|
||||
* Fix BIMI record parsing error introduced in 5.9.0.
|
||||
- Update to version 5.9.0
|
||||
Bug fixes:
|
||||
* Remove zero-width characters from domain inputs.
|
||||
* Add a warning when the DMARC record p or sp value is none.
|
||||
* Evaluate DMARC when checking BIMI.
|
||||
* Do lot show a BIMI certificate warning when the l tag is set
|
||||
to "".
|
||||
* Include warnings if a domain is using BIMI, but does not have
|
||||
an enforced DMARC policy.
|
||||
New features:
|
||||
* Parsed SPF record details are now provided even if it uses
|
||||
too many DNS lookups.
|
||||
API changes:
|
||||
* Require keyword arguments to be passed as keyword=value pairs
|
||||
instead of positional arguments.
|
||||
* Add the option ignore_too_many_lookups to
|
||||
checkdmarc.spf.parse_spf_record()
|
||||
+ This option will stop checkdmarc.spf.parse_spf_record() from
|
||||
rasing exceptions related to too many DNS lookups, in
|
||||
support of the new feature.
|
||||
+ False by default to maintain backwards compatibility.
|
||||
+ checkdmarc.spf.check_spf() uses this functionality to
|
||||
support the new feature.
|
||||
- Update to version 5.8.8
|
||||
* Provide an easier to understand error message when a mark
|
||||
certificate is not is not issued by a recognized Mark
|
||||
Verifying Authority (MVA).
|
||||
* Bug fix: failure to download a BIMI image is noted in the
|
||||
certificate section instead of the image section.
|
||||
- Update to version 5.8.7
|
||||
* fix discrepencies on http_timeout usage.
|
||||
* Fixing a bug in policy/subdomain policy check for parked
|
||||
domains.
|
||||
- Update patch:
|
||||
* skip-network-tests.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Jun 27 15:07:33 UTC 2025 - Markéta Machová <mmachova@suse.com>
|
||||
|
||||
- Convert to libalternatives
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 18 11:26:03 UTC 2025 - Martin Hauke <mardnh@gmx.de>
|
||||
|
||||
- Update to version 5.8.6
|
||||
* Ignore unhandled critical extensions for mark certificates.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon May 19 07:44:56 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
|
||||
|
||||
- Update to version 5.8.2
|
||||
* Add SSL.com root VMC CA certificates to `MVCCAs.pem`
|
||||
* Replace deprecated `importlib.resources.path` call
|
||||
with `importlib.resources.file`
|
||||
* Use `importlib-resources` to support older versions of Python
|
||||
- Update BuildRequires from pyproject.toml
|
||||
- Use Python 3.11 on SLE-15 by default
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 4 16:36:52 UTC 2025 - Martin Hauke <mardnh@gmx.de>
|
||||
|
||||
- Update to version 5.8.1
|
||||
* Fix incomplete fix for issue #159
|
||||
- Update to version 5.8.0
|
||||
* Support ra=, rp= and rr= tags from RFC 6652.
|
||||
* Do not use static answer positions when checking DNSSEC and
|
||||
TLSA.
|
||||
- Update patch:
|
||||
* skip-network-tests.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Nov 10 10:27:03 UTC 2024 - Martin Hauke <mardnh@gmx.de>
|
||||
|
||||
- Update to version 5.7.8
|
||||
* Move SVG validation errors from ["bimi"]["warnings"] to
|
||||
["bimi"]["image"]["validation_errors"] (#150)
|
||||
- Update to version 5.7.7
|
||||
* Fix VMC validation errors not appearing.
|
||||
- Update to version 5.7.6
|
||||
* Fix crash when trying to output to CSV format
|
||||
- Update to version 5.7.5
|
||||
* Fix BIMI lookup for subdomains that do not have a BIMI record.
|
||||
- Update to version 5.7.4
|
||||
* Add additional checks for tiny-ps SVG requirements
|
||||
- Update to version 5.7.3
|
||||
* BIMI images and mark certificates
|
||||
+ Better error handling
|
||||
+ Simplified warning messages
|
||||
+ sha256_hash output fields renamed to sha256
|
||||
- Update to version 5.7.2
|
||||
* Account for float SVG sizes
|
||||
- Update to version 5.7.1
|
||||
* Properly parse a certificate SAN
|
||||
* Certificate warnings fire properly
|
||||
* Make the expires timestamp more readable
|
||||
- Update to version 5.7.0
|
||||
* checkdmarc will now validate Verified Mark Certificates (VMCs)
|
||||
and Common Mark Certificates (CMC), snd will verify that
|
||||
SHA256 hash of the logo embedded in the certificate matches
|
||||
the SHA256 hash logo at the URL at the BIMI l tag.
|
||||
Additionally, SVG and certificate metadata is now included in
|
||||
the checkdmarc.bimi.parse_bimi_record() API and JSON CLI
|
||||
output.
|
||||
- Update to version 5.6.2
|
||||
* Add a warning when BIMI records do not provide a mark
|
||||
certificate.
|
||||
* Use the correct dependency (xmltodict, not xml2dict).
|
||||
- Update to version 5.6.1
|
||||
* Fix SVG base profile detection
|
||||
- Update to version 5.6.0
|
||||
* Automatically check for a BIMI DNS record at the default
|
||||
selector when using the CLI
|
||||
* Fix parsing of BIMI record tags when they are separated by
|
||||
a ";" without a space.
|
||||
* Validate the file at the URL in the BIMI l tag value
|
||||
+ Must be an SVG file
|
||||
+ The SVG version must be 1.2
|
||||
+ The SVG base profile must be tiny-ps
|
||||
+ The SVG dimensions must be square
|
||||
+ The file size must not exceed 32 KB
|
||||
- Update to version 5.5.1
|
||||
* SPF record validation fixes (PR #147)
|
||||
+ Accept mechanisms with domains that start with all.
|
||||
+ Ignore multiple trailing mechanisms and random text with
|
||||
spaces.
|
||||
- Rebase skip-network-tests.patch
|
||||
- Remove tests.py
|
||||
* included in the now used source tarball from github
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 10 15:49:23 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 5.5.0:
|
||||
* Support `redirect` in SPF
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 29 01:43:19 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com>
|
||||
|
||||
- Update to 5.3.1:
|
||||
* Ignore UnicodeDecodeError exceptions when querying for TXT records
|
||||
* Check DNSSEC on MX hostnames
|
||||
* USE DNSSEC when requesting DNSKEY records
|
||||
* Do not require an RRSIG answer when querying for DNSKEY records
|
||||
* Pass in nameservers and timeout when running get_dnskey recursively
|
||||
* Properly cache DNSKEY answers
|
||||
* Fix exception handling for query_mta_sts_record
|
||||
* Check for TLSA records
|
||||
* Add support for parsing SMTP TLS Reporting (RFC8460) DNS records
|
||||
* Add missing import dns.dnssec
|
||||
* Always use the actual subdomain or domain provided
|
||||
* Include MTA-STS and BIMI results in CSV output
|
||||
* Added the include_tag_descriptions parameter to
|
||||
checkdmarc.bimi.check_bimi()
|
||||
* Added the exception class MTASTSPolicyDownloadError
|
||||
* Major refactoring: Change from a single module to a package of modules,
|
||||
with each checked standard as its own package
|
||||
* Add support for MTA-STS RFC 8461
|
||||
* Add support for BIMI
|
||||
* Specify a BIMI selector using the --bimi-selector/-b option
|
||||
* Fix SPF query error and warning messages
|
||||
* Add support for null MX records - RFC 7505
|
||||
* Make DMARC retorting URI error messages more clear
|
||||
* Fix compatibility with Python 3.8
|
||||
* SPFRecordNotFound exception now includes a domain argument
|
||||
* The DMARC missing authorization error message now includes the full
|
||||
expected DNS record
|
||||
* Properly parse DMARC and BIMI records for domains that do not have an
|
||||
identified base domain
|
||||
* Add ignore_unrelated_records argument to query_dmarc_record()
|
||||
* Replace publicsuffix2 with publicsuffixlist
|
||||
* Maintain the original character case of the DMARC record
|
||||
* Always treat tag names as lowercase
|
||||
* Always treat the DMARC v tag value as if it was uppercase
|
||||
* Always treat the DMARC p, and fo tag values as if they were lowercase
|
||||
* Always treat URI schemes as lowercase, but maintain the case of the address
|
||||
* Ignore case and whitespace when parsing DMARC and BIMI key=value pairs
|
||||
* Handle missing PTR records more gracefully
|
||||
* Redundant DMARC fo tag values now result in a warning
|
||||
* Detect non-trivial loops
|
||||
* Raise a SPFSyntaxError exception when an IP address and IP version do
|
||||
not match
|
||||
* Fix raising the DMARCRecordNotFound exception when a DMARC record does
|
||||
not exist
|
||||
* Add void lookup limit
|
||||
* Add Support for User Defined DNS Resolver Object
|
||||
* Fix DNS caching
|
||||
* Fix CSV output
|
||||
* Always parse RUA and RUF fields, even if other parts of the record are
|
||||
invalid
|
||||
* Migrate build from setuptools to hatch
|
||||
- Stop shipping LICENSE, now included directly.
|
||||
- Refresh tests.py from upstream.
|
||||
- Switch to pyproject and patch macros.
|
||||
- No more greedy globs in %files.
|
||||
- Drop skip-broken-tests.patch, not required.
|
||||
- Add patch skip-network-tests.patch, skip tests that require network access.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 21 10:20:44 UTC 2021 - Matej Cepl <mcepl@suse.com>
|
||||
|
||||
- Use %pyunittest macro instead of directly calling %python_exec
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 20 17:00:06 UTC 2021 - Martin Hauke <mardnh@gmx.de>
|
||||
|
||||
- Use tests.py from github
|
||||
- Add patch:
|
||||
* skip-broken-tests.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jul 17 10:14:54 UTC 2021 - Martin Hauke <mardnh@gmx.de>
|
||||
|
||||
- Initial package, version 4.4.1
|
||||
Reference in New Issue
Block a user