pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/py-passlib py-passlib: updated to 1.7.4



details:   https://anonhg.NetBSD.org/pkgsrc/rev/d4a255fdc6ba
branches:  trunk
changeset: 440559:d4a255fdc6ba
user:      adam <adam%pkgsrc.org@localhost>
date:      Mon Oct 12 11:57:02 2020 +0000

description:
py-passlib: updated to 1.7.4

**1.7.4** (2020-10-08)
======================

Small followup to 1.7.3 release.

Bugfixes
--------

* Fixed some Python 2.6 errors from last release (:issue:`128`)

Other Changes
-------------

* :mod:`passlib.ext.django` -- updated tests to pass for Django 1.8 - 3.1 (:issue:`98`);
  along with some internal refactoring of the test classes.

* .. py:currentmodule:: passlib.context

  :class:`CryptContext` will now throw :exc:`~passlib.exc.UnknownHashError` when it can't identify
  a hash provided to methods such as :meth:`!CryptContext.verify`.
  Previously it would throw a generic :exc:`ValueError`.


Deprecations
------------

* :mod:`passlib.ext.django`: This extension will require Django 2.2 or newer as of Passlib 1.8.


**1.7.3** (2020-10-06)
======================

This release rolls up assorted bug & compatibility fixes since 1.7.2.

Administrative Changes
----------------------

.. rst-class:: without-title

.. note::

  **Passlib has moved to Heptapod!**

  Due to BitBucket deprecating Mercurial support, Passlib's public repository and issue tracker
  has been relocated.  It's now located at `<https://foss.heptapod.net/python-libs/passlib>`_,
  and is powered by `Heptapod <https://heptapod.net/>`_.

  Hosting for this and other open-source projects graciously provided by the people at
  `Octobus <https://octobus.net/>`_ and `CleverCloud <https://clever-cloud.com/>`_!

  The mailing list and documentation urls remain the same.

New Features
------------

* .. py:currentmodule:: passlib.hash

  :class:`ldap_salted_sha512`: LDAP "salted hash" support added for SHA-256 and SHA-512 (:issue:`124`).

Bugfixes
--------

* .. py:currentmodule:: passlib.hash

  :class:`bcrypt`: Under python 3, OS native backend wasn't being detected on BSD platforms.
  This was due to a few internal issues in feature-detection code, which have been fixed.

* :func:`passlib.utils.safe_crypt`: Support :func:`crypt.crypt` unexpectedly
  returning bytes under Python 3 (:issue:`113`).

* :func:`passlib.utils.safe_crypt`: Support :func:`crypt.crypt` throwing :exc:`OSError`,
  which can happen as of Python 3.9 (:issue:`115`).

* :mod:`passlib.ext.django`: fixed lru_cache import (django 3 compatibility)

* :mod:`!passlib.tests`: fixed bug where :meth:`HandlerCase.test_82_crypt_support` wasn't
  being run on systems lacking support for the hasher being tested.
  This test now runs regardless of system support.

Other Changes
-------------

* .. py:currentmodule:: passlib.hash

  :class:`bcrypt_sha256`:  Internal algorithm has been changed to use HMAC-SHA256 instead of
  plain SHA256.  This should strengthen the hash against brute-force attempts which bypass
  the intermediary hash by using known-sha256-digest lookup tables (:issue:`114`).

* .. py:currentmodule:: passlib.hash

  :class:`bcrypt`: OS native backend ("os_crypt") now raises the new :exc:`~passlib.exc.PasswordValueError`
  if password is provided as non-UTF8 bytes under python 3
  (These can't be passed through, due to limitation in stdlib's :func:`!crypt.crypt`).
  Prior to this release, it confusingly raised :exc:`~passlib.exc.MissingBackendError` instead.

  Also improved legacy bcrypt format workarounds, to support a few more UTF8 edge cases than before.

* Modified some internals to help run on FIPS systems (:issue:`116`):

  In particular, when MD5 hash is not available, :class:`~passlib.hash.hex_md5`
  will now return a dummy hasher which throws an error if used; rather than throwing
  an uncaught :exc:`!ValueError` when an application attempts to import it.  (Similar behavior
  added for the other unsalted digest hashes).

  .. py:currentmodule:: passlib.crypto.digest

  Also, :func:`lookup_hash`'s ``required=False`` kwd was modified to report unsupported hashes
  via the :attr:`HashInfo.supported` attribute; rather than letting ValueErrors through uncaught.

  This should allow CryptContext instances to be created on FIPS systems without having
  a load-time error (though they will still receive an error if an attempt is made to actually
  *use* a FIPS-disabled hash).

* Internal errors calling stdlib's :func:`crypt.crypt`, or third party libraries,
  will now raise the new :exc:`~passlib.exc.InternalBackendError` (a RuntimeError);
  where previously it would raise an :exc:`AssertionError`.

* Various Python 3.9 compatibility fixes (including ``NotImplemented``-related warning, :issue:`125`)

diffstat:

 security/py-passlib/Makefile |   6 +++---
 security/py-passlib/distinfo |  10 +++++-----
 2 files changed, 8 insertions(+), 8 deletions(-)

diffs (34 lines):

diff -r 15ca88356529 -r d4a255fdc6ba security/py-passlib/Makefile
--- a/security/py-passlib/Makefile      Mon Oct 12 11:15:29 2020 +0000
+++ b/security/py-passlib/Makefile      Mon Oct 12 11:57:02 2020 +0000
@@ -1,12 +1,12 @@
-# $NetBSD: Makefile,v 1.8 2020/09/27 10:38:25 kleink Exp $
+# $NetBSD: Makefile,v 1.9 2020/10/12 11:57:02 adam Exp $
 
-DISTNAME=      passlib-1.7.2
+DISTNAME=      passlib-1.7.4
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=    security python
 MASTER_SITES=  ${MASTER_SITE_PYPI:=p/passlib/}
 
 MAINTAINER=    kleink%NetBSD.org@localhost
-HOMEPAGE=      https://foss.heptapod.net/python-libs/passlib/-/wikis/home
+HOMEPAGE=      https://passlib.readthedocs.io/
 COMMENT=       Comprehensive password hashing framework supporting over 30 schemes
 LICENSE=       modified-bsd
 
diff -r 15ca88356529 -r d4a255fdc6ba security/py-passlib/distinfo
--- a/security/py-passlib/distinfo      Mon Oct 12 11:15:29 2020 +0000
+++ b/security/py-passlib/distinfo      Mon Oct 12 11:57:02 2020 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.6 2019/11/24 11:36:53 adam Exp $
+$NetBSD: distinfo,v 1.7 2020/10/12 11:57:02 adam Exp $
 
-SHA1 (passlib-1.7.2.tar.gz) = 890ec67cbb6c250d1e71d65b7d82701a7479b951
-RMD160 (passlib-1.7.2.tar.gz) = dd670bc09676aa7af4cb3d11098eed53cbb593e1
-SHA512 (passlib-1.7.2.tar.gz) = 1ea0654b177b5ab2e1a7e5c3949642c34805ace6e4e4a0f82fafdb3f374edd99c667906ce598c335b668da049860648d5cbebb3e62d775898d5b0cb8cfc7bf53
-Size (passlib-1.7.2.tar.gz) = 649654 bytes
+SHA1 (passlib-1.7.4.tar.gz) = 7881275c4fdbb235ebf610e4fd0b661d9fb3c249
+RMD160 (passlib-1.7.4.tar.gz) = b32ad2ad061cc5eaac37b114684f8364686dfbdd
+SHA512 (passlib-1.7.4.tar.gz) = 350bd6da5ac57e6c266ffe8bf9684c8c2cce3fc6b513eb6c7bc1b302d2d8a1b701e9c01c953782520a2ac37b7ec1f6d7bd5855f99f6ee0e2dbbf33f2d49a9530
+Size (passlib-1.7.4.tar.gz) = 689844 bytes



Home | Main Index | Thread Index | Old Index