# # spec file for package python-itsdangerous # # Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # %{?sle15_python_module_pythons} Name: python-itsdangerous Version: 2.2.0 Release: 1.4 Summary: Various helpers to pass trusted data to untrusted environments and back License: BSD-3-Clause URL: https://itsdangerous.palletsprojects.com Source: https://files.pythonhosted.org/packages/source/i/itsdangerous/itsdangerous-%{version}.tar.gz BuildRequires: %{python_module flit-core} BuildRequires: %{python_module freezegun} BuildRequires: %{python_module pip} BuildRequires: %{python_module pytest} BuildRequires: %{python_module wheel} BuildRequires: fdupes BuildRequires: python-rpm-macros BuildArch: noarch %python_subpackages %description It's Dangerous ... so better sign this Various helpers to pass data to untrusted environments and to get it back safe and sound. This repository provides a module that is a port of the django signing module. It's not directly copied but some changes were applied to make it work better on its own. Also I plan to add some extra things. Work in progress. %prep %setup -q -n itsdangerous-%{version} %build %pyproject_wheel %install %pyproject_install %python_expand %fdupes %{buildroot}%{$python_sitelib} %check %pytest tests %files %{python_files} %license LICENSE.txt %doc CHANGES.rst README.md %{python_sitelib}/itsdangerous %{python_sitelib}/itsdangerous-%{version}.dist-info %changelog * Tue Nov 19 2024 Dirk Müller - update to 2.2.0: * Drop support for Python 3.7. :pr:`372` * Use modern packaging metadata with pyproject.toml instead of setup.cfg. :pr:`326` * Use flit_core instead of setuptools as build backend. * Deprecate the __version__ attribute. Use feature detection, or importlib.metadata.version("itsdangerous"), instead. :issue:`371` * Serializer and the return type of dumps is generic for type checking. By default it is Serializer[str] and dumps returns a str. If a different serializer argument is given, it will try to infer the return type of its dumps method. :issue:`347` * The default hashlib.sha1 may not be available in FIPS builds. Don't access it at import time so the developer has time to change the default. :issue:`375` * Mon Sep 18 2023 Steve Kowalik - Switch to pyproject macros. - Stop using greedy globs in %%files. * Fri Apr 21 2023 Dirk Müller - add sle15_python_module_pythons (jsc#PED-68) * Thu Apr 13 2023 Matej Cepl - Make calling of %%{sle15modernpython} optional. * Fri Apr 22 2022 Michael Ströder - update to 2.1.2 * Handle date overflow in timed unsign on 32-bit systems. :pr:`299` - removed obsolete 32bit-handle-overflow.patch * Thu Mar 24 2022 Dirk Müller - add 32bit-handle-overflow.patch * Mon Mar 21 2022 Dirk Müller - update to 2.1.1: * Handle date overflow in timed unsign. :pr:`296` * Drop support for Python 3.6. :pr:`272` * Remove previously deprecated code. :pr:`273` * JWS functionality: Use a dedicated library such as Authlib instead. * ``import itsdangerous.json``: Import ``json`` from the standard library instead. * Sat Jun 19 2021 Michael Ströder - update to version 2.0.1 * Version 2.0.1 - Mark top-level names as exported so type checking understands imports in user projects. #240 - The salt argument to Serializer and Signer can be None again. #237 * Version 2.0.0 - Drop support for Python 2 and 3.5. - JWS support (JSONWebSignatureSerializer, TimedJSONWebSignatureSerializer) is deprecated. Use a dedicated JWS/JWT library such as authlib instead. #129 - Importing itsdangerous.json is deprecated. Import Python’s json module instead. #152 - Simplejson is no longer used if it is installed. To use a different library, pass it as Serializer(serializer=...). #146 - datetime values are timezone-aware with timezone.utc. Code using TimestampSigner.unsign(return_timestamp=True) or BadTimeSignature.date_signed may need to change. #150 - If a signature has an age less than 0, it will raise SignatureExpired rather than appearing valid. This can happen if the timestamp offset is changed. #126 - BadTimeSignature.date_signed is always a datetime object rather than an int in some cases. #124 - Added support for key rotation. A list of keys can be passed as secret_key, oldest to newest. The newest key is used for signing, all keys are tried for unsigning. #141 - Removed the default SHA-512 fallback signer from default_fallback_signers. #155 - Add type information for static typing tools. #186 * Tue Jun 11 2019 Marketa Calabkova - update to version 1.1.0 * Drop support for Python 2.6 and 3.3. * Optimize how timestamps are serialized and deserialized. * base64_decode raises BadData when it is passed invalid data. * More compact JSON dumps for unicode strings. * Use the full timestamp rather than an offset, allowing dates before 2011. To retain compatibility with signers from previous versions, consider using shim from issue #120. * Tue Dec 4 2018 Matej Cepl - Remove superfluous devel dependency for noarch package, but keep testsuite passing. * Tue Apr 4 2017 jmatejek@suse.com - update for singlespec * Thu Nov 17 2016 rjschwei@suse.com - Include in SLE 12 (FATE#320818, bsc#979331) * Fri Jul 18 2014 toddrme2178@gmail.com - Update to 0.24 - Added a `BadHeader` exception that is used for bad headers that replaces the old `BadPayload` exception that was reused in those cases. * Tue Sep 3 2013 cfarrell@suse.com - license update: BSD-3-Clause See the LICENSE file * Mon Sep 2 2013 speilicke@suse.com - Initial version