diff options
author | David Lord <davidism@gmail.com> | 2018-09-26 08:18:59 -0700 |
---|---|---|
committer | David Lord <davidism@gmail.com> | 2018-09-26 08:21:22 -0700 |
commit | 6f3663ffedb3fac777dcf08c0f4fc2ed265c3745 (patch) | |
tree | d5f2066431ce62bc7cd978e3b16b14f1e54800db | |
parent | 66121f486520c26114ae209e8e0ea4b6ab67a147 (diff) | |
download | itsdangerous-6f3663ffedb3fac777dcf08c0f4fc2ed265c3745.tar.gz |
update metadata
-rw-r--r-- | .gitignore | 22 | ||||
-rw-r--r-- | .gitmodules | 3 | ||||
-rw-r--r-- | .travis.yml | 37 | ||||
-rw-r--r-- | CHANGES | 113 | ||||
-rw-r--r-- | CHANGES.rst | 159 | ||||
-rw-r--r-- | LICENSE | 31 | ||||
-rw-r--r-- | LICENSE.rst | 39 | ||||
-rw-r--r-- | MANIFEST.in | 8 | ||||
-rw-r--r-- | Makefile | 21 | ||||
-rw-r--r-- | README | 11 | ||||
-rw-r--r-- | README.rst | 70 | ||||
m--------- | docs/_themes | 0 | ||||
-rw-r--r-- | itsdangerous.py | 15 | ||||
-rw-r--r-- | setup.cfg | 26 | ||||
-rwxr-xr-x | setup.py | 29 | ||||
-rw-r--r-- | test-requirements.txt | 1 | ||||
-rw-r--r-- | tox.ini | 18 |
17 files changed, 368 insertions, 235 deletions
@@ -1,11 +1,17 @@ -.DS_Store *.pyc *.pyo -env -dist -build -.tox -docs/_build -*.egg-info +__pycache__/ .idea/ -.cache +.DS_Store +env/ +venv/ +*.egg-info/ +*.eggs/ +build/ +dist/ +docs/_build/ +.pytest_cache/ +.tox/ +.coverage +.coverage.* +htmlcov/ diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index da2edb3..0000000 --- a/.gitmodules +++ /dev/null @@ -1,3 +0,0 @@ -[submodule "docs/_themes"] - path = docs/_themes - url = https://github.com/mitsuhiko/flask-sphinx-themes diff --git a/.travis.yml b/.travis.yml index 6414746..c2ee1ff 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,21 +1,34 @@ +os: linux sudo: false language: python python: - - "2.7" - - pypy - - "3.4" - - "3.5" - "3.6" + - "3.5" + - "3.4" + - "2.7" + - "nightly" + - "pypy3" +env: TOXENV=py,codecov + +matrix: + allow_failures: + - python: nightly + - python: pypy3 + fast_finish: true + install: - pip install tox + script: - - tox -e py + - tox + +cache: + - pip + +branches: + only: + - master + - /^.*\.x$/ + notifications: email: false - irc: - channels: - - chat.freenode.net#pocoo - on_success: change - on_failure: always - use_notice: true - skip_join: true diff --git a/CHANGES b/CHANGES deleted file mode 100644 index 80e281b..0000000 --- a/CHANGES +++ /dev/null @@ -1,113 +0,0 @@ -It's Dangerous Changelog ------------------------- - -Version 1.0 -~~~~~~~~~~~ - -Unreleased - -- Dropped support for Python 2.6 and 3.3. Added support for 3.6. -- Distribute a universal wheel. -- Changed default intermediate hash from SHA-1 to SHA-512 -- More compact JSON dumps for unicode strings. -- Added `serializer_kwargs` argument to `Serializer`. -- `base64_decode` raises `BadData` when it is passed invalid data. -- Added `media_type` argument to `JSONWebSignatureSerializer`. -- `ValueError` is raised when an invalid `sep` is passed to `Signer`. - -Version 0.24 -~~~~~~~~~~~~ - -- Added a `BadHeader` exception that is used for bad headers - that replaces the old `BadPayload` exception that was reused - in those cases. - -Version 0.23 -~~~~~~~~~~~~ - -- Fixed a packaging mistake that caused the tests and license - files to not be included. - -Version 0.22 -~~~~~~~~~~~~ - -- Added support for `TimedJSONWebSignatureSerializer`. -- made it possible to override the signature verification function - to allow implementing asymmetrical algorithms. - -Version 0.21 -~~~~~~~~~~~~ - -- Fixed an issue on Python 3 which caused invalid errors to be - generated. - -Version 0.20 -~~~~~~~~~~~~ - -- Fixed an incorrect call into `want_bytes` that broke some - uses of itsdangerous on Python 2.6. - -Version 0.19 -~~~~~~~~~~~~ - -- Dropped support for 2.5 and added support for 3.3. - -Version 0.18 -~~~~~~~~~~~~ - -- Added support for JSON Web Signatures (JWS). - -Version 0.17 -~~~~~~~~~~~~ - -- Fixed a name error when overriding the digest method. - -Version 0.16 -~~~~~~~~~~~~ - -- made it possible to pass unicode values to `load_payload` to make it - easier to debug certain things. - -Version 0.15 -~~~~~~~~~~~~ - -- made standalone `load_payload` more robust by raising one specific - error if something goes wrong. -- refactored exceptions to catch more cases individually, added more - attributes. -- fixed an issue that caused `load_payload` not work in some situations - with timestamp based serializers -- added an `loads_unsafe` method. - -Version 0.14 -~~~~~~~~~~~~ - -- API refactoring to support different key derivations. -- Added attributes to exceptions so that you can inspect the data even - if the signature check failed. - -Version 0.13 -~~~~~~~~~~~~ - -- Small API change that enables customization of the digest module. - -Version 0.12 -~~~~~~~~~~~~ - -- Fixed a problem with the local timezone being used for the epoch - calculation. This might invalidate some of your signatures if you - were not running in UTC timezone. You can revert to the old behavior - by monkey patching itsdangerous.EPOCH. - -Version 0.11 -~~~~~~~~~~~~ - -- Fixed an uncought value error. - -Version 0.10 -~~~~~~~~~~~~ - -- Refactored interface that the underlying serializers can be swapped by - passing in a module instead of having to override the payload loaders - and dumpers. This makes the interface more compatible with Django's - recent changes. diff --git a/CHANGES.rst b/CHANGES.rst new file mode 100644 index 0000000..013e2f7 --- /dev/null +++ b/CHANGES.rst @@ -0,0 +1,159 @@ +It's Dangerous Changelog +======================== + + +Version 1.0 +----------- + +Unreleased + +- Dropped support for Python 2.6 and 3.3. +- Distribute a universal wheel. +- Changed default intermediate hash from SHA-1 to SHA-512 +- More compact JSON dumps for unicode strings. +- Added ``serializer_kwargs`` argument to ``Serializer``. +- ``base64_decode`` raises ``BadData`` when it is passed invalid data. +- Added ``media_type`` argument to ``JSONWebSignatureSerializer``. +- ``ValueError`` is raised when an invalid ``sep`` is passed to ``Signer``. + + +Version 0.24 +------------ + +Released 2014-03-28 + +- Added a ``BadHeader`` exception that is used for bad headers that + replaces the old ``BadPayload`` exception that was reused in those + cases. + + +Version 0.23 +------------ + +Released 2013-08-08 + +- Fixed a packaging mistake that caused the tests and license files to + not be included. + + +Version 0.22 +------------ + +Released 2013-07-03 + +- Added support for ``TimedJSONWebSignatureSerializer``. +- Made it possible to override the signature verification function to + allow implementing asymmetrical algorithms. + + +Version 0.21 +------------ + +Released 2013-05-26 + +- Fixed an issue on Python 3 which caused invalid errors to be + generated. + + +Version 0.20 +------------ + +Released 2013-05-23 + +- Fixed an incorrect call into ``want_bytes`` that broke some uses of + itsdangerous on Python 2.6. + + +Version 0.19 +------------ + +Released 2013-05-21 + +- Dropped support for 2.5 and added support for 3.3. + + +Version 0.18 +------------ + +Released 2013-05-03 + +- Added support for JSON Web Signatures (JWS). + + +Version 0.17 +------------ + +Released 2012-08-10 + +- Fixed a name error when overriding the digest method. + + +Version 0.16 +------------ + +Released 2012-07-11 + +- Made it possible to pass unicode values to ``load_payload`` to make + it easier to debug certain things. + + +Version 0.15 +------------ + +Released 2012-07-11 + +- Made standalone ``load_payload`` more robust by raising one specific + error if something goes wrong. +- Refactored exceptions to catch more cases individually, added more + attributes. +- Fixed an issue that caused ``load_payload`` not work in some + situations with timestamp based serializers +- Added an ``loads_unsafe`` method. + + +Version 0.14 +------------ + +Released 2012-06-29 + +- API refactoring to support different key derivations. +- Added attributes to exceptions so that you can inspect the data even + if the signature check failed. + + +Version 0.13 +------------ + +Released 2012-06-10 + +- Small API change that enables customization of the digest module. + + +Version 0.12 +------------ + +Released 2012-02-22 + +- Fixed a problem with the local timezone being used for the epoch + calculation. This might invalidate some of your signatures if you + were not running in UTC timezone. You can revert to the old behavior + by monkey patching ``itsdangerous.EPOCH``. + + +Version 0.11 +------------ + +Released 2011-07-07 + +- Fixed an uncaught value error. + + +Version 0.10 +------------ + +Released 2011-06-25 + +- Refactored interface that the underlying serializers can be swapped + by passing in a module instead of having to override the payload + loaders and dumpers. This makes the interface more compatible with + Django's recent changes. diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 183d7f6..0000000 --- a/LICENSE +++ /dev/null @@ -1,31 +0,0 @@ -Copyright (c) 2011 by Armin Ronacher and the Django Software Foundation. - -Some rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - - * Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials provided - with the distribution. - - * The names of the contributors may not be used to endorse or - promote products derived from this software without specific - prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/LICENSE.rst b/LICENSE.rst new file mode 100644 index 0000000..ab6e0a6 --- /dev/null +++ b/LICENSE.rst @@ -0,0 +1,39 @@ +`BSD 3-Clause <https://opensource.org/licenses/BSD-3-Clause>`_ + +Copyright © 2011 by the Pallets team. + +Some rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + +- Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +- Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +- Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +We kindly ask you to use these themes in an unmodified manner only with +Pallets and Pallets-related projects, not for unrelated projects. If you +like the visual style and want to use it for your own projects, please +consider making some larger changes to the themes (such as changing font +faces, sizes, colors or margins). + +THIS SOFTWARE AND DOCUMENTATION IS PROVIDED BY THE COPYRIGHT HOLDERS AND +CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, +BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON +ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +THIS SOFTWARE AND DOCUMENTATION, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. diff --git a/MANIFEST.in b/MANIFEST.in index 987e329..485c797 100644 --- a/MANIFEST.in +++ b/MANIFEST.in @@ -1,4 +1,8 @@ -include CHANGES LICENSE tests.py tox.ini test-requirements.txt +include CHANGES.rst +include LICENSE.rst +include README.rst +include tests.py +include tox.ini graft docs prune docs/_build -recursive-exclude docs/_themes *.pyc .git* +global-exclude *.py[co] diff --git a/Makefile b/Makefile deleted file mode 100644 index 6d38f2c..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -.PHONY: clean-pyc test tox-test upload-docs - -all: clean-pyc test - -test: - py.test - -tox-test: - tox - -clean-pyc: - find . -name '*.pyc' -exec rm -f {} + - find . -name '*.pyo' -exec rm -f {} + - find . -name '*~' -exec rm -f {} + - -upload-docs: - $(MAKE) -C docs html - python setup.py upload_docs - -release: - python setup.py sdist bdist_wheel upload @@ -1,11 +0,0 @@ -It's Dangerous - ... so better sign this - -Various helpers to pass data to untrusted environments and to get it back -safe and sound. - -This repository provides a module that is a port of the django signing -module. It's not directly copied but some changes were applied to -make it work better on its own. - -Also I plan to add some extra things. Work in progress. diff --git a/README.rst b/README.rst new file mode 100644 index 0000000..84b61b3 --- /dev/null +++ b/README.rst @@ -0,0 +1,70 @@ +It's Dangerous +============== + +... so better sign this + +Various helpers to pass data to untrusted environments and to get it +back safe and sound. Data is cryptographically signed to ensure that a +token has not been tampered with. + +It's possible to customize how data is serialized. Data is compressed as +needed. A timestamp can be added and verified automatically while +loading a token. + + +Installing +---------- + +Install and update using `pip`_: + +.. code-block:: text + + pip install -U ItsDangerous + +.. _pip: https://pip.pypa.io/en/stable/quickstart/ + + +A Simple Example +---------------- + +Here's how you could generate a token for transmitting a user's id and +name between web requests. + +.. code-block:: python + + from itsdangerous import URLSafeSerializer + + auth_s = URLSafeSerializer("secret key", "auth") + token = auth_s.dumps({"id": 5, "name": "itsdangerous"}) + + print(token) + # eyJpZCI6NSwibmFtZSI6Iml0c2Rhbmdlcm91cyJ9.AmSPrPa_iZ6q-ERXXdQxt6ce8NEqt + # 3i2Uke3sIRnDG0riZD6OoqckqC72VJ9SBIu-vAf_XlwNHnt7dLEClT0JA + + data = auth_s.loads(token) + print(data["name"]) + # itsdangerous + + +Donate +------ + +The Pallets organization develops and supports ItsDangerous and other +popular packages. In order to grow the community of contributors and +users, and allow the maintainers to devote more time to the projects, +`please donate today`_. + +.. _please donate today: https://palletsprojects.com/donate + + +Links +----- + +* Website: https://palletsprojects.com/p/itsdangerous/ +* Documentation: https://itsdangerous.palletsprojects.com/ +* License: `BSD <https://github.com/pallets/itsdangerous/blob/master/LICENSE.rst>`_ +* Releases: https://pypi.org/project/itsdangerous/ +* Code: https://github.com/pallets/itsdangerous +* Issue tracker: https://github.com/pallets/itsdangerous/issues +* Test status: https://travis-ci.org/pallets/itsdangerous +* Test coverage: https://codecov.io/gh/pallets/itsdangerous diff --git a/docs/_themes b/docs/_themes deleted file mode 160000 -Subproject 1cc44686f0f9dad27cce2c9d16cf42f97bc87db diff --git a/itsdangerous.py b/itsdangerous.py index f618038..63d25d2 100644 --- a/itsdangerous.py +++ b/itsdangerous.py @@ -1,14 +1,15 @@ # -*- coding: utf-8 -*- """ - itsdangerous - ~~~~~~~~~~~~ +itsdangerous +~~~~~~~~~~~~ - A module that implements various functions to deal with untrusted - sources. Mainly useful for web applications. +A module that implements various functions to deal with untrusted +sources. Mainly useful for web applications. - :copyright: (c) 2011 by Armin Ronacher and the Django Software Foundation. - :license: BSD, see LICENSE for more details. +:copyright: © 2011 by the Pallets team +:license: BSD, see LICENSE.rst for more details. """ + import string import struct import sys @@ -36,7 +37,7 @@ try: except ImportError: import json -__version__ = '1.0' +__version__ = '1.0.dev' class _CompactJSON(object): @@ -1,18 +1,20 @@ -[egg_info] -tag_build = 'dev' -tag_date = 1 - -[aliases] -release = egg_info -RDb '' +[metadata] +license_file = LICENSE.rst [bdist_wheel] universal = 1 -[metadata] -license_file = LICENSE - -[upload_docs] -upload-dir = docs/_build/html - [tool:pytest] testpaths = tests.py + +[coverage:run] +branch = True +source = + itsdangerous + tests + +[coverage:paths] +source = + itsdangerous + .tox/*/lib/python*/site-packages/itsdangerous + .tox/pypy*/site-packages/itsdangerous @@ -1,26 +1,32 @@ -#!/usr/bin/env python -import os +import io import re from setuptools import setup -setup_dir = os.path.dirname(__file__) +with io.open("README.rst", "rt", encoding="utf8") as f: + readme = f.read() -with open(os.path.join(setup_dir, 'itsdangerous.py'), 'rb') as f: - version = re.search(r'^__version__ = \'(\d+\.(?:\d+\.)*\d+)\'', f.read().decode('utf8'), re.M).group(1) +with io.open("itsdangerous.py", "rt", encoding="utf8") as f: + version = re.search(r"__version__ = \'(.*?)\'", f.read()).group(1) setup( - name='itsdangerous', + name='ItsDangerous', version=version, - url='https://www.palletsprojects.com/p/itsdangerous/', + url='https://palletsprojects.com/p/itsdangerous/', + project_urls={ + "Documentation": "https://itsdangerous.palletsprojects.com/", + "Code": "https://github.com/pallets/itsdangerous", + "Issue tracker": "https://github.com/pallets/itsdangerous/issues", + }, + license='BSD', author='Armin Ronacher', author_email='armin.ronacher@active-4.com', - maintainer='Pallets team', + maintainer='Pallets Team', maintainer_email='contact@palletsprojects.com', - description='Various helpers to pass trusted data to untrusted environments and back.', + description='Various helpers to pass data to untrusted environments and back.', + long_description=readme, py_modules=['itsdangerous'], include_package_data=True, - zip_safe=False, - license='BSD', + python_requires=">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*", classifiers=[ 'Development Status :: 5 - Production/Stable', 'Intended Audience :: Developers', @@ -33,5 +39,6 @@ setup( 'Programming Language :: Python :: 3.4', 'Programming Language :: Python :: 3.5', 'Programming Language :: Python :: 3.6', + 'Programming Language :: Python :: 3.7', ], ) diff --git a/test-requirements.txt b/test-requirements.txt deleted file mode 100644 index e079f8a..0000000 --- a/test-requirements.txt +++ /dev/null @@ -1 +0,0 @@ -pytest @@ -1,7 +1,19 @@ [tox] -envlist = py27,pypy,py34,py35,py36 +envlist = + py{37,36,35,34,27,py3,py} + docs-html +skip_missing_interpreters = true [testenv] -commands = py.test {posargs} +deps = pytest-cov +commands = pytest --cov --cov-append {posargs} -deps = -rtest-requirements.txt +[testenv:docs-html] +deps = sphinx +commands = sphinx-build -W -b html -d {envtmpdir}/doctrees docs {envtmpdir}/html + +[testenv:codecov] +passenv = CI TRAVIS TRAVIS_* +deps = codecov +skip_install = true +commands = codecov |