Merge branch '1.1.x'

17 files changed, 156 insertions, 131 deletions

diff --git a/.azure-pipelines.yaml b/.azure-pipelines.yaml
new file mode 100644
index 0000000..374da2d
--- /dev/null
+++ b/.azure-pipelines.yaml
@@ -0,0 +1,64 @@
+trigger:
+  - master
+  - '*.x'
+
+variables:
+  vmImage: ubuntu-latest
+  python.version: 3.7
+  TOXENV: py,coverage-ci
+  hasTestResults: true
+
+strategy:
+  matrix:
+    Python 3.7 Linux:
+      vmImage: ubuntu-latest
+    Python 3.7 Windows:
+      vmImage: windows-latest
+    Python 3.7 Mac:
+      vmImage: macos-latest
+    PyPy 3 Linux:
+      python.version: pypy3
+    Python 3.6 Linux:
+      python.version: 3.6
+    Python 3.5 Linux:
+      python.version: 3.5
+    Python 2.7 Linux:
+      python.version: 2.7
+    Python 2.7 Windows:
+      python.version: 2.7
+      vmImage: windows-latest
+    Docs:
+      TOXENV: docs
+      hasTestResults: false
+    Style:
+      TOXENV: style
+      hasTestResults: false
+
+pool:
+  vmImage: $(vmImage)
+
+steps:
+  - task: UsePythonVersion@0
+    inputs:
+      versionSpec: $(python.version)
+    displayName: Use Python $(python.version)
+
+  - script: pip --disable-pip-version-check install -U tox
+    displayName: Install tox
+
+  - script: tox -s false -- --junit-xml=test-results.xml
+    displayName: Run tox
+
+  - task: PublishTestResults@2
+    inputs:
+      testResultsFiles: test-results.xml
+      testRunTitle: $(Agent.JobName)
+    condition: eq(variables['hasTestResults'], 'true')
+    displayName: Publish test results
+
+  - task: PublishCodeCoverageResults@1
+    inputs:
+      codeCoverageTool: Cobertura
+      summaryFileLocation: coverage.xml
+    condition: eq(variables['hasTestResults'], 'true')
+    displayName: Publish coverage results
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 7be015d..97a6935 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,18 +1,21 @@
 repos:
   - repo: https://github.com/asottile/reorder_python_imports
-    rev: v1.3.1
+    rev: v1.6.1
     hooks:
       - id: reorder-python-imports
-        args: ["--application-directories", "src"]
+        args: ["--application-directories", "src:tests"]
   - repo: https://github.com/ambv/black
-    rev: 18.9b0
+    rev: 19.3b0
     hooks:
       - id: black
+  - repo: https://gitlab.com/pycqa/flake8
+    rev: 3.7.8
+    hooks:
+      - id: flake8
+        additional_dependencies: [flake8-bugbear]
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v2.0.0
+    rev: v2.2.3
     hooks:
       - id: check-byte-order-marker
       - id: trailing-whitespace
       - id: end-of-file-fixer
-      - id: flake8
-        additional_dependencies: [flake8-bugbear]
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index e87eaa0..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,38 +0,0 @@
-os: linux
-sudo: false
-language: python
-python:
-  - "3.6"
-  - "3.5"
-  - "3.4"
-  - "2.7"
-  - "nightly"
-  - "pypy3"
-env: TOXENV=py,codecov
-
-matrix:
-  include:
-    - env: TOXENV=stylecheck,docs-html
-  allow_failures:
-    - python: nightly
-    - python: pypy3
-  fast_finish: true
-
-install:
-  - pip install tox
-
-script:
-  - tox
-
-cache:
-  directories:
-    - $HOME/.cache/pip
-    - $HOME/.cache/pre-commit
-
-branches:
-  only:
-    - master
-    - /^.*\.x$/
-
-notifications:
-  email: false
diff --git a/CHANGES.rst b/CHANGES.rst
index af027c0..199b2b6 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -3,17 +3,14 @@ Version 1.1.0
 
 Released 2018-10-26
 
--   Change default signing algorithm back to SHA-1. (`#113`_)
+-   Change default signing algorithm back to SHA-1. :pr:`113`
 -   Added a default SHA-512 fallback for users who used the yanked 1.0.0
-    release which defaulted to SHA-512. (`#114`_)
+    release which defaulted to SHA-512. :pr:`114`
 -   Add support for fallback algorithms during deserialization to
     support changing the default in the future without breaking existing
-    signatures. (`#113`_)
+    signatures. :pr:`113`
 -   Changed capitalization of packages back to lowercase as the change
-    in capitalization broke some tooling. (`#113`_)
-
-.. _#113: https://github.com/pallets/itsdangerous/pull/113
-.. _#114: https://github.com/pallets/itsdangerous/pull/114
+    in capitalization broke some tooling. :pr:`113`
 
 
 Version 1.0.0
@@ -31,40 +28,27 @@ at SHA1.
 -   Refactor code from a single module to a package. Any object in the
     API docs is still importable from the top-level ``itsdangerous``
     name, but other imports will need to be changed. A future release
-    will remove many of these compatibility imports. (`#107`_)
--   Optimize how timestamps are serialized and deserialized. (`#13`_)
+    will remove many of these compatibility imports. :pr:`107`
+-   Optimize how timestamps are serialized and deserialized. :pr:`13`
 -   ``base64_decode`` raises ``BadData`` when it is passed invalid data.
-    (`#27`_)
+    :pr:`27`
 -   Ensure value is bytes when signing to avoid a ``TypeError`` on
-    Python 3. (`#29`_)
+    Python 3. :issue:`29`
 -   Add a ``serializer_kwargs`` argument to ``Serializer``, which is
-    passed to ``dumps`` during ``dump_payload``. (`#36`_)
--   More compact JSON dumps for unicode strings. (`#38`_)
+    passed to ``dumps`` during ``dump_payload``. :pr:`36`
+-   More compact JSON dumps for unicode strings. :issue:`38`
 -   Use the full timestamp rather than an offset, allowing dates before
-    2011. (`#46`_)
+    2011. :issue:`46`
 
     To retain compatibility with signers from previous versions,
     consider using `this shim <https://github.com/pallets/itsdangerous
     /issues/120#issuecomment-456913331>`_ when unsigning.
 -   Detect a ``sep`` character that may show up in the signature itself
-    and raise a ``ValueError``. (`#62`_)
+    and raise a ``ValueError``. :issue:`62`
 -   Use a consistent signature for keyword arguments for
-    ``Serializer.load_payload`` in subclasses. (`#74`_, `#75`_)
--   Change default intermediate hash from SHA-1 to SHA-512. (`#80`_)
--   Convert JWS exp header to an int when loading. (`#99`_)
-
-.. _#13: https://github.com/pallets/itsdangerous/pull/13
-.. _#27: https://github.com/pallets/itsdangerous/pull/27
-.. _#29: https://github.com/pallets/itsdangerous/issues/29
-.. _#36: https://github.com/pallets/itsdangerous/pull/36
-.. _#38: https://github.com/pallets/itsdangerous/issues/38
-.. _#46: https://github.com/pallets/itsdangerous/issues/46
-.. _#62: https://github.com/pallets/itsdangerous/issues/62
-.. _#74: https://github.com/pallets/itsdangerous/issues/74
-.. _#75: https://github.com/pallets/itsdangerous/pull/75
-.. _#80: https://github.com/pallets/itsdangerous/pull/80
-.. _#99: https://github.com/pallets/itsdangerous/pull/99
-.. _#107: https://github.com/pallets/itsdangerous/pull/107
+    ``Serializer.load_payload`` in subclasses. :issue:`74`, :pr:`75`
+-   Change default intermediate hash from SHA-1 to SHA-512. :pr:`80`
+-   Convert JWS exp header to an int when loading. :pr:`99`
 
 
 Version 0.24
@@ -111,7 +95,7 @@ Version 0.20
 Released 2013-05-23
 
 -   Fixed an incorrect call into ``want_bytes`` that broke some uses of
-    itsdangerous on Python 2.6.
+    ItsDangerous on Python 2.6.
 
 
 Version 0.19
diff --git a/README.rst b/README.rst
index d3b0c04..094d341 100644
--- a/README.rst
+++ b/README.rst
@@ -1,4 +1,4 @@
-itsdangerous
+ItsDangerous
 ============
 
 ... so better sign this
@@ -47,7 +47,7 @@ name between web requests.
 Donate
 ------
 
-The Pallets organization develops and supports itsdangerous and other
+The Pallets organization develops and supports ItsDangerous and other
 popular packages. In order to grow the community of contributors and
 users, and allow the maintainers to devote more time to the projects,
 `please donate today`_.
@@ -60,9 +60,12 @@ Links
 
 *   Website: https://palletsprojects.com/p/itsdangerous/
 *   Documentation: https://itsdangerous.palletsprojects.com/
-*   License: `BSD <https://github.com/pallets/itsdangerous/blob/master/LICENSE.rst>`_
+*   License: `BSD-3-Clause`_
 *   Releases: https://pypi.org/project/itsdangerous/
 *   Code: https://github.com/pallets/itsdangerous
 *   Issue tracker: https://github.com/pallets/itsdangerous/issues
 *   Test status: https://travis-ci.org/pallets/itsdangerous
 *   Test coverage: https://codecov.io/gh/pallets/itsdangerous
+*   Official chat: https://discord.gg/t6rrQZH
+
+.. _BSD-3-Clause: https://github.com/pallets/itsdangerous/blob/master/LICENSE.rst
diff --git a/docs/conf.py b/docs/conf.py
index b2bab8f..25f4425 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -3,16 +3,23 @@ from pallets_sphinx_themes import ProjectLink
 
 # Project --------------------------------------------------------------
 
-project = "itsdangerous"
-copyright = "2011 Pallets Team"
-author = "Pallets Team"
+project = "ItsDangerous"
+copyright = "2011 Pallets"
+author = "Pallets"
 release, version = get_version("itsdangerous")
 
 # General --------------------------------------------------------------
 
 master_doc = "index"
-extensions = ["sphinx.ext.autodoc", "sphinx.ext.intersphinx", "pallets_sphinx_themes"]
+extensions = [
+    "sphinx.ext.autodoc",
+    "sphinx.ext.intersphinx",
+    "pallets_sphinx_themes",
+    "sphinxcontrib.log_cabinet",
+    "sphinx_issues",
+]
 intersphinx_mapping = {"python": ("https://docs.python.org/3/", None)}
+issues_github_path = "pallets/itsdangerous"
 
 # HTML -----------------------------------------------------------------
 
@@ -33,12 +40,13 @@ html_sidebars = {
 }
 singlehtml_sidebars = {"index": ["project.html", "localtoc.html"]}
 html_static_path = ["_static"]
+html_favicon = "_static/itsdangerous-logo-sidebar.png"
 html_logo = "_static/itsdangerous-logo-sidebar.png"
-html_title = "itsdangerous Documentation ({})".format(version)
+html_title = "{} Documentation ({})".format(project, version)
 html_show_sourcelink = False
 
 # LaTeX ----------------------------------------------------------------
 
 latex_documents = [
-    (master_doc, "itsdangerous-{}.tex".format(version), html_title, author, "manual")
+    (master_doc, "{}-{}.tex".format(project, version), html_title, author, "manual")
 ]
diff --git a/docs/index.rst b/docs/index.rst
index 3a98d0b..c5b16cb 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -1,23 +1,23 @@
 .. rst-class:: hide-header
 
-itsdangerous
+ItsDangerous
 ============
 
 .. image:: _static/itsdangerous-logo.png
     :align: center
     :target: https://palletsprojects.com/p/itsdangerous/
 
-Sometimes you just want to send some data to untrusted environments.  But
-how to do this safely?  The trick involves signing.  Given a key only you
-know, you can cryptographically sign your data and hand it over to someone
-else.  When you get the data back you can easily ensure that nobody tampered
-with it.
+Sometimes you just want to send some data to untrusted environments. But
+how to do this safely? The trick involves signing. Given a key only you
+know, you can cryptographically sign your data and hand it over to
+someone else. When you get the data back you can easily ensure that
+nobody tampered with it.
 
 Granted, the receiver can decode the contents and look into the package,
 but they can not modify the contents unless they also have your secret
-key.  So if you keep the key secret and complex, you will be fine.
+key. So if you keep the key secret and complex, you will be fine.
 
-Internally itsdangerous uses HMAC and SHA-512 for signing by default.
+Internally ItsDangerous uses HMAC and SHA-512 for signing by default.
 The initial implementation was inspired by `Django's signing module
 <https://docs.djangoproject.com/en/dev/topics/signing/>`_. It also
 supports JSON Web Signatures (JWS). The library is BSD licensed.
@@ -45,7 +45,7 @@ Example Use Cases
 -   Signed objects can be stored in cookies or other untrusted sources
     which means you don't need to have sessions stored on the server,
     which reduces the number of necessary database queries.
--   Signed information can safely do a roundtrip between server and
+-   Signed information can safely do a round trip between server and
     client in general which makes them useful for passing server-side
     state to a client and then back.
 
diff --git a/docs/jws.rst b/docs/jws.rst
index da12253..06f5bcd 100644
--- a/docs/jws.rst
+++ b/docs/jws.rst
@@ -30,7 +30,7 @@ be provided upon serialization:
     )
     (0, {'alg': 'HS256', 'v': 1})
 
-itsdangerous only provides HMAC SHA derivatives and the none algorithm
+ItsDangerous only provides HMAC SHA derivatives and the none algorithm
 at the moment and does not support the ECC based ones. The algorithm in
 the header is checked against the one of the serializer and on a
 mismatch a :exc:`~itsdangerous.exc.BadSignature` exception is raised.
diff --git a/docs/requirements.txt b/docs/requirements.txt
index 295f450..5354400 100644
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@@ -1,2 +1,4 @@
-Sphinx~=1.8.0
-Pallets-Sphinx-Themes~=1.1.0
+Pallets-Sphinx-Themes~=1.2.2
+Sphinx~=2.1.2
+sphinx-issues~=1.2.0
+sphinxcontrib-log-cabinet~=1.0.1
diff --git a/docs/serializer.rst b/docs/serializer.rst
index 1b1da66..2f08e2a 100644
--- a/docs/serializer.rst
+++ b/docs/serializer.rst
@@ -45,7 +45,7 @@ the salt to be something that is stored alongside the resulting signed
 string as a way to prevent rainbow table lookups. Such salts are usually
 public.
 
-In itsdangerous, like in the original Django implementation, the salt
+In ItsDangerous, like in the original Django implementation, the salt
 serves a different purpose. You could describe it as namespacing. It's
 still not critical if you disclose it because without the secret key it
 does not help an attacker.
diff --git a/docs/url_safe.rst b/docs/url_safe.rst
index f3a00ee..bd5e2dc 100644
--- a/docs/url_safe.rst
+++ b/docs/url_safe.rst
@@ -5,7 +5,7 @@ URL Safe Serialization
 
 Often it is helpful if you can pass these trusted strings in places
 where you only have a limited set of characters available. Because of
-this, itsdangerous also provides URL safe serializers:
+this, ItsDangerous also provides URL safe serializers:
 
 .. code-block:: python
 
diff --git a/setup.cfg b/setup.cfg
index 6614658..5bace0b 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -26,11 +26,17 @@ source =
 # W = pycodestyle warnings
 # B9 = bugbear opinions
 select = B, E, F, W, B9
-# E203 = slice notation whitespace, invalid
-# E501 = line length, handled by bugbear B950
-# W503 = bin op line break, invalid
-ignore = E203, E501, W503
+ignore =
+    # slice notation whitespace, invalid
+    E203
+    # line length, handled by bugbear B950
+    E501
+    # bare except, handled by bugbear B001
+    E722
+    # bin op line break, invalid
+    W503
 # up to 88 allowed by bugbear B950
 max-line-length = 80
-# init is used to export public API, ignore import warnings
-exclude = src/itsdangerous/__init__.py
+per-file-ignores =
+    # __init__ export names
+    src/itsdangerous/__init__.py: F401
diff --git a/src/itsdangerous/exc.py b/src/itsdangerous/exc.py
index 287d691..3c2fbda 100644
--- a/src/itsdangerous/exc.py
+++ b/src/itsdangerous/exc.py
@@ -4,7 +4,7 @@ from ._compat import text_type
 
 class BadData(Exception):
     """Raised if bad data of any sort was encountered. This is the base
-    for all exceptions that itsdangerous defines.
+    for all exceptions that ItsDangerous defines.
 
     .. versionadded:: 0.15
     """
diff --git a/tests/test_itsdangerous/test_jws.py b/tests/test_itsdangerous/test_jws.py
index 8eaa0c5..e57e5cb 100644
--- a/tests/test_itsdangerous/test_jws.py
+++ b/tests/test_itsdangerous/test_jws.py
@@ -2,8 +2,6 @@ from datetime import timedelta
 from functools import partial
 
 import pytest
-from test_itsdangerous.test_serializer import TestSerializer
-from test_itsdangerous.test_timed import TestTimedSerializer
 
 from itsdangerous.exc import BadData
 from itsdangerous.exc import BadHeader
@@ -12,6 +10,8 @@ from itsdangerous.exc import BadSignature
 from itsdangerous.exc import SignatureExpired
 from itsdangerous.jws import JSONWebSignatureSerializer
 from itsdangerous.jws import TimedJSONWebSignatureSerializer
+from test_itsdangerous.test_serializer import TestSerializer
+from test_itsdangerous.test_timed import TestTimedSerializer
 
 
 class TestJWSSerializer(TestSerializer):
diff --git a/tests/test_itsdangerous/test_timed.py b/tests/test_itsdangerous/test_timed.py
index 71ac8d9..136b377 100644
--- a/tests/test_itsdangerous/test_timed.py
+++ b/tests/test_itsdangerous/test_timed.py
@@ -4,14 +4,14 @@ from functools import partial
 
 import pytest
 from freezegun import freeze_time
-from test_itsdangerous.test_serializer import TestSerializer
-from test_itsdangerous.test_signer import TestSigner
 
 from itsdangerous import Signer
 from itsdangerous.exc import BadTimeSignature
 from itsdangerous.exc import SignatureExpired
 from itsdangerous.timed import TimedSerializer
 from itsdangerous.timed import TimestampSigner
+from test_itsdangerous.test_serializer import TestSerializer
+from test_itsdangerous.test_signer import TestSigner
 
 
 class FreezeMixin(object):
diff --git a/tests/test_itsdangerous/test_url_safe.py b/tests/test_itsdangerous/test_url_safe.py
index e1d1dcd..09a7e7c 100644
--- a/tests/test_itsdangerous/test_url_safe.py
+++ b/tests/test_itsdangerous/test_url_safe.py
@@ -1,11 +1,11 @@
 from functools import partial
 
 import pytest
-from test_itsdangerous.test_serializer import TestSerializer
-from test_itsdangerous.test_timed import TestTimedSerializer
 
 from itsdangerous import URLSafeSerializer
 from itsdangerous import URLSafeTimedSerializer
+from test_itsdangerous.test_serializer import TestSerializer
+from test_itsdangerous.test_timed import TestTimedSerializer
 
 
 class TestURLSafeSerializer(TestSerializer):
diff --git a/tox.ini b/tox.ini
index 48f007f..d1f4f66 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,20 +1,19 @@
 [tox]
 envlist =
-    py{37,36,35,34,27,py3,py}
-    stylecheck
-    docs-html
-    coverage-report
+    py{37,36,35,27,py3,py}
+    style
+    docs
+    coverage
 skip_missing_interpreters = true
 
 [testenv]
-setenv =
-    COVERAGE_FILE = .coverage.{envname}
 deps =
-    pytest-cov
+    coverage
+    pytest
     freezegun
-commands = pytest --tb=short --cov --cov-report= {posargs}
+commands = coverage run -p -m pytest -Werror --tb=short --basetemp={envtmpdir} {posargs}
 
-[testenv:stylecheck]
+[testenv:style]
 deps = pre-commit
 skip_install = True
 commands = pre-commit run --all-files --show-diff-on-failure
@@ -23,9 +22,7 @@ commands = pre-commit run --all-files --show-diff-on-failure
 deps = -r docs/requirements.txt
 commands = sphinx-build -W -b html -d {envtmpdir}/doctrees docs {envtmpdir}/html
 
-[testenv:coverage-report]
-setenv =
-    COVERAGE_FILE = .coverage
+[testenv:coverage]
 deps = coverage
 skip_install = true
 commands =
@@ -33,13 +30,9 @@ commands =
     coverage html
     coverage report
 
-[testenv:codecov]
-passenv = CI TRAVIS TRAVIS_*
-setenv =
-    COVERAGE_FILE = .coverage
-deps = codecov
+[testenv:coverage-ci]
+deps = coverage
 skip_install = true
 commands =
     coverage combine
-    codecov
-    coverage report
+    coverage xml