Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-Flask-Security-Too for
openSUSE:Factory checked in at 2022-02-28 19:43:29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-Flask-Security-Too (Old)
and /work/SRC/openSUSE:Factory/.python-Flask-Security-Too.new.1958 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Flask-Security-Too"
Mon Feb 28 19:43:29 2022 rev:7 rq:957960 version:4.1.2
Changes:
--------
---
/work/SRC/openSUSE:Factory/python-Flask-Security-Too/python-Flask-Security-Too.changes
2021-07-08 22:49:35.347927275 +0200
+++
/work/SRC/openSUSE:Factory/.python-Flask-Security-Too.new.1958/python-Flask-Security-Too.changes
2022-02-28 19:43:53.049948385 +0100
@@ -1,0 +2,33 @@
+Mon Feb 28 06:16:49 UTC 2022 - Steve Kowalik <steven.kowa...@suse.com>
+
+- Update to 4.1.2:
+ * default_reauthn_handler doesn't honor SECURITY_URL_PREFIX
+ * Add public API and CLI command to change a user's password.
+ * Add type hints. Please note that many of the packages that flask-security
+ * Add first-class support for using username for signing in.
+ * Possible open redirect vulnerability.
+ * Improve cookie handling and default ``samesite`` to ``Strict``.
+ * Email validation confusion - added documentation.
+ * Add documentation on how to override specific error messages.
+ * Don't install global-scope tests.
+ * Add Blinker as explicit dependency, improve/fix celery usage docs,
+ don't require pyqrcode unless authenticator configured, improve SMS
+ configuration variables documentation.
+ * Your UserModel must contain ``fs_uniquifier``
+ * Removal of python 2.7 and <3.6 support
+ * Remove two-factor `/tf-confirm` endpoint and use generic `freshness`
+ mechanism.
+ * Remove ``SECURITY_BACKWARDS_COMPAT_AUTH_TOKEN_INVALID(ATE)``. In
+ addition to not making sense - the documentation has never been correct.
+ * Add 2FA Validity Window so an application can configure how often the
+ second factor has to be entered.
+ * Add HTML5 Email input types to email fields.
+- Refresh no-mongodb.patch
+- Drop patches:
+ * no-setup-dependencies.patch
+ * fix-dependencies.patch
+ * 0001-Do-not-raise-a-TypeError-exception-if-phone.data-is-.patch
+- Add patch use-pyqrcodeng.patch:
+ * Use pyqrcodeng rather than pyqrcode.
+
+-------------------------------------------------------------------
Old:
----
0001-Do-not-raise-a-TypeError-exception-if-phone.data-is-.patch
Flask-Security-Too-3.4.5.tar.gz
fix-dependencies.patch
no-setup-dependencies.patch
New:
----
Flask-Security-Too-4.1.2.tar.gz
use-pyqrcodeng.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-Flask-Security-Too.spec ++++++
--- /var/tmp/diff_new_pack.CsiKKI/_old 2022-02-28 19:43:54.041948757 +0100
+++ /var/tmp/diff_new_pack.CsiKKI/_new 2022-02-28 19:43:54.061948764 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-Flask-Security-Too
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,19 +19,17 @@
%define skip_python2 1
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
Name: python-Flask-Security-Too
-Version: 3.4.5
+Version: 4.1.2
Release: 0
Summary: Security for Flask apps
License: MIT
URL: https://github.com/jwag956/flask-security
Source:
https://files.pythonhosted.org/packages/source/F/Flask-Security-Too/Flask-Security-Too-%{version}.tar.gz
Patch0: no-mongodb.patch
-Patch1: no-setup-dependencies.patch
-Patch2: fix-dependencies.patch
-Patch3: 0001-Do-not-raise-a-TypeError-exception-if-phone.data-is-.patch
+Patch1: use-pyqrcodeng.patch
BuildRequires: %{python_module Babel >= 1.3}
BuildRequires: %{python_module Flask >= 1.0.2}
-BuildRequires: %{python_module Flask-BabelEx >= 0.9.3}
+BuildRequires: %{python_module Flask-Babel}
BuildRequires: %{python_module Flask-Login >= 0.4.1}
BuildRequires: %{python_module Flask-Mail >= 0.9.1}
BuildRequires: %{python_module Flask-Principal >= 0.4.0}
@@ -42,6 +40,8 @@
BuildRequires: %{python_module Werkzeug >= 0.14.1}
BuildRequires: %{python_module argon2_cffi >= 19.1.0}
BuildRequires: %{python_module bcrypt >= 3.1.4}
+BuildRequires: %{python_module bleach}
+BuildRequires: %{python_module blinker >= 1.4}
BuildRequires: %{python_module cachetools >= 3.1.0}
BuildRequires: %{python_module cryptography >= 2.1.4}
BuildRequires: %{python_module email_validator >= 1.0.5}
@@ -56,13 +56,13 @@
BuildRequires: fdupes
BuildRequires: python-rpm-macros
Requires: python-Flask >= 1.0.2
-Requires: python-Flask-BabelEx >= 0.9.3
+Requires: python-Flask-Babel
Requires: python-Flask-Login >= 0.4.1
-Requires: python-Flask-Mail >= 0.9.1
Requires: python-Flask-Principal >= 0.4.0
Requires: python-Flask-WTF >= 0.14.2
Requires: python-Werkzeug >= 0.14.1
Requires: python-bcrypt >= 3.1.4
+Requires: python-blinker >= 1.4
Requires: python-cryptography >= 2.1.4
Requires: python-email_validator >= 1.0.5
Requires: python-itsdangerous >= 1.1.0
@@ -84,9 +84,7 @@
based on the 3.0.0 version of the original.
%prep
-%setup -q -n Flask-Security-Too-%{version}
-%autopatch -p1
-rm pytest.ini
+%autosetup -p1 -n Flask-Security-Too-%{version}
%if 0%{?suse_version} <= 1500
# test_trackable.py needs werkzeug.middleware.proxy_fix which is only available
@@ -102,7 +100,7 @@
%python_expand %fdupes %{buildroot}%{$python_sitelib}
%check
-%pytest
+%pytest -k 'not test_wtform_xlation'
%files %{python_files}
%doc AUTHORS CHANGES.rst README.rst
++++++ Flask-Security-Too-3.4.5.tar.gz -> Flask-Security-Too-4.1.2.tar.gz ++++++
++++ 35048 lines of diff (skipped)
++++++ no-mongodb.patch ++++++
--- /var/tmp/diff_new_pack.CsiKKI/_old 2022-02-28 19:43:54.289948850 +0100
+++ /var/tmp/diff_new_pack.CsiKKI/_new 2022-02-28 19:43:54.301948854 +0100
@@ -1,8 +1,8 @@
-Index: Flask-Security-Too-3.4.5/tests/conftest.py
+Index: Flask-Security-Too-4.1.2/tests/conftest.py
===================================================================
---- Flask-Security-Too-3.4.5.orig/tests/conftest.py
-+++ Flask-Security-Too-3.4.5/tests/conftest.py
-@@ -607,7 +607,7 @@ def client_nc(request, sqlalchemy_app):
+--- Flask-Security-Too-4.1.2.orig/tests/conftest.py
++++ Flask-Security-Too-4.1.2/tests/conftest.py
+@@ -683,7 +683,7 @@ def client_nc(request, sqlalchemy_app):
return app.test_client(use_cookies=False)
@@ -11,7 +11,7 @@
def clients(request, app, tmpdir, realdburl):
if request.param == "cl-sqlalchemy":
ds = sqlalchemy_setup(request, app, tmpdir, realdburl)
-@@ -645,7 +645,7 @@ def get_message(app):
+@@ -729,7 +729,7 @@ def get_message_local(app):
@pytest.fixture(
++++++ use-pyqrcodeng.patch ++++++
Index: Flask-Security-Too-4.1.2/flask_security/core.py
===================================================================
--- Flask-Security-Too-4.1.2.orig/flask_security/core.py
+++ Flask-Security-Too-4.1.2/flask_security/core.py
@@ -1411,7 +1411,7 @@ class Security:
and "authenticator" in cv("TWO_FACTOR_ENABLED_METHODS",
app=app)
)
if need_qrcode:
- self._check_modules("pyqrcode", "TWO_FACTOR or UNIFIED_SIGNIN")
+ self._check_modules("pyqrcodeng", "TWO_FACTOR or
UNIFIED_SIGNIN")
need_sms = (
cv("UNIFIED_SIGNIN", app=app)
Index: Flask-Security-Too-4.1.2/flask_security/totp.py
===================================================================
--- Flask-Security-Too-4.1.2.orig/flask_security/totp.py
+++ Flask-Security-Too-4.1.2/flask_security/totp.py
@@ -139,9 +139,9 @@ class Totp:
.. versionadded:: 4.0.0
"""
try:
- import pyqrcode
+ import pyqrcodeng
- code = pyqrcode.create(self.get_totp_uri(username, totp))
+ code = pyqrcodeng.create(self.get_totp_uri(username, totp))
with io.BytesIO() as virtual_file:
code.svg(file=virtual_file, scale=3)
image_as_str =
base64.b64encode(virtual_file.getvalue()).decode("ascii")
