ANN: A new version (0.2.4) of the Python module which wraps GnuPG has been released.
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is a minor enhancement release. See the project website (
http://code.google.com/p/python-gnupg/ ) for more information.
The current version passes all tests on Windows (Python 2.4, 2.5, 2.6,
3.1, Jython 2.5.1) and Ubuntu (Python 2.4, 2.5, 2.6, 3.0, Jython
2.5.1).
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
Version 0.3.8 of the Python config module has been released.
Version 0.3.8 of the Python config module has been released.
What Does It Do?
The config module allows you to implement a hierarchical configuration
scheme with support for mappings and sequences, cross-references
between one part of the configuration and another, the ability to
flexibly access real Python objects, facilities for configurations to
include and cross-reference one another, simple expression evaluation
and the ability to change, save, cascade and merge configurations. You
can easily integrate with command line options using optparse.
This module has been developed on python 2.3 but should work on
version 2.2 or greater. A test suite using unittest is included in the
distribution.
A very simple configuration file (simple.cfg):
# starts here
message: Hello, world!
#ends here
a very simple program to use it:
from config import Config
cfg = Config(file('simple.cfg'))
print cfg.message
results in:
Hello, world!
Configuration files are key-value pairs, but the values can be
containers that contain further values.
A simple example - with the example configuration file:
messages:
[
{
stream : `sys.stderr`
message: 'Welcome'
name: 'Harry'
}
{
stream : `sys.stdout`
message: 'Welkom'
name: 'Ruud'
}
{
stream : $messages[0].stream
message: 'Bienvenue'
name: Yves
}
]
a program to read the configuration would be:
from config import Config
f = file('simple.cfg')
cfg = Config(f)
for m in cfg.messages:
s = '%s, %s' % (m.message, m.name)
try:
print >> m.stream, s
except IOError, e:
print e
which, when run, would yield the console output:
Welcome, Harry
Welkom, Ruud
Bienvenue, Yves
The above example just scratches the surface. There's more information
about this module available at
http://www.red-dove.com/config-doc/
Comprehensive API documentation is available at
http://www.red-dove.com/config/index.html
As always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
Changes since the last release posted on comp.lang.python[.announce]:
=
Fixed parsing bug which caused failure for negative numbers in
sequences.
Improved resolution logic.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
Version 0.3.9 of the Python config module has been released.
Version 0.3.9 of the Python config module has been released.
What Does It Do?
The config module allows you to implement a hierarchical configuration
scheme with support for mappings and sequences, cross-references
between one part of the configuration and another, the ability to
flexibly access real Python objects, facilities for configurations to
include and cross-reference one another, simple expression evaluation
and the ability to change, save, cascade and merge configurations. You
can easily integrate with command line options using optparse.
This module has been developed on python 2.3 but should work on
version 2.2 or greater. A test suite using unittest is included in the
distribution.
A very simple configuration file (simple.cfg):
# starts here
message: Hello, world!
#ends here
a very simple program to use it:
from config import Config
cfg = Config(file('simple.cfg'))
print cfg.message
results in:
Hello, world!
Configuration files are key-value pairs, but the values can be
containers that contain further values.
A simple example - with the example configuration file:
messages:
[
{
stream : `sys.stderr`
message: 'Welcome'
name: 'Harry'
}
{
stream : `sys.stdout`
message: 'Welkom'
name: 'Ruud'
}
{
stream : $messages[0].stream
message: 'Bienvenue'
name: Yves
}
]
a program to read the configuration would be:
from config import Config
f = file('simple.cfg')
cfg = Config(f)
for m in cfg.messages:
s = '%s, %s' % (m.message, m.name)
try:
print >> m.stream, s
except IOError, e:
print e
which, when run, would yield the console output:
Welcome, Harry
Welkom, Ruud
Bienvenue, Yves
The above example just scratches the surface. There's more information
about this module available at
http://www.red-dove.com/config-doc/
Comprehensive API documentation is available at
http://www.red-dove.com/config/index.html
As always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
Changes since the last release posted on comp.lang.python[.announce]:
=
Fix bug in parsing numbers with exponents (reported
by Philip Søeberg).
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: A new version (0.2.5) of the Python module which wraps GnuPG has been released.
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is a minor enhancement and bug-fix release. See the project
website ( http://code.google.com/p/python-gnupg/ ) for more
information. Summary:
Detached signatures can now be created and verified.
There's slightly better support for RSA and IDEA.
Some bugs whih surfaced when encrypting non-ASCII data have been
fixed.
The current version passes all tests on Windows (Python 2.4, 2.5, 2.6,
3.1, Jython 2.5.1) and Ubuntu (Python 2.4, 2.5, 2.6, 2.7, 3.0, 3.1,
3.2, Jython 2.5.1).
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: A new version (0.2.7) of the Python module which wraps GnuPG has been released.
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is a minor enhancement and bug-fix release. See the project
website ( http://code.google.com/p/python-gnupg/ ) for more
information. Summary:
Better support for status messages from GnuPG.
The ability to use symmetric encryption.
The ability to receive keys from keyservers.
The ability to use specific keyring files instead of the default
keyring files.
Internally, the code to handle Unicode and bytes has been tidied up.
The current version passes all tests on Windows (CPython 2.4, 2.5,
2.6, 3.1, 2.7 and Jython 2.5.1) and Ubuntu (CPython 2.4, 2.5, 2.6,
2.7, 3.0, 3.1, 3.2). On Windows, GnuPG 1.4.11 has been used for the
tests.
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: A new version (0.2.8) of the Python module which wraps GnuPG has been released.
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is a minor enhancement and bug-fix release. See the project
website ( http://code.google.com/p/python-gnupg/ ) for more
information. Summary:
Better support for status messages from GnuPG.
The fixing of some Unicode encoding problems.
Quoted some command-line arguments to gpg for increased safety.
The current version passes all tests on Windows (CPython 2.4, 2.5,
2.6, 3.1, 2.7 and Jython 2.5.1) and Ubuntu (CPython 2.4, 2.5, 2.6,
2.7, 3.0, 3.1, 3.2). On Windows, GnuPG 1.4.11 has been used for the
tests.
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: Sarge, a library wrapping the subprocess module, has been released.
Sarge, a cross-platform library which wraps the subprocess module in
the standard library, has been released.
What does it do?
Sarge tries to make interfacing with external programs from your
Python applications easier than just using subprocess alone.
Sarge offers the following features:
* A simple way to run command lines which allows a rich subset of Bash-
style shell command syntax, but parsed and run by sarge so that you
can run on Windows without cygwin (subject to having those commands
available):
>>> from sarge import capture_stdout
>>> p = capture_stdout('echo foo | cat; echo bar')
>>> for line in p.stdout: print(repr(line))
...
'foo\n'
'bar\n'
* The ability to format shell commands with placeholders, such that
variables are quoted to prevent shell injection attacks.
* The ability to capture output streams without requiring you to
program your own threads. You just use a Capture object and then you
can read from it as and when you want.
Advantages over subprocess
---
Sarge offers the following benefits compared to using subprocess:
* The API is very simple.
* It's easier to use command pipelines - using subprocess out of the
box often leads to deadlocks because pipe buffers get filled up.
* It would be nice to use Bash-style pipe syntax on Windows, but
Windows shells don't support some of the syntax which is useful, like
&&, ||, |& and so on. Sarge gives you that functionality on Windows,
without cygwin.
* Sometimes, subprocess.Popen.communicate() is not flexible enough for
one's needs - for example, when one needs to process output a line at
a time without buffering the entire output in memory.
* It's desirable to avoid shell injection problems by having the
ability to quote command arguments safely.
* subprocess allows you to let stderr be the same as stdout, but not
the other way around - and sometimes, you need to do that.
Python version and platform compatibility
-
Sarge is intended to be used on any Python version >= 2.6 and is
tested on Python versions 2.6, 2.7, 3.1, 3.2 and 3.3 on Linux,
Windows, and Mac OS X (not all versions are tested on all platforms,
but sarge is expected to work correctly on all these versions on all
these platforms).
Finding out more
You can read the documentation at
http://sarge.readthedocs.org/
There's a lot more information, with examples, than I can put into
this post.
You can install Sarge using "pip install sarge" to try it out. The
project is hosted on BitBucket at
https://bitbucket.org/vinay.sajip/sarge/
And you can leave feedback on the issue tracker there.
I hope you find Sarge useful!
Regards,
Vinay Sajip
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: A new version (0.2.9) of the Python module which wraps GnuPG has been released.
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is a minor bug-fix release. See the project website (
http://code.google.com/p/python-gnupg/ ) for more information.
Summary:
Better support for status messages from GnuPG.
A random data file used in testing is no longer shipped with the
source distribution, but created by the test suite if needed.
The current version passes all tests on Windows (CPython 2.4, 2.5,
2.6, 3.1, 2.7 and Jython 2.5.1) and Ubuntu (CPython 2.4, 2.5, 2.6,
2.7, 3.0, 3.1, 3.2). On Windows, GnuPG 1.4.11 has been used for the
tests.
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: A new version (0.3.1) of the Python module which wraps GnuPG has been released.
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is a minor enhancement and bug-fix release. See the project
website ( http://code.google.com/p/python-gnupg/ ) for more
information. Summary:
Better support for status messages from GnuPG.
Support for additional arguments to be passed to GnuPG.
Bugs in tests which used Latin-1 encoded data have been fixed by
specifying that encoding.
On verification (including after decryption), the signer trust level
is returned in integer and text formats.
The current version passes all tests on Windows (CPython 2.4, 2.5,
2.6, 2.7, 3.1 and Jython 2.5.1), Mac OS X (Python 2.5) and Ubuntu
(CPython 2.4, 2.5, 2.6, 2.7, 3.0, 3.1, 3.2). On Windows, GnuPG 1.4.11
has been used for the tests.
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: A new version (0.3.2) of the Python module which wraps GnuPG has been released.
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is a minor enhancement and bug-fix release. See the project
website ( http://code.google.com/p/python-gnupg/ ) for more
information. Summary:
Improved support for status messages from GnuPG.
Fixed key generation to skip empty values.
Fixed list_keys to handle escaped characters.
Removed doctests which required interactive entry of passwords.
The current version passes all tests on Windows (CPython 2.4, 2.5,
2.6, 3.1, 2.7 and Jython 2.5.1) and Ubuntu (CPython 2.4, 2.5, 2.6,
2.7, 3.0, 3.1, 3.2). On Windows, GnuPG 1.4.11 has been used for the
tests. Tests also pass under CPython 2.5 and CPython 2.6 on OS X.
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: Version 0.1.1 of sarge (a subprocess wrapper library) has been released.
Version 0.1.1 of Sarge, a cross-platform library which wraps the subprocess
module in the standard library, has been released.
What changed?
-
- Added the ability to scan for specific patterns in subprocess output streams.
- Added convenience methods to operate on wrapped subprocesses.
- Exceptions which occur while spawning subprocesses are now propagated.
- Fixed issues #2, #3, and #4.
- Improved shell_shlex resilience with Unicode on 2.x.
- Added get_stdout, get_stderr and get_both for when subprocess output is not
expected to be voluminous.
- Added an internal lock to serialise access to shared data.
- Added tests to cover added functionality and reported issues.
- Added numerous documentation updates.
What does Sarge do?
---
Sarge tries to make interfacing with external programs from your
Python applications easier than just using subprocess alone.
Sarge offers the following features:
* A simple way to run command lines which allows a rich subset of Bash-
style shell command syntax, but parsed and run by sarge so that you
can run on Windows without cygwin (subject to having those commands
available):
>>> from sarge import capture_stdout
>>> p = capture_stdout('echo foo | cat; echo bar')
>>> for line in p.stdout: print(repr(line))
...
'foo\n'
'bar\n'
* The ability to format shell commands with placeholders, such that
variables are quoted to prevent shell injection attacks.
* The ability to capture output streams without requiring you to
program your own threads. You just use a Capture object and then you
can read from it as and when you want.
Advantages over subprocess
---
Sarge offers the following benefits compared to using subprocess:
* The API is very simple.
* It's easier to use command pipelines - using subprocess out of the
box often leads to deadlocks because pipe buffers get filled up.
* It would be nice to use Bash-style pipe syntax on Windows, but
Windows shells don't support some of the syntax which is useful, like
&&, ||, |& and so on. Sarge gives you that functionality on Windows,
without cygwin.
* Sometimes, subprocess.Popen.communicate() is not flexible enough for
one's needs - for example, when one needs to process output a line at
a time without buffering the entire output in memory.
* It's desirable to avoid shell injection problems by having the
ability to quote command arguments safely.
* subprocess allows you to let stderr be the same as stdout, but not
the other way around - and sometimes, you need to do that.
Python version and platform compatibility
-
Sarge is intended to be used on any Python version >= 2.6 and is
tested on Python versions 2.6, 2.7, 3.1, 3.2 and 3.3 on Linux,
Windows, and Mac OS X (not all versions are tested on all platforms,
but sarge is expected to work correctly on all these versions on all
these platforms).
Finding out more
You can read the documentation at
http://sarge.readthedocs.org/
There's a lot more information, with examples, than I can put into
this post.
You can install Sarge using "pip install sarge" to try it out. The
project is hosted on BitBucket at
https://bitbucket.org/vinay.sajip/sarge/
And you can leave feedback on the issue tracker there.
I hope you find Sarge useful!
Regards,
Vinay Sajip
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: A new version (0.3.4) of the Python module which wraps GnuPG has been released.
A new version of the Python module which wraps GnuPG has been released.
What Changed?
=
This is a minor enhancement and bug-fix release. See the project website (
http://code.google.com/p/python-gnupg/ ) for more information. Summary:
An encoding bug which caused an exception when getting the GPG version has been
fixed.
Recipients can be passed in a set or frozenset as well as in a list or tuple.
The keyring argument now accepts a list of public keyring filenames as well as
a single filename.
A secret_keyring argument has been added which accepts either a single filename
or a list of filenames for secret keyrings.
The current version passes all tests on Windows (CPython 2.4, 2.5, 2.6, 2.7,
3.1 and Jython 2.5.1), Mac OS X (Python 2.5) and Ubuntu (CPython 2.4, 2.5, 2.6,
2.7, 3.0, 3.1, 3.2). On Windows, GnuPG 1.4.11 has been used for the tests.
What Does It Do?
The gnupg module allows Python programs to make use of the functionality
provided by the Gnu Privacy Guard (abbreviated GPG or GnuPG). Using this
module, Python programs can encrypt and decrypt data, digitally sign documents
and verify digital signatures, manage (generate, list and delete) encryption
keys, using proven Public Key Infrastructure (PKI) encryption technology based
on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it makes use
of the subprocess module which appeared in that version of Python. This module
is a newer version derived from earlier work by Andrew Kuchling, Richard Jones
and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9
(GNU/Linux)\n\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ - as always,
your feedback is most welcome (especially bug reports, patches and suggestions
for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
A new version (0.3.5) of python-gnupg has been released.
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is a minor enhancement and bug-fix release. See the project
website ( http://code.google.com/p/python-gnupg/ ) for more
information. Summary:
Added improved shell quoting to guard against shell injection attacks.
Added search_keys() and send_keys() methods to interact with keyservers.
A symmetric cipher algorithm can now be specified when encrypting.
UTF-8 encoding is used as a fall back when no other encoding can be determined.
The key length now defaults to 2048 bits.
A default Name-Comment field is no longer provided during key generation.
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: Version 0.1.2 of sarge (a subprocess wrapper library) has been released.
Version 0.1.2 of Sarge, a cross-platform library which wraps the subprocess
module in the standard library, has been released.
What changed?
-
- Fixed issue #12: Prevented a hang which occurred when a redirection failed.
- Fixed issue #11: Added "+" to the characters allowed in parameters.
- Fixed issue #10: Removed a spurious debugger breakpoint.
- Fixed issue #9: Relative pathnames in redirections are now relative to the
current working directory for the redirected process.
- Added the ability to pass objects with "fileno()" methods as values
to the "input" argument of "run()", and a "Feeder" class which
facilitates passing data to child processes dynamically over time (rather
than just an initial string, byte-string or file).
- Added functionality under Windows to use PATH, PATHEXT and the
registry to find appropriate commands. This can e.g. convert a
command 'foo bar', if 'foo.py' is a Python script in the
c:\Tools directory which is on the path, to the equivalent
'c:\Python26\Python.exe c:\Tools\foo.py bar'. This is done internally
when a command is parsed, before it is passed to subprocess.
- Fixed issue #7: Corrected handling of whitespace and redirections.
- Fixed issue #8: Added a missing import.
- Added Travis integration.
- Added encoding parameter to the "Capture" initializer.
- Fixed issue #6: addressed bugs in Capture logic so that iterating over
captures is closer to subprocess behaviour.
- Tests added to cover added functionality and reported issues.
- Numerous documentation updates.
What does Sarge do?
---
Sarge tries to make interfacing with external programs from your
Python applications easier than just using subprocess alone.
Sarge offers the following features:
* A simple way to run command lines which allows a rich subset of Bash-
style shell command syntax, but parsed and run by sarge so that you
can run on Windows without cygwin (subject to having those commands
available):
>>> from sarge import capture_stdout
>>> p = capture_stdout('echo foo | cat; echo bar')
>>> for line in p.stdout: print(repr(line))
...
'foo\n'
'bar\n'
* The ability to format shell commands with placeholders, such that
variables are quoted to prevent shell injection attacks.
* The ability to capture output streams without requiring you to
program your own threads. You just use a Capture object and then you
can read from it as and when you want.
* The ability to look for patterns in captured output and to interact
accordingly with the child process.
Advantages over subprocess
---
Sarge offers the following benefits compared to using subprocess:
* The API is very simple.
* It's easier to use command pipelines - using subprocess out of the
box often leads to deadlocks because pipe buffers get filled up.
* It would be nice to use Bash-style pipe syntax on Windows, but
Windows shells don't support some of the syntax which is useful, like
&&, ||, |& and so on. Sarge gives you that functionality on Windows,
without cygwin.
* Sometimes, subprocess.Popen.communicate() is not flexible enough for
one's needs - for example, when one needs to process output a line at
a time without buffering the entire output in memory.
* It's desirable to avoid shell injection problems by having the
ability to quote command arguments safely.
* subprocess allows you to let stderr be the same as stdout, but not
the other way around - and sometimes, you need to do that.
Python version and platform compatibility
-
Sarge is intended to be used on any Python version >= 2.6 and is
tested on Python versions 2.6, 2.7, 3.1, 3.2 and 3.3 on Linux,
Windows, and Mac OS X (not all versions are tested on all platforms,
but sarge is expected to work correctly on all these versions on all
these platforms).
Finding out more
You can read the documentation at
http://sarge.readthedocs.org/
There's a lot more information, with examples, than I can put into
this post.
You can install Sarge using "pip install sarge" to try it out. The
project is hosted on BitBucket at
https://bitbucket.org/vinay.sajip/sarge/
And you can leave feedback on the issue tracker there.
I hope you find Sarge useful!
Regards,
Vinay Sajip
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: A new version (0.3.6) of python-gnupg has been released.
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is an enhancement and bug-fix release, but the bug-fixes
include some security improvements, so all users are encouraged
to upgrade. See the project website ( http://code.google.com/p/python-gnupg/ )
for more information. Summary:
Enabled fast random tests on gpg as well as gpg2.
Avoided deleting temporary file to preserve its permissions.
Avoided writing passphrase to log.
Added export-minimal and armor options when exporting keys.
Added verify_data() method to allow verification of signatures in memory.
Regularised end-of-line characters in ths source code.
Rectified problems with earlier fix for shell injection.
The current version passes all tests on Windows (CPython 2.4, 2.5,
2.6, 3.1, 2.7 and Jython 2.5.1) and Ubuntu (CPython 2.4, 2.5, 2.6,
2.7, 3.0, 3.1, 3.2). On Windows, GnuPG 1.4.11 has been used for the
tests.
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
[ANN]: distlib 0.1.8 released on PyPI
I've released version 0.1.8 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: * Fixed issue #45: Improved thread-safety in SimpleScrapingLocator. * Fixed issue #42: Handling of pre-release legacy version numbers now mirrors setuptools logic. * Added exists, verify, update, is_compatible and is_mountable methods to the Wheel class (the update method fixed issue #41). * Added a search method to the PackageIndex class. * Fixed a bug in the Metadata.add_requirements method. * Allowed versions with a single numeric component and a local version component (tracking changes to PEP 440).* Corrected spelling of environment variable used for the stub launcher on OS X. * Avoided using pydist.json in 1.0 wheels (bdist_wheel writes a non- conforming pydist.json). * Improved computation of ABI tags on Python versions where SOABI is not available, and improved computation of compatibility tags on OS X to allow for multiple architectures and older OS X versions. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.python.org/pypi/distlib/0.1.8 [2] http://pythonhosted.org/distlib/overview.html#change-log-for-distlib [3] https://bitbucket.org/pypa/distlib/issues/new -- https://mail.python.org/mailman/listinfo/python-announce-list Support the Python Software Foundation: http://www.python.org/psf/donations/
[ANN]: distlib 0.1.9 released on PyPI
I've just released version 0.1.9 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: Fixed issue #47: Updated binary launchers to fix double-quoting bug where script executable paths have spaces. Added ``keystore`` keyword argument to signing and verification APIs. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.python.org/pypi/distlib/0.1.9 [2] http://pythonhosted.org/distlib/overview.html#change-log-for-distlib [3] https://bitbucket.org/pypa/distlib/issues/new -- https://mail.python.org/mailman/listinfo/python-announce-list Support the Python Software Foundation: http://www.python.org/psf/donations/
ANN: A new version (0.3.7) of python-gnupg has been released.
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is an enhancement and bug-fix release, but the bug-fixes
include some security improvements, so all users are encouraged
to upgrade. See the project website [1] for more information.
Brief summary:
* Added an 'output' keyword parameter to the 'sign' and
'sign_file' methods, to allow writing the signature to a file.
* Allowed specifying 'True' for the 'sign' keyword parameter,
which allows use of the default key for signing and avoids
having to specify a key id when it's desired to use the default.
* Used a uniform approach with subprocess on Windows and POSIX:
shell=True is not used on either.
* When signing/verifying, the status is updated to reflect any
expired or revoked keys or signatures.
* Handled 'NOTATION_NAME' and 'NOTATION_DATA' during verification.
* Fixed #1, #16, #18, #20: Quoting approach changed, since now
shell=False.
* Fixed #14: Handled 'NEED_PASSPHRASE_PIN' message.
* Fixed #8: Added a scan_keys method to allow scanning of keys
without the need to import into a keyring.
* Fixed #5: Added '0x' prefix when searching for keys.
* Fixed #4: Handled 'PROGRESS' message during encryption.
* Fixed #3: Changed default encoding to Latin-1.
* Fixed #2: Raised ValueError if no recipients were specified
for an asymmetric encryption request.
* Handled 'UNEXPECTED' message during verification.
* Replaced old range(len(X)) idiom with enumerate().
* Refactored ``ListKeys`` / ``SearchKeys`` classes to maximise
use of common functions.
* Fixed GC94: Added ``export-minimal`` and ``armor`` options
when exporting keys. This addition was inadvertently left out
of 0.3.6.
This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY)
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via the
mailing list/discussion group [4]).
Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
[1] https://bitbucket.org/vinay.sajip/python-gnupg
[2] https://pypi.python.org/pypi/python-gnupg/0.3.7
[3] https://bitbucket.org/vinay.sajip/python-gnupg/issues
[4] https://groups.google.com/forum/#!forum/python-gnupg
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
[ANN]: distlib 0.2.0 released on PyPI
I've just released version 0.2.0 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: Updated match_hostname to use the latest Python implementation. Updates to better support PEP 426 / PEP 440. You can now provide interpreter arguments in shebang lines written by distlib. Removed reference to __PYVENV_LAUNCHER__ (relevant to OS X only). A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.python.org/pypi/distlib/0.2.0 [2] http://pythonhosted.org/distlib/overview.html#change-log-for-distlib [3] https://bitbucket.org/pypa/distlib/issues/new -- https://mail.python.org/mailman/listinfo/python-announce-list Support the Python Software Foundation: http://www.python.org/psf/donations/
ANN: Version 0.1.4 of sarge (a subprocess wrapper library) has been released.
Version 0.1.4 of Sarge, a cross-platform library which wraps the subprocess
module in the standard library, has been released.
What changed?
-
- Fixed issue #20: Now runs a pipeline in a separate thread if async.
- Fixed issue #21: The command line isn't parsed if shell=True is specified.
- Added Coveralls to Travis configuration.
- Tests added to cover added functionality and reported issues.
- Numerous documentation updates.
What does Sarge do?
---
Sarge tries to make interfacing with external programs from your
Python applications easier than just using subprocess alone.
Sarge offers the following features:
* A simple way to run command lines which allows a rich subset of Bash-
style shell command syntax, but parsed and run by sarge so that you
can run on Windows without cygwin (subject to having those commands
available):
>>> from sarge import capture_stdout
>>> p = capture_stdout('echo foo | cat; echo bar')
>>> for line in p.stdout: print(repr(line))
...
'foo\n'
'bar\n'
* The ability to format shell commands with placeholders, such that
variables are quoted to prevent shell injection attacks.
* The ability to capture output streams without requiring you to
program your own threads. You just use a Capture object and then you
can read from it as and when you want.
* The ability to look for patterns in captured output and to interact
accordingly with the child process.
Advantages over subprocess
---
Sarge offers the following benefits compared to using subprocess:
* The API is very simple.
* It's easier to use command pipelines - using subprocess out of the
box often leads to deadlocks because pipe buffers get filled up.
* It would be nice to use Bash-style pipe syntax on Windows, but
Windows shells don't support some of the syntax which is useful, like
&&, ||, |& and so on. Sarge gives you that functionality on Windows,
without cygwin.
* Sometimes, subprocess.Popen.communicate() is not flexible enough for
one's needs - for example, when one needs to process output a line at
a time without buffering the entire output in memory.
* It's desirable to avoid shell injection problems by having the
ability to quote command arguments safely.
* subprocess allows you to let stderr be the same as stdout, but not
the other way around - and sometimes, you need to do that.
Python version and platform compatibility
-
Sarge is intended to be used on any Python version >= 2.6 and is
tested on Python versions 2.6, 2.7, 3.1, 3.2, 3.3 and 3.4 on Linux,
Windows, and Mac OS X (not all versions are tested on all platforms,
but sarge is expected to work correctly on all these versions on all
these platforms).
Finding out more
You can read the documentation at
http://sarge.readthedocs.org/
There's a lot more information, with examples, than I can put into
this post.
You can install Sarge using "pip install sarge" to try it out. The
project is hosted on BitBucket at
https://bitbucket.org/vinay.sajip/sarge/
And you can leave feedback on the issue tracker there.
I hope you find Sarge useful!
Regards,
Vinay Sajip
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: distlib 0.2.1 released on PyPI
I've just released version 0.2.1 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: Fixed issue #58: Return a Distribution instance or None from locate(). Fixed issue #59: Skipped special keys when looking for versions. Improved behaviour of PyPIJSONLocator to be analogous to that of other locators. Added resource iterator functionality. Fixed issue #71: Updated launchers to decode shebangs using UTF-8. This allows non-ASCII pathnames to be correctly handled. Ensured that the executable written to shebangs is normcased. Changed ScriptMaker to work better under Jython. Changed the mode setting method to work better under Jython. Changed get_executable() to return a normcased value. Handled multiple-architecture wheel filenames correctly. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.python.org/pypi/distlib/0.2.1 [2] https://goo.gl/K5Spsp [3] https://bitbucket.org/pypa/distlib/issues/new -- https://mail.python.org/mailman/listinfo/python-announce-list Support the Python Software Foundation: http://www.python.org/psf/donations/
ANN: A new version (0.3.8) of python-gnupg has been released.
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is an enhancement and bug-fix release, and all users are encouraged to
upgrade.
See the project website [1] for more information.
Brief summary:
* Fixed #22: handled PROGRESS messages during verification and signing.
* Fixed #26: handled PINENTRY_LAUNCHED messages during verification,
decryption and key generation.
* Fixed #28: Allowed a default Name-Email to be computed even when neither of
LOGNAME and USERNAME are in the environment.
* Fixed #29: Included test files missing from the tarball in previous versions.
* Fixed #39: On Python 3.x, passing a text instead of a binary stream caused
file decryption to hang due to a UnicodeDecodeError. This has now been
correctly handled: The decryption fails with a "no data" status.
* Fixed #41: Handled Unicode filenames correctly by encoding them on 2.x using
the file system encoding.
* Fixed #43: handled PINENTRY_LAUNCHED messages during key export. Thanks to
Ian Denhardt for looking into this.
* Hide the console window which appears on Windows when gpg is spawned.
Thanks to Kévin Bernard-Allies for the patch.
* Subkey fingerprints are now captured.
* The returned value from the list_keys method now has a new attribute,
key_map, which is a dictionary mapping key and subkey fingerprints to
the corresponding key's dictionary. With this change, you don't need to
iterate over the (potentially large) returned list to search for a key with
a given fingerprint - the key_map dict will take you straight to the key
info, whether the fingerprint you have is for a key or a subkey. Thanks to
Nick Daly for the initial suggestion.
This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY)
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86
However, due to some error the signature for the source distribution (.tar.gz)
didn't get uploaded. To rectify this, I have pasted it into the PyPI page for
the release [2].
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
.
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via the
mailing list/discussion group [4]).
Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
[1] https://bitbucket.org/vinay.sajip/python-gnupg
[2] https://pypi.python.org/pypi/python-gnupg/0.3.8
[3] https://bitbucket.org/vinay.sajip/python-gnupg/issues
[4] https://groups.google.com/forum/#!forum/python-gnupg
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: distlib 0.2.2 released on PyPI
I've just released version 0.2.2 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: * Fixed issue #81: Added support for detecting distributions installed by wheel versions >= 0.23 (which use metadata.json rather than pydist.json). * Updated default PyPI URL to https://pypi.python.org/pypi * Updated to use different formatting for description field for V1.1 metadata. * Corrected “classifier” to “classifiers” in the mapping for V1.0 metadata. * Improved support for Jython when quoting executables in output scripts. * Fixed issue #77: Made the internal URL used for extended metadata fetches configurable via a module attribute. * Fixed issue #78: Improved entry point parsing to handle leading spaces in ini-format files. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.python.org/pypi/distlib/0.2.2 [2] https://goo.gl/M3kQzR [3] https://bitbucket.org/pypa/distlib/issues/new -- https://mail.python.org/mailman/listinfo/python-announce-list Support the Python Software Foundation: http://www.python.org/psf/donations/
Config module v0.3.6 released.
A new version of the Python config module has been released.
What Does It Do?
The config module allows you to implement a hierarchical configuration
scheme with support for mappings and sequences, cross-references
between one part of the configuration and another, the ability to
flexibly access real Python objects, facilities for configurations to
include and cross-reference one another, simple expression evaluation
and the ability to change, save, cascade and merge configurations. You
can easily integrate with command line options using optparse.
This module has been developed on python 2.3 but should work on
version 2.2 or greater. A test suite using unittest is included in the
distribution.
A very simple configuration file (simple.cfg):
# starts here
message: Hello, world!
#ends here
a very simple program to use it:
from config import Config
cfg = Config(file('simple.cfg'))
print cfg.message
results in:
Hello, world!
Configuration files are key-value pairs, but the values can be
containers that contain further values.
A simple example - with the example configuration file:
messages:
[
{
stream : `sys.stderr`
message: 'Welcome'
name: 'Harry'
}
{
stream : `sys.stdout`
message: 'Welkom'
name: 'Ruud'
}
{
stream : $messages[0].stream
message: 'Bienvenue'
name: Yves
}
]
a program to read the configuration would be:
from config import Config
f = file('simple.cfg')
cfg = Config(f)
for m in cfg.messages:
s = '%s, %s' % (m.message, m.name)
try:
print >> m.stream, s
except IOError, e:
print e
which, when run, would yield the console output:
Welcome, Harry
Welkom, Ruud
Bienvenue, Yves
The above example just scratches the surface. There's more information
about this module available at
http://www.red-dove.com/python_config.html
Comprehensive API documentation is available at
http://www.red-dove.com/config/index.html
As always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
Changes since the last release posted on comp.lang.python:
==
Made classes derive from object (previously they were old-style
classes).
Changed ConfigMerger to use a more flexible merge strategy.
Multiline strings (using """ or ''') are now supported.
A typo involving raising a ConfigError was fixed.
Added ConfigOutputStream to provide better Unicode output support.
Altered save code to put platform-dependent newlines for Unicode.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations.html
Version 0.3.7 of the config module has been released
Version 0.3.7 of the Python config module has been released.
What Does It Do?
The config module allows you to implement a hierarchical configuration
scheme with support for mappings and sequences, cross-references
between one part of the configuration and another, the ability to
flexibly access real Python objects, facilities for configurations to
include and cross-reference one another, simple expression evaluation
and the ability to change, save, cascade and merge configurations. You
can easily integrate with command line options using optparse.
This module has been developed on python 2.3 but should work on
version 2.2 or greater. A test suite using unittest is included in the
distribution.
A very simple configuration file (simple.cfg):
# starts here
message: Hello, world!
#ends here
a very simple program to use it:
from config import Config
cfg = Config(file('simple.cfg'))
print cfg.message
results in:
Hello, world!
Configuration files are key-value pairs, but the values can be
containers that contain further values.
A simple example - with the example configuration file:
messages:
[
{
stream : `sys.stderr`
message: 'Welcome'
name: 'Harry'
}
{
stream : `sys.stdout`
message: 'Welkom'
name: 'Ruud'
}
{
stream : $messages[0].stream
message: 'Bienvenue'
name: Yves
}
]
a program to read the configuration would be:
from config import Config
f = file('simple.cfg')
cfg = Config(f)
for m in cfg.messages:
s = '%s, %s' % (m.message, m.name)
try:
print >> m.stream, s
except IOError, e:
print e
which, when run, would yield the console output:
Welcome, Harry
Welkom, Ruud
Bienvenue, Yves
The above example just scratches the surface. There's more information
about this module available at
http://www.red-dove.com/python_config.html
Comprehensive API documentation is available at
http://www.red-dove.com/config/index.html
As always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
Changes since the last release posted on comp.lang.python[.announce]:
=
Added Mapping.__delitem__ (patch by John Drummond).
Mapping.__getattribute__ no longer returns "" when asked
for "__class__" - doing so causes pickle to crash
(reported by Jamila Gunawardena).
Allow negative numbers (reported by Gary Schoep; had
already been fixed but not yet released).
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations.html
ANN: A new version of the Python module which wraps GnuPG has been released.
A new version of the Python module which wraps GnuPG has been
released.
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. Development and testing has been carried out on Windows and
Ubuntu. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: gnupg v0.2.0 released
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
The module was refactored slightly to support Python 3.0.
The current version now passes all tests on Windows (Python 2.4, 2.5)
and Ubuntu (Python 2.4, 2.5, 2.6 and 3.0).
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: gnupg v0.2.1 released
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is a minor bug-fix release. See the project website (
http://code.google.com/p/python-gnupg/ ) for more information.
The current version passes all tests on Windows (Python 2.4, 2.5, 2.6,
3.1, Jython 2.5.0) and Ubuntu (Python 2.4, 2.5, 2.6, 3.0, Jython
2.5.0).
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: python-gnupg v0.2.2 released
A new version of the Python module which wraps GnuPG has been
released.
What Changed?
=
This is a minor bug-fix release. See the project website (
http://code.google.com/p/python-gnupg/ ) for more information.
The changes were to the name of the distribution archive (now prefixed
with "python-") and support was added for GnuPG v2.0.x (tested on
Linux only).
The current version passes all tests on Windows (Python 2.4, 2.5, 2.6,
3.1, Jython 2.5.1) and Ubuntu (Python 2.4, 2.5, 2.6, 3.0, Jython
2.5.1).
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
For more information, visit http://code.google.com/p/python-gnupg/ -
as always, your feedback is most welcome (especially bug reports,
patches and suggestions for improvement). Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
--
http://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: A new version (0.4.5) of python-gnupg has been released.
A new version of the Python module which wraps GnuPG has been released.
What Changed?=
This is an enhancement and bug-fix release, and all users are encouraged
toupgrade.
Brief summary:
* Fixed #107: Improved documentation.
* Fixed #112: Raised a ValueError if a gnupghome is specified which is not an
existing directory.
* Fixed #113: Corrected stale link in the documentation.
* Fixed #116: Updated documentation to clarify when spurious key-expired/
signature-expired messages might be seen.
* Fixed #119: Added --yes to avoid pinentry when deleting secret keys with
GnuPG >= 2.1.
* A warning is logged if gpg returns a non-zero return code.
* Added ``extra_args`` to ``import_keys``.
* Added support for CI using AppVeyor.
This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY) Fingerprint: CA74
9061 914E AC13 8E66 EADB 9147 B477 339A 9B86
Recent changes to PyPI don't show the GPG signature with the download links.An
alternative download source where the signatures are available is the
project'sown downloads page [5].
What Does It Do?The gnupg module allows Python programs to make
use of thefunctionality provided by the Gnu Privacy Guard (abbreviated GPG
orGnuPG). Using this module, Python programs can encrypt and decryptdata,
digitally sign documents and verify digital signatures, manage(generate, list
and delete) encryption keys, using proven Public KeyInfrastructure (PKI)
encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as itmakes use
of the subprocess module which appeared in that version ofPython. This module
is a newer version derived from earlier work byAndrew Kuchling, Richard Jones
and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')>>>
>>> gpg.list_keys()
[{...'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2','keyid':
'197D5DAC68F1AAB2','length': '1024','type': 'pub','uids': ['', 'Gary Gross (A
test user) ']},{...'fingerprint':
'37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A','keyid':
'0C5FEFA7A921FC4A','length': '1024',...'uids': ['', 'Danny Davis (A test user)
']}]>>> encrypted = gpg.encrypt("Hello, world!",
['0C5FEFA7A921FC4A'])>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9
(GNU/Linux)\n\nhQIOA/6NHMDTXUwcEAf.-END PGP MESSAGE-\n'>>> decrypted =
gpg.decrypt(str(encrypted), passphrase='secret')>>> str(decrypted)
'Hello, world!'>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')>>>
verified = gpg.verify(str(signed))>>> print "Verified" if verified else "Not
verified"
'Verified'
As always, your feedback is most welcome (especially bug reports [3],patches
and suggestions for improvement, or any other points via themailing
list/discussion group [4]).
Enjoy!
Cheers
Vinay SajipRed Dove Consultants Ltd.
[1] https://bitbucket.org/vinay.sajip/python-gnupg[2]
https://pypi.org/project/python-gnupg/0.4.5[3]
https://bitbucket.org/vinay.sajip/python-gnupg/issues[4]
https://groups.google.com/forum/#!forum/python-gnupg[5]
https://bitbucket.org/vinay.sajip/python-gnupg/downloads/--
--
Python-announce-list mailing list -- python-announce-list@python.org
To unsubscribe send an email to python-announce-list-le...@python.org
https://mail.python.org/mailman3/lists/python-announce-list.python.org/
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: distlib 0.3.0 released on PyPI
I've recently released version 0.3.0 of distlib on PyPI [1]. For newcomers,distlib is a library of packaging functionality which is intended to beusable as the basis for third-party packaging tools. The main changes in this release are as follows: * Partially addressed #102: modules attribute of InstalledDistribution was incorrectly computed as a list of bytes, rather than a list of str. This has now been corrected. * Updated Locator._get_digest to check PyPI JSON responses for a "digests" dictionary before trying "algo_digest" keys. Thanks to Jeffery To for the patch. * Fixed #123: Improved error message if a resource isn't found. * Fixed #124: Stopped norm-casing the executable written into shebangs, as it doesn't work for some non-ASCII paths. * Fixed #125: Updated launchers with versions that correctly report errors containing non-ASCII characters. The updated launchers now also support relative paths (see http://bit.ly/2JxmOoi for more information). * Fixed #127: Allowed hyphens in flags in export specifications. * Changed Python version handling to accommodate versions like e.g. 3.10 (no longer assume a version X.Y where X and Y are single digits). A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements,please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.org/project/distlib/0.3.0/[2] https://distlib.readthedocs.io/en/0.3.0/[3] https://bitbucket.org/pypa/distlib/issues/new -- Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Support the Python Software Foundation: http://www.python.org/psf/donations/
Re: ANN: distlib 0.3.0 released on PyPI
It looks as if a couple of the above links got corrupted during transmission, so the link behind the text is not what it seems to be (it includes a couple of extra characters from the following footnote). Try these: https://pypi.org/project/distlib/0.3.0/ https://distlib.readthedocs.io/en/0.3.0/ Regards, Vinay Sajip -- Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Support the Python Software Foundation: http://www.python.org/psf/donations/
ANN: distlib 0.3.1 released on PyPI
I've recently released version 0.3.1 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: * Fixed #132: Added documentation to help with relative interpreter paths. Thanks to Paul Kienzle for the patch. * Fixed #134: Allowed specifying a different target Python version when generating scripts. * Fixed #135: Exposed the ``enquote_executable`` function previously implemented as an internal function. * Addressed #138: Improved metadata support for newer metadata versions. Thanks to James Tocknell for the patch. * Changed the output of flags in entry point definitions in wheels. Thanks to frostming (明希) for the patch. * Stopped writing JSON metadata. Only old-style metadata is written now. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Note: Mailman3 might mishandle some of the links below. In that case, just copy and paste the links into your browser address bar - that should work. Regards, Vinay Sajip [1] https://pypi.org/project/distlib/0.3.1/ [2] https://distlib.readthedocs.io/en/0.3.1/ [3] https://bitbucket.org/pypa/distlib/issues/new ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
ANN: Version 0.1.6 of sarge (a subprocess wrapper library) has been released.
Version 0.1.6 of Sarge, a cross-platform library which wraps the subprocess
module in the standard library, has been released.
What changed?
-
- Fixed #44: Added an optional timeout to Command.wait() and Pipeline.wait(),
which
only takes effect on Python >= 3.3.
- Fixed #47: Added the ``replace_env`` keyword argument which allows a complete
replacement for ``os.environ`` to be passed.
- Fixed #51: Improved error handling around a Popen call.
What does Sarge do?
---
Sarge tries to make interfacing with external programs from your
Python applications easier than just using subprocess alone.
Sarge offers the following features:
* A simple way to run command lines which allows a rich subset of Bash-
style shell command syntax, but parsed and run by sarge so that you
can run on Windows without cygwin (subject to having those commands
available):
>>> from sarge import capture_stdout
>>> p = capture_stdout('echo foo | cat; echo bar')
>>> for line in p.stdout: print(repr(line))
...
'foo\n'
'bar\n'
* The ability to format shell commands with placeholders, such that
variables are quoted to prevent shell injection attacks.
* The ability to capture output streams without requiring you to
program your own threads. You just use a Capture object and then you
can read from it as and when you want.
* The ability to look for patterns in captured output and to interact
accordingly with the child process.
Advantages over subprocess
---
Sarge offers the following benefits compared to using subprocess:
* The API is very simple.
* It's easier to use command pipelines - using subprocess out of the
box often leads to deadlocks because pipe buffers get filled up.
* It would be nice to use Bash-style pipe syntax on Windows, but
Windows shells don't support some of the syntax which is useful, like
&&, ||, |& and so on. Sarge gives you that functionality on Windows,
without cygwin.
* Sometimes, subprocess.Popen.communicate() is not flexible enough for
one's needs - for example, when one needs to process output a line at
a time without buffering the entire output in memory.
* It's desirable to avoid shell injection problems by having the
ability to quote command arguments safely.
* subprocess allows you to let stderr be the same as stdout, but not
the other way around - and sometimes, you need to do that.
Python version and platform compatibility
-
Sarge is intended to be used on any Python version >= 2.6 and is
tested on Python versions 2.6, 2.7, 3.3, 3.4, 3.5, 3.6, 3.7 and 3.8 on Linux,
Windows, and Mac OS X (not all versions are tested on all platforms,
but sarge is expected to work correctly on all these versions on all
these platforms).
Finding out more
You can read the documentation at
http://sarge.readthedocs.org/
There's a lot more information, with examples, than I can put into
this post.
You can install Sarge using "pip install sarge" to try it out. The
project is hosted on BitBucket at
https://bitbucket.org/vinay.sajip/sarge/
And you can leave feedback on the issue tracker there.
I hope you find Sarge useful!
Regards,
Vinay Sajip
___
Python-announce-list mailing list -- python-announce-list@python.org
To unsubscribe send an email to python-announce-list-le...@python.org
https://mail.python.org/mailman3/lists/python-announce-list.python.org/
Member address: arch...@mail-archive.com
ANN: distlib 0.3.2 released on PyPI
I've recently released version 0.3.2 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: * Fixed #139: improved handling of errors related to the test PyPI server. * Fixed #140: allowed "Obsoletes" in more scenarios, to better handle faulty metadata already on PyPI. * Fixed #141: removed unused regular expression. * Fixed #143: removed normcase() to avoid some problems on Windows. * Fixed #146: added entry for SourcelessFileLoader to the finder registry. * Fixed #147: permission bits are now preserved on POSIX when installing from a wheel. * Made the generation of scripts more configurable. * Added support for manylinux wheel tags. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.org/project/distlib/0.3.2/ [2] https://distlib.readthedocs.io/en/0.3.2/ [3] https://bitbucket.org/pypa/distlib/issues/new ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
[Python-announce] ANN: Version 0.5.1 of the Python config module has been released.
What Does It Do? The CFG configuration format is a text format for configuration files which is similar to, and a superset of, the JSON format.It has the following aims: * Allow a hierarchical configuration scheme with support for key-value mappings and lists. * Support cross-references between one part of the configuration and another. * Provide a string interpolation facility to easily build up configuration values from other configuration values. * Provide the ability to compose configurations (using include and merge facilities). * Provide the ability to access real application objects safely. * Be completely declarative. It overcomes a number of drawbacks of JSON when used as a configuration format: * JSON is more verbose than necessary. * JSON doesn’t allow comments. * JSON doesn’t provide first-class support for dates and multi-line strings. * JSON doesn’t allow trailing commas in lists and mappings. * JSON doesn’t provide easy cross-referencing, interpolation, or composition. The Python config module provides an interface to work with configuration files written in the CFG format. Comprehensive documentation is available at https://docs.red-dove.com/cfg/index.html and you can report issues / enhancement requests at https://github.com/vsajip/py-cfg-lib/issues As always, your feedback is most welcome (especially bug reports, patches and suggestions for improvement). Enjoy! Cheers, Vinay Sajip ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
[Python-announce] ANN: distlib 0.3.3 released on PyPI
I've recently released version 0.3.3 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: * Fixed #152: Removed splituser() function which wasn't used and is deprecated. * Fixed #149: Handle version comparisons correctly in environment markers. * Add ARM-64 launchers and support code to use them. Thanks to Niyas Sait and Adrian Vladu for their contributions. * Fixed #148: Handle a single trailing comma following a version. Thanks to Blazej Floch for the report and suggested fix. * Fixed #150: Fix incorrect handling of epochs. * Reverted handling of tags for Python >= 3.10 (use 310 rather than 3_10). This is because PEP 641 was rejected. * Added a GitHub Actions workflow to perform tests. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.org/project/distlib/0.3.3/ [2] https://distlib.readthedocs.io/en/0.3.3/ [3] https://bitbucket.org/pypa/distlib/issues/new ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
[Python-announce] ANN: A new library for encryption and signing has been released.
A new library called pagesign (Python-age-sign) has been released on PyPI [1]. It covers similar functionality to python-gnupg, but uses the modern encryption tool age [2] and the modern signing tool minisign [3]. The initial release allows you to: * Create and manage identities (which are containers for the keys used for encryption/decryption and signing/verification). * Encrypt and decrypt files to multiple recipients. * Sign files and verify signatures. This release has been signed with my code signing key: Vinay Sajip (CODE SIGNING KEY) Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86 Recent changes to PyPI don't show the GPG signature with the download links. An alternative download source where the signatures are available is at [4]. Documentation is available at [5]. As always, your feedback is most welcome (especially bug reports [6], patches and suggestions for improvement, or any other points). Enjoy! Cheers Vinay Sajip [1] https://pypi.org/project/pagesign/0.1.0/ [2] https://age-encryption.org/ [3] https://jedisct1.github.io/minisign/ [4] https://bitbucket.org/vinay.sajip/pagesign/downloads/ [5] https://docs.red-dove.com/pagesign/ [6] https://github.com/vsajip/pagesign/issues/new/choose ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
[Python-announce] ANN: distlib 0.3.4 released on PyPI
I've recently released version 0.3.4 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: * Fixed #153: Raise warnings in get_distributions() if bad metadata seen, but keep going. * Fixed #154: Determine Python versions correctly for Python >= 3.10. * Updated launcher executables with changes to handle duplication logic. Code relating to support for Python 2.6 was also removed (support for Python 2.6 was dropped in an earlier release, but supporting code wasn't removed until now). A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.org/project/distlib/0.3.4/ [2] https://distlib.readthedocs.io/en/0.3.4/ [3] https://bitbucket.org/pypa/distlib/issues/new ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
[Python-announce] ANN: A new version (0.4.9) of python-gnupg has been released.
What Changed? = This is an enhancement and bug-fix release, and all users are encouraged to upgrade. Brief summary: * Fixed #161: Added a status attribute to the returned object from gen_key() which is set to 'ok' if a key was successfully created, or 'key not created' if that was reported by gpg, or None in any other case. * Fixed #164: Provided the ability to add subkeys. Thanks to Daniel Kilimnik for the feature request and patch. * Fixed #166: Added keygrip values to the information collected when keys are listed. Thanks to Daniel Kilimnik for the feature request and patch. * Fixed #173: Added extra_args to send_keys(), recv_keys() and search_keys() to allow passing options relating to key servers. This release [2] has been signed with my code signing key: Vinay Sajip (CODE SIGNING KEY) Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86 Recent changes to PyPI don't show the GPG signature with the download links. The source code repository is at [1]. An alternative download source where the signatures are available is at [4]. Documentation is available at [5]. As always, your feedback is most welcome (especially bug reports [3], patches and suggestions for improvement, or any other points via this group). Enjoy! Cheers Vinay Sajip [1] https://github.com/vsajip/python-gnupg [2] https://pypi.org/project/python-gnupg/0.4.9 [3] https://github.com/vsajip/python-gnupg/issues [4] https://github.com/vsajip/python-gnupg/releases/ [5] https://docs.red-dove.com/python-gnupg/ ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
[Python-announce] ANN: distlib 0.3.5 released on PyPI
I've recently released version 0.3.5 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: * Fixed #161: Updated test case. * Fixed #164: Improved support for reproducible builds by allowing a fixed date/time to be inserted into created .exe files. Thanks to Somber Night for the patch. * Fixed #169: Removed usage of deprecated imp module in favour of importlib. * Fixed #170: Corrected implementation of ``get_required_dists()``. * Fixed #172: Compute ABI correctly for Python < 3.8. * Changed the default locator configuration. * Made updates in support of PEP 643 / Metadata 2.2. * Updated launcher executables. Thanks to Michael Bikovitsky for his help with the launcher changes. * Updated to write archive path of RECORD to RECORD instead of staging path. Thanks to Pieter Pas for the patch. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.org/project/distlib/0.3.5/ [2] https://distlib.readthedocs.io/en/0.3.5/ [3] https://github.com/pypa/distlib/issues/new/choose ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
[Python-announce] ANN: A new version (0.5.0) of python-gnupg has been released.
What Changed? = This is an enhancement and bug-fix release, and all users are encouraged to upgrade. Brief summary: * Fixed #181: Added the ability to pass file paths to encrypt_file, decrypt_file, sign_file, verify_file, get_recipients_file and added import_keys_file. * Fixed #183: Handle FAILURE and UNEXPECTED conditions correctly. Thanks to sebbASF for the patch. * Fixed #185: Handle VALIDSIG arguments more robustly. * Fixed #188: Remove handling of DECRYPTION_FAILED from Verify code, as not required there. Thanks to sebbASF for the patch. * Fixed #190: Handle KEY_CREATED more robustly. * Fixed #191: Handle NODATA messages during verification. * Fixed #196: Don't log chunk data by default, as it could contain sensitive information (during decryption, for example). * Added the ability to pass an environment to the gpg executable. Thanks to Edvard Rejthar for the patch. This release [2] has been signed with my code signing key: Vinay Sajip (CODE SIGNING KEY) Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86 Recent changes to PyPI don't show the GPG signature with the download links. The source code repository is at [1]. An alternative download source where the signatures are available is at [4]. Documentation is available at [5]. As always, your feedback is most welcome (especially bug reports [3], patches and suggestions for improvement, or any other points via this group). Enjoy! Cheers Vinay Sajip [1] https://github.com/vsajip/python-gnupg [2] https://pypi.org/project/python-gnupg/0.5.0 [3] https://github.com/vsajip/python-gnupg/issues [4] https://github.com/vsajip/python-gnupg/releases/ [5] https://docs.red-dove.com/python-gnupg/ ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
[Python-announce] Announcement: distlib 0.3.7 released on PyPI
Version 0.3.7 of distlib has recently been released on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: * Handle bare newlines when parsing metadata. * Use version comparison logic for python_full_version. * Fix shebang computation for source builds of Python. * Extract tarfiles more safely by incorporating tarfile filters. * Check for 'has_cert' attribute before using it. * Fix #200: Improve conformance to PEP440. * Fix #203: Handle parsing of export entries to allow script names such as "," or ",foo". A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker at [3]. Regards, Vinay Sajip [1] https://pypi.org/project/distlib/0.3.7/ [2] https://distlib.readthedocs.io/en/0.3.7/overview.html#change-log-for-distlib [3] https://github.com/pypa/distlib/issues/new/choose ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
[Python-announce] ANN: A new version (0.5.1) of python-gnupg has been released.
What Changed? = This is an enhancement and bug-fix release, and all users are encouraged to upgrade. Brief summary: * Added TRUST_EXPIRED to trust_keys. * Fix #206: Remove deprecated --always-trust in favour of --trust-model always * Fix #208: Add status_detail attribute to result objects which is populated when the status is 'invalid recipient' (encryption/decryption) or 'invalid signer' (signing). This attribute will be set when the result object's status attribute is set to 'invalid recipient' and will contain more information about the failure in the form of reason:ident where reason is a text description of the reason, and ident identifies the recipient key. * Add scan_keys_mem() function to scan keys in a string. * Fix #214: Handle multiple signatures when one of them is invalid or unverified. * A problems attribute was added which holds problems reported by gpg during verification. This is a list of dictionaries, one for each reported problem. Each dictionary will have status and keyid keys indicating the problem and the corresponding key; other information in the dictionaries will be error specific. * Fix #217: Use machine-readable interface to query the gpg version. * Added the ability to export keys to a file. This release [2] has been signed with my code signing key: Vinay Sajip (CODE SIGNING KEY) Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86 Recent changes to PyPI don't show the GPG signature with the download links. An alternative download source where the signatures are available is at [4]. The source code repository is at [1]. Documentation is available at [5]. As always, your feedback is most welcome (especially bug reports [3], patches and suggestions for improvement, or any other points via this group). Enjoy! Cheers Vinay Sajip [1] https://github.com/vsajip/python-gnupg [2] https://pypi.org/project/python-gnupg/0.5.1 [3] https://github.com/vsajip/python-gnupg/issues [4] https://github.com/vsajip/python-gnupg/releases/ [5] https://docs.red-dove.com/python-gnupg/ ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
[Python-announce] Announcement: distlib 0.3.8 released on PyPI
Version 0.3.8 of distlib has recently been released on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: * Fix #204: use symlinks in venv creation during test. * Fix #208: handle deprecation removals in Python 3.13. * Fix #209: use legacy version implementation for Python versions. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker at [3]. Regards, Vinay Sajip [1] https://pypi.org/project/distlib/0.3.8/ [2] https://distlib.readthedocs.io/en/latest/overview.html#change-log-for-distlib [3] https://github.com/pypa/distlib/issues/new/choose ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
[Python-announce] ANN: A new version (0.5.2) of python-gnupg has been released.
What Changed?= This is an enhancement and bug-fix release, and all users are encouraged to upgrade. Brief summary: * Fix #228: Clarify documentation for encryption/decryption. * Make I/O buffer size configurable via buffer_size attribute on a GPG instance. This release [2] has been signed with my code signing key: Vinay Sajip (CODE SIGNING KEY) Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86 Recent changes to PyPI don't show the GPG signature with the download links. An alternative download source where the signatures are available is at [4]. The source code repository is at [1]. Documentation is available at [5]. As always, your feedback is most welcome (especially bug reports [3], patches and suggestions for improvement, or any other points via this group). Enjoy! Cheers Vinay Sajip [1] https://github.com/vsajip/python-gnupg [2] https://pypi.org/project/python-gnupg/0.5.2 [3] https://github.com/vsajip/python-gnupg/issues [4] https://github.com/vsajip/python-gnupg/releases/ [5] https://docs.red-dove.com/python-gnupg/ ___ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com
ANN: A new version (0.3.9) of python-gnupg has been released.
A new version of the Python module which wraps GnuPG has been released.
What Changed?
=
This is an enhancement and bug-fix release, and all users are encouraged to
upgrade.
See the project website [1] for more information.
Brief summary:
* Fixed #38: You can now request information about signatures against
keys. Thanks to SunDwarf for the suggestion and patch, which was used
as a basis for this change.
* Fixed #49: When exporting keys, no attempt is made to decode the output when
armor=False is specified.
* Fixed #53: A ``FAILURE`` message caused by passing an incorrect passphrase
is handled.
* Handled ``EXPORTED`` and ``EXPORT_RES`` messages while exporting keys. Thanks
to Marcel Pörner for the patch.
* Fixed #54: Improved error message shown when gpg is not available.
* Fixed #55: Added support for ``KEY_CONSIDERED`` while verifying.
* Avoided encoding problems with filenames under Windows. Thanks to Kévin
Bernard-Allies for the patch.
* Fixed #57: Used a better mechanism for comparing keys.
This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY)
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
.
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via the
mailing list/discussion group [4]).
Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
[1] https://bitbucket.org/vinay.sajip/python-gnupg
[2] https://pypi.python.org/pypi/python-gnupg/0.3.9
[3] https://bitbucket.org/vinay.sajip/python-gnupg/issues
[4] https://groups.google.com/forum/#!forum/python-gnupg
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: distlib 0.2.4 released on PyPI
I've just released version 0.2.4 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: * Updated to not fail during import if SSL is not available. * Changed project name comparisons to follow PEP 503. * Changed manifest and resources logic to work correctly under (upcoming) Python 3.6. * Updated Windows launchers with fixes to bugs related to argument-passing in shebang lines. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.python.org/pypi/distlib/0.2.4 [2] https://goo.gl/M3kQzR [3] https://bitbucket.org/pypa/distlib/issues/new -- https://mail.python.org/mailman/listinfo/python-announce-list Support the Python Software Foundation: http://www.python.org/psf/donations/
ANN: A new version (0.4.0) of python-gnupg has been released.
A new version of the Python module which wraps GnuPG has been released.
What Changed?
=
This is an enhancement and bug-fix release, and all users are encouraged to
upgrade.
See the project website [1] for more information.
Brief summary:
* Added support for ``KEY_CONSIDERED`` in more places - encryption /
decryption, signing, key generation and key import.
* Partial fix for #32 (GPG 2.1 compatibility). Unfortunately, better
support cannot be provided at this point, unless there are certain
changes (relating to pinentry popups) in how GPG 2.1 works.
* Fixed #60: An IndexError was being thrown by ``scan_keys()``.
* Ensured that utf-8 encoding is used when the ``--with-column`` mode is
used. Thanks to Yann Leboulanger for the patch.
* ``list_keys()`` now uses ``--fixed-list-mode``. Thanks to Werner Koch
for the pointer.
This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY)
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
.
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via the
mailing list/discussion group [4]).
Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
[1] https://bitbucket.org/vinay.sajip/python-gnupg
[2] https://pypi.python.org/pypi/python-gnupg/0.4.0
[3] https://bitbucket.org/vinay.sajip/python-gnupg/issues
[4] https://groups.google.com/forum/#!forum/python-gnupg
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: distlib 0.2.5 released on PyPI
I've just released version 0.2.5 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: * Changed regular expressions to be compatible with 3.6 as regards escape sequences. * Closed some resource leaks related to XML-RPC proxies. * Changed wheel processing to look for metadata in metadata.json as well as pydist.json. * Updated requirement and marker parsing to be compatible with PEP 508. * Made downloadability a factor in scoring URLs for preferences. * Removed Python 2.6 from the support list. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.python.org/pypi/distlib/0.2.5 [2] https://goo.gl/M3kQzR [3] https://bitbucket.org/pypa/distlib/issues/new -- https://mail.python.org/mailman/listinfo/python-announce-list Support the Python Software Foundation: http://www.python.org/psf/donations/
ANN: A new version (0.4.1) of python-gnupg has been released.
A new version of the Python module which wraps GnuPG has been released.
What Changed?
=
This is an enhancement and bug-fix release, and all users are encouraged to
upgrade.
See the project website [1] for more information.
Brief summary:
* Updated message handling logic to no longer raise exceptions when a message
isn't
recognised. Thanks to Daniel Kahn Gillmor for the patch.
* Always use always use --fixed-list-mode, --batch and --with-colons. Thanks to
Daniel
Kahn Gillmor for the patch.
* Improved scan_keys() handling on GnuPG >= 2.1. Thanks to Daniel Kahn Gillmor
for the
patch.
* Improved test behaviour with GnuPG >= 2.1. Failures when deleting test
directory trees
are now ignored. Thanks to Daniel Kahn Gillmor for the patch.
* Added close_file keyword argument to verify_file to allow the file closing to
be made
optional. Current behaviour is maintained - close_file=False can be passed to
skip
closing the file being verified.
* Added the extra_args keyword parameter to allow custom arguments to be passed
to the
gpg executable.
* Instances of the GPG class now have an additional on_data attribute, which
defaults to
None. It can be set to a callable which will be called with a single argument
- a binary
chunk of data received from the gpg executable. The callable can do whatever
it likes
with the chunks passed to it - e.g. write them to a separate stream. The
callable should
not raise any exceptions (unless it wants the current operation to fail).
This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY)
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86
What Does It Do?
The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
.
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via the
mailing list/discussion group [4]).
Please refer to the documentation [5] for more information.
Enjoy!
Cheers
Vinay Sajip
Red Dove Consultants Ltd.
[1] https://bitbucket.org/vinay.sajip/python-gnupg
[2] https://pypi.python.org/pypi/python-gnupg/0.4.1
[3] https://bitbucket.org/vinay.sajip/python-gnupg/issues
[4] https://groups.google.com/forum/#!forum/python-gnupg
[5] https://gnupg.readthedocs.io/en/latest/
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: distlib 0.2.6 released on PyPI
I've just released version 0.2.6 of distlib on PyPI [1]. For newcomers,distlib is a library of packaging functionality which is intended to beusable as the basis for third-party packaging tools. The main changes in this release are as follows: * Fixed #99: Updated to handle a case where sys.getfilesystemencoding() returns None. * Fixed #97: Eliminated a crash in EggInfoDistribution.list_distinfo_files() which was caused by trying to open a non-existent file. * Fixed #96: SimpleScrapingLocator no longer fails prematurely when scraping links due to invalid versions. * Improved error messages issued when interpreting markers. * Improved the shebangs written into installed scripts when the interpreter path is very long or contains spaces (to cater for a limitation in shebang line parsing on Linux). * Updated launcher binaries. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions forimprovements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.python.org/pypi/distlib/0.2.6[2] https://goo.gl/M3kQzR[3] https://bitbucket.org/pypa/distlib/issues/new -- https://mail.python.org/mailman/listinfo/python-announce-list Support the Python Software Foundation: http://www.python.org/psf/donations/
ANN: A new version (0.4.2) of python-gnupg has been released.
A new version of the Python module which wraps GnuPG has been released.
What Changed? = This is an enhancement and bug-fix release, and all
users are encouraged to upgrade. See the project website [1] for more
information.
Brief summary:
* Subkey information is now collected and returned in a subkey_info dictionary
keyed by the subkey's ID.
* GPG2 version is now correctly detected on OS X.
* Added expect_passphrase keyword argument for use on GnuPG >= 2.1 when
passing passphrase to gpg via pinentry.
* Provided a trust_keys method to allow setting the trust level for keys.
Thanks to William Foster for a suggested implementation.
* Made the exception message when the gpg executable is not found contain the
path of the executable that was tried. Thanks to Kostis Anagnostopoulos for
the suggestion.
* Made the error message less categorical in the case of a failure with an
unspecified reason, adding some information from gpg error codes when
available.
This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY) Fingerprint: CA74 9061
914E AC13 8E66 EADB 9147 B477 339A 9B86
What Does It Do? The gnupg module allows Python programs to
make use of the functionality provided by the Gnu Privacy Guard (abbreviated
GPG or GnuPG). Using this module, Python programs can encrypt and decrypt data,
digitally sign documents and verify digital signatures, manage (generate, list
and delete) encryption keys, using proven Public Key Infrastructure (PKI)
encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as it makes use
of the subprocess module which appeared in that version of Python. This module
is a newer version derived from earlier work by Andrew Kuchling, Richard Jones
and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg >>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> >>> gpg.list_keys()
[{ ... 'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2', 'keyid':
'197D5DAC68F1AAB2', 'length': '1024', 'type': 'pub', 'uids': ['', 'Gary Gross
(A test user) ']}, { ... 'fingerprint':
'37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A', 'keyid': '0C5FEFA7A921FC4A',
'length': '1024', ... 'uids': ['', 'Danny Davis (A test user) ']}] >>> encrypted = gpg.encrypt("Hello, world!",
['0C5FEFA7A921FC4A']) >>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf . -END PGP MESSAGE-\n' >>> decrypted =
gpg.decrypt(str(encrypted), passphrase='secret') >>> str(decrypted)
'Hello, world!' >>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed)) >>> print "Verified" if verified else
"Not verified"
'Verified'
As always, your feedback is most welcome (especially bug reports [3], patches
and suggestions for improvement, or any other points via the mailing
list/discussion group [4]).
Please refer to the documentation [5] for more information.
Enjoy!
Cheers
Vinay Sajip Red Dove Consultants Ltd.
[1] https://bitbucket.org/vinay.sajip/python-gnupg [2]
https://pypi.python.org/pypi/python-gnupg/0.4.2 [3]
https://bitbucket.org/vinay.sajip/python-gnupg/issues [4]
https://groups.google.com/forum/#!forum/python-gnupg [5]
https://gnupg.readthedocs.io/en/latest/
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: distlib 0.2.7 released on PyPI
I've just released version 0.2.7 of distlib on PyPI [1]. For newcomers, distlib is a library of packaging functionality which is intended to be usable as the basis for third-party packaging tools. The main changes in this release are as follows: * Addressed #102: InstalledDistributions now have a modules attribute which is a list of top-level modules as read from top_level.txt, if that is in the distribution info. * Fixed #103: Now https downloads are preferred to those over http. Thanks to Saulius Žemaitaitis for the patch. * Fixed #104: Updated launcher binaries to properly handle interpreter paths with spaces. Thanks to Atsushi Odagiri for the diagnosis and fix. * Fixed #105: cache_from_source is now imported from importlib.util where available. * Added support for PEP 566 / Metadata 2.1. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements, please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.org/project/distlib/0.2.7/ [2] https://goo.gl/M3kQzR [3] https://bitbucket.org/pypa/distlib/issues/new -- https://mail.python.org/mailman/listinfo/python-announce-list Support the Python Software Foundation: http://www.python.org/psf/donations/
ANN: A new version (0.4.3) of python-gnupg has been released. It contains a security-related change - please update to this version
A new version of the Python module which wraps GnuPG has been released.
What Changed?=This is a security-fix release, and all users are
strongly encouraged to upgrade.This fix mitigates against CVE-2018-12020. See
the discoverer's blog post [6] formore information.
Brief summary:
* Added --no-verbose to the gpg command line, in case verbose is specified in
gpg.conf - we don't need verbose output.
This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY) Fingerprint: CA74
9061 914E AC13 8E66 EADB 9147 B477 339A 9B86
Recent changes to PyPI don't show the GPG signature with the download links.An
alternative download source where the signatures are available is the
project'sown downloads page [5].
What Does It Do?The gnupg module allows Python programs to make
use of thefunctionality provided by the Gnu Privacy Guard (abbreviated GPG
orGnuPG). Using this module, Python programs can encrypt and decryptdata,
digitally sign documents and verify digital signatures, manage(generate, list
and delete) encryption keys, using proven Public KeyInfrastructure (PKI)
encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as itmakes use
of the subprocess module which appeared in that version ofPython. This module
is a newer version derived from earlier work byAndrew Kuchling, Richard Jones
and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')>>>
>>> gpg.list_keys()
[{...'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2','keyid':
'197D5DAC68F1AAB2','length': '1024','type': 'pub','uids': ['', 'Gary Gross (A
test user) ']},{...'fingerprint':
'37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A','keyid':
'0C5FEFA7A921FC4A','length': '1024',...'uids': ['', 'Danny Davis (A test user)
']}]>>> encrypted = gpg.encrypt("Hello, world!",
['0C5FEFA7A921FC4A'])>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9
(GNU/Linux)\n\nhQIOA/6NHMDTXUwcEAf.-END PGP MESSAGE-\n'>>> decrypted =
gpg.decrypt(str(encrypted), passphrase='secret')>>> str(decrypted)
'Hello, world!'>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')>>>
verified = gpg.verify(str(signed))>>> print "Verified" if verified else "Not
verified"
'Verified'
As always, your feedback is most welcome (especially bug reports [3],patches
and suggestions for improvement, or any other points via themailing
list/discussion group [4]).
Enjoy!
Cheers
Vinay SajipRed Dove Consultants Ltd.
[1] https://bitbucket.org/vinay.sajip/python-gnupg[2]
https://pypi.python.org/pypi/python-gnupg/0.4.3[3]
https://bitbucket.org/vinay.sajip/python-gnupg/issues[4]
https://groups.google.com/forum/#!forum/python-gnupg[5]
https://bitbucket.org/vinay.sajip/python-gnupg/downloads/[6]
https://neopg.io/blog/gpg-signature-spoof/
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: Version 0.1.5 of sarge (a subprocess wrapper library) has been released.
Version 0.1.5 of Sarge, a cross-platform library which wraps the
subprocessmodule in the standard library, has been released.
What changed?-
- Fixed #37: Instead of an OSError with a "no such file or directory" message,
a ValueError is raised with a more informative "Command not found" message.
- Fixed #38: Replaced ``async`` keyword argument with ``async_``, as ``async``
has become a keyword in Python 3.7.
- Fixed #39: Updated tutorial example on progress monitoring.
What does Sarge do?---
Sarge tries to make interfacing with external programs from yourPython
applications easier than just using subprocess alone.
Sarge offers the following features:
* A simple way to run command lines which allows a rich subset of Bash-style
shell command syntax, but parsed and run by sarge so that youcan run on Windows
without cygwin (subject to having those commandsavailable):
>>> from sarge import capture_stdout>>> p = capture_stdout('echo foo | cat;
>>> echo bar')>>> for line in p.stdout: print(repr(line))...'foo\n''bar\n'
* The ability to format shell commands with placeholders, such thatvariables
are quoted to prevent shell injection attacks.
* The ability to capture output streams without requiring you toprogram your
own threads. You just use a Capture object and then youcan read from it as and
when you want.
* The ability to look for patterns in captured output and to
interactaccordingly with the child process.
Advantages over subprocess---
Sarge offers the following benefits compared to using subprocess:
* The API is very simple.
* It's easier to use command pipelines - using subprocess out of thebox often
leads to deadlocks because pipe buffers get filled up.
* It would be nice to use Bash-style pipe syntax on Windows, butWindows shells
don't support some of the syntax which is useful, like&&, ||, |& and so on.
Sarge gives you that functionality on Windows,without cygwin.
* Sometimes, subprocess.Popen.communicate() is not flexible enough forone's
needs - for example, when one needs to process output a line ata time without
buffering the entire output in memory.
* It's desirable to avoid shell injection problems by having theability to
quote command arguments safely.
* subprocess allows you to let stderr be the same as stdout, but notthe other
way around - and sometimes, you need to do that.
Python version and platform
compatibility-
Sarge is intended to be used on any Python version >= 2.6 and istested on
Python versions 2.6, 2.7, 3.3, 3.4, 3.5, 3.6 and 3.7 on Linux,Windows, and Mac
OS X (not all versions are tested on all platforms,but sarge is expected to
work correctly on all these versions on allthese platforms).
Finding out more
You can read the documentation at
http://sarge.readthedocs.org/
There's a lot more information, with examples, than I can put intothis post.
You can install Sarge using "pip install sarge" to try it out. Theproject is
hosted on BitBucket at
https://bitbucket.org/vinay.sajip/sarge/
And you can leave feedback on the issue tracker there.
I hope you find Sarge useful!
Regards,
Vinay Sajip
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: distlib 0.2.8 released on PyPI
I've recently released version 0.2.8 of distlib on PyPI [1]. For newcomers,distlib is a library of packaging functionality which is intended to beusable as the basis for third-party packaging tools. The main changes in this release are as follows: * Fixed #107: Updated documentation on testing to include information on setting PYTHONHASHSEED. * Fixed #108: Updated metadata scan to look for the METADATA file as well as the JSON formats. * Fixed #109: Removed existing files (which might have been symlinks) before overwriting. * Fixed #111: Avoided unnecessary newlines in script preambles, which caused problems with detecting encoding declarations. Thanks to Wim Glenn for the report and patch. * Fixed #112: Handled wheel tags and platform-dependent downloads correctly in SimpleScrapingLocator. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements,please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.org/project/distlib/0.2.8/[2] https://goo.gl/tVzKUc[3] https://bitbucket.org/pypa/distlib/issues/new -- https://mail.python.org/mailman/listinfo/python-announce-list Support the Python Software Foundation: http://www.python.org/psf/donations/
ANN: A new version (0.4.4) of python-gnupg has been released. It contains a security-related change - please update to this version
A new version of the Python module which wraps GnuPG has been released.
What Changed?=This is an enhancement and security-fix release, and
all users are stronglyencouraged to upgrade.
Brief summary:
* Fixed #108: Changed how any return value from the on_data callable is
processed. In earlier versions, the return value was ignored. In this version,
if the return value is False, the data received from gpg is not buffered.
Otherwise (if the value is None or True, for example), the data is buffered as
normal. This functionality can be used to do your own buffering, or to prevent
buffering altogether.
The on_data callable is also called once with an empty byte-string to signal
the end of data from gpg.
* Fixed #97: Added an additional attribute check_fingerprint_collisions to GPG
instances, which defaults to False. It seems that gpg is happy to have
duplicate keys and fingerprints in a keyring, so we can't be too strict. A
user can set this attribute of an instance to True to trigger a check for
collisions.
* Fixed #111: With GnuPG 2.2.7 or later, provide the fingerprint of a signing
key for a failed signature verification, if available.
* Fixed #21: For verification where multiple signatures are involved, a
mapping of signature_ids to fingerprint, keyid, username, creation date,
creation timestamp and expiry timestamp is provided.
* Added a check to disallow certain control characters ('\r', '\n', NUL) in
passphrases. This fix mitigates against CVE-2019-6690.
This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY) Fingerprint: CA74
9061 914E AC13 8E66 EADB 9147 B477 339A 9B86
Recent changes to PyPI don't show the GPG signature with the download links.An
alternative download source where the signatures are available is the
project'sown downloads page [5].
What Does It Do?The gnupg module allows Python programs to make
use of thefunctionality provided by the Gnu Privacy Guard (abbreviated GPG
orGnuPG). Using this module, Python programs can encrypt and decryptdata,
digitally sign documents and verify digital signatures, manage(generate, list
and delete) encryption keys, using proven Public KeyInfrastructure (PKI)
encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as itmakes use
of the subprocess module which appeared in that version ofPython. This module
is a newer version derived from earlier work byAndrew Kuchling, Richard Jones
and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')>>>
>>> gpg.list_keys()
[{...'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2','keyid':
'197D5DAC68F1AAB2','length': '1024','type': 'pub','uids': ['', 'Gary Gross (A
test user) ']},{...'fingerprint':
'37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A','keyid':
'0C5FEFA7A921FC4A','length': '1024',...'uids': ['', 'Danny Davis (A test user)
']}]>>> encrypted = gpg.encrypt("Hello, world!",
['0C5FEFA7A921FC4A'])>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9
(GNU/Linux)\n\nhQIOA/6NHMDTXUwcEAf.-END PGP MESSAGE-\n'>>> decrypted =
gpg.decrypt(str(encrypted), passphrase='secret')>>> str(decrypted)
'Hello, world!'>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')>>>
verified = gpg.verify(str(signed))>>> print "Verified" if verified else "Not
verified"
'Verified'
As always, your feedback is most welcome (especially bug reports [3],patches
and suggestions for improvement, or any other points via themailing
list/discussion group [4]).
Enjoy!
Cheers
Vinay SajipRed Dove Consultants Ltd.
[1] https://bitbucket.org/vinay.sajip/python-gnupg[2]
https://pypi.python.org/pypi/python-gnupg/0.4.4[3]
https://bitbucket.org/vinay.sajip/python-gnupg/issues[4]
https://groups.google.com/forum/#!forum/python-gnupg[5]
https://bitbucket.org/vinay.sajip/python-gnupg/downloads/
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
ANN: distlib 0.2.9 released on PyPI
I've recently released version 0.2.9 of distlib on PyPI [1]. For newcomers,distlib is a library of packaging functionality which is intended to beusable as the basis for third-party packaging tools. The main changes in this release are as follows: * Updated default PyPI URL to https://pypi.org/pypi. * Relaxed metadata format checks to ignore 'Provides'. * Fixed #33, #34: simplified script template. * Fixed #115: Relaxed check for '..' in wheel archive entries by not checking filename parts, only directory segments. * Fixed #116: Corrected parsing of credentials from URLs. * Fixed #122: Skipped entries in archive entries ending with '/' (directories) when verifying or installing. * Commented out Disqus comment section in documentation. A more detailed change log is available at [2]. Please try it out, and if you find any problems or have any suggestions for improvements,please give some feedback using the issue tracker! [3] Regards, Vinay Sajip [1] https://pypi.org/project/distlib/0.2.9/[2] https://distlib.readthedocs.io/en/latest/overview.html#change-log-for-distlib[3] https://bitbucket.org/pypa/distlib/issues/new -- https://mail.python.org/mailman/listinfo/python-announce-list Support the Python Software Foundation: http://www.python.org/psf/donations/
