Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-bcrypt for openSUSE:Factory
checked in at 2025-03-24 13:25:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-bcrypt (Old)
and /work/SRC/openSUSE:Factory/.python-bcrypt.new.2696 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-bcrypt"
Mon Mar 24 13:25:16 2025 rev:17 rq:1255006 version:4.3.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-bcrypt/python-bcrypt.changes
2024-12-05 17:05:41.210171195 +0100
+++ /work/SRC/openSUSE:Factory/.python-bcrypt.new.2696/python-bcrypt.changes
2025-03-24 13:25:18.178425845 +0100
@@ -1,0 +2,65 @@
+Fri Mar 21 07:03:29 UTC 2025 - John Paul Adrian Glaubitz
<adrian.glaub...@suse.com>
+
+- Update 4.3.0
+ * Bump proc-macro2 from 1.0.89 to 1.0.90 in /src/_bcrypt (#916)
+ * Bump unicode-ident from 1.0.13 to 1.0.14 in /src/_bcrypt (#915)
+ * fixes #917 -- correctly handle a salt that's too short (#918)
+ * Bump cpufeatures from 0.2.15 to 0.2.16 in /src/_bcrypt (#919)
+ * Bump proc-macro2 from 1.0.90 to 1.0.92 in /src/_bcrypt (#920)
+ * Bump syn from 2.0.87 to 2.0.89 in /src/_bcrypt (#921)
+ * Fix new ruff warning (#923)
+ * Build manylinux 2.34 images (#922)
+ * Bump portable-atomic from 1.9.0 to 1.10.0 in /src/_bcrypt (#924)
+ * drop py37 (#926)
+ * Bump pyo3 from 0.23.1 to 0.23.2 in /src/_bcrypt (#927)
+ * Bump libc from 0.2.164 to 0.2.165 in /src/_bcrypt (#928)
+ * Bump libc from 0.2.165 to 0.2.166 in /src/_bcrypt (#929)
+ * Bump dawidd6/action-download-artifact from 6 to 7 (#932)
+ * Bump syn from 2.0.89 to 2.0.90 in /src/_bcrypt (#931)
+ * Bump libc from 0.2.166 to 0.2.167 in /src/_bcrypt (#930)
+ * Bump pyo3 from 0.23.2 to 0.23.3 in /src/_bcrypt (#933)
+ * Bump actions/cache from 4.1.2 to 4.2.0 (#934)
+ * Bump libc from 0.2.167 to 0.2.168 in /src/_bcrypt (#935)
+ * Bump pypa/gh-action-pypi-publish from 1.12.2 to 1.12.3 (#936)
+ * Bump dtolnay/rust-toolchain (#937)
+ * Bump actions/upload-artifact from 4.4.3 to 4.5.0 (#938)
+ * Bump libc from 0.2.168 to 0.2.169 in /src/_bcrypt (#939)
+ * Bump syn from 2.0.90 to 2.0.91 in /src/_bcrypt (#940)
+ * Bump quote from 1.0.37 to 1.0.38 in /src/_bcrypt (#942)
+ * Bump syn from 2.0.91 to 2.0.92 in /src/_bcrypt (#941)
+ * Bump syn from 2.0.92 to 2.0.93 in /src/_bcrypt (#943)
+ * Bump syn from 2.0.93 to 2.0.94 in /src/_bcrypt (#944)
+ * Bump syn from 2.0.94 to 2.0.95 in /src/_bcrypt (#945)
+ * Bump syn from 2.0.95 to 2.0.96 in /src/_bcrypt (#948)
+ * Bump actions/upload-artifact from 4.5.0 to 4.6.0 (#947)
+ * Bump proc-macro2 from 1.0.92 to 1.0.93 in /src/_bcrypt (#949)
+ * Bump pyo3 from 0.23.3 to 0.23.4 in /src/_bcrypt (#950)
+ * Support free-threaded Python 3.13 (#925)
+ * Switch to nox (#954)
+ * use github hosted arm runners in wheel builder (#952)
+ * use github hosted arm runners in ci (#951)
+ * Bump dawidd6/action-download-artifact from 7 to 8 (#956)
+ * Bump pypa/gh-action-pypi-publish from 1.12.3 to 1.12.4 (#957)
+ * Bump unicode-ident from 1.0.14 to 1.0.15 in /src/_bcrypt (#958)
+ * include matrix.PYTHON.VERSION in CI cache keys (#964)
+ * Bump cpufeatures from 0.2.16 to 0.2.17 in /src/_bcrypt (#960)
+ * Bump unicode-ident from 1.0.15 to 1.0.16 in /src/_bcrypt (#962)
+ * Bump actions/setup-python from 5.3.0 to 5.4.0 (#963)
+ * Update getrandom and bcrypt (#966)
+ * Bump syn from 2.0.96 to 2.0.98 in /src/_bcrypt (#967)
+ * Bump quansight-labs/setup-python from 5.3.1 to 5.4.0 (#968)
+ * add support for free-threaded wheels (#955)
+ * Bump once_cell from 1.20.2 to 1.20.3 in /src/_bcrypt (#970)
+ * Bump unicode-ident from 1.0.16 to 1.0.17 in /src/_bcrypt (#972)
+ * Bump typenum from 1.17.0 to 1.18.0 in /src/_bcrypt (#973)
+ * Bump actions/cache from 4.2.0 to 4.2.1 (#974)
+ * Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#975)
+ * Bump libc from 0.2.169 to 0.2.170 in /src/_bcrypt (#976)
+ * Bump inout from 0.1.3 to 0.1.4 in /src/_bcrypt (#977)
+ * Bump portable-atomic from 1.10.0 to 1.11.0 in /src/_bcrypt (#978)
+ * Update PyO3 to 0.23.5 (#980)
+ * Bump actions/download-artifact from 4.1.8 to 4.1.9 (#982)
+ * Add PyPy 3.11 and armv7l to matrix runner (#983)
+ * PyPy 3.11 and armv7l wheels (#984)
+
+-------------------------------------------------------------------
Old:
----
bcrypt-4.2.1.tar.gz
New:
----
bcrypt-4.3.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-bcrypt.spec ++++++
--- /var/tmp/diff_new_pack.AwCQiU/_old 2025-03-24 13:25:19.234469847 +0100
+++ /var/tmp/diff_new_pack.AwCQiU/_new 2025-03-24 13:25:19.238470013 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-bcrypt
#
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
# Copyright (c) 2016, Martin Hauke <mar...@gmx.de>
#
# All modifications and additions to the file contributed by third parties
@@ -20,7 +20,7 @@
%global rustflags '-Clink-arg=-Wl,-z,relro,-z,now'
%{?sle15_python_module_pythons}
Name: python-bcrypt
-Version: 4.2.1
+Version: 4.3.0
Release: 0
Summary: BSD type 2a and 2b password hashing
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.AwCQiU/_old 2025-03-24 13:25:19.294472347 +0100
+++ /var/tmp/diff_new_pack.AwCQiU/_new 2025-03-24 13:25:19.298472513 +0100
@@ -3,7 +3,7 @@
<param name="url">https://github.com/pyca/bcrypt/</param>
<param name="versionformat">@PARENT_TAG@~@TAG_OFFSET@</param>
<param name="scm">git</param>
- <param name="revision">4.2.1</param>
+ <param name="revision">4.3.0</param>
</service>
<service name="cargo_vendor" mode="manual">
<param name="srcdir">bcrypt/src/_bcrypt</param>
++++++ bcrypt-4.2.1.tar.gz -> bcrypt-4.3.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/MANIFEST.in new/bcrypt-4.3.0/MANIFEST.in
--- old/bcrypt-4.2.1/MANIFEST.in 2024-11-19 21:03:02.000000000 +0100
+++ new/bcrypt-4.3.0/MANIFEST.in 2025-02-28 02:17:02.000000000 +0100
@@ -2,7 +2,7 @@
include pyproject.toml
-include tox.ini .coveragerc
+include noxfile.py .coveragerc
recursive-include src py.typed *.pyi
recursive-include src/_bcrypt Cargo.toml Cargo.lock *.rs
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/PKG-INFO new/bcrypt-4.3.0/PKG-INFO
--- old/bcrypt-4.2.1/PKG-INFO 2024-11-19 21:03:09.908717400 +0100
+++ new/bcrypt-4.3.0/PKG-INFO 2025-02-28 02:17:09.378459200 +0100
@@ -1,6 +1,6 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.2
Name: bcrypt
-Version: 4.2.1
+Version: 4.3.0
Summary: Modern password hashing for your software and your servers
Author-email: The Python Cryptographic Authority developers
<cryptography-...@python.org>
License: Apache-2.0
@@ -11,14 +11,13 @@
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3 :: Only
-Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
-Requires-Python: >=3.7
+Requires-Python: >=3.8
Description-Content-Type: text/x-rst
License-File: LICENSE
Provides-Extra: tests
@@ -79,6 +78,15 @@
Changelog
=========
+Unreleased
+----------
+
+* Dropped support for Python 3.7.
+* We now support free-threaded Python 3.13.
+* We now support PyPy 3.11.
+* We now publish wheels for free-threaded Python 3.13, for PyPy 3.11 on
+ ``manylinux``, and for ARMv7l on ``manylinux``.
+
4.2.1
-----
@@ -308,7 +316,7 @@
-------------
This library should be compatible with py-bcrypt and it will run on Python
-3.6+, and PyPy 3.
+3.8+ (including free-threaded builds), and PyPy 3.
Security
--------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/README.rst new/bcrypt-4.3.0/README.rst
--- old/bcrypt-4.2.1/README.rst 2024-11-19 21:03:02.000000000 +0100
+++ new/bcrypt-4.3.0/README.rst 2025-02-28 02:17:02.000000000 +0100
@@ -51,6 +51,15 @@
Changelog
=========
+Unreleased
+----------
+
+* Dropped support for Python 3.7.
+* We now support free-threaded Python 3.13.
+* We now support PyPy 3.11.
+* We now publish wheels for free-threaded Python 3.13, for PyPy 3.11 on
+ ``manylinux``, and for ARMv7l on ``manylinux``.
+
4.2.1
-----
@@ -280,7 +289,7 @@
-------------
This library should be compatible with py-bcrypt and it will run on Python
-3.6+, and PyPy 3.
+3.8+ (including free-threaded builds), and PyPy 3.
Security
--------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/noxfile.py new/bcrypt-4.3.0/noxfile.py
--- old/bcrypt-4.2.1/noxfile.py 1970-01-01 01:00:00.000000000 +0100
+++ new/bcrypt-4.3.0/noxfile.py 2025-02-28 02:17:02.000000000 +0100
@@ -0,0 +1,42 @@
+import nox
+
+nox.options.reuse_existing_virtualenvs = True
+nox.options.default_venv_backend = "uv|virtualenv"
+
+
+@nox.session
+def tests(session: nox.Session) -> None:
+ session.install("coverage")
+ session.install(".[tests]")
+
+ session.run(
+ "coverage", "run", "-m", "pytest", "--strict-markers", *session.posargs
+ )
+ session.run("coverage", "combine")
+ session.run("coverage", "report", "-m", "--fail-under", "100")
+
+
+@nox.session
+def pep8(session: nox.Session) -> None:
+ session.install("ruff")
+
+ session.run("ruff", "check", ".")
+ session.run("ruff", "format", "--check", ".")
+
+
+@nox.session
+def mypy(session: nox.Session) -> None:
+ session.install("mypy")
+ session.install(".[tests]")
+
+ session.run("mypy", "tests/")
+
+
+@nox.session
+def packaging(session: nox.Session) -> None:
+ session.install("setuptools-rust", "check-manifest", "readme_renderer")
+
+ session.run("check-manifest")
+ session.run(
+ "python3", "-m", "readme_renderer", "README.rst", "-o", "/dev/null"
+ )
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/pyproject.toml
new/bcrypt-4.3.0/pyproject.toml
--- old/bcrypt-4.2.1/pyproject.toml 2024-11-19 21:03:02.000000000 +0100
+++ new/bcrypt-4.3.0/pyproject.toml 2025-02-28 02:17:02.000000000 +0100
@@ -11,7 +11,7 @@
[project]
name = "bcrypt"
# When updating this, also update lib.rs
-version = "4.2.1"
+version = "4.3.0"
authors = [
{name = "The Python Cryptographic Authority developers", email =
"cryptography-...@python.org"}
]
@@ -24,7 +24,6 @@
"Programming Language :: Python :: Implementation :: PyPy",
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3 :: Only",
- "Programming Language :: Python :: 3.7",
"Programming Language :: Python :: 3.8",
"Programming Language :: Python :: 3.9",
"Programming Language :: Python :: 3.10",
@@ -32,7 +31,7 @@
"Programming Language :: Python :: 3.12",
"Programming Language :: Python :: 3.13",
]
-requires-python = ">= 3.7"
+requires-python = ">= 3.8"
dynamic = ["readme"]
[project.urls]
@@ -73,3 +72,6 @@
warn_unused_ignores = true
warn_unused_configs = true
strict_equality = true
+
+[tool.check-manifest]
+ignore = ["tests/reference/*"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/src/_bcrypt/Cargo.lock
new/bcrypt-4.3.0/src/_bcrypt/Cargo.lock
--- old/bcrypt-4.2.1/src/_bcrypt/Cargo.lock 2024-11-19 21:03:02.000000000
+0100
+++ new/bcrypt-4.3.0/src/_bcrypt/Cargo.lock 2025-02-28 02:17:02.000000000
+0100
@@ -16,9 +16,9 @@
[[package]]
name = "bcrypt"
-version = "0.16.0"
+version = "0.17.0"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "2b1866ecef4f2d06a0bb77880015fdf2b89e25a1c2e5addacb87e459c86dc67e"
+checksum = "92758ad6077e4c76a6cadbce5005f666df70d4f13b19976b1a8062eef880040f"
dependencies = [
"base64",
"blowfish",
@@ -51,6 +51,12 @@
]
[[package]]
+name = "bitflags"
+version = "2.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index";
+checksum = "8f68f53c83ab957f72c32642f3868eec03eb974d1fb82e453128456482613d36"
+
+[[package]]
name = "block-buffer"
version = "0.10.4"
source = "registry+https://github.com/rust-lang/crates.io-index";
@@ -93,9 +99,9 @@
[[package]]
name = "cpufeatures"
-version = "0.2.15"
+version = "0.2.17"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "0ca741a962e1b0bff6d724a1a0958b686406e853bb14061f218562e1896f95e6"
+checksum = "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280"
dependencies = [
"libc",
]
@@ -133,13 +139,14 @@
[[package]]
name = "getrandom"
-version = "0.2.15"
+version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7"
+checksum = "43a49c392881ce6d5c3b8cb70f98717b7c07aabbdff06687b9030dbfbe2725f8"
dependencies = [
"cfg-if",
"libc",
"wasi",
+ "windows-targets",
]
[[package]]
@@ -156,18 +163,18 @@
[[package]]
name = "inout"
-version = "0.1.3"
+version = "0.1.4"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5"
+checksum = "879f10e63c20629ecabbb64a8010319738c66a5cd0c29b02d63d272b03751d01"
dependencies = [
"generic-array",
]
[[package]]
name = "libc"
-version = "0.2.164"
+version = "0.2.170"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "433bfe06b8c75da9b2e3fbea6e5329ff87748f0b144ef75306e674c3f6f7c13f"
+checksum = "875b3680cb2f8f71bdcf9a30f38d48282f5d3c95cbf9b3fa57269bb5d5c06828"
[[package]]
name = "memoffset"
@@ -180,9 +187,9 @@
[[package]]
name = "once_cell"
-version = "1.20.2"
+version = "1.20.3"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "1261fe7e33c73b354eab43b1273a57c8f967d0391e80353e51f764ac02cf6775"
+checksum = "945462a4b81e43c4e3ba96bd7b49d834c6f61198356aa858733bc4acf3cbe62e"
[[package]]
name = "pbkdf2"
@@ -195,24 +202,24 @@
[[package]]
name = "portable-atomic"
-version = "1.9.0"
+version = "1.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "cc9c68a3f6da06753e9335d63e27f6b9754dd1920d941135b7ea8224f141adb2"
+checksum = "350e9b48cbc6b0e028b0473b114454c6316e57336ee184ceab6e53f72c178b3e"
[[package]]
name = "proc-macro2"
-version = "1.0.89"
+version = "1.0.93"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "f139b0662de085916d1fb67d2b4169d1addddda1919e696f3252b740b629986e"
+checksum = "60946a68e5f9d28b0dc1c21bb8a97ee7d018a8b322fa57838ba31cc878e22d99"
dependencies = [
"unicode-ident",
]
[[package]]
name = "pyo3"
-version = "0.23.1"
+version = "0.23.5"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "7ebb0c0cc0de9678e53be9ccf8a2ab53045e6e3a8be03393ceccc5e7396ccb40"
+checksum = "7778bffd85cf38175ac1f545509665d0b9b92a198ca7941f131f85f7a4f9a872"
dependencies = [
"cfg-if",
"indoc",
@@ -228,9 +235,9 @@
[[package]]
name = "pyo3-build-config"
-version = "0.23.1"
+version = "0.23.5"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "80e3ce69c4ec34476534b490e412b871ba03a82e35604c3dfb95fcb6bfb60c09"
+checksum = "94f6cbe86ef3bf18998d9df6e0f3fc1050a8c5efa409bf712e661a4366e010fb"
dependencies = [
"once_cell",
"target-lexicon",
@@ -238,9 +245,9 @@
[[package]]
name = "pyo3-ffi"
-version = "0.23.1"
+version = "0.23.5"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "3b09f311c76b36dfd6dd6f7fa6f9f18e7e46a1c937110d283e80b12ba2468a75"
+checksum = "e9f1b4c431c0bb1c8fb0a338709859eed0d030ff6daa34368d3b152a63dfdd8d"
dependencies = [
"libc",
"pyo3-build-config",
@@ -248,9 +255,9 @@
[[package]]
name = "pyo3-macros"
-version = "0.23.1"
+version = "0.23.5"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "fd4f74086536d1e1deaff99ec0387481fb3325c82e4e48be0e75ab3d3fcb487a"
+checksum = "fbc2201328f63c4710f68abdf653c89d8dbc2858b88c5d88b0ff38a75288a9da"
dependencies = [
"proc-macro2",
"pyo3-macros-backend",
@@ -260,9 +267,9 @@
[[package]]
name = "pyo3-macros-backend"
-version = "0.23.1"
+version = "0.23.5"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "9e77dfeb76b32bbf069144a5ea0a36176ab59c8db9ce28732d0f06f096bbfbc8"
+checksum = "fca6726ad0f3da9c9de093d6f116a93c1a38e417ed73bf138472cf4064f72028"
dependencies = [
"heck",
"proc-macro2",
@@ -273,9 +280,9 @@
[[package]]
name = "quote"
-version = "1.0.37"
+version = "1.0.38"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af"
+checksum = "0e4dccaaaf89514f546c693ddc140f729f958c247918a13380cccc6078391acc"
dependencies = [
"proc-macro2",
]
@@ -299,9 +306,9 @@
[[package]]
name = "syn"
-version = "2.0.87"
+version = "2.0.98"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "25aa4ce346d03a6dcd68dd8b4010bcb74e54e62c90c573f394c46eae99aba32d"
+checksum = "36147f1a48ae0ec2b5b3bc5b537d267457555a10dc06f3dbc8cb11ba3006d3b1"
dependencies = [
"proc-macro2",
"quote",
@@ -316,15 +323,15 @@
[[package]]
name = "typenum"
-version = "1.17.0"
+version = "1.18.0"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825"
+checksum = "1dccffe3ce07af9386bfd29e80c0ab1a8205a2fc34e4bcd40364df902cfa8f3f"
[[package]]
name = "unicode-ident"
-version = "1.0.13"
+version = "1.0.17"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "e91b56cd4cadaeb79bbf1a5645f6b4f8dc5bde8834ad5894a8db35fda9efa1fe"
+checksum = "00e2473a93778eb0bad35909dff6a10d28e63f792f16ed15e404fca9d5eeedbe"
[[package]]
name = "unindent"
@@ -340,9 +347,85 @@
[[package]]
name = "wasi"
-version = "0.11.0+wasi-snapshot-preview1"
+version = "0.13.3+wasi-0.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index";
+checksum = "26816d2e1a4a36a2940b96c5296ce403917633dff8f3440e9b236ed6f6bacad2"
+dependencies = [
+ "wit-bindgen-rt",
+]
+
+[[package]]
+name = "windows-targets"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index";
+checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973"
+dependencies = [
+ "windows_aarch64_gnullvm",
+ "windows_aarch64_msvc",
+ "windows_i686_gnu",
+ "windows_i686_gnullvm",
+ "windows_i686_msvc",
+ "windows_x86_64_gnu",
+ "windows_x86_64_gnullvm",
+ "windows_x86_64_msvc",
+]
+
+[[package]]
+name = "windows_aarch64_gnullvm"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index";
+checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3"
+
+[[package]]
+name = "windows_aarch64_msvc"
+version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
+checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469"
+
+[[package]]
+name = "windows_i686_gnu"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index";
+checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b"
+
+[[package]]
+name = "windows_i686_gnullvm"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index";
+checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66"
+
+[[package]]
+name = "windows_i686_msvc"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index";
+checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66"
+
+[[package]]
+name = "windows_x86_64_gnu"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index";
+checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78"
+
+[[package]]
+name = "windows_x86_64_gnullvm"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index";
+checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d"
+
+[[package]]
+name = "windows_x86_64_msvc"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index";
+checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec"
+
+[[package]]
+name = "wit-bindgen-rt"
+version = "0.33.0"
+source = "registry+https://github.com/rust-lang/crates.io-index";
+checksum = "3268f3d866458b787f390cf61f4bbb563b922d091359f9608842999eaee3943c"
+dependencies = [
+ "bitflags",
+]
[[package]]
name = "zeroize"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/src/_bcrypt/Cargo.toml
new/bcrypt-4.3.0/src/_bcrypt/Cargo.toml
--- old/bcrypt-4.2.1/src/_bcrypt/Cargo.toml 2024-11-19 21:03:02.000000000
+0100
+++ new/bcrypt-4.3.0/src/_bcrypt/Cargo.toml 2025-02-28 02:17:02.000000000
+0100
@@ -6,12 +6,12 @@
publish = false
[dependencies]
-pyo3 = { version = "0.23", features = ["abi3"] }
-bcrypt = "0.16"
+pyo3 = { version = "0.23.5", features = ["abi3"] }
+bcrypt = "0.17"
bcrypt-pbkdf = "0.10.0"
base64 = "0.22.1"
subtle = "2.6"
-getrandom = "0.2"
+getrandom = "0.3"
[features]
extension-module = ["pyo3/extension-module"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/src/_bcrypt/src/lib.rs
new/bcrypt-4.3.0/src/_bcrypt/src/lib.rs
--- old/bcrypt-4.2.1/src/_bcrypt/src/lib.rs 2024-11-19 21:03:02.000000000
+0100
+++ new/bcrypt-4.3.0/src/_bcrypt/src/lib.rs 2025-02-28 02:17:02.000000000
+0100
@@ -46,7 +46,7 @@
}
let mut salt = [0; 16];
- getrandom::getrandom(&mut salt).unwrap();
+ getrandom::fill(&mut salt).unwrap();
let encoded_salt = BASE64_ENGINE.encode(salt);
@@ -83,14 +83,14 @@
// salt here is not just the salt bytes, but rather an encoded value
// containing a version number, number of rounds, and the salt.
// Should be [prefix, cost, hash]. This logic is copied from `bcrypt`
- let raw_parts: Vec<_> = salt
+ let [raw_version, raw_cost, remainder]: [&[u8]; 3] = salt
.split(|&b| b == b'$')
.filter(|s| !s.is_empty())
- .collect();
- if raw_parts.len() != 3 {
- return Err(pyo3::exceptions::PyValueError::new_err("Invalid salt"));
- }
- let version = match raw_parts[0] {
+ .collect::<Vec<_>>()
+ .try_into()
+ .map_err(|_| pyo3::exceptions::PyValueError::new_err("Invalid salt"))?;
+
+ let version = match raw_version {
b"2y" => bcrypt::Version::TwoY,
b"2b" => bcrypt::Version::TwoB,
b"2a" => bcrypt::Version::TwoA,
@@ -99,15 +99,20 @@
return Err(pyo3::exceptions::PyValueError::new_err("Invalid
salt"));
}
};
- let cost = std::str::from_utf8(raw_parts[1])
+ let cost = std::str::from_utf8(raw_cost)
.map_err(|_| pyo3::exceptions::PyValueError::new_err("Invalid salt"))?
.parse::<u32>()
.map_err(|_| pyo3::exceptions::PyValueError::new_err("Invalid salt"))?;
+
+ if remainder.len() < 22 {
+ return Err(pyo3::exceptions::PyValueError::new_err("Invalid salt"));
+ }
+
// The last component can contain either just the salt, or the salt and
// the result hash, depending on if the `salt` value come from `hashpw` or
// `gensalt`.
let raw_salt = BASE64_ENGINE
- .decode(&raw_parts[2][..22])
+ .decode(&remainder[..22])
.map_err(|_| pyo3::exceptions::PyValueError::new_err("Invalid salt"))?
.try_into()
.map_err(|_| pyo3::exceptions::PyValueError::new_err("Invalid salt"))?;
@@ -177,7 +182,7 @@
})
}
-#[pyo3::pymodule]
+#[pyo3::pymodule(gil_used = false)]
mod _bcrypt {
use pyo3::types::PyModuleMethods;
@@ -197,14 +202,14 @@
// When updating this, also update pyproject.toml
// This isn't named __version__ because passlib treats the existence of
// that attribute as proof that we're a different module
- m.add("__version_ex__", "4.2.1")?;
+ m.add("__version_ex__", "4.3.0")?;
let author = "The Python Cryptographic Authority developers";
m.add("__author__", author)?;
m.add("__email__", "cryptography-...@python.org")?;
m.add("__license__", "Apache License, Version 2.0")?;
- m.add("__copyright__", format!("Copyright 2013-2024 {author}"))?;
+ m.add("__copyright__", format!("Copyright 2013-2025 {author}"))?;
Ok(())
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/src/bcrypt/__init__.py
new/bcrypt-4.3.0/src/bcrypt/__init__.py
--- old/bcrypt-4.2.1/src/bcrypt/__init__.py 2024-11-19 21:03:02.000000000
+0100
+++ new/bcrypt-4.3.0/src/bcrypt/__init__.py 2025-02-28 02:17:02.000000000
+0100
@@ -28,16 +28,16 @@
)
__all__ = [
- "gensalt",
- "hashpw",
- "checkpw",
- "kdf",
- "__title__",
- "__summary__",
- "__uri__",
- "__version__",
"__author__",
+ "__copyright__",
"__email__",
"__license__",
- "__copyright__",
+ "__summary__",
+ "__title__",
+ "__uri__",
+ "__version__",
+ "checkpw",
+ "gensalt",
+ "hashpw",
+ "kdf",
]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/src/bcrypt.egg-info/PKG-INFO
new/bcrypt-4.3.0/src/bcrypt.egg-info/PKG-INFO
--- old/bcrypt-4.2.1/src/bcrypt.egg-info/PKG-INFO 2024-11-19
21:03:09.000000000 +0100
+++ new/bcrypt-4.3.0/src/bcrypt.egg-info/PKG-INFO 2025-02-28
02:17:09.000000000 +0100
@@ -1,6 +1,6 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.2
Name: bcrypt
-Version: 4.2.1
+Version: 4.3.0
Summary: Modern password hashing for your software and your servers
Author-email: The Python Cryptographic Authority developers
<cryptography-...@python.org>
License: Apache-2.0
@@ -11,14 +11,13 @@
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3 :: Only
-Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
-Requires-Python: >=3.7
+Requires-Python: >=3.8
Description-Content-Type: text/x-rst
License-File: LICENSE
Provides-Extra: tests
@@ -79,6 +78,15 @@
Changelog
=========
+Unreleased
+----------
+
+* Dropped support for Python 3.7.
+* We now support free-threaded Python 3.13.
+* We now support PyPy 3.11.
+* We now publish wheels for free-threaded Python 3.13, for PyPy 3.11 on
+ ``manylinux``, and for ARMv7l on ``manylinux``.
+
4.2.1
-----
@@ -308,7 +316,7 @@
-------------
This library should be compatible with py-bcrypt and it will run on Python
-3.6+, and PyPy 3.
+3.8+ (including free-threaded builds), and PyPy 3.
Security
--------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/src/bcrypt.egg-info/SOURCES.txt
new/bcrypt-4.3.0/src/bcrypt.egg-info/SOURCES.txt
--- old/bcrypt-4.2.1/src/bcrypt.egg-info/SOURCES.txt 2024-11-19
21:03:09.000000000 +0100
+++ new/bcrypt-4.3.0/src/bcrypt.egg-info/SOURCES.txt 2025-02-28
02:17:09.000000000 +0100
@@ -2,8 +2,8 @@
LICENSE
MANIFEST.in
README.rst
+noxfile.py
pyproject.toml
-tox.ini
src/_bcrypt/Cargo.lock
src/_bcrypt/Cargo.toml
src/_bcrypt/src/lib.rs
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/tests/test_bcrypt.py
new/bcrypt-4.3.0/tests/test_bcrypt.py
--- old/bcrypt-4.2.1/tests/test_bcrypt.py 2024-11-19 21:03:02.000000000
+0100
+++ new/bcrypt-4.3.0/tests/test_bcrypt.py 2025-02-28 02:17:02.000000000
+0100
@@ -1,3 +1,6 @@
+import uuid
+from concurrent.futures import ThreadPoolExecutor
+
import pytest
import bcrypt
@@ -171,7 +174,7 @@
]
-def test_gensalt_basic(monkeypatch):
+def test_gensalt_basic():
salt = bcrypt.gensalt()
assert salt.startswith(b"$2b$12$")
@@ -219,7 +222,7 @@
bcrypt.gensalt(prefix=b"bad")
-def test_gensalt_2a_prefix(monkeypatch):
+def test_gensalt_2a_prefix():
salt = bcrypt.gensalt(prefix=b"2a")
assert salt.startswith(b"$2a$12$")
@@ -275,6 +278,8 @@
b"password",
b"$2b$3$mdEQPMOtfPX.WGZNXgF66OhmBlOGKEd66SQ7DyJPGucYYmvTJYviy",
)
+ with pytest.raises(ValueError):
+ bcrypt.checkpw(b"password", b"$2b$12$incorrect")
def test_checkpw_str_password():
@@ -492,3 +497,24 @@
)
== b"$2a$04$R1lJ2gkNaoPGdafE.H.16.1MKHPvmKwryeulRe225LKProWYwt9Oi"
)
+
+
+def test_multithreading():
+ def create_user(pw):
+ salt = bcrypt.gensalt(4)
+ hash_ = bcrypt.hashpw(pw, salt)
+ key = bcrypt.kdf(pw, salt, 32, 50)
+ assert bcrypt.checkpw(pw, hash_)
+ return (salt, hash_, key)
+
+ user_creator = ThreadPoolExecutor(max_workers=4)
+ pws = [uuid.uuid4().bytes for _ in range(50)]
+
+ futures = [user_creator.submit(create_user, pw) for pw in pws]
+
+ users = [future.result() for future in futures]
+
+ for pw, (salt, hash_, key) in zip(pws, users):
+ assert bcrypt.hashpw(pw, salt) == hash_
+ assert bcrypt.checkpw(pw, hash_)
+ assert bcrypt.kdf(pw, salt, 32, 50) == key
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bcrypt-4.2.1/tox.ini new/bcrypt-4.3.0/tox.ini
--- old/bcrypt-4.2.1/tox.ini 2024-11-19 21:03:02.000000000 +0100
+++ new/bcrypt-4.3.0/tox.ini 1970-01-01 01:00:00.000000000 +0100
@@ -1,43 +0,0 @@
-[tox]
-isolated_build = True
-
-[testenv]
-extras =
- tests
-deps =
- coverage
-passenv =
- RUSTUP_HOME
-commands =
- coverage run -m pytest --strict-markers {posargs}
- coverage combine
- coverage report -m --fail-under 100
-
-[testenv:pep8]
-deps =
- ruff
-commands =
- ruff check .
- ruff format --check .
-
-[testenv:mypy]
-extras =
- tests
-deps =
- mypy
-commands =
- mypy tests/
-
-[testenv:packaging]
-deps =
- setuptools-rust
- check-manifest
- readme_renderer
-commands =
- check-manifest
- python3 -m readme_renderer README.rst -o /dev/null
-
-
-[check-manifest]
-ignore =
- tests/reference/*
++++++ vendor.tar.gz ++++++
++++ 783778 lines of diff (skipped)
