Hello community, here is the log from the commit of package python-bcrypt for openSUSE:Factory checked in at 2019-03-04 09:10:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-bcrypt (Old) and /work/SRC/openSUSE:Factory/.python-bcrypt.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-bcrypt" Mon Mar 4 09:10:58 2019 rev:5 rq:680464 version:3.1.6 Changes: -------- --- /work/SRC/openSUSE:Factory/python-bcrypt/python-bcrypt.changes 2018-08-31 09:51:52.669597728 +0200 +++ /work/SRC/openSUSE:Factory/.python-bcrypt.new.28833/python-bcrypt.changes 2019-03-04 09:11:00.600701546 +0100 @@ -1,0 +2,10 @@ +Fri Mar 1 11:19:33 UTC 2019 - Tomáš Chvátal <[email protected]> + +- Update to 3.1.5: + * Added support for compilation on Haiku. + * Added support for compilation on AIX. + * Dropped Python 2.6 and 3.3 support. + * Switched to using ``abi3`` wheels for Python 3. If you are not getting a + wheel on a compatible platform please upgrade your ``pip`` version. + +------------------------------------------------------------------- Old: ---- bcrypt-3.1.4.tar.gz New: ---- bcrypt-3.1.6.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-bcrypt.spec ++++++ --- /var/tmp/diff_new_pack.WALotJ/_old 2019-03-04 09:11:01.212701443 +0100 +++ /var/tmp/diff_new_pack.WALotJ/_new 2019-03-04 09:11:01.216701442 +0100 @@ -1,7 +1,7 @@ # # spec file for package python-bcrypt # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2016, Martin Hauke <[email protected]> # # All modifications and additions to the file contributed by third parties @@ -13,30 +13,30 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # %{?!python_module:%define python_module() python-%{**} python3-%{**}} %define oldpython python Name: python-bcrypt -Version: 3.1.4 +Version: 3.1.6 Release: 0 Summary: BSD type 2a and 2b password hashing License: Apache-2.0 Group: Development/Languages/Python URL: https://github.com/pyca/bcrypt/ Source: https://files.pythonhosted.org/packages/source/b/bcrypt/bcrypt-%{version}.tar.gz -BuildRequires: %{python_module cffi} +BuildRequires: %{python_module cffi >= 1.1} BuildRequires: %{python_module devel} BuildRequires: %{python_module pytest >= 3.2.1} BuildRequires: %{python_module setuptools} -BuildRequires: %{python_module six} +BuildRequires: %{python_module six >= 1.4.1} BuildRequires: fdupes BuildRequires: pkgconfig BuildRequires: python-rpm-macros BuildRequires: pkgconfig(libffi) -Requires: python-six +Requires: python-six >= 1.4.1 %requires_eq python-cffi Provides: python-py-bcrypt = %{version} Obsoletes: python-py-bcrypt < %{version} ++++++ bcrypt-3.1.4.tar.gz -> bcrypt-3.1.6.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/MANIFEST.in new/bcrypt-3.1.6/MANIFEST.in --- old/bcrypt-3.1.4/MANIFEST.in 2017-10-11 13:51:28.000000000 +0200 +++ new/bcrypt-3.1.6/MANIFEST.in 2019-01-16 16:34:17.000000000 +0100 @@ -1,5 +1,7 @@ include LICENSE README.rst +include pyproject.toml + include tox.ini .coveragerc include src/build_bcrypt.py diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/PKG-INFO new/bcrypt-3.1.6/PKG-INFO --- old/bcrypt-3.1.4/PKG-INFO 2017-10-11 14:10:25.000000000 +0200 +++ new/bcrypt-3.1.6/PKG-INFO 2019-01-16 16:46:42.000000000 +0100 @@ -1,23 +1,22 @@ -Metadata-Version: 1.1 +Metadata-Version: 2.1 Name: bcrypt -Version: 3.1.4 +Version: 3.1.6 Summary: Modern password hashing for your software and your servers Home-page: https://github.com/pyca/bcrypt/ Author: The Python Cryptographic Authority developers Author-email: [email protected] License: Apache License, Version 2.0 -Description-Content-Type: UNKNOWN Description: bcrypt ====== .. image:: https://img.shields.io/pypi/v/bcrypt.svg - :target: https://pypi.python.org/pypi/bcrypt/ + :target: https://pypi.org/project/bcrypt/ :alt: Latest Version .. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master :target: https://travis-ci.org/pyca/bcrypt - Modern password hashing for your software and your servers + Good password hashing for your software and your servers Installation @@ -43,9 +42,27 @@ $ sudo yum install gcc libffi-devel python-devel + Alternatives + ============ + + While bcrypt remains a good choice for password storage depending on your specific use case you may also want to consider using scrypt (either via `standard library`_ or `cryptography`_) or argon2id via `argon2_cffi`_. + Changelog ========= + 3.1.6 + ----- + + * Added support for compilation on Haiku. + + 3.1.5 + ----- + + * Added support for compilation on AIX. + * Dropped Python 2.6 and 3.3 support. + * Switched to using ``abi3`` wheels for Python 3. If you are not getting a + wheel on a compatible platform please upgrade your ``pip`` version. + 3.1.4 ----- @@ -172,7 +189,7 @@ ------------- This library should be compatible with py-bcrypt and it will run on Python - 2.6+, 3.3+, and PyPy 2.6+. + 2.7, 3.4+, and PyPy 2.6+. C Code ------ @@ -186,15 +203,21 @@ identify a vulnerability, we ask you to contact us privately. .. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/ + .. _`standard library`: https://docs.python.org/3/library/hashlib.html#hashlib.scrypt + .. _`argon2_cffi`: https://argon2-cffi.readthedocs.io + .. _`cryptography`: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions/#cryptography.hazmat.primitives.kdf.scrypt.Scrypt Platform: UNKNOWN +Classifier: Development Status :: 5 - Production/Stable +Classifier: License :: OSI Approved :: Apache Software License Classifier: Programming Language :: Python :: Implementation :: CPython Classifier: Programming Language :: Python :: Implementation :: PyPy Classifier: Programming Language :: Python :: 2 -Classifier: Programming Language :: Python :: 2.6 Classifier: Programming Language :: Python :: 2.7 Classifier: Programming Language :: Python :: 3 -Classifier: Programming Language :: Python :: 3.3 Classifier: Programming Language :: Python :: 3.4 Classifier: Programming Language :: Python :: 3.5 Classifier: Programming Language :: Python :: 3.6 +Classifier: Programming Language :: Python :: 3.7 +Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.* +Provides-Extra: tests diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/README.rst new/bcrypt-3.1.6/README.rst --- old/bcrypt-3.1.4/README.rst 2017-10-11 14:07:42.000000000 +0200 +++ new/bcrypt-3.1.6/README.rst 2019-01-16 16:44:06.000000000 +0100 @@ -2,13 +2,13 @@ ====== .. image:: https://img.shields.io/pypi/v/bcrypt.svg - :target: https://pypi.python.org/pypi/bcrypt/ + :target: https://pypi.org/project/bcrypt/ :alt: Latest Version .. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master :target: https://travis-ci.org/pyca/bcrypt -Modern password hashing for your software and your servers +Good password hashing for your software and your servers Installation @@ -34,9 +34,27 @@ $ sudo yum install gcc libffi-devel python-devel +Alternatives +============ + +While bcrypt remains a good choice for password storage depending on your specific use case you may also want to consider using scrypt (either via `standard library`_ or `cryptography`_) or argon2id via `argon2_cffi`_. + Changelog ========= +3.1.6 +----- + +* Added support for compilation on Haiku. + +3.1.5 +----- + +* Added support for compilation on AIX. +* Dropped Python 2.6 and 3.3 support. +* Switched to using ``abi3`` wheels for Python 3. If you are not getting a + wheel on a compatible platform please upgrade your ``pip`` version. + 3.1.4 ----- @@ -163,7 +181,7 @@ ------------- This library should be compatible with py-bcrypt and it will run on Python -2.6+, 3.3+, and PyPy 2.6+. +2.7, 3.4+, and PyPy 2.6+. C Code ------ @@ -177,3 +195,6 @@ identify a vulnerability, we ask you to contact us privately. .. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/ +.. _`standard library`: https://docs.python.org/3/library/hashlib.html#hashlib.scrypt +.. _`argon2_cffi`: https://argon2-cffi.readthedocs.io +.. _`cryptography`: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions/#cryptography.hazmat.primitives.kdf.scrypt.Scrypt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/pyproject.toml new/bcrypt-3.1.6/pyproject.toml --- old/bcrypt-3.1.4/pyproject.toml 1970-01-01 01:00:00.000000000 +0100 +++ new/bcrypt-3.1.6/pyproject.toml 2019-01-16 16:34:17.000000000 +0100 @@ -0,0 +1,7 @@ +[build-system] +# Must be kept in sync with `setup_requirements` in `setup.py` +requires = [ + "setuptools", + "wheel", + "cffi>=1.1; python_implementation != 'PyPy'", +] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/setup.cfg new/bcrypt-3.1.6/setup.cfg --- old/bcrypt-3.1.4/setup.cfg 2017-10-11 14:10:25.000000000 +0200 +++ new/bcrypt-3.1.6/setup.cfg 2019-01-16 16:46:42.000000000 +0100 @@ -1,3 +1,6 @@ +[metadata] +license_file = LICENSE + [egg_info] tag_build = tag_date = 0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/setup.py new/bcrypt-3.1.6/setup.py --- old/bcrypt-3.1.4/setup.py 2017-10-11 13:51:28.000000000 +0200 +++ new/bcrypt-3.1.6/setup.py 2019-01-16 16:34:17.000000000 +0100 @@ -200,17 +200,18 @@ author=__about__["__author__"], author_email=__about__["__email__"], + python_requires=">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*", install_requires=[ CFFI_DEPENDENCY, SIX_DEPENDENCY, ], extras_require={ "tests": [ - "pytest>=3.2.1", + "pytest>=3.2.1,!=3.3.0", ], }, tests_require=[ - "pytest>=3.2.1", + "pytest>=3.2.1,!=3.3.0", ], package_dir={"": "src"}, @@ -221,16 +222,17 @@ zip_safe=False, classifiers=[ + "Development Status :: 5 - Production/Stable", + "License :: OSI Approved :: Apache Software License", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", "Programming Language :: Python :: 2", - "Programming Language :: Python :: 2.6", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", + "Programming Language :: Python :: 3.7", ], ext_package="bcrypt", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/src/_csrc/portable_endian.h new/bcrypt-3.1.6/src/_csrc/portable_endian.h --- old/bcrypt-3.1.4/src/_csrc/portable_endian.h 2017-10-11 13:51:28.000000000 +0200 +++ new/bcrypt-3.1.6/src/_csrc/portable_endian.h 2019-01-16 16:34:17.000000000 +0100 @@ -94,6 +94,10 @@ # include <sys/endian.h> +#elif defined(__HAIKU__) + +# include <endian.h> + #elif defined(__NetBSD__) || defined(__FreeBSD__) || defined(__DragonFly__) # include <sys/endian.h> @@ -180,6 +184,35 @@ # define be64toh(x) BE_64(x) # define le64toh(x) LE_64(x) +#elif defined _AIX /* AIX is always big endian */ +# define be64toh(x) (x) +# define be32toh(x) (x) +# define be16toh(x) (x) +# define le32toh(x) \ + ((((x) & 0xff) << 24) | \ + (((x) & 0xff00) << 8) | \ + (((x) & 0xff0000) >> 8) | \ + (((x) & 0xff000000) >> 24)) +# define le64toh(x) \ + ((((x) & 0x00000000000000ffL) << 56) | \ + (((x) & 0x000000000000ff00L) << 40) | \ + (((x) & 0x0000000000ff0000L) << 24) | \ + (((x) & 0x00000000ff000000L) << 8) | \ + (((x) & 0x000000ff00000000L) >> 8) | \ + (((x) & 0x0000ff0000000000L) >> 24) | \ + (((x) & 0x00ff000000000000L) >> 40) | \ + (((x) & 0xff00000000000000L) >> 56)) +# ifndef htobe64 +# define htobe64(x) be64toh(x) +# endif +# ifndef htobe32 +# define htobe32(x) be32toh(x) +# endif +# ifndef htobe16 +# define htobe16(x) be16toh(x) +# endif + + #else # error platform not supported diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/src/bcrypt/__about__.py new/bcrypt-3.1.6/src/bcrypt/__about__.py --- old/bcrypt-3.1.4/src/bcrypt/__about__.py 2017-10-11 14:07:42.000000000 +0200 +++ new/bcrypt-3.1.6/src/bcrypt/__about__.py 2019-01-16 16:44:06.000000000 +0100 @@ -26,7 +26,7 @@ __summary__ = "Modern password hashing for your software and your servers" __uri__ = "https://github.com/pyca/bcrypt/"; -__version__ = "3.1.4" +__version__ = "3.1.6" __author__ = "The Python Cryptographic Authority developers" __email__ = "[email protected]" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/src/bcrypt/__init__.py new/bcrypt-3.1.6/src/bcrypt/__init__.py --- old/bcrypt-3.1.4/src/bcrypt/__init__.py 2017-10-11 13:51:28.000000000 +0200 +++ new/bcrypt-3.1.6/src/bcrypt/__init__.py 2019-01-16 16:34:17.000000000 +0100 @@ -22,8 +22,7 @@ import six -from bcrypt import _bcrypt - +from . import _bcrypt from .__about__ import ( __author__, __copyright__, __email__, __license__, __summary__, __title__, __uri__, __version__, @@ -134,7 +133,9 @@ "Warning: bcrypt.kdf() called with only {0} round(s). " "This few is not secure: the parameter is linear, like PBKDF2.") .format(rounds), - UserWarning) + UserWarning, + stacklevel=2, + ) key = _bcrypt.ffi.new("uint8_t[]", desired_key_bytes) res = _bcrypt.lib.bcrypt_pbkdf( diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/src/bcrypt.egg-info/PKG-INFO new/bcrypt-3.1.6/src/bcrypt.egg-info/PKG-INFO --- old/bcrypt-3.1.4/src/bcrypt.egg-info/PKG-INFO 2017-10-11 14:10:25.000000000 +0200 +++ new/bcrypt-3.1.6/src/bcrypt.egg-info/PKG-INFO 2019-01-16 16:46:42.000000000 +0100 @@ -1,23 +1,22 @@ -Metadata-Version: 1.1 +Metadata-Version: 2.1 Name: bcrypt -Version: 3.1.4 +Version: 3.1.6 Summary: Modern password hashing for your software and your servers Home-page: https://github.com/pyca/bcrypt/ Author: The Python Cryptographic Authority developers Author-email: [email protected] License: Apache License, Version 2.0 -Description-Content-Type: UNKNOWN Description: bcrypt ====== .. image:: https://img.shields.io/pypi/v/bcrypt.svg - :target: https://pypi.python.org/pypi/bcrypt/ + :target: https://pypi.org/project/bcrypt/ :alt: Latest Version .. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master :target: https://travis-ci.org/pyca/bcrypt - Modern password hashing for your software and your servers + Good password hashing for your software and your servers Installation @@ -43,9 +42,27 @@ $ sudo yum install gcc libffi-devel python-devel + Alternatives + ============ + + While bcrypt remains a good choice for password storage depending on your specific use case you may also want to consider using scrypt (either via `standard library`_ or `cryptography`_) or argon2id via `argon2_cffi`_. + Changelog ========= + 3.1.6 + ----- + + * Added support for compilation on Haiku. + + 3.1.5 + ----- + + * Added support for compilation on AIX. + * Dropped Python 2.6 and 3.3 support. + * Switched to using ``abi3`` wheels for Python 3. If you are not getting a + wheel on a compatible platform please upgrade your ``pip`` version. + 3.1.4 ----- @@ -172,7 +189,7 @@ ------------- This library should be compatible with py-bcrypt and it will run on Python - 2.6+, 3.3+, and PyPy 2.6+. + 2.7, 3.4+, and PyPy 2.6+. C Code ------ @@ -186,15 +203,21 @@ identify a vulnerability, we ask you to contact us privately. .. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/ + .. _`standard library`: https://docs.python.org/3/library/hashlib.html#hashlib.scrypt + .. _`argon2_cffi`: https://argon2-cffi.readthedocs.io + .. _`cryptography`: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions/#cryptography.hazmat.primitives.kdf.scrypt.Scrypt Platform: UNKNOWN +Classifier: Development Status :: 5 - Production/Stable +Classifier: License :: OSI Approved :: Apache Software License Classifier: Programming Language :: Python :: Implementation :: CPython Classifier: Programming Language :: Python :: Implementation :: PyPy Classifier: Programming Language :: Python :: 2 -Classifier: Programming Language :: Python :: 2.6 Classifier: Programming Language :: Python :: 2.7 Classifier: Programming Language :: Python :: 3 -Classifier: Programming Language :: Python :: 3.3 Classifier: Programming Language :: Python :: 3.4 Classifier: Programming Language :: Python :: 3.5 Classifier: Programming Language :: Python :: 3.6 +Classifier: Programming Language :: Python :: 3.7 +Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.* +Provides-Extra: tests diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/src/bcrypt.egg-info/SOURCES.txt new/bcrypt-3.1.6/src/bcrypt.egg-info/SOURCES.txt --- old/bcrypt-3.1.4/src/bcrypt.egg-info/SOURCES.txt 2017-10-11 14:10:25.000000000 +0200 +++ new/bcrypt-3.1.6/src/bcrypt.egg-info/SOURCES.txt 2019-01-16 16:46:42.000000000 +0100 @@ -2,6 +2,8 @@ LICENSE MANIFEST.in README.rst +pyproject.toml +setup.cfg setup.py tox.ini src/build_bcrypt.py diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/src/bcrypt.egg-info/requires.txt new/bcrypt-3.1.6/src/bcrypt.egg-info/requires.txt --- old/bcrypt-3.1.4/src/bcrypt.egg-info/requires.txt 2017-10-11 14:10:25.000000000 +0200 +++ new/bcrypt-3.1.6/src/bcrypt.egg-info/requires.txt 2019-01-16 16:46:42.000000000 +0100 @@ -2,4 +2,4 @@ six>=1.4.1 [tests] -pytest>=3.2.1 +pytest!=3.3.0,>=3.2.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/tests/test_bcrypt.py new/bcrypt-3.1.6/tests/test_bcrypt.py --- old/bcrypt-3.1.4/tests/test_bcrypt.py 2017-10-11 13:51:28.000000000 +0200 +++ new/bcrypt-3.1.6/tests/test_bcrypt.py 2019-01-16 16:34:17.000000000 +0100 @@ -400,7 +400,9 @@ b"\x43\x66\x6c\x9b\x09\xef\x33\xed\x8c\x27\xe8\xe8\xf3\xe2\xd8\xe6" ]]) def test_kdf(rounds, password, salt, expected): - derived = bcrypt.kdf(password, salt, len(expected), rounds) + derived = bcrypt.kdf( + password, salt, len(expected), rounds, ignore_few_rounds=True + ) assert derived == expected diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/tox.ini new/bcrypt-3.1.6/tox.ini --- old/bcrypt-3.1.4/tox.ini 2017-10-11 13:51:28.000000000 +0200 +++ new/bcrypt-3.1.6/tox.ini 2019-01-16 16:34:17.000000000 +0100 @@ -1,5 +1,5 @@ [tox] -envlist = py26,py27,pypy,py33,py34,py35,py36,pep8,py3pep8,packaging +envlist = py27,pypy,py34,py35,py36,py37,pep8,py3pep8,packaging [testenv] extras = @@ -37,6 +37,7 @@ [flake8] +ignore = W504 exclude = .tox,*.egg select = E,W,F,N,I application-import-names = bcrypt,tests
