Hello community, here is the log from the commit of package python-Flask-Security-Too for openSUSE:Factory checked in at 2020-04-05 20:56:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-Flask-Security-Too (Old) and /work/SRC/openSUSE:Factory/.python-Flask-Security-Too.new.3248 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Flask-Security-Too" Sun Apr 5 20:56:58 2020 rev:2 rq:791500 version:3.4.0 Changes: -------- --- /work/SRC/openSUSE:Factory/python-Flask-Security-Too/python-Flask-Security-Too.changes 2020-03-25 23:48:16.992052543 +0100 +++ /work/SRC/openSUSE:Factory/.python-Flask-Security-Too.new.3248/python-Flask-Security-Too.changes 2020-04-05 20:57:06.429414505 +0200 @@ -1,0 +2,15 @@ +Sun Apr 5 07:58:15 UTC 2020 - Tomáš Chvátal <tchva...@suse.com> + +- Update to 3.4.0: + * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. + * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. + * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. + * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. + * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. + * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). + * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) +- Enable the testing +- Add patch to not require mongodb during testing: + * no-mongodb.patch + +------------------------------------------------------------------- Old: ---- Flask-Security-Too-3.3.3.tar.gz New: ---- Flask-Security-Too-3.4.0.tar.gz no-mongodb.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-Flask-Security-Too.spec ++++++ --- /var/tmp/diff_new_pack.vBdanf/_old 2020-04-05 20:57:07.849416028 +0200 +++ /var/tmp/diff_new_pack.vBdanf/_new 2020-04-05 20:57:07.853416033 +0200 @@ -1,7 +1,7 @@ # # spec file for package python-Flask-Security-Too # -# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,43 +12,60 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# %define skip_python2 1 %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-Flask-Security-Too -Version: 3.3.3 +Version: 3.4.0 Release: 0 -License: MIT Summary: Security for Flask apps -Url: https://github.com/jwag956/flask-security +License: MIT +URL: https://github.com/jwag956/flask-security Source: https://files.pythonhosted.org/packages/source/F/Flask-Security-Too/Flask-Security-Too-%{version}.tar.gz -BuildRequires: python-rpm-macros -BuildRequires: %{python_module setuptools} +Patch0: no-mongodb.patch BuildRequires: %{python_module Babel >= 1.3} +BuildRequires: %{python_module Flask >= 1.0.2} +BuildRequires: %{python_module Flask-BabelEx >= 0.9.3} +BuildRequires: %{python_module Flask-Login >= 0.4.1} +BuildRequires: %{python_module Flask-Mail >= 0.9.1} +BuildRequires: %{python_module Flask-Principal >= 0.4.0} +BuildRequires: %{python_module Flask-SQLAlchemy >= 2.3} +BuildRequires: %{python_module Flask-WTF >= 0.14.0} +BuildRequires: %{python_module PyQRCode >= 1.2} +BuildRequires: %{python_module SQLAlchemy >= 1.2.6} +BuildRequires: %{python_module Werkzeug >= 0.15.5} +BuildRequires: %{python_module argon2_cffi >= 19.1.0} +BuildRequires: %{python_module bcrypt >= 3.1.5} +BuildRequires: %{python_module cachetools >= 3.1.0} +BuildRequires: %{python_module itsdangerous >= 1.1.0} +BuildRequires: %{python_module mock} +BuildRequires: %{python_module passlib >= 1.7.1} +BuildRequires: %{python_module peewee >= 3.11.2} +BuildRequires: %{python_module phonenumbers >= 8.11.1} +BuildRequires: %{python_module pony >= 0.7.11} BuildRequires: %{python_module pytest-runner >= 2.6.2} +BuildRequires: %{python_module setuptools} BuildRequires: %{python_module twine} BuildRequires: %{python_module wheel} +BuildRequires: %{python_module zxcvbn >= 4.4.28} BuildRequires: fdupes +BuildRequires: python-rpm-macros Requires: python-Flask >= 1.0.2 Requires: python-Flask-BabelEx >= 0.9.3 Requires: python-Flask-Login >= 0.4.1 Requires: python-Flask-Mail >= 0.9.1 Requires: python-Flask-Principal >= 0.4.0 Requires: python-Flask-WTF >= 0.14.2 +Requires: python-Werkzeug >= 0.15.5 Requires: python-itsdangerous >= 1.1.0 Requires: python-passlib >= 1.7.1 -Requires: python-Werkzeug >= 0.15.5 -Requires: python-speaklater -Suggests: python-Flask-SQLAlchemy >= 2.3 -Suggests: python-bcrypt >= 3.1.5 -Suggests: python-SQLAlchemy >= 1.2.6 Conflicts: python-Flask-Security < 3.2.0 Obsoletes: python-Flask-Security < 3.2.0 Provides: python-Flask-Security = %{version} BuildArch: noarch - %python_subpackages %description @@ -58,6 +75,8 @@ %prep %setup -q -n Flask-Security-Too-%{version} +%patch0 -p1 +rm pytest.ini %build %python_build @@ -67,7 +86,7 @@ %python_expand %fdupes %{buildroot}%{$python_sitelib} %check -# Tests were disabled, just like in python-Flask-Security +%pytest %files %{python_files} %doc AUTHORS CHANGES.rst README.rst ++++++ Flask-Security-Too-3.3.3.tar.gz -> Flask-Security-Too-3.4.0.tar.gz ++++++ ++++ 20340 lines of diff (skipped) ++++++ no-mongodb.patch ++++++ Index: Flask-Security-Too-3.4.0/tests/conftest.py =================================================================== --- Flask-Security-Too-3.4.0.orig/tests/conftest.py +++ Flask-Security-Too-3.4.0/tests/conftest.py @@ -617,7 +617,7 @@ def get_message(app): @pytest.fixture( - params=["sqlalchemy", "sqlalchemy-session", "mongoengine", "peewee", "pony"] + params=["sqlalchemy", "sqlalchemy-session", "peewee", "pony"] ) def datastore(request, app, tmpdir, realdburl): if request.param == "sqlalchemy":