Changelog
### 1.1.0
```
-------------
Released 2018-10-26
- Change default signing algorithm back to SHA-1. (`113`_)
- Added a default SHA-512 fallback for users who used the yanked 1.0.0
release which defaulted to SHA-512. (`114`_)
- Add support for fallback algorithms during deserialization to
support changing the default in the future without breaking existing
signatures. (`113`_)
- Changed capitalization of packages back to lowercase as the change
in capitalization broke some tooling. (`113`_)
.. _113: https://github.com/pallets/itsdangerous/pull/113
.. _114: https://github.com/pallets/itsdangerous/pull/114
```
### 1.0.0
```
-------------
Released 2018-10-18
YANKED
*Note*: This release was yanked from PyPI because it changed the default
algorithm to SHA-512. This decision was reverted in 1.1.0 and it remains
at SHA1.
- Drop support for Python 2.6 and 3.3.
- Refactor code from a single module to a package. Any object in the
API docs is still importable from the top-level ``itsdangerous``
name, but other imports will need to be changed. A future release
will remove many of these compatibility imports. (`107`_)
- Optimize how timestamps are serialized and deserialized. (`13`_)
- ``base64_decode`` raises ``BadData`` when it is passed invalid data.
(`27`_)
- Ensure value is bytes when signing to avoid a ``TypeError`` on
Python 3. (`29`_)
- Add a ``serializer_kwargs`` argument to ``Serializer``, which is
passed to ``dumps`` during ``dump_payload``. (`36`_)
- More compact JSON dumps for unicode strings. (`38`_)
- Use the full timestamp rather than an offset, allowing dates before
2011. (`46`_)
- Detect a ``sep`` character that may show up in the signature itself
and raise a ``ValueError``. (`62`_)
- Use a consistent signature for keyword arguments for
``Serializer.load_payload`` in subclasses. (`74`_, `75`_)
- Change default intermediate hash from SHA-1 to SHA-512. (`80`_)
- Convert JWS exp header to an int when loading. (`99`_)
.. _13: https://github.com/pallets/itsdangerous/pull/13
.. _27: https://github.com/pallets/itsdangerous/pull/27
.. _29: https://github.com/pallets/itsdangerous/issues/29
.. _36: https://github.com/pallets/itsdangerous/pull/36
.. _38: https://github.com/pallets/itsdangerous/issues/38
.. _46: https://github.com/pallets/itsdangerous/issues/46
.. _62: https://github.com/pallets/itsdangerous/issues/62
.. _74: https://github.com/pallets/itsdangerous/issues/74
.. _75: https://github.com/pallets/itsdangerous/pull/75
.. _80: https://github.com/pallets/itsdangerous/pull/80
.. _99: https://github.com/pallets/itsdangerous/pull/99
.. _107: https://github.com/pallets/itsdangerous/pull/107
```
Links
- PyPI: https://pypi.org/project/itsdangerous
- Changelog: https://pyup.io/changelogs/itsdangerous/
- Homepage: https://palletsprojects.com/p/itsdangerous/
- Docs: https://pythonhosted.org/itsdangerous/
This PR updates itsdangerous from 0.24 to 1.1.0.
Changelog
### 1.1.0 ``` ------------- Released 2018-10-26 - Change default signing algorithm back to SHA-1. (`113`_) - Added a default SHA-512 fallback for users who used the yanked 1.0.0 release which defaulted to SHA-512. (`114`_) - Add support for fallback algorithms during deserialization to support changing the default in the future without breaking existing signatures. (`113`_) - Changed capitalization of packages back to lowercase as the change in capitalization broke some tooling. (`113`_) .. _113: https://github.com/pallets/itsdangerous/pull/113 .. _114: https://github.com/pallets/itsdangerous/pull/114 ``` ### 1.0.0 ``` ------------- Released 2018-10-18 YANKED *Note*: This release was yanked from PyPI because it changed the default algorithm to SHA-512. This decision was reverted in 1.1.0 and it remains at SHA1. - Drop support for Python 2.6 and 3.3. - Refactor code from a single module to a package. Any object in the API docs is still importable from the top-level ``itsdangerous`` name, but other imports will need to be changed. A future release will remove many of these compatibility imports. (`107`_) - Optimize how timestamps are serialized and deserialized. (`13`_) - ``base64_decode`` raises ``BadData`` when it is passed invalid data. (`27`_) - Ensure value is bytes when signing to avoid a ``TypeError`` on Python 3. (`29`_) - Add a ``serializer_kwargs`` argument to ``Serializer``, which is passed to ``dumps`` during ``dump_payload``. (`36`_) - More compact JSON dumps for unicode strings. (`38`_) - Use the full timestamp rather than an offset, allowing dates before 2011. (`46`_) - Detect a ``sep`` character that may show up in the signature itself and raise a ``ValueError``. (`62`_) - Use a consistent signature for keyword arguments for ``Serializer.load_payload`` in subclasses. (`74`_, `75`_) - Change default intermediate hash from SHA-1 to SHA-512. (`80`_) - Convert JWS exp header to an int when loading. (`99`_) .. _13: https://github.com/pallets/itsdangerous/pull/13 .. _27: https://github.com/pallets/itsdangerous/pull/27 .. _29: https://github.com/pallets/itsdangerous/issues/29 .. _36: https://github.com/pallets/itsdangerous/pull/36 .. _38: https://github.com/pallets/itsdangerous/issues/38 .. _46: https://github.com/pallets/itsdangerous/issues/46 .. _62: https://github.com/pallets/itsdangerous/issues/62 .. _74: https://github.com/pallets/itsdangerous/issues/74 .. _75: https://github.com/pallets/itsdangerous/pull/75 .. _80: https://github.com/pallets/itsdangerous/pull/80 .. _99: https://github.com/pallets/itsdangerous/pull/99 .. _107: https://github.com/pallets/itsdangerous/pull/107 ```Links
- PyPI: https://pypi.org/project/itsdangerous - Changelog: https://pyup.io/changelogs/itsdangerous/ - Homepage: https://palletsprojects.com/p/itsdangerous/ - Docs: https://pythonhosted.org/itsdangerous/