Changelog
### 2.2.0
```
-------------
Released 2024-04-16
- Drop support for Python 3.7. :pr:`372`
- Use modern packaging metadata with ``pyproject.toml`` instead of ``setup.cfg``.
:pr:`326`
- Use ``flit_core`` instead of ``setuptools`` as build backend.
- Deprecate the ``__version__`` attribute. Use feature detection, or
``importlib.metadata.version("itsdangerous")``, instead. :issue:`371`
- ``Serializer`` and the return type of ``dumps`` is generic for type checking.
By default it is ``Serializer[str]`` and ``dumps`` returns a ``str``. If a
different ``serializer`` argument is given, it will try to infer the return
type of its ``dumps`` method. :issue:`347`
- The default ``hashlib.sha1`` may not be available in FIPS builds. Don't
access it at import time so the developer has time to change the default.
:issue:`375`
```
### 2.1.2
```
-------------
Released 2022-03-24
- Handle date overflow in timed unsign on 32-bit systems. :pr:`299`
```
### 2.1.1
```
-------------
Released 2022-03-09
- Handle date overflow in timed unsign. :pr:`296`
```
### 2.1.0
```
-------------
Released 2022-02-17
- Drop support for Python 3.6. :pr:`272`
- Remove previously deprecated code. :pr:`273`
- JWS functionality: Use a dedicated library such as Authlib
instead.
- ``import itsdangerous.json``: Import ``json`` from the standard
library instead.
```
### 2.0.1
```
-------------
Released 2021-05-18
- Mark top-level names as exported so type checking understands
imports in user projects. :pr:`240`
- The ``salt`` argument to ``Serializer`` and ``Signer`` can be
``None`` again. :issue:`237`
```
### 2.0.0
```
-------------
Released 2021-05-11
- Drop support for Python 2 and 3.5.
- JWS support (``JSONWebSignatureSerializer``,
``TimedJSONWebSignatureSerializer``) is deprecated. Use a dedicated
JWS/JWT library such as authlib instead. :issue:`129`
- Importing ``itsdangerous.json`` is deprecated. Import Python's
``json`` module instead. :pr:`152`
- Simplejson is no longer used if it is installed. To use a different
library, pass it as ``Serializer(serializer=...)``. :issue:`146`
- ``datetime`` values are timezone-aware with ``timezone.utc``. Code
using ``TimestampSigner.unsign(return_timestamp=True)`` or
``BadTimeSignature.date_signed`` may need to change. :issue:`150`
- If a signature has an age less than 0, it will raise
``SignatureExpired`` rather than appearing valid. This can happen if
the timestamp offset is changed. :issue:`126`
- ``BadTimeSignature.date_signed`` is always a ``datetime`` object
rather than an ``int`` in some cases. :issue:`124`
- Added support for key rotation. A list of keys can be passed as
``secret_key``, oldest to newest. The newest key is used for
signing, all keys are tried for unsigning. :pr:`141`
- Removed the default SHA-512 fallback signer from
``default_fallback_signers``. :issue:`155`
- Add type information for static typing tools. :pr:`186`
```
Links
- PyPI: https://pypi.org/project/itsdangerous
- Changelog: https://data.safetycli.com/changelogs/itsdangerous/
This PR updates itsdangerous from 1.1.0 to 2.2.0.
Changelog
### 2.2.0 ``` ------------- Released 2024-04-16 - Drop support for Python 3.7. :pr:`372` - Use modern packaging metadata with ``pyproject.toml`` instead of ``setup.cfg``. :pr:`326` - Use ``flit_core`` instead of ``setuptools`` as build backend. - Deprecate the ``__version__`` attribute. Use feature detection, or ``importlib.metadata.version("itsdangerous")``, instead. :issue:`371` - ``Serializer`` and the return type of ``dumps`` is generic for type checking. By default it is ``Serializer[str]`` and ``dumps`` returns a ``str``. If a different ``serializer`` argument is given, it will try to infer the return type of its ``dumps`` method. :issue:`347` - The default ``hashlib.sha1`` may not be available in FIPS builds. Don't access it at import time so the developer has time to change the default. :issue:`375` ``` ### 2.1.2 ``` ------------- Released 2022-03-24 - Handle date overflow in timed unsign on 32-bit systems. :pr:`299` ``` ### 2.1.1 ``` ------------- Released 2022-03-09 - Handle date overflow in timed unsign. :pr:`296` ``` ### 2.1.0 ``` ------------- Released 2022-02-17 - Drop support for Python 3.6. :pr:`272` - Remove previously deprecated code. :pr:`273` - JWS functionality: Use a dedicated library such as Authlib instead. - ``import itsdangerous.json``: Import ``json`` from the standard library instead. ``` ### 2.0.1 ``` ------------- Released 2021-05-18 - Mark top-level names as exported so type checking understands imports in user projects. :pr:`240` - The ``salt`` argument to ``Serializer`` and ``Signer`` can be ``None`` again. :issue:`237` ``` ### 2.0.0 ``` ------------- Released 2021-05-11 - Drop support for Python 2 and 3.5. - JWS support (``JSONWebSignatureSerializer``, ``TimedJSONWebSignatureSerializer``) is deprecated. Use a dedicated JWS/JWT library such as authlib instead. :issue:`129` - Importing ``itsdangerous.json`` is deprecated. Import Python's ``json`` module instead. :pr:`152` - Simplejson is no longer used if it is installed. To use a different library, pass it as ``Serializer(serializer=...)``. :issue:`146` - ``datetime`` values are timezone-aware with ``timezone.utc``. Code using ``TimestampSigner.unsign(return_timestamp=True)`` or ``BadTimeSignature.date_signed`` may need to change. :issue:`150` - If a signature has an age less than 0, it will raise ``SignatureExpired`` rather than appearing valid. This can happen if the timestamp offset is changed. :issue:`126` - ``BadTimeSignature.date_signed`` is always a ``datetime`` object rather than an ``int`` in some cases. :issue:`124` - Added support for key rotation. A list of keys can be passed as ``secret_key``, oldest to newest. The newest key is used for signing, all keys are tried for unsigning. :pr:`141` - Removed the default SHA-512 fallback signer from ``default_fallback_signers``. :issue:`155` - Add type information for static typing tools. :pr:`186` ```Links
- PyPI: https://pypi.org/project/itsdangerous - Changelog: https://data.safetycli.com/changelogs/itsdangerous/