Closed dmathieu closed 8 years ago
cc @neilmiddleton @cyberdelia
nice
Can you add some info to the README on using Fernet 1.6 with this? Also, possibly some information on the 1.6 to 2.0 upgrade path
I just added information about the fernet version. In #8, a year ago, we took a different process, where 1.6 was considered deprecated but we provided a way to keep using it with old_decrypt
and old_encrypt
.
Unfortunately, that means we needed to embed the whole Fernet 1.6 under a different name. I'm not sure that's a very good idea anymore.
hrm. If I start using Fernet 2.0 on an app that's been using 1.6, is that bad? Will the decrypt's work?
No it won't. The encryption and decryption methods have changed.
Ok. That needs to be super clear in the readme
Was thinking about this. 1.6 needs to be the default for now. We can't push a new version of this and then have un-pinned users (if there are any) encrypting/decrypting badly. Moving to 2.0 needs to be explicit.
Closing as stale.
This aims to support both major versions of fernet.