---
- branch: MAIN
  date: Fri Apr 19 09:19:48 UTC 2024
  files:
  - new: '1.5'
    old: '1.4'
    path: pkgsrc/www/py-flask-security-too/Makefile
    pathrev: pkgsrc/www/py-flask-security-too/Makefile@1.5
    type: modified
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/www/py-flask-security-too/PLIST
    pathrev: pkgsrc/www/py-flask-security-too/PLIST@1.3
    type: modified
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/www/py-flask-security-too/distinfo
    pathrev: pkgsrc/www/py-flask-security-too/distinfo@1.3
    type: modified
  id: 20240419T091948Z.e057de0353746475bccc02409aeaf8e30c6ba58b
  log: |
    py-flask-security-too: updated to 5.4.3

    Version 5.4.3

    Fixes

    - (:issue:`950`) Regression - some templates no longer getting correct config (thanks pete7863).
    - (:issue:`954`) CSRF not properly ignored for application forms using SECURITY_CSRF_PROTECT_MECHANISMS.
    - (:pr:`957`) Improve jp translations (e-goto)
    - (:issue:`959`) Regression - datetime_factory should still be an attribute (thanks TimotheeJeannin)
    - (:issue:`942`) GENERIC_RESPONSES hide email validation/syntax errors.

    Version 5.4.2

    Fixes

    - (:issue:`946`) OpenAPI spec missing.
    - (:pr:`945`) Doc fixes (e-goto)
    - (:pr:`941`) Update ES/IT translations (gissimo)

    Version 5.4.0 & 5.4.1

    Among other changes, this continues the process of dis-entangling Flask-Security
    from Flask-Login and may require some application changes due to backwards incompatible changes.

    Features & Improvements

    - (:issue:`879`) Work with Flask[async]. view decorators and signals support async handlers.
    - (:pr:`900`) CI support for python 3.12
    - (:pr:`901`) Work with py_webauthn 2.0 (and only 2.0+)
    - (:pr:`899`) Improve (and simplify) Two-Factor setup. See below for backwards compatability issues and new functionality.
    - (:issue:`912`) Improve oauth debugging support. Handle next propagation in a more general way.
    - (:pr:`877`) Make AnonymousUser (Flask-Login) optional and deprecated.
    - (:pr:`906`) Remove undocumented and untested looking in session for possible 'next'
      redirect location.
    - (:pr:`881`) No longer rely on Flask-Login.unauthorized callback. See below for implications.
    - (:issue:`904`) Changes to default unauthorized handler - remove use of referrer header (see below) and document precise behavior.
    - (:pr:`927`) The authentication_token format has changed - adding per-token expiry time and future session ID.
      Old tokens are still accepted.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/py-flask-security-too'
  unixtime: '1713518388'
  user: adam