Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_16025038239080"
MIME-Version: 1.0
Date: Mon, 12 Oct 2020 11:57:03 +0000
From: "Adam Ciarcinski" <adam@netbsd.org>
Subject: CVS commit: pkgsrc/security/py-passlib
To: pkgsrc-changes@NetBSD.org
Reply-To: adam@netbsd.org
Message-Id: <20201012115703.2B623FB28@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
Precedence: bulk

This is a multi-part message in MIME format.

--_----------=_16025038239080
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	adam
Date:		Mon Oct 12 11:57:03 UTC 2020

Modified Files:
	pkgsrc/security/py-passlib: Makefile distinfo

Log Message:
py-passlib: updated to 1.7.4

**1.7.4** (2020-10-08)
======================

Small followup to 1.7.3 release.

Bugfixes
--------

* Fixed some Python 2.6 errors from last release (:issue:`128`)

Other Changes
-------------

* :mod:`passlib.ext.django` -- updated tests to pass for Django 1.8 - 3.1 (:issue:`98`);
  along with some internal refactoring of the test classes.

* .. py:currentmodule:: passlib.context

  :class:`CryptContext` will now throw :exc:`~passlib.exc.UnknownHashError` when it can't identify
  a hash provided to methods such as :meth:`!CryptContext.verify`.
  Previously it would throw a generic :exc:`ValueError`.

Deprecations
------------

* :mod:`passlib.ext.django`: This extension will require Django 2.2 or newer as of Passlib 1.8.

**1.7.3** (2020-10-06)
======================

This release rolls up assorted bug & compatibility fixes since 1.7.2.

Administrative Changes
----------------------

.. rst-class:: without-title

.. note::

  **Passlib has moved to Heptapod!**

  Due to BitBucket deprecating Mercurial support, Passlib's public repository and issue tracker
  has been relocated.  It's now located at `<https://foss.heptapod.net/python-libs/passlib>`_,
  and is powered by `Heptapod <https://heptapod.net/>`_.

  Hosting for this and other open-source projects graciously provided by the people at
  `Octobus <https://octobus.net/>`_ and `CleverCloud <https://clever-cloud.com/>`_!

  The mailing list and documentation urls remain the same.

New Features
------------

* .. py:currentmodule:: passlib.hash

  :class:`ldap_salted_sha512`: LDAP "salted hash" support added for SHA-256 and SHA-512 (:issue:`124`).

Bugfixes
--------

* .. py:currentmodule:: passlib.hash

  :class:`bcrypt`: Under python 3, OS native backend wasn't being detected on BSD platforms.
  This was due to a few internal issues in feature-detection code, which have been fixed.

* :func:`passlib.utils.safe_crypt`: Support :func:`crypt.crypt` unexpectedly
  returning bytes under Python 3 (:issue:`113`).

* :func:`passlib.utils.safe_crypt`: Support :func:`crypt.crypt` throwing :exc:`OSError`,
  which can happen as of Python 3.9 (:issue:`115`).

* :mod:`passlib.ext.django`: fixed lru_cache import (django 3 compatibility)

* :mod:`!passlib.tests`: fixed bug where :meth:`HandlerCase.test_82_crypt_support` wasn't
  being run on systems lacking support for the hasher being tested.
  This test now runs regardless of system support.

Other Changes
-------------

* .. py:currentmodule:: passlib.hash

  :class:`bcrypt_sha256`:  Internal algorithm has been changed to use HMAC-SHA256 instead of
  plain SHA256.  This should strengthen the hash against brute-force attempts which bypass
  the intermediary hash by using known-sha256-digest lookup tables (:issue:`114`).

* .. py:currentmodule:: passlib.hash

  :class:`bcrypt`: OS native backend ("os_crypt") now raises the new :exc:`~passlib.exc.PasswordValueError`
  if password is provided as non-UTF8 bytes under python 3
  (These can't be passed through, due to limitation in stdlib's :func:`!crypt.crypt`).
  Prior to this release, it confusingly raised :exc:`~passlib.exc.MissingBackendError` instead.

  Also improved legacy bcrypt format workarounds, to support a few more UTF8 edge cases than before.

* Modified some internals to help run on FIPS systems (:issue:`116`):

  In particular, when MD5 hash is not available, :class:`~passlib.hash.hex_md5`
  will now return a dummy hasher which throws an error if used; rather than throwing
  an uncaught :exc:`!ValueError` when an application attempts to import it.  (Similar behavior
  added for the other unsalted digest hashes).

  .. py:currentmodule:: passlib.crypto.digest

  Also, :func:`lookup_hash`'s ``required=False`` kwd was modified to report unsupported hashes
  via the :attr:`HashInfo.supported` attribute; rather than letting ValueErrors through uncaught.

  This should allow CryptContext instances to be created on FIPS systems without having
  a load-time error (though they will still receive an error if an attempt is made to actually
  *use* a FIPS-disabled hash).

* Internal errors calling stdlib's :func:`crypt.crypt`, or third party libraries,
  will now raise the new :exc:`~passlib.exc.InternalBackendError` (a RuntimeError);
  where previously it would raise an :exc:`AssertionError`.

* Various Python 3.9 compatibility fixes (including ``NotImplemented``-related warning, :issue:`125`)


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/py-passlib/Makefile
cvs rdiff -u -r1.6 -r1.7 pkgsrc/security/py-passlib/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_16025038239080
Content-Disposition: inline
Content-Length: 1933
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/security/py-passlib/Makefile
diff -u pkgsrc/security/py-passlib/Makefile:1.8 pkgsrc/security/py-passlib/Makefile:1.9
--- pkgsrc/security/py-passlib/Makefile:1.8	Sun Sep 27 10:38:25 2020
+++ pkgsrc/security/py-passlib/Makefile	Mon Oct 12 11:57:02 2020
@@ -1,12 +1,12 @@
-# $NetBSD: Makefile,v 1.8 2020/09/27 10:38:25 kleink Exp $
+# $NetBSD: Makefile,v 1.9 2020/10/12 11:57:02 adam Exp $
 
-DISTNAME=	passlib-1.7.2
+DISTNAME=	passlib-1.7.4
 PKGNAME=	${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=	security python
 MASTER_SITES=	${MASTER_SITE_PYPI:=p/passlib/}
 
 MAINTAINER=	kleink@NetBSD.org
-HOMEPAGE=	https://foss.heptapod.net/python-libs/passlib/-/wikis/home
+HOMEPAGE=	https://passlib.readthedocs.io/
 COMMENT=	Comprehensive password hashing framework supporting over 30 schemes
 LICENSE=	modified-bsd
 

Index: pkgsrc/security/py-passlib/distinfo
diff -u pkgsrc/security/py-passlib/distinfo:1.6 pkgsrc/security/py-passlib/distinfo:1.7
--- pkgsrc/security/py-passlib/distinfo:1.6	Sun Nov 24 11:36:53 2019
+++ pkgsrc/security/py-passlib/distinfo	Mon Oct 12 11:57:02 2020
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.6 2019/11/24 11:36:53 adam Exp $
+$NetBSD: distinfo,v 1.7 2020/10/12 11:57:02 adam Exp $
 
-SHA1 (passlib-1.7.2.tar.gz) = 890ec67cbb6c250d1e71d65b7d82701a7479b951
-RMD160 (passlib-1.7.2.tar.gz) = dd670bc09676aa7af4cb3d11098eed53cbb593e1
-SHA512 (passlib-1.7.2.tar.gz) = 1ea0654b177b5ab2e1a7e5c3949642c34805ace6e4e4a0f82fafdb3f374edd99c667906ce598c335b668da049860648d5cbebb3e62d775898d5b0cb8cfc7bf53
-Size (passlib-1.7.2.tar.gz) = 649654 bytes
+SHA1 (passlib-1.7.4.tar.gz) = 7881275c4fdbb235ebf610e4fd0b661d9fb3c249
+RMD160 (passlib-1.7.4.tar.gz) = b32ad2ad061cc5eaac37b114684f8364686dfbdd
+SHA512 (passlib-1.7.4.tar.gz) = 350bd6da5ac57e6c266ffe8bf9684c8c2cce3fc6b513eb6c7bc1b302d2d8a1b701e9c01c953782520a2ac37b7ec1f6d7bd5855f99f6ee0e2dbbf33f2d49a9530
+Size (passlib-1.7.4.tar.gz) = 689844 bytes


--_----------=_16025038239080--