simono41/snappass
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
328 commits 1 branch 13 tags 1.4 MiB
Commit graph

328 commits

Author SHA1 Message Date
Jon Parise
68c5f14cd4
Remove dependency on six () 
We no longer need six now that we require Python 3.x.
 2022-05-17 11:10:58 -07:00
dependabot[bot]
c491c621d2
Bump cryptography from 3.3.2 to 37.0.2 
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.3.2 to 37.0.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.3.2...37.0.2)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-17 18:05:11 +00:00
Jon Parise
4a9c18c1b8 Ignore noisy Python dependency updates 
Skip automatic patch-level updates.
 2022-05-17 11:04:22 -07:00
Jon Parise
487d10231d
Remove mock and nose development dependencies () 
We don't need 'mock' now that we require Python 3.x.

... and nose is no longer used since we switched to pytest as our test
runner a long time ago.
 2022-05-17 10:57:35 -07:00
Jon Parise
1e37c82f64 Update supported Python versions 2022-05-17 10:48:54 -07:00
Jon Parise
2341cb6a5e
Prepare the 1.6.0 release () 2022-05-17 10:46:35 -07:00
Jon Parise
3c379339dd
Configure automatic Dependabot version updates () 
This is enabled for GitHub Actions and Python packages.
 2022-05-17 10:37:38 -07:00
Jon Parise
27f70ed5ec
Migrate CI to GitHub Actions () 2022-05-17 10:32:12 -07:00
Jon Parise
35c19a2ae2
Drop support for old Python versions () 
Specifically, drop support for Python versions older than 3.7, including
Python 2.x.

All of those versions are well beyond their official end-of-life, and
given this is a security-related project, it's reasonable to expect
users to run it in a modern Python environment.
 2022-05-17 10:25:03 -07:00
Christian
9e33a8f7c1
Bump to Version 1.5.1 () 2022-05-11 14:43:23 -07:00
Christian
3fbc018ff8
Adding json-output for api-like functionality () 
* adding json-template for api-like functionality

* removing content-block

* adding test

* changing to flask.jsonify

* deleting template

* change from POST-param to Accept-Header
 2022-04-11 12:37:19 -07:00
Jon Parise
4b1ee0cec1 Small wording tweaks to the expiration text 2021-12-20 13:05:51 -08:00
Arjen
654d03041b
Add expired explanation page () 2021-12-20 13:05:14 -08:00
Omer Hamerman
40df900dc7
Allowing full host override () 2021-07-29 10:39:47 -07:00
dependabot[bot]
89a90f4924
Merge pull request from pinterest/dependabot/pip/jinja2-2.11.3 2021-03-19 22:24:12 +00:00
dependabot[bot]
188f0f6779
Bump jinja2 from 2.10.1 to 2.11.3 
Bumps [jinja2](https://github.com/pallets/jinja) from 2.10.1 to 2.11.3.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/master/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/2.10.1...2.11.3)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-19 21:58:30 +00:00
dependabot[bot]
9916076100
Merge pull request from pinterest/dependabot/pip/cryptography-3.3.2 2021-02-10 01:37:24 +00:00
dependabot[bot]
5dc2161a5d
Bump cryptography from 3.2 to 3.3.2 
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-10 01:36:07 +00:00
Jon Parise
a94e16802d Note that Redis must be running 
Also, fix Redis link syntax (for reStucturedText).
 2021-01-12 13:47:28 -08:00
Jon Parise
6a349e83c0 Link to redis.io and bump Python requirement to 3.5+ 2021-01-12 13:45:02 -08:00
dependabot[bot]
9ea826ef7c
Merge pull request from pinterest/dependabot/pip/cryptography-3.2 2020-10-28 17:48:00 +00:00
dependabot[bot]
50ef7bef82
Bump cryptography from 2.3.1 to 3.2 
Bumps [cryptography](https://github.com/pyca/cryptography) from 2.3.1 to 3.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/2.3.1...3.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-10-27 21:00:15 +00:00
Jon Parise
feab2f69a5
Prepare the 1.5.0 release () 2020-09-15 09:22:49 -07:00
Ron Klein
5c9d3bf3cf
properly parse NO_SSL env var () 
Bug fix:
The default for `NO_SSL` environment variable is `False`.
When the actual value, in runtime, is `True`, the code "ignores" it.
The reason: the code does not parse the given string. So it evaluates a non empty string as "True".
To resolve this, the suggested code parses the given string to a boolean value.
 2020-09-14 08:57:13 -07:00
Yuru Shao
8a3a7f7c39
Bump version: 1.4.2 → 1.4.3 () 2020-05-20 14:33:08 -07:00
Jon Parise
3d86f5395b
Use 'six' to import 'unquote' () 2020-05-08 14:34:41 -07:00
Jon Parise
0ca032265a
Drop official support for Python 3.4 () 
Python 3.4 has reached end-of-life so remove it from the set of
officially supported Python versions.
 2020-05-08 11:53:18 -07:00
Jeremiah Lee
2af7037feb
Adds option for two-week timeout. () 
Also includes:

- Updated the versions in the requirements, as MarkupSafe did not install cleanly.
- Integration test that sets a password via the website, and then
verifies the timeout on the backend.
- Basic Makefile, updates to the docs to use the Makefile.

The requirements file was updated using pip freeze after I had updated the version of MarkupSafe. I don't know what the usual process is for this repo, so please let me know if I should use a different process there (that is why there are a few additions).
 2020-05-08 11:43:54 -07:00
Gabriel Saratura
9cb554ca7e Update ADOPTERS.md () 
Add VSHN adopter
 2019-12-24 07:28:42 -08:00
Samuel Dion-Girardeau
f377aa3ed2 Add support for Python 3.8 () 
* Remove Travis Python 3.7 hack

No longer necessary: 3.7 is supported out-of-the-box

* Add support for Python 3.8

And explicitly document in setup.py

* "Upgrade base Docker image to Python 3.8"a

* Add entry about py38 support in WIP changelog

* Explicitly declare python versions in setup.py

* Bump Werkzeug to 0.15.6

This is the latest 0.15 version. 0.16 might be incompatible

The fix we are looking for is in [0.15.5](http://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-5):

> Fix a TypeError due to changes to ast.Module in Python 3.8.
 2019-11-25 08:58:29 -08:00
Jon Parise
e49cd8963a
Mention Snappass.NET () 
Also clean up a few existing links.
 2019-11-04 08:16:12 -08:00
dependabot[bot]
4acef097e8
Merge pull request from pinterest/dependabot/pip/werkzeug-0.15.3 2019-08-21 20:59:41 +00:00
dependabot[bot]
b3e1068c01
Bump werkzeug from 0.14.1 to 0.15.3 
Bumps [werkzeug](https://github.com/pallets/werkzeug) from 0.14.1 to 0.15.3.
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/master/CHANGES.rst)
- [Commits](https://github.com/pallets/werkzeug/compare/0.14.1...0.15.3)

Signed-off-by: dependabot[bot] <support@github.com>
 2019-08-21 16:50:22 +00:00
Jon Parise
28d9e1e089 Move to version 1.5.0 (in development) 
Also start the changelog for this next release.
 2019-08-09 14:40:07 -07:00
vin01
5747ee2d14 Add url prefix for reverse proxies () 2019-08-09 14:07:49 -07:00
vin01
054c61ae89 Migrate to fakeredis from mockredispy () 2019-08-09 08:37:03 -07:00
Nicholas Charriere
f7fbb4575c
Merge pull request from pinterest/new-release-142 
Prepare for release: 1.4.2
 2019-06-10 08:49:03 -07:00
Nicholas Charriere
234f43b889 Bump version: 1.4.1 → 1.4.2 2019-06-05 08:18:28 -07:00
Nicholas Charriere
e0b996d3d3 Make current version correct 2019-06-02 12:36:43 -07:00
Nicholas Charriere
6e6612cd49 Remove duplicate bumpversion config 2019-06-02 12:34:14 -07:00
Nicholas Charriere
f0f2c9d5d8
Merge pull request from pinterest/autocomplete-off-and-required-textarea 
Set autocomplete=off on form to avoid back history; make textarea field required
 2019-06-01 11:56:02 -07:00
Nicholas Charriere
37f5d2b658 Set autocomplete=off on form to avoid back history; make textarea required 2019-06-01 09:34:58 -07:00
Jon Parise
2aa7272a59
Upgrade to Jinja2 2.10.1 () 
This patch release fixes a security issue (CVE-2019-10906) involving
str.format_map.
 2019-04-12 13:26:46 -07:00
Lauri Lubi
1ac262e34e Bots that prefetch should not destroy the secret () 
* Create preview view, remove sneaky-user-agents logic

* unit tests

* rename openSecret to viewSecret

* code clean-up and style

* rename view secret to reveal secret

* update authors list

* bump version to 1.5.0
 2019-03-05 07:47:07 -08:00
Jon Parise
d4c96cf58a
Merge pull request from jameswthorne/readme-fixes 
README fixes
 2019-01-16 12:47:25 -08:00
James W Thorne
3fc5d2b864 README fixes 2019-01-16 08:11:56 -06:00
Jon Parise
ecebbcb71f
Merge pull request from brennentsmith/patch-1 
Add Ookla/Speedtest.net to adopters
 2018-12-21 10:27:29 -08:00
Brennen Smith
0c77baa581
Add Ookla to adopters 
We have used snappass since it was first open sourced, and everyone in the organization loves it. Not sure about the A-Z ordering WRT to Pinterest, it feels like you should be on top since it's your project.
 2018-12-21 10:21:28 -08:00
Jon Parise
52aefd6ce3
Merge pull request from pinterest/prepare-1.4.1 
Prepare the 1.4.1 release
 2018-10-31 17:54:14 -05:00
Jon Parise
0bd2b4e8d9 Prepare the 1.4.1 release 
- Update the changelog
- Include our Code of Conduct and Adopters documents
 2018-10-31 15:50:49 -07:00