Commit graph

357 commits

Author SHA1 Message Date
760d2b7748 modify snappass template 2024-09-16 14:00:18 +02:00
f7a7c4a375 edit docker compose config
Some checks failed
CI / build (3.10) (push) Has been cancelled
CI / build (3.8) (push) Has been cancelled
CI / build (3.9) (push) Has been cancelled
CodeQL / Analyze (push) Has been cancelled
2024-09-15 17:01:50 +02:00
Devin Lundberg
86e7e2e220
[Snyk] Security upgrade cryptography from 43.0.0 to 43.0.1 (#391)
fix: requirements.txt to reduce vulnerabilities


The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-7886970

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
2024-09-11 10:51:49 -07:00
Viktor Haid
c13e80bf2a
fix i18n (#375)
* fix i18n

* Ignore linter error regarding _
2024-09-11 10:51:17 -07:00
dependabot[bot]
5745dd40f1
Bump fakeredis from 2.23.4 to 2.24.1 (#390)
Bumps [fakeredis](https://github.com/cunla/fakeredis-py) from 2.23.4 to 2.24.1.
- [Release notes](https://github.com/cunla/fakeredis-py/releases)
- [Commits](https://github.com/cunla/fakeredis-py/compare/v2.23.4...v2.24.1)

---
updated-dependencies:
- dependency-name: fakeredis
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-27 10:29:15 -07:00
dependabot[bot]
f3af080237
Bump tox from 4.17.0 to 4.18.0 (#388)
Bumps [tox](https://github.com/tox-dev/tox) from 4.17.0 to 4.18.0.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/tox/compare/4.17.0...4.18.0)

---
updated-dependencies:
- dependency-name: tox
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-27 10:28:58 -07:00
dependabot[bot]
ce7994e95c
Bump tox from 4.16.0 to 4.17.0 (#386)
Bumps [tox](https://github.com/tox-dev/tox) from 4.16.0 to 4.17.0.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/tox/compare/4.16.0...4.17.0)

---
updated-dependencies:
- dependency-name: tox
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-06 13:09:33 -07:00
dependabot[bot]
eea66f49e7
Bump wheel from 0.43.0 to 0.44.0 (#384)
Bumps [wheel](https://github.com/pypa/wheel) from 0.43.0 to 0.44.0.
- [Release notes](https://github.com/pypa/wheel/releases)
- [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst)
- [Commits](https://github.com/pypa/wheel/compare/0.43.0...0.44.0)

---
updated-dependencies:
- dependency-name: wheel
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-05 12:36:15 -07:00
dependabot[bot]
63f7d8f18d
Bump flake8 from 7.0.0 to 7.1.1 (#383)
Bumps [flake8](https://github.com/pycqa/flake8) from 7.0.0 to 7.1.1.
- [Commits](https://github.com/pycqa/flake8/compare/7.0.0...7.1.1)

---
updated-dependencies:
- dependency-name: flake8
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-05 12:35:54 -07:00
dependabot[bot]
7af9712941
Bump pytest from 8.1.0 to 8.3.2 (#385)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.1.0 to 8.3.2.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/8.1.0...8.3.2)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-05 00:46:33 -07:00
dependabot[bot]
6370c0439d
Bump cryptography from 42.0.8 to 43.0.0 (#382)
Bumps [cryptography](https://github.com/pyca/cryptography) from 42.0.8 to 43.0.0.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/42.0.8...43.0.0)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-05 00:45:48 -07:00
Egg
9e435787c6
Environment variables for default port and bind address (#342)
* Add env vars to override default bind address and port

* Update main.py

Prefix bind address and port with SNAPPASS_

* Update README.rst

update readme to prefix SNAPPASS_ to bind address and port

---------

Co-authored-by: Yuru Shao <yshao@pinterest.com>
2024-08-02 15:40:39 -07:00
dependabot[bot]
4e5fc2ef1f
Bump itsdangerous from 2.1.2 to 2.2.0 (#347)
Bumps [itsdangerous](https://github.com/pallets/itsdangerous) from 2.1.2 to 2.2.0.
- [Release notes](https://github.com/pallets/itsdangerous/releases)
- [Changelog](https://github.com/pallets/itsdangerous/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/itsdangerous/compare/2.1.2...2.2.0)

---
updated-dependencies:
- dependency-name: itsdangerous
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yuru Shao <yshao@pinterest.com>
2024-08-02 15:39:27 -07:00
Devin Lundberg
57ec6249a6
[Snyk] Security upgrade jinja2 from 3.1.3 to 3.1.4 (#359)
fix: requirements.txt to reduce vulnerabilities


The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
2024-08-02 15:35:50 -07:00
dependabot[bot]
d3ffeac585
Bump freezegun from 1.4.0 to 1.5.1 (#362)
Bumps [freezegun](https://github.com/spulec/freezegun) from 1.4.0 to 1.5.1.
- [Release notes](https://github.com/spulec/freezegun/releases)
- [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG)
- [Commits](https://github.com/spulec/freezegun/compare/1.4.0...1.5.1)

---
updated-dependencies:
- dependency-name: freezegun
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-02 15:35:01 -07:00
Devin Lundberg
f6ad788fda
[Snyk] Security upgrade cryptography from 42.0.3 to 42.0.8 (#371)
fix: requirements.txt to reduce vulnerabilities


The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6913422

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
2024-08-02 15:27:48 -07:00
dependabot[bot]
91dd677cdb
Bump fakeredis from 2.21.1 to 2.23.4 (#381)
Bumps [fakeredis](https://github.com/cunla/fakeredis-py) from 2.21.1 to 2.23.4.
- [Release notes](https://github.com/cunla/fakeredis-py/releases)
- [Commits](https://github.com/cunla/fakeredis-py/compare/v2.21.1...v2.23.4)

---
updated-dependencies:
- dependency-name: fakeredis
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-02 15:26:59 -07:00
dependabot[bot]
4c5f63b536
Bump coverage from 7.4.2 to 7.6.0 (#379)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.4.2 to 7.6.0.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.4.2...7.6.0)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-02 15:23:28 -07:00
dependabot[bot]
e24732235a
Bump tox from 4.13.0 to 4.16.0 (#376)
Bumps [tox](https://github.com/tox-dev/tox) from 4.13.0 to 4.16.0.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/tox/compare/4.13.0...4.16.0)

---
updated-dependencies:
- dependency-name: tox
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-02 15:18:36 -07:00
Yuping Li
95b7573c56
Merge pull request #358 from pinterest/snyk-fix-f2c8e3c8682180c20af4144a186c9d1e
[Snyk] Security upgrade werkzeug from 2.2.3 to 3.0.3
2024-05-06 13:39:41 -07:00
snyk-bot
e2ca2fa8b9
fix: requirements.txt to reduce vulnerabilities
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
2024-05-06 19:37:36 +00:00
Yuping Li
7475a98829
Merge pull request #343 from pinterest/dependabot/pip/wheel-0.43.0
Bump wheel from 0.42.0 to 0.43.0
2024-04-23 09:38:51 -07:00
dependabot[bot]
cbeb61196d
Bump wheel from 0.42.0 to 0.43.0
Bumps [wheel](https://github.com/pypa/wheel) from 0.42.0 to 0.43.0.
- [Release notes](https://github.com/pypa/wheel/releases)
- [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst)
- [Commits](https://github.com/pypa/wheel/compare/0.42.0...0.43.0)

---
updated-dependencies:
- dependency-name: wheel
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-04-10 20:13:01 +00:00
Yuping Li
eaf96efa4e
Merge pull request #345 from pinterest/dependabot/pip/pytest-cov-5.0.0
Bump pytest-cov from 4.1.0 to 5.0.0
2024-04-10 13:11:04 -07:00
Yuping Li
20136d9dc0
Merge pull request #346 from XREvo/master
Adding APIs to manage password lifecycle
2024-04-08 15:53:35 -07:00
Emilien GUILMINEAU
e4803977c0 🚸 Add a link to web view
Allowing usage of the password into a subsystem which target human
2024-03-30 20:47:03 +01:00
Emilien GUILMINEAU
b69290425a 🚸 Remove URL encoding from token 2024-03-30 20:46:02 +01:00
Emilien GUILMINEAU
04235c1edc 🎨 flake8 2024-03-29 23:59:15 +01:00
Emilien GUILMINEAU
26b26f9c25 📝 Add documentation about new APIs 2024-03-29 23:53:45 +01:00
Emilien GUILMINEAU
3cfd5f03c0 Finish test suite implementation 2024-03-29 23:53:45 +01:00
Emilien GUILMINEAU
2023c9dc35 🧑‍💻 Use HATEHOAS style 2024-03-29 23:53:45 +01:00
Emilien GUILMINEAU
82d3a61afd ♻️ Use token as name for password_key 2024-03-29 23:53:45 +01:00
Emilien GUILMINEAU
ad5a7de292 🎨 Cleanup 2024-03-29 23:53:45 +01:00
Emilien GUILMINEAU
ff35bb6490 🚧 Import missing parts 2024-03-29 23:53:44 +01:00
Emilien GUILMINEAU
ed9e715b68 🚧 Add RFC7807 response type 2024-03-29 23:51:24 +01:00
Emilien GUILMINEAU
05cd81c671
🚧 Add a 'modern' REST API 2024-03-29 11:46:56 +01:00
dependabot[bot]
760782259d
Bump pytest-cov from 4.1.0 to 5.0.0
Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 4.1.0 to 5.0.0.
- [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest-cov/compare/v4.1.0...v5.0.0)

---
updated-dependencies:
- dependency-name: pytest-cov
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 02:05:45 +00:00
Yuping Li
9c233c0bd1
Merge pull request #339 from pinterest/dependabot/pip/pytest-8.1.0
Bump pytest from 8.0.1 to 8.1.0
2024-03-04 10:04:05 -08:00
dependabot[bot]
838cdf6d9c
Bump pytest from 8.0.1 to 8.1.0
Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.0.1 to 8.1.0.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/8.0.1...8.1.0)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-04 02:47:37 +00:00
Reinoud van Leeuwen
dc321ef79c
add /api endpoint for automated flows (#316)
* add /api endpoint

* pass password in request body when using API

* flake8 fixed; tests added

* flake8 fixed test.py

---------

Co-authored-by: Reinoud van Leeuwen <reinoud.van.leeuwen@itcreation.nl>
2024-02-26 15:22:40 -08:00
dependabot[bot]
04f9402e5f
Bump jinja2 from 3.1.2 to 3.1.3 (#336)
Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/3.1.2...3.1.3)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-23 13:49:56 -08:00
dependabot[bot]
5d37e45517
Bump actions/cache from 3 to 4 (#320)
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-23 13:49:05 -08:00
Yuping Li
2b108d3630
Merge pull request #330 from systeembeheerder/i18n
add i18n to Snappass
2024-02-23 13:42:55 -08:00
Bert Roelofsen
106ac26e26 TIL flake8 :) 2024-02-23 09:59:36 +01:00
Bert Roelofsen
114b5af6c2 Add Spanish and fixup NL&DE 2024-02-22 12:55:20 +01:00
Bert Roelofsen
4fffb9c1d5 restore extra spaces 2024-02-22 10:29:06 +01:00
Bert Roelofsen
9fdddab11b fix missing bracket 2024-02-21 08:29:19 +01:00
Yuping Li
415d5ee4e6
Merge pull request #333 from pinterest/dependabot/pip/tox-4.13.0
Bump tox from 4.11.3 to 4.13.0
2024-02-20 16:34:15 -08:00
dependabot[bot]
ba67b426cc
Bump tox from 4.11.3 to 4.13.0
Bumps [tox](https://github.com/tox-dev/tox) from 4.11.3 to 4.13.0.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/tox/compare/4.11.3...4.13.0)

---
updated-dependencies:
- dependency-name: tox
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-20 22:53:49 +00:00
Yuping Li
82c345ca92
Merge pull request #335 from pinterest/dependabot/pip/coverage-7.4.2
Bump coverage from 7.2.7 to 7.4.2
2024-02-20 14:43:20 -08:00