Commit graph

357 commits

Author SHA1 Message Date
Yuru Shao
1245b0c43f
Merge pull request #180 from pinterest/dependabot/pip/freezegun-1.2.1
Bump freezegun from 0.3.15 to 1.2.1
2022-06-28 10:15:28 -07:00
dependabot[bot]
25cd5740d4
Bump freezegun from 0.3.15 to 1.2.1
Bumps [freezegun](https://github.com/spulec/freezegun) from 0.3.15 to 1.2.1.
- [Release notes](https://github.com/spulec/freezegun/releases)
- [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG)
- [Commits](https://github.com/spulec/freezegun/compare/0.3.15...1.2.1)

---
updated-dependencies:
- dependency-name: freezegun
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-22 21:00:49 +00:00
Yuru Shao
3011638028
Merge pull request #153 from pinterest/dependabot/pip/itsdangerous-2.1.2
Bump itsdangerous from 0.24 to 2.1.2
2022-06-22 14:00:08 -07:00
dependabot[bot]
2304a29e7c
Bump itsdangerous from 0.24 to 2.1.2
Bumps [itsdangerous](https://github.com/pallets/itsdangerous) from 0.24 to 2.1.2.
- [Release notes](https://github.com/pallets/itsdangerous/releases)
- [Changelog](https://github.com/pallets/itsdangerous/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/itsdangerous/compare/0.24...2.1.2)

---
updated-dependencies:
- dependency-name: itsdangerous
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-22 18:44:21 +00:00
Yuru Shao
e61453d577
Merge pull request #173 from pinterest/dependabot/pip/redis-4.3.3
Bump redis from 2.10.6 to 4.3.3
2022-06-22 11:42:43 -07:00
dependabot[bot]
8f9ecb8a7a
Bump redis from 2.10.6 to 4.3.3
Bumps [redis](https://github.com/redis/redis-py) from 2.10.6 to 4.3.3.
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/2.10.6...v4.3.3)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-22 18:36:08 +00:00
Yuru Shao
b2a41073de
Merge pull request #171 from pinterest/dependabot/pip/werkzeug-2.1.2
Bump werkzeug from 0.15.6 to 2.1.2
2022-06-22 11:34:39 -07:00
Yuru Shao
bfae576fb2
Merge pull request #176 from pinterest/dependabot/pip/flask-2.1.2
Bump flask from 1.0.2 to 2.1.2
2022-06-22 11:27:36 -07:00
Yuru Shao
f89a8b2fdc
Merge pull request #175 from pinterest/codeql_setup
Create codeql-analysis.yml
2022-06-20 13:11:00 -07:00
Yuru Shao
36b2d79e38 add tests.py to on:pull_request:paths-ignore 2022-06-20 13:06:20 -07:00
dependabot[bot]
ecdcb70470
Bump werkzeug from 0.15.6 to 2.1.2
Bumps [werkzeug](https://github.com/pallets/werkzeug) from 0.15.6 to 2.1.2.
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/werkzeug/compare/0.15.6...2.1.2)

---
updated-dependencies:
- dependency-name: werkzeug
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-20 03:43:08 +00:00
dependabot[bot]
ca3ba14c21
Bump flask from 1.0.2 to 2.1.2
Bumps [flask](https://github.com/pallets/flask) from 1.0.2 to 2.1.2.
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/flask/compare/1.0.2...2.1.2)

---
updated-dependencies:
- dependency-name: flask
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-20 03:42:48 +00:00
Yuru Shao
bdba9bf7f6
Merge pull request #168 from pinterest/dependabot/pip/jinja2-3.1.2
Bump jinja2 from 2.11.3 to 3.1.2
2022-06-19 20:42:17 -07:00
Yuru Shao
261fa83273 Update codeql workflow configs 2022-06-19 19:59:46 -07:00
Yuru Shao
bcef439238
Create codeql-analysis.yml 2022-06-19 00:07:49 -07:00
dependabot[bot]
abacd0c776 Bump actions/setup-python from 3 to 4
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-13 14:16:08 +00:00
dependabot[bot]
f16106acc7
Merge pull request #170 from pinterest/dependabot/pip/fakeredis-1.7.5 2022-05-18 14:49:45 +00:00
dependabot[bot]
d6aa58976e
Bump fakeredis from 0.7.0 to 1.7.5
Bumps [fakeredis](https://github.com/dsoftwareinc/fakeredis-py) from 0.7.0 to 1.7.5.
- [Release notes](https://github.com/dsoftwareinc/fakeredis-py/releases)
- [Commits](https://github.com/dsoftwareinc/fakeredis-py/compare/0.7.0...v1.7.5)

---
updated-dependencies:
- dependency-name: fakeredis
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-18 02:00:53 +00:00
dependabot[bot]
47f002ab2d
Bump jinja2 from 2.11.3 to 3.1.2
Bumps [jinja2](https://github.com/pallets/jinja) from 2.11.3 to 3.1.2.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/2.11.3...3.1.2)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-18 02:00:49 +00:00
Jon Parise
b8121166b7
Remove transitive dependencies (#167)
Given how we're currently managing our dependencies in this project, it
doesn't make sense to list transitive dependencies in this set of
requirements (i.e. it's not meant to act as a lock file).
2022-05-17 12:29:12 -07:00
dependabot[bot]
37cd63d394
Merge pull request #162 from pinterest/dependabot/pip/idna-3.3 2022-05-17 19:21:19 +00:00
dependabot[bot]
bdefc11a72
Bump idna from 2.9 to 3.3
Bumps [idna](https://github.com/kjd/idna) from 2.9 to 3.3.
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](https://github.com/kjd/idna/compare/v2.9...v3.3)

---
updated-dependencies:
- dependency-name: idna
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-17 18:58:15 +00:00
dependabot[bot]
cbbe67dcae
Merge pull request #159 from pinterest/dependabot/pip/cryptography-37.0.2 2022-05-17 18:57:29 +00:00
Jon Parise
f21c696a5d
Report coverage information to the terminal (#165)
Also, upgrade the relevant package dependencies to their latest
versions.
2022-05-17 11:54:51 -07:00
dependabot[bot]
ff243787c7
Merge pull request #155 from pinterest/dependabot/pip/pytest-7.1.2 2022-05-17 18:42:33 +00:00
Jon Parise
2c702b0a39
Run flake8 across the entire code base (#163)
Also, make sure we're using a consistent version of flake8 in CI.
2022-05-17 11:41:01 -07:00
dependabot[bot]
5e47d5efa1
Bump pytest from 3.6.3 to 7.1.2
Bumps [pytest](https://github.com/pytest-dev/pytest) from 3.6.3 to 7.1.2.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/3.6.3...7.1.2)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-17 18:22:03 +00:00
dependabot[bot]
7102b4560b
Merge pull request #161 from pinterest/dependabot/pip/flake8-4.0.1 2022-05-17 18:21:07 +00:00
dependabot[bot]
8e946c2bdb
Bump flake8 from 3.5.0 to 4.0.1
Bumps [flake8](https://github.com/pycqa/flake8) from 3.5.0 to 4.0.1.
- [Release notes](https://github.com/pycqa/flake8/releases)
- [Commits](https://github.com/pycqa/flake8/compare/3.5.0...4.0.1)

---
updated-dependencies:
- dependency-name: flake8
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-17 18:11:46 +00:00
Jon Parise
68c5f14cd4
Remove dependency on six (#160)
We no longer need six now that we require Python 3.x.
2022-05-17 11:10:58 -07:00
dependabot[bot]
c491c621d2
Bump cryptography from 3.3.2 to 37.0.2
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.3.2 to 37.0.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.3.2...37.0.2)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-17 18:05:11 +00:00
Jon Parise
4a9c18c1b8 Ignore noisy Python dependency updates
Skip automatic patch-level updates.
2022-05-17 11:04:22 -07:00
Jon Parise
487d10231d
Remove mock and nose development dependencies (#158)
We don't need 'mock' now that we require Python 3.x.

... and nose is no longer used since we switched to pytest as our test
runner a long time ago.
2022-05-17 10:57:35 -07:00
Jon Parise
1e37c82f64 Update supported Python versions 2022-05-17 10:48:54 -07:00
Jon Parise
2341cb6a5e
Prepare the 1.6.0 release (#157) 2022-05-17 10:46:35 -07:00
Jon Parise
3c379339dd
Configure automatic Dependabot version updates (#151)
This is enabled for GitHub Actions and Python packages.
2022-05-17 10:37:38 -07:00
Jon Parise
27f70ed5ec
Migrate CI to GitHub Actions (#150) 2022-05-17 10:32:12 -07:00
Jon Parise
35c19a2ae2
Drop support for old Python versions (#149)
Specifically, drop support for Python versions older than 3.7, including
Python 2.x.

All of those versions are well beyond their official end-of-life, and
given this is a security-related project, it's reasonable to expect
users to run it in a modern Python environment.
2022-05-17 10:25:03 -07:00
Christian
9e33a8f7c1
Bump to Version 1.5.1 (#148) 2022-05-11 14:43:23 -07:00
Christian
3fbc018ff8
Adding json-output for api-like functionality (#147)
* adding json-template for api-like functionality

* removing content-block

* adding test

* changing to flask.jsonify

* deleting template

* change from POST-param to Accept-Header
2022-04-11 12:37:19 -07:00
Jon Parise
4b1ee0cec1 Small wording tweaks to the expiration text 2021-12-20 13:05:51 -08:00
Arjen
654d03041b
Add expired explanation page (#145) 2021-12-20 13:05:14 -08:00
Omer Hamerman
40df900dc7
Allowing full host override (#143) 2021-07-29 10:39:47 -07:00
dependabot[bot]
89a90f4924
Merge pull request #139 from pinterest/dependabot/pip/jinja2-2.11.3 2021-03-19 22:24:12 +00:00
dependabot[bot]
188f0f6779
Bump jinja2 from 2.10.1 to 2.11.3
Bumps [jinja2](https://github.com/pallets/jinja) from 2.10.1 to 2.11.3.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/master/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/2.10.1...2.11.3)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-19 21:58:30 +00:00
dependabot[bot]
9916076100
Merge pull request #138 from pinterest/dependabot/pip/cryptography-3.3.2 2021-02-10 01:37:24 +00:00
dependabot[bot]
5dc2161a5d
Bump cryptography from 3.2 to 3.3.2
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2)

Signed-off-by: dependabot[bot] <support@github.com>
2021-02-10 01:36:07 +00:00
Jon Parise
a94e16802d Note that Redis must be running
Also, fix Redis link syntax (for reStucturedText).
2021-01-12 13:47:28 -08:00
Jon Parise
6a349e83c0 Link to redis.io and bump Python requirement to 3.5+ 2021-01-12 13:45:02 -08:00
dependabot[bot]
9ea826ef7c
Merge pull request #129 from pinterest/dependabot/pip/cryptography-3.2 2020-10-28 17:48:00 +00:00