Yuru Shao
8a3a7f7c39
Bump version: 1.4.2 → 1.4.3 ( #123 )
2020-05-20 14:33:08 -07:00
Jon Parise
3d86f5395b
Use 'six' to import 'unquote' ( #122 )
2020-05-08 14:34:41 -07:00
Jon Parise
0ca032265a
Drop official support for Python 3.4 ( #121 )
...
Python 3.4 has reached end-of-life so remove it from the set of
officially supported Python versions.
2020-05-08 11:53:18 -07:00
Jeremiah Lee
2af7037feb
Adds option for two-week timeout. ( #120 )
...
Also includes:
- Updated the versions in the requirements, as MarkupSafe did not install cleanly.
- Integration test that sets a password via the website, and then
verifies the timeout on the backend.
- Basic Makefile, updates to the docs to use the Makefile.
The requirements file was updated using pip freeze after I had updated the version of MarkupSafe. I don't know what the usual process is for this repo, so please let me know if I should use a different process there (that is why there are a few additions).
2020-05-08 11:43:54 -07:00
Gabriel Saratura
9cb554ca7e
Update ADOPTERS.md ( #116 )
...
Add VSHN adopter
2019-12-24 07:28:42 -08:00
Samuel Dion-Girardeau
f377aa3ed2
Add support for Python 3.8 ( #115 )
...
* Remove Travis Python 3.7 hack
No longer necessary: 3.7 is supported out-of-the-box
* Add support for Python 3.8
And explicitly document in setup.py
* "Upgrade base Docker image to Python 3.8"a
* Add entry about py38 support in WIP changelog
* Explicitly declare python versions in setup.py
* Bump Werkzeug to 0.15.6
This is the latest 0.15 version. 0.16 might be incompatible
The fix we are looking for is in [0.15.5](http://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-5 ):
> Fix a TypeError due to changes to ast.Module in Python 3.8.
2019-11-25 08:58:29 -08:00
Jon Parise
e49cd8963a
Mention Snappass.NET ( #114 )
...
Also clean up a few existing links.
2019-11-04 08:16:12 -08:00
dependabot[bot]
4acef097e8
Merge pull request #109 from pinterest/dependabot/pip/werkzeug-0.15.3
2019-08-21 20:59:41 +00:00
dependabot[bot]
b3e1068c01
Bump werkzeug from 0.14.1 to 0.15.3
...
Bumps [werkzeug](https://github.com/pallets/werkzeug ) from 0.14.1 to 0.15.3.
- [Release notes](https://github.com/pallets/werkzeug/releases )
- [Changelog](https://github.com/pallets/werkzeug/blob/master/CHANGES.rst )
- [Commits](https://github.com/pallets/werkzeug/compare/0.14.1...0.15.3 )
Signed-off-by: dependabot[bot] <support@github.com>
2019-08-21 16:50:22 +00:00
Jon Parise
28d9e1e089
Move to version 1.5.0 (in development)
...
Also start the changelog for this next release.
2019-08-09 14:40:07 -07:00
vin01
5747ee2d14
Add url prefix for reverse proxies ( #106 )
2019-08-09 14:07:49 -07:00
vin01
054c61ae89
Migrate to fakeredis from mockredispy ( #108 )
2019-08-09 08:37:03 -07:00
Nicholas Charriere
f7fbb4575c
Merge pull request #104 from pinterest/new-release-142
...
Prepare for release: 1.4.2
2019-06-10 08:49:03 -07:00
Nicholas Charriere
234f43b889
Bump version: 1.4.1 → 1.4.2
2019-06-05 08:18:28 -07:00
Nicholas Charriere
e0b996d3d3
Make current version correct
2019-06-02 12:36:43 -07:00
Nicholas Charriere
6e6612cd49
Remove duplicate bumpversion config
2019-06-02 12:34:14 -07:00
Nicholas Charriere
f0f2c9d5d8
Merge pull request #103 from pinterest/autocomplete-off-and-required-textarea
...
Set autocomplete=off on form to avoid back history; make textarea field required
2019-06-01 11:56:02 -07:00
Nicholas Charriere
37f5d2b658
Set autocomplete=off on form to avoid back history; make textarea required
2019-06-01 09:34:58 -07:00
Jon Parise
2aa7272a59
Upgrade to Jinja2 2.10.1 ( #101 )
...
This patch release fixes a security issue (CVE-2019-10906) involving
str.format_map.
2019-04-12 13:26:46 -07:00
Lauri Lubi
1ac262e34e
Bots that prefetch should not destroy the secret ( #100 )
...
* Create preview view, remove sneaky-user-agents logic
* unit tests
* rename openSecret to viewSecret
* code clean-up and style
* rename view secret to reveal secret
* update authors list
* bump version to 1.5.0
2019-03-05 07:47:07 -08:00
Jon Parise
d4c96cf58a
Merge pull request #99 from jameswthorne/readme-fixes
...
README fixes
2019-01-16 12:47:25 -08:00
James W Thorne
3fc5d2b864
README fixes
2019-01-16 08:11:56 -06:00
Jon Parise
ecebbcb71f
Merge pull request #98 from brennentsmith/patch-1
...
Add Ookla/Speedtest.net to adopters
2018-12-21 10:27:29 -08:00
Brennen Smith
0c77baa581
Add Ookla to adopters
...
We have used snappass since it was first open sourced, and everyone in the organization loves it. Not sure about the A-Z ordering WRT to Pinterest, it feels like you should be on top since it's your project.
2018-12-21 10:21:28 -08:00
Jon Parise
52aefd6ce3
Merge pull request #97 from pinterest/prepare-1.4.1
...
Prepare the 1.4.1 release
2018-10-31 17:54:14 -05:00
Jon Parise
0bd2b4e8d9
Prepare the 1.4.1 release
...
- Update the changelog
- Include our Code of Conduct and Adopters documents
2018-10-31 15:50:49 -07:00
Jon Parise
95c9ecc7d0
Merge pull request #96 from pinterest/python-3.7
...
Build on Python 3.7 and cache pip artifacts
2018-10-31 13:18:13 -05:00
Jon Parise
166a73b0dd
Only build on the master branch
...
PR branches will still be built and tested.
2018-10-31 11:03:42 -07:00
Jon Parise
5894033692
Build on Python 3.7 and cache pip artifacts
...
This uses the well-established workaround to get Python 3.7 working on
Travis.
2018-10-31 10:53:18 -07:00
Jon Parise
7eee21f413
Merge pull request #95 from pinterest/cryptography-2.3.1
...
Upgrade to cryptography 2.3.1
2018-10-31 12:51:05 -05:00
Jon Parise
30db653f14
Upgrade to cryptography 2.3.1
...
This addresses CVE-2018-10903:
A flaw was found in python-cryptography versions between >=1.9.0 and
<2.3. The finalize_with_tag API did not enforce a minimum tag
length. If a user did not validate the input length prior to passing
it to finalize_with_tag an attacker could craft an invalid payload
with a shortened tag (e.g. 1 byte) such that they would have a 1 in
256 chance of passing the MAC check. GCM tag forgeries can cause key
leakage.
... although snappass isn't affected because we doesn't use the
vulnerable `finalize_with_tag` API.
2018-10-31 09:39:18 -07:00
Nicholas Charriere
06149b81e8
Merge pull request #94 from gstackio/fix-restructured-text-syntax
...
Fix reST syntax for fixed-with text
2018-08-12 18:09:57 -07:00
Benjamin Gandon
921492733b
Fix reST syntax for fixed-with text
2018-08-12 23:45:49 +02:00
Nicholas Charriere
2b53eed348
Merge pull request #90 from samueldg/feature/support-python37
...
Feature/support python37
2018-07-15 20:12:20 -07:00
Samuel Dion-Girardeau
867dc24f83
Temporarily disable Python 3.7 from Travis build
...
Currently Travis doesn't support Python 3.7 yet,
but this should be addressed soon:
https://github.com/travis-ci/travis-ci/issues/9815
2018-07-14 16:28:15 -04:00
Samuel Dion-Girardeau
0f1cc0900c
Align docs with actual base image pulled
2018-07-12 21:54:54 -04:00
Samuel Dion-Girardeau
73c220be97
Update Docker image to Python 3.7 (current latest)
...
Also used the "slim" version, which will drastically reduce the
image size.
Base image sizes comparison:
| python:3.7-slim | 143MB |
| python:3.7 | 916MB |
2018-07-12 21:27:32 -04:00
Samuel Dion-Girardeau
59196bea40
Update Trove classifier to include Python 3.7
2018-07-12 21:25:10 -04:00
Samuel Dion-Girardeau
2c334fc19f
Update tests to run using Python 3.7
2018-07-12 21:24:27 -04:00
Samuel Dion-Girardeau
5981884cd2
Update all Python requirements to latest stable
...
All PyPI packages now have the latest version available.
2018-07-12 21:23:25 -04:00
Nicholas Charriere
b45312c650
Merge pull request #89 from brennentsmith/master
...
Use local assets for fontawesome for isolated environments.
2018-07-07 10:47:52 -07:00
Brennen Smith
25e10ef8a1
Use local assets for fontawesome for isolated environments.
...
Currently FontAwesome uses Cloudflare to serve font assets, however all
of the other assets are delivered locally. This standardizes the assets
to use all local assets from `/static/`.
2018-07-05 16:43:14 -07:00
Nicholas Charriere
798f358ed6
Merge pull request #88 from pinterest/new-release-140
...
New release 140
2018-07-03 08:38:07 -07:00
Nicholas Charriere
fb9974cbd5
Add changelog for 1.4.0
2018-07-03 08:30:22 -07:00
Nicholas Charriere
04ead0da32
Bump version: 1.3.0 → 1.4.0
2018-07-03 08:22:23 -07:00
Nicholas Charriere
47565b3831
Merge pull request #87 from pinterest/prefix-redis
...
Add prefix to redis
2018-07-03 08:13:35 -07:00
Nicholas Charriere
76962f8d8c
Add REDIS_PREFIX documentation
2018-07-01 10:25:55 -07:00
Nicholas Charriere
386a378c5d
Add prefix to memcache
2018-07-01 10:19:56 -07:00
Nicholas Charriere
a42815d17e
Merge pull request #84 from pinterest/shameless-hiring-plug
...
Add hiring plug in readme
2018-06-16 10:17:16 -07:00
Nicholas Charriere
a2d4245a3a
Add hiring plug in readme
2018-05-12 09:02:24 -07:00