Commit graph

342 commits

Author SHA1 Message Date
Nicholas Charriere
f7fbb4575c
Merge pull request #104 from pinterest/new-release-142
Prepare for release: 1.4.2
2019-06-10 08:49:03 -07:00
Nicholas Charriere
234f43b889 Bump version: 1.4.1 → 1.4.2 2019-06-05 08:18:28 -07:00
Nicholas Charriere
e0b996d3d3 Make current version correct 2019-06-02 12:36:43 -07:00
Nicholas Charriere
6e6612cd49 Remove duplicate bumpversion config 2019-06-02 12:34:14 -07:00
Nicholas Charriere
f0f2c9d5d8
Merge pull request #103 from pinterest/autocomplete-off-and-required-textarea
Set autocomplete=off on form to avoid back history; make textarea field required
2019-06-01 11:56:02 -07:00
Nicholas Charriere
37f5d2b658 Set autocomplete=off on form to avoid back history; make textarea required 2019-06-01 09:34:58 -07:00
Jon Parise
2aa7272a59
Upgrade to Jinja2 2.10.1 (#101)
This patch release fixes a security issue (CVE-2019-10906) involving
str.format_map.
2019-04-12 13:26:46 -07:00
Lauri Lubi
1ac262e34e Bots that prefetch should not destroy the secret (#100)
* Create preview view, remove sneaky-user-agents logic

* unit tests

* rename openSecret to viewSecret

* code clean-up and style

* rename view secret to reveal secret

* update authors list

* bump version to 1.5.0
2019-03-05 07:47:07 -08:00
Jon Parise
d4c96cf58a
Merge pull request #99 from jameswthorne/readme-fixes
README fixes
2019-01-16 12:47:25 -08:00
James W Thorne
3fc5d2b864 README fixes 2019-01-16 08:11:56 -06:00
Jon Parise
ecebbcb71f
Merge pull request #98 from brennentsmith/patch-1
Add Ookla/Speedtest.net to adopters
2018-12-21 10:27:29 -08:00
Brennen Smith
0c77baa581
Add Ookla to adopters
We have used snappass since it was first open sourced, and everyone in the organization loves it. Not sure about the A-Z ordering WRT to Pinterest, it feels like you should be on top since it's your project.
2018-12-21 10:21:28 -08:00
Jon Parise
52aefd6ce3
Merge pull request #97 from pinterest/prepare-1.4.1
Prepare the 1.4.1 release
2018-10-31 17:54:14 -05:00
Jon Parise
0bd2b4e8d9 Prepare the 1.4.1 release
- Update the changelog
- Include our Code of Conduct and Adopters documents
2018-10-31 15:50:49 -07:00
Jon Parise
95c9ecc7d0
Merge pull request #96 from pinterest/python-3.7
Build on Python 3.7 and cache pip artifacts
2018-10-31 13:18:13 -05:00
Jon Parise
166a73b0dd Only build on the master branch
PR branches will still be built and tested.
2018-10-31 11:03:42 -07:00
Jon Parise
5894033692 Build on Python 3.7 and cache pip artifacts
This uses the well-established workaround to get Python 3.7 working on
Travis.
2018-10-31 10:53:18 -07:00
Jon Parise
7eee21f413
Merge pull request #95 from pinterest/cryptography-2.3.1
Upgrade to cryptography 2.3.1
2018-10-31 12:51:05 -05:00
Jon Parise
30db653f14 Upgrade to cryptography 2.3.1
This addresses CVE-2018-10903:

    A flaw was found in python-cryptography versions between >=1.9.0 and
    <2.3. The finalize_with_tag API did not enforce a minimum tag
    length. If a user did not validate the input length prior to passing
    it to finalize_with_tag an attacker could craft an invalid payload
    with a shortened tag (e.g. 1 byte) such that they would have a 1 in
    256 chance of passing the MAC check. GCM tag forgeries can cause key
    leakage.

... although snappass isn't affected because we doesn't use the
vulnerable `finalize_with_tag` API.
2018-10-31 09:39:18 -07:00
Nicholas Charriere
06149b81e8
Merge pull request #94 from gstackio/fix-restructured-text-syntax
Fix reST syntax for fixed-with text
2018-08-12 18:09:57 -07:00
Benjamin Gandon
921492733b Fix reST syntax for fixed-with text 2018-08-12 23:45:49 +02:00
Nicholas Charriere
2b53eed348
Merge pull request #90 from samueldg/feature/support-python37
Feature/support python37
2018-07-15 20:12:20 -07:00
Samuel Dion-Girardeau
867dc24f83 Temporarily disable Python 3.7 from Travis build
Currently Travis doesn't support Python 3.7 yet,
but this should be addressed soon:

    https://github.com/travis-ci/travis-ci/issues/9815
2018-07-14 16:28:15 -04:00
Samuel Dion-Girardeau
0f1cc0900c Align docs with actual base image pulled 2018-07-12 21:54:54 -04:00
Samuel Dion-Girardeau
73c220be97 Update Docker image to Python 3.7 (current latest)
Also used the "slim" version, which will drastically reduce the
image size.

Base image sizes comparison:

| python:3.7-slim | 143MB |
| python:3.7      | 916MB |
2018-07-12 21:27:32 -04:00
Samuel Dion-Girardeau
59196bea40 Update Trove classifier to include Python 3.7 2018-07-12 21:25:10 -04:00
Samuel Dion-Girardeau
2c334fc19f Update tests to run using Python 3.7 2018-07-12 21:24:27 -04:00
Samuel Dion-Girardeau
5981884cd2 Update all Python requirements to latest stable
All PyPI packages now have the latest version available.
2018-07-12 21:23:25 -04:00
Nicholas Charriere
b45312c650
Merge pull request #89 from brennentsmith/master
Use local assets for fontawesome for isolated environments.
2018-07-07 10:47:52 -07:00
Brennen Smith
25e10ef8a1 Use local assets for fontawesome for isolated environments.
Currently FontAwesome uses Cloudflare to serve font assets, however all
of the other assets are delivered locally. This standardizes the assets
to use all local assets from `/static/`.
2018-07-05 16:43:14 -07:00
Nicholas Charriere
798f358ed6
Merge pull request #88 from pinterest/new-release-140
New release 140
2018-07-03 08:38:07 -07:00
Nicholas Charriere
fb9974cbd5 Add changelog for 1.4.0 2018-07-03 08:30:22 -07:00
Nicholas Charriere
04ead0da32 Bump version: 1.3.0 → 1.4.0 2018-07-03 08:22:23 -07:00
Nicholas Charriere
47565b3831
Merge pull request #87 from pinterest/prefix-redis
Add prefix to redis
2018-07-03 08:13:35 -07:00
Nicholas Charriere
76962f8d8c Add REDIS_PREFIX documentation 2018-07-01 10:25:55 -07:00
Nicholas Charriere
386a378c5d Add prefix to memcache 2018-07-01 10:19:56 -07:00
Nicholas Charriere
a42815d17e
Merge pull request #84 from pinterest/shameless-hiring-plug
Add hiring plug in readme
2018-06-16 10:17:16 -07:00
Nicholas Charriere
a2d4245a3a Add hiring plug in readme 2018-05-12 09:02:24 -07:00
Nicholas Charriere
5ddecd4e64
Merge pull request #83 from samueldg/enhancement/modernize-tests
Enhancement/modernize tests
2018-05-07 19:19:46 -07:00
Samuel Dion-Girardeau
d407c2657f Drop the dot in py.test (as recommended by pytest) 2018-05-07 21:35:31 -04:00
Samuel Dion-Girardeau
80f77a6572 Fix assertEqual parameter order (expected, actual)
This ensures the failure message, if any, is reflective of the
intended value.
2018-05-07 21:27:13 -04:00
Samuel Dion-Girardeau
e6eca0daf8 Use assertion methods introduced in Python 2.7
Since Python 2.6 support was dropped, we can use all these:
https://docs.python.org/2/library/unittest.html#assert-methods
2018-05-07 21:20:54 -04:00
Nicholas Charriere
548c9986ee
Merge pull request #82 from pinterest/readme-update
Remove support for py26 and py33 from readme
2018-05-07 10:01:29 -07:00
Nicholas Charriere
699293b5a0 Remove support for py26 and py33 from readme 2018-05-07 09:49:04 -07:00
Nicholas Charriere
6fe4733baa
Merge pull request #81 from pinterest/bumpversion-1.3.0
Bump version to 1.3.0
2018-05-07 09:45:54 -07:00
Nicholas Charriere
e45feb1cfd Bump version to 1.3.0 2018-05-07 09:23:51 -07:00
Nicholas Charriere
173f33f66e
Merge pull request #79 from pinterest/mock-redis
Mock redis
2018-05-07 09:13:00 -07:00
Nicholas Charriere
68b4cec5e8
Merge pull request #80 from pinterest/quoteurls
Quote url to fix equal sign breaking outlook clients
2018-05-07 08:59:31 -07:00
Nicholas Charriere
75b6a6919f Make mock a requirement, not dev-requirement 2018-05-07 08:23:30 -07:00
Nicholas Charriere
13f294cae5 Use werkzeug quote/unquote functions instead of urllib 2018-05-07 08:21:07 -07:00