Hello community,
here is the log from the commit of package python-bcrypt for openSUSE:Factory checked in at 2019-03-04 09:10:58
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-bcrypt (Old)
and /work/SRC/openSUSE:Factory/.python-bcrypt.new.28833 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-bcrypt"
Mon Mar 4 09:10:58 2019 rev:5 rq:680464 version:3.1.6
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-bcrypt/python-bcrypt.changes 2018-08-31 09:51:52.669597728 +0200
+++ /work/SRC/openSUSE:Factory/.python-bcrypt.new.28833/python-bcrypt.changes 2019-03-04 09:11:00.600701546 +0100
@@ -1,0 +2,10 @@
+Fri Mar 1 11:19:33 UTC 2019 - Tomáš Chvátal
+
+- Update to 3.1.5:
+ * Added support for compilation on Haiku.
+ * Added support for compilation on AIX.
+ * Dropped Python 2.6 and 3.3 support.
+ * Switched to using ``abi3`` wheels for Python 3. If you are not getting a
+ wheel on a compatible platform please upgrade your ``pip`` version.
+
+-------------------------------------------------------------------
Old:
----
bcrypt-3.1.4.tar.gz
New:
----
bcrypt-3.1.6.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-bcrypt.spec ++++++
--- /var/tmp/diff_new_pack.WALotJ/_old 2019-03-04 09:11:01.212701443 +0100
+++ /var/tmp/diff_new_pack.WALotJ/_new 2019-03-04 09:11:01.216701442 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-bcrypt
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2016, Martin Hauke
#
# All modifications and additions to the file contributed by third parties
@@ -13,30 +13,30 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%define oldpython python
Name: python-bcrypt
-Version: 3.1.4
+Version: 3.1.6
Release: 0
Summary: BSD type 2a and 2b password hashing
License: Apache-2.0
Group: Development/Languages/Python
URL: https://github.com/pyca/bcrypt/
Source: https://files.pythonhosted.org/packages/source/b/bcrypt/bcrypt-%{version}.tar.gz
-BuildRequires: %{python_module cffi}
+BuildRequires: %{python_module cffi >= 1.1}
BuildRequires: %{python_module devel}
BuildRequires: %{python_module pytest >= 3.2.1}
BuildRequires: %{python_module setuptools}
-BuildRequires: %{python_module six}
+BuildRequires: %{python_module six >= 1.4.1}
BuildRequires: fdupes
BuildRequires: pkgconfig
BuildRequires: python-rpm-macros
BuildRequires: pkgconfig(libffi)
-Requires: python-six
+Requires: python-six >= 1.4.1
%requires_eq python-cffi
Provides: python-py-bcrypt = %{version}
Obsoletes: python-py-bcrypt < %{version}
++++++ bcrypt-3.1.4.tar.gz -> bcrypt-3.1.6.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/MANIFEST.in new/bcrypt-3.1.6/MANIFEST.in
--- old/bcrypt-3.1.4/MANIFEST.in 2017-10-11 13:51:28.000000000 +0200
+++ new/bcrypt-3.1.6/MANIFEST.in 2019-01-16 16:34:17.000000000 +0100
@@ -1,5 +1,7 @@
include LICENSE README.rst
+include pyproject.toml
+
include tox.ini .coveragerc
include src/build_bcrypt.py
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/PKG-INFO new/bcrypt-3.1.6/PKG-INFO
--- old/bcrypt-3.1.4/PKG-INFO 2017-10-11 14:10:25.000000000 +0200
+++ new/bcrypt-3.1.6/PKG-INFO 2019-01-16 16:46:42.000000000 +0100
@@ -1,23 +1,22 @@
-Metadata-Version: 1.1
+Metadata-Version: 2.1
Name: bcrypt
-Version: 3.1.4
+Version: 3.1.6
Summary: Modern password hashing for your software and your servers
Home-page: https://github.com/pyca/bcrypt/
Author: The Python Cryptographic Authority developers
Author-email: cryptography-dev@python.org
License: Apache License, Version 2.0
-Description-Content-Type: UNKNOWN
Description: bcrypt
======
.. image:: https://img.shields.io/pypi/v/bcrypt.svg
- :target: https://pypi.python.org/pypi/bcrypt/
+ :target: https://pypi.org/project/bcrypt/
:alt: Latest Version
.. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master
:target: https://travis-ci.org/pyca/bcrypt
- Modern password hashing for your software and your servers
+ Good password hashing for your software and your servers
Installation
@@ -43,9 +42,27 @@
$ sudo yum install gcc libffi-devel python-devel
+ Alternatives
+ ============
+
+ While bcrypt remains a good choice for password storage depending on your specific use case you may also want to consider using scrypt (either via `standard library`_ or `cryptography`_) or argon2id via `argon2_cffi`_.
+
Changelog
=========
+ 3.1.6
+ -----
+
+ * Added support for compilation on Haiku.
+
+ 3.1.5
+ -----
+
+ * Added support for compilation on AIX.
+ * Dropped Python 2.6 and 3.3 support.
+ * Switched to using ``abi3`` wheels for Python 3. If you are not getting a
+ wheel on a compatible platform please upgrade your ``pip`` version.
+
3.1.4
-----
@@ -172,7 +189,7 @@
-------------
This library should be compatible with py-bcrypt and it will run on Python
- 2.6+, 3.3+, and PyPy 2.6+.
+ 2.7, 3.4+, and PyPy 2.6+.
C Code
------
@@ -186,15 +203,21 @@
identify a vulnerability, we ask you to contact us privately.
.. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/
+ .. _`standard library`: https://docs.python.org/3/library/hashlib.html#hashlib.scrypt
+ .. _`argon2_cffi`: https://argon2-cffi.readthedocs.io
+ .. _`cryptography`: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions...
Platform: UNKNOWN
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: Implementation :: CPython
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Programming Language :: Python :: 2
-Classifier: Programming Language :: Python :: 2.6
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
+Classifier: Programming Language :: Python :: 3.7
+Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*
+Provides-Extra: tests
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/README.rst new/bcrypt-3.1.6/README.rst
--- old/bcrypt-3.1.4/README.rst 2017-10-11 14:07:42.000000000 +0200
+++ new/bcrypt-3.1.6/README.rst 2019-01-16 16:44:06.000000000 +0100
@@ -2,13 +2,13 @@
======
.. image:: https://img.shields.io/pypi/v/bcrypt.svg
- :target: https://pypi.python.org/pypi/bcrypt/
+ :target: https://pypi.org/project/bcrypt/
:alt: Latest Version
.. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master
:target: https://travis-ci.org/pyca/bcrypt
-Modern password hashing for your software and your servers
+Good password hashing for your software and your servers
Installation
@@ -34,9 +34,27 @@
$ sudo yum install gcc libffi-devel python-devel
+Alternatives
+============
+
+While bcrypt remains a good choice for password storage depending on your specific use case you may also want to consider using scrypt (either via `standard library`_ or `cryptography`_) or argon2id via `argon2_cffi`_.
+
Changelog
=========
+3.1.6
+-----
+
+* Added support for compilation on Haiku.
+
+3.1.5
+-----
+
+* Added support for compilation on AIX.
+* Dropped Python 2.6 and 3.3 support.
+* Switched to using ``abi3`` wheels for Python 3. If you are not getting a
+ wheel on a compatible platform please upgrade your ``pip`` version.
+
3.1.4
-----
@@ -163,7 +181,7 @@
-------------
This library should be compatible with py-bcrypt and it will run on Python
-2.6+, 3.3+, and PyPy 2.6+.
+2.7, 3.4+, and PyPy 2.6+.
C Code
------
@@ -177,3 +195,6 @@
identify a vulnerability, we ask you to contact us privately.
.. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/
+.. _`standard library`: https://docs.python.org/3/library/hashlib.html#hashlib.scrypt
+.. _`argon2_cffi`: https://argon2-cffi.readthedocs.io
+.. _`cryptography`: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions...
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/pyproject.toml new/bcrypt-3.1.6/pyproject.toml
--- old/bcrypt-3.1.4/pyproject.toml 1970-01-01 01:00:00.000000000 +0100
+++ new/bcrypt-3.1.6/pyproject.toml 2019-01-16 16:34:17.000000000 +0100
@@ -0,0 +1,7 @@
+[build-system]
+# Must be kept in sync with `setup_requirements` in `setup.py`
+requires = [
+ "setuptools",
+ "wheel",
+ "cffi>=1.1; python_implementation != 'PyPy'",
+]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/setup.cfg new/bcrypt-3.1.6/setup.cfg
--- old/bcrypt-3.1.4/setup.cfg 2017-10-11 14:10:25.000000000 +0200
+++ new/bcrypt-3.1.6/setup.cfg 2019-01-16 16:46:42.000000000 +0100
@@ -1,3 +1,6 @@
+[metadata]
+license_file = LICENSE
+
[egg_info]
tag_build =
tag_date = 0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/setup.py new/bcrypt-3.1.6/setup.py
--- old/bcrypt-3.1.4/setup.py 2017-10-11 13:51:28.000000000 +0200
+++ new/bcrypt-3.1.6/setup.py 2019-01-16 16:34:17.000000000 +0100
@@ -200,17 +200,18 @@
author=__about__["__author__"],
author_email=__about__["__email__"],
+ python_requires=">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*",
install_requires=[
CFFI_DEPENDENCY,
SIX_DEPENDENCY,
],
extras_require={
"tests": [
- "pytest>=3.2.1",
+ "pytest>=3.2.1,!=3.3.0",
],
},
tests_require=[
- "pytest>=3.2.1",
+ "pytest>=3.2.1,!=3.3.0",
],
package_dir={"": "src"},
@@ -221,16 +222,17 @@
zip_safe=False,
classifiers=[
+ "Development Status :: 5 - Production/Stable",
+ "License :: OSI Approved :: Apache Software License",
"Programming Language :: Python :: Implementation :: CPython",
"Programming Language :: Python :: Implementation :: PyPy",
"Programming Language :: Python :: 2",
- "Programming Language :: Python :: 2.6",
"Programming Language :: Python :: 2.7",
"Programming Language :: Python :: 3",
- "Programming Language :: Python :: 3.3",
"Programming Language :: Python :: 3.4",
"Programming Language :: Python :: 3.5",
"Programming Language :: Python :: 3.6",
+ "Programming Language :: Python :: 3.7",
],
ext_package="bcrypt",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/src/_csrc/portable_endian.h new/bcrypt-3.1.6/src/_csrc/portable_endian.h
--- old/bcrypt-3.1.4/src/_csrc/portable_endian.h 2017-10-11 13:51:28.000000000 +0200
+++ new/bcrypt-3.1.6/src/_csrc/portable_endian.h 2019-01-16 16:34:17.000000000 +0100
@@ -94,6 +94,10 @@
# include
+#elif defined(__HAIKU__)
+
+# include
+
#elif defined(__NetBSD__) || defined(__FreeBSD__) || defined(__DragonFly__)
# include
@@ -180,6 +184,35 @@
# define be64toh(x) BE_64(x)
# define le64toh(x) LE_64(x)
+#elif defined _AIX /* AIX is always big endian */
+# define be64toh(x) (x)
+# define be32toh(x) (x)
+# define be16toh(x) (x)
+# define le32toh(x) \
+ ((((x) & 0xff) << 24) | \
+ (((x) & 0xff00) << 8) | \
+ (((x) & 0xff0000) >> 8) | \
+ (((x) & 0xff000000) >> 24))
+# define le64toh(x) \
+ ((((x) & 0x00000000000000ffL) << 56) | \
+ (((x) & 0x000000000000ff00L) << 40) | \
+ (((x) & 0x0000000000ff0000L) << 24) | \
+ (((x) & 0x00000000ff000000L) << 8) | \
+ (((x) & 0x000000ff00000000L) >> 8) | \
+ (((x) & 0x0000ff0000000000L) >> 24) | \
+ (((x) & 0x00ff000000000000L) >> 40) | \
+ (((x) & 0xff00000000000000L) >> 56))
+# ifndef htobe64
+# define htobe64(x) be64toh(x)
+# endif
+# ifndef htobe32
+# define htobe32(x) be32toh(x)
+# endif
+# ifndef htobe16
+# define htobe16(x) be16toh(x)
+# endif
+
+
#else
# error platform not supported
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/src/bcrypt/__about__.py new/bcrypt-3.1.6/src/bcrypt/__about__.py
--- old/bcrypt-3.1.4/src/bcrypt/__about__.py 2017-10-11 14:07:42.000000000 +0200
+++ new/bcrypt-3.1.6/src/bcrypt/__about__.py 2019-01-16 16:44:06.000000000 +0100
@@ -26,7 +26,7 @@
__summary__ = "Modern password hashing for your software and your servers"
__uri__ = "https://github.com/pyca/bcrypt/"
-__version__ = "3.1.4"
+__version__ = "3.1.6"
__author__ = "The Python Cryptographic Authority developers"
__email__ = "cryptography-dev@python.org"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/src/bcrypt/__init__.py new/bcrypt-3.1.6/src/bcrypt/__init__.py
--- old/bcrypt-3.1.4/src/bcrypt/__init__.py 2017-10-11 13:51:28.000000000 +0200
+++ new/bcrypt-3.1.6/src/bcrypt/__init__.py 2019-01-16 16:34:17.000000000 +0100
@@ -22,8 +22,7 @@
import six
-from bcrypt import _bcrypt
-
+from . import _bcrypt
from .__about__ import (
__author__, __copyright__, __email__, __license__, __summary__, __title__,
__uri__, __version__,
@@ -134,7 +133,9 @@
"Warning: bcrypt.kdf() called with only {0} round(s). "
"This few is not secure: the parameter is linear, like PBKDF2.")
.format(rounds),
- UserWarning)
+ UserWarning,
+ stacklevel=2,
+ )
key = _bcrypt.ffi.new("uint8_t[]", desired_key_bytes)
res = _bcrypt.lib.bcrypt_pbkdf(
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/src/bcrypt.egg-info/PKG-INFO new/bcrypt-3.1.6/src/bcrypt.egg-info/PKG-INFO
--- old/bcrypt-3.1.4/src/bcrypt.egg-info/PKG-INFO 2017-10-11 14:10:25.000000000 +0200
+++ new/bcrypt-3.1.6/src/bcrypt.egg-info/PKG-INFO 2019-01-16 16:46:42.000000000 +0100
@@ -1,23 +1,22 @@
-Metadata-Version: 1.1
+Metadata-Version: 2.1
Name: bcrypt
-Version: 3.1.4
+Version: 3.1.6
Summary: Modern password hashing for your software and your servers
Home-page: https://github.com/pyca/bcrypt/
Author: The Python Cryptographic Authority developers
Author-email: cryptography-dev@python.org
License: Apache License, Version 2.0
-Description-Content-Type: UNKNOWN
Description: bcrypt
======
.. image:: https://img.shields.io/pypi/v/bcrypt.svg
- :target: https://pypi.python.org/pypi/bcrypt/
+ :target: https://pypi.org/project/bcrypt/
:alt: Latest Version
.. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master
:target: https://travis-ci.org/pyca/bcrypt
- Modern password hashing for your software and your servers
+ Good password hashing for your software and your servers
Installation
@@ -43,9 +42,27 @@
$ sudo yum install gcc libffi-devel python-devel
+ Alternatives
+ ============
+
+ While bcrypt remains a good choice for password storage depending on your specific use case you may also want to consider using scrypt (either via `standard library`_ or `cryptography`_) or argon2id via `argon2_cffi`_.
+
Changelog
=========
+ 3.1.6
+ -----
+
+ * Added support for compilation on Haiku.
+
+ 3.1.5
+ -----
+
+ * Added support for compilation on AIX.
+ * Dropped Python 2.6 and 3.3 support.
+ * Switched to using ``abi3`` wheels for Python 3. If you are not getting a
+ wheel on a compatible platform please upgrade your ``pip`` version.
+
3.1.4
-----
@@ -172,7 +189,7 @@
-------------
This library should be compatible with py-bcrypt and it will run on Python
- 2.6+, 3.3+, and PyPy 2.6+.
+ 2.7, 3.4+, and PyPy 2.6+.
C Code
------
@@ -186,15 +203,21 @@
identify a vulnerability, we ask you to contact us privately.
.. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/
+ .. _`standard library`: https://docs.python.org/3/library/hashlib.html#hashlib.scrypt
+ .. _`argon2_cffi`: https://argon2-cffi.readthedocs.io
+ .. _`cryptography`: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions...
Platform: UNKNOWN
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: Implementation :: CPython
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Programming Language :: Python :: 2
-Classifier: Programming Language :: Python :: 2.6
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
+Classifier: Programming Language :: Python :: 3.7
+Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*
+Provides-Extra: tests
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/src/bcrypt.egg-info/SOURCES.txt new/bcrypt-3.1.6/src/bcrypt.egg-info/SOURCES.txt
--- old/bcrypt-3.1.4/src/bcrypt.egg-info/SOURCES.txt 2017-10-11 14:10:25.000000000 +0200
+++ new/bcrypt-3.1.6/src/bcrypt.egg-info/SOURCES.txt 2019-01-16 16:46:42.000000000 +0100
@@ -2,6 +2,8 @@
LICENSE
MANIFEST.in
README.rst
+pyproject.toml
+setup.cfg
setup.py
tox.ini
src/build_bcrypt.py
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/src/bcrypt.egg-info/requires.txt new/bcrypt-3.1.6/src/bcrypt.egg-info/requires.txt
--- old/bcrypt-3.1.4/src/bcrypt.egg-info/requires.txt 2017-10-11 14:10:25.000000000 +0200
+++ new/bcrypt-3.1.6/src/bcrypt.egg-info/requires.txt 2019-01-16 16:46:42.000000000 +0100
@@ -2,4 +2,4 @@
six>=1.4.1
[tests]
-pytest>=3.2.1
+pytest!=3.3.0,>=3.2.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/tests/test_bcrypt.py new/bcrypt-3.1.6/tests/test_bcrypt.py
--- old/bcrypt-3.1.4/tests/test_bcrypt.py 2017-10-11 13:51:28.000000000 +0200
+++ new/bcrypt-3.1.6/tests/test_bcrypt.py 2019-01-16 16:34:17.000000000 +0100
@@ -400,7 +400,9 @@
b"\x43\x66\x6c\x9b\x09\xef\x33\xed\x8c\x27\xe8\xe8\xf3\xe2\xd8\xe6"
]])
def test_kdf(rounds, password, salt, expected):
- derived = bcrypt.kdf(password, salt, len(expected), rounds)
+ derived = bcrypt.kdf(
+ password, salt, len(expected), rounds, ignore_few_rounds=True
+ )
assert derived == expected
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bcrypt-3.1.4/tox.ini new/bcrypt-3.1.6/tox.ini
--- old/bcrypt-3.1.4/tox.ini 2017-10-11 13:51:28.000000000 +0200
+++ new/bcrypt-3.1.6/tox.ini 2019-01-16 16:34:17.000000000 +0100
@@ -1,5 +1,5 @@
[tox]
-envlist = py26,py27,pypy,py33,py34,py35,py36,pep8,py3pep8,packaging
+envlist = py27,pypy,py34,py35,py36,py37,pep8,py3pep8,packaging
[testenv]
extras =
@@ -37,6 +37,7 @@
[flake8]
+ignore = W504
exclude = .tox,*.egg
select = E,W,F,N,I
application-import-names = bcrypt,tests