This repository has been archived by the owner on Mar 30, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathCHANGES.txt
112 lines (83 loc) · 3.47 KB
/
CHANGES.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
0.14.0 - 2018-01-12
===================
* Silence warnings about assertion format changes,
since there's now no risk of this.
0.13.0 - 2017-12-20
===================
* Use LocalVerifier by default, now that the hosted
verifier has shut down.
0.12.0 - 2017-05-29
===================
* Add support for extra "idpClaims" and "userClaims"
when using the LocalVerifier class.
0.11.0 - 2016-05-11
===================
* Have the local verifier validate that the email
address is well-formed, to avoid passing e.g.
null bytes through to code that doesn't properly
handle them.
0.10.0 - 2016-03-09
===================
* Add support for "idpClaims" and "userClaims" when
generating test assertions. This helps when using
this library to interact with Firefox Accounts.
0.9.2 - 2014-04-13
==================
* Remove tuple paramter unpacking for python3.
* Add "description" attribute to Error objects.
0.9.1 - 2012-11-26
==================
* Fix data-decoding bug in fallback crypto routines.
0.9.0 - 2012-10-04
==================
* Support for Python 3.
0.8.0 - 2012-08-01
==================
* Correct the pure-python RSA implementation. Unfortunately this
requires a small backwards-incompatible API change on RSKey objects
(the SIZE property is now DIGESTSIZE and it gives the size of the
internal hex digest string in bytes)
0.7.0 - 2012-07-26
==================
* Added a pure-python implementation of the JWT crypto routines, for
use when M2Crypto is not available.
* Added "from_pem_data" and "to_pem_data" methods to Key objects.
Currently these are only available when M2Crypto is installed.
* Added support for delegation of authority; thanks @kylef.
* Use https://verifier.login.persona.org/verify for remote verification
0.6.2 - 2012-07-17
==================
* Add persona.org and related sites to the list of default
trusted secondaries.
0.6.1 - 2012-06-07
==================
* Disable certificate chaining for now. This feature is not used by any
servers in the wild, and the spec for it is going to change soon.
0.6.0 - 2012-31-05
==================
* Remove ability to use a custom JWT parser class, it's not used and
adds needless complexity.
* Add a way to skip the ssl verification when getting certificates with the
CertificateManager.
0.5.0 - 2012-04-18
==================
* add support of requests rather than custom code for ssl checking when
retrieving certificates.
* removed patch utility for secure_urlopen (we are now using requests)
* add more verbose errors when dealing with RSA/DSA Keys.
0.4.0 - 2012-03-13
==================
* Renamed from PyVEP to PyBrowserID, in keeping with Mozilla branding.
* Audience checking now accepts glob-style patterns as well as fixed
audience strings.
* Verifier objects now accept a list of audience patterns as their first
argument. This is designed to encourage doing the right thing rather than,
say, passing in the hostname from the request.
* Allowed LocalVerifier to use of a custom JWT parser.
* Removed browserid.verify_[remote|local|dummy] since they just cause
confusion. You should either accept the defaults provided by the
browserid.verify function, or use a full-blown Verifier object.
* Split certificate loading and caching into a separate class, in
browserid.certificates:CertificatesManager.
* Removed the DummyVerifier class in favour of supporting functions
in browserid.tests.support.