python-jose changelog

Changelog History

Page 1

• v3.3.0 Changes

  June 04, 2021

  🆕 News

  • ✂ Remove support for python 2.7 & 3.5
  • ➕ Add support for Python 3.9
  • ✂ Remove PyCrypto backend
  • 🛠 Fix deprecation warning from cryptography backend

  Housekeeping

  • 👷 Switched from Travis CI to Github Actions
  • ➕ Added iSort & Black
  • 🏁 Run CI Tests under Mac OS & Windows.
  • ⚡️ Updated Syntax to use Python 3.6+
  • ⬆️ Upgrade to latest pytest, remove used dev requirements.

• v3.2.0 Changes

  July 29, 2020

  🔄 Changes

  🆕 News

  • 🚀 This will be the last release supporting Python 2.7, 3.5, and the PyCrypto
    backend.

  🐛 Bug fixes and Improvements

  • Use hmac.compare_digest instead of our own constant_time_string_compare #163
  • 🛠 Fix to_dict output, which should always be JSON encodeable. #139 and #165
    🛠 (fixes #127 and #137)
  • 🛠 Require setuptools >= 39.2.0 #167 (fixes #161)
  • ⚠ Emit a warning when verifying with a private key #168 (fixes #53 and #142)
  • 📌 Avoid loading python-ecdsa when using the cryptography backend, and pinned
    python-ecdsa dependency to <0.15 #178

  Housekeeping

  • 🛠 Fixed some typos #160, #162, and #164

  Special Thanks

  • @asherf
  • @bthaqi
  • @galak-fyyar
  • @zejn
  • @piedrahitapablo
  • @dumptyd
  • @friedcell
  • @bdraco

• v3.1.0 Changes

  December 10, 2019

  🔄 Changes

  🔋 Features

  • 👌 Improve JWT.decode() #76 (fixes #75)
  • 🛠 Sort headers when serializing to allow for headless JWT #136 (fixes #80)
  • Adjust dependency handling
    • Use PyCryptodome instead of PyCrypto #83
    • Update package dependencies #124 (fixes #158)
  • 🗄 Avoid using deprecated methods #85
  • 👌 Support X509 certificates #107
  • 🛠 Isolate and flesh out cryptographic backends to enable independent operation #129 (fixes #114)
    • Remove pyca/cryptography backend's dependency on python-ecdsa #117
    • Remove pycrypto/dome backends' dependency on python-rsa #121
    • Make pyca/cryptography backend the preferred backend if multiple backends are present #122

  🛠 Bugfixes/Improvements

  • Enable flake8 check in tox/TravisCI #77
  • 🛠 Fix crytography dependency typo #94
  • ✅ Trigger tests using python setup.py test #97
  • Properly raise an error if a claim is expected and not given #98
  • 🛠 Typo fixes #110
  • 🛠 Fix invalid RSA private key PKCS8 encoding by python-rsa backend #120 (fixes #119)
  • ✂ Remove future dependency #134 (fixes #112)
  • 🛠 Fix incorrect use of pytest.raises(message=...) #141
  • Typo fix #143
  • 🛰 Clarify sign docstring to allow for dict payload #150

  Housekeeping

  • ⚡️ Streamline the code a bit and update classifiers #87
  • 🛠 Fix typo and rephrase access_token documentation #89
  • 👕 Code linting now mostly honors flake8 #101
  • Document using a dict for jwt.encode and jwt.decode #103
  • ✅ Include docs and tests in source distributions #111
  • ⚡️ Updating README descriptions of crypto backends #130
  • Document versioning policy #131
  • ➕ Add CHANGELOG.rst #132 (fixes #99)
  • Simplify and extend .travis.yml #135
  • ⚡️ Move CHANGELOG.rst to CHANGELOG.md and update it #158

  Special Thanks

  • @mpdavis
  • @zehn
  • @mattsb42-aws
  • @leplatrem
  • @nelz9999
  • @hugovk
  • @crgk
  • @zulrang
  • @shenek
  • @imsteev
  • @jgehrcke
  • @bgrant
  • @gene1wood

• v3.0.1

  August 30, 2018

• v3.0.0 Changes

  May 04, 2018

  📦 As of 3.0.0, python-jose uses the pure python rsa package for signing and verifying RSA signatures by default.

  Other backends can be used by installing python-jose with extras. Options include pycrypto, pycryptodome and cryptography. It is recommended that one of these options is used in production, as they will be much faster than the pure python rsa module.

  0️⃣ The cryptography option is a good default.

  🔋 Features

  • ⚡️ Update classifiers
  • 🚚 Move away from deprecated methods
  • ⚡️ Update comments for default values of options
  • Implement pure python rsa signing based on rsa module

• v2.0.2

  May 04, 2018

• v2.0.1 Changes

  January 21, 2018

  ⬆️ Bump the pycrpytodome dependency.

• v2.0.0 Changes

  January 16, 2018

  0️⃣ As of 2.0.0, python-jose uses pycrpytodome as the default signing backend for RSA functions.

  Other backends can be used by installing python-jose with extras. Options include pycrypto and cryptography.

  🔋 Features

  • Enable flake8 check in tox/TravisCI
  • 👻 Added more exception information that decode() raises
  • Implement optional backends for python-jose as setup.py extras

• v1.4.0 Changes

  September 01, 2017

  🔋 Features

  • Easier extending/replacing of key algorithms
  • 👍 Note explicit support for Python 3.5 and 3.6
  • Implement cryptography as one of the backends

  🛠 Fixes

  • Fix for cryptography 1.9
  • Fix for CVE-2017-11424

• v1.3.2 Changes

  September 05, 2016

  🛠 Bugfixes

  • Use constant time string comparisons for HMAC keys

• 1
• 2
• Next ›
• Last »