Releases: mpdavis/python-jose
Releases · mpdavis/python-jose
3.3.0
3.3.0 -- 2020-06-04
News
- Remove support for python 2.7 & 3.5
- Add support for Python 3.9
- Remove PyCrypto backend
- Fix deprecation warning from cryptography backend
Housekeeping
- Switched from Travis CI to Github Actions
- Added iSort & Black
- Run CI Tests under Mac OS & Windows.
- Updated Syntax to use Python 3.6+
- Upgrade to latest pytest, remove used dev requirements.
Small fixes
Changes
News
This will be the last release supporting Python 2.7, 3.5, and the PyCryptoThis will be the penultimate release supporting Python 2.7, 3.5, and the PyCrypto backend.
backend.
Bug fixes and Improvements
- Use hmac.compare_digest instead of our own constant_time_string_compare #163
- Fix
to_dictoutput, which should always be JSON encodeable. #139 and #165
(fixes #127 and #137) - Require setuptools >= 39.2.0 #167 (fixes #161)
- Emit a warning when verifying with a private key #168 (fixes #53 and #142)
- Avoid loading python-ecdsa when using the cryptography backend, and pinned
python-ecdsa dependency to <0.15 #178
Housekeeping
Special Thanks
Overdue release
Changes
Features
- Improve
JWT.decode()#76 (fixes #75) - Sort headers when serializing to allow for headless JWT #136 (fixes #80)
- Adjust dependency handling
- Avoid using deprecated methods #85
- Support X509 certificates #107
- Isolate and flesh out cryptographic backends to enable independent operation #129 (fixes #114)
Bugfixes/Improvements
- Enable flake8 check in tox/TravisCI #77
- Fix
crytographydependency typo #94 - Trigger tests using
python setup.py test#97 - Properly raise an error if a claim is expected and not given #98
- Typo fixes #110
- Fix invalid RSA private key PKCS8 encoding by python-rsa backend #120 (fixes #119)
- Remove
futuredependency #134 (fixes #112) - Fix incorrect use of
pytest.raises(message=...)#141 - Typo fix #143
- Clarify sign docstring to allow for
dictpayload #150
Housekeeping
- Streamline the code a bit and update classifiers #87
- Fix typo and rephrase
access_tokendocumentation #89 - Code linting now mostly honors flake8 #101
- Document using a
dictforjwt.encodeandjwt.decode#103 - Include docs and tests in source distributions #111
- Updating README descriptions of crypto backends #130
- Document versioning policy #131
- Add
CHANGELOG.rst#132 (fixes #99) - Simplify and extend
.travis.yml#135 - Move
CHANGELOG.rsttoCHANGELOG.mdand update it #158
Special Thanks
3.0.1
3.0.0
As of 3.0.0, python-jose uses the pure python rsa package for signing and verifying RSA signatures by default.
Other backends can be used by installing python-jose with extras. Options include pycrypto, pycryptodome and cryptography. It is recommended that one of these options is used in production, as they will be much faster than the pure python rsa module.
The cryptography option is a good default.
Features
2.0.2
2.0.1
2.0.0
As of 2.0.0, python-jose uses pycrpytodome as the default signing backend for RSA functions.
Other backends can be used by installing python-jose with extras. Options include pycrypto and cryptography.