pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/www/py-flask-wtf Update py-flask-wtf to 0.14.2.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/bb92504658eb
branches:  trunk
changeset: 358803:bb92504658eb
user:      kleink <kleink%pkgsrc.org@localhost>
date:      Mon Feb 20 15:27:12 2017 +0000

description:
Update py-flask-wtf to 0.14.2.


Version 0.14.2
--------------

Released 2017-01-10

- Fix bug where ``FlaskForm`` assumed ``meta`` argument was not ``None`` if it
  was passed. (`#278`_)

.. _#278: https://github.com/lepture/flask-wtf/issues/278

Version 0.14.1
--------------

Released 2017-01-10

- Fix bug where the file validators would incorrectly identify an empty file as
  valid data. (`#276`_, `#277`_)

    - ``FileField`` is no longer deprecated. The data is checked during
      processing and only set if it's a valid file.
    - ``has_file`` *is* deprecated; it's now equivalent to ``bool(field.data)``.
    - ``FileRequired`` and ``FileAllowed`` work with both the Flask-WTF and
      WTForms ``FileField`` classes.
    - The ``Optional`` validator now works with ``FileField``.

.. _#276: https://github.com/lepture/flask-wtf/issues/276
.. _#277: https://github.com/lepture/flask-wtf/pull/277

Version 0.14
------------

Released 2017-01-06

- Use itsdangerous to sign CSRF tokens and check expiration instead of doing it
  ourselves. (`#264`_)

    - All tokens are URL safe, removing the ``url_safe`` parameter from
      ``generate_csrf``. (`#206`_)
    - All tokens store a timestamp, which is checked in ``validate_csrf``. The
      ``time_limit`` parameter of ``generate_csrf`` is removed.

- Remove the ``app`` attribute from ``CsrfProtect``, use ``current_app``.
  (`#264`_)
- ``CsrfProtect`` protects the ``DELETE`` method by default. (`#264`_)
- The same CSRF token is generated for the lifetime of a request. It is exposed
  as ``g.csrf_token`` for use during testing. (`#227`_, `#264`_)
- ``CsrfProtect.error_handler`` is deprecated. (`#264`_)

    - Handlers that return a response work in addition to those that raise an
      error. The behavior was not clear in previous docs.
    - (`#200`_, `#209`_, `#243`_, `#252`_)

- Use ``Form.Meta`` instead of deprecated ``SecureForm`` for CSRF (and
  everything else). (`#216`_, `#271`_)

    - ``csrf_enabled`` parameter is still recognized but deprecated. All other
      attributes and methods from ``SecureForm`` are removed. (`#271`_)

- Provide ``WTF_CSRF_FIELD_NAME`` to configure the name of the CSRF token.
  (`#271`_)
- ``validate_csrf`` raises ``wtforms.ValidationError`` with specific messages
  instead of returning ``True`` or ``False``. This breaks anything that was
  calling the method directly. (`#239`_, `#271`_)

    - CSRF errors are logged as well as raised. (`#239`_)

- ``CsrfProtect`` is renamed to ``CSRFProtect``. A deprecation warning is issued
  when using the old name. ``CsrfError`` is renamed to ``CSRFError`` without
  deprecation. (`#271`_)
- ``FileField`` is deprecated because it no longer provides functionality over
  the provided validators. Use ``wtforms.FileField`` directly. (`#272`_)

.. _`#200`: https://github.com/lepture/flask-wtf/issues/200
.. _`#209`: https://github.com/lepture/flask-wtf/pull/209
.. _`#216`: https://github.com/lepture/flask-wtf/issues/216
.. _`#227`: https://github.com/lepture/flask-wtf/issues/227
.. _`#239`: https://github.com/lepture/flask-wtf/issues/239
.. _`#243`: https://github.com/lepture/flask-wtf/pull/243
.. _`#252`: https://github.com/lepture/flask-wtf/pull/252
.. _`#264`: https://github.com/lepture/flask-wtf/pull/264
.. _`#271`: https://github.com/lepture/flask-wtf/pull/271
.. _`#272`: https://github.com/lepture/flask-wtf/pull/272

Version 0.13.1
--------------

Released 2016/10/6

- Deprecation warning for ``Form`` is shown during ``__init__`` instead of immediately when subclassing. (`#262`_)
- Don't use ``pkg_resources`` to get version, for compatibility with GAE. (`#261`_)

.. _`#261`: https://github.com/lepture/flask-wtf/issues/261
.. _`#262`: https://github.com/lepture/flask-wtf/issues/262

Version 0.13
------------

Released 2016/09/29

- ``Form`` is renamed to ``FlaskForm`` in order to avoid name collision with WTForms's base class.  Using ``Form`` will show a deprecation warning. (`#250`_)
- ``hidden_tag`` no longer wraps the hidden inputs in a hidden div.  This is valid HTML5 and any modern HTML parser will behave correctly. (`#217`_, `#193`_)
- ``flask_wtf.html5`` is deprecated.  Import directly from ``wtforms.fields.html5``. (`#251`_)
- ``is_submitted`` is true for ``PATCH`` and ``DELETE`` in addition to ``POST`` and ``PUT``. (`#187`_)
- ``generate_csrf`` takes a ``token_key`` parameter to specify the key stored in the session. (`#206`_)
- ``generate_csrf`` takes a ``url_safe`` parameter to allow the token to be used in URLs. (`#206`_)
- ``form.data`` can be accessed multiple times without raising an exception. (`#248`_)
- File extension with multiple parts (``.tar.gz``) can be used in the ``FileAllowed`` validator. (`#201`_)

.. _`#187`: https://github.com/lepture/flask-wtf/pull/187
.. _`#193`: https://github.com/lepture/flask-wtf/issues/193
.. _`#201`: https://github.com/lepture/flask-wtf/issues/201
.. _`#206`: https://github.com/lepture/flask-wtf/pull/206
.. _`#217`: https://github.com/lepture/flask-wtf/issues/217
.. _`#248`: https://github.com/lepture/flask-wtf/pull/248
.. _`#250`: https://github.com/lepture/flask-wtf/pull/250
.. _`#251`: https://github.com/lepture/flask-wtf/pull/251

diffstat:

 www/py-flask-wtf/Makefile |   4 ++--
 www/py-flask-wtf/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (27 lines):

diff -r a8ec5553d7eb -r bb92504658eb www/py-flask-wtf/Makefile
--- a/www/py-flask-wtf/Makefile Mon Feb 20 15:19:54 2017 +0000
+++ b/www/py-flask-wtf/Makefile Mon Feb 20 15:27:12 2017 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.19 2015/08/14 18:55:11 kleink Exp $
+# $NetBSD: Makefile,v 1.20 2017/02/20 15:27:12 kleink Exp $
 
-DISTNAME=      Flask-WTF-0.12
+DISTNAME=      Flask-WTF-0.14.2
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME:tl}
 CATEGORIES=    www python
 MASTER_SITES=  ${MASTER_SITE_PYPI:=F/Flask-WTF/}
diff -r a8ec5553d7eb -r bb92504658eb www/py-flask-wtf/distinfo
--- a/www/py-flask-wtf/distinfo Mon Feb 20 15:19:54 2017 +0000
+++ b/www/py-flask-wtf/distinfo Mon Feb 20 15:27:12 2017 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.13 2015/11/04 02:47:28 agc Exp $
+$NetBSD: distinfo,v 1.14 2017/02/20 15:27:12 kleink Exp $
 
-SHA1 (Flask-WTF-0.12.tar.gz) = ae22d907a3ed58bed2df80e09a07e86be27f409b
-RMD160 (Flask-WTF-0.12.tar.gz) = d8856771e92c7f3986b57ee6c5eb829a9e41e054
-SHA512 (Flask-WTF-0.12.tar.gz) = d9861a4fa6ace46fb2a632ff51777bc30af9b63c4f2a35cbe4a68a2777468eb7b6e1813ce331472458c05ce7069f73d998b4e9d3fd9d6ef56fc3abf0bb219a9e
-Size (Flask-WTF-0.12.tar.gz) = 247397 bytes
+SHA1 (Flask-WTF-0.14.2.tar.gz) = b8e8c9f2b76e43839b982b96683d2cfd70ac668f
+RMD160 (Flask-WTF-0.14.2.tar.gz) = cd4f34deded49a868b4f0894dc18fc533010b79d
+SHA512 (Flask-WTF-0.14.2.tar.gz) = 9d4b4b24eb24827aeb524699e6720eab384c42901a102daddd9fdc6b8dbc8eebec8c9d31a1e9052c9af4d61bd08eef8ef9dc4cdc8d9b950ff5bdd0201db1dfde
+Size (Flask-WTF-0.14.2.tar.gz) = 254903 bytes



Home | Main Index | Thread Index | Old Index