Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update to new home - pallets-eco #1015

Merged
merged 2 commits into from
Jul 31, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions .github/workflows/tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,11 @@ name: tests
on:
push:
branches:
- master
- main
- "[0-9]+.[0-9]+.x"
pull_request:
branches:
- master
- main
- "[0-9]+.[0-9]+.x"

# Allows you to run this workflow manually from the Actions tab
Expand All @@ -27,8 +27,8 @@ jobs:
- {python: '3.10', tox: 'py310-low'}
- {python: '3.11', tox: 'py311-release'}
- {python: '3.11', tox: 'py311-low'}
- { python: '3.12', tox: 'py312-release' }
- { python: '3.12', tox: 'py312-low' }
- {python: '3.12', tox: 'py312-release' }
- {python: '3.12', tox: 'py312-low' }
- {python: 'pypy-3.9', tox: 'pypy39-release'}
- {python: 'pypy-3.9', tox: 'pypy39-low'}

Expand Down
2 changes: 1 addition & 1 deletion .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ repos:
- id: check-merge-conflict
- id: fix-byte-order-marker
- repo: https://github.com/asottile/pyupgrade
rev: v3.16.0
rev: v3.17.0
hooks:
- id: pyupgrade
args: [--py39-plus]
Expand Down
2 changes: 0 additions & 2 deletions AUTHORS
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
Flask-Security was written by Matt Wright and various contributors.

Flask-Security-Too is an independently maintained repo:

Development Lead
````````````````

Expand Down
15 changes: 12 additions & 3 deletions CHANGES.rst
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,15 @@ Flask-Security Changelog

Here you can see the full list of changes between each Flask-Security release.

Version 5.5.1
-------------

Released xxx

I am pleased to announce that Flask-Security-Too is now part of pallets-eco and has returned
to be released as 'Flask-Security'. For the foreseeable future, we will publish the same release to both
Flask-Security and Flask-Security-Too on PyPI.

Version 5.5.0
-------------

Expand Down Expand Up @@ -336,7 +345,7 @@ Fixes
Known Issues
++++++++++++

- Flask-mongoengine hasn't released in a while and currently will not work with latest Flask and Flask-Security-Too
- Flask-mongoengine hasn't released in a while and currently will not work with latest Flask and Flask-Security-Too/Flask-Security
(this is due to the JSONEncoder being deprecated and removed).

Backwards Compatibility Concerns
Expand Down Expand Up @@ -905,8 +914,8 @@ using an authenticator app b) the qrcode is only available during the time
the user is first setting up their authentication app.
The QRcode issue has been fixed in 4.0.

.. _qrcode: https://github.com/Flask-Middleware/flask-security/issues/418
.. _login: https://github.com/Flask-Middleware/flask-security/issues/421
.. _qrcode: https://github.com/pallets-eco/flask-security/issues/418
.. _login: https://github.com/pallets-eco/flask-security/issues/421

Fixed
+++++
Expand Down
10 changes: 5 additions & 5 deletions CONTRIBUTING.rst
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ useful - if your feature has limited applicability, consider making a small
change that ENABLES your feature, rather than trying to get the entire feature
into Flask-Security.

.. _bug reports: https://github.com/Flask-Middleware/flask-security/issues
.. _bug reports: https://github.com/pallets-eco/flask-security/issues


Checklist
Expand All @@ -38,22 +38,22 @@ Getting the code
----------------

The code is hosted on a GitHub repo at
https://github.com/Flask-Middleware/flask-security. To get a working environment, follow
https://github.com/pallets-eco/flask-security. To get a working environment, follow
these steps:

#. (Optional, but recommended) Create a Python 3.6 (or greater) virtualenv to work in,
and activate it.

#. Fork the repo `Flask-Security <https://github.com/Flask-Middleware/flask-security>`_
#. Fork the repo `Flask-Security <https://github.com/pallets-eco/flask-security>`_
(look for the "Fork" button).

#. Clone your fork locally::

$ git clone https://github.com/<your-username>/flask-security

#. Change directory to flask_security::
#. Change directory to flask-security::

$ cd flask_security
$ cd flask-security

#. Install the requirements::

Expand Down
61 changes: 35 additions & 26 deletions README.rst
Original file line number Diff line number Diff line change
@@ -1,26 +1,30 @@
Flask-Security
===================

.. image:: https://github.com/Flask-Middleware/flask-security/workflows/tests/badge.svg?branch=master&event=push
:target: https://github.com/Flask-Middleware/flask-security
.. image:: https://github.com/pallets-eco/flask-security/workflows/tests/badge.svg?branch=main&event=push
:target: https://github.com/pallets-eco/flask-security

.. image:: https://codecov.io/gh/Flask-Middleware/flask-security/branch/master/graph/badge.svg?token=U02MUQJ7BM
:target: https://codecov.io/gh/Flask-Middleware/flask-security
.. image:: https://codecov.io/gh/pallets-eco/flask-security/graph/badge.svg?token=ZYS0AST5M3
:target: https://codecov.io/gh/pallets-eco/flask-security
:alt: Coverage!

.. image:: https://img.shields.io/github/tag/Flask-Middleware/flask-security.svg
:target: https://github.com/Flask-Middleware/flask-security/releases
.. image:: https://img.shields.io/github/tag/pallets-eco/flask-security.svg
:target: https://github.com/pallets-eco/flask-security/releases

.. image:: https://img.shields.io/pypi/dm/flask-security.svg
:target: https://pypi.python.org/pypi/flask-security
:alt: Downloads

.. image:: https://img.shields.io/pypi/dm/flask-security-too.svg
:target: https://pypi.python.org/pypi/flask-security-too
:alt: Downloads

.. image:: https://img.shields.io/github/license/Flask-Middleware/flask-security.svg
:target: https://github.com/Flask-Middleware/flask-security/blob/master/LICENSE
.. image:: https://img.shields.io/github/license/pallets-eco/flask-security.svg
:target: https://github.com/pallets-eco/flask-security/blob/main/LICENSE
:alt: License

.. image:: https://readthedocs.org/projects/flask-security-too/badge/?version=latest
:target: https://flask-security-too.readthedocs.io/en/latest/?badge=latest
.. image:: https://readthedocs.org/projects/flask-security/badge/?version=latest
:target: https://flask-security.readthedocs.io/en/latest/?badge=latest
:alt: Documentation Status

.. image:: https://img.shields.io/badge/code%20style-black-000000.svg
Expand All @@ -34,18 +38,24 @@ Quickly add security features to your Flask application.

Notes on this repo
------------------
This is an independently maintained version of Flask-Security forked from the 3.0.0
As of 7/30/2024, the independent fork Flask-Security-Too replaced the archived
Flask-Security repo (now called Flask-Security-3.0). This repo is published at PyPI at
both Flask-Security and Flask-Security-Too.

Flask-Security-Too was a fork from the 3.0.0
version of the `Original <https://github.com/mattupstate/flask-security>`_

Pallets Community Ecosystem
----------------------------

This project is part of the Pallets Community Ecosystem. Pallets is the open
source organization that maintains Flask; Pallets-Eco enables community
maintenance of related projects. If you are interested in helping maintain
this project, please reach out on `the Pallets Discord server <https://discord.gg/pallets>`.

Goals
+++++
* Regain momentum for this critical piece of the Flask eco-system. To that end the
plan is to put out small, frequent releases starting with pulling the simplest
and most obvious changes that have already been vetted in the upstream version, as
well as other pull requests. This was completed with the June 29 2019 3.2.0 release.
* Continue work to get Flask-Security to be usable from Single Page Applications,
such as those built with Vue and Angular, that have no html forms. This is true as of the 3.3.0
release.

* Use `OWASP <https://github.com/OWASP/ASVS>`_ to guide best practice and default configurations.
* Be more opinionated and 'batteries' included by reducing reliance on abandoned projects and
bundling in support for common use cases.
Expand All @@ -63,25 +73,24 @@ Goals

Contributing
++++++++++++
Issues and pull requests are welcome. Other maintainers are also welcome. Unlike
the original Flask-Security - issue pull requests against the *master* branch.
Issues and pull requests are welcome. Other maintainers are also welcome.
Please consult these `contributing`_ guidelines.

.. _contributing: https://github.com/Flask-Middleware/flask-security/blob/master/CONTRIBUTING.rst
.. _contributing: https://github.com/pallets-eco/flask-security/blob/main/CONTRIBUTING.rst

Installing
----------
Install and update using `pip <https://pip.pypa.io/en/stable/quickstart/>`_:

::

pip install -U Flask-Security-Too
pip install -U Flask-Security


Resources
---------

- `Documentation <https://flask-security-too.readthedocs.io/>`_
- `Releases <https://pypi.org/project/Flask-Security-Too/>`_
- `Issue Tracker <https://github.com/Flask-Middleware/flask-security/issues>`_
- `Code <https://github.com/Flask-Middleware/flask-security/>`_
- `Documentation <https://flask-security.readthedocs.io/>`_
- `Releases <https://pypi.org/project/Flask-Security/>`_
- `Issue Tracker <https://github.com/pallets-eco/flask-security/issues>`_
- `Code <https://github.com/pallets-eco/flask-security/>`_
14 changes: 6 additions & 8 deletions docs/conf.py
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@
# |version| and |release|, also used in various other places throughout the
# built documents.
#
release, version = get_version("Flask-Security-Too")
release, version = get_version("Flask-Security")

# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
Expand Down Expand Up @@ -148,17 +148,15 @@
html_theme_options = {"index_sidebar_logo": False}
html_context = {
"project_links": [
ProjectLink("PyPI releases", "https://pypi.org/project/Flask-Security-Too/"),
ProjectLink(
"Source Code", "https://github.com/Flask-Middleware/flask-security/"
),
ProjectLink("PyPI releases", "https://pypi.org/project/Flask-Security/"),
ProjectLink("Source Code", "https://github.com/pallets-eco/flask-security/"),
ProjectLink(
"Issue Tracker",
"https://github.com/Flask-Middleware/flask-security/issues/",
"https://github.com/pallets-eco/flask-security/issues/",
),
ProjectLink(
"Changes",
"https://flask-security-too.readthedocs.io/en/stable/changelog.html",
"https://flask-security.readthedocs.io/en/stable/changelog.html",
),
]
}
Expand Down Expand Up @@ -200,4 +198,4 @@

# -- Options for sphinx-issues ---------------------------------------------
# Github repo
issues_github_path = "Flask-Middleware/flask-security"
issues_github_path = "pallets-eco/flask-security"
2 changes: 1 addition & 1 deletion docs/index.rst
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ Welcome to Flask-Security
:alt: Flask-Security: add a drop of security to your Flask application.
:align: left
:width: 100%
:target: https://github.com/Flask-Middleware/flask-security
:target: https://github.com/pallets-eco/flask-security


Flask-Security allows you to quickly add common security mechanisms to your
Expand Down
8 changes: 4 additions & 4 deletions docs/installation.rst
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
Installation
=============

Installing Flask-Security-Too using::
Installing Flask-Security using::

pip install flask-security-too
pip install flask-security

will install the basic package along with its required dependencies:

Expand All @@ -18,11 +18,11 @@ will install the basic package along with its required dependencies:

These are not sufficient for a complete application - other packages are
required based on features desired, password hash algorithms, storage backend, etc.
Flask-Security-Too has additional distribution 'extras' that can reduce the hassle
Flask-Security has additional distribution 'extras' that can reduce the hassle
of figuring out all the required packages. You can install these using the
standard pip syntax::

pip install flask-security-too[extra1,extra2, ...]
pip install flask-security[extra1,extra2, ...]

Supported extras are:

Expand Down
8 changes: 4 additions & 4 deletions docs/openapi.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,15 +12,15 @@ info:
if you render the form from your Flask application. If you send JSON, then you must include a request header (configured via __SECURITY_CSRF_HEADER__).
Please read the online documentation to find out details on how CSRF can be configured.

You can download the latest spec from: https://github.com/Flask-Middleware/flask-security/blob/master/docs/openapi.yaml
You can download the latest spec from: https://github.com/pallets-eco/flask-security/blob/main/docs/openapi.yaml
version: 2.0.0
title: "Flask-Security External API"
contact:
name: Flask-Security-Too
url: https://github.com/Flask-Middleware/flask-security
name: Flask-Security
url: https://github.com/pallets-eco/flask-security
license:
name: MIT
url: https://github.com/Flask-Middleware/flask-security/blob/master/LICENSE
url: https://github.com/pallets-eco/flask-security/blob/main/LICENSE
paths:
/login:
get:
Expand Down
12 changes: 6 additions & 6 deletions docs/quickstart.rst
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ Flask-SQLAlchemy Install requirements

$ python3 -m venv pymyenv
$ . pymyenv/bin/activate
$ pip install flask-security-too[fsqla,common]
$ pip install flask-security[fsqla,common]


Flask-SQLAlchemy Application
Expand Down Expand Up @@ -143,7 +143,7 @@ This requires python >= 3.10::

$ python3 -m venv pymyenv
$ . pymyenv/bin/activate
$ pip install flask-security-too[common] sqlalchemy flask-sqlalchemy-lite
$ pip install flask-security[common] sqlalchemy flask-sqlalchemy-lite

Flask-SQLAlchemy-Lite Application
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Expand Down Expand Up @@ -242,7 +242,7 @@ This requires python >= 3.10::

$ python3 -m venv pymyenv
$ . pymyenv/bin/activate
$ pip install flask-security-too[common] sqlalchemy
$ pip install flask-security[common] sqlalchemy

SQLAlchemy Application (w/o Flask-SQLAlchemy)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Expand Down Expand Up @@ -369,7 +369,7 @@ MongoEngine Install requirements

$ python3 -m venv pymyenv
$ . pymyenv/bin/activate
$ pip install flask-security-too[common] mongoengine
$ pip install flask-security[common] mongoengine

MongoEngine Application
~~~~~~~~~~~~~~~~~~~~~~~
Expand Down Expand Up @@ -469,7 +469,7 @@ Peewee Install requirements

$ python3 -m venv pymyenv
$ . pymyenv/bin/activate
$ pip install flask-security-too[common] peewee
$ pip install flask-security[common] peewee

Peewee Application
~~~~~~~~~~~~~~~~~~
Expand Down Expand Up @@ -626,4 +626,4 @@ You also might want to set the following configurations in your conftest.py:
# Make this plaintext for most tests - reduces unit test time by 50%
app.config["SECURITY_PASSWORD_HASH"] = "plaintext"

.. _Flask-Security repo: https://github.com/Flask-Middleware/flask-security
.. _Flask-Security repo: https://github.com/pallets-eco/flask-security
2 changes: 1 addition & 1 deletion docs/spa.rst
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ webserver. A couple of deployment options and their configurations will be descr

Nginx
~~~~~
When serving a SPA from a Nginx webserver the Flask backend, with Flask-Security-Too, will probably be served via
When serving a SPA from a Nginx webserver the Flask backend, with Flask-Security, will probably be served via
Nginx's reverse proxy feature. The javascript is served from Nginx itself and all calls to a certain path will be routed
to the reversed proxy. The example below routes all http requests to *"/api/"* to the Flask backend and handles all other
requests directly from javascript. This has a couple of benefits as all the requests happen within the same domain so you
Expand Down
2 changes: 1 addition & 1 deletion docs/two_factor_configurations.rst
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ SQLAlchemy Install requirements

$ python3 -m venv pymyenv
$ . pymyenv/bin/activate
$ pip install flask-security-too[common,mfa,fsqla]
$ pip install flask-security[common,mfa,fsqla]


Two-factor Application
Expand Down
2 changes: 1 addition & 1 deletion flask_security/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -139,4 +139,4 @@
)
from .webauthn_util import WebauthnUtil

__version__ = "5.5.0"
__version__ = "5.5.1"
Loading