Debian Package Tracker - python-jwcrypto

general

source: python-jwcrypto (main)
version: 0.6.0-2
maintainer: Debian FreeIPA Team (archive) (DMD)
uploaders: Timo Aaltonen [DMD]
arch: all
std-ver: 4.4.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 0.3.2-1
stable-bpo: 0.6.0-2~bpo10+1
testing: 0.6.0-2
unstable: 0.6.0-2

versioned links

0.3.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.0-2~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

python3-jwcrypto

action needed

A new upstream version is available: 0.7.0 high

A new upstream version 0.7.0 is available, you should consider packaging it.

Created: 2020-05-02 Last update: 2020-06-05 03:06

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 0.7.0-1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 904c7902fff8514f1f42161c8e1fa23d11e75c76
Author: Timo Aaltonen <tjaalton@debian.org>
Date:   Tue Apr 21 17:38:04 2020 +0300

    bump the version

commit 51a7e2a8df1b2fd498bcd2032f364e9cce048e3e
Merge: 51b5f66 067ce86
Author: Timo Aaltonen <tjaalton@debian.org>
Date:   Tue Apr 21 17:37:39 2020 +0300

    Merge branch 'upstream'

commit 067ce8693777e248c9186d1b5f3dbe985f461f81
Author: Simo Sorce <simo@redhat.com>
Date:   Wed Feb 19 12:00:24 2020 -0500

    Release 0.7
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

commit 13c434adaf7e0a9be8ed46e2088862c5e1a5298a
Author: JC <11434205+dijonkitchen@users.noreply.github.com>
Date:   Mon Feb 17 10:32:21 2020 -0800

    docs: fix spelling

commit c51e10b81d376dbd397ff86bbacc129c267fec01
Author: Karthikeyan Singaravelan <tir.karthi@gmail.com>
Date:   Sun Feb 2 00:15:15 2020 +0530

    Import ABC from collections.abc instead of collections for Python 3.9 compatibility.

commit 51b5f66a6140449fa91a9b85630332f751bfbdeb
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Dec 10 23:07:44 2019 +0000

    Update standards version to 4.4.1, no changes needed.
    
    Fixes lintian: out-of-date-standards-version
    See https://lintian.debian.org/tags/out-of-date-standards-version.html for more details.

commit 682360427bd436c0ab1f39e897a99e2f1c417c64
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Dec 10 23:07:25 2019 +0000

    Set upstream metadata fields: Bug-Database, Repository, Repository-Browse.
    
    Fixes lintian: upstream-metadata-file-is-missing
    See https://lintian.debian.org/tags/upstream-metadata-file-is-missing.html for more details.

commit 119c073b58ecc1dd6c796e6857294e561a0fec10
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Dec 10 23:07:03 2019 +0000

    Set debhelper-compat version in Build-Depends.
    
    Fixes lintian: uses-debhelper-compat-file
    See https://lintian.debian.org/tags/uses-debhelper-compat-file.html for more details.

commit 58c1099e531546feb473ad6bd34f9cbba7040d0d
Author: Simo Sorce <simo@redhat.com>
Date:   Fri Sep 27 17:41:27 2019 -0400

    Add the ability to verify 'none' signatures.
    
    Apparently this is required by OpenID Connect as an option:
    https://openid.net/specs/openid-connect-core-1_0.html#RequestObject
    
    In order to avoid accidental use of the None algoritm, which is disabled
    by default but easy to casually enable, add the requirement to pass a
    "None Key".
    The none key clearly indicates that the user really wants to allow the
    'none' algorithm to be used.
    
    The "None Key" is an 'oct' key with key size of 0.
    
    Example:
    >>> from jwcrypto import jwk,jwt
    >>> e="eyJhbGciOiJub25lIn0.eyJpc3MiOiJqb2UiLCJodHRwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZX0."
    >>> k=jwk.JWK(generate='oct', size=0)
    >>> E=jwt.JWT(algs=['none'])
    >>> E.deserialize(jwt=e, key=k)
    >>> E.claims
    u'{"iss":"joe","http://example.com/is_root":true}'
    
    Fixes #163
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

commit d7bb9344a792e7fc9ac126197f77dcd507b355f9
Author: Simo Sorce <simo@redhat.com>
Date:   Tue Oct 1 07:58:10 2019 -0400

    Try to fix travis and its old cruft
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

commit e7f3845ea48fdc6a867fc8cf70f9b60f62a9b6f1
Author: Simo Sorce <simo5@users.noreply.github.com>
Date:   Tue Sep 3 10:34:34 2019 -0400

    Remove unwanted debug print
    
    This crept in unseen during the work to ad ed448

commit 1f065c0c5aaf21ac17ad32d4e649dcf601e32751
Author: Paul M <paul@chezp4ul.fr>
Date:   Wed Aug 7 14:51:03 2019 +0200

    typo correction

commit 437ea86caef224cf769e30cafe30f1c0b4e0f3e2
Author: Simo Sorce <simo@redhat.com>
Date:   Thu Jun 6 13:57:43 2019 -0400

    Fix encoding length of EC keys Coordinates
    
    According to RFC 7518 6.2.1.2 the Coordinates need to be encoded such
    that the size of the encoded string is fixed (based on private curve
    key_size). Fix _encode_int to take in account the bit_size given
    python-cryptography gives us python integers and that may lead to
    truncation of leading zeros when doing the conversion via hex().
    
    Fixes: #158
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

commit 2cc6dadf5aa5bb64b1309bd3c49726eaf2556a8e
Author: Simo Sorce <simo@redhat.com>
Date:   Fri Apr 12 12:50:15 2019 -0400

    Simplify internal code curve selection
    
    Adds a namedtuple table to make curve selection a simple table lookup
    instead of long fragile if/elif/else constructs.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

commit 559747af9f61a1645b3bf56d5028fe5e0d362eaa
Author: Simo Sorce <simo@redhat.com>
Date:   Thu Mar 7 17:37:14 2019 -0500

    Make X25519/X448 conditional when using older pyca

commit b92643c3f88b0d672b4e7df13367544c3c9bf140
Author: Simo Sorce <simo@redhat.com>
Date:   Tue Aug 7 06:05:52 2018 -0400

    Add X25519/X448 support
    
    Implements the missing part of rfc8037
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

commit fc37b72b38366a37c86f74b62b1b6e0bafe1ea75
Author: Simo Sorce <simo@redhat.com>
Date:   Fri Apr 5 13:28:09 2019 -0400

    Stricter OKP key generation parms check

commit 961df898dc08f63fe3d900f2002618740bc66b4a
Author: unknown <1217203+andrewmackie@users.noreply.github.com>
Date:   Wed Apr 3 13:26:38 2019 +1100

    RFC 8037 - Support for Ed25519, Ed448

commit 061c654cd5a299bc864b1dec852fb13f33842ca1
Author: Brandon Lum <lumjjb@gmail.com>
Date:   Fri Mar 15 09:42:06 2019 -0400

    Added JWE/JWS custom registry header implementation
    
    Signed-off-by: Brandon Lum <lumjjb@gmail.com>

commit b94b24a50da87584a01d0efec4b8a9bda1cf18b7
Author: Brandon Lum <lumjjb@gmail.com>
Date:   Thu Mar 21 11:15:39 2019 -0400

    Fixed JWE jose_header
    
    Signed-off-by: Brandon Lum <lumjjb@gmail.com>

commit 92151c2cce4a4c0356740bf4bb4953ddf51351e9
Author: Anton Nguyen <anton.n@ecobee.com>
Date:   Wed Mar 20 12:46:04 2019 -0400

    Fixed typo

commit 4b823285943b35cddfda4270ef97c240221628f8
Author: Brandon Lum <lumjjb@gmail.com>
Date:   Mon Mar 18 18:30:10 2019 -0400

    b64U -> b64u for pep8
    
    Signed-off-by: Brandon Lum <lumjjb@gmail.com>

commit c49927a14c93b37feb2d9956a9fd3e1132095c19
Author: Simo Sorce <simo@redhat.com>
Date:   Tue Dec 11 18:29:34 2018 -0500

    Allow to use JWKSet on a JWT with no KID
    
    When we are given a JWT and a KeySet, try all keys in the set if no
    'kid' attribute is present in the JWT header instead of failing the
    operation immediately.
    
    Fixes #143
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

commit 90dcb8fb91d5a984a5f1f12770fe058310c70c21
Author: Christian Heimes <cheimes@redhat.com>
Date:   Mon Nov 5 16:20:16 2018 +0100

    Post release bump to 0.7.dev1
    
    Signed-off-by: Christian Heimes <cheimes@redhat.com>

Created: 2020-04-21 Last update: 2020-06-05 03:08

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2020-05-21 Last update: 2020-05-21 00:07

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 4.4.0).

Created: 2019-09-29 Last update: 2020-01-21 05:06

news

[rss feed]

[2020-04-22] Accepted python-jwcrypto 0.6.0-2~bpo10+1 (source all) into buster-backports, buster-backports (Debian FTP Masters) (signed by: Mattia Rizzolo)
[2019-09-17] python-jwcrypto 0.6.0-2 MIGRATED to testing (Debian testing watch)
[2019-09-11] Accepted python-jwcrypto 0.6.0-2 (source) into unstable (Timo Aaltonen)
[2019-07-09] python-jwcrypto 0.6.0-1 MIGRATED to testing (Debian testing watch)
[2019-06-12] python-jwcrypto REMOVED from testing (Debian testing watch)
[2019-04-02] Accepted python-jwcrypto 0.6.0-1 (source) into unstable (Timo Aaltonen)
[2017-12-28] python-jwcrypto 0.4.2-1 MIGRATED to testing (Debian testing watch)
[2017-12-23] Accepted python-jwcrypto 0.4.2-1 (source) into unstable (Timo Aaltonen)
[2016-09-25] python-jwcrypto 0.3.2-1 MIGRATED to testing (Debian testing watch)
[2016-09-19] Accepted python-jwcrypto 0.3.2-1 (source) into unstable (Timo Aaltonen)
[2015-10-26] python-jwcrypto 0.2.1-1 MIGRATED to testing (Britney)
[2015-10-15] Accepted python-jwcrypto 0.2.1-1 (source all) into unstable, unstable (Timo Aaltonen)

bugs [bug history graph]

all: 0

links

homepage
lintian (0, 1)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.6.0-2
1 bug