Boussole

Latest version: v2.1.3

Safety actively analyzes 688917 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 3

2.0.0

*Drop Python2 support, change configuration filename and some minor improvements*

* **[Backward incompatible]** Drop Python2 support (remove six, unicode litteral,
update package configuration, etc..);
* **[Backward incompatible]** Changed default configuration filename from
``settings`` to ``boussole``. This was required to avoid clash with some other
projects since "settings" is a too common word;
* Drop ``pathtools`` package dependency since it is an abandoned project;
* Update doc config, use livereload and with new RTD config file;
* Drop support for libsass-python ``<0.19.4``.
* Rename ``requirements_freeze.txt`` to ``frozen.txt``;
* Add a new script for development which help to automatically update the
``frozen.txt`` file;

For new configuration filename change you have two way to resolve it:

* Just change your configuration filename to the new one, like if you were
using ``settings.json``, you will rename it to ``boussole.json``;
* Use option ``--config`` to explicitely use your own configuration filename;

1.6.0

*Last Python2 support, compatibility for recent Click versions and improve
performance*

**This will be the last version with Python2 support. A next release will come
soon to remove its support and focus on Python3 only.** This will may also drop
support for old Click and libsass versions.

Click requirement has been relaxed to only require for version greater or equal
to ``5.1.0``. This has been currently tested to ``7.1.2`` so it's surely safe
from 5.x to 7.x versions.

Watcher has been modified to avoid performing indexation on every event and
every file. It should give a few performance improvements and also avoid a bug
with editors making a transition writing file when saving modification (like
a ``foo.scss.part`` when writing on ``foo.scss``) which may leaded to incorrect
errors.

1.5.1

Since libsass-python 0.19.4, a new minor feature has been added which add the
column position in some error messages. This was breaking tests but without any
impact in Boussole functioning.

For sanity, we added a minor check against libsass-python version in a test to
continue support for libsass-python from 0.18.x to 0.20.x versions. It adds a
new dependency to `packaging` package only in development requirements.

Finally the Tox configuration has been updated to perform tests against supported
libsass-python versions and flake coverage has been done on tests.

1.5.0

Fixed warning from libsass-python about 'custom\_import\_extensions'

Libsass has reverted its previous change from version 3.5.3 which ignored CSS files on default. This has required to add a new option `CUSTOM_IMPORT_EXTENSIONS` in Boussole 1.2.3 to enable CSS files
support.

Since CSS support is back again on default, we removed useless setting `CUSTOM_IMPORT_EXTENSIONS` and don't use anymore `custom_import_extensions` argument with libsass-python compiler.

This remove previous warning from libsass-python about `custom_import_extensions` deprecation.

Fixed PyYAML 'load()' deprecation warning

For a recent security issue, PyYAML has introduced a change to its `load()` method to be more safe.

We now use the full loader mode so it does not trigger a warning anymore.

Indented Sass syntax support

Boussole should now be able to manage projects writed with the [old indented syntax](https://sass-lang.com/documentation/syntax#the-indented-syntax) (in files with extension `*.sass`).

There is only one issue which blocking Boussole to manage `import` rules on multiple lines. Also, multiline comments are not supported. It will lead to false positives if there are `import` rules inside a multiline comments, causing these rules to be taken as correct imports to check for.

1.4.1

Not secure
Fixed packaging, close 34

'setup.py' has been forgotted from previous release and still contained information.

So it has been cleaned an 'setup.cfg' has been updated to include missing '[options.entry_points]' section.

1.4.0

Not secure
We moved every package informations into 'setup.cfg' and now
'setup.py' is only an entrypoint for setuptools. tox and pytest
configurations has been moved also into 'setup.cfg'.

Makefile has been updated and python-venv has been dropped in profit
of virtualenv to ease development.

Page 1 of 3

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.