Itsdangerous

-------------

Released 2018-10-26

- Change default signing algorithm back to SHA-1. :pr:`113`
- Added a default SHA-512 fallback for users who used the yanked 1.0.0
release which defaulted to SHA-512. :pr:`114`
- Add support for fallback algorithms during deserialization to
support changing the default in the future without breaking existing
signatures. :pr:`113`
- Changed capitalization of packages back to lowercase as the change
in capitalization broke some tooling. :pr:`113`

-------------

Released 2018-10-18

YANKED

*Note*: This release was yanked from PyPI because it changed the default
algorithm to SHA-512. This decision was reverted in 1.1.0 and it remains
at SHA1.

- Drop support for Python 2.6 and 3.3.
- Refactor code from a single module to a package. Any object in the
API docs is still importable from the top-level ``itsdangerous``
name, but other imports will need to be changed. A future release
will remove many of these compatibility imports. :pr:`107`
- Optimize how timestamps are serialized and deserialized. :pr:`13`
- ``base64_decode`` raises ``BadData`` when it is passed invalid data.
:pr:`27`
- Ensure value is bytes when signing to avoid a ``TypeError`` on
Python 3. :issue:`29`
- Add a ``serializer_kwargs`` argument to ``Serializer``, which is
passed to ``dumps`` during ``dump_payload``. :pr:`36`
- More compact JSON dumps for unicode strings. :issue:`38`
- Use the full timestamp rather than an offset, allowing dates before
2011. :issue:`46`

To retain compatibility with signers from previous versions,
consider using `this shim <https://github.com/pallets/itsdangerous
/issues/120issuecomment-456913331>`_ when unsigning.
- Detect a ``sep`` character that may show up in the signature itself
and raise a ``ValueError``. :issue:`62`
- Use a consistent signature for keyword arguments for
``Serializer.load_payload`` in subclasses. :issue:`74`, :pr:`75`
- Change default intermediate hash from SHA-1 to SHA-512. :pr:`80`
- Convert JWS exp header to an int when loading. :pr:`99`

------------

Released 2014-03-28

- Added a ``BadHeader`` exception that is used for bad headers that
replaces the old ``BadPayload`` exception that was reused in those
cases.

------------

Released 2013-08-08

- Fixed a packaging mistake that caused the tests and license files to
not be included.

------------

Released 2013-07-03

- Added support for ``TimedJSONWebSignatureSerializer``.
- Made it possible to override the signature verification function to
allow implementing asymmetrical algorithms.

------------

Released 2013-05-26

- Fixed an issue on Python 3 which caused invalid errors to be
generated.