Python-fedora

------

* Fix problem with tg_paginate_limit no longer being available in TG-1.1.x.
Use FOO_tg_limit instead in various client libraries.

------

------

* Fix the AccountSystem() class's verify_password() method so that
verification of server SSL certificates may be disabled by setting
insecure=True.
* Fixed AccountSystem.people_by_key() to return a list with both people who
have signed the CLA and have not
* Fix the tg2.utils.url handling with TG-2.0.x
* Fix a deprecation warning in fedora.tg.controllers
* Fix issue in proxyclient where unicode passwords might be encoded to the
wrong byte sequence depending on the locale of the process running it.
* Fix jsonfasprovider2's group handling to not traceback when assigning groups
if there is no record for a given username.
* Fix a traceback in jsonfasprovider2's user_id handling.
* Fix comparison of passwords in jsonfasprovider when unicode passwords are
used. However, this method is actually not invoked under normal use as the
password comparison is done on the server.
* Fix faswho plugin to handle unicode passwords and usernames. Note that this
is a different bug than affected the TG1 auth provider.
* Fix faswho auth plugin to set session cookies as secure and httponly
* Set the Django session cookies httponly
* Add a genshi login template for TG2
* For faswho repoze.who plugin, remove caching during authentication (as caching
does not pick up on logout of a different app invalidating the session and
password changes). We could use caching again if retrieving the full
information about a user took more time than validating their username and
password.
* Simplify implementation of the faswho plugin. Should save on per-request
memory and cache.
* Add AccountSystem.gravatar_url() method that will return a url to a gravatar
for a person.

--------

--------

* Update bugzilla email mapping

------

------

* Modify caching of User data in the tg1 identity provider, jsonfas2provider
so that anonymous page requests don't call fas excessively.
* Make :func:`fedora.tg.tg2utils.enable_csrf` a public function so that TG2
users can use it without using faswho
* Make :func:`fedora.tg.tg2utils.url` work with other repoze.who plugins other
than faswho.
* Allow using a test fas server with :func:`make_faswho_middleware`
* Update faswho metadata to be compatible with the default TG2 identity
metadata for portability
* Allow recovering authenticated state from lack of csrf_token when using the
TG2 csrf protecting middleware
* Split the TG1 and TG2 code into two separate directories so packagers can
split the dependencies even more
* Add login and jsglobals template for TG2-mako
* Modify fedora_template for TG2 -- now defaults to mako templates and returns
a dotted_lookup string by default. This matches with the templates we have
and the default template lookup strategy in TG2.

------

------

* Fix tg.tg2utils._enable_csrf so that redirect() appends the CSRF token
in TG2.
* Fix an example in the documentation
* Fix a proxyclient error with new pycurl and cookies
* Use transifex.net for translations

------

------
* Get BodhiClient.comment() working with older version of bodhi

------