Skip to content

Latest commit

 

History

History
172 lines (111 loc) · 4.45 KB

Changes.rst

File metadata and controls

172 lines (111 loc) · 4.45 KB
Raw

Changes for v2.9.0 (2023-07-27)

  • Add parse_uri() support for Steam TOTP (#153)
  • Test and documentation improvements

Changes for v2.8.0 (2022-12-13)

  • Modify OTP generation to run in constant time (#148)
  • Documentation improvements
  • Drop Python 3.6 support; introduce Python 3.11 support

Changes for v2.7.0 (2022-09-11)

  • Support Steam TOTP (#142)
  • Build, test, and documentation updates

Changes for v2.6.0 (2021-02-04)

  • Raise default and minimum base32 secret length to 32, and hex secret length to 40 (160 bits as recommended by the RFC) (#115).
  • Fix issue where provisioning_uri would return invalid results after calling verify() (#115).

Changes for v2.5.1 (2021-01-29)

  • parse_uri accepts and ignores optional image parameter (#114)

Changes for v2.5.0 (2021-01-29)

  • Add optional image parameter to provisioning_uri (#113)
  • Support for 7-digit codes in ‘parse_uri’ (#111)
  • Raise default and minimum base32 secret length to 26

Changes for v2.4.1 (2020-10-16)

  • parse_uri: Fix handling of period, counter (#108)
  • Add support for timezone aware datetime as argument to TOTP.timecode() (#107)

Changes for v2.4.0 (2020-07-29)

  • Fix data type for at(for_time) (#85)
  • Add support for parsing provisioning URIs (#84)
  • Raise error when trying to generate secret that is too short (The secret must be at least 128 bits)
  • Add random_hex function (#82)

Changes for v2.3.0 (2019-07-26)

  • Fix comparison behavior on Python 2.7

Changes for v2.2.8 (2019-07-26)

  • Fix comparison of unicode chars (#78)
  • Minor documentation and test fixes

Changes for v2.2.7 (2018-11-05)

  • Have random_base32() use ‘secrets’ as rand source (#66)
  • Documentation: Add security considerations, minimal security checklist, other improvements
  • Update setup.py to reference correct license

Changes for v2.2.6 (2017-06-10)

  • Fix tests wrt double-quoting in provisioning URIs

Changes for v2.2.5 (2017-06-03)

  • Quote issuer QS parameter in provisioning_uri. Fixes #47.
  • Raise an exception if a negative integer is passed to at() (#41).
  • Documentation and release infrastructure improvements.

Changes for v2.2.4 (2017-01-04)

  • Restore Python 2.6 compatibility (however, Python 2.6 is not supported)
  • Documentation and test improvements
  • Fix release infra script, part 2

Changes for v2.2.3 (2017-01-04)

  • Restore Python 2.6 compatibility (however, Python 2.6 is not supported)
  • Documentation and test improvements
  • Fix release infra script

Changes for v2.2.2 (2017-01-04)

  • Restore Python 2.6 compatibility (however, Python 2.6 is not supported)
  • Documentation and test improvements

Changes for v2.2.1 (2016-08-30)

  • Avoid using python-future; it has subdependencies that limit compatibility (#34)
  • Make test suite pass on 32-bit platforms (#30)
  • Timing attack resistance fix: don't reveal string length to attacker. Thanks to Eeo Jun (#28).
  • Support algorithm, digits, period parameters in provisioning_uri. Thanks to Dionisio E Alonso (#33).
  • Minor style and packaging infrastructure fixes.

Changes for v2.2.0 (2016-08-30)

  • See v2.2.1

Version 2.1.0 (2016-05-02)

  • Add extended range support to TOTP.verify. Thanks to Zeev Rotshtein (PR #19).
  • Handle missing padding of encoded secret. Thanks to Kun Yan (#20).
  • Miscellaneous fixes.

Version 2.0.1 (2015-09-28)

  • Fix packaging issue in v2.0.0 that prevented installation with easy_install.

Version 2.0.0 (2015-08-22)

  • The pyotp.HOTP.at(), pyotp.TOTP.at(), and pyotp.TOTP.now() methods now return strings instead of integers. Thanks to Rohan Dhaimade (PR #16).

Version 1.4.2 (2015-07-21)

  • Begin tracking changes in change log.
  • Update documentation.
  • Introduce Travis CI integration.

Version 1.3.1 (2012-02-29)

  • Initial release.