Jan 2023 Jazz Master merge #17
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* chore: test on Django 4.0 * Remove Django 3.1 support from trove * Remove Django 3.1 from tox * Remove 3.1 reference in tox.ini Co-authored-by: Andrew Chen Wang <[email protected]>
* OutstandingToken user on_delete should be null * Add test to verify that deleting a User doesn't remove tokens from the blacklist This is a rather unexpected default behavior. Deleting a User means that their blacklisted tokens become live again. * Add migration for cascading User deletion to SET_NULL instead of DELETE * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci Co-authored-by: Andrew Chen Wang <[email protected]> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
updates: - [github.com/pre-commit/pre-commit-hooks: v4.0.1 → v4.1.0](pre-commit/pre-commit-hooks@v4.0.1...v4.1.0) - [github.com/asottile/yesqa: v1.2.3 → v1.3.0](asottile/yesqa@v1.2.3...v1.3.0) - [github.com/pycqa/isort: 5.9.3 → 5.10.1](PyCQA/isort@5.9.3...5.10.1) - [github.com/psf/black: 21.9b0 → 21.12b0](psf/black@21.9b0...21.12b0) - [github.com/pre-commit/pre-commit-hooks: v4.0.1 → v4.1.0](pre-commit/pre-commit-hooks@v4.0.1...v4.1.0) - [github.com/asottile/pyupgrade: v2.28.0 → v2.31.0](asottile/pyupgrade@v2.28.0...v2.31.0) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Parameterize some tests to reduce duplication and make it easy to add more algorithms This way new algorithms can be added to the basic test set simply by adding their backends to TestTokenBackend.backends. * Enable ECDSA algorithms supported by PyJWT Enable the algorithms and add basic tests for them. Also convert the ALLOWED_ALGORITHMS constant to a set for a minor style cleanup. * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
For most cases this could be done by overriding get_token, which is simple enough. The exception was TokenRefreshSerializer.validate where the entire method needed to be copy-pasted to allow using a custom replacement for RefreshToken. The other cases are changed the same way mainly for consistency.
updates: - [github.com/psf/black: 21.12b0 → 22.1.0](psf/black@21.12b0...22.1.0) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Add default __getattr__ behavior to models.TokenUser to allow getting custom claims defined in serializers * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Add locale checker to CI * Just pip install Django * Add gettext package to OS * Add sudo to apt-get * Use @2ykwang 's updated script * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci * Only update on push to master * To avoid pain points of PRs and histories being split * Trying to use Andrew's username for pushing to see if that works * Use separate workflow file Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Update CHANGELOG.md for v5.0.1 * Update CHANGELOG.md * Remove looking for maintainers in README since Jazzband Co-authored-by: Andrew Chen Wang <[email protected]>
updates: - [github.com/asottile/pyupgrade: v2.31.0 → v2.31.1](asottile/pyupgrade@v2.31.0...v2.31.1) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
updates: - [github.com/psf/black: 22.1.0 → 22.3.0](psf/black@22.1.0...22.3.0) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Fix lewway type error * Add test case * Update Korean translation * Add type hints * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci * Fix translation revert POT-Creation-Date * update translation Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
In ""TOKEN_OBTAIN_SERIALIZER": "rest_framework_simplejwt.serializers.MyTokenObtainPairSerializer"," replaced "rest_framework_simplejwt" to "my_app" to make it clearer that it should be a custom path, since the Django app folder having the same name as the library was confusing and hard to fix if copy and pasting in a hurry.
* Added write_only=True for better doc generation Auto doc generators can perform better and generate more accurate docs by having this argument. Username field in TokenObtainSerializer and token in TokenVerifySerializer has been changed. * Added write_only=True to TokenBlacklistSerializer's refresh field
* Add support for Django 4.2 * Exclude DRF 3.13 & Django 4.2 CI combination
* [pre-commit.ci] pre-commit autoupdate updates: - [github.com/asottile/yesqa: v1.4.0 → v1.5.0](asottile/yesqa@v1.4.0...v1.5.0) - [github.com/psf/black: 22.12.0 → 23.3.0](psf/black@22.12.0...23.3.0) - [github.com/asottile/pyupgrade: v3.3.1 → v3.7.0](asottile/pyupgrade@v3.3.1...v3.7.0) * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --------- Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Support `override_api_settings` as decorator * Update test_authentication * black formatting test_authentication * Use drf status instead of literal status * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci * Update test_integration * Update test_serializers * Update test_integration * Update test_token_blacklist * Update test_tokens * Update test_views * add `setUpTestData` to `TestToken` * fix typo `self` should be `cls` --------- Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Updated translations for Persian (fa) language * Updated translations for Persian (fa) language * Updated translations for Persian (fa) language
* Replace deprecated pkg_resources method
|
This looks like a big PR, and it's very outdated. Is it important to bring over upstream changes/improvements/security fixes? I ask because I really want there to be a standard, maintained, and secure JWT package for django-ninja. It would be a shame for it to fall out of date/become insecure. ❤️ |
This PR is up for the same reason, security updates. I am have been reviewing changes on the PR and it has been all CI action or test improvements or translation file updates. Unless I am missing something. But once there is a security change, I would reflect in master. |
…estamp() (#765) * Remove usages of deprecated datetime.utcnow() and datetime.utcfromtimestamp() * Update CHANGELOG.md --------- Co-authored-by: Andrew Chen Wang <[email protected]>
* Add tests * pre-commit * improve remove blacklist app * update setup for test_backends
updates: - [github.com/pre-commit/pre-commit-hooks: v4.4.0 → v4.5.0](pre-commit/pre-commit-hooks@v4.4.0...v4.5.0) - [github.com/psf/black: 23.3.0 → 23.11.0](psf/black@23.3.0...23.11.0) - [github.com/pre-commit/pre-commit-hooks: v4.4.0 → v4.5.0](pre-commit/pre-commit-hooks@v4.4.0...v4.5.0) - [github.com/asottile/pyupgrade: v3.7.0 → v3.15.0](asottile/pyupgrade@v3.7.0...v3.15.0) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
The correct is X-Access-Token e to AUTH_HEADER_NAME example and not X_Access_Token
for more information, see https://pre-commit.ci
* update workflow permissions to create PR to trunk when locales need to be updated and clean up the workflow with newer dependencies including:
python 3.9 -> 3.12
GH action/checkout@v2 -> action/checkout@v4
create-pull-request@v3 -> create-pull-requests@v6
actions/setup-python@v2 -> actions/setup-python@v5
With the updated dependencies we now cache python dependencies with the built-in functionality.
We also only run this action if it's push to the jazzband org repo
* add 'delete-branch' to auto delete PR branch after updating locale files
* move permissions into job scope
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.