Mercurial Mercurial > pub > hg > cubicweb / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
requirements/test-misc.txt
author Laurent Peuch <cortex@worlddomination.be>
Fri, 12 Apr 2019 12:31:14 +0200
changeset 12584 6eba53763482
parent 12568 fc45f22c8100
child 12620 824105876352
permissions -rw-r--r--
Use secure hash algorithm in WebConfiguration.sign_text Fix: PendingDeprecationWarning: HMAC() without an explicit digestmod argument is deprecated. The default hash algorithm used by hmac.new is md5. As of today, md5 is so weak that it's the equivalent of plaintext and can't be considered to be secured at all. Therefor, we switch to a secure hash algorithm. The rational for choosing sha3_512 is: * the recommended algorithm is at least sha_256 * the stronger, the more secured and sha3_512 is the stronger available * thinking about the future this should keep this part of the code safe long enough before people think about checking it again You can read more about choosing a secure hash algorithm in the NIST recommendations https://csrc.nist.gov/Projects/Hash-Functions/NIST-Policy-on-Hash-Functions This code modification should normally be transparent since check_text_sign is exactly this code 'self.sign_text(text) == signature' and that sign_text is only used in combination with it. The only impact is that the hash is going to move from 32 char to 128 which might make html page a bit bigger and that sha3_512 is slow to compute (which is a good thing for security)
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
11478
1817f8946c22 [tox] Have less test environments
Denis Laxalde <denis.laxalde@logilab.fr>
parents:
diff changeset 
     1
 
### Requirements for tests in various cubicweb/**/test directories. ###
1817f8946c22 [tox] Have less test environments
Denis Laxalde <denis.laxalde@logilab.fr>
parents:
diff changeset 
     2
 












1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




     3


## shared by several test folders













1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




     4


docutils













1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




     5


webtest













1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




     6














1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




     7


## cubicweb/test













1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




     8


Pygments













1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




     9


#fyzz XXX pip install fails













1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




    10














1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




    11


## cubicweb/devtools/test













1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




    12


flake8













1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




    13














1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




    14


## cubicweb/hooks/test








12493






2c47461fec21
[test] Depends on psycopg2-binary



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 
12377

diff
changeset




    15


psycopg2-binary








11478






1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




    16









11685






6c263b8091d3
[pkg] Declare extras (optional) dependencies



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 
11681

diff
changeset




    17


## cubicweb/pyramid/test













6c263b8091d3
[pkg] Declare extras (optional) dependencies



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 
11681

diff
changeset




    18


pyramid >= 1.5.0













6c263b8091d3
[pkg] Declare extras (optional) dependencies



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 
11681

diff
changeset




    19


waitress >= 0.8.9













6c263b8091d3
[pkg] Declare extras (optional) dependencies



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 
11681

diff
changeset




    20


wsgicors >= 0.3













6c263b8091d3
[pkg] Declare extras (optional) dependencies



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 
11681

diff
changeset




    21


pyramid_multiauth








12377






15a068b2def5
Explicitly require repoze.lru for Pyramid tests



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 
12205

diff
changeset




    22


repoze.lru








11685






6c263b8091d3
[pkg] Declare extras (optional) dependencies



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 
11681

diff
changeset




    23









11478






1817f8946c22
[tox] Have less test environments



Denis Laxalde <denis.laxalde@logilab.fr>


parents: 

diff
changeset




    24


## cubicweb/sobject/test















cubicweb