ANN: distlib 0.2.6 released on PyPI

2017-10-28 Thread Vinay Sajip via Python-list
I've just released version 0.2.6 of distlib on PyPI [1]. For newcomers,distlib 
is a library of packaging functionality which is intended to beusable as the 
basis for third-party packaging tools.
The main changes in this release are as follows:
* Fixed #99: Updated to handle a case where sys.getfilesystemencoding()  
returns None.
* Fixed #97: Eliminated a crash in EggInfoDistribution.list_distinfo_files()  
which was caused by trying to open a non-existent file.
* Fixed #96: SimpleScrapingLocator no longer fails prematurely when scraping  
links due to invalid versions.
* Improved error messages issued when interpreting markers.
* Improved the shebangs written into installed scripts when the interpreter  
path is very long or contains spaces (to cater for a limitation in shebang  
line parsing on Linux).
* Updated launcher binaries.
A more detailed change log is available at [2].
Please try it out, and if you find any problems or have any suggestions 
forimprovements, please give some feedback using the issue tracker! [3]
Regards,

Vinay Sajip
[1] https://pypi.python.org/pypi/distlib/0.2.6[2] https://goo.gl/M3kQzR[3] 
https://bitbucket.org/pypa/distlib/issues/new

-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new version (0.4.9) of python-gnupg has been released.

2022-05-20 Thread Vinay Sajip via Python-list
What Changed?
=
This is an enhancement and bug-fix release, and all users are encouraged to
upgrade.

Brief summary:

* Fixed #161: Added a status attribute to the returned object from gen_key() 
which
  is set to 'ok' if a key was successfully created, or 'key not created' if that
  was reported by gpg, or None in any other case.

* Fixed #164: Provided the ability to add subkeys. Thanks to Daniel Kilimnik 
for the
  feature request and patch.

* Fixed #166: Added keygrip values to the information collected when keys are 
listed.
  Thanks to Daniel Kilimnik for the feature request and patch.

* Fixed #173: Added extra_args to send_keys(), recv_keys() and search_keys() to 
allow
  passing options relating to key servers.

This release [2] has been signed with my code signing key:

Vinay Sajip (CODE SIGNING KEY) 
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

Recent changes to PyPI don't show the GPG signature with the download links.
The source code repository is at [1].
An alternative download source where the signatures are available is at [4].
Documentation is available at [5].

As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via this group).

Enjoy!

Cheers

Vinay Sajip

[1] https://github.com/vsajip/python-gnupg
[2] https://pypi.org/project/python-gnupg/0.4.9
[3] https://github.com/vsajip/python-gnupg/issues
[4] https://github.com/vsajip/python-gnupg/releases/
[5] https://docs.red-dove.com/python-gnupg/
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: distlib 0.3.5 released on PyPI

2022-07-14 Thread Vinay Sajip via Python-list
I've recently released version 0.3.5 of distlib on PyPI [1]. For newcomers,
distlib is a library of packaging functionality which is intended to be
usable as the basis for third-party packaging tools.

The main changes in this release are as follows:

* Fixed #161: Updated test case.

* Fixed #164: Improved support for reproducible builds by allowing a fixed
  date/time to be inserted into created .exe files. Thanks to Somber Night for 
the
  patch.

* Fixed #169: Removed usage of deprecated imp module in favour of importlib.

* Fixed #170: Corrected implementation of ``get_required_dists()``.

* Fixed #172: Compute ABI correctly for Python < 3.8.

* Changed the default locator configuration.

* Made updates in support of PEP 643 / Metadata 2.2.

* Updated launcher executables. Thanks to Michael Bikovitsky for his help with
  the launcher changes.

* Updated to write archive path of RECORD to RECORD instead of staging path.
  Thanks to Pieter Pas for the patch.

A more detailed change log is available at [2].

Please try it out, and if you find any problems or have any suggestions for 
improvements,
please give some feedback using the issue tracker! [3]

Regards,

Vinay Sajip

[1] https://pypi.org/project/distlib/0.3.5/
[2] https://distlib.readthedocs.io/en/0.3.5/
[3] https://github.com/pypa/distlib/issues/new/choose

-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new version (0.5.0) of python-gnupg has been released.

2022-08-23 Thread Vinay Sajip via Python-list
What Changed?
=
This is an enhancement and bug-fix release, and all users are encouraged to
upgrade.

Brief summary:

* Fixed #181: Added the ability to pass file paths to encrypt_file, 
decrypt_file,
  sign_file, verify_file, get_recipients_file and added import_keys_file.

* Fixed #183: Handle FAILURE and UNEXPECTED conditions correctly. Thanks to 
sebbASF for
  the patch.

* Fixed #185: Handle VALIDSIG arguments more robustly.

* Fixed #188: Remove handling of DECRYPTION_FAILED from Verify code, as not 
required
  there. Thanks to sebbASF for the patch.

* Fixed #190: Handle KEY_CREATED more robustly.

* Fixed #191: Handle NODATA messages during verification.

* Fixed #196: Don't log chunk data by default, as it could contain sensitive
  information (during decryption, for example).

* Added the ability to pass an environment to the gpg executable. Thanks to 
Edvard
  Rejthar for the patch.

This release [2] has been signed with my code signing key:

Vinay Sajip (CODE SIGNING KEY) 
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

Recent changes to PyPI don't show the GPG signature with the download links.
The source code repository is at [1].
An alternative download source where the signatures are available is at [4].
Documentation is available at [5].

As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via this group).

Enjoy!

Cheers

Vinay Sajip

[1] https://github.com/vsajip/python-gnupg
[2] https://pypi.org/project/python-gnupg/0.5.0
[3] https://github.com/vsajip/python-gnupg/issues
[4] https://github.com/vsajip/python-gnupg/releases/
[5] https://docs.red-dove.com/python-gnupg/
-- 
https://mail.python.org/mailman/listinfo/python-list


Announcement: distlib 0.3.7 released on PyPI

2023-07-17 Thread Vinay Sajip via Python-list
Version 0.3.7 of distlib has recently been released on PyPI [1]. For newcomers, 
distlib is a library of packaging functionality which is intended to be usable 
as the basis for third-party packaging tools.

The main changes in this release are as follows:

* Handle bare newlines when parsing metadata.

* Use version comparison logic for python_full_version.

* Fix shebang computation for source builds of Python.

* Extract tarfiles more safely by incorporating tarfile filters.

* Check for 'has_cert' attribute before using it.

* Fix #200: Improve conformance to PEP440.

* Fix #203: Handle parsing of export entries to allow script names such as "," 
or ",foo".

A more detailed change log is available at [2].

Please try it out, and if you find any problems or have any suggestions for 
improvements, please give some feedback using the issue tracker at [3].

Regards,

Vinay Sajip

[1] https://pypi.org/project/distlib/0.3.7/
[2] https://distlib.readthedocs.io/en/0.3.7/overview.html#change-log-for-distlib
[3] https://github.com/pypa/distlib/issues/new/choose
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new version (0.5.1) of python-gnupg has been released.

2023-07-22 Thread Vinay Sajip via Python-list
What Changed?
=
This is an enhancement and bug-fix release, and all users are encouraged to 
upgrade.

Brief summary:

 * Added TRUST_EXPIRED to trust_keys.

* Fix #206: Remove deprecated --always-trust in favour of --trust-model always

* Fix #208: Add status_detail attribute to result objects which is populated 
when
  the status is 'invalid recipient' (encryption/decryption) or 'invalid signer'
  (signing). This attribute will be set when the result object's status 
attribute is
  set to 'invalid recipient' and will contain more information about the 
failure in the
  form of reason:ident where reason is a text description of the reason, and
  ident identifies the recipient key.

* Add scan_keys_mem() function to scan keys in a string.

* Fix #214: Handle multiple signatures when one of them is invalid or 
unverified.

* A problems attribute was added which holds problems reported by gpg
  during verification. This is a list of dictionaries, one for each reported
  problem. Each dictionary will have status and keyid keys indicating
  the problem and the corresponding key; other information in the dictionaries
  will be error specific.

* Fix #217: Use machine-readable interface to query the gpg version.

* Added the ability to export keys to a file.
This release [2] has been signed with my code signing key:

Vinay Sajip (CODE SIGNING KEY) 
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

Recent changes to PyPI don't show the GPG signature with the download links.
An alternative download source where the signatures are available is at [4].
The source code repository is at [1].
Documentation is available at [5].
As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via this group).

Enjoy!

Cheers

Vinay Sajip

[1] https://github.com/vsajip/python-gnupg
[2] https://pypi.org/project/python-gnupg/0.5.1
[3] https://github.com/vsajip/python-gnupg/issues
[4] https://github.com/vsajip/python-gnupg/releases/
[5] https://docs.red-dove.com/python-gnupg/
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: distlib 0.3.2 released on PyPI

2021-05-31 Thread Vinay Sajip via Python-list
I've recently released version 0.3.2 of distlib on PyPI [1]. For newcomers,
distlib is a library of packaging functionality which is intended to be
usable as the basis for third-party packaging tools.

The main changes in this release are as follows:

* Fixed #139: improved handling of errors related to the test PyPI server.

* Fixed #140: allowed "Obsoletes" in more scenarios, to better handle faulty
  metadata already on PyPI.

* Fixed #141: removed unused regular expression.

* Fixed #143: removed normcase() to avoid some problems on Windows.

* Fixed #146: added entry for SourcelessFileLoader to the finder registry.

* Fixed #147: permission bits are now preserved on POSIX when installing from a 
wheel.

* Made the generation of scripts more configurable.

* Added support for manylinux wheel tags.

A more detailed change log is available at [2].

Please try it out, and if you find any problems or have any suggestions for 
improvements,
please give some feedback using the issue tracker! [3]

Regards,

Vinay Sajip

[1] https://pypi.org/project/distlib/0.3.2/
[2] https://distlib.readthedocs.io/en/0.3.2/
[3] https://bitbucket.org/pypa/distlib/issues/new
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: Version 0.5.1 of the Python config module has been released.

2021-09-11 Thread Vinay Sajip via Python-list
What Does It Do?

The CFG configuration format is a text format for configuration files which is 
similar
to, and a superset of, the JSON format.It has the following aims:

* Allow a hierarchical configuration scheme with support for key-value mappings 
and
  lists.
* Support cross-references between one part of the configuration and another.
* Provide a string interpolation facility to easily build up configuration 
values from
  other configuration values.
* Provide the ability to compose configurations (using include and merge 
facilities).
* Provide the ability to access real application objects safely.
* Be completely declarative.

It overcomes a number of drawbacks of JSON when used as a configuration format:

* JSON is more verbose than necessary.
* JSON doesn’t allow comments.
* JSON doesn’t provide first-class support for dates and multi-line strings.
* JSON doesn’t allow trailing commas in lists and mappings.
* JSON doesn’t provide easy cross-referencing, interpolation, or composition.

The Python config module provides an interface to work with configuration files 
written
in the CFG format.

Comprehensive documentation is available at

https://docs.red-dove.com/cfg/index.html

and you can report issues / enhancement requests at

https://github.com/vsajip/py-cfg-lib/issues

As always, your feedback is most welcome (especially bug reports, patches and
suggestions for improvement). Enjoy!

Cheers,

Vinay Sajip

-- 
https://mail.python.org/mailman/listinfo/python-list


Re: ANN: Version 0.5.1 of the Python config module has been released.

2021-09-12 Thread Vinay Sajip via Python-list
Many of those 4.8K "users" might be using indirectly via some other dependency 
- I'm not sure how GitHub calculates "used by", but even if it were a direct 
dependency, one has no idea if it's actually being used or not. so I tend not 
to worry about such things. My distlib library has only 2 stars, and is used by 
pip and therefore by many developers every day, and yet it doesn't merit a 
"used by" according to GitHub.

I've had a few users contact me about the config library and they're happy with 
it and they find it useful, and that's good enough for me :-)



On Sunday, 12 September 2021, 18:11:21 BST, Abdur-Rahmaan Janhangeer 
 wrote: 





Used by 4.8k but only ... 4 stars

-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: distlib 0.3.3 released on PyPI

2021-09-22 Thread Vinay Sajip via Python-list
I've recently released version 0.3.3 of distlib on PyPI [1]. For newcomers,
distlib is a library of packaging functionality which is intended to be
usable as the basis for third-party packaging tools.

The main changes in this release are as follows:

* Fixed #152: Removed splituser() function which wasn't used and is deprecated.

* Fixed #149: Handle version comparisons correctly in environment markers.

* Add ARM-64 launchers and support code to use them. Thanks to Niyas Sait and
  Adrian Vladu for their contributions.

* Fixed #148: Handle a single trailing comma following a version. Thanks to 
Blazej
  Floch for the report and suggested fix.

* Fixed #150: Fix incorrect handling of epochs.

* Reverted handling of tags for Python >= 3.10 (use 310 rather than 3_10). This 
is
  because PEP 641 was rejected.

* Added a GitHub Actions workflow to perform tests.

A more detailed change log is available at [2].

Please try it out, and if you find any problems or have any suggestions for 
improvements,
please give some feedback using the issue tracker! [3]

Regards,

Vinay Sajip

[1] https://pypi.org/project/distlib/0.3.3/
[2] https://distlib.readthedocs.io/en/0.3.3/
[3] https://bitbucket.org/pypa/distlib/issues/new
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new library for encryption and signing has been released.

2021-12-05 Thread Vinay Sajip via Python-list
A new library called pagesign (Python-age-sign) has been released on PyPI [1].
It covers similar functionality to python-gnupg, but uses the modern encryption 
tool
age [2] and the modern signing tool minisign [3]. The initial release allows 
you to:

* Create and manage identities (which are containers for the keys used for
  encryption/decryption and signing/verification).
* Encrypt and decrypt files to multiple recipients.
* Sign files and verify signatures.

This release has been signed with my code signing key:

Vinay Sajip (CODE SIGNING KEY) 
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

Recent changes to PyPI don't show the GPG signature with the download links.
An alternative download source where the signatures are available is at [4].
Documentation is available at [5].

As always, your feedback is most welcome (especially bug reports [6],
patches and suggestions for improvement, or any other points).

Enjoy!

Cheers

Vinay Sajip

[1] https://pypi.org/project/pagesign/0.1.0/
[2] https://age-encryption.org/
[3] https://jedisct1.github.io/minisign/
[4] https://bitbucket.org/vinay.sajip/pagesign/downloads/
[5] https://docs.red-dove.com/pagesign/
[6] https://github.com/vsajip/pagesign/issues/new/choose

-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: distlib 0.3.4 released on PyPI

2021-12-08 Thread Vinay Sajip via Python-list
I've recently released version 0.3.4 of distlib on PyPI [1]. For newcomers,
distlib is a library of packaging functionality which is intended to be
usable as the basis for third-party packaging tools.

The main changes in this release are as follows:

* Fixed #153: Raise warnings in get_distributions() if bad metadata seen, but 
keep
  going.

* Fixed #154: Determine Python versions correctly for Python >= 3.10.

* Updated launcher executables with changes to handle duplication logic.

Code relating to support for Python 2.6 was also removed (support for Python 
2.6 was
dropped in an earlier release, but supporting code wasn't removed until now).

A more detailed change log is available at [2].

Please try it out, and if you find any problems or have any suggestions for 
improvements,
please give some feedback using the issue tracker! [3]

Regards,

Vinay Sajip

[1] https://pypi.org/project/distlib/0.3.4/
[2] https://distlib.readthedocs.io/en/0.3.4/
[3] https://bitbucket.org/pypa/distlib/issues/new

-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: distlib 0.2.4 released on PyPI

2016-09-30 Thread Vinay Sajip via Python-list
I've just released version 0.2.4 of distlib on PyPI [1]. For newcomers,
distlib is a library of packaging functionality which is intended to be
usable as the basis for third-party packaging tools.

The main changes in this release are as follows:

* Updated to not fail during import if SSL is not available.
* Changed project name comparisons to follow PEP 503.
* Changed manifest and resources logic to work correctly under (upcoming) 
Python 3.6.
* Updated Windows launchers with fixes to bugs related to argument-passing in 
shebang lines.

A more detailed change log is available at [2].

Please try it out, and if you find any problems or have any suggestions for
improvements, please give some feedback using the issue tracker! [3]

Regards,

Vinay Sajip

[1] https://pypi.python.org/pypi/distlib/0.2.4
[2] https://goo.gl/M3kQzR
[3] https://bitbucket.org/pypa/distlib/issues/new
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new version (0.4.0) of python-gnupg has been released.

2017-01-29 Thread Vinay Sajip via Python-list
A new version of the Python module which wraps GnuPG has been released.

What Changed?
=
This is an enhancement and bug-fix release, and all users are encouraged to 
upgrade.
See the project website [1] for more information.

Brief summary:


* Added support for ``KEY_CONSIDERED`` in more places - encryption /
  decryption, signing, key generation and key import.

* Partial fix for #32 (GPG 2.1 compatibility). Unfortunately, better
  support cannot be provided at this point, unless there are certain
  changes (relating to pinentry popups) in how GPG 2.1 works.

* Fixed #60: An IndexError was being thrown by ``scan_keys()``.

* Ensured that utf-8 encoding is used when the ``--with-column`` mode is
  used. Thanks to Yann Leboulanger for the patch.

* ``list_keys()`` now uses ``--fixed-list-mode``. Thanks to Werner Koch
  for the pointer.

This release [2] has been signed with my code signing key:

Vinay Sajip (CODE SIGNING KEY) 
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

What Does It Do?

The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.

This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.

A test suite using unittest is included with the source distribution.

Simple usage:

>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()

[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)

'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
.
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)

'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"

'Verified'

As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via the
mailing list/discussion group [4]).

Enjoy!

Cheers

Vinay Sajip
Red Dove Consultants Ltd.

[1] https://bitbucket.org/vinay.sajip/python-gnupg
[2] https://pypi.python.org/pypi/python-gnupg/0.4.0
[3] https://bitbucket.org/vinay.sajip/python-gnupg/issues
[4] https://groups.google.com/forum/#!forum/python-gnupg
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new version (0.4.2) of python-gnupg has been released.

2018-03-28 Thread Vinay Sajip via Python-list
A new version of the Python module which wraps GnuPG has been released. 
What Changed? = This is an enhancement and bug-fix release, and all 
users are encouraged to upgrade. See the project website [1] for more 
information. 
Brief summary: 
* Subkey information is now collected and returned in a subkey_info  dictionary 
keyed by the subkey's ID.
* GPG2 version is now correctly detected on OS X.
* Added expect_passphrase keyword argument for use on GnuPG >= 2.1 when  
passing passphrase to gpg via pinentry.
* Provided a trust_keys method to allow setting the trust level  for keys. 
Thanks to William Foster for a suggested implementation.
* Made the exception message when the gpg executable is not found contain the  
path of the executable that was tried. Thanks to Kostis Anagnostopoulos for  
the suggestion.
* Made the error message less categorical in the case of a failure with an  
unspecified reason, adding some information from gpg error codes when  
available.
This release [2] has been signed with my code signing key: 
Vinay Sajip (CODE SIGNING KEY)  Fingerprint: CA74 9061 
914E AC13 8E66 EADB 9147 B477 339A 9B86 
What Does It Do?  The gnupg module allows Python programs to 
make use of the functionality provided by the Gnu Privacy Guard (abbreviated 
GPG or GnuPG). Using this module, Python programs can encrypt and decrypt data, 
digitally sign documents and verify digital signatures, manage (generate, list 
and delete) encryption keys, using proven Public Key Infrastructure (PKI) 
encryption technology based on OpenPGP. 
This module is expected to be used with Python versions >= 2.4, as it makes use 
of the subprocess module which appeared in that version of Python. This module 
is a newer version derived from earlier work by Andrew Kuchling, Richard Jones 
and Steve Traugott. 
A test suite using unittest is included with the source distribution. 
Simple usage: 
>>> import gnupg >>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory') 
>>> >>> gpg.list_keys() 
[{ ... 'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2', 'keyid': 
'197D5DAC68F1AAB2', 'length': '1024', 'type': 'pub', 'uids': ['', 'Gary Gross 
(A test user) ']}, { ... 'fingerprint': 
'37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A', 'keyid': '0C5FEFA7A921FC4A', 
'length': '1024', ... 'uids': ['', 'Danny Davis (A test user) ']}] >>> encrypted = gpg.encrypt("Hello, world!", 
['0C5FEFA7A921FC4A']) >>> str(encrypted) 
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n 
\nhQIOA/6NHMDTXUwcEAf . -END PGP MESSAGE-\n' >>> decrypted = 
gpg.decrypt(str(encrypted), passphrase='secret') >>> str(decrypted) 
'Hello, world!' >>> signed = gpg.sign("Goodbye, world!", passphrase='secret') 
>>> verified = gpg.verify(str(signed)) >>> print "Verified" if verified else 
"Not verified" 
'Verified' 
As always, your feedback is most welcome (especially bug reports [3], patches 
and suggestions for improvement, or any other points via the mailing 
list/discussion group [4]). 
Please refer to the documentation [5] for more information. 
Enjoy! 
Cheers 
Vinay Sajip Red Dove Consultants Ltd. 
[1] https://bitbucket.org/vinay.sajip/python-gnupg [2] 
https://pypi.python.org/pypi/python-gnupg/0.4.2 [3] 
https://bitbucket.org/vinay.sajip/python-gnupg/issues [4] 
https://groups.google.com/forum/#!forum/python-gnupg [5] 
https://gnupg.readthedocs.io/en/latest/ 
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: distlib 0.2.7 released on PyPI

2018-04-16 Thread Vinay Sajip via Python-list
I've just released version 0.2.7 of distlib on PyPI [1]. For newcomers,
distlib is a library of packaging functionality which is intended to be
usable as the basis for third-party packaging tools.

The main changes in this release are as follows:

* Addressed #102: InstalledDistributions now have a modules attribute which is 
a list
  of top-level modules as read from top_level.txt, if that is in the 
distribution info.

* Fixed #103: Now https downloads are preferred to those over http. Thanks to
  Saulius Žemaitaitis for the patch.

* Fixed #104: Updated launcher binaries to properly handle interpreter paths 
with spaces.
  Thanks to Atsushi Odagiri for the diagnosis and fix.

* Fixed #105: cache_from_source is now imported from importlib.util where 
available.

* Added support for PEP 566 / Metadata 2.1.

A more detailed change log is available at [2].

Please try it out, and if you find any problems or have any suggestions for 
improvements,
please give some feedback using the issue tracker! [3]

Regards,

Vinay Sajip

[1] https://pypi.org/project/distlib/0.2.7/ 
[2] https://goo.gl/M3kQzR
[3] https://bitbucket.org/pypa/distlib/issues/new
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new version (0.4.3) of python-gnupg has been released. It contains a security-related change - please update to this version

2018-06-13 Thread Vinay Sajip via Python-list
A new version of the Python module which wraps GnuPG has been released.
What Changed?=This is a security-fix release, and all users are 
strongly encouraged to upgrade.This fix mitigates against CVE-2018-12020. See 
the discoverer's blog post [6] formore information.
Brief summary:

* Added --no-verbose to the gpg command line, in case verbose is specified in  
gpg.conf - we don't need verbose output.
This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY) Fingerprint: CA74 
9061 914E AC13 8E66 EADB 9147 B477 339A 9B86
Recent changes to PyPI don't show the GPG signature with the download links.An 
alternative download source where the signatures are available is the 
project'sown downloads page [5].
What Does It Do?The gnupg module allows Python programs to make 
use of thefunctionality provided by the Gnu Privacy Guard (abbreviated GPG 
orGnuPG). Using this module, Python programs can encrypt and decryptdata, 
digitally sign documents and verify digital signatures, manage(generate, list 
and delete) encryption keys, using proven Public KeyInfrastructure (PKI) 
encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as itmakes use 
of the subprocess module which appeared in that version ofPython. This module 
is a newer version derived from earlier work byAndrew Kuchling, Richard Jones 
and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')>>> 
>>> gpg.list_keys()
[{...'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2','keyid': 
'197D5DAC68F1AAB2','length': '1024','type': 'pub','uids': ['', 'Gary Gross (A 
test user) ']},{...'fingerprint': 
'37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A','keyid': 
'0C5FEFA7A921FC4A','length': '1024',...'uids': ['', 'Danny Davis (A test user) 
']}]>>> encrypted = gpg.encrypt("Hello, world!", 
['0C5FEFA7A921FC4A'])>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 
(GNU/Linux)\n\nhQIOA/6NHMDTXUwcEAf.-END PGP MESSAGE-\n'>>> decrypted = 
gpg.decrypt(str(encrypted), passphrase='secret')>>> str(decrypted)
'Hello, world!'>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')>>> 
verified = gpg.verify(str(signed))>>> print "Verified" if verified else "Not 
verified"
'Verified'
As always, your feedback is most welcome (especially bug reports [3],patches 
and suggestions for improvement, or any other points via themailing 
list/discussion group [4]).
Enjoy!
Cheers
Vinay SajipRed Dove Consultants Ltd.
[1] https://bitbucket.org/vinay.sajip/python-gnupg[2] 
https://pypi.python.org/pypi/python-gnupg/0.4.3[3] 
https://bitbucket.org/vinay.sajip/python-gnupg/issues[4] 
https://groups.google.com/forum/#!forum/python-gnupg[5] 
https://bitbucket.org/vinay.sajip/python-gnupg/downloads/[6] 
https://neopg.io/blog/gpg-signature-spoof/
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: Version 0.1.5 of sarge (a subprocess wrapper library) has been released.

2018-06-18 Thread Vinay Sajip via Python-list
Version 0.1.5 of Sarge, a cross-platform library which wraps the 
subprocessmodule in the standard library, has been released.
What changed?-
- Fixed #37: Instead of an OSError with a "no such file or directory" message,  
a ValueError is raised with a more informative "Command not found" message.
- Fixed #38: Replaced ``async`` keyword argument with ``async_``, as ``async``  
has become a keyword in Python 3.7.
- Fixed #39: Updated tutorial example on progress monitoring.
What does Sarge do?---
Sarge tries to make interfacing with external programs from yourPython 
applications easier than just using subprocess alone.
Sarge offers the following features:
* A simple way to run command lines which allows a rich subset of Bash-style 
shell command syntax, but parsed and run by sarge so that youcan run on Windows 
without cygwin (subject to having those commandsavailable):
>>> from sarge import capture_stdout>>> p = capture_stdout('echo foo | cat; 
>>> echo bar')>>> for line in p.stdout: print(repr(line))...'foo\n''bar\n'
* The ability to format shell commands with placeholders, such thatvariables 
are quoted to prevent shell injection attacks.
* The ability to capture output streams without requiring you toprogram your 
own threads. You just use a Capture object and then youcan read from it as and 
when you want.
* The ability to look for patterns in captured output and to 
interactaccordingly with the child process.
Advantages over subprocess---
Sarge offers the following benefits compared to using subprocess:
* The API is very simple.
* It's easier to use command pipelines - using subprocess out of thebox often 
leads to deadlocks because pipe buffers get filled up.
* It would be nice to use Bash-style pipe syntax on Windows, butWindows shells 
don't support some of the syntax which is useful, like&&, ||, |& and so on. 
Sarge gives you that functionality on Windows,without cygwin.
* Sometimes, subprocess.Popen.communicate() is not flexible enough forone's 
needs - for example, when one needs to process output a line ata time without 
buffering the entire output in memory.
* It's desirable to avoid shell injection problems by having theability to 
quote command arguments safely.
* subprocess allows you to let stderr be the same as stdout, but notthe other 
way around - and sometimes, you need to do that.
Python version and platform 
compatibility-
Sarge is intended to be used on any Python version >= 2.6 and istested on 
Python versions 2.6, 2.7, 3.3, 3.4, 3.5, 3.6 and 3.7 on Linux,Windows, and Mac 
OS X (not all versions are tested on all platforms,but sarge is expected to 
work correctly on all these versions on allthese platforms).
Finding out more
You can read the documentation at
http://sarge.readthedocs.org/
There's a lot more information, with examples, than I can put intothis post.
You can install Sarge using "pip install sarge" to try it out. Theproject is 
hosted on BitBucket at
https://bitbucket.org/vinay.sajip/sarge/
And you can leave feedback on the issue tracker there.
I hope you find Sarge useful!
Regards,
Vinay Sajip
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: distlib 0.2.8 released on PyPI

2018-10-02 Thread Vinay Sajip via Python-list
I've recently released version 0.2.8 of distlib on PyPI [1]. For 
newcomers,distlib is a library of packaging functionality which is intended to 
beusable as the basis for third-party packaging tools.
The main changes in this release are as follows:
* Fixed #107: Updated documentation on testing to include information on  
setting PYTHONHASHSEED.
* Fixed #108: Updated metadata scan to look for the METADATA file as well as 
the  JSON formats.
* Fixed #109: Removed existing files (which might have been symlinks) before  
overwriting.
* Fixed #111: Avoided unnecessary newlines in script preambles, which caused  
problems with detecting encoding declarations. Thanks to Wim Glenn for the  
report and patch.
* Fixed #112: Handled wheel tags and platform-dependent downloads correctly in  
SimpleScrapingLocator.
A more detailed change log is available at [2].
Please try it out, and if you find any problems or have any suggestions for 
improvements,please give some feedback using the issue tracker! [3]
Regards,
Vinay Sajip
[1] https://pypi.org/project/distlib/0.2.8/[2] https://goo.gl/tVzKUc[3] 
https://bitbucket.org/pypa/distlib/issues/new
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new version (0.4.4) of python-gnupg has been released. It contains a security-related change - please update to this version

2019-01-24 Thread Vinay Sajip via Python-list
A new version of the Python module which wraps GnuPG has been released.
What Changed?=This is an enhancement and security-fix release, and 
all users are stronglyencouraged to upgrade.
Brief summary:
* Fixed #108: Changed how any return value from the on_data callable is  
processed. In earlier versions, the return value was ignored. In this version,  
if the return value is False, the data received from gpg is not  buffered. 
Otherwise (if the value is None or True, for example), the  data is buffered as 
normal. This functionality can be used to do your own  buffering, or to prevent 
buffering altogether.
  The on_data callable is also called once with an empty byte-string to  signal 
the end of data from gpg.
* Fixed #97: Added an additional attribute check_fingerprint_collisions to  GPG 
instances, which defaults to False. It seems that gpg is happy  to have 
duplicate keys and fingerprints in a keyring, so we can't be too  strict. A 
user can set this attribute of an instance to True to trigger a  check for 
collisions.
* Fixed #111: With GnuPG 2.2.7 or later, provide the fingerprint of a signing  
key for a failed signature verification, if available.
* Fixed #21: For verification where multiple signatures are involved, a  
mapping of signature_ids to fingerprint, keyid, username, creation date,  
creation timestamp and expiry timestamp is provided.
* Added a check to disallow certain control characters ('\r', '\n', NUL) in  
passphrases. This fix mitigates against CVE-2019-6690.
This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY) Fingerprint: CA74 
9061 914E AC13 8E66 EADB 9147 B477 339A 9B86
Recent changes to PyPI don't show the GPG signature with the download links.An 
alternative download source where the signatures are available is the 
project'sown downloads page [5].
What Does It Do?The gnupg module allows Python programs to make 
use of thefunctionality provided by the Gnu Privacy Guard (abbreviated GPG 
orGnuPG). Using this module, Python programs can encrypt and decryptdata, 
digitally sign documents and verify digital signatures, manage(generate, list 
and delete) encryption keys, using proven Public KeyInfrastructure (PKI) 
encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as itmakes use 
of the subprocess module which appeared in that version ofPython. This module 
is a newer version derived from earlier work byAndrew Kuchling, Richard Jones 
and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')>>> 
>>> gpg.list_keys()
[{...'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2','keyid': 
'197D5DAC68F1AAB2','length': '1024','type': 'pub','uids': ['', 'Gary Gross (A 
test user) ']},{...'fingerprint': 
'37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A','keyid': 
'0C5FEFA7A921FC4A','length': '1024',...'uids': ['', 'Danny Davis (A test user) 
']}]>>> encrypted = gpg.encrypt("Hello, world!", 
['0C5FEFA7A921FC4A'])>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 
(GNU/Linux)\n\nhQIOA/6NHMDTXUwcEAf.-END PGP MESSAGE-\n'>>> decrypted = 
gpg.decrypt(str(encrypted), passphrase='secret')>>> str(decrypted)
'Hello, world!'>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')>>> 
verified = gpg.verify(str(signed))>>> print "Verified" if verified else "Not 
verified"
'Verified'
As always, your feedback is most welcome (especially bug reports [3],patches 
and suggestions for improvement, or any other points via themailing 
list/discussion group [4]).
Enjoy!
Cheers
Vinay SajipRed Dove Consultants Ltd.
[1] https://bitbucket.org/vinay.sajip/python-gnupg[2] 
https://pypi.python.org/pypi/python-gnupg/0.4.4[3] 
https://bitbucket.org/vinay.sajip/python-gnupg/issues[4] 
https://groups.google.com/forum/#!forum/python-gnupg[5] 
https://bitbucket.org/vinay.sajip/python-gnupg/downloads/
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: distlib 0.2.9 released on PyPI

2019-05-14 Thread Vinay Sajip via Python-list
I've recently released version 0.2.9 of distlib on PyPI [1]. For 
newcomers,distlib is a library of packaging functionality which is intended to 
beusable as the basis for third-party packaging tools.
The main changes in this release are as follows:
* Updated default PyPI URL to https://pypi.org/pypi.
* Relaxed metadata format checks to ignore 'Provides'.
* Fixed #33, #34: simplified script template.
* Fixed #115: Relaxed check for '..' in wheel archive entries by not  checking 
filename parts, only directory segments.
* Fixed #116: Corrected parsing of credentials from URLs.
* Fixed #122: Skipped entries in archive entries ending with '/' (directories)  
when verifying or installing.
* Commented out Disqus comment section in documentation.
A more detailed change log is available at [2].
Please try it out, and if you find any problems or have any suggestions for 
improvements,please give some feedback using the issue tracker! [3]
Regards,
Vinay Sajip
[1] https://pypi.org/project/distlib/0.2.9/[2] 
https://distlib.readthedocs.io/en/latest/overview.html#change-log-for-distlib[3]
 https://bitbucket.org/pypa/distlib/issues/new

-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new version (0.4.5) of python-gnupg has been released.

2019-08-12 Thread Vinay Sajip via Python-list
A new version of the Python module which wraps GnuPG has been released.
What Changed?=
This is an enhancement and bug-fix release, and all users are encouraged 
toupgrade.
Brief summary:
* Fixed #107: Improved documentation.
* Fixed #112: Raised a ValueError if a gnupghome is specified which is not an  
existing directory.
* Fixed #113: Corrected stale link in the documentation.
* Fixed #116: Updated documentation to clarify when spurious key-expired/  
signature-expired messages might be seen.
* Fixed #119: Added --yes to avoid pinentry when deleting secret keys with  
GnuPG >= 2.1.
* A warning is logged if gpg returns a non-zero return code.
* Added ``extra_args`` to ``import_keys``.
* Added support for CI using AppVeyor.
This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY) Fingerprint: CA74 
9061 914E AC13 8E66 EADB 9147 B477 339A 9B86
Recent changes to PyPI don't show the GPG signature with the download links.An 
alternative download source where the signatures are available is the 
project'sown downloads page [5].
What Does It Do?The gnupg module allows Python programs to make 
use of thefunctionality provided by the Gnu Privacy Guard (abbreviated GPG 
orGnuPG). Using this module, Python programs can encrypt and decryptdata, 
digitally sign documents and verify digital signatures, manage(generate, list 
and delete) encryption keys, using proven Public KeyInfrastructure (PKI) 
encryption technology based on OpenPGP.
This module is expected to be used with Python versions >= 2.4, as itmakes use 
of the subprocess module which appeared in that version ofPython. This module 
is a newer version derived from earlier work byAndrew Kuchling, Richard Jones 
and Steve Traugott.
A test suite using unittest is included with the source distribution.
Simple usage:
>>> import gnupg>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')>>> 
>>> gpg.list_keys()
[{...'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2','keyid': 
'197D5DAC68F1AAB2','length': '1024','type': 'pub','uids': ['', 'Gary Gross (A 
test user) ']},{...'fingerprint': 
'37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A','keyid': 
'0C5FEFA7A921FC4A','length': '1024',...'uids': ['', 'Danny Davis (A test user) 
']}]>>> encrypted = gpg.encrypt("Hello, world!", 
['0C5FEFA7A921FC4A'])>>> str(encrypted)
'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 
(GNU/Linux)\n\nhQIOA/6NHMDTXUwcEAf.-END PGP MESSAGE-\n'>>> decrypted = 
gpg.decrypt(str(encrypted), passphrase='secret')>>> str(decrypted)
'Hello, world!'>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')>>> 
verified = gpg.verify(str(signed))>>> print "Verified" if verified else "Not 
verified"
'Verified'
As always, your feedback is most welcome (especially bug reports [3],patches 
and suggestions for improvement, or any other points via themailing 
list/discussion group [4]).
Enjoy!
Cheers
Vinay SajipRed Dove Consultants Ltd.
[1] https://bitbucket.org/vinay.sajip/python-gnupg[2] 
https://pypi.org/project/python-gnupg/0.4.5[3] 
https://bitbucket.org/vinay.sajip/python-gnupg/issues[4] 
https://groups.google.com/forum/#!forum/python-gnupg[5] 
https://bitbucket.org/vinay.sajip/python-gnupg/downloads/--
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: distlib 0.3.0 released on PyPI

2019-10-29 Thread Vinay Sajip via Python-list
I've recently released version 0.3.0 of distlib on PyPI [1]. For 
newcomers,distlib is a library of packaging functionality which is intended to 
beusable as the basis for third-party packaging tools.
The main changes in this release are as follows:
* Partially addressed #102: modules attribute of InstalledDistribution was  
incorrectly computed as a list of bytes, rather than a list of str. This  has 
now been corrected.
* Updated Locator._get_digest to check PyPI JSON responses for a "digests"  
dictionary before trying "algo_digest" keys. Thanks to Jeffery To for the  
patch.
* Fixed #123: Improved error message if a resource isn't found.
* Fixed #124: Stopped norm-casing the executable written into shebangs, as  it 
doesn't work for some non-ASCII paths.
* Fixed #125: Updated launchers with versions that correctly report errors  
containing non-ASCII characters. The updated launchers now also support  
relative paths (see http://bit.ly/2JxmOoi for more information).
* Fixed #127: Allowed hyphens in flags in export specifications.
* Changed Python version handling to accommodate versions like e.g. 3.10  (no 
longer assume a version X.Y where X and Y are single digits).
A more detailed change log is available at [2].
Please try it out, and if you find any problems or have any suggestions for 
improvements,please give some feedback using the issue tracker! [3]
Regards,
Vinay Sajip
[1] https://pypi.org/project/distlib/0.3.0/[2] 
https://distlib.readthedocs.io/en/0.3.0/[3] 
https://bitbucket.org/pypa/distlib/issues/new
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: distlib 0.3.1 released on PyPI

2020-06-27 Thread Vinay Sajip via Python-list
I've recently released version 0.3.1 of distlib on PyPI [1]. For newcomers,
distlib is a library of packaging functionality which is intended to be
usable as the basis for third-party packaging tools.

The main changes in this release are as follows:

* Fixed #132: Added documentation to help with relative interpreter paths. 
Thanks
  to Paul Kienzle for the patch.

* Fixed #134: Allowed specifying a different target Python version when 
generating
  scripts.

* Fixed #135: Exposed the ``enquote_executable`` function previously implemented
  as an internal function.

* Addressed #138: Improved metadata support for newer metadata versions. Thanks 
to
  James Tocknell for the patch.

* Changed the output of flags in entry point definitions in wheels. Thanks to
  frostming (明希) for the patch.

* Stopped writing JSON metadata. Only old-style metadata is written now.

A more detailed change log is available at [2].

Please try it out, and if you find any problems or have any suggestions for 
improvements,
please give some feedback using the issue tracker! [3]

Note: Mailman3 might mishandle some of the links below. In that case, just copy 
and
paste the links into your browser address bar - that should work.

Regards,

Vinay Sajip

[1] https://pypi.org/project/distlib/0.3.1/
[2] https://distlib.readthedocs.io/en/0.3.1/
[3] https://bitbucket.org/pypa/distlib/issues/new
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: Version 0.1.6 of sarge (a subprocess wrapper library) has been released.

2020-08-24 Thread Vinay Sajip via Python-list
Version 0.1.6 of Sarge, a cross-platform library which wraps the subprocess
module in the standard library, has been released.

What changed?
-

- Fixed #44: Added an optional timeout to Command.wait() and Pipeline.wait(), 
which
  only takes effect on Python >= 3.3.

- Fixed #47: Added the ``replace_env`` keyword argument which allows a complete
  replacement for ``os.environ`` to be passed.

- Fixed #51: Improved error handling around a Popen call.

What does Sarge do?
---

Sarge tries to make interfacing with external programs from your
Python applications easier than just using subprocess alone.

Sarge offers the following features:

* A simple way to run command lines which allows a rich subset of Bash-
style shell command syntax, but parsed and run by sarge so that you
can run on Windows without cygwin (subject to having those commands
available):

>>> from sarge import capture_stdout
>>> p = capture_stdout('echo foo | cat; echo bar')
>>> for line in p.stdout: print(repr(line))
...
'foo\n'
'bar\n'

* The ability to format shell commands with placeholders, such that
variables are quoted to prevent shell injection attacks.

* The ability to capture output streams without requiring you to
program your own threads. You just use a Capture object and then you
can read from it as and when you want.

* The ability to look for patterns in captured output and to interact
accordingly with the child process.

Advantages over subprocess
---

Sarge offers the following benefits compared to using subprocess:

* The API is very simple.

* It's easier to use command pipelines - using subprocess out of the
box often leads to deadlocks because pipe buffers get filled up.

* It would be nice to use Bash-style pipe syntax on Windows, but
Windows shells don't support some of the syntax which is useful, like
&&, ||, |& and so on. Sarge gives you that functionality on Windows,
without cygwin.

* Sometimes, subprocess.Popen.communicate() is not flexible enough for
one's needs - for example, when one needs to process output a line at
a time without buffering the entire output in memory.

* It's desirable to avoid shell injection problems by having the
ability to quote command arguments safely.

* subprocess allows you to let stderr be the same as stdout, but not
the other way around - and sometimes, you need to do that.

Python version and platform compatibility
-

Sarge is intended to be used on any Python version >= 2.6 and is
tested on Python versions 2.6, 2.7, 3.3, 3.4, 3.5, 3.6, 3.7 and 3.8 on Linux,
Windows, and Mac OS X (not all versions are tested on all platforms,
but sarge is expected to work correctly on all these versions on all
these platforms).

Finding out more


You can read the documentation at

http://sarge.readthedocs.org/

There's a lot more information, with examples, than I can put into
this post.

You can install Sarge using "pip install sarge" to try it out. The
project is hosted on BitBucket at

https://bitbucket.org/vinay.sajip/sarge/

And you can leave feedback on the issue tracker there.

I hope you find Sarge useful!

Regards,

Vinay Sajip
-- 
https://mail.python.org/mailman/listinfo/python-list


Announcement: distlib 0.3.8 released on PyPI

2023-12-13 Thread Vinay Sajip via Python-list
Version 0.3.8 of distlib has recently been released on PyPI [1]. For newcomers, 
distlib is a library of packaging functionality which is intended to be usable 
as the basis for third-party packaging tools.
The main changes in this release are as follows:

* Fix #204: use symlinks in venv creation during test.

* Fix #208: handle deprecation removals in Python 3.13.

* Fix #209: use legacy version implementation for Python versions.

A more detailed change log is available at [2].

Please try it out, and if you find any problems or have any suggestions for 
improvements, please give some feedback using the issue tracker at [3].

Regards,

Vinay Sajip

[1] https://pypi.org/project/distlib/0.3.8/
[2] 
https://distlib.readthedocs.io/en/latest/overview.html#change-log-for-distlib
[3] https://github.com/pypa/distlib/issues/new/choose
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new version (0.5.2) of python-gnupg has been released.

2023-12-13 Thread Vinay Sajip via Python-list
What Changed?=
This is an enhancement and bug-fix release, and all users are encouraged to 
upgrade.

Brief summary:

* Fix #228: Clarify documentation for encryption/decryption.

* Make I/O buffer size configurable via buffer_size attribute on a GPG instance.

This release [2] has been signed with my code signing key:

Vinay Sajip (CODE SIGNING KEY) 
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

Recent changes to PyPI don't show the GPG signature with the download links.
An alternative download source where the signatures are available is at [4].
The source code repository is at [1].
Documentation is available at [5].

As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via this group).

Enjoy!

Cheers

Vinay Sajip

[1] https://github.com/vsajip/python-gnupg
[2] https://pypi.org/project/python-gnupg/0.5.2
[3] https://github.com/vsajip/python-gnupg/issues
[4] https://github.com/vsajip/python-gnupg/releases/
[5] https://docs.red-dove.com/python-gnupg/



-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: distlib 0.2.5 released on PyPI

2017-05-06 Thread Vinay Sajip via Python-list
I've just released version 0.2.5 of distlib on PyPI [1]. For newcomers,
distlib is a library of packaging functionality which is intended to be
usable as the basis for third-party packaging tools.

The main changes in this release are as follows:

* Changed regular expressions to be compatible with 3.6 as regards escape 
sequences.

* Closed some resource leaks related to XML-RPC proxies.

* Changed wheel processing to look for metadata in metadata.json as well as 
pydist.json.


* Updated requirement and marker parsing to be compatible with PEP 508.
* Made downloadability a factor in scoring URLs for preferences.


* Removed Python 2.6 from the support list. 

A more detailed change log is available at [2].

Please try it out, and if you find any problems or have any suggestions for
improvements, please give some feedback using the issue tracker! [3]

Regards,


Vinay Sajip

[1] https://pypi.python.org/pypi/distlib/0.2.5
[2] https://goo.gl/M3kQzR
[3] https://bitbucket.org/pypa/distlib/issues/new
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new version (0.4.1) of python-gnupg has been released.

2017-07-10 Thread Vinay Sajip via Python-list
A new version of the Python module which wraps GnuPG has been released.

What Changed?
=
This is an enhancement and bug-fix release, and all users are encouraged to 
upgrade.
See the project website [1] for more information.

Brief summary:

* Updated message handling logic to no longer raise exceptions when a message 
isn't
  recognised. Thanks to Daniel Kahn Gillmor for the patch.
* Always use always use --fixed-list-mode, --batch and --with-colons. Thanks to 
Daniel
  Kahn Gillmor for the patch.
* Improved scan_keys() handling on GnuPG >= 2.1. Thanks to Daniel Kahn Gillmor 
for the
  patch.
* Improved test behaviour with GnuPG >= 2.1. Failures when deleting test 
directory trees
  are now ignored. Thanks to Daniel Kahn Gillmor for the patch.
* Added close_file keyword argument to verify_file to allow the file closing to 
be made
  optional. Current behaviour is maintained - close_file=False can be passed to 
skip
  closing the file being verified.
* Added the extra_args keyword parameter to allow custom arguments to be passed 
to the
  gpg executable.
* Instances of the GPG class now have an additional on_data attribute, which 
defaults to
  None. It can be set to a callable which will be called with a single argument 
- a binary
  chunk of data received from the gpg executable. The callable can do whatever 
it likes
  with the chunks passed to it - e.g. write them to a separate stream. The 
callable should
  not raise any exceptions (unless it wants the current operation to fail).

This release [2] has been signed with my code signing key:

Vinay Sajip (CODE SIGNING KEY) 
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

What Does It Do?

The gnupg module allows Python programs to make use of the
functionality provided by the Gnu Privacy Guard (abbreviated GPG or
GnuPG). Using this module, Python programs can encrypt and decrypt
data, digitally sign documents and verify digital signatures, manage
(generate, list and delete) encryption keys, using proven Public Key
Infrastructure (PKI) encryption technology based on OpenPGP.

This module is expected to be used with Python versions >= 2.4, as it
makes use of the subprocess module which appeared in that version of
Python. This module is a newer version derived from earlier work by
Andrew Kuchling, Richard Jones and Steve Traugott.

A test suite using unittest is included with the source distribution.

Simple usage:

>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()

[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)

'-BEGIN PGP MESSAGE-\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
.
-END PGP MESSAGE-\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)

'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"

'Verified'

As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via the
mailing list/discussion group [4]).

Please refer to the documentation [5] for more information.

Enjoy!

Cheers

Vinay Sajip
Red Dove Consultants Ltd.

[1] https://bitbucket.org/vinay.sajip/python-gnupg
[2] https://pypi.python.org/pypi/python-gnupg/0.4.1
[3] https://bitbucket.org/vinay.sajip/python-gnupg/issues
[4] https://groups.google.com/forum/#!forum/python-gnupg
[5] https://gnupg.readthedocs.io/en/latest/ 
-- 
https://mail.python.org/mailman/listinfo/python-list


Announcement: distlib 0.3.9 released on PyPI

2024-10-10 Thread Vinay Sajip via Python-list
Version 0.3.9 of distlib has recently been released on PyPI [1]. For newcomers, 
distlib is a library of packaging functionality which is intended to be usable 
as the basis for third-party packaging tools.

The main changes in this release are as follows:

* Merge #215: Preload script wrappers on Windows to assist with a pip issue.

* Fix #220: Remove duplicated newline in shebang of windows launcher.

* Fix #222: Support mounting wheels that use extensions without an EXTENSIONS 
file.

* Fix #224: Do not use the absolute path to cache wheel extensions.

* Fix #225: Add support for wheel compatibility with the limited API.

* Fix #230: Add handling for cross-compilation environments.

A more detailed change log is available at [2].

Please try it out, and if you find any problems or have any suggestions for 
improvements, please give some feedback using the issue tracker at [3].

Regards,

Vinay Sajip

[1] https://pypi.org/project/distlib/0.3.9/
[2] 
https://distlib.readthedocs.io/en/latest/overview.html#change-log-for-distlib
[3] https://github.com/pypa/distlib/issues/new/choose
-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new version (0.5.3) of python-gnupg has been released.

2024-09-20 Thread Vinay Sajip via Python-list
What Changed?=
This is an enhancement and bug-fix release, and all users are encouraged to 
upgrade.

Brief summary:

   
   - * Fix #117: Add WKD (Web Key Directory) support for auto-locating keys. 
Thanks to Myzel394 for the patch.

* Fix #237: Ensure local variable is initialized even when an exception occurs. 
  
   -
* Fix #239: Remove logging of decryption result.

This release [2] has been signed with my code signing key:

Vinay Sajip (CODE SIGNING KEY) 
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

Recent changes to PyPI don't show the GPG signature with the download links.
An alternative download source where the signatures are available is at [4].
The source code repository is at [1].
Documentation is available at [5].

As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via this group).

Enjoy!

Cheers

Vinay Sajip

[1] https://github.com/vsajip/python-gnupg
[2] https://pypi.org/project/python-gnupg/0.5.3
[3] https://github.com/vsajip/python-gnupg/issues
[4] https://github.com/vsajip/python-gnupg/releases/
[5] python-gnupg - A Python wrapper for GnuPG








-- 
https://mail.python.org/mailman/listinfo/python-list


ANN: A new version (0.5.4) of python-gnupg has been released.

2025-01-07 Thread Vinay Sajip via Python-list
What Changed?=
This is an enhancement and bug-fix release, and all users are encouraged to 
upgrade.

Brief summary:

* Fix #242: Handle exceptions in the `on_data` callable.

 This release [2] has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY) 
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

Recent changes to PyPI don't show the GPG signature with the download links.
An alternative download source where the signatures are available is at [4].
The source code repository is at [1].
Documentation is available at [5].

As always, your feedback is most welcome (especially bug reports [3],
patches and suggestions for improvement, or any other points via this group).

Enjoy!

Cheers

Vinay Sajip

[1] https://github.com/vsajip/python-gnupg
[2] https://pypi.org/project/python-gnupg/0.5.4
[3] https://github.com/vsajip/python-gnupg/issues
[4] https://github.com/vsajip/python-gnupg/releases/
[5] python-gnupg - A Python wrapper for GnuPG


-- 
https://mail.python.org/mailman/listinfo/python-list


Announcement: distlib 0.4.0 released on PyPI

2025-07-17 Thread Vinay Sajip via Python-list
Version 0.4.0 of distlib has recently been released on PyPI [1]. For newcomers, 
distlib is a library of packaging functionality which is intended to be usable 
as the basis for third-party packaging tools.

The main changes in this release are as follows:

* Add the ``interpret_parsed`` function to ``markers``.

* Fix #238: Add build tag to wheel metadata if specified.

* Fix #243: Update to support free-threading version of Python (3.13t).

* Fix #246: Support subdirectories in the dist-info directory. Thanks to Pieter 
P for the patch.

* Fix #248: Fix path normalization issue caused by the fix for #246.

* Move import in script wrapper to ``if __name__ == 'main'`` clause.

* Fix #245: Skip test_package_data if a ``SKIP_EXT_PACKAGE_DATA`` environment 
variable is present.

A more detailed change log is available at [2].

Please try it out, and if you find any problems or have any suggestions for 
improvements, please give some feedback using the issue tracker at [3].

Regards,

Vinay Sajip

[1] https://pypi.org/project/distlib/0.4.0/
[2] 
https://distlib.readthedocs.io/en/latest/overview.html#change-log-for-distlib
[3] https://github.com/pypa/distlib/issues/new/choose
-- 
https://mail.python.org/mailman3//lists/python-list.python.org