From e18923ab664479182f3819d4c9e85ee8f2de74ef Mon Sep 17 00:00:00 2001 From: Alexandru Ardelean Date: Fri, 17 Apr 2026 06:40:42 +0000 Subject: [PATCH] itsdangerous: update to 2.2.0; add test.sh - bump 2.1.2 -> 2.2.0 - add test.sh Signed-off-by: Alexandru Ardelean --- lang/python/itsdangerous/Makefile | 4 ++-- lang/python/itsdangerous/test.sh | 28 ++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 lang/python/itsdangerous/test.sh diff --git a/lang/python/itsdangerous/Makefile b/lang/python/itsdangerous/Makefile index 769333ba3f..e6d57063d1 100644 --- a/lang/python/itsdangerous/Makefile +++ b/lang/python/itsdangerous/Makefile @@ -5,11 +5,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=itsdangerous -PKG_VERSION:=2.1.2 +PKG_VERSION:=2.2.0 PKG_RELEASE:=1 PYPI_NAME:=$(PKG_NAME) -PKG_HASH:=5dbbc68b317e5e42f327f9021763545dc3fc3bfe22e6deb96aaf1fc38874156a +PKG_HASH:=e0050c0b7da1eea53ffaf149c0cfbb5c6e2e2b69c4bef22c81fa6eb73e5f6173 PKG_MAINTAINER:=Alexandru Ardelean PKG_LICENSE:=BSD-3-Clause diff --git a/lang/python/itsdangerous/test.sh b/lang/python/itsdangerous/test.sh new file mode 100644 index 0000000000..17f8174e32 --- /dev/null +++ b/lang/python/itsdangerous/test.sh @@ -0,0 +1,28 @@ +#!/bin/sh + +[ "$1" = python3-itsdangerous ] || exit 0 + +python3 - << 'EOF' +from itsdangerous import URLSafeSerializer, URLSafeTimedSerializer, BadSignature + +s = URLSafeSerializer("secret-key") +token = s.dumps({"user_id": 42, "role": "admin"}) +assert isinstance(token, str) +data = s.loads(token) +assert data["user_id"] == 42 +assert data["role"] == "admin" + +# Test that tampered tokens are rejected +try: + s.loads(token + "tampered") + assert False, "should have raised BadSignature" +except BadSignature: + pass + +# Test timed serializer +ts = URLSafeTimedSerializer("another-secret") +timed_token = ts.dumps("payload") +assert ts.loads(timed_token) == "payload" + +print("python3-itsdangerous OK") +EOF