Geofront Changelog

Version 0.4.0

Released on March 30, 2017.

• Geofront now supports ECDSA key. Under the hood, geofront.keystore.parse_openssh_pubkey() function becomes to be possible to parse ECDSA public keys. [#14]
• Geofront now supports Atlassian Bitbucket Cloud. See also geofront.backends.bitbucket module. [#4]
• Geofront now can generate other than RSA master key (e.g. ECDSA). The new configuration MASTER_KEY_TYPE is added to choose the type of the master key Geofront will generate. It’s RSAKey by default.
• Added geofront.backends.oauth module which provides base team implementations for OAuth.
• Added key_type optional parameter to renew_master_key() function, PeriodicalRenewal class constructor, and regenerate() function.
• Since key_type now can be other than RSAKey, the bits optional parameter of renew_master_key() function, PeriodicalRenewal class constructor, and regenerate() function now have the default value None instead of 2048. None automatically choose the appropriate bits of the key_type.
• Added generate_key() function and KeyGenerationError that it raises.
• Added alias_namer option to CloudRemoteSet constructor.
• Added geofront.team.GroupSet type which is alias of AbstractSet[Hashable].
• Now master key can be found without token through GET /masterkey/ API. The server root GET / also became to contain a Link header to it and "master_key_url" field.
• Deprecated GET /tokens/(token_id:token_id)/masterkey/. Use GET /masterkey/ instead. The existing url redirects to the new url GET /masterkey/ with 301 Moved Permanently.
• Fixed bug that CloudKeyStore.list_keys() sometimes returned an empty set even if there were stored keys.
• Geofront becomes to require Paramiko 2.0.1 or higher.
• Geofront becomes to require Werkzeug 0.11 or higher.
• Geofront becomes to require Flask 0.10.1 or higher.
• Geofront becomes to require Apache Libcloud 1.1.0 or higher.
• Geofront becomes to require OAuthLib 1.1.1 or higher.
• Geofront becomes to require Waitress 1.0.2 or higher.
• Goefront becomes to require typeguard 2.1.1 or higher.
• geofront.util is gone now. Geofront instead became to require typing and typeguard.

Version 0.3.2

Released on March 7, 2016.

• Added RemoteSetUnion to make union view of multiple remote sets.
• Fixed AttributeError on StashKeyStore.register() or StashKeyStore.deregister() being called.

Version 0.3.1

Released on January 19, 2016.

• Added RemoteSetFilter to dynamically filter set of remotes.
• Fixed a regression bug introduced since 0.3.0 (9db44659c423ed33a89de712fb645186b7c722cc) that GitHubOrganization fails to authenticate. [#12]

Version 0.3.0

Released on January 15, 2016.

• Geofront becomes to require Paramiko 1.15.0 or higher.
• Added save check for AuthorizedKeyList. [#5]
• Team.request_authentication() method becomes to no more take auth_nonce and return AuthenticationContinuation value instead of simple url str, so that arbitrary value more general than simple nonce str can be shared between request_authentication() and Team.authenticate(). If arbitrary nonce is needed, request_authentication() method has to generate one by itself.
• Geofront now supports Atlassian Bitbucket Server (which was Stash). See also geofront.backends.stash module.
• TwoPhaseRenewal became to raise ConnectionError with attempted remote address instead of socket.gaierror which is hard to troubleshoot.
• Fixed signature mismatch errors of CloudMasterKeyStore when it’s used with AWS S3.

Version 0.2.2

Released on July 8, 2014.

• Became to depend on apache-libcloud 0.15.0 or later.
• Added HSTS support:
  • Added ENABLE_HSTS configuration.
  • Added --force-https option to geofront-server command.
• Fixed a bug of KeyPairDoesNotExistError.save() method that leaks MalformedResponseError raised by EC2NodeDriver which ought to raise proper libcloud.compute.types.KeyPairDoesNotExistError.

Version 0.2.1

Released on June 16, 2014.

• Fixed an authentication bug of TwoPhaseRenewal raised due to not specify login username.
• More detailed message logging of exceptions that rise during master key renewal.

Version 0.2.0

Released on May 3, 2014.

• Added list_groups() method to Team interface.
• Added list_groups() method to GitHubOrganization class.
• Removed an unnecessary dependency to enum34 on Python 3.3.
• Added geofront.backends.cloud module.
  • geofront.masterkey.CloudMasterKeyStore is moved to geofront.backends.cloud.CloudMasterKeyStore.
  • geofront.remote.CloudRemoteSet is moved to geofront.backends.cloud.CloudRemoteSet.
• Remote now has metadata attribute.
• CloudRemoteSet fills metadata of the resulted Remote objects if the given driver supports.
• Now depends on singledispatch if Python is older than 3.4.
• Added PermissionPolicy interface.
• Added DefaultPermissionPolicy class.
• Added GroupMetadataPermissionPolicity class.
• Added new PERMISSION_POLICY configuration.
• Added geofront.backends.dbapi module.
• Added geofront-key-regen command.
• HTTP APIs became more RESTful. Now it has the root endpoint which provides the link to create a new token, and the token API provides several links to subresources as well.
• Added new MASTER_KEY_BITS configuration.
• Added new bits optional parameters to renew_master_key(), PeriodicalRenewal, and regenerate().
• Added CloudKeyStore. [#2]
• Added CloudMasterPublicKeyStore. [#2]

Version 0.1.1

Released on April 22, 2014.

• Fixed TypeError that rises when CloudMasterKeyStore is used with AWS S3 driver.
• Added --trusted-proxy option to geofront-server command. It’s useful when the server is run behind a reverse proxy.
• Added token no-op API: GET /tokens/(token_id:token_id)/.

Version 0.1.0

First alpha release. Released on April 21, 2014.