Snappass Versions Save

• Bump werkzeug from 2.3.3 to 3.0.1
• Use urllib.parse for quoting/unquoting plus instead of deprecated werkzeug.urls
• https://pypi.org/manage/project/snappass/release/1.6.2/

• Drop support for officially unsupported Python versions (< Python 3.7)

• The HOST_OVERRIDE environment variable can be used to override the base URL. Useful when behind a reverseproxy.
• Upgrade to Jinja 2.11.3
• Upgrade to cryptography 3.3.2
• Returning json if request-mimetype is "application/json"
• Return template if password is expired (instead of 404)

• Added support for "2 week" secret lifetimes.
• The NO_SSL environment variable is now properly parsed.
• The URL_PREFIX environment variable can be used to add a prefix to URLs, which is useful when running behind a reverse proxy like nginx.
• Prevent prefetching bots from destroying secrets.
• Replaced mockredis with fakeredis in the unit test environment.
• Added support for Python 3.8.

• Switch to local (non-CDN) Font Awesome assets
• Upgraded cryptography to 2.3.1 (for CVE-2018-10903, although snappass is unaffected because it doesn't use the vulnerable finalize_with_tag API)

Version 1.4.0

You will lose stored passwords during the upgrade to this version

• Added a prefix in redis in front of the storage keys, making the redis safer to share with other applications
• Small test and syntax improvements
• Dropped support for python 2.6 and python 3.3

• Added Fernet cryptography to the stored keys, prevent access to full text passwords if someone has access to Redis

First official release for snappass. We believe this project is a stable, functional state, so we tagged it 1.0.0.

Thanks for all the contributions, let's keep making snappass better and safer!