plain 0.63.0__py3-none-any.whl → 0.64.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. plain/CHANGELOG.md +12 -0
  2. plain/cli/formatting.py +12 -0
  3. plain/cli/upgrade.py +0 -1
  4. plain/signing.py +6 -2
  5. plain/utils/crypto.py +0 -5
  6. {plain-0.63.0.dist-info → plain-0.64.0.dist-info}/METADATA +1 -1
  7. {plain-0.63.0.dist-info → plain-0.64.0.dist-info}/RECORD +10 -10
  8. {plain-0.63.0.dist-info → plain-0.64.0.dist-info}/entry_points.txt +1 -0
  9. {plain-0.63.0.dist-info → plain-0.64.0.dist-info}/WHEEL +0 -0
  10. {plain-0.63.0.dist-info → plain-0.64.0.dist-info}/licenses/LICENSE +0 -0
plain/CHANGELOG.md CHANGED
@@ -1,5 +1,17 @@
1
1
  # plain changelog
2
2
 
3
+ ## [0.64.0](https://github.com/dropseed/plain/releases/plain@0.64.0) (2025-09-19)
4
+
5
+ ### What's changed
6
+
7
+ - Added `plain-build` command as a standalone executable ([4b39ca4](https://github.com/dropseed/plain/commit/4b39ca4599))
8
+ - Removed `constant_time_compare` utility function in favor of `hmac.compare_digest` ([55f3f55](https://github.com/dropseed/plain/commit/55f3f5596d))
9
+ - CLI now forces colors in CI environments (GitHub Actions, GitLab CI, etc.) for better output visibility ([56f7d2b](https://github.com/dropseed/plain/commit/56f7d2b312))
10
+
11
+ ### Upgrade instructions
12
+
13
+ - Replace any usage of `plain.utils.crypto.constant_time_compare` with `hmac.compare_digest` or `secrets.compare_digest`
14
+
3
15
  ## [0.63.0](https://github.com/dropseed/plain/releases/plain@0.63.0) (2025-09-12)
4
16
 
5
17
  ### What's changed
plain/cli/formatting.py CHANGED
@@ -1,3 +1,5 @@
1
+ import os
2
+
1
3
  import click
2
4
  from click.formatting import iter_rows, measure_table, term_len, wrap_text
3
5
 
@@ -59,3 +61,13 @@ class PlainHelpFormatter(click.HelpFormatter):
59
61
 
60
62
  class PlainContext(click.Context):
61
63
  formatter_class = PlainHelpFormatter
64
+
65
+ def __init__(self, *args, **kwargs):
66
+ super().__init__(*args, **kwargs)
67
+
68
+ # Force colors in CI environments
69
+ if any(
70
+ os.getenv(var)
71
+ for var in ["CI", "FORCE_COLOR", "GITHUB_ACTIONS", "GITLAB_CI"]
72
+ ) and not any(os.getenv(var) for var in ["NO_COLOR", "PYTEST_CURRENT_TEST"]):
73
+ self.color = True
plain/cli/upgrade.py CHANGED
@@ -153,7 +153,6 @@ def build_prompt(before_after: dict[str, tuple[str | None, str | None]]) -> str:
153
153
  " - Process ALL packages before testing or validation",
154
154
  " - After all packages are updated, run `uv run plain fix --unsafe-fixes` and `uv run plain pre-commit` to check results",
155
155
  " - DO NOT commit any changes",
156
- " - DO NOT run `plain migrate` with the `--no-backup` option",
157
156
  " - Keep code changes minimal and focused - avoid unnecessary comments",
158
157
  "",
159
158
  "3. **Available tools:**",
plain/signing.py CHANGED
@@ -35,12 +35,14 @@ These functions make use of all of them.
35
35
 
36
36
  import base64
37
37
  import datetime
38
+ import hmac
38
39
  import json
39
40
  import time
40
41
  import zlib
41
42
 
42
43
  from plain.runtime import settings
43
- from plain.utils.crypto import constant_time_compare, salted_hmac
44
+ from plain.utils.crypto import salted_hmac
45
+ from plain.utils.encoding import force_bytes
44
46
  from plain.utils.regex_helper import _lazy_re_compile
45
47
 
46
48
  _SEP_UNSAFE = _lazy_re_compile(r"^[A-z0-9-_=]*$")
@@ -196,7 +198,9 @@ class Signer:
196
198
  raise BadSignature(f'No "{self.sep}" found in value')
197
199
  value, sig = signed_value.rsplit(self.sep, 1)
198
200
  for key in [self.key, *self.fallback_keys]:
199
- if constant_time_compare(sig, self.signature(value, key)):
201
+ if hmac.compare_digest(
202
+ force_bytes(sig), force_bytes(self.signature(value, key))
203
+ ):
200
204
  return value
201
205
  raise BadSignature(f'Signature "{sig}" does not match')
202
206
 
plain/utils/crypto.py CHANGED
@@ -62,11 +62,6 @@ def get_random_string(length, allowed_chars=RANDOM_STRING_CHARS):
62
62
  return "".join(secrets.choice(allowed_chars) for i in range(length))
63
63
 
64
64
 
65
- def constant_time_compare(val1, val2):
66
- """Return True if the two strings are equal, False otherwise."""
67
- return secrets.compare_digest(force_bytes(val1), force_bytes(val2))
68
-
69
-
70
65
  def pbkdf2(password, salt, iterations, dklen=0, digest=None):
71
66
  """Return the hash of password using pbkdf2."""
72
67
  if digest is None:
{plain-0.63.0.dist-info → plain-0.64.0.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: plain
3
- Version: 0.63.0
3
+ Version: 0.64.0
4
4
  Summary: A web framework for building products with Python.
5
5
  Author-email: Dave Gaeddert <dave.gaeddert@dropseed.dev>
6
6
  License-File: LICENSE
{plain-0.63.0.dist-info → plain-0.64.0.dist-info}/RECORD RENAMED
@@ -1,12 +1,12 @@
1
1
  plain/AGENTS.md,sha256=5XMGBpJgbCNIpp60DPXB7bpAtFk8FAzqiZke95T965o,1038
2
- plain/CHANGELOG.md,sha256=58av1OUbgw-UIYjVJuwoniXmtAD9AgJYII6tWVhmOtc,13821
2
+ plain/CHANGELOG.md,sha256=8EVqRYBSknRtM-becwiafkwoLHz3z2erO8dyULfVKfY,14516
3
3
  plain/README.md,sha256=5BJyKhf0TDanWVbOQyZ3zsi5Lov9xk-LlJYCDWofM6Y,4078
4
4
  plain/__main__.py,sha256=GK39854Lc_LO_JP8DzY9Y2MIQ4cQEl7SXFJy244-lC8,110
5
5
  plain/debug.py,sha256=XdjnXcbPGsi0J2SpHGaLthhYU5AjhBlkHdemaP4sbYY,758
6
6
  plain/exceptions.py,sha256=ljOLqgVwPKlGWqaNmjHcHQf6y053bZ9ogkLFEGcs-Gg,5973
7
7
  plain/json.py,sha256=McJdsbMT1sYwkGRG--f2NSZz0hVXPMix9x3nKaaak2o,1262
8
8
  plain/paginator.py,sha256=iXiOyt2r_YwNrkqCRlaU7V-M_BKaaQ8XZElUBVa6yeU,5844
9
- plain/signing.py,sha256=r2KvCOxkrSWCULFxYa9BHYx3L3a2oLq8RDnq_92inTw,8207
9
+ plain/signing.py,sha256=i8Bf12c96u_1BZYjETiixhsLAWMAt_y4CIYZOsI6IVA,8295
10
10
  plain/validators.py,sha256=TePzFHzwR4JXUAZ_Y2vC6mkKgVxHX3QBXI6Oex0rV8c,19236
11
11
  plain/wsgi.py,sha256=R6k5FiAElvGDApEbMPTT0MPqSD7n2e2Az5chQqJZU0I,236
12
12
  plain/assets/README.md,sha256=iRZHHoXZCEFooXoDYSomF12XTcDFl7oNbRHpAFwxTM8,4349
@@ -26,7 +26,7 @@ plain/cli/changelog.py,sha256=j-k1yZk9mpm-fLZgeWastiyIisxNSuAJfXTQ2B6WQmk,3457
26
26
  plain/cli/chores.py,sha256=xXSSFvr8T5jWfLWqe6E8YVMw1BkQxyOHHVuY0x9RH0A,2412
27
27
  plain/cli/core.py,sha256=g0D1OZkYGWt05-V1oDNzX2wcoCIAxrZjlgaQs2qWLlc,3106
28
28
  plain/cli/docs.py,sha256=YEEE-Th1CSxiL-wj5fF-ZagqkqAZYkEPRMO1OYUsQrU,1066
29
- plain/cli/formatting.py,sha256=1hZH13y1qwHcU2K2_Na388nw9uvoeQH8LrWL-O9h8Yc,2207
29
+ plain/cli/formatting.py,sha256=JaOiIOxIQpCRgMNGw9xpnU_fMf6hROl7o8lA5aX114w,2580
30
30
  plain/cli/install.py,sha256=mffSYBmSJSj44OPBfu53nBQoyoz4jk69DvppubIB0mU,2791
31
31
  plain/cli/output.py,sha256=Fe3xS6Va4Bi1ZNrqi0nh09THTsdCyMW2b9SPY5I4n-o,1318
32
32
  plain/cli/preflight.py,sha256=8tHBD4L4nPLUKThfaYx3SUZSJzC48oV2m_Hbn6W4ODc,4124
@@ -36,7 +36,7 @@ plain/cli/scaffold.py,sha256=mcywA9DzfwoBSqWl5-Zpgcy1mTNUGEgdvoxXUrGcEVk,1351
36
36
  plain/cli/settings.py,sha256=9cx4bue664I2P7kUedlf4YhCPB0tSKSE4Q8mGyzEv2o,1995
37
37
  plain/cli/shell.py,sha256=PMHdwcRv48qXDToeq82aZaNth-cKc3V2pQ1yISrNMvY,1802
38
38
  plain/cli/startup.py,sha256=wLaFuyUb4ewWhtehBCGicrRCXIIGCRbeCT3ce9hUv-A,1022
39
- plain/cli/upgrade.py,sha256=T8u81rA2_dSfJaK4vF1_OPkQpspBVWnlPxatyk_mdx0,5632
39
+ plain/cli/upgrade.py,sha256=0k33jNKvF_FSBcWNq_yEUgidGWrWlOURNfV8EaGE75U,5555
40
40
  plain/cli/urls.py,sha256=ghCW36aRszxmTo06A50FIvYopb6kQ07QekkDzM6_A1o,3824
41
41
  plain/cli/utils.py,sha256=VwlIh0z7XxzVV8I3qM2kZo07fkJFPoeeVZa1ODG616k,258
42
42
  plain/cli/agent/__init__.py,sha256=Ipp65kuIF14TVxNqsj71MsWUePaKHUcdP3QmaYyNcg0,480
@@ -130,7 +130,7 @@ plain/urls/utils.py,sha256=lKxTX_A3XJpIH7FjlNYju108stY6-8Sw2uVdiSsxOKQ,1249
130
130
  plain/utils/README.md,sha256=3RTH9t4SBLkYLMlnhpWwp72IjgQhOjYYxpT1gHwRUdE,232
131
131
  plain/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
132
132
  plain/utils/cache.py,sha256=iuvOTIfI1s857iVOAPNLK5lkzlrl0fIiBYaiUXWQu40,5303
133
- plain/utils/crypto.py,sha256=zFDydnaqNMGYFHUc-CAn8f93685a17BhGusAcITH1lI,2662
133
+ plain/utils/crypto.py,sha256=kONJB9aFFDHnbFixfigJkzaU-qBAtktCEzbhoHdodoA,2480
134
134
  plain/utils/datastructures.py,sha256=g4UYTbxIb_n8F9JWMP4dHPwUz71591fHreGATPO4qEc,10240
135
135
  plain/utils/dateparse.py,sha256=u9_tF85YteXSjW9KQzNg_pcCEFDZS3EGorCddcWU0vE,5351
136
136
  plain/utils/deconstruct.py,sha256=7NwEFIDCiadAArUBFmiErzDgfIgDWeKqqQFDXwSgQoQ,1830
@@ -160,8 +160,8 @@ plain/views/forms.py,sha256=ESZOXuo6IeYixp1RZvPb94KplkowRiwO2eGJCM6zJI0,2400
160
160
  plain/views/objects.py,sha256=v3Vgvdoc1s0QW6JNWWrO5XXy9zF7vgwndgxX1eOSQoE,4999
161
161
  plain/views/redirect.py,sha256=Xpb3cB7nZYvKgkNqcAxf9Jwm2SWcQ0u2xz4oO5M3vP8,1909
162
162
  plain/views/templates.py,sha256=oAlebEyfES0rzBhfyEJzFmgLkpkbleA6Eip-8zDp-yk,1863
163
- plain-0.63.0.dist-info/METADATA,sha256=ndV-xFNXqqO_AvIMwNJXShZ5EgbN5Al9i7MbtiGiDWI,4488
164
- plain-0.63.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
165
- plain-0.63.0.dist-info/entry_points.txt,sha256=nn4uKTRRZuEKOJv3810s3jtSMW0Gew7XDYiKIvBRR6M,93
166
- plain-0.63.0.dist-info/licenses/LICENSE,sha256=m0D5O7QoH9l5Vz_rrX_9r-C8d9UNr_ciK6Qwac7o6yo,3175
167
- plain-0.63.0.dist-info/RECORD,,
163
+ plain-0.64.0.dist-info/METADATA,sha256=rXEqF5LoYBy2GzUEq2vrrhCDIG_Xn3VmyXAHgd4OdY4,4488
164
+ plain-0.64.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
165
+ plain-0.64.0.dist-info/entry_points.txt,sha256=iGx7EijzXy87htbSv90RhtAcjhSTH_kvE8aeRCn1TRA,129
166
+ plain-0.64.0.dist-info/licenses/LICENSE,sha256=m0D5O7QoH9l5Vz_rrX_9r-C8d9UNr_ciK6Qwac7o6yo,3175
167
+ plain-0.64.0.dist-info/RECORD,,
{plain-0.63.0.dist-info → plain-0.64.0.dist-info}/entry_points.txt RENAMED
@@ -1,3 +1,4 @@
1
1
  [console_scripts]
2
2
  plain = plain.cli.core:cli
3
+ plain-build = plain.cli.build:build
3
4
  plain-changelog = plain.cli.changelog:changelog
{plain-0.63.0.dist-info → plain-0.64.0.dist-info}/WHEEL RENAMED
File without changes