warpgate icon indicating copy to clipboard operation
warpgate copied to clipboard
verified publisher icon warp-tech

Bump totp-rs from 2.0.1 to 3.0.0

Open dependabot[bot] opened this issue 3 years ago • 0 comments

Bumps totp-rs from 2.0.1 to 3.0.0.

Release notes

Sourced from totp-rs's releases.

v3.0.0

New features

  • Secret handling is now less error prone thanks to #25
  • Totp now implements the Default trait, which will generate a strong secret, and have sane default values according to RFC-6238 like #26
  • Rfc6238 struct is exposed for easy Totp building
  • Totp.ttl convenience method will tell remaining validity time of token (not taking skew into account)

New dependency

  • [gen_secret] uses rand to generate a secret

Breaking

  • TotpUrlError now contain a string explaining. Inspired by #23
  • Totp fields issuer and account_name won't be present anymore if feature otpauth isn't enabled
  • The secret and digits field will now be validated for SecretSize (>= 128 bits)

Special thanks

Note

This has been, I think, the update containing the most work. While a lot of unit testing have been done, and test cases added, coverage seems to have dropped. Please report any issue encountered while updating totp-rs to 3.0.0

Commits
  • 5abd752 Merge pull request #28 from constantoine/refinement
  • b6295ae Fix doc tests
  • 7a3967f Fix Workflow
  • 537350a Prepare for release and update Workflow
  • 994efb7 Updated README and added a summary with updated examples
  • cd903af Make otpauth fields only appear with otpauth feature
  • 0103e7a Add test to secret.rs
  • 6b9f13f Merge pull request #25 from steven89/secret
  • 991a07b fix doc example
  • ab7bde0 Merge branch 'master' into secret
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Aug 09 '22 20:08 dependabot[bot]