v3.0.25

Change in behavior

We are updating our hosted server certificates to more secure ones signed with SHA-2. Some older versions of Python will have issues with this change as they do not support SHA-2 encryption. In order to try and prevent scripts from breaking, when the API encounters a version of Python that is incompatible with SHA-2, it will automatically turn off certificate verification and try the request again. If the validation still fails for some reason, the error will be raised, otherwise the request succeeds and validation will remain off for the remaining life of the connection.

This behavior of having certificate validation off, is actually the default in Python versions < v2.7.9. Up to this point we have been electing to enhance the default level of security. Your connection is still encrypted when certificate validation is off, but the server identity cannot be verified.

Logging warnings

When the connection falls back to not validating the certificate, a warning message is generated in the logs:

Warning: shotgun_api3 : SSLHandshakeError: this Python installation is incompatible with certificates signed with SHA-2. Disabling certificate validation. For more information, see http://blog.shotgunsoftware.com/2016/01/important-ssl-certificate-renewal-and.html

SHOTGUN_FORCE_CERTIFICATE_VALIDATION environment variable support

There is also support for the SHOTGUN_FORCE_CERTIFICATE_VALIDATION environment variable which when set (the value does not matter), will prevent disabling certificate verification and will instead raise an exception.

SSL info added to user-agent

Adds info showing the OpenSSL version (if available) and whether certificate validation is enabled or not, to the user-agent string:

ssl OpenSSL 1.0.2d 9 Jul 2015 (no-validate) when validation is disabled
ssl OpenSSL 1.0.2d 9 Jul 2015 (validate) when validation is enabled
ssl OpenSSL unknown (validate) when the ssl version cannot be determined (< Python 2.7)

v3.0.23

Various fixes

• Fix for Python bug on Windows loading mimetypes module (http://bugs.python.org/issue23371) thanks to @patrickwolf.
• Fix for tests on older versions of Python.
• Sanitize authentication values before raising error.

v3.0.22

Added support for activity stream, global search and note thread access

• Added a new method text_search(), which allows an API client to access the Shotgun global search and auto completer.
• Added a new method activity_stream_read(), which allows an API client to access the activity stream for a given Shotgun entity.
• Added a new method note_thread_read(), which allows an API client to download an entire note conversation, including replies and attachments, using a single API call.
• Added an experimental mockgun module (in the lib submodule), which can be used to emulate the Shotgun API, for example inside unit test rigs.
• Improved existing docstrings, added some missing docstrings, fixed some spelling and grammar issues.
• Minor adjustments to existing unit tests to improve encapsulation.

v3.0.21

Update bundled httplib2 module to latest v0.9.1

This fixes an issue where a CertificateHostnameMismatch exception would be thrown incorrectly when creating a secure connection via the API. The bug was not properly iterating through the entire list of valid hostnames to match the request against. Instead, it was only checking the first host in the list.

Other various bug fixes specific to the library are also included. See https://github.com/jcgregorio/httplib2/blob/master/CHANGELOG for the full list.

v3.0.20

🔑 2FA Support

Add authentication support for Shotgun servers with two-factor authentication turned on. (This will be supported in Shotgun as of v6.1.0+).

Adds an additional auth_token parameter to the Shotgun() constructor which is required to authenticate to a server with two-factor authentication turned on. If auth_token is provided, then login and password must be as well and neither script_name nor api_key can be provided. Note that these tokens can be short lived so a session is established right away if an auth_token is provided. A MissingTwoFactorAuthenticationFault will be raised if the auth_token is invalid.

v3.0.19

Session based authentication

Added a new way to instantiate API instances. You can now authenticate your Shotgun connection using a session token:

from shotgun_api3 import Shotgun
sg = Shotgun("https://hostname.shotgunstudio.com", session_token="xxxxxx")

A session token identifies a user and can be requested using the new get_session_token() method.

Refined exception types

Added a new AuthenticationFault exception type to more clearly indicate when server communication has failed due to authentication related reasons.

Easier access to proxy information

Improved the way proxy information can be extracted from the Shotgun API. You can now access the raw proxy string used to construct the API instance via the shotgun_obj.config.raw_proxy member variable.

Improved support for corporate or internal certificates

Added support for reading the SHOTGUN_API_CACERTS environment variable as a way of specifying the location of an external SSL certificates file. This is particularly useful for organizations that use an internal or corporate SSL certificate. It can now be defined as an environment variable instead of having to provide the ca_certs parameter each time you instantiate a Shotgun connection.

v3.0.18

Per project visibility settings for schema methods

We've added the ability to query the per-project visibility status for entities, fields and statuses (affecting the methods schema_read(), schema_entity_read() and schema_field_read()). To retrieve the per-project visibility, you need to pass a Project entity that specifies the project against which the visibility status should checked. If it's not provided, then everything is visible. This requires Shotgun server v5.4.4 or above.

v3.0.17

update_project_last_accessed()

This function will update the Project.last_accessed_by_current_user value. This is an internal field which is calculated by finding the last PageHit created by a user for a particular Project. So this new function acts as a convenience method for updating the value with a "ping". We added this function primarily for future Toolkit ​functionality, but you're welcome to use it as needed. Documentation for update_project_last_accessed()

Additional info in user-agent string​

​We've added the Python version and platform to the user-agent string that is sent with API requests.

Old user-agent string: shotgun-json (3.0.17)
New user-agent string: shotgun-json (3.0.17); Python 2.6 (Mac)​

​_Note that Toolkit adds additional info to the user-agent string including version info for apps and engines. This hasn't changed but is now appended to the new default user-agent string._

Fix for Windows Python 2.7 mimetypes bug

​There are certain installers on Windows that will (incorrectly) add non-Latin characters to the registry. This usually only happens if you are located in an area where unicode characters are more widely required. The mimetypes library in Python 2.7 ​chokes on these non-Latin characters causing a UnicodeDecodeError. To work around this error, we have bundled a patched version of the mimetypes library and fall back on that if we encounter this issue during runtime.

More info about the Python bug can be found at http://bugs.python.org/issue9291

v3.0.16

packaging for v3.0.16 release

v3.0.15

packaging for v3.0.15 release