* Do not propagate API password in service requests.
It makes service validation fail. The choice is to either handle it as an
optional key in every service handler and make sure it doesn't end up in event
stream and notifications, or to strip it as early as possible.
* Some places still need a forwarded api password.
- Event forwarding/remote api uses the local api password to
authenticate against the remote instance.
- The generated index.html at '/' embeds the api password.
In order to prevent a potential timing attack, it's important to make
sure the password check takes the same amount of time, regardless of
how many characters in the candidate password match the real password.
This commit does increase the verbosity of the authentication check.
Generally it is a good idea for authentication logic to be very clear,
even if that requires some extra verbosity.
* Expanded homematic component with MAX! support via homegear
Also multithreading fixes
* fixed tox errors
* incorporate changes suggested by balloob
* replaced HomematicConfig Container Class with namedtuple
* fixed lint errors
Since all values coming out of the Thermostat component pass though the
_convert_for_display() method (which handles any necessary rounding),
there is no need to round values that only exist in the internal state
of the thermostat device. It serves no purpose and risks rounding
errors/precision loss.
Instead of nested tracebacks, show a simpler error message.
Config directory: /home/user/.homeassistant
ERROR:homeassistant.util.yaml:duplicate key: "script"
in "/home/user/.homeassistant/configuration.yaml", line 95, column 0
in "/home/user/.homeassistant/configuration.yaml", line 108, column 0
Instead of nested tracebacks, show a simpler error message.
Config directory: /home/user/.homeassistant
ERROR:homeassistant.util.yaml:duplicate key: "script"
in "/home/user/.homeassistant/configuration.yaml", line 95, column 0
in "/home/user/.homeassistant/configuration.yaml", line 108, column 0
* We need to allow extra keys on top level componenet config
fixes#1756
* Add comment about location of hass (fixes#1723)
* Fix for MQTT config validation on the protocol field. (#1765)
* Update frontend with weblink fix
* Fix for light service validation. (#1770)
Incorrect validation tested if passed value was a list instead of
a member of the list.
* Accept group without entities in configuration. (#1768)
* Accept group without entities in configuration.
People seem to use these as placeholders for future expansion of their
home automation dreams, and we used to accept them. We still have to
specify at least one of 'name', 'view' or 'icon' so that the group is
parsed as a dictionary.
* Also accept empty entities: key in a group.
* Additional fix for empty entities value in a group config.
* Version bump to 0.17.1
* Accept group without entities in configuration.
People seem to use these as placeholders for future expansion of their
home automation dreams, and we used to accept them. We still have to
specify at least one of 'name', 'view' or 'icon' so that the group is
parsed as a dictionary.
* Also accept empty entities: key in a group.
* Additional fix for empty entities value in a group config.
