Big internal refactoring focused on modernizing the code base (dataclasses, type annotations, etc.) and improving the speed and reliability of the scan results.
- The Python API and the format of the outputs have been drastically improved and simplified, but are not backward-compatible with older versions of SSLyze.
- Python 3.8 is now supported, and Python 3.6 is no longer supported.
- Huge improvements to the reliability of the scans:
- The number of concurrent connections per single server can now be controlled and is set to 5 by default (#385).
- This limit is enforced regardless of the number of scan commands queued for the server, and drastically reduces the number of scans that fail due to a slow server or a slow connection.
- Various improvements to cipher suites scanning:
- The size of the cipher's suite key is now always returned.
- The (EC) Diffie-Helmann parameters negotiated during the TLS handshake are now returned (#394).
- Various improvements to server certificate checks:
- SSLyze is now compatible with PEP 561 for type checking with mypy.
- Various improvements to the JSON output:
- The format of the JSON output now exactly matches the format of the Python output (which is fully documented).
- Better parsing of Subject and Issuer fields in certificates (#404).
- Support for XML output was removed.