Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactoring to drop deprecated usages in pyOpenSSL & drop Python 3.7 support #182

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

adferrand
Copy link
Collaborator

@adferrand adferrand commented Aug 27, 2024

Fixes #181

Caution: This PR introduces backward incompatible changes to the library. A major version of josepy should be issued when this PR is merged.
Caution: Defensive PR on Certbot should be merged first -> certbot/certbot#9993

This PR removes the APIs deprecated by pyopenssl in version 24.2+.

As a consequence, several changes of josepy public API are made:

  • josepy.ComparableX509 is removed since the underlying wrapped object is now objects from cryptography API (Certificate or CertificateSigningRequest) and these objects support equality checks.
  • methods encode_csr, decode_csr, encode_cert and decode_cert now manipulates objects from cryptography API
  • underlying tests are updated.

Aside these changes, the support of Python 3.7 is dropped, given this PR will require a new major version anyway.

@adferrand adferrand changed the title Feature/remove pyopenssl Refactoring to drop deprecated usages in pyOpenSSL & drop Python 3.7 support Aug 27, 2024
@zoracon zoracon requested a review from bmw September 4, 2024 03:49
alex added a commit to alex/josepy that referenced this pull request Sep 5, 2024
Without this, pyca/cryptography's downstream tests currently fail.

The actual warning is being addressed in certbot#182
ohemorange pushed a commit that referenced this pull request Sep 5, 2024
Without this, pyca/cryptography's downstream tests currently fail.

The actual warning is being addressed in #182
@zoracon
Copy link
Contributor

zoracon commented Sep 6, 2024

@jharrisonSV
Copy link

Any movement on this? 👀

@bmw
Copy link
Member

bmw commented Sep 17, 2024

I opened #186 to drop Python 3.7 and fix security alerts.

As for this PR in itself, we will likely do this and/or deprecate this library entirely as discussed at certbot/certbot#8322 and the comments on certbot/certbot#9993 in the next few months. We just need to map out what that transition will look like for the code in https://github.com/certbot/certbot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

OpenSSL.crypto.X509Req is deprecated in PyOpenSSL 24.2+
5 participants