Skip to content

treewide: upgrade to cryptography 38 #199

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Sep 7, 2022
Merged

treewide: upgrade to cryptography 38 #199

merged 7 commits into from
Sep 7, 2022

Conversation

woodruffw
Copy link
Member

@woodruffw woodruffw commented Sep 7, 2022
edited
Loading

This brings a couple of new (and much-needed) SCT APIs, allowing us to remove a variety of nasty unpacking hacks.

Signed-off-by: William Woodruff [email protected]

Closes #195.

Closes #142.

@woodruffw
treewide: upgrade to cryptography 38
a21744d 
This brings a couple of new (and much-needed) SCT APIs,
allowing us to remove a variety of nasty unpacking hacks.

Signed-off-by: William Woodruff <[email protected]>
@woodruffw woodruffw requested a review from di September 7, 2022 14:14
@woodruffw woodruffw self-assigned this Sep 7, 2022
@di
Copy link
Member

di commented Sep 7, 2022

This should also close #142, correct?

@woodruffw
Copy link
Member Author

This should also close #142, correct?

Yep! I'll update the top comment to auto-close that as well.

@woodruffw woodruffw added refactoring Refactoring tasks. dependencies Pull requests that update a dependency file labels Sep 7, 2022
@woodruffw
Copy link
Member Author

Typechecks are snarled because of some obsolete dependencies in typeshed: python/typeshed#8699

@di
Copy link
Member

di commented Sep 7, 2022

I'd be OK with temporarily ignoring these typecheck failures in the interest of getting this release out.

@woodruffw
Copy link
Member Author

I'd be OK with temporarily ignoring these typecheck failures in the interest of getting this release out.

Sounds good. I think the pyOpenSSL checks are less important than the cryptography ones, so I'll disable those for now.

@woodruffw
pyproject: remove types-pyjwt dev dep, disable types-pyOpenSSL tempor…
6f21ac8 
…arily

Signed-off-by: William Woodruff <[email protected]>
@woodruffw
_verify: type hackage
e6aebff 
Signed-off-by: William Woodruff <[email protected]>
@woodruffw
rekor/client: constrain rekor root pubkey to EC
047d289 
This was already an implicit constraint; this change merely
corrects the type hints.

Signed-off-by: William Woodruff <[email protected]>
@woodruffw
rekor/client: blacken
465f393 
Signed-off-by: William Woodruff <[email protected]>
@woodruffw
Copy link
Member Author

Should be good to go, modulo feedback on #199 (comment).

@woodruffw woodruffw merged commit a5091e5 into main Sep 7, 2022
@woodruffw woodruffw deleted the ww/cryptography-38 branch September 7, 2022 17:19
@ambv ambv mentioned this pull request Sep 8, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@asraa asraa asraa left review comments

@haydentherapper haydentherapper haydentherapper left review comments

@di di di approved these changes

Assignees

@woodruffw woodruffw

Labels
dependencies Pull requests that update a dependency file refactoring Refactoring tasks.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[CI] Integration failure: staging instance Revert workarounds to missing cryptography APIs
4 participants
@woodruffw @di @asraa @haydentherapper