cryptography dep in CI #97
Comments
|
Isn't this an issue for JWTConnect-Python-OidcMsg and not for JWTConnect-Python-CryptoJWT? Anyway, why poetry.lock is a problem is weird since we're not using poetry for OidcMsg. |
|
good question, take a look to oidcmsg CI logs and your conclusion, I'm ready to move this issue to oidcmsg |
|
It seems the root of the problem is indeed in CryptoJWT. [tool.poetry.dependencies] in pyproject.toml and [[package]] in poetry.lock I don't know. Did Cryptography leap from 3.4.X to 35.0.0 ?? |
|
Turns out they jumped from 3.4.8 to 35.0.0 . |
|
anyway, this issue was detected from both collegues and oidcmsg CI, sounds like something that must be patched indeed |
|
So someone screwed up at cryptography ! |
|
or ... is it a poetry bug? it's time to have a brand new release of cryptojwt if you agree, we had many minor changes in the master branch and that would be a good moment to fix definitively this dependency problem |
|
I don't think it's a poetry bug. |
|
So we want to upgrade to cryptography 35? |
|
Yes ! |
|
@rohe regression due to: "BACKWARDS INCOMPATIBLE: The X.509 certificate parser no longer allows negative serial numbers. RFC 5280 has always prohibited these." The Microsoft test certificates has negative serial numbers. Can we simply replace them with correct ones? |
|
I'd support that ! |
|
Can you update the test vectors @rohe? You found them in the first place :-) |
|
I did ? Can't remember but I'll try. |
|
closed via #98 |
In oidcmsg CI we have the problem:
https://github.com/IdentityPython/JWTConnect-Python-OidcMsg/runs/4022769174?check_suite_focus=true#step:4:255
other users told me that they have too, with their setup.
IS there something to improve in the poetry lock or any other action to solve this?
The text was updated successfully, but these errors were encountered: