Issue #2271: [RFE] Stop using py-bcrypt, use bcrypt module instead - pagure

pagure

#2271 [RFE] Stop using py-bcrypt, use bcrypt module instead

Closed: Fixed a year ago by wombelix. Opened 6 years ago by hosiet.

py-bcrypt is outdated, upstream-dead and inactive (since 2013). Using this module as a dependency is not the optimal option.

The bcrypt module (https://pypi.python.org/pypi/bcrypt) is well-maintained and developing actively. We should consider replacing the dependency for bcrypt function.

The switch should function correctly after a minimal patch.

zhsj commented 6 years ago

When this patch applied https://pagure.io/pagure/pull-request/2014
either py-bcrypt[1] or bcrypt[2] is compatible with the code.

[1] pypi.python.org/pypi/py-bcrypt
[2] pypi.python.org/pypi/bcrypt

But I think there's no way for requirements.txt to list the alternative dependency.

ngompa commented 6 years ago

This is a bit of a concern for us in Mageia, too. I loath to import a Python package that has been dead for years. Is there any plan to switch to the actively maintained one anytime soon?

Edited 6 years ago by ngompa

fschwarz commented 5 years ago

I think this issue can be closed.
Changelog for pagure 4.0 says: "Replace py-bcrypt by python2-bcrypt (Clément Verna)"

I don't see "py-bcrypt" being mentioned in requirements.txt anymore.

Metadata Update from @wombelix:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

a year ago

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

None

pagure

Source Code

Documentation

#2271 [RFE] Stop using py-bcrypt, use bcrypt module instead Closed: Fixed a year ago by wombelix. Opened 6 years ago by hosiet.

Metadata

#2271 [RFE] Stop using py-bcrypt, use bcrypt module instead

Closed: Fixed a year ago by wombelix. Opened 6 years ago by hosiet.