Page MenuHomePhabricator
Create Task
Maniphest T199959

Cryptography is going to drop support for python 2.7.6 and before
Closed, ResolvedPublic
Actions

Description

https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst#23---2018-07-18:

Support for Python 2.7.x without hmac.compare_digest has been deprecated. We will require Python 2.7.7 or higher (or 2.7.6 on Ubuntu) in the next cryptography release.

We need to pin the cryptography version to 2.3 or less for those Python versions.

This has already caused multiple errors in our tests, all script tests are failing on 2.7_with_system_site_packages because of the deprecation warning:
https://travis-ci.org/wikimedia/pywikibot/jobs/405476506#L5572

======================================================================
FAIL: test_add_text (tests.script_tests.TestScriptHelp)
Test running add_text -help.
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/travis/build/wikimedia/pywikibot/tests/script_tests.py", line 288, in testScript
    stderr_other)
AssertionError: u'Use -help for further information.' not found in [u'/home/travis/virtualenv/python2.7_with_system_site_packages/local/lib/python2.7/site-packages/cryptography/hazmat/primitives/constant_time.py:26: CryptographyDeprecationWarning: Support for your Python version is deprecated. The next version of cryptography will remove support. Please upgrade to a 2.7.x release that supports hmac.compare_digest as soon as possible.', u'  utils.DeprecatedIn23,', u'family and mylang are not set.', u"Defaulting to family='test' and mylang='test'."]

Details

SubjectRepoBranchLines +/-
Require cryptography<2.3 for Python 2.7.6 or olderpywikibot/coremaster+5 -3
Customize query in gerrit

Related Objects
Search...

Event Timeline

Dalba created this task.Jul 19 2018, 2:18 AM
Restricted Application added subscribers: pywikibot-bugs-list, Aklapper. · View Herald TranscriptJul 19 2018, 2:18 AM
Dalba triaged this task as High priority.Jul 19 2018, 2:48 AM
Framawiki subscribed.Jul 19 2018, 10:24 PM
gerritbot subscribed.Jul 20 2018, 8:09 AM

Change 447040 had a related patch set uploaded (by Dalba; owner: dalba):
[pywikibot/core@master] Require cryptography<2.3 for Python 2.7.7 or older

https://gerrit.wikimedia.org/r/447040

gerritbot added a project: Patch-For-Review.Jul 20 2018, 8:09 AM
Dalba claimed this task.Jul 20 2018, 8:09 AM
gerritbot added a comment.Jul 20 2018, 6:16 PM

Change 447040 merged by jenkins-bot:
[pywikibot/core@master] Require cryptography<2.3 for Python 2.7.6 or older

https://gerrit.wikimedia.org/r/447040

Dalba closed this task as Resolved.Jul 21 2018, 9:31 AM

I believe we should deprecate Python versions older than 2.7.6, too, but that is better left for another task.

Dvorapa mentioned this in T203435: 'cryptography' dependency reported as vulnerable.Sep 4 2018, 3:00 PM
Dvorapa mentioned this in T203471: Drop support for Python 2.7.6 and lower.Sep 4 2018, 3:19 PM
Dvorapa added a subtask: T203471: Drop support for Python 2.7.6 and lower.Sep 4 2018, 3:35 PM
Xqt changed the status of subtask T203471: Drop support for Python 2.7.6 and lower from Open to Stalled.Oct 26 2018, 3:00 AM
Xqt changed the status of subtask T203471: Drop support for Python 2.7.6 and lower from Stalled to Open.Feb 13 2019, 3:29 PM
Dvorapa closed subtask T203471: Drop support for Python 2.7.6 and lower as Declined.Jan 7 2020, 9:03 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL