- Notifications
You must be signed in to change notification settings - Fork323
Refactor: Remove rsa and make cryptography a core dependency#1771
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
base:main
Are you sure you want to change the base?
Uh oh!
There was an error while loading.Please reload this page.
Conversation
This commit removes the `rsa` library as a dependency and makes the `cryptography` library a required, core dependency.Previously, `cryptography` was an optional dependency, and the library would fall back to a pure Python RSA implementation using the `rsa` library if `cryptography` was not installed.Changes made:- Modified `setup.py` to remove `rsa` from dependencies and add `cryptography` with version constraints.- Updated `google/auth/crypt/rsa.py` to directly use the `cryptography`-based RSA implementation (`_cryptography_rsa.py`) and remove the fallback mechanism.- Removed the pure Python RSA implementation file (`google/auth/crypt/_python_rsa.py`).- Removed the corresponding tests for the pure Python RSA implementation (`tests/crypt/test__python_rsa.py`).Core unit tests pass after these changes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
LGTM. We should mark this asfix instead ofrefactor so that the change to setup.py is visible in release notes.
fix: add dependency on cryptographyfix: drop dependency on rsa| def autodoc_skip_member_handler(app, what, name, obj, skip, options): | ||
| """ | ||
| Skips members from internal modules (like _cryptography_rsa or base) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Please could you file a bug for issue that requires this docs workaround, even if it will be closed with the changes in this PR. Add a link to the issue in this comment.
| if public_obj is obj: | ||
| return True # Skip this internal one | ||
| except ImportError: | ||
| pass # Should not happen if the library is installed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
If this is not expected to happen, can we just let the error bubble up?
| pass # Should not happen if the library is installed | ||
| # Handle Signer and Verifier from base | ||
| elif name in ("Signer", "Verifier") and hasattr(obj, "__module__"): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
This code under this block is similar to the above if statement. Is it possible to refactor it?
| # rsa==4.5 is the last version to support 2.7 | ||
| # https://github.com/sybrenstuvel/python-rsa/issues/152#issuecomment-643470233 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
| # rsa==4.5 is the last version to support 2.7 | |
| # https://github.com/sybrenstuvel/python-rsa/issues/152#issuecomment-643470233 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Also remove rsa here:
| rsa==3.1.4 |
This commit removes the
rsalibrary as a dependency and makes thecryptographylibrary a required, core dependency.Previously,
cryptographywas an optional dependency, and the library would fall back to a pure Python RSA implementation using thersalibrary ifcryptographywas not installed.Changes made:
setup.pyto removersafrom dependencies and addcryptographywith version constraints.google/auth/crypt/rsa.pyto directly use thecryptography-based RSA implementation (_cryptography_rsa.py) and remove the fallback mechanism.google/auth/crypt/_python_rsa.py).tests/crypt/test__python_rsa.py).Core unit tests pass after these changes.