https://bugzilla.redhat.com/show_bug.cgi?id=2120929
Bug ID: 2120929 Summary: python-bcrypt-4.0.0 is available Product: Fedora Version: rawhide Status: NEW Component: python-bcrypt Keywords: FutureFeature, Triaged Assignee: pingou@pingoured.fr Reporter: upstream-release-monitoring@fedoraproject.org QA Contact: extras-qa@fedoraproject.org CC: epel-packagers-sig@lists.fedoraproject.org, infra-sig@lists.fedoraproject.org, mhayden@redhat.com, pingou@pingoured.fr, python-sig@lists.fedoraproject.org, williamjmorenor@gmail.com Target Milestone: --- Classification: Fedora
Releases retrieved: 4.0.0 Upstream release that is considered latest: 4.0.0 Current version/release in rawhide: 3.2.2-4.fc37 URL: http://pypi.python.org/pypi/bcrypt
Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/
More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream.
Based on the information from Anitya: https://release-monitoring.org/project/9047/
To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-bcrypt
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
--- Comment #1 from Upstream Release Monitoring upstream-release-monitoring@fedoraproject.org --- Created attachment 1907310 --> https://bugzilla.redhat.com/attachment.cgi?id=1907310&action=edit Update to 4.0.0 (#2120929)
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
--- Comment #2 from Upstream Release Monitoring upstream-release-monitoring@fedoraproject.org --- the-new-hotness/release-monitoring.org's scratch build of python-bcrypt-4.0.0-1.fc36.src.rpm for rawhide failed http://koji.fedoraproject.org/koji/taskinfo?taskID=91194916
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
Upstream Release Monitoring upstream-release-monitoring@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|python-bcrypt-4.0.0 is |python-bcrypt-4.0.1 is |available |available
--- Comment #3 from Upstream Release Monitoring upstream-release-monitoring@fedoraproject.org --- Releases retrieved: 4.0.1 Upstream release that is considered latest: 4.0.1 Current version/release in rawhide: 3.2.2-4.fc37 URL: http://pypi.python.org/pypi/bcrypt
Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/
More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_Mo...
Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream.
Based on the information from Anitya: https://release-monitoring.org/project/9047/
To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-bcrypt
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
--- Comment #4 from Upstream Release Monitoring upstream-release-monitoring@fedoraproject.org --- Created attachment 1916931 --> https://bugzilla.redhat.com/attachment.cgi?id=1916931&action=edit Update to 4.0.1 (#2120929)
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
--- Comment #5 from Upstream Release Monitoring upstream-release-monitoring@fedoraproject.org --- the-new-hotness/release-monitoring.org's scratch build of python-bcrypt-4.0.1-1.fc36.src.rpm for rawhide failed http://koji.fedoraproject.org/koji/taskinfo?taskID=92846785
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
Kevin Fenzi kevin@scrye.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Doc Type|--- |If docs needed, set a value CC| |decathorpe@gmail.com, | |kevin@scrye.com Status|NEW |ASSIGNED
--- Comment #6 from Kevin Fenzi kevin@scrye.com --- It seems python-bcrypt is now redone in rust.
I am not sure if that means we need a rename (but I think not, as it still provides python interface) or just adjustment to the new source/building... adding decathorpe for advice.
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
--- Comment #7 from Fabio Valentini decathorpe@gmail.com --- I took a quick look, and I don't think it should be too difficult to do this.
The bcrypt package uses setuptools_rust to build its native (Rust) module, which works pretty well for our purposes, in my experience - the python-cryptography package has already done this for a few versions and we haven't had problems with it. I recommend that you take a look at what we've done in the python-cryptography package and steal it for python-bcrypt :)
For now, the only blockers are probably the Rust dependencies which aren't packaged for Fedora yet (the "bcrypt" and "bcrypt-pbkdf" crates), and their dependencies (of which two are missing from Fedora right now: the "blowfish" crate, which is not packaged yet, and the "pbkdf2" crate, which is too old in Fedora - we have v0.9, and bcrypt-pbkdf2 needs v0.10).
The next steps would probably be:
- package v0.9.1 of the blowfish crate as rust-blowfish - update rust-pbkdf2 to v0.10 (and probably add a compat package for v0.9, which is still needed for other packages) - package v0.8.1 of the the bcrypt-pbkdf crate as rust-bcrypt-pbkdf (latest version is 0.9.0, but python-bcrypt explicitly needs v0.8) - package v0.13.0 of the bcrypt crate as rust-bcrypt
I don't know how much time I can allocate to help with this, but I can try by either submitting missing packages for review or doing the reviews, and by updating the pbkdf2 crate to the required version?
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
--- Comment #8 from Kevin Fenzi kevin@scrye.com --- Yeah, not sure how much time I have either. ;(
If you could submit reviews/get pbkdf2 updated that would be great. I'm happy to review the new packages, just let me know...
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
Sandro Mani manisandro@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |manisandro@gmail.com
--- Comment #9 from Sandro Mani manisandro@gmail.com --- I did some work for this here [1]. It requires rust-bcrypt [2], rust-bcrypt-pbkdf [3] and rust-blowfish [4] as new packages and an update of rust-pbkdf2 [5].
[1] https://copr.fedorainfracloud.org/coprs/smani/python-flask-security-too-5.1.... [2] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=2176199 [3] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=2176197 [4] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=2176200 [5] https://src.fedoraproject.org/rpms/rust-pbkdf2/pull-request/1
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
--- Comment #10 from Sandro Mani manisandro@gmail.com --- All dependenceis are since available. I've submitted a PR for this package: https://src.fedoraproject.org/rpms/python-bcrypt/pull-request/8
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
--- Comment #11 from Major Hayden 🤠 mhayden@redhat.com --- pgadmin4 has an upper bound set for python-bcrypt. Opened BZ 2190188 for that.
https://bugzilla.redhat.com/show_bug.cgi?id=2120929 Bug 2120929 depends on bug 2190188, which changed state.
Bug 2190188 Summary: Upgrading python-bcrypt but pgadmin4 has upper limit set https://bugzilla.redhat.com/show_bug.cgi?id=2190188
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WORKSFORME
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
Fedora Update System updates@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |MODIFIED
--- Comment #12 from Fedora Update System updates@fedoraproject.org --- FEDORA-2023-3aea3bbfe9 has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2023-3aea3bbfe9
https://bugzilla.redhat.com/show_bug.cgi?id=2120929
Fedora Update System updates@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed In Version| |python-bcrypt-4.0.1-3.fc39 Resolution|--- |ERRATA Status|MODIFIED |CLOSED Last Closed| |2023-05-01 17:52:06
--- Comment #13 from Fedora Update System updates@fedoraproject.org --- FEDORA-2023-3aea3bbfe9 has been pushed to the Fedora 39 stable repository. If problem still persists, please make note of it in this bug report.
epel-packagers-sig@lists.fedoraproject.org