Bug#1132407: python-novaclient: Remove unnecessary python3-keyring dependency from OpenStack client packages

Tue, 31 Mar 2026 06:53:24 -0700 

Package: python-novaclient
Severity: normal
X-Debbugs-Cc: [email protected]

Several OpenStack client packages in Debian carry python3-keyring as a
hard runtime Depends, but upstream does not require it.

Affected packages:

1. python-novaclient (2:18.12.0-2)
    - python3-keyring in Depends and Build-Depends-Indep
    - Upstream has no keyring in requirements.txt or test-requirements.txt
    - No source code imports or references keyring at all
    - Should be removed from both Depends and Build-Depends-Indep
    - 
https://opendev.org/openstack/python-novaclient/src/branch/master/requirements.txt
    - 
https://opendev.org/openstack/python-novaclient/src/branch/master/test-requirements.txt

2. python-openstackclient (9.0.0-2)
    - python3-keyring in Depends and Build-Depends-Indep
    - Upstream has no keyring in requirements.txt or test-requirements.txt
    - No source code imports or references keyring at all
    - Should be removed from both Depends and Build-Depends-Indep
    - 
https://opendev.org/openstack/python-openstackclient/src/branch/master/requirements.txt
    - 
https://opendev.org/openstack/python-openstackclient/src/branch/master/test-requirements.txt


The keyring dependency appears to be a historical artifact from when
these clients had their own CLI tools that predated keystoneauth1.

Package with legitimate use-case for python-keyring:

1. python-keystoneclient (1:5.8.0-3)
    - python3-keyring in Depends and Build-Depends-Indep
    - Upstream lists keyring in test-requirements.txt only (not 
requirements.txt)
    - Source has optional keyring support in the deprecated HTTPClient class
    (conditional import, use_keyring=False by default)
    - Build-Depends-Indep is correct (needed for tests)
    - Runtime Depends should be downgraded to Suggests at most
    - 
https://opendev.org/openstack/python-keystoneclient/src/branch/master/requirements.txt
    - 
https://opendev.org/openstack/python-keystoneclient/src/branch/master/test-requirements.txt


-- System Information:
Debian Release: forky/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.17.0-19-generic (SMP w/24 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Reply via email to