On 18-05-15 12:25:04, Zane Bitter wrote: > On 13/05/18 13:22, Matthew Thode wrote: > > This is a reminder to the projects called out that they are using old, > > unmaintained and probably insecure libraries (it's been dead since > > 2014). Please migrate off to use the cryptography library. We'd like > > to drop pycrypto from requirements for rocky. > > > > See also, the bug, which has most of you cc'd already. > > > > https://bugs.launchpad.net/openstack-requirements/+bug/1749574 > > > > +----------------------------------------+---------------------------------------------------------------------+------+---------------------------------------------------+ > > | Repository | Filename > > | Line | Text > > | > > +----------------------------------------+---------------------------------------------------------------------+------+---------------------------------------------------+ > > | barbican | requirements.txt > > | 25 | pycrypto>=2.6 # Public Domain > > | > > | daisycloud-core | code/daisy/requirements.txt > > | 17 | pycrypto>=2.6 # Public Domain > > | > > | freezer | requirements.txt > > | 21 | pycrypto>=2.6 # Public Domain > > | > > | fuel-web | nailgun/requirements.txt > > | 24 | pycrypto>=2.6.1 > > | > > | heat-cfnclient | requirements.txt > > | 2 | PyCrypto>=2.1.0 > > | > > AFAICT heat-cfnclient isn't actually using PyCrypto, even though it's listed > in requirements.txt. The whole project is just a light wrapper around > python-boto (though this wasn't always the case IIRC), so I suspect it's > just relying on boto for all of the auth stuff. >
Thanks for the notice, submitted a review to remove it. https://review.openstack.org/568646 > > | pyghmi | requirements.txt > > | 1 | pycrypto>=2.6 > > | > > | rpm-packaging | requirements.txt > > | 189 | pycrypto>=2.6 # Public Domain > > | > > | solum | requirements.txt > > | 24 | pycrypto>=2.6 # Public Domain > > | > > | tatu | requirements.txt > > | 7 | pycrypto>=2.6.1 > > | > > | tatu | test-requirements.txt > > | 7 | pycrypto>=2.6.1 > > | > > | trove | > > integration/scripts/files/requirements/fedora-requirements.txt | 30 > > | pycrypto>=2.6 # Public Domain | > > | trove | > > integration/scripts/files/requirements/ubuntu-requirements.txt | 29 > > | pycrypto>=2.6 # Public Domain | > > | trove | requirements.txt > > | 47 | pycrypto>=2.6 # Public Domain > > | > > +----------------------------------------+---------------------------------------------------------------------+------+---------------------------------------------------+ > > > > > > > > __________________________________________________________________________ > > OpenStack Development Mailing List (not for usage questions) > > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- Matthew Thode (prometheanfire)
signature.asc
Description: PGP signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
