-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MAINT: Remove import except block #2957
base: main
Are you sure you want to change the base?
Conversation
pypdf is now using version 43.0.3 of cryptography, so the fallback for previous versions can be removed. https://cryptography.io/en/latest/changelog/#v43-0-0
pypdf is now using version 43.0.3 of cryptography, so the fallback for previous versions can be removed. https://cryptography.io/en/latest/changelog/#v43-0-0
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #2957 +/- ##
==========================================
- Coverage 96.36% 95.63% -0.74%
==========================================
Files 52 52
Lines 8751 8753 +2
Branches 1593 1593
==========================================
- Hits 8433 8371 -62
- Misses 190 252 +62
- Partials 128 130 +2 ☔ View full report in Codecov by Sentry. |
I disagree with this. Although |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If ever, we should do this in a proper deprecation process.
The change was only added four months ago. Reverting this (closing this commit) would be for users who do update |
Martin added this as our tests were failing when we tried to publish a release. IMHO there is nothing which Martin could add here. If we require a minimum version of some dependency, we should communicate this properly. |
pypdf is now using version 43.0.3 of cryptography; make the fallback for ARC4 deprecate_with_replacement. https://cryptography.io/en/latest/changelog/#v43-0-0
pypdf is now using version 43.0.3 of cryptography; make the fallback for ARC4 deprecate_with_replacement. https://cryptography.io/en/latest/changelog/#v43-0-0
pypdf is now using version 43.0.3 of cryptography; make the fallback for ARC4 deprecate_with_replacement. https://cryptography.io/en/latest/changelog/#v43-0-0
pypdf is now using version 43.0.3 of cryptography; make the fallback for ARC4 deprecate_with_replacement. https://cryptography.io/en/latest/changelog/#v43-0-0
pypdf is now using version 43.0.3 of cryptography; make the fallback for ARC4 deprecate_with_replacement. https://cryptography.io/en/latest/changelog/#v43-0-0
pypdf is now using version 43.0.3 of cryptography; make the fallback for ARC4 deprecate_with_replacement. https://cryptography.io/en/latest/changelog/#v43-0-0
from cryptography.hazmat.decrepit.ciphers.algorithms import ARC4 | ||
except ImportError: | ||
from cryptography.hazmat.primitives.ciphers.algorithms import ARC4 | ||
# https://cryptography.io/en/latest/changelog/#v43-0-0 | ||
deprecate_with_replacement( | ||
"cryptography.hazmat.primitives.ciphers.algorithms", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The user has no control over these directly, thus this does not make much sense here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove deprecate_with_replacement and replace with the following message?
print("The Cryptography library moved the location of ARC4 in v43.0.0. pypdf 6.0.0 will require Cryptography v43.0.0.")
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
print
is not intended for user-facing messages. Apart from this, I still do not really see the benefit of dropping the old versions if its only an import and no functionality ...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Their CHANGELOG.rst says:
ARC4 will be removed from the cipher module in 48.0.0.
They are on version 44.0.0 now, and released 42.0.0 and 43.0.0 this year. Eventually we may have to have a requirement for version 47.0.0 or less.
Having a simpler imports requirement by then may be useful: in the future there may be three situations that we will have to handle.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This removal seems to only affect the old variant - the new primary import will not be removed and thus pypdf should not break here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reading their documentation, I think you are right. I would prefer we deprecate_with_replacement
, in time the number of users who update pypdf and not cryptography will become small. However, since it currently works and they did the namespace move fairly recently, there is reason to keep the same, so feel free to close this.
pypdf is now using version 43.0.3 of cryptography, so the fallback for previous versions can be removed.
https://cryptography.io/en/latest/changelog/#v43-0-0