vamposdecampos
commented
3 years ago Taking a look, but anyone, feel free to beat me to it. I find your lack of unit tests... disturbing.
Open aramboi opened 3 years ago
vamposdecampos
commented
3 years ago Taking a look, but anyone, feel free to beat me to it. I find your lack of unit tests... disturbing.
aramboi
commented
3 years ago Thanks for the PR @vamposdecampos. I think the direction you set is the right way to go about this. First we need to add some unit tests to the main apis the module exposes, especially the ones that use pycrypto which we are trying to replace. Then do a separate PR for the actual replacement and make sure those tests pass and we don't introduce any regressions in the current workflow.
calindragomir
commented
3 years ago @aramboi , what's the status here? do you need help ?
catileptic
commented
3 years ago @calindragomir, if you would care to work on this, go ahead :)
vitaliel
commented
3 years ago Hello,
Switching to pyca/cryptography will add an iceberg to building process, because for some reasons maintainers decided to rely on rust that needs few Gb to build.
If pycrypto and pyopenssl works, I would continue to use them.
Change the instances where the mobilpay modules located here https://github.com/code4romania/covid-19-ro-help/tree/develop/ro_help/mobilpay/mobilpay are using the pycrypto library.
PyCrypto has not been updated since 2013 and it is not tested with Python>3.3. pyOpenSSL also recommends not using it for anything other than making a TLS connection.
We should use https://github.com/pyca/cryptography instead as this is the recommended library to use for crypto primitives in this day and age.