wayne-luminal
commented
7 years ago Thanks @jomunoz! I merged and released #174 to get credstash usable again. I'll look at pulling your changes in.
Open jomunoz opened 7 years ago
wayne-luminal
commented
7 years ago Thanks @jomunoz! I merged and released #174 to get credstash usable again. I'll look at pulling your changes in.
jomunoz
commented
7 years ago Thanks @wayne-luminal, I think this pr might be the proper solution. In the other solution, by locking to a particular version of the cryptography library, we will be missing bugs fixes that will be made for that library.
wayne-luminal
commented
7 years ago @jomunoz You're right. When I looked at both PRs, I see this one is failing but haven't had time to dig into what the issue is yet. I figured to get a workable credstash again I'd add temporarily add the <2.1 to cryptography.
tomgoren
commented
7 years ago I guess I duped this without noticing https://github.com/fugue/credstash/pull/178 :(
There are some additional bits in my PR that I think might be important.
ramonamis
commented
6 years ago hello! is there any chance this can get released? pinning down the crypto library is not a permanent solution as it breaks other ssl libraries.
tomgoren
commented
6 years ago
Support of Whirlpool and RIPEMD160 hashing methods was removed in cryptography.hazmat.primitives. https://github.com/pyca/cryptography/commit/0d6aaf49c1890378ce7ecf741a3a40c859d3b9fb