search

ikalnytskyi / httpie-auth-store

Credential store plugin for HTTPie, attaches auth to ongoing request.
15 stars 0 forks source link

Please make a release with updated keyring dependency version #22

Closed SpotlightKid closed 4 months ago

SpotlightKid commented 5 months ago

keyring 24.x and 25.x are released but this package has keyring = ^23.5 as the dependency version specification, which prevents it from being installed alongside up-to-date keyring.

Specifically, this prevents httpie-credential-store from being installed via httpie plugins install if the system installed keyring package is already >= 24.0.

ikalnytskyi commented 4 months ago

Hey @SpotlightKid,

Thanks for the reporting this. This project clearly requires some maintenance and hasn't been updated for quite awhile, although I keep using it daily.

Specifically, this prevents httpie-credential-store from being installed via httpie plugins install if the system installed keyring package is already >= 24.0.

Do I understand correctly, that you have httpie installed system-wide? I don't mind to require >= keyring, but among python community it's not recommended to install such projects and/or plugins system-wide, since it can break software distributed by your Linux vendor.

SpotlightKid commented 4 months ago

I have installed httpie via the httpie Arch Linux package. However, Arch does not package all the httpie plugins I may want.

Since the httpie plugin manager stores plugins in httpie's configuration directory, I am able to use it as a normal user, even though httpie is installed system-wide, to install plugins and it works for other plugins. But not for this one, since its dependencies are still compared to the system-wide installed Python packages, and since keyring is installed via the Arch package management too (package python-keyring), it is at version 24.3.0-1, which is prevents httpie-credential-store from being installed.

Is it necessary anyway to pin the dependency on keyring?

ikalnytskyi commented 4 months ago

Interesting, I wasn't aware of plugin manager interface. Thanks for pointing, I want to familiarize myself with it.

Is it necessary anyway to pin the dependency on keyring?

It depends on the package and how often breaking changes introduced there. It's definitely should not be pinned. Maybe just an open interval where the minimum supported version is specified.

The repository requires some maintenance before I can make a release (CI is broken now), so it may take a week a two before I make a release.

SpotlightKid commented 4 months ago

No hurry from my side. I checked out the repo, changed the requirements locally and installed from the repo checkout.

ikalnytskyi commented 4 months ago

Just made a 3.1.0 release → https://pypi.org/project/httpie-credential-store/3.1.0/