Release plan for 2.0.0

[consideRatio]

This is a dependency of z2jh and tljh that hasn't been updated in a long time. I'd like to get one release out that is known to work with jupyterhub 4 at least.

Action points

• 221 (actually merged, github just bugged!)

• 222

• Consider helping the following PRs land, open currently, from oldest to newest
  • [x] #87 This is a crucial fix resolving many reported issues, but introducing it isn't breaking, so it doesn't really have to come before 2.0.
  • [x] #94
  • [x] #168
  • [x] #184
  • [x] #190
  • [x] #198
  • [x] #207
  • [x] #213
  • [x] #216
  • [x] #218
  • [x] #238
• [x] Go through and triage issues

[kimkihoon0515]

great

[consideRatio]

Some issues/prs I'd like to highlight

• https://github.com/jupyterhub/ldapauthenticator/issues/126
• https://github.com/jupyterhub/ldapauthenticator/pull/258
• https://github.com/jupyterhub/ldapauthenticator/issues/260

• 49

[manics]

Which of these do you consider blockers for 2.0.0?

[consideRatio]

I'm not sure, but I'd like to keep going a while and when I run out of steam try to answer that with a better overview.

[consideRatio]

Here are things I'm currently thinking truly must resolved before 2.0 @manics:

• 267

  Currently blocked by review input.

• 246

• Evaluate allowed_users etc function side by side with allowed_groups etc - can they be used together, and if not, is it a breaking change to fix it? If so, we should fix it now.

I think we should resolve the following as well, but they could come in a followup minor release as well.

• 49

• 126

  Simple to fix, I'll get it done. Its not truly a blocker, but its such a clear bug that has a simple fix making me want to get it part of the next release.

[minrk]

Thanks for leading all this! I can have a stab at #246. allow config is very likely the cause.

[manics]

When this is ready do you think we could release a beta first, to give more time for reviewing the authenticator as a whole, especially after the security changes?

[consideRatio]

Let's do a beta release to be part of tljh / z2jh beta releases, where kubespawner probably needs a beta release as well for z2jh

[consideRatio]

2.0.0b1 is released!

[consideRatio]

Having worked in this code base a while and read all issues, I have a few ideas of improvements still:

• [ ] (breaking) change default of use_lookup_dn_username to false, it seem to make sense https://github.com/jupyterhub/ldapauthenticator/pull/280
• [x] tests: declare config instead of configuring an initialized authenticator object https://github.com/jupyterhub/ldapauthenticator/pull/281
• [x] move various validation logic to traitlets from code to fail during authenticator initialization (jupyterhub startup) instead of during runtime https://github.com/jupyterhub/ldapauthenticator/pull/280
• [x] Investigate https://github.com/jupyterhub/ldapauthenticator/issues/217 further

---

• [ ] Is group_attributes really required, even if we don't read about them in the response?
• [ ] Is there really a use case for lookup_dn and bind_dn_template? If not we should disallow it to reduce complexity for users and maintainers.
• [ ] allow search_filter to consider either resolved_username or login_username