search

python-zk / kazoo

Kazoo is a high-level Python library that makes it easier to use Apache Zookeeper.
https://kazoo.readthedocs.io
Apache License 2.0
1.3k stars 386 forks source link

New kazoo release to include SSL fixes #720

Closed davemcphee closed 7 months ago

davemcphee commented 1 year ago

What would you like to be added

706 , fixes various SSL methods that where deprecated in python3.10. Yay! The PR was merged in Feb 2023, any chance of a new kazoo release that incorporates this PR?

Why is this needed

While the warnings are merely annoying, we're running kazoo in a FIPS enabled environment, where any TLS / SSL issues (or warnings) become much more serious from an auditing perspective. We'd love to bump our kazoo dependencies to the next version to mitigate these admittedly corporate problems :) Any plans / timelines for a new kazoo release?

StephenSorriaux commented 1 year ago

Hello,

Thank you for the issue.

I believe a new release would be cut soon, on my side I was waiting on https://github.com/python-zk/kazoo/pull/681 to land so that our Windows users can enjoy the lib in its latest version. I am just curious: have you been able to try the current master branch?

ceache commented 1 year ago

Would there be appetite for #685 to be merged for that new release?

On Wed, May 24, 2023, 09:02 Stephen Sorriaux @.***> wrote:

Hello,

Thank you for the issue.

I believe a new release would be cut soon, on my side I was waiting on

681 https://github.com/python-zk/kazoo/pull/681 to land so that our

Windows users can enjoy the lib in its latest version. I am just curious: have you been able to try the current master branch?

— Reply to this email directly, view it on GitHub https://github.com/python-zk/kazoo/issues/720#issuecomment-1561106505, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAIFTHWIP6TBTSPISTG4OYTXHYBFPANCNFSM6AAAAAAYKSJGG4 . You are receiving this because you are subscribed to this thread.Message ID: @.***>

davemcphee commented 1 year ago

I am just curious: have you been able to try the current master branch?

I have, but only locally / in dev - and ofc it works great!

For context: prod releases require our images based on RedHat UBI with FIPS enabled, which make testing "is this a FIPS issue?" problems trivial - just unset OPENSSL_FORCE_FIPS_MODE and retry, if the error's gone, it was FIPS.

StephenSorriaux commented 7 months ago

Hello,

Just wanted to give a heads up that the 2.10.0 release is here now.