search

tethysplatform / tethys

The Tethys Platform main Django website project repository.
http://tethysplatform.org/
BSD 2-Clause "Simplified" License
92 stars 49 forks source link

Remove pycrypto #924

Closed sdc50 closed 1 year ago

sdc50 commented 1 year ago

It looks like pycrypto is no longer being supported (https://www.pycrypto.org/). Also, it doesn't look like it's required by any other packages.

When using a pip environment (as opposed to conda), I get the following error:

```bash File "/Users/rditlsc9/Workspace/tethys/tethys-dev/venv/lib/python3.10/site-packages/social_django/models.py", line 8, in from .storage import DjangoUserMixin, DjangoAssociationMixin, \ File "/Users/rditlsc9/Workspace/tethys/tethys-dev/venv/lib/python3.10/site-packages/social_django/storage.py", line 8, in from social_core.storage import UserMixin, AssociationMixin, NonceMixin, \ File "/Users/rditlsc9/Workspace/tethys/tethys-dev/venv/lib/python3.10/site-packages/social_core/storage.py", line 9, in from openid.association import Association as OpenIdAssociation File "/Users/rditlsc9/Workspace/tethys/tethys-dev/venv/lib/python3.10/site-packages/openid/association.py", line 30, in from openid import cryptutil File "/Users/rditlsc9/Workspace/tethys/tethys-dev/venv/lib/python3.10/site-packages/openid/cryptutil.py", line 79, in from Crypto.Util.number import long_to_bytes, bytes_to_long File "/Users/rditlsc9/Workspace/tethys/tethys-dev/venv/lib/python3.10/site-packages/Crypto/Util/number.py", line 139 value |= 2L ** (N-1) # Ensure high bit is set ```

It seems like for some reason the openid module is trying to be imported from pycrypto instead of from python3_openid like it is in the conda environment.

@swainn are you aware of anything that still requires pycrypto?

swainn commented 1 year ago

I'm not sure I follow. Is it a namespace conflict? Does removing pycrypto and installing python3_openid fix the error?

I don't know off the top of my head, but I'm guessing pycrypto is/was a dependency of one of the oauth2 providers.

sdc50 commented 1 year ago

Yes, it seems like there is a namespace conflict. The openid module can be imported from both pycrypto and from python3_openid. openid is being imported from social-auth-core, which requires the python3_openid library.

swainn commented 1 year ago

We should try removing it. It shouldn't affect 99% of users if it causes problems.