deprecation warning: OpenSSL.rand, despite not importing it #674
Comments
|
Maybe we should just delete it after a very short deprecation period? There's no reason to use it, porting away is trivial, and I'm not aware of any consumers, and if you really need it, you can avoid upgrading for a while. |
|
(by short deprecation period, I mean, "we should delete it now") |
|
Going to send a PR to do that, we can bikeshed there :-) |
|
looks like this change hasn't made it out to release yet? the last release I see is 1.7.20 on Jul 20, which predates the repairing PR by 3 days. any chance of getting a release cut for pypi consumption? |
|
I second @kwlzn's request, our CI started to error out because of this issue. |
|
@hynek @reaperhulk Either of you want to do a release? Always Be Releasing :-) |
|
I'm literally on a Safari in the middle of Zimbabwe so I'm out.
|
|
@hynek nice! have fun, unless you object I'll try to con @reaperhulk into doing the release, he's got PyPI credentials. |
|
we're going to temporarily pin a downgrade to |
|
17.3.0 is out :) |
|
thanks! |
I've got some CI tests that look for deprecation warnings (in the py27 build), and these have recently started complaining about something internal in Twisted's use of OpenSSL.
Twisted (in src/twisted/protocols/tls.py) does
from OpenSSL.SSL import (somestuff), andOpenSSL/__init__.pydoesfrom OpenSSL import rand, andrand.pyhas a top-levelwarnings.warnthat saysrandis deprecated and applications should useos.urandominstead (added for #631).That advice is fine, of course, but I don't see a way for applications to avoid triggering the import-time warning (Twisted isn't using or even importing
OpenSSL.rand).If apps are depending upon being able to do
import OpenSSL; OpenSSL.rand.bytes()(rather thanfrom OpenSSL.rand import bytes), then I guess we can't remove the import from__init__.py. Could we maybe move the warning calls to the individual functions?The text was updated successfully, but these errors were encountered: