Summary

Bump the cryptography dependency and add an explicit pyOpenSSL dependency.

Review Request #12863 — Created March 2, 2023 and submitted March 7, 2023, 1:02 a.m.

Information

Owner

chipx86

Repository

Review Board

Branch

release-5.0.x

Bugs

Depends On

Reviewers

Groups

reviewboard

People

Description

We've historically been pretty flexible with the version of
cryptography installed, leaving more explicit version ranges up to
other dependencies. However, a situation was found where older versions
of pyOpenSSL outright break the system (impacting pip) when
newer versions of cryptography are installed, and that can break
Review Board, leading to an install nightmare.

This is documented here: https://github.com/pyca/pyopenssl/issues/1143

While we don't use pyOpenSSL ourselves, we want to ease installation.
The easiest way to do this is to ensure we're depending on both a modern
cryptograph (which will also help us avoid Python version breakages
down the road), and a compatible pyOpenSSL.

pyOpenSSL is a pure-Python package, and doesn't add any new
dependencies we don't already explicitly or implicitly depend on, so
it should be fairly safe.

Testing Done

Installed the dependencies on all supported versions of Python.

Verified that pyOpenSSL didn't result in any additional packages
installed.

Commits

Summary	ID
Bump the cryptography dependency and add an explicit pyOpenSSL dependency. We've historically been pretty flexible with the version of `cryptography` installed, leaving more explicit version ranges up to other dependencies. However, a situation was found where older versions of `pyOpenSSL` outright break the system (impacting `pip`) when newer versions of `cryptography` are installed, and that can break Review Board, leading to an install nightmare. This is documented here: https://github.com/pyca/pyopenssl/issues/1143 While we don't use `pyOpenSSL` ourselves, we want to ease installation. The easiest way to do this is to ensure we're depending on both a modern `cryptograph` (which will also help us avoid Python version breakages down the road), and a compatible `pyOpenSSL`.	35ef0f8eafa72188757b8090b35ab6a74babe106

Summary

Bump the cryptography dependency and add an explicit pyOpenSSL dependency.

We've historically been pretty flexible with the version of `cryptography` installed, leaving more explicit version ranges up to other dependencies. However, a situation was found where older versions of `pyOpenSSL` outright break the system (impacting `pip`) when newer versions of `cryptography` are installed, and that can break Review Board, leading to an install nightmare. This is documented here: https://github.com/pyca/pyopenssl/issues/1143 While we don't use `pyOpenSSL` ourselves, we want to ease installation. The easiest way to do this is to ensure we're depending on both a modern `cryptograph` (which will also help us avoid Python version breakages down the road), and a compatible `pyOpenSSL`.

35ef0f8eafa72188757b8090b35ab6a74babe106

flake8 passed.

JSHint passed.

Ship it!

```
Ship It!
```

Status: Closed (submitted)

Change Summary:

Pushed to release-5.0.x (092e5b9)