[Bug 2022372] Re: Backport for deprecated int_from_bytes to int.from_bytes

Mauricio Faria de Oliveira 2022372 at bugs.launchpad.net
Sat Aug 26 18:34:35 UTC 2023 

Hi Heather,

Thanks for the updated debdiff!

1) The SRU template needs updates in all sections, apparently,
considering the course changes since the first approach, to what the fix
approah is now.

2) The DEP-3 headers need changes:

- Subject: while not a requirement, it'd be nice (as git does) to keep
the original (reverted) commit subject within q  quotes; e.g.: 'Subject:
Partially Revert "Remove utils.int_from_bytes (#5609)"'

- Description:
  This is not needed if Subject is present [DEP-3: "Description or Subject (required)"],
  although it's understandable the goal is to clarify why this is being done.
  
  Since you already have Subject, just use the long description outside of the headers:
  
  [DEP-3: "This obligatory field contains at least a short description on the first line.

   When Subject is used, it is expected that the long description is outside of the structured fields. 
   With Description it is possible to embed them in the field using continuation lines.
   
   In both cases, the long description allows for a more verbose explanation of the patch and its history."]

   ...
   And the 'revert of removing deprecated' part is written the other way around, right?
   (the revert is reverting _adding_ deprecated msgs, ie, effectively removing them)
	
- Origin:

  For the link, please always link to the commit in the git repo, not to the commit in the PR
  (e.g., link '[0]' in comment #20; notice the commit ID is different, the one applied is official).

  For the optional keyword to categorize, this cannot be 'upstream' (as it had changes; not a cherry-pick),
  and cannot be 'backport' (which indicates changes to _apply_, but _reverting_ it is very different),
  so we probably should go with 'vendor':
  
  [DEP-3: "The allowed keywords are
   "upstream" (in the case of a patch cherry-picked from the upstream VCS),
   "backport" (in the case of an upstream patch that had to be modified to apply on the current version), 
   "vendor" for a patch created by Debian or another distribution vendor, or 
   "other" for all other kind of patches.]

Thanks again!
Mauricio

** Changed in: cloud-archive/yoga
       Status: In Progress => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/2022372

Title:
  Backport for deprecated int_from_bytes to int.from_bytes

Status in Ubuntu Cloud Archive:
  Invalid
Status in Ubuntu Cloud Archive yoga series:
  Incomplete
Status in python-secretstorage package in Ubuntu:
  Invalid
Status in python-secretstorage source package in Bionic:
  Invalid
Status in python-secretstorage source package in Focal:
  Won't Fix
Status in python-secretstorage source package in Jammy:
  Invalid
Status in python-secretstorage source package in Kinetic:
  Invalid

Bug description:
  [ Impact ]

  A method from cryptographic_utils was deprecated and replaced.
  This affects both python-secretstorage and python3-secretstorage
  with the python3-cryptography dependency from the Ubuntu Cloud Archive.

  It also deprecates the usage of utils.int_from_bytes: pyca/cryptography#5609
  int_from_bytes is deprecated in favor of int.from_bytes which ships with Python 3

  We are cherry-picking 2 commits from upstream,
  ad7c45e493fff48f897487d6aff63f4fff021d31 and
  08c7010322ecec0de1e51cc51d5ed9db34a38aa3 to address the unnecessary
  logging when using any Openstack command, or automating the
  install/upgrade of services on OpenStack.

  [ Test Plan ]

  # This is the expected output
  python3
  >>> from secretstorage.dhcrypto import Session
  >>> session = Session()
  >>> exit()

  Installing and running the dhcrypto module from python-secretstorage
  shows after installing the package from the cloud-archive we see
  logger warnings messages from the deprecated method. Yoga has the
  updated python3-cryptography module with the upstream Debian fixes.

  sudo apt-add-repository -y cloud-archive:yoga
  sudo apt install -y python3-cryptography

  python3
  >>> from secretstorage.dhcrypto import Session
  /usr/lib/python3/dist-packages/secretstorage/dhcrypto.py:15: CryptographyDeprecationWarning: int_from_bytes is deprecated, use int.from_bytes instead
    from cryptography.utils import int_from_bytes
  /usr/lib/python3/dist-packages/secretstorage/util.py:19: CryptographyDeprecationWarning: int_from_bytes is deprecated, use int.from_bytes instead
    from cryptography.utils import int_from_bytes
  >>> exit()

  [ Where problems could occur ]

  This does not include the cryptography module update which python3-secretstorage depends on. [1] We are also still supporting Python2 with this cherry-picked patch.
  Build-Depends: debhelper-compat (= 13),
                 dh-python,
                 python3-all
                 python3-cryptography,
                 python3-jeepney
                 python3-setuptools,
                 python3-sphinx

  The impact is low as this fixes a deprecated method from a 3rd party
  library.

  It allows one to create, edit and delete secret items, manipulate
  secret collections, and search for items matching given attributes.
  It also supports locking and unlocking collections.

  [ Other Info ]

  [0] upstream debian link - https://salsa.debian.org/python-team/packages/python-secretstorage/-/commit/e24df79cf7d62f11c2906d5aa0f4885cefeafbbf
  [1] Github conversation link - https://github.com/mitya57/secretstorage/pull/27
  [2] upstream cherrypick author other - https://github.com/mitya57/secretstorage/pull/27

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/2022372/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list