[openstack-dev] [Horizon] [all] django_openstack_auth potential release

Akihiro Motoki amotoki at gmail.com
Wed Apr 8 22:10:23 UTC 2015

2015-04-09 6:32 GMT+09:00 David Lyle <dklyle0 at gmail.com>:
> django_openstack_auth is a library solely consumed by Horizon in OpenStack.
> We've run into a potential requirements.txt issue.
> Horizon recently added support for Django 1.7 (1.8 released in the last
> week, but let's ignore that). The reasoning was that Django 1.6 the previous
> cap is no longer supported by Django at all, even for security fixes. After
> adding support, the global-requirements were updated [1] to support an upper
> end cap of Django 1.7. All is good. Or maybe not.
> So the global requirement and horizon repos now match:
> Django>=1.4.2,<1.8
> The current released version of django_openstack_auth is 1.1.9. And the
> requirements.txt for that version states
> Django>=1.4.2,<1.7
> The worry that arose is what dependency problems does this raise for
> deployers and distros? The 1.1.9 released version of django_openstack_auth
> code actually supports Django 1.7 even though the requirements don't include
> that version. But dependency negotiation may result in only 1.6 being used.
> So we have a couple of options. First, leave django_openstack_auth at 1.1.9
> and let deployers and distros rationalize which version of Django they want
> to use and negotiate the dependency issues independently.

At least the upstream released version should provide the correct
requirements files
so that Django 1.7 is installed, so I think the first option may bring

> Or second, release
> a new version of django_openstack_auth and determine if we want to fix the
> version django_openstack_auth in global-requirements.txt or leave the upper
> cap unbound.

I prefer the second option to release a new version of
django-openstack-auth for Kilo (with Django 1.7 support)
because some features of Kilo Horizon require a new version of
The new version will be 1.2.0 as it has new features with keeping the
backward compatibility.
It sounds reasonable to me that Kilo Horizon requires:


For Juno release, both Horizon and django-openstack-auth 1.1.9 or
older version requires Django <1.7.
Both use the same version and it looks good.

I believe this makes the situation simple.

The third option is to change only requirements file to Django<1.8 and
release django-openstack-auth 1.1.10, but it will be a bit difficult because
we need to cut a branch for kilo first.


> Given the late stage of the release I'm reluctant to release, but would like
> to better understand the downstream implications of not doing so.
> David
> [1] https://review.openstack.org/#/c/155353/
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Akihiro Motoki <amotoki at gmail.com>

More information about the OpenStack-dev mailing list