A bug was recently filed against keystone [1]. As of the Newton release we depend on a class being public -- BaseAuthProtocol instead of _BaseAuthProtocol [2]. Which was introduced in 4.1.0 [3]. The current requirement for keystonemiddleware is: keystonemiddleware>=4.0.0,!=4.1.0,!=4.5.0 Blocking 4.0.0 would logically make it: keystonemiddleware>=4.2.0,!=4.5.0 I've pushed a patch to the requirements repo for this change [4]. I'd like to know if blocking the lower value makes sense, I realize it's advertised, but we're up to 4.9.0 now. Unfortunately, many projects depend on keystonemiddleware, but (luckily ?) this should only be server side projects [5], most of which are going through their RC period now. Thanks for reading, Steve [1] https://bugs.launchpad.net/keystone/+bug/1623091 [2] https://github.com/openstack/keystone/blob/master/keystone/middleware/auth.py#L38 [3] https://github.com/openstack/keystonemiddleware/commit/54cba09855fd366875391cbd25c3b3c346ff7a1b [4] https://review.openstack.org/#/c/369624/2 [5] http://codesearch.openstack.org/?q=keystonemiddleware&i=nope&files=requirements.txt&repos= -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160913/05e5e88d/attachment.html>