Open Stack

Steve Martinelli <s.martinelli at gmail.com> wrote:

> A bug was recently filed against keystone [1]. As of the Newton release  
> we depend on a class being public -- BaseAuthProtocol instead of  
> _BaseAuthProtocol [2]. Which was introduced in 4.1.0 [3].
>
> The current requirement for keystonemiddleware is:
>   keystonemiddleware>=4.0.0,!=4.1.0,!=4.5.0
>
> Blocking 4.0.0 would logically make it:
>   keystonemiddleware>=4.2.0,!=4.5.0
>
> I've pushed a patch to the requirements repo for this change [4]. I'd  
> like to know if blocking the lower value makes sense, I realize it's  
> advertised, but we're up to 4.9.0 now.
>
> Unfortunately, many projects depend on keystonemiddleware, but (luckily  
> ?) this should only be server side projects [5], most of which are going  
> through their RC period now.

I suggest instead keystone closes the gap on their side, by falling back to  
_BaseAuthProtocol class if public one is not present. No requirement  
updates, no delay in rc1, just some time for keystone folks to be aware  
that the private class in 4.0.+ series is to be considered kinda public for  
their own usage.

Ihar