-
Notifications
You must be signed in to change notification settings - Fork 192
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Release notes for 2.2.0 #146
Conversation
Codecov Report
@@ Coverage Diff @@
## master #146 +/- ##
=======================================
Coverage 91.96% 91.96%
=======================================
Files 14 14
Lines 1656 1656
Branches 227 227
=======================================
Hits 1523 1523
Misses 104 104
Partials 29 29 Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks ok on an general perspective.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Noted a few things, I don't see other significant changes. Nice work 👍 !
Changelog
Outdated
:release-date: TBD | ||
:release-by: Ask Solem | ||
|
||
- Fix random delays in task execusion. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Small type here: execution
Changelog
Outdated
|
||
- Added support for setting the SNI hostname header. | ||
|
||
The SSL protocol version is now set to SSLv23 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am wondering if this change is a secure and sane default. The documentation states that this constant will be deprecated in 2.7.13 and is actually an alias for ssl.PROTOCOL_TLS
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm wondering the same as well. Should we revert this and recreate a pull request?
I've noticed the same typo and same typo and some whitespace issues. See PR #147 |
@auvipy @georgepsarakis Should we revert and recreate the pull request for SNI support? Do we understand the implications of setting our SSL implementation to SSLv23? |
@thedrow go for it as it seems to be safest bet |
@thedrow I agree with recreating the SNI support PR. |
Hey so I thought about the compatiblity. Infact you can pass a more specific version as well as a dict in the new code . Sslv23 is the most compatible version of found on a number of devices and architectectures. If you look at python 3 protocoltls and sslv23 are alias. It defaults to protocoltls Here is python 2.6 (I actually found protocoltls to break on an arm board with these old versions) If you look at the source across all versions both these alias to integer value 2 That said give me a day or so I'll add more exception handling and checks in place so it has the same behavior across every combination. |
Why do we have to set it? It wasn't set before and everything worked as expected. |
Hello @thedrow and other kind folks The workaround to this was manually creating a context dummy options (dict) for the context (https://github.com/dhananjaysathe/py-amqp/blob/4fec0db649679c6e04d3698949e28dd1dbb0527b/amqp/transport.py#L298)and passing it ssl_opts as well so the context.wrap_socket would be called that supported setting the headers. This is tad messy. On the other hand, we could allow passing a ssl.SSLContext object directly. If you want a PR for that I could provide one. Lemme know what you folks think. Also here is the version compatibility line from CPython src: also sent a PR with some more checks |
These are the release notes for 2.2.0.
This release is going to be used for the upcoming Celery release.
The motivation behind the minor version bump is due to the authentication refactor which adds new capabilities but doesn't break backwards compatibility.
Please review and let me know if I got anything wrong.