-
Notifications
You must be signed in to change notification settings - Fork 284
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ElastAlert 2 builds are broken due to Stomp dependency #825
Comments
My workaround is to pin cryptography==36.0.2. |
I think it is better to fix the version of the external library to |
There's been no response from the Stomp author for a couple days now. I'm curious if anyone has an opinion on whether this Stomp alerter needs to be continued. I see it was originally added to the ElastAlert project 6 years ago. But there has not been a single question about this alerter within our discussions. If no one is using it we should consider dropping it, at least temporarily until we see the Stomp project get some attention. |
Sure, Stomp Alert doesn't remember seeing the question. He doesn't have to worry if he disappears temporarily. |
What do you think? |
I don't have any issue with dropping it. Anecdotally, I don't know of anyone with an alerting pipeline that uses it. Presumably – if there is anyone – they will complain and we can reevaluate then. |
Thanks for your input. I'll leave this as-is for a couple more days. If it's still not fixed I will remove Stomp so that we can get the next ElastAlert 2 release out. |
The cryptography package maintainers decided to help us out. They've released a new version that restores the deleted symbols, so we can continue using Stomp 8.0.0 for now. They will remove it again in the future so we'll need to keep an eye out for a newer Stomp package. Closing this issue. |
This issue is being raised to make others aware that the
make test-docker
is failing as of April 27, 2022. This is due to a PyOpenSSL dependency conflict caused by the Stomp package. That package (version 8.0.0) requires an older PyOpenSSL package, which is no longer compatible with the underlying cryptography library.An issue has been raised on the Stomp GitHub project: jasonrbriggs/stomp.py#378
The text was updated successfully, but these errors were encountered: