New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Release 3.1.1 #736
Comments
what is the link? I would love to contribute to the release 👯♂️ |
i joined! |
I tried to add milestone "3.1.1" to closed issues and PR. Then, it could be useful to create a PR with Changelog description, and maybe we could discuss based on that. Once everything are in master, tagging the new version should trigger the build process to release a github version and pypi. I think we should probably document the release process as well. |
that sounds reasonable to me |
What's the status of this release? |
I can, but do I need PyPI access for that? |
The release rollout must be done by creating a PR with all changelog and version changes. Once it is reviewed and merged, we can tag the git revision and tagging will automatically release a pypi release with Travis. |
oh OK |
I think this is really needed because with the newer pips installing requirements may break due to the dependency on an old PyJWT version: b69fa53 |
Yes oauthlib 3.1.0 is already causing CVE issues checkout PRISMA-2021-0041, the CVE scan setup in our pipeline throws a high severity vulnerability for this package, can you please update it as it's been quite some time |
Hmm, this issue was created a year ago, and still no new release. Things seem to have stalled a bit. That CVE 2021-0041 is currently reserved, but not yet disclosed. Maybe a fix is in the making. |
Give me a couple of days and I will trigger the release. Thanks for your patience |
Thanks for looking into this👍
…On Wed, May 12, 2021, 3:21 PM Jonathan Huot ***@***.***> wrote:
Give me a couple of days and I will trigger the release. Thanks for your
patience
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#736 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AKYROFT6TPX5IPRNXTNPGIDTNJFRHANCNFSM4M62ML7Q>
.
|
Release is finally out. Sorry for the delay, and enjoy... |
Please start the new year with the new release. |
Based on latest contributions and the previous release was not so recent, I suggest to release 3.1.1.
That will be a good opportunity for @auvipy to make your first release, if you want ;)
BTW: to synchronize that will be helpful if you join the oauthlib gitter community.
The text was updated successfully, but these errors were encountered: