Remove python-oauth from the archive

Bug #1118815 reported by Barry Warsaw
18
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Gwibber
Fix Released
Undecided
Unassigned
MAAS
Invalid
Low
Unassigned
OpenStack HA Cluster Charm
Invalid
Undecided
Unassigned
U1DB
Fix Released
Undecided
Unassigned
cloud-init
Fix Released
Medium
Scott Moser
pyjuju
Fix Released
Low
Unassigned
identicurse (Ubuntu)
Fix Released
Undecided
Unassigned
jsonbot (Ubuntu)
Fix Released
Undecided
Unassigned
python-django-piston (Ubuntu)
Fix Released
Medium
Unassigned
python-oauth (Ubuntu)
Fix Released
Medium
Ubuntu Package Archive Administrators
turpial (Ubuntu)
Fix Released
Undecided
Unassigned
tweepy (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

This bug tracks the removal of python-oauth from the archive. (See also https://blueprints.launchpad.net/ubuntu/+spec/foundations-r-python3-oauth for additional details).

There are several very good reasons to remove python-oauth and port all reverse depends to python-oauthlib.

 * upstream oauth has been abandoned since 2009
 * upstream oauth only supports OAuth 1 (and probably not even the RFC 5849 standard)
 * upstream oauth only supports Python 2
 * upstream oauthlib is actively maintained
 * upstream oauthlib supports Python 2 and Python 3
 * upstream oauthlib supports RFC 5849 and the OAuth2 spec draft

As of yet, we cannot remove python-oauth because of existing reverse dependencies. I'll add each of those as bug tasks to this one for tracking purposes. When the time comes, I'll subscribe ~ubuntu-archive to the bug to do the final deed.

It will need to be blacklisted from Debian sync too.

In the meantime, *please* don't write any new code using python-oauth! Use python-oauthlib.

http://pypi.python.org/pypi/oauthlib

Changed in launchpadlib:
importance: Undecided → Low
status: New → Triaged
Changed in lazr.restfulclient:
importance: Undecided → Low
status: New → Triaged
Julien Funk (jaboing)
tags: added: u1-notrack
Changed in maas:
importance: Undecided → Low
status: New → Triaged
Steve Langasek (vorlon)
Changed in identicurse (Ubuntu Raring):
status: New → Won't Fix
Steve Langasek (vorlon)
Changed in turpial (Ubuntu Raring):
status: New → Won't Fix
Steve Langasek (vorlon)
Changed in jsonbot (Ubuntu Raring):
status: New → Won't Fix
Changed in python-django-piston (Ubuntu Raring):
status: New → Won't Fix
Changed in python-oauth (Ubuntu Raring):
status: New → Won't Fix
Steve Langasek (vorlon)
Changed in tweepy (Ubuntu Raring):
status: New → Won't Fix
Changed in juju:
importance: Undecided → Low
status: New → Triaged
Scott Moser (smoser)
Changed in cloud-init:
milestone: none → 0.7.2
assignee: nobody → Scott Moser (smoser)
importance: Undecided → Medium
status: New → Triaged
Revision history for this message
Scott Moser (smoser) wrote :

Just quickly googling to see how easy this would be, the python-oauthlib documentation [1] says:
  "If you then you should take a look at requests-oauthlib [2] which has several examples of how to use OAuth1 with requests."

Is there any plan to get requests_oauthlib ? We've just moved cloud-init to requests and this would seem like the path of least resistance for anyone else using requests.

--
[1] https://oauthlib.readthedocs.org/en/latest/client.html
[2] https://github.com/requests/requests-oauthlib

Revision history for this message
Julian Edwards (julian-edwards) wrote :

MAAS is blocked on python-django-piston getting fixed first.

Revision history for this message
Barry Warsaw (barry) wrote :
Revision history for this message
Julian Edwards (julian-edwards) wrote :

Cheers Bazza.

James Page (james-page)
Changed in python-oauth (Ubuntu):
importance: Undecided → Medium
status: New → Triaged
importance: Medium → Undecided
status: Triaged → New
Changed in python-django-piston (Ubuntu):
importance: Undecided → Medium
status: New → Triaged
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

there is requests_oauthlib implementation both in python2 and python3.

Mathew Hodson (mhodson)
no longer affects: identicurse (Ubuntu Raring)
no longer affects: jsonbot (Ubuntu Raring)
no longer affects: python-django-piston (Ubuntu Raring)
no longer affects: python-oauth (Ubuntu Raring)
no longer affects: turpial (Ubuntu Raring)
no longer affects: tweepy (Ubuntu Raring)
Colin Watson (cjwatson)
Changed in lazr.restfulclient:
assignee: nobody → Colin Watson (cjwatson)
status: Triaged → In Progress
Revision history for this message
Colin Watson (cjwatson) wrote :

I'm removing the lazr.restfulclient task from this bug; this is tracked in bug 1672458 instead. (I'd have marked that bug as a duplicate of this one, but as is often the way with bugs with many tasks, Launchpad is having trouble with the number of structural subscriptions and is timing out on me. More focused bugs are easier to deal with anyway.)

no longer affects: launchpadlib
no longer affects: lazr.restfulclient
Dan Watkins (oddbloke)
Changed in cloud-init:
milestone: 0.7.2 → none
status: Triaged → Fix Released
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Regarding python-django-piston, there is no change yet. Upstream issue unanswered (https://bitbucket.org/jespern/django-piston/issues/231/switch-to-oauthlib), and no new upstream release since a long time. rmadison shows ubuntu has had version 0.2.3 since precise, all the way up to disco.

Revision history for this message
Adam Collard (adam-collard) wrote :

This bug has not seen any activity in the last 6 months, so it is being automatically closed.

If you are still experiencing this issue, please feel free to re-open.

MAAS Team

Changed in maas:
status: Triaged → Invalid
Revision history for this message
Trent Lloyd (lathiat) wrote :

python-oauth is significantly broken in Focal due to trying to import cgi.parse_qs which moved for Python3.8. This breaks the MAAS CLI.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in identicurse (Ubuntu):
status: New → Confirmed
Changed in jsonbot (Ubuntu):
status: New → Confirmed
Changed in python-oauth (Ubuntu):
status: New → Confirmed
Changed in turpial (Ubuntu):
status: New → Confirmed
Changed in tweepy (Ubuntu):
status: New → Confirmed
Paride Legovini (paride)
Changed in identicurse (Ubuntu):
status: Confirmed → Fix Released
Changed in jsonbot (Ubuntu):
status: Confirmed → Fix Released
Changed in python-django-piston (Ubuntu):
status: Triaged → Fix Released
Changed in turpial (Ubuntu):
status: Confirmed → Fix Released
Changed in tweepy (Ubuntu):
status: Confirmed → Fix Released
Paride Legovini (paride)
Changed in u1db:
status: New → Fix Released
Changed in gwibber:
status: New → Fix Released
Changed in pyjuju:
status: Triaged → Fix Released
Revision history for this message
Paride Legovini (paride) wrote :

I updated some tasks:

- identicurse: removed from Groovy => Fix Released
- jsonbot: removed from Bionic => Fix Released
- python-django-piston: removed from Eoan => Fix Released
- turpial: removed from Xenial => Fix Releaed
- tweepy: dependency dropped in Xenial => Fix Released
- u1db: pkg dropped in Focal => Fix Released
- gwibber: removed from Xenial => Fix Released
- pyjuju/juju: removed from Bionic => Fix Released

According to

https://bugs.launchpad.net/ubuntu/+source/python-oauth/+bug/1883875

MAAS is not a blocker for the removal of python-oauth from Groovy. I think it should be Fix Released too.

I am not familiar with the OpenStack hacluster charm.

Revision history for this message
Alex Kavanagh (ajkavanagh) wrote :

Not a charm bug now.

Changed in charm-hacluster:
status: New → Invalid
Revision history for this message
Athos Ribeiro (athos-ribeiro) wrote :

There was another comment a while ago on https://bugs.launchpad.net/ubuntu/+source/python-oauth/+bug/1883875 with concerns on MASS still needing this package. It seems this is no longer the case. If so, we could proceed with removal on this one.

Changed in python-oauth (Ubuntu):
assignee: nobody → Athos Ribeiro (athos-ribeiro)
importance: Undecided → Medium
tags: added: server-next
Utkarsh Gupta (utkarsh)
Changed in python-oauth (Ubuntu):
assignee: Athos Ribeiro (athos-ribeiro) → Ubuntu Package Archive Administrators (ubuntu-archive)
Revision history for this message
Athos Ribeiro (athos-ribeiro) wrote :

I verified reverse dependencies in jammy by running:

reverse-depends src:python-oauth

and

reverse-depends src:python-oauth -a source

Neither returned dependencies.

Revision history for this message
Steve Langasek (vorlon) wrote :

Removing packages:
 python-oauth 1.0.1-6ubuntu1 in jammy
  python-oauth 1.0.1-6ubuntu1 in jammy amd64
  python-oauth 1.0.1-6ubuntu1 in jammy arm64
  python-oauth 1.0.1-6ubuntu1 in jammy armhf
  python-oauth 1.0.1-6ubuntu1 in jammy i386
  python-oauth 1.0.1-6ubuntu1 in jammy ppc64el
  python-oauth 1.0.1-6ubuntu1 in jammy riscv64
  python-oauth 1.0.1-6ubuntu1 in jammy s390x
  python3-oauth 1.0.1-6ubuntu1 in jammy amd64
  python3-oauth 1.0.1-6ubuntu1 in jammy arm64
  python3-oauth 1.0.1-6ubuntu1 in jammy armhf
  python3-oauth 1.0.1-6ubuntu1 in jammy i386
  python3-oauth 1.0.1-6ubuntu1 in jammy ppc64el
  python3-oauth 1.0.1-6ubuntu1 in jammy riscv64
  python3-oauth 1.0.1-6ubuntu1 in jammy s390x
Comment: (From Debian) RoQA; obsolete, replaced by python-oauthlib; Debian bug #1006229
Remove [y|N]? y

Changed in python-oauth (Ubuntu):
status: Confirmed → Fix Released
Revision history for this message
James Falcon (falcojr) wrote :
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.