Missing dependency cryptography from version 3.1.0 on
dev022022 opened this issue · 3 comments
Hi!
First of all thanks for maintaining this great library!
During migrating from version 3.0.0 to 3.1.0 some days ago I stumbled over an issue with the dependencies. This seems to be caused by the change of the JWT library from jwcrypto to PyJWT.
The difference is that jwcrypto had an explicit dependency to cryptography (see) whereas PyJWT only has an dependency using an extra (see)
This leads for me to the following error after changing to the new github3 version:
2047 | File "/tmp/venv/lib/python3.9/site-packages/github3/github.py", line 1427, in login_as_app 2048 | token = apps.create_token(private_key_pem, app_id, expire_in) 2049 | File "/tmp/venv/lib/python3.9/site-packages/github3/apps.py", line 175, in create_token 2050 | token = jwt.encode( 2051 | File "/tmp/venv/lib/python3.9/site-packages/jwt/api_jwt.py", line 63, in encode 2052 | return api_jws.encode(json_payload, key, algorithm, headers, json_encoder) 2053 | File "/tmp/venv/lib/python3.9/site-packages/jwt/api_jws.py", line 118, in encode 2054 | raise NotImplementedError( 2055 | NotImplementedError: Algorithm 'RS256' could not be found. Do you have cryptography installed?
A possible solution could be to add the extra flag to the dependencies of this project to avoid having the projects using this library being forced to explicitly add cryptography as dependency. This would also be fine from my point of view in respect of the fact that this dependency is not optional for github3.
This would mean changing this part (see):
PyJWT[crypto]>=2.3.0
What do you think?
That makes sense to me. Would you like to send a PR to fix it? I should be able to release it some time today
Fixed and released! Thanks @dev022022