Release the new version
mxamin opened this issue Β· 30 comments
Now that we have the fix for compliance with XMLsec v1.3.3, I guess we need to release a new version so we can close the related issue, trying to install with pip.
@jimjag @bgaifullin What do you think? Do you think of any preparation/changes before the release.
I can create the tag and the release note but since I don't have access to pypi, I need your help with that.
I think y'all are still missing: #280 which makes the code changes for xmlsec 1.3.3.
#253 will also be necessary for python 3.11 support, I believe. The code won't work as-is as it still references xmlSecCryptoAppKeyLoad rather than xmlSecCryptoAppKeyLoadEx. It can be merged, and adjusted after by replacing line 209 with key->handle = xmlSecCryptoAppKeyLoad(engine_and_key_id, xmlSecKeyDataTypePrivate, xmlSecKeyDataFormatEngine, NULL, xmlSecCryptoAppGetDefaultPwdCallback(),
Both have been merged into HEAD
Awesome! I made a mistake in the above comment. This final PR will fix things #285
Wicked! Build works on Alpine Linux using py3-lxml 4.94, py3-xmlsec 1.3.3 and python 3.11.
With the new changes, you can't install the library using the old version of xmlsec1. I made a few changes to make it backward compatible: #286
I also noticed that building the library would fail with the latest version of xmlsec1 (1.3.3) because of a typo: lsh123/xmlsec#755
Thanks to everyone involved in this hard work, keeping the project alive.
python3-saml depends on this great library and we are so happy that you are fixing the installation and other conflicts reported.
The release of a new version is so close, thanks again!
@nosnilmot afaict, that PR doesnβt block binary lxml for library users, itβs just for the library tests or something. I donβt see that it is referenced from setup.py.
that PR doesnβt block binary lxml for library users, itβs just for the library tests or something. I donβt see that it is referenced from setup.py.
oh boo, and from what I can tell there is no trivial way to specify 'no-binary' for dependencies installed by setup.py π
is this going to be merged?
We are at the point where, we think, all required and available PRs have been merged.
We are at the point where, we think, all required and available PRs have been merged.
Perfect, @jimjag I can prepare the release (tag, change log, etc) but I don't have access to update the PyPI.
You might want to consider merging #299 before the new release goes out, since it makes it much clearer when the libxml2 version is out of sync between xmlsec and lxml. I've personally found this fairly difficult to get right, and I think this is evidenced by most of the CI builds failing because of this issue.
I also noticed that building the library would fail with the latest version of xmlsec1 (1.3.3) because of a typo: lsh123/xmlsec#755
I created an issue (lsh123/xmlsec#770) for this in xmlsec repo, they're planning to do the RC release today and release the new version in ~2 weeks. I guess that would be great if we finalise the changes by the end of this week, test it with xmlsec RC release and finally release a new version in the up coming week. What do you think?
I have PyPI access... well, at least an account. So let's start with the release process. Coordinating w/ xmlsec makes sense.
I created a pre-release https://github.com/xmlsec/python-xmlsec/releases/tag/1.3.14-rc1
Please test it and let me know if there's something missing.
I guess we can release the official next version sometime next week if nothing changes
I couldn't create the prebuilt wheels for Windows, I had trouble using Appveyor so any help with that is appreciated :)
We still need access to python-xmlsec official pypi (https://pypi.org/project/xmlsec/). @bgaifullin, @hoefling, @mehcode Can you add me as a maintainer so I can upload the new release.
@bgaifullin @hoefling @mehcode Any update regarding the access to pypi?
the pre-release fixes the installation issue using pip on macOs 14.4 M1 π
Just a FYI that I'll be traveling from Apr15->May1 with limited 'net access
Just a FYI that I'll be traveling from Apr15->May1 with limited 'net access
I'm also gonna be unavailable from 19th April -> 11th May. I'm trying to gain access to pypi so we can release the new version sooner but unfortunately none of the maintainers are responding. I even emailed them yesterday but no response yet.
XMLSec1 release the new version 1.3.4 two days ago, so we can release if we gain access.
Let's hope we gain access till then.
Sorry for delay.
Send invitation to mxamin and jimjag Please check your mailbox.
Thanks a lot @bgaifullin
white smoke?
Update: I'm working on preparing windows wheels, I hope I can finish it by the end of this week. If so we will release the new version.
I released the new version: 1.3.14