aiosmtpd
aiosmtpd copied to clipboard
aio-libs
Use trustme for test TLS certificate and key
What do these changes do?
Use trustme for test TLS certificate and key
With the current approach TLS certificate and key are hardcoded in separate files and distributed as part of wheels. This is unnecessary for end users of the package, also this brings difficulties while supporting Python 3.13, see: https://github.com/aio-libs/aiosmtpd/pull/473
Use trustme for generating TLS certificate and key on the fly, as it is done in other aio-libs packages.
Initially proposed in: https://github.com/aio-libs/aiosmtpd/pull/473#discussion_r1745661940
Are there changes in behavior for the user?
Wheels no longer include test TLS certificate and key.
Related issue number
Checklist
- [x] I think the code is well written
- [x] Unit tests for the changes exist
- [x] tox testenvs have been executed in the following environments:
- [x] Linux (openSUSE Tumbleweed):
py311-cov(after merging https://github.com/aio-libs/aiosmtpd/pull/554)
- [x] Linux (openSUSE Tumbleweed):
- [ ] Documentation reflects the changes [not worthy for documentation]
- [ ] Add a news fragment into the
NEWS.rstfile [not worthy for NEWS.rst]- Add under the "aiosmtpd-next" section, creating one if necessary
- You may create subsections to group the changes, if you like
- Use full sentences with correct case and punctuation
- Refer to relevant Issue if applicable
- Add under the "aiosmtpd-next" section, creating one if necessary
It's unclear to me what the pytest-asyncio plug-in has to do with TLS certificates or why it needs to be removed. Either way, it's best to avoid mixing up unrelated changes.
@webknjaz Unfortunately, tox tests did not pass on my machine, so I had to make this change. However, I understand your point about unrelated changes, so I split this PR into two. See: https://github.com/aio-libs/aiosmtpd/pull/554.
I tried to add workaround for installing trustme: see https://github.com/aio-libs/aiosmtpd/pull/552#discussion_r2041036210 and https://github.com/aio-libs/aiosmtpd/pull/552/files#diff-4d7c51b1efe9043e44439a949dfd92e5827321b34082903477fd04876edb7552R8-R9, however it didn't work because of PyPy trying to build cryptography:
error: the configured PyPy interpreter version (3.8) is lower than PyO3's minimum supported version (3.9)
Hence, https://github.com/aio-libs/aiosmtpd/pull/555 should be reviewed and merged first.
I'm pretty sure cryptography has older published wheels that would be compatible.
Codecov Report
:white_check_mark: All modified and coverable lines are covered by tests.
:white_check_mark: Project coverage is 97.82%. Comparing base (d087090) to head (039d938).
:warning: Report is 2 commits behind head on master.
Additional details and impacted files
@@ Coverage Diff @@
## master #552 +/- ##
==========================================
+ Coverage 97.78% 97.82% +0.03%
==========================================
Files 23 23
Lines 5697 5709 +12
Branches 764 770 +6
==========================================
+ Hits 5571 5585 +14
+ Misses 80 78 -2
Partials 46 46
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
:rocket: New features to boost your workflow:
- :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
I'm pretty sure cryptography has older published wheels that would be compatible.
You are right, cryptography==41.0.7 has compatible wheels published. I updated my PR. However, this version has a few security issues: https://security.snyk.io/package/pip/cryptography/41.0.7, so dependabot will likely create PRs.
It's possible to use env markers and only install the older version under PyPy but not others.
I had to read PEP 496, I didn't know about platform_python_implementation marker. Thanks! Done.