Bug 1730033

Summary: Dependent packages need oauthlib >= 3.0
Product: [Fedora] Fedora Reporter: John Dennis <jdennis>
Component: python-oauthlibAssignee: John Dennis <jdennis>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: infra-sig, jdennis, kevin, puiterwijk, rbean
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: python-oauthlib-3.0.2-1.fc31 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-07-15 22:55:19 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1697439    

Description John Dennis 2019-07-15 16:05:18 UTC 
oauthlib 3.0 was released Jan 8 2019, the current upstream is 3.0.2 released July 4 2019.

python-requests-oauthlib has a dependency on python-oauthlib >= 3.0 as well as a few other packages I believe. The dependency on python-oauthlib in python-requests-oauthlib was not caught when python-requests-oauthlib was updated in rawhide and F30, this needs to get fixed.
Comment 1 Kevin Fenzi 2019-07-15 16:39:38 UTC 
python-requests-oauthlib is the only one that requires >= 3.0 as far as I can tell. All the rest use the OAuth1 interface, which wasn't changed much in 3.0 (just a new cypher added). 

I'm going to update this wed unless I hear otherwise from anyone.
Comment 2 John Dennis 2019-07-15 22:55:19 UTC 
Rawhide (F31 at the moment) is now updated with oauthlib 3.0.2

The dependency on oauthlib from >=2.1.0 to >=3.0.0 occurred in requests-oauthlib 1.2.0, not in 1.0.0 as I had mistakenly feared. F30 has 1.0.0 not 1.2.0 so I think we're safe because F30 still has oauthlib 2.1.0, therefore I believe F30 is O.K. with respect to version dependencies.