Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing not_valid_after_utc property. #12332

Closed
vog opened this issue Jan 23, 2025 · 2 comments
Closed

Missing not_valid_after_utc property. #12332

vog opened this issue Jan 23, 2025 · 2 comments
Labels
waiting-on-reporter Issue is waiting on a reply from the reporter. It will be automatically cloesd if there is no reply.

Comments

@vog
Copy link

vog commented Jan 23, 2025
edited
Loading

It seems that Cryptography 44.0.0 introduced a regression by replacing not_valid_after_utc/not_valid_before_utc properties with their non-"utc" suffixed counterparts.

Background:

Not long ago the Cryptography library deprecated the not_valid_after property and encouraged everyone to switch to not_valid_after_utc:

This is what we in requests_pkcs12, as downstream library, also did:

Now with Cryptography 44.0.0, the not_valid_after_utc suddenly vanished and only not_valid_after remained:

Questions:

  • Is this change back to a deprecated properties intentional?
    • If so, how are downstream libraries like requests_pkcs12 supposed to deal with that in a backwards compatible way?
@vog vog mentioned this issue Jan 23, 2025
Open
@alex
Copy link
Member

alex commented Jan 23, 2025

It's very difficult to understand the nature of this report -- the not_valid_after_utc attribute absolutely continues to exist:

~ ❯❯❯ vf tmp
Creating tempenv-3d533268639f via /opt/homebrew/Cellar/virtualfish/2.5.9_1/libexec/bin/python …
(tempenv-3d533268639f) ~ ❯❯❯ uv pip install cryptography
Using Python 3.13.1 environment at: .virtualenvs/tempenv-3d533268639f
Resolved 3 packages in 115ms
Installed 3 packages in 8ms
 + cffi==1.17.1
 + cryptography==44.0.0
 + pycparser==2.22
(tempenv-3d533268639f) ~ ❯❯❯ python3
Python 3.13.1 (main, Dec  3 2024, 17:59:52) [Clang 16.0.0 (clang-1600.0.26.4)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> from cryptography import x509
>>> x509.Certificate
<class 'cryptography.hazmat.bindings._rust.x509.Certificate'>
>>> x509.Certificate.not_valid_after_utc
<attribute 'not_valid_after_utc' of 'cryptography.hazmat.bindings._rust.x509.Certificate' objects>

Can you provide steps to reproduce the non-existence behavior?

@alex alex added the waiting-on-reporter Issue is waiting on a reply from the reporter. It will be automatically cloesd if there is no reply. label Jan 23, 2025
@vog
Copy link
Author

vog commented Jan 23, 2025

You are correct. Sorry for the noise. I was confused that the not_valid_after_utc property no longer existed in x509/base.py.

@vog vog closed this as completed Jan 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
waiting-on-reporter Issue is waiting on a reply from the reporter. It will be automatically cloesd if there is no reply.
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alex @vog