keystone/releasenotes/notes/sha512_crypt_deprecation-91a19080f1e884e4.yaml
Artem Goncharov 02583542c0 Switch to crypt from passlib
Next step in getting rid of `passlib` is sha512_crypt. This one is
tricky since the `crypt` lib is deprecated in py311 and dropped in py313
with the only replacement by `passlib`. But since passlib itself is
abandoned it literally means there is nothing we could use.

On the other hand `sha512_crypt` was "deprecated" already in pike and it
is not possible to enable it in Keystone while old passwords are still
supported.

In this unlucky situation still get rid of passlib and support for this
algorightm is going to be completely dropped in next Keystone release.

Change-Id: If791c953bc2953f2c78ff91e4fc4a342b89d6d1b
2024-09-23 19:59:51 +02:00

8 lines
267 B
YAML

---
deprecations:
- |
This is the last release where passwords hashed using sha512_crypt
algorithm are supported. Since even support of that is being dropped in
python 3.13 it would be physically dropped from Keystone in the next
release (`Epoxy`).