)]}'
{"keystonemiddleware/auth_token/__init__.py":[{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"ad44c7c748b3f28b08303aabf3ea9870be153bf9","unresolved":false,"context_lines":[{"line_number":895,"context_line":"        # support the paste.ini options."},{"line_number":896,"context_line":"        kwargs.setdefault(\u0027cert\u0027, self._conf.get(\u0027certfile\u0027))"},{"line_number":897,"context_line":"        kwargs.setdefault(\u0027key\u0027, self._conf.get(\u0027keyfile\u0027))"},{"line_number":898,"context_line":"        kwargs.setdefault(\u0027cacert\u0027, self._conf.get(\u0027cafile\u0027))"},{"line_number":899,"context_line":"        kwargs.setdefault(\u0027insecure\u0027, self._conf.get(\u0027insecure\u0027))"},{"line_number":900,"context_line":"        kwargs.setdefault(\u0027timeout\u0027, self._conf.get(\u0027http_connect_timeout\u0027))"},{"line_number":901,"context_line":"        kwargs.setdefault(\u0027user_agent\u0027, self._conf.user_agent)"}],"source_content_type":"text/x-python","patch_set":7,"id":"bfb3d3c7_60c4cff5","side":"PARENT","line":898,"updated":"2019-05-29 18:17:25.000000000","message":"This is unrelated to PKI tokens, this is about client authentication and server verification in the keystoneauth session, they can\u0027t be removed.","commit_id":"e93d078958047ebc15159224e2068acdd8e6b768"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"7e249a6a62e0307d7427f9b474ce6ac319357828","unresolved":false,"context_lines":[{"line_number":570,"context_line":"            \u0027include_service_catalog\u0027)"},{"line_number":571,"context_line":"        self._hash_algorithms \u003d self._conf.get(\u0027hash_algorithms\u0027)"},{"line_number":572,"context_line":"        self._interface \u003d self._conf.get(\u0027interface\u0027)"},{"line_number":573,"context_line":""},{"line_number":574,"context_line":"        self._auth \u003d self._create_auth_plugin()"},{"line_number":575,"context_line":"        self._session \u003d self._create_session()"},{"line_number":576,"context_line":"        self._identity_server \u003d self._create_identity_server()"}],"source_content_type":"text/x-python","patch_set":11,"id":"9fb8cfa7_341a027d","side":"PARENT","line":573,"updated":"2019-06-21 13:56:23.000000000","message":"Unrelated?","commit_id":"3e62d25dacb4282609d897f8a9cf08c3603b12d7"}],"keystonemiddleware/auth_token/_memcache_crypt.py":[{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"f5513cb626a15856b33426b7a80a0c2e65e75986","unresolved":false,"context_lines":[{"line_number":20,"context_line":"has a dependency on the cryptography module. If cryptography is not"},{"line_number":21,"context_line":"available, CryptoUnavailableError will be raised."},{"line_number":22,"context_line":""},{"line_number":23,"context_line":"This module will not be called unless signing or encryption is enabled"},{"line_number":24,"context_line":"in the config. It will always validate signatures, and will decrypt"},{"line_number":25,"context_line":"data if encryption is enabled. It is not valid to mix protection"},{"line_number":26,"context_line":"modes."}],"source_content_type":"text/x-python","patch_set":2,"id":"3f79a3b5_715bef60","side":"PARENT","line":23,"range":{"start_line":23,"start_character":38,"end_line":23,"end_character":45},"updated":"2018-10-30 18:24:10.000000000","message":"Was signing support here specific to using PKI?","commit_id":"546793f64c27e5b4688d9633d91ac1265907ffaf"},{"author":{"_account_id":2903,"name":"Morgan Fainberg","email":"morgan.fainberg@gmail.com","username":"mdrnstm"},"change_message_id":"f45737882e6ec0e69f2b24d82463d08402d88320","unresolved":false,"context_lines":[{"line_number":20,"context_line":"has a dependency on the cryptography module. If cryptography is not"},{"line_number":21,"context_line":"available, CryptoUnavailableError will be raised."},{"line_number":22,"context_line":""},{"line_number":23,"context_line":"This module will not be called unless signing or encryption is enabled"},{"line_number":24,"context_line":"in the config. It will always validate signatures, and will decrypt"},{"line_number":25,"context_line":"data if encryption is enabled. It is not valid to mix protection"},{"line_number":26,"context_line":"modes."}],"source_content_type":"text/x-python","patch_set":2,"id":"3f79a3b5_9460f90e","side":"PARENT","line":23,"range":{"start_line":23,"start_character":38,"end_line":23,"end_character":45},"in_reply_to":"3f79a3b5_715bef60","updated":"2018-10-30 19:07:17.000000000","message":"Hm. This might have been a search/replace issue. I can revert this change.","commit_id":"546793f64c27e5b4688d9633d91ac1265907ffaf"}],"keystonemiddleware/auth_token/_opts.py":[{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"083a32dbdcba3ec30844b4fce650e4ef3f6522a4","unresolved":false,"context_lines":[{"line_number":85,"context_line":"               \u0027 cache, use this option to have the middleware share a caching\u0027"},{"line_number":86,"context_line":"               \u0027 backend with swift. Otherwise, use the ``memcached_servers``\u0027"},{"line_number":87,"context_line":"               \u0027 option instead.\u0027),"},{"line_number":88,"context_line":"    cfg.StrOpt(\u0027certfile\u0027,"},{"line_number":89,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":90,"context_line":"    cfg.StrOpt(\u0027keyfile\u0027,"},{"line_number":91,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":92,"context_line":"    cfg.StrOpt(\u0027cafile\u0027,"},{"line_number":93,"context_line":"               help\u003d\u0027A PEM encoded Certificate Authority to use when \u0027"},{"line_number":94,"context_line":"                    \u0027verifying HTTPs connections. Defaults to system CAs.\u0027),"},{"line_number":95,"context_line":"    cfg.BoolOpt(\u0027insecure\u0027, default\u003dFalse, help\u003d\u0027Verify HTTPS connections.\u0027),"},{"line_number":96,"context_line":"    cfg.StrOpt(\u0027region_name\u0027,"},{"line_number":97,"context_line":"               help\u003d\u0027The region in which the identity server can be found.\u0027),"}],"source_content_type":"text/x-python","patch_set":4,"id":"3f79a3b5_c0c06180","side":"PARENT","line":94,"range":{"start_line":88,"start_character":0,"end_line":94,"end_character":76},"updated":"2018-11-06 20:06:48.000000000","message":"We haven\u0027t formally deprecated these.","commit_id":"7e1b53625990bb08425645cb92f36e16bd67db7f"},{"author":{"_account_id":2903,"name":"Morgan Fainberg","email":"morgan.fainberg@gmail.com","username":"mdrnstm"},"change_message_id":"e59e571dba5c9f413dbd88fd033ba555e72eeb9a","unresolved":false,"context_lines":[{"line_number":85,"context_line":"               \u0027 cache, use this option to have the middleware share a caching\u0027"},{"line_number":86,"context_line":"               \u0027 backend with swift. Otherwise, use the ``memcached_servers``\u0027"},{"line_number":87,"context_line":"               \u0027 option instead.\u0027),"},{"line_number":88,"context_line":"    cfg.StrOpt(\u0027certfile\u0027,"},{"line_number":89,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":90,"context_line":"    cfg.StrOpt(\u0027keyfile\u0027,"},{"line_number":91,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":92,"context_line":"    cfg.StrOpt(\u0027cafile\u0027,"},{"line_number":93,"context_line":"               help\u003d\u0027A PEM encoded Certificate Authority to use when \u0027"},{"line_number":94,"context_line":"                    \u0027verifying HTTPs connections. Defaults to system CAs.\u0027),"},{"line_number":95,"context_line":"    cfg.BoolOpt(\u0027insecure\u0027, default\u003dFalse, help\u003d\u0027Verify HTTPS connections.\u0027),"},{"line_number":96,"context_line":"    cfg.StrOpt(\u0027region_name\u0027,"},{"line_number":97,"context_line":"               help\u003d\u0027The region in which the identity server can be found.\u0027),"}],"source_content_type":"text/x-python","patch_set":4,"id":"3f79a3b5_81d9e081","side":"PARENT","line":94,"range":{"start_line":88,"start_character":0,"end_line":94,"end_character":76},"in_reply_to":"3f79a3b5_4961c3d3","updated":"2018-11-08 16:44:58.000000000","message":"This seems to be superfluous: maintaining dead code/options for no functional reason. A release note saying options are gone would do the same exact thing.\n\nIf the option was referenced / might be used (and might/will be silently ignored in a future release) I get telegraphing it and maintaining the options. I think this is a mis-understanding/use of the deprecation policy within openstack.","commit_id":"7e1b53625990bb08425645cb92f36e16bd67db7f"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"26d3bfee0b010662ef72fe11b40912e65f03e249","unresolved":false,"context_lines":[{"line_number":85,"context_line":"               \u0027 cache, use this option to have the middleware share a caching\u0027"},{"line_number":86,"context_line":"               \u0027 backend with swift. Otherwise, use the ``memcached_servers``\u0027"},{"line_number":87,"context_line":"               \u0027 option instead.\u0027),"},{"line_number":88,"context_line":"    cfg.StrOpt(\u0027certfile\u0027,"},{"line_number":89,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":90,"context_line":"    cfg.StrOpt(\u0027keyfile\u0027,"},{"line_number":91,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":92,"context_line":"    cfg.StrOpt(\u0027cafile\u0027,"},{"line_number":93,"context_line":"               help\u003d\u0027A PEM encoded Certificate Authority to use when \u0027"},{"line_number":94,"context_line":"                    \u0027verifying HTTPs connections. Defaults to system CAs.\u0027),"},{"line_number":95,"context_line":"    cfg.BoolOpt(\u0027insecure\u0027, default\u003dFalse, help\u003d\u0027Verify HTTPS connections.\u0027),"},{"line_number":96,"context_line":"    cfg.StrOpt(\u0027region_name\u0027,"},{"line_number":97,"context_line":"               help\u003d\u0027The region in which the identity server can be found.\u0027),"}],"source_content_type":"text/x-python","patch_set":4,"id":"3f79a3b5_4961c3d3","side":"PARENT","line":94,"range":{"start_line":88,"start_character":0,"end_line":94,"end_character":76},"in_reply_to":"3f79a3b5_7695933d","updated":"2018-11-07 22:06:50.000000000","message":"Sure - I get that, but it\u0027s the process we have for signaling removals to operators, which they use to clean things up.","commit_id":"7e1b53625990bb08425645cb92f36e16bd67db7f"},{"author":{"_account_id":2218,"name":"Adam Young","email":"adam@younglogic.com","username":"ayoung"},"change_message_id":"07cec9285910387ee9d4a5950cbb30fefb9481cb","unresolved":false,"context_lines":[{"line_number":85,"context_line":"               \u0027 cache, use this option to have the middleware share a caching\u0027"},{"line_number":86,"context_line":"               \u0027 backend with swift. Otherwise, use the ``memcached_servers``\u0027"},{"line_number":87,"context_line":"               \u0027 option instead.\u0027),"},{"line_number":88,"context_line":"    cfg.StrOpt(\u0027certfile\u0027,"},{"line_number":89,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":90,"context_line":"    cfg.StrOpt(\u0027keyfile\u0027,"},{"line_number":91,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":92,"context_line":"    cfg.StrOpt(\u0027cafile\u0027,"},{"line_number":93,"context_line":"               help\u003d\u0027A PEM encoded Certificate Authority to use when \u0027"},{"line_number":94,"context_line":"                    \u0027verifying HTTPs connections. Defaults to system CAs.\u0027),"},{"line_number":95,"context_line":"    cfg.BoolOpt(\u0027insecure\u0027, default\u003dFalse, help\u003d\u0027Verify HTTPS connections.\u0027),"},{"line_number":96,"context_line":"    cfg.StrOpt(\u0027region_name\u0027,"},{"line_number":97,"context_line":"               help\u003d\u0027The region in which the identity server can be found.\u0027),"}],"source_content_type":"text/x-python","patch_set":4,"id":"9fdfeff1_45955c32","side":"PARENT","line":94,"range":{"start_line":88,"start_character":0,"end_line":94,"end_character":76},"in_reply_to":"3f79a3b5_81d9e081","updated":"2019-02-12 18:06:47.000000000","message":"Just deprecate for now.  Configuration options that disappear might break tooling.","commit_id":"7e1b53625990bb08425645cb92f36e16bd67db7f"},{"author":{"_account_id":2903,"name":"Morgan Fainberg","email":"morgan.fainberg@gmail.com","username":"mdrnstm"},"change_message_id":"52a86757ab9737f0ee03f17cdef2912bb0c10f8c","unresolved":false,"context_lines":[{"line_number":85,"context_line":"               \u0027 cache, use this option to have the middleware share a caching\u0027"},{"line_number":86,"context_line":"               \u0027 backend with swift. Otherwise, use the ``memcached_servers``\u0027"},{"line_number":87,"context_line":"               \u0027 option instead.\u0027),"},{"line_number":88,"context_line":"    cfg.StrOpt(\u0027certfile\u0027,"},{"line_number":89,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":90,"context_line":"    cfg.StrOpt(\u0027keyfile\u0027,"},{"line_number":91,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":92,"context_line":"    cfg.StrOpt(\u0027cafile\u0027,"},{"line_number":93,"context_line":"               help\u003d\u0027A PEM encoded Certificate Authority to use when \u0027"},{"line_number":94,"context_line":"                    \u0027verifying HTTPs connections. Defaults to system CAs.\u0027),"},{"line_number":95,"context_line":"    cfg.BoolOpt(\u0027insecure\u0027, default\u003dFalse, help\u003d\u0027Verify HTTPS connections.\u0027),"},{"line_number":96,"context_line":"    cfg.StrOpt(\u0027region_name\u0027,"},{"line_number":97,"context_line":"               help\u003d\u0027The region in which the identity server can be found.\u0027),"}],"source_content_type":"text/x-python","patch_set":4,"id":"3f79a3b5_7695933d","side":"PARENT","line":94,"range":{"start_line":88,"start_character":0,"end_line":94,"end_character":76},"in_reply_to":"3f79a3b5_c0c06180","updated":"2018-11-06 22:07:27.000000000","message":"Options that are not referenced have zero impact on the running application, we do not reference them anymore and therefore deprecation is not needed.\n\nOslo.config will ignore extra options. Keeping around a deprecated option for the sake of a deprecated option (and that\u0027s it) doesn\u0027t make a lot of sense. This isn\u0027t runtime affecting.","commit_id":"7e1b53625990bb08425645cb92f36e16bd67db7f"},{"author":{"_account_id":2903,"name":"Morgan Fainberg","email":"morgan.fainberg@gmail.com","username":"mdrnstm"},"change_message_id":"560d94716c1fb00207136b8aa9ba2b285af3801a","unresolved":false,"context_lines":[{"line_number":85,"context_line":"               \u0027 cache, use this option to have the middleware share a caching\u0027"},{"line_number":86,"context_line":"               \u0027 backend with swift. Otherwise, use the ``memcached_servers``\u0027"},{"line_number":87,"context_line":"               \u0027 option instead.\u0027),"},{"line_number":88,"context_line":"    cfg.StrOpt(\u0027certfile\u0027,"},{"line_number":89,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":90,"context_line":"    cfg.StrOpt(\u0027keyfile\u0027,"},{"line_number":91,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":92,"context_line":"    cfg.StrOpt(\u0027cafile\u0027,"},{"line_number":93,"context_line":"               help\u003d\u0027A PEM encoded Certificate Authority to use when \u0027"},{"line_number":94,"context_line":"                    \u0027verifying HTTPs connections. Defaults to system CAs.\u0027),"},{"line_number":95,"context_line":"    cfg.BoolOpt(\u0027insecure\u0027, default\u003dFalse, help\u003d\u0027Verify HTTPS connections.\u0027),"},{"line_number":96,"context_line":"    cfg.StrOpt(\u0027region_name\u0027,"},{"line_number":97,"context_line":"               help\u003d\u0027The region in which the identity server can be found.\u0027),"}],"source_content_type":"text/x-python","patch_set":4,"id":"9fdfeff1_0b0f3588","side":"PARENT","line":94,"range":{"start_line":88,"start_character":0,"end_line":94,"end_character":76},"in_reply_to":"9fdfeff1_45955c32","updated":"2019-02-14 14:09:08.000000000","message":"Please explain how it breaks tooling. There are no errors for extra options in config","commit_id":"7e1b53625990bb08425645cb92f36e16bd67db7f"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"2d9a75b42fdd1f90a650a298da3691a8f35d7670","unresolved":false,"context_lines":[{"line_number":91,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":92,"context_line":"    cfg.StrOpt(\u0027cafile\u0027,"},{"line_number":93,"context_line":"               help\u003d\u0027A PEM encoded Certificate Authority to use when \u0027"},{"line_number":94,"context_line":"                    \u0027verifying HTTPs connections. Defaults to system CAs.\u0027),"},{"line_number":95,"context_line":"    cfg.BoolOpt(\u0027insecure\u0027, default\u003dFalse, help\u003d\u0027Verify HTTPS connections.\u0027),"},{"line_number":96,"context_line":"    cfg.StrOpt(\u0027region_name\u0027,"},{"line_number":97,"context_line":"               help\u003d\u0027The region in which the identity server can be found.\u0027),"}],"source_content_type":"text/x-python","patch_set":6,"id":"bfb3d3c7_1879382e","side":"PARENT","line":94,"updated":"2019-05-22 16:39:20.000000000","message":"Are these options actually specific to PKI/Z token signing? The help text makes them look like they are for doing client auth to keystone or requiring client auth from connecting clients.","commit_id":"e93d078958047ebc15159224e2068acdd8e6b768"},{"author":{"_account_id":27621,"name":"Vishakha Agarwal","email":"agarwalvishakha18@gmail.com","username":"Vishakha"},"change_message_id":"2466a4ec8b6645a60ecd82102ccf25d284f93f91","unresolved":false,"context_lines":[{"line_number":91,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":92,"context_line":"    cfg.StrOpt(\u0027cafile\u0027,"},{"line_number":93,"context_line":"               help\u003d\u0027A PEM encoded Certificate Authority to use when \u0027"},{"line_number":94,"context_line":"                    \u0027verifying HTTPs connections. Defaults to system CAs.\u0027),"},{"line_number":95,"context_line":"    cfg.BoolOpt(\u0027insecure\u0027, default\u003dFalse, help\u003d\u0027Verify HTTPS connections.\u0027),"},{"line_number":96,"context_line":"    cfg.StrOpt(\u0027region_name\u0027,"},{"line_number":97,"context_line":"               help\u003d\u0027The region in which the identity server can be found.\u0027),"}],"source_content_type":"text/x-python","patch_set":6,"id":"bfb3d3c7_36c0c150","side":"PARENT","line":94,"in_reply_to":"bfb3d3c7_1879382e","updated":"2019-05-23 06:50:43.000000000","message":"Yes It seems like all options are related to signing of PKI. All these options are deprecated in keystone too. [1]\n\n[1] https://github.com/openstack/keystone/blob/589152d094b248da81dc88db2449fb560985ae8b/keystone/conf/signing.py","commit_id":"e93d078958047ebc15159224e2068acdd8e6b768"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"ad44c7c748b3f28b08303aabf3ea9870be153bf9","unresolved":false,"context_lines":[{"line_number":91,"context_line":"               help\u003d\u0027Required if identity server requires client certificate\u0027),"},{"line_number":92,"context_line":"    cfg.StrOpt(\u0027cafile\u0027,"},{"line_number":93,"context_line":"               help\u003d\u0027A PEM encoded Certificate Authority to use when \u0027"},{"line_number":94,"context_line":"                    \u0027verifying HTTPs connections. Defaults to system CAs.\u0027),"},{"line_number":95,"context_line":"    cfg.BoolOpt(\u0027insecure\u0027, default\u003dFalse, help\u003d\u0027Verify HTTPS connections.\u0027),"},{"line_number":96,"context_line":"    cfg.StrOpt(\u0027region_name\u0027,"},{"line_number":97,"context_line":"               help\u003d\u0027The region in which the identity server can be found.\u0027),"}],"source_content_type":"text/x-python","patch_set":7,"id":"bfb3d3c7_80fc633e","side":"PARENT","line":94,"updated":"2019-05-29 18:17:25.000000000","message":"These are used by the keystoneauth session for client authentication and server verification:\n\nhttps://opendev.org/openstack/keystonemiddleware/src/branch/master/keystonemiddleware/auth_token/__init__.py#L896-L898\n\nand also for the s3 token for some reason:\n\nhttps://opendev.org/openstack/keystonemiddleware/src/branch/master/keystonemiddleware/s3_token.py#L83-L84\n\nThese can\u0027t be removed.","commit_id":"e93d078958047ebc15159224e2068acdd8e6b768"}],"keystonemiddleware/tests/unit/test_opts.py":[{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"9954a50b77f0c315a70327717f12c5afbb9bc26d","unresolved":false,"context_lines":[{"line_number":47,"context_line":"            \u0027admin_password\u0027,"},{"line_number":48,"context_line":"            \u0027admin_tenant_name\u0027,"},{"line_number":49,"context_line":"            \u0027cache\u0027,"},{"line_number":50,"context_line":"            \u0027certfile\u0027,"},{"line_number":51,"context_line":"            \u0027keyfile\u0027,"},{"line_number":52,"context_line":"            \u0027cafile\u0027,"},{"line_number":53,"context_line":"            \u0027region_name\u0027,"},{"line_number":54,"context_line":"            \u0027insecure\u0027,"},{"line_number":55,"context_line":"            \u0027signing_dir\u0027,"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_dbdfac66","side":"PARENT","line":52,"range":{"start_line":50,"start_character":13,"end_line":52,"end_character":21},"updated":"2019-05-29 18:35:36.000000000","message":"These need to be added back","commit_id":"e93d078958047ebc15159224e2068acdd8e6b768"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"9954a50b77f0c315a70327717f12c5afbb9bc26d","unresolved":false,"context_lines":[{"line_number":92,"context_line":"            \u0027http_connect_timeout\u0027,"},{"line_number":93,"context_line":"            \u0027http_request_max_retries\u0027,"},{"line_number":94,"context_line":"            \u0027cache\u0027,"},{"line_number":95,"context_line":"            \u0027certfile\u0027,"},{"line_number":96,"context_line":"            \u0027keyfile\u0027,"},{"line_number":97,"context_line":"            \u0027cafile\u0027,"},{"line_number":98,"context_line":"            \u0027region_name\u0027,"},{"line_number":99,"context_line":"            \u0027insecure\u0027,"},{"line_number":100,"context_line":"            \u0027signing_dir\u0027,"}],"source_content_type":"text/x-python","patch_set":9,"id":"bfb3d3c7_fbdab075","side":"PARENT","line":97,"range":{"start_line":95,"start_character":12,"end_line":97,"end_character":21},"updated":"2019-05-29 18:35:36.000000000","message":"And these","commit_id":"e93d078958047ebc15159224e2068acdd8e6b768"}],"releasenotes/notes/bug-1649735-3c68f3243e474775.yaml":[{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"2d9a75b42fdd1f90a650a298da3691a8f35d7670","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"bfb3d3c7_189e1854","line":14,"updated":"2019-05-22 16:39:20.000000000","message":"I think an \u0027upgrade\u0027 note would be good too.","commit_id":"9ac30828eff83987be2cc248e1c5e2bbd0614daf"},{"author":{"_account_id":8482,"name":"Colleen Murphy","email":"colleen@gazlene.net","username":"krinkle"},"change_message_id":"ad44c7c748b3f28b08303aabf3ea9870be153bf9","unresolved":false,"context_lines":[{"line_number":17,"context_line":"    [`bug 1649735 \u003chttps://bugs.launchpad.net/keystone/+bug/1649735\u003e`_]"},{"line_number":18,"context_line":"    Keystonemiddleware no longer supports PKI/PKIZ tokens, all"},{"line_number":19,"context_line":"    associated offline validation has been removed. The configuration"},{"line_number":20,"context_line":"    options `certfile`, `keyfile`, `cafile`, `signing_dir`, and"},{"line_number":21,"context_line":"    `hash_algorithms` have been removed, if they still exist in your"},{"line_number":22,"context_line":"    configuration(s), they are now safe to remove."},{"line_number":23,"context_line":"    Please consider utilizing the newer fernet or JWS token formats."}],"source_content_type":"text/x-yaml","patch_set":7,"id":"bfb3d3c7_c0b49b82","line":20,"range":{"start_line":20,"start_character":12,"end_line":20,"end_character":44},"updated":"2019-05-29 18:17:25.000000000","message":"nope","commit_id":"ef8a75279fa1f1388b2bedcded848233e4e7b3cf"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"7e249a6a62e0307d7427f9b474ce6ac319357828","unresolved":false,"context_lines":[{"line_number":7,"context_line":"    `revocations_cache_time` and `check_revocations_for_cached` have been"},{"line_number":8,"context_line":"    removed."},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"    Keystone no longer issues PKI/PKIZ tokens and now keystonemiddleware\u0027s"},{"line_number":11,"context_line":"    Support for PKI/PKIZ and associated offline validation has been removed."},{"line_number":12,"context_line":"    This includes the deprecated config options `signing_dir`, and"},{"line_number":13,"context_line":"    `hash_algorithms`."}],"source_content_type":"text/x-yaml","patch_set":11,"id":"9fb8cfa7_9f450746","line":10,"range":{"start_line":10,"start_character":4,"end_line":10,"end_character":38},"updated":"2019-06-21 13:56:23.000000000","message":"This has been true for a while, Ocata actually [0]. This is a total nit, but we could explicitly say the lead time was necessary for deployments to convert to another format.\n\n\n[0] https://docs.openstack.org/releasenotes/keystone/ocata.html","commit_id":"b3e84aafc0302b1a87754f438696794076ba844f"}]}