Unnecessary dependencies for non-Kerberos users #971
Comments
|
Yes, I'd merge that. |
|
Totally agree. |
otan
added a commit
to otan-cockroach/pgconn
that referenced
this issue
Apr 10, 2022
This commit adds the GSSAPI authentication to pgx. This roughly follows the lib/pq implementation: * We require registering a provider to avoid mass dependency inclusions that may not be desired (lib/pq#971). * Requires the pgproto3 package be updated. I've included my custom fork for now.
otan
added a commit
to otan-cockroach/pgconn
that referenced
this issue
Apr 11, 2022
This commit adds the GSSAPI authentication to pgx. This roughly follows the lib/pq implementation: * We require registering a provider to avoid mass dependency inclusions that may not be desired (lib/pq#971). * Requires the pgproto3 package be updated. I've included my custom fork for now.
otan
added a commit
to otan-cockroach/pgconn
that referenced
this issue
Apr 11, 2022
This commit adds the GSSAPI authentication to pgx. This roughly follows the lib/pq implementation: * We require registering a provider to avoid mass dependency inclusions that may not be desired (lib/pq#971). * Requires the pgproto3 package be updated. I've included my custom fork for now.
otan
added a commit
to otan-cockroach/pgconn
that referenced
this issue
Apr 12, 2022
This commit adds the GSSAPI authentication to pgx. This roughly follows the lib/pq implementation: * We require registering a provider to avoid mass dependency inclusions that may not be desired (lib/pq#971). * Requires the pgproto3 package be updated. I've included my custom fork for now.
otan
added a commit
to otan-cockroach/pgconn
that referenced
this issue
Apr 12, 2022
This commit adds the GSSAPI authentication to pgx. This roughly follows the lib/pq implementation: * We require registering a provider to avoid mass dependency inclusions that may not be desired (lib/pq#971). * Requires the pgproto3 package be updated. I've included my custom fork for now.
otan
added a commit
to otan-cockroach/pgconn
that referenced
this issue
Apr 12, 2022
This commit adds the GSSAPI authentication to pgx. This roughly follows the lib/pq implementation: * We require registering a provider to avoid mass dependency inclusions that may not be desired (lib/pq#971). * Requires the pgproto3 package be updated. I've included my custom fork for now.
jackc
pushed a commit
to jackc/pgconn
that referenced
this issue
Apr 15, 2022
This commit adds the GSSAPI authentication to pgx. This roughly follows the lib/pq implementation: * We require registering a provider to avoid mass dependency inclusions that may not be desired (lib/pq#971). * Requires the pgproto3 package be updated. I've included my custom fork for now.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
An unfortunate consequence of the recently-merged Kerberos support (#970) is that users who don't use Kerberos are now forced to pull in 8 dependencies (previously pq had no dependencies) which increases both technical and legal risk. Of particular concern is that the jcmturner libraries are licensed under a more restrictive license (Apache 2) than pq itself. This license isn't compatible with GPLv2, which means it's no longer legal for GPLv2 projects to use pq.
My proposal for fixing this (which I am volunteering to implement if you are OK with it) is to move krb_unix.go and krb_windows.go to their own package and module. They would have an
initfunction that would register theNewGSSfunction with pq. When pq needs to create aGssobject it would call the registered function (or return an error if no Kerberos implementation has been registered). The users who need Kerberos support would import the Kerberos package with a blank package name - much like how pq is often imported. The users who don't need Kerberos wouldn't import this package and won't pay the cost of the additional dependencies.The text was updated successfully, but these errors were encountered: