[Cubicweb] Pyro and ZMQ deprecated?
aurelien.campeas at gmail.com
Sun Mar 2 15:20:00 CET 2014
2014-03-02 14:47 GMT+01:00 Dimitri Papadopoulos Orfanos <
dimitri.papadopoulos at cea.fr>:
> Dear all,
> I've stumbled upon the following tickets and learned that ZMQ and Pyro
> support will be deprecated/dropped in CubicWeb 3.19:
> We were planning on using ZMQ to remotely update and access CubicWeb
> databases, in order to avoid HTTP limitations and the hassle of managing
> HTTPS sessions in scripts. Are ZMQ and Pyro to be entirely dropped? What
> should we be using instead of ZMQ?
The idea is to use a combination of the "signedrequest" and "rqlcontroller"
cubes (server-side) and request.py (client side) to perform authenticated
restful repo access.
Still, this is far from a drop-in replacement of pyro/zmpqpickle protocols.
For pyro, it's just a dead unsupported library (there exists a version 4
but version number indicates it is a new thing).
I still believe there should be some room for zmq-pickle in the very short
provided its users are aware of the following:
* the client is basically granted full access to the resources of the
user at host
running the server, which is a bit of a security concern ...
* the transport is insecure (anyone sniffing the traffic will grab
* there are obscure bugs and corner cases
* it needs to die (as currently done at least)
(that's basically what Pierre-Yves noted in the tickets).
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Cubicweb