Expose get_algorithm_by_name as new method #773

sirosen · 2022-06-29T16:03:35Z

Looking up an algorithm by name is used internally for signature generation. This encapsulates that functionality in a dedicated method and adds it to the public API. No new tests are needed to exercise the functionality.

Rationale:

Inside of PyJWS, this improves the code. The KeyError handler is better scoped and the signing code reads more directly.
This is part of the path to supporting OIDC at_hash validation as a use-case (see: Support computation and validation of OIDC at_hash value #295, Add support for the OIDC at_hash claim #296, Support exposure of hash algorithm digest to handle OIDC at_hash, potentially other spec extensions #314).

This is arguably sufficient to consider that use-case supported and close it. I believe there is more to do before closing that -- I would like to see Algorithm objects support a method for computing hash digests. However, it is an improvement and step in the right direction in either case.

A minor change was needed to satisfy mypy, as a union-typed variable does not narrow its type based on assignments. The easiest resolution is to use a new name, in this case, simply algorithm -> algorithm_.

Most of the change is in the first commit. In the second commit, I applied get_algorithm_by_name to _verify_signature as well.
All tests pass for me locally.

After this change, it becomes possible to do the following for handling the at_hash claim from OIDC (as a client, not a server):

# get data
data = jwt.decode_complete(...)
access_token = ...  # provided separately
payload, header = data["payload"], data["header"]

# get algo object
alg_name = header["alg"]
alg_obj = jwt.get_algorithm_by_name(alg_name)  # <-- new!

# compute at_hash
# works for the hashlib cases, needs more for cryptography cases
digest = alg_obj.hash_alg(access_token).digest()
at_hash = base64.urlsafe_b64encode(digest[:(len(digest) // 2)]).rstrip("=")

# validate / assert
assert at_hash == payload["at_hash"]

I'm open to discussion about the algorithm_ var for mypy. There are several solutions. I prefer this because it preserves the value of type-checking (vs a cast or type-ignore, which effectively disables checking), but it also increases the number of names in that scope, which can lead to confusion.

Looking up an algorithm by name is used internally for signature generation. This encapsulates that functionality in a dedicated method and adds it to the public API. No new tests are needed to exercise the functionality. Rationale: 1. Inside of PyJWS, this improves the code. The KeyError handler is better scoped and the signing code reads more directly. 2. This is part of the path to supporting OIDC at_hash validation as a use-case (see: jpadilla#295, jpadilla#296, jpadilla#314). This is arguably sufficient to consider that use-case supported and close it. However, it is an improvement and step in the right direction in either case. A minor change was needed to satisfy mypy, as a union-typed variable does not narrow its type based on assignments. The easiest resolution is to use a new name, in this case, simply `algorithm -> algorithm_`.

Rather than catching the KeyError from a dict lookup, catch the NotImplementedError raised by get_algorithm_by_name. This changes the exception seen in the cause under exception chaining but otherwise has no public-facing impact.

jpadilla

Seems like a great addition, thanks for the n+1!

jpadilla · 2022-06-29T22:17:54Z

jwt/api_jws.py

-        if algorithm is None:
-            algorithm = "none"
+        # declare a new var to narrow the type for type checkers
+        algorithm_: str = algorithm if algorithm is not None else "none"


no strong opinions about this 👍

@DaGuich

@DaGuich

4745: Update pyjwt requirement from ~=2.5.0 to ~=2.6.0 r=jenshnielsen a=dependabot[bot] Updates the requirements on [pyjwt](https://github.com/jpadilla/pyjwt) to permit the latest version. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p> <blockquote> <h2><code>v2.6.0 <https://github.com/jpadilla/pyjwt/compare/2.5.0...2.6.0></code>__</h2> <p>Changed</p> <pre><code> - bump up cryptography >= 3.4.0 by `@jpadilla` in `[#807](jpadilla/pyjwt#807) <https://github.com/jpadilla/pyjwt/pull/807>`_ - Remove `types-cryptography` from `crypto` extra by `@lautat` in `[#805](jpadilla/pyjwt#805) <https://github.com/jpadilla/pyjwt/pull/805>`_ <p>Fixed</p> <pre><code> - Invalidate token on the exact second the token expires `[#797](jpadilla/pyjwt#797) &lt;https://github.com/jpadilla/pyjwt/pull/797&gt;`_ - fix: version 2.5.0 heading typo by `@c0state` in `[#803](jpadilla/pyjwt#803) &lt;https://github.com/jpadilla/pyjwt/pull/803&gt;`_ Added </code></pre> <ul> <li>Adding validation for <code>issued_at</code> when <code>iat &gt; (now + leeway)</code> as <code>ImmatureSignatureError</code> by <a href="https://github.com/sriharan16"><code>`@sriharan16</code></a>` in <a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/pull/794">jpadilla/pyjwt#794</a></li> </ul> <h2><code>v2.5.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0&gt;</code>__</h2> <p>Changed </code></pre></p> <ul> <li>Skip keys with incompatible alg when loading JWKSet by <a href="https://github.com/DaGuich"><code>`@DaGuich</code></a>` in <code>[#762](jpadilla/pyjwt#762) <https://github.com/jpadilla/pyjwt/pull/762></code>__</li> <li>Remove support for python3.6 by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <code>[#777](jpadilla/pyjwt#777) <https://github.com/jpadilla/pyjwt/pull/777></code>__</li> <li>Emit a deprecation warning for unsupported kwargs by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <code>[#776](jpadilla/pyjwt#776) <https://github.com/jpadilla/pyjwt/pull/776></code>__</li> <li>Remove redundant wheel dep from pyproject.toml by <a href="https://github.com/mgorny"><code>`@mgorny</code></a>` in <code>[#765](jpadilla/pyjwt#765) <https://github.com/jpadilla/pyjwt/pull/765></code>__</li> <li>Do not fail when an unusable key occurs by <a href="https://github.com/DaGuich"><code>`@DaGuich</code></a>` in <code>[#762](jpadilla/pyjwt#762) <https://github.com/jpadilla/pyjwt/pull/762></code>__</li> <li>Update audience typing by <a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` in <code>[#782](jpadilla/pyjwt#782) <https://github.com/jpadilla/pyjwt/pull/782></code>__</li> <li>Improve PyJWKSet error accuracy by <a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` in <code>[#786](jpadilla/pyjwt#786) <https://github.com/jpadilla/pyjwt/pull/786></code>__</li> <li>Mypy as pre-commit check + api_jws typing by <a href="https://github.com/JulianMaurin"><code>`@JulianMaurin</code></a>` in <code>[#787](jpadilla/pyjwt#787) <https://github.com/jpadilla/pyjwt/pull/787></code>__</li> </ul> <p>Fixed</p> <pre><code> - Adjust expected exceptions in option merging tests for PyPy3 by `@mgorny` in `[#763](jpadilla/pyjwt#763) <https://github.com/jpadilla/pyjwt/pull/763>`__ - Fixes for pyright on strict mode by `@brandon-leapyear` in `[#747](jpadilla/pyjwt#747) <https://github.com/jpadilla/pyjwt/pull/747>`__ - docs: fix simple typo, iinstance -> isinstance by `@timgates42` in `[#774](jpadilla/pyjwt#774) <https://github.com/jpadilla/pyjwt/pull/774>`__ - Fix typo: priot -> prior by `@jdufresne` in `[#780](jpadilla/pyjwt#780) <https://github.com/jpadilla/pyjwt/pull/780>`__ - Fix for headers disorder issue by `@kadabusha` in `[#721](jpadilla/pyjwt#721) <https://github.com/jpadilla/pyjwt/pull/721>`__ <p>Added </code></pre></p> <ul> <li>Add to_jwk static method to ECAlgorithm by <a href="https://github.com/leonsmith"><code>`@leonsmith</code></a>` in <code>[#732](jpadilla/pyjwt#732) <https://github.com/jpadilla/pyjwt/pull/732></code>__</li> <li>Expose get_algorithm_by_name as new method by <a href="https://github.com/sirosen"><code>`@sirosen</code></a>` in <code>[#773](jpadilla/pyjwt#773) <https://github.com/jpadilla/pyjwt/pull/773></code>__</li> <li>Add type hints to jwt/help.py and add missing types dependency by <a href="https://github.com/kkirsche"><code>`@kkirsche</code></a>` in <code>[#784](jpadilla/pyjwt#784) <https://github.com/jpadilla/pyjwt/pull/784></code>__</li> <li>Add cacheing functionality for JWK set by <a href="https://github.com/wuhaoyujerry"><code>`@wuhaoyujerry</code></a>` in <code>[#781](jpadilla/pyjwt#781) <https://github.com/jpadilla/pyjwt/pull/781></code>__</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/jpadilla/pyjwt/commits">compare view</a></li> </ul> </details> <br /> You can trigger a rebase of this PR by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 4746: Update pandas requirement from ~=1.5.0 to ~=1.5.1 r=jenshnielsen a=dependabot[bot] Updates the requirements on [pandas](https://github.com/pandas-dev/pandas) to permit the latest version. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pandas-dev/pandas/releases">pandas's releases</a>.</em></p> <blockquote> <h2>Pandas 1.5.1</h2> <p>This is a patch release in the 1.5.x series and includes some regression and bug fixes. We recommend that all users upgrade to this version.</p> <p>See the <a href="https://pandas.pydata.org/pandas-docs/version/1.5.1/whatsnew/v1.5.1.html">full whatsnew</a> for a list of all the changes.</p> <p>The release will be available on the defaults and conda-forge channels:</p> <pre><code>conda install pandas </code></pre> <p>Or via PyPI:</p> <pre><code>python3 -m pip install --upgrade pandas </code></pre> <p>Please report any issues with the release on the <a href="https://github.com/pandas-dev/pandas/issues">pandas issue tracker</a>.</p> <p>Thanks to all the contributors who made this release possible.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pandas-dev/pandas/commit/91111fd99898d9dcaa6bf6bedb662db4108da6e6"><code>91111fd</code></a> RLS: 1.5.1</li> <li><a href="https://github.com/pandas-dev/pandas/commit/72863856504a4e906fc603f9e4624f251b614828"><code>7286385</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49162">#49162</a> on branch 1.5.x (PERF: Fix performance regression for isin...</li> <li><a href="https://github.com/pandas-dev/pandas/commit/8429c50a279ba953514d1ca4d4a2bcef5e23ecc9"><code>8429c50</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49140">#49140</a> on branch 1.5.x (Revert "PERF: faster corrwith method for ...</li> <li><a href="https://github.com/pandas-dev/pandas/commit/5b036c1c35890c44531f796f5dca92796276b2b5"><code>5b036c1</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49137">#49137</a> on branch 1.5.x (WEB/DOC: Fix typo in OVH name) (<a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49138">#49138</a>)</li> <li><a href="https://github.com/pandas-dev/pandas/commit/ea971acb948d16e284a38292cd615a5eb7c055ab"><code>ea971ac</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/48770">#48770</a> on branch 1.5.x (added sytle in stylesheet for <blockquote...</li> <li><a href="https://github.com/pandas-dev/pandas/commit/27717a20061aaedda0d3e5de8461835e952c49f3"><code>27717a2</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49080">#49080</a> on branch 1.5.x (REGR: midx.values resetting freq of under...</li> <li><a href="https://github.com/pandas-dev/pandas/commit/c58f2057b8c8a7fa79654c45a83c963c013a3aa3"><code>c58f205</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/48457">#48457</a> on branch 1.5.x (TST: Fix unsigned pyarrow types in SIGNED...</li> <li><a href="https://github.com/pandas-dev/pandas/commit/072402b58cbd87c2106413a37213c0b6020e34b1"><code>072402b</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49053">#49053</a> on branch 1.5.x (REVERT caching in find_stack_level) (<a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49079">#49079</a>)</li> <li><a href="https://github.com/pandas-dev/pandas/commit/f9eebaf9de23aa9c5debdd86524615b22c23025f"><code>f9eebaf</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49072">#49072</a> on branch 1.5.x (BUG: redirect from meeting to community w...</li> <li><a href="https://github.com/pandas-dev/pandas/commit/b8d2f461767e1e2124a08c17be69bf0f847c882e"><code>b8d2f46</code></a> Backport PR <a href="https://github-redirect.dependabot.com/pandas-dev/pandas/issues/49070">#49070</a> on branch 1.5.x (CI: Fix DeprecationWarning of numpy dev) ...</li> <li>Additional commits viewable in <a href="https://github.com/pandas-dev/pandas/compare/v1.5.0...v1.5.1">compare view</a></li> </ul> </details> <br /> You can trigger a rebase of this PR by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 4748: Bump scipy from 1.9.2 to 1.9.3 r=jenshnielsen a=dependabot[bot] Bumps [scipy](https://github.com/scipy/scipy) from 1.9.2 to 1.9.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/scipy/scipy/releases">scipy's releases</a>.</em></p> <blockquote> <h1>SciPy 1.9.3 Release Notes</h1> <p>SciPy <code>1.9.3</code> is a bug-fix release with no new features compared to <code>1.9.2</code>.</p> <h1>Authors</h1> <ul> <li>Jelle Aalbers (1)</li> <li>Peter Bell (1)</li> <li>Jake Bowhay (3)</li> <li>Matthew Brett (3)</li> <li>Evgeni Burovski (5)</li> <li>drpeteb (1) +</li> <li>Sebastian Ehlert (1) +</li> <li>GavinZhang (1) +</li> <li>Ralf Gommers (2)</li> <li>Matt Haberland (15)</li> <li>Lakshaya Inani (1) +</li> <li>Joseph T. Iosue (1)</li> <li>Nathan Jacobi (1) +</li> <li>jmkuebler (1) +</li> <li>Nikita Karetnikov (1) +</li> <li>Lechnio (1) +</li> <li>Nicholas McKibben (1)</li> <li>Andrew Nelson (1)</li> <li>o-alexandre-felipe (1) +</li> <li>Tirth Patel (1)</li> <li>Tyler Reddy (51)</li> <li>Martin Reinecke (1)</li> <li>Marie Roald (1) +</li> <li>Pamphile Roy (2)</li> <li>Eli Schwartz (1)</li> <li>serge-sans-paille (1)</li> <li>ehsan shirvanian (1) +</li> <li>Mamoru TASAKA (1) +</li> <li>Samuel Wallan (1)</li> <li>Warren Weckesser (7)</li> <li>Gavin Zhang (1) +</li> </ul> <p>A total of 31 people contributed to this release. People with a "+" by their names contributed a patch for the first time. This list of names is automatically generated, and may not be fully complete.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/scipy/scipy/commit/de80faf9d3480b9dbb9b888568b64499e0e70c19"><code>de80faf</code></a> REL: set 1.9.3 released [wheel build]</li> <li><a href="https://github.com/scipy/scipy/commit/25e6b901077646cbdaf0a022ff63d55b2c40b114"><code>25e6b90</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/scipy/scipy/issues/17239">#17239</a> from tylerjereddy/treddy_backport_193</li> <li><a href="https://github.com/scipy/scipy/commit/ba33e438f948d5e147755aff0e63f6a01f5bc676"><code>ba33e43</code></a> DOC: update 1.9.3 relnotes</li> <li><a href="https://github.com/scipy/scipy/commit/92d892efaf689c1be970370cd9b33678482fb1fd"><code>92d892e</code></a> MAINT: Handle numpy's deprecation of accepting out-of-bound integers.</li> <li><a href="https://github.com/scipy/scipy/commit/ba5f6daa1d855f43f9f0d19f51386285b2835ce8"><code>ba5f6da</code></a> MAINT: PR 17239 revisions</li> <li><a href="https://github.com/scipy/scipy/commit/381089e753b42c26faf3fb689fc82f7a5c34c422"><code>381089e</code></a> DOC: update 1.9.3 relnotes</li> <li><a href="https://github.com/scipy/scipy/commit/2db3440cfd768009847fb355f3da53fc8c562ea3"><code>2db3440</code></a> BLD: fix invalid shebang for build helper script</li> <li><a href="https://github.com/scipy/scipy/commit/a9a6582a38e23f178ddaed874d1bc65de3313cb2"><code>a9a6582</code></a> DOC: stats.mode: add versionadded tag and correct order of keepdims descripti...</li> <li><a href="https://github.com/scipy/scipy/commit/f4738889bd34d294cfcbd4aaed8c914fe961a0fd"><code>f473888</code></a> BLD: fix issue with incomplete threads dependency handling (<a href="https://github-redirect.dependabot.com/scipy/scipy/issues/17200">#17200</a>)</li> <li><a href="https://github.com/scipy/scipy/commit/5370f15752eef1f62773236704d6339fa4d4e99c"><code>5370f15</code></a> MAINT: update meson.build to make it work on IBM i system (<a href="https://github-redirect.dependabot.com/scipy/scipy/issues/17193">#17193</a>)</li> <li>Additional commits viewable in <a href="https://github.com/scipy/scipy/compare/v1.9.2...v1.9.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=scipy&package-manager=pip&previous-version=1.9.2&new-version=1.9.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

jrobbins-LiveData · 2023-10-07T11:15:06Z

Is there some documentation available on jwt.get_algorithm_by_name() and its alg_obj.compute_hash_digest()?

sirosen · 2023-10-09T11:18:26Z

I did a doc PR back when this merged which added this:
https://pyjwt.readthedocs.io/en/stable/usage.html#oidc-login-flow

Probably a nice starting point. There should also be reference doc.
EDIT: Search that last bit. I just looked at the site and see that there are gaps in the reference docs. But these methods have docstrings, so whenever that gets fixed they should be picked up.

jrobbins-LiveData · 2023-10-09T18:52:24Z

That oidc-login-flow is excellent -- thank you!

Not really on this topic (sorry), but in making a pytest unit test, I seem to have hit a snag wherein moto doesn't seem to mock urllib.request.urlopen. It does mock requests. So when PyJWKClient.fetch_data calls urllib.request.urlopen for jwks.json in a test, the call fails. This of course sounds like a moto problem, but, any chance that pyjwt could use requests instead of urllib?

sirosen added 2 commits June 29, 2022 15:20

Use get_algorithm_by_name in _verify_signature

e612fbd

Rather than catching the KeyError from a dict lookup, catch the NotImplementedError raised by get_algorithm_by_name. This changes the exception seen in the cause under exception chaining but otherwise has no public-facing impact.

auvipy requested review from jpadilla and auvipy June 29, 2022 17:02

jpadilla approved these changes Jun 29, 2022

View reviewed changes

sirosen mentioned this pull request Jun 29, 2022

Use a single JWT library python-social-auth/social-core#503

Closed

jpadilla merged commit 2dab210 into jpadilla:master Jul 3, 2022

sirosen deleted the expose-alg-by-name branch July 3, 2022 15:22

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Expose get_algorithm_by_name as new method #773

Expose get_algorithm_by_name as new method #773

sirosen commented Jun 29, 2022

jpadilla left a comment

jpadilla Jun 29, 2022

jrobbins-LiveData commented Oct 7, 2023

sirosen commented Oct 9, 2023 •

edited

Loading

jrobbins-LiveData commented Oct 9, 2023 •

edited

Loading

Expose get_algorithm_by_name as new method #773

Expose get_algorithm_by_name as new method #773

Conversation

sirosen commented Jun 29, 2022

jpadilla left a comment

Choose a reason for hiding this comment

jpadilla Jun 29, 2022

Choose a reason for hiding this comment

jrobbins-LiveData commented Oct 7, 2023

sirosen commented Oct 9, 2023 • edited Loading

jrobbins-LiveData commented Oct 9, 2023 • edited Loading

sirosen commented Oct 9, 2023 •

edited

Loading

jrobbins-LiveData commented Oct 9, 2023 •

edited

Loading