emails/packages/dkim/ contains a vendored fork of dkimpy. This creates several issues:
- Performance: the private key is re-parsed on every
sign() call, which is suboptimal for bulk sending (see TODO in signers.py:45)
- Maintenance: the fork doesn't receive upstream updates or security fixes
- Type safety: the entire
emails/packages/dkim/ directory is excluded from mypy checking
Consider replacing the vendored copy with a dependency on the dkimpy package (or making it an optional dependency like pip install emails[dkim]).
emails/packages/dkim/contains a vendored fork of dkimpy. This creates several issues:sign()call, which is suboptimal for bulk sending (see TODO insigners.py:45)emails/packages/dkim/directory is excluded from mypy checkingConsider replacing the vendored copy with a dependency on the
dkimpypackage (or making it an optional dependency likepip install emails[dkim]).