From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 734E51382C5 for ; Mon, 8 Feb 2021 18:34:26 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A8352E0957; Mon, 8 Feb 2021 18:34:23 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 6D68BE0946 for ; Mon, 8 Feb 2021 18:34:23 +0000 (UTC) Message-ID: Subject: Re: [gentoo-dev] dev-python/cryptography to use rust, effectively killing alpha, hppa, ia64, m68k, s390 From: =?UTF-8?Q?Micha=C5=82_G=C3=B3rny?= To: gentoo-dev@lists.gentoo.org Date: Mon, 08 Feb 2021 19:34:17 +0100 In-Reply-To: <2f0d2b51-12be-d452-8fe8-45f300e93db8@gentoo.org> References: <2f0d2b51-12be-d452-8fe8-45f300e93db8@gentoo.org> Organization: Gentoo Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.38.3 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Archives-Salt: 719d2231-039e-467e-8246-ff565220a66e X-Archives-Hash: 9a1ef4c526c0fb7c55495fe69eef93ad On Mon, 2021-02-08 at 12:53 -0500, Brian Evans wrote: > On 2/8/2021 6:19 AM, Michał Górny wrote: > > Hi, > > > > FYI the developers of dev-python/cryptography decided that Rust is going > > to be mandatory for 1.5+ versions. It's unlikely that they're going to > > provide LTS support or security fixes for the old versions. > > > > Since cryptography is a very important package in the Python ecosystem, > > and it is an indirect dependency of Portage, this means that we will > > probably have to entirely drop support for architectures that are not > > supported by Rust. > > > > For the portage indirect dependency, can it be swapped for pycurl? > > AFAICT, it is just used to pull GPG sigs in gemato via dev-python/requests. I'll probably switch it to built-in urllib.request. The py3 versions should be good enough (previously urllib3 had better TLS support than old urllib AFAIR). -- Best regards, Michał Górny