Re: git: f5711e95bcd1 - main - security/py-cryptography: Update to 38.0.1
Date: Sun, 09 Oct 2022 21:04:44 UTC
Yasuhiro Kimura wrote:
> Subject: git: f5711e95bcd1 - main - security/py-cryptography: Update to 38.0.1
> Date: Sun, 9 Oct 2022 15:40:07 GMT
>
>> The branch main has been updated by sunpoet:
>>
>> URL: https://cgit.FreeBSD.org/ports/commit/?id=f5711e95bcd17b154bdd697cb3f1650a788fdf3c
>>
>> commit f5711e95bcd17b154bdd697cb3f1650a788fdf3c
>> Author: Po-Chuan Hsieh <sunpoet@FreeBSD.org>
>> AuthorDate: 2022-10-09 15:32:23 +0000
>> Commit: Po-Chuan Hsieh <sunpoet@FreeBSD.org>
>> CommitDate: 2022-10-09 15:37:58 +0000
>>
>> security/py-cryptography: Update to 38.0.1
>>
>> Changes: https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst
>> https://cryptography.io/en/latest/changelog/
>
> This results in runtime error of certbot as following.
>
> yasu@rolling-vm-freebsd2[1087]% certbot help
> Traceback (most recent call last):
> File "/usr/local/bin/certbot", line 33, in <module>
> sys.exit(load_entry_point('certbot==1.31.0', 'console_scripts', 'certbot')())
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> File "/usr/local/bin/certbot", line 25, in importlib_load_entry_point
> return next(matches).load()
> ^^^^^^^^^^^^^^^^^^^^
> File "/usr/local/lib/python3.11/importlib/metadata/__init__.py", line 198, in load
> module = import_module(match.group('module'))
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> File "/usr/local/lib/python3.11/importlib/__init__.py", line 126, in import_module
> return _bootstrap._gcd_import(name[level:], package, level)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> File "<frozen importlib._bootstrap>", line 1206, in _gcd_import
> File "<frozen importlib._bootstrap>", line 1178, in _find_and_load
> File "<frozen importlib._bootstrap>", line 1149, in _find_and_load_unlocked
> File "<frozen importlib._bootstrap>", line 690, in _load_unlocked
> File "<frozen importlib._bootstrap_external>", line 940, in exec_module
> File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
> File "/usr/local/lib/python3.11/site-packages/certbot/main.py", line 6, in <module>
> from certbot._internal import main as internal_main
> File "/usr/local/lib/python3.11/site-packages/certbot/_internal/main.py", line 19, in <module>
> import josepy as jose
> File "/usr/local/lib/python3.11/site-packages/josepy/__init__.py", line 40, in <module>
> from josepy.json_util import (
> File "/usr/local/lib/python3.11/site-packages/josepy/json_util.py", line 14, in <module>
> from OpenSSL import crypto
> File "/usr/local/lib/python3.11/site-packages/OpenSSL/__init__.py", line 8, in <module>
> from OpenSSL import crypto, SSL
> File "/usr/local/lib/python3.11/site-packages/OpenSSL/crypto.py", line 14, in <module>
> from cryptography import utils, x509
> File "/usr/local/lib/python3.11/site-packages/cryptography/x509/__init__.py", line 6, in <module>
> from cryptography.x509 import certificate_transparency
> File "/usr/local/lib/python3.11/site-packages/cryptography/x509/certificate_transparency.py", line 10, in <module>
> from cryptography.hazmat.bindings._rust import x509 as rust_x509
> ImportError: cannot import name 'x509' from 'cryptography.hazmat.bindings._rust' (unknown location)
> yasu@rolling-vm-freebsd2[1088]%
>
Because having the Rust bits available is not optional after 3.4, ie
required in 35 and later.
The proper solution is having the oxidised version (35 and later) as a
separate port and this one remaining on 3.4 with backports as needed,
with selectable DEFAULT_VERSIONS, similar to graphics/librsvg2{,-rust},
especially to appease those who have to build in QEMU_EMULATING
(including some of our own official package builders), since Rust itself
won't build there like that. Otherwise say goodbye to many many Python
packages and consumers built in QEMU_EMULATING.
--
Charlie Li
…nope, still don't have an exit line.