From nobody Fri Oct 14 09:59:08 2022 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MphgM4n4qz4g4WJ; Fri, 14 Oct 2022 09:59:11 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4MphgM3rTSz3m0b; Fri, 14 Oct 2022 09:59:11 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1665741551; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rLLTsWgS1U44lgVUxQs/qZmJZqSn/cTqKAJNuegKYCE=; b=KyJA51sO6aLDHL1RFGhxQABG8AsAo8OHvEKaxlN3Db4FwtjRq4cgtuQKjPzYiZW+YeOl8G dG6pWe6k69X45jm6XxrUqWojICGfUa+ss2yMqPgEmPNGJF2yDOhcZBCdKc17SqmaTKSxNS 2+rv49XJzM94uibhR/QOeOlHG42r9Ua+aBJ58taVBrW6OYkkwAV5rrh9K+JzyjsECOSyjb EPXBD9bZ+7B8TiHqhPlrVahN5sLCXRlLNM+chdyljH07bJun84+Qq6n61bCily9dPpP7Tk Rv2sRzTJ3m9OL3lLuJbFkhdjpeUIdVPLWSDiwEfk3Uq+uyraMn6RY6l2dnJKBQ== Received: from [172.24.42.13] (host-79-47-131-203.retail.telecomitalia.it [79.47.131.203]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: madpilot/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4MphgL4T2Zz1CxC; Fri, 14 Oct 2022 09:59:10 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) Message-ID: Date: Fri, 14 Oct 2022 11:59:08 +0200 List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:102.0) Gecko/20100101 Thunderbird/102.3.3 To: Charlie Li , Yasuhiro Kimura , sunpoet@FreeBSD.org Cc: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org References: <202210091540.299Fe7pQ046030@gitrepo.freebsd.org> <20221010.054751.1306020049286346202.yasu@FreeBSD.org> Content-Language: en-US From: Guido Falsi Subject: Re: git: f5711e95bcd1 - main - security/py-cryptography: Update to 38.0.1 In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1665741551; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rLLTsWgS1U44lgVUxQs/qZmJZqSn/cTqKAJNuegKYCE=; b=TI+YfTS0haoVNcq0m4EF/mQhwnL4KAuV3Ub+1ch6lUIhNrkd+zq6uoTfYZM8O2s0aRC2C1 J5R1y8d8wvmj+28QhRnNnSaYzz1ZD2q/W/+rtjYHpN84UM7t6dRTmFg85gL5LutrgxYkvH mZ2YHv2dN7m9GMrQufDC4QSFzUkG+dHLlFvHyFZJutJXplBXlQE0KC0nIPXan+Fh/t/ILx Sn2ewkP+mpKXYwob7wAtlMsVzTX2d+z4FtAB63crqr4TmaZUG6GkdlNXZ0GAu2BtLwHsbH /7UASRacXq0ZdsVLcU8Zh2Gq98NunnjHkqoG1hOPSbgnvELjDKsZ3/lZG6OJmg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1665741551; a=rsa-sha256; cv=none; b=AwTZKpgE2Jqb4bidbfNz6IvCFIiptfecbZuJIcdr/p8oElRNrLE8SIppSXfwqhfxFGAXh+ ekzMUxWC+2odILEUWDbhDQgwqzeMdP2O6KWALLkZCW4EvIMqlQQCRey2RsGDBQq2SRVnl4 ZDnGp5mqsOpuL2FzG9pctNGk4iKJCoAu6TNKYvhYRx8qmyN9Cs8KfJZL97362YJ/pUZIIA id8jVF/rBFB0I6lilic5tQFY1QhdoKFlBxode8jtabKwZf519Zf+a0Weudf4pIJ71txqh5 OkxLbZWBqg2CYCzXuXDwFJTpBNM9mYWKqjAEDpu9brKMYZVSUcCSQKmQpBcBdA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N On 09/10/22 23:04, Charlie Li wrote: > Yasuhiro Kimura wrote: >> Subject: git: f5711e95bcd1 - main - security/py-cryptography: Update >> to 38.0.1 >> Date: Sun, 9 Oct 2022 15:40:07 GMT >> >>> The branch main has been updated by sunpoet: >>> >>> URL: >>> https://cgit.FreeBSD.org/ports/commit/?id=f5711e95bcd17b154bdd697cb3f1650a788fdf3c >>> >>> commit f5711e95bcd17b154bdd697cb3f1650a788fdf3c >>> Author:     Po-Chuan Hsieh >>> AuthorDate: 2022-10-09 15:32:23 +0000 >>> Commit:     Po-Chuan Hsieh >>> CommitDate: 2022-10-09 15:37:58 +0000 >>> >>>      security/py-cryptography: Update to 38.0.1 [...] >> > Because having the Rust bits available is not optional after 3.4, ie > required in 35 and later. > > The proper solution is having the oxidised version (35 and later) as a > separate port and this one remaining on 3.4 with backports as needed, > with selectable DEFAULT_VERSIONS, similar to graphics/librsvg2{,-rust}, > especially to appease those who have to build in QEMU_EMULATING > (including some of our own official package builders), since Rust itself > won't build there like that. Otherwise say goodbye to many many Python > packages and consumers built in QEMU_EMULATING. > Anyway something should be done about this. A lot of things are broken at runtime. py-certbot, ansible, also awscli (this one requires a further update to py-openssl to actually work), others I can't remember right now or I've not heard about still. There is a bug report with a patch making this port correctly compile the rust bits and work as expected: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254853 The issue and some fallout is being extensively discussed in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266937 The fastest path to make things work for most users would be to just enable rust parts right away in the port as is, using the patch from bug #254853 I understand there are further needs due to the limited(or lack thereof) support from rust for many architectures, so I have no objections to giving an escape hatch, but the default should be to follow the latest version. I'm in no real hurry and do not press for a fast solution, but it would be a good thing for all the consumers to know if the maintainer is working on this, and what solution he's going to pursue. knowing that, we all know doing things takes time, which is a scarce resource, so having to wait some for the execution would be no issue at all. -- Guido Falsi