From nobody Mon Aug 19 12:33:36 2024 X-Original-To: ports@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WnX8R1qbNz5Sxjh for ; Mon, 19 Aug 2024 12:33:59 +0000 (UTC) (envelope-from cross+freebsd@relay.distal.com) Received: from relay.wiredblade.com (relay.wiredblade.com [168.235.105.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4WnX8Q5Md2z4dhZ for ; Mon, 19 Aug 2024 12:33:58 +0000 (UTC) (envelope-from cross+freebsd@relay.distal.com) Authentication-Results: mx1.freebsd.org; none dkim-signature: v=1; a=rsa-sha256; d=relay.distal.com; s=mail; c=relaxed/relaxed; q=dns/txt; h=From:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type:Content-Transfer-Encoding:In-Reply-To:References; bh=zwKCTzGN8XE3+wpJ2VoGRdDCact6bDOzJDkMdGbIciY=; b=a5uSQxJxs0Cv1Qpbd3I6lHgOCncJEG1iRuSoUJusUiZp2W517qVvRlePWRk+Wp1MJ5EwAYIzLHYNVTbYoI2NItOLP6Ze4Wy24DLURTgL6EeEdWwkNtfXc/ekGA5ZyHH7aWLT25OBGlFTsOuOvi5wJ5trY7kkgaksALx8J3LIbSkR2JBvbJyTW7mZ2Vtmh5o0ifYOZXllOenw605x4OWhM67OyjzzWpXL/TY0e6pdyJogb4tz/W/8jmaKAI G6K4vG98+hF5SumUKDhSMcvOe4xFSFANwpjesNYB9cDTRc7xDrirDUuGYcDKx/wHcwC4opimEqTNki1hVXuxSvTuiewA== Received: from mail.distal.com (pool-108-56-255-20.washdc.fios.verizon.net [108.56.255.20]) by relay.wiredblade.com with ESMTPSA (version=TLSv1.2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256) ; Mon, 19 Aug 2024 12:33:51 +0000 Received: from smtpclient.apple ( [2001:420:c0c4:1004::f4]) by tristain.distal.com (OpenSMTPD) with ESMTPSA id 603daaa5 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Mon, 19 Aug 2024 08:33:49 -0400 (EDT) Content-Type: text/plain; charset=utf-8 List-Id: Porting software to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-ports List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-ports@freebsd.org Sender: owner-freebsd-ports@FreeBSD.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3776.700.51\)) Subject: Re: Quarterly 13.3 amd64 package inconsistency? From: Chris Ross In-Reply-To: Date: Mon, 19 Aug 2024 08:33:36 -0400 Cc: ports@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: <4F2AAB39-2516-4626-B9E9-F367218A9636@distal.com> References: <2B3303CA-47D2-4D37-93AC-86E64972F8A1@distal.com> To: "Edward Sanford Sutton, III" X-Mailer: Apple Mail (2.3776.700.51) X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; TAGGED_FROM(0.00)[freebsd]; ASN(0.00)[asn:3842, ipnet:168.235.104.0/22, country:US] X-Rspamd-Queue-Id: 4WnX8Q5Md2z4dhZ > On Aug 18, 2024, at 16:55, Edward Sanford Sutton, III = wrote: >=20 > On 8/18/24 13:19, Chris Ross wrote: >> I=E2=80=99m installing deluge-cli with pkg, and I am (as default I = think) pointed to >> quarterly packages from FreeBSD. However, deluge-cli needs = py311-openssl, >> which gets me py311-openssl-23.2.0. pyopenssl needs py-cryptography, = and >> when I ask pkg for py311-cryptography it gets me = py311-cryptography-42.0.8_1. >> Pyopenssl 23.2 (and 23.3) require cryptography <42. So, the above = doesn=E2=80=99t work. >=20 > Just to clarify, you just tried to install deluge-cli and pkg did the = right thing gathering all these dependencies at once instead of you = manually requesting each? Probably? I was actually in the midst of replacing python39 with = python311, so I was reinstalling subsets of the 197 packages that were uninstalled. I did it in lots of phases. But, the same set of packages would have = been brought into a new install of deluge-cli. I just don=E2=80=99t remember = for certain if these came in before or after I asked to [re]install = deluge-cli. > = https://cgit.freebsd.org/ports/commit/security/py-cryptography/Makefile?h=3D= 2024Q3&id=3Df02bbcb4046ca0f792a091c4b29e35a4584b6545 shows when it was = upgraded to 42 on quarterly (and has had several version bumps since). >=20 > If building/running py-openssl-23 with the newer py-cryptography-42 = fails, then py-openssl either should be patched to work, upgraded to = work, or marked broken if it is in a completely unusable state or builds = fail. Downgrading "could" be an option, but I'm not sure how they would = want to go about that; requires a ,# version bump for quarterly and = latest or a falsely labeled version. If this issue is happening, then = the two maintainers + a committer should be in the loop. >=20 > As I haven't found anything in = https://portsfallout.com/fallout?port=3D&maintainer=3D&env=3D133amd64-quar= terly&category=3D&flavor=3Dpy311 I presume it is not a failing build = issue. Do you have logs or output of what is failing? Yes. I would expect that downgrading py-cryptography might be best, but upgrading py-openssl would also work. And you=E2=80=99re right there = isn=E2=80=99t a build problem, but trying to run deluge produces: --- 8< =E2=80=94-- 8<- --- 8< --- 8< --- Starting deluged. Traceback (most recent call last): File = "/usr/local/lib/python3.11/site-packages/pkg_resources/__init__.py", = line 581, in _build_master ws.require(__requires__) [...] File = "/usr/local/lib/python3.11/site-packages/pkg_resources/__init__.py", = line 596, in _build_from_requirements dists =3D ws.resolve(reqs, Environment()) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File = "/usr/local/lib/python3.11/site-packages/pkg_resources/__init__.py", = line 795, in resolve raise DistributionNotFound(req, requirers) pkg_resources.DistributionNotFound: The = 'cryptography!=3D40.0.0,!=3D40.0.1,<42,>=3D38. 0.0' distribution was not found and is required by pyopenssl /usr/local/etc/rc.d/deluged: WARNING: failed to start deluged --- 8< =E2=80=94-- 8<- --- 8< --- 8< --- Inspecting the tree at = https://github.com/pyca/pyopenssl/blob/23.3.0/setup.py (tag 23.3.0) shows: install_requires=3D[ "cryptography>=3D41.0.5,<42", ], and at tag 24.0.0 shows install_requires=3D[ "cryptography>=3D41.0.5,<43", ], Maybe that is a miss in the build/pkg crosschecking of requirements? It seems like python packages setup.py would be accounted. (Note also that pyopenssl 23.2.0 retained <41 support, but that went away by 23.3.0.) > 13.3 and 13.4 don't use different ports trees for packaging; [.] Thanks for the information. So it=E2=80=99s just that the packages I = was seeing built for 13.4 quarterly were built more recently I guess. > I haven't tested that software nor confirmed version dependencies. The = ports tree shows the versions in the trees as mentioned but does not = have a version requirement checked for dependencies. Dependency info referenced above. Is there perhaps an issue with the py-openssl port then? - Chris=