security/py-pycryptodome: Soft dependency on devel/py-cffi

John W. O'Brien john at saltant.com
Tue Jul 28 02:29:52 UTC 2020 

On 2020/07/27 22:08, Kubilay Kocak wrote:
> On 28/07/2020 5:43 am, John W. O'Brien wrote:
>> Greetings FreeBSD Python,
>>
>> I have been mulling over a thing and would like the list's perspective
>> before I decide whether to take action or not.
>>
>> security/py-pycryptodome will use devel/py-cffi if it is available [0]
>> or ctypes otherwise [1]. This makes me just a little bit uneasy since it
>> leaves the door open to certain Heisenbugs and red herrings. My question
>> is whether it warrants adding devel/py-cffi to RUN_DEPENDS to ensure
>> consistency behavior? If not, what about as an OPTION for those who care
>> about that sort of thing?
>>
>> [0]
>> https://github.com/Legrandin/pycryptodome/blob/v3.9.8/lib/Crypto/Util/_raw_api.py#L71-L161
>>
>> [1]
>> https://github.com/Legrandin/pycryptodome/blob/v3.9.8/lib/Crypto/Util/_raw_api.py#L163-L263
>>
>> [2] https://en.wikipedia.org/wiki/Heisenbug
>>
> 
> The Python Policy section on optional dependencies should cover this:
> 
> https://wiki.freebsd.org/Python/PortsPolicy#Optional_Dependencies
> 
> tldr;
> 
> For either at build or run-time optional dependencies (where the pattern
> is, check if dep exists, use some code path if true, else use another
> code path), add OPTIONS for them.

OK, so something like this?

OPTIONS_DEFINE=CFFI
OPTIONS_DEFAULT=CFFI

CFFI_DESC=Use devel/py-cffi for low-level API instead of ctypes
CFFI_RUN_DEPENDS=${PYTHON_PKGNAMEPREFIX}cffi>=0:devel/py-cffi@${PY_FLAVOR}

> Re heisenbugs/etc, this is where support for running test suites in the
> port are critical, let us know in #freebsd-python on freenode IRC if you
> need help getting these hooked up

I've been looking forward to the day when [3] lands. Is there some other
way to run the test target in a poudriere build?

Of course, running test suites in the build environment wouldn't uncover
bugs that are triggered by something that just happens to show up in the
runtime environment. Enabling the OPTIONal things by default would
clearly help.

[3] https://github.com/freebsd/poudriere/pull/355

-- 
John W. O'Brien
OpenPGP keys:
    0x33C4D64B895DBF3B

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 618 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-python/attachments/20200727/4776ef54/attachment.sig>

More information about the freebsd-python mailing list