1 |
On Mon, Feb 8, 2021 at 9:56 AM Alessandro Barbieri |
2 |
<lssndrbarbieri@×××××.com> wrote: |
3 |
> |
4 |
> Il Lun 8 Feb 2021, 12:19 Michał Górny <mgorny@g.o> ha scritto: |
5 |
>> |
6 |
>> Hi, |
7 |
>> |
8 |
>> FYI the developers of dev-python/cryptography decided that Rust is going |
9 |
>> to be mandatory for 1.5+ versions. It's unlikely that they're going to |
10 |
>> provide LTS support or security fixes for the old versions. |
11 |
>> |
12 |
>> Since cryptography is a very important package in the Python ecosystem, |
13 |
>> and it is an indirect dependency of Portage, this means that we will |
14 |
>> probably have to entirely drop support for architectures that are not |
15 |
>> supported by Rust. |
16 |
>> |
17 |
>> According to upstream platform support information [1], this probably |
18 |
>> means (eventually) entirely removing the following architectures: |
19 |
>> - alpha (stable) |
20 |
>> - hppa (stable) |
21 |
>> - ia64 (stable) |
22 |
>> - m68k (exp) |
23 |
>> - s390 (except for s390x, exp) |
24 |
>> |
25 |
>> Furthermore, the Gentoo Rust packages are missing support |
26 |
>> for the following platforms, apparently supported upstream: |
27 |
>> - mips (exp) |
28 |
>> - ppc (32) (stable) |
29 |
>> - sparc (stable) |
30 |
>> - s390x (exp) |
31 |
>> - riscv (stable) |
32 |
>> |
33 |
>> Apparently it's non-trivial to bootstrap Rust on these platforms, |
34 |
>> so it's unclear when Gentoo is going to start providing Rust on them. |
35 |
>> |
36 |
>> I've raised a protest on the cryptography bug tracker [2] but apparently |
37 |
>> upstream considers Rust's 'memory safety' more important than ability to |
38 |
>> actually use the package. |
39 |
>> |
40 |
>> Honestly, I don't think it likely that Rust will gain support for these |
41 |
>> platforms. This involves a lot of work, starting with writing a new |
42 |
>> LLVM backend and getting it accepted (getting new code into LLVM is very |
43 |
>> hard unless you're doing that on behalf one of the big companies). You |
44 |
>> can imagine how much effort that involves compared to rewriting the new |
45 |
>> code from Cryptography into C. |
46 |
>> |
47 |
>> If we can't convince upstream, I'm afraid we'll either have to drop |
48 |
>> these architectures entirely or fork Cryptography. |
49 |
>> |
50 |
>> |
51 |
>> [1] https://doc.rust-lang.org/nightly/rustc/platform-support.html |
52 |
>> [2] https://github.com/pyca/cryptography/issues/5771 |
53 |
>> |
54 |
>> -- |
55 |
>> Best regards, |
56 |
>> Michał Górny |
57 |
> |
58 |
> |
59 |
> Should we shed tears for those legacy architectures or move forward? Does anyone really use them in production? |
60 |
|
61 |
Many users don't use gentoo in 'production' so I'm not sure how that |
62 |
matters in our decision making. I'm not sure the trade off here |
63 |
(taking rust as a core dep) is reasonable and it looks like we can |
64 |
avoid it. |
65 |
|
66 |
-A |