1 |
On Mon, 2021-02-08 at 12:53 -0500, Brian Evans wrote: |
2 |
> On 2/8/2021 6:19 AM, Michał Górny wrote: |
3 |
> > Hi, |
4 |
> > |
5 |
> > FYI the developers of dev-python/cryptography decided that Rust is going |
6 |
> > to be mandatory for 1.5+ versions. It's unlikely that they're going to |
7 |
> > provide LTS support or security fixes for the old versions. |
8 |
> > |
9 |
> > Since cryptography is a very important package in the Python ecosystem, |
10 |
> > and it is an indirect dependency of Portage, this means that we will |
11 |
> > probably have to entirely drop support for architectures that are not |
12 |
> > supported by Rust. |
13 |
> > |
14 |
> |
15 |
> For the portage indirect dependency, can it be swapped for pycurl? |
16 |
> |
17 |
> AFAICT, it is just used to pull GPG sigs in gemato via dev-python/requests. |
18 |
|
19 |
I'll probably switch it to built-in urllib.request. The py3 versions |
20 |
should be good enough (previously urllib3 had better TLS support than |
21 |
old urllib AFAIR). |
22 |
|
23 |
-- |
24 |
Best regards, |
25 |
Michał Górny |