| 1 |
On Mon, 2021-02-08 at 12:53 -0500, Brian Evans wrote: |
| 2 |
> On 2/8/2021 6:19 AM, Michał Górny wrote: |
| 3 |
> > Hi, |
| 4 |
> > |
| 5 |
> > FYI the developers of dev-python/cryptography decided that Rust is going |
| 6 |
> > to be mandatory for 1.5+ versions. It's unlikely that they're going to |
| 7 |
> > provide LTS support or security fixes for the old versions. |
| 8 |
> > |
| 9 |
> > Since cryptography is a very important package in the Python ecosystem, |
| 10 |
> > and it is an indirect dependency of Portage, this means that we will |
| 11 |
> > probably have to entirely drop support for architectures that are not |
| 12 |
> > supported by Rust. |
| 13 |
> > |
| 14 |
> |
| 15 |
> For the portage indirect dependency, can it be swapped for pycurl? |
| 16 |
> |
| 17 |
> AFAICT, it is just used to pull GPG sigs in gemato via dev-python/requests. |
| 18 |
|
| 19 |
I'll probably switch it to built-in urllib.request. The py3 versions |
| 20 |
should be good enough (previously urllib3 had better TLS support than |
| 21 |
old urllib AFAIR). |
| 22 |
|
| 23 |
-- |
| 24 |
Best regards, |
| 25 |
Michał Górny |
Archives