On Mon, Feb 8, 2021 at 1:35 PM Brian Evans <[email protected]> wrote: > > On 2/8/2021 12:53 PM, Brian Evans wrote: > > On 2/8/2021 6:19 AM, Michał Górny wrote: > >> Hi, > >> > >> FYI the developers of dev-python/cryptography decided that Rust is going > >> to be mandatory for 1.5+ versions. It's unlikely that they're going to > >> provide LTS support or security fixes for the old versions. > >> > >> Since cryptography is a very important package in the Python ecosystem, > >> and it is an indirect dependency of Portage, this means that we will > >> probably have to entirely drop support for architectures that are not > >> supported by Rust. > >> > > > > For the portage indirect dependency, can it be swapped for pycurl? > > > > AFAICT, it is just used to pull GPG sigs in gemato via dev-python/requests. > > > > This at least would at least keep the arches in question with some > > support but not necessarily all of python world until a clearer plan can > > be made. > > > > Brian > > > > After discussion in #gentoo-dev and simple chroot testing, it seems like > dev-python/requests nor dev-python/urlllib3 needs > dev-python/cryptography at all (when run with stable Python, tested with > 3.8). So unless there's a really good reason outside of gemato sync, > this looks to be a non-issue for portage and more of a dependency fix.
I created a PR to drop this and related deps from dev-python/urllib3 and dev-python/requests. Please review. https://github.com/gentoo/gentoo/pull/19383
