Hi Michał, Michał Górny <mgo...@gentoo.org> writes:
> So it seems that upstream has practically closed the discussion, > and the short summary is that they only care for the 'majority' of > users, they don't care for minor platforms (but we're free to port > LLVM/Rust to them) and -- unsurprisingly -- this is a part of crusade > towards promoting Rust. > > Given the aggressive opinions of a number of Python core devs > participating in the discussion, I'm afraid that it is quite probable > that a future version of CPython may require Rust. In fact, they've > already started having knee-jerk reactions to the problem at hand [1]. > To be honest, I've never thought I'd be this disappointed in Python > upstream. > > Good news is that they've promised to keep a LTS branch with security > fixes to the non-Rust version. Until end-of-year. And they've pretty > aggressively stated that they won't fix anything except security bugs > with a CVE assigned. So if it stops building for whatever reason, we're > on our own. > > I've reached out to Debian and they're planning to remove support for > minor architectures for this package in the next release. However, > Python is not as central to them as it is to us. Alpine is also > affected but seems intent on pushing Rust forward, so they'll probably > drop these architectures as well. > > Mike's submitted a PR to remove (unnecessary) cryptography dep from our > urllib3/requests packages [2]. This should make it possible to avoid > cryptography at least on some systems. However, it is still an indirect > test dependency of these packages, so we're going to have a hard time > keeping them properly tested. > > At this point, I'm really depressed about this and I'm seriously > wondering why I'm wasting so much effort on open source. I don't see > a good way out of it. Rust could be a nice language -- but it won't if > it continues to be surround by arrogant zealots who want to destroy > everything in their path towards promoting it. > > The first big blocker we're going to hit is trustme [3] package that > relies on cryptography API pretty heavily to generate TLS certs for > testing. If we managed to convince upstream to support an alternate > crypto backend, we'd be able to retain minor keywords a lot of packages > without too much pain. I could feel the pain. Bootstraping Rust on Prefix is somewhere between alpha, hppa, ia64, m68k, s390 and amd64[1]. The problem was exposed by gnome-base/librsvg[2]. I am wondering how useable pkgcore is on alpha, hppa, etc. Maybe it's time for us to plan for a Gentoo without essential Python dependency. Looking forward to gcc-rust for saving the world in the end. Benda 1. https://bugs.gentoo.org/689160 2. https://bugs.gentoo.org/739574