Hello, We are experiencing difficulties with the way the CI matrix is generated with the SSL libraries.
As I already mentionned, I don't really like the "latest" keyword for the OpenSSL version as it prevent us to have reproducible builds. It updates versions without warning, even major ones. Since OpenSSL 3.1.0-aplha1 was released we are affected by the problem, we stopped building with 3.0.x without noticing, and our internal CI for the stable branches start failing because of that. Majour versions must never change in the previous branches. What I suggest is to stop using "latest" for the "git push" CI, but using it only in a separate CI (once a day/week I don't know). And only use fixed version of the libraries on the CI so builds are not broken by external components. Because in my opinion the "git push" CI is to test our code, not the libraries. What do you guys think? -- William Lallemand
