Hi, On Fri, Apr 6, 2018 at 7:02 PM, Sumana Harihareswara <s...@changeset.nyc> wrote: > Matthew, > > Thank you for your detailed explanations and thoughts here and in > https://groups.google.com/forum/m/#!topic/pypa-dev/Oz6SGA7gefo . > > I am not a Mac user and am fairly new to the Python packaging/distribution > world, so this may be naive and unrealistic verging on ridiculous, but: is > there anything we could ask Apple to do to help with this situation? > > Our upstream CDN (Fastly) is extremely unlikely to change their June 30th TLS > 1.0/1.1 removal date, which would (I imagine) affect a ton of people on older > Mac OS versions who do not even use PyPI.
Sorry, I'm afraid I set off the discussion in the pypa thread you pointed to above. Reporting back here, for those not on the pypa-dev Google group - it looks like the TLS 1.0 shutdown is being driven by the Warehouse release, which I believe is planned for the 16th of April (Warehouse can't use TLS 1.0). In practice, there is no way of giving the users a better or more visible warning message than the message we are currently getting from using the -v flag. I'm arguing over in that thread, that it would be better to give up on the -v flag warning, and go straight to an SSL error (which has an uninformative message - see [1]), because the current situation, where pip silently fails to upgrade, including failing to upgrade itself, is more confusing than the SSL error. Do people agree / disagree? Cheers, Matthew [1] https://github.com/pypa/warehouse/issues/3293#issuecomment-378480462 _______________________________________________ Pythonmac-SIG maillist - Pythonmac-SIG@python.org https://mail.python.org/mailman/listinfo/pythonmac-sig unsubscribe: https://mail.python.org/mailman/options/Pythonmac-SIG
