To summarize some conversation that happened in the #certbot-dev IRC channel on Freenode to make sure everyone sees it, the python- cryptography and python-idna requirements come from python-acme's dependency on requests "security" extras which we declare at https://github.com/certbot/certbot/blob/v0.31.0/acme/setup.py#L20. These are extra security features which python-requests has but to use them, you need additional dependencies.
To express this, our Debian package maintainer lifted requests' dependencies out of the python-requests package and into the python-acme package, but the requirements for the version of python-requests in Debian and Ubuntu Xenial are different. The requirements for requests "security" extras for the version in Xenial are https://github.com/psf/requests/blob/v2.9.1/setup.py#L72. To express this, I think for both python and python3: * The cryptography requirement should be relaxed to >=1.2.3 to match the requirement from python-acme: https://github.com/certbot/certbot/blob/v0.31.0/acme/setup.py#L12 * The ndg-httpsclient and pyasn1 dependency should be added back. * The idna dependency should be removed. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1836823 Title: python-acme will break on November 1st To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python-acme/+bug/1836823/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
