[tahoe-lafs-trac-stream] [Tahoe-LAFS] #2193: pyOpenSSL 0.14 pulls in a bunch of new dependencies

Tahoe-LAFS trac at tahoe-lafs.org
Mon Mar 24 20:22:18 UTC 2014 

#2193: pyOpenSSL 0.14 pulls in a bunch of new dependencies
-------------------------+-------------------------------------------------
     Reporter:  daira    |      Owner:
         Type:  defect   |     Status:  new
     Priority:  normal   |  Milestone:  undecided
    Component:           |    Version:  1.10.0
  packaging              |   Keywords:  packaging setuptools pyopenssl
   Resolution:           |  cryptography six cffi pycparser
Launchpad Bug:           |
-------------------------+-------------------------------------------------

Comment (by zooko):

 dstufft asked on IRC why this is such a big deal to us, and my answer was
 that for us resolving a dependency is a *user-facing* action, so if a
 dependency of ours (pyOpenSSL) gains a new dependency (cryptography.io),
 then that is not just a developer-facing issue, but is in fact a
 *regression* for our users. That's because our users start with this
 document: [source:docs/quickstart.rst quickstart.rst], and follow the
 instructions written there, and at the end they have a working
 {{{bin/tahoe}}} script. Before the pyOpenSSL v0.14 release came out,
 following those instructions worked for most users, after the pyOpenSSL
 v0.14 release came out, it did not work for most users (because the new
 dependencies of pyOpenSSL cannot be automatically resolved by setuptools,
 especially considering that most users do not have a C compiler and Python
 header files installed). So it is a regression for us.

 I intend to pin our dependency on pyOpenSSL to {{{pyOpenSSL < 0.14}}} for
 now.

 (We don't really rely on pyOpenSSL for much anyway, so if we could in fact
 *remove* the dependency on pyOpenSSL entirely, that would be nice. See
 also [query:status=!closed&keywords=~openssl&order=priority tickets with
 "openssl" in their tags].)

--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2193#comment:6>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage

More information about the tahoe-lafs-trac-stream mailing list