Rebuild for openssl3 #98
Conversation
regro-cf-autotick-bot
requested review from
h-vetinari,
jakirkham and
ocefpaf
as code owners
|
Hi! This is the friendly automated conda-forge-linting service. I just wanted to let you know that I linted all conda-recipes in your PR ( |
|
Bug step forward! |
AFAICT this is the same status we had in #80 (or at least had here in the past) - windows fails while loading the DLL, the rest passes. |
|
Do you understand enough why it is failing here: https://github.com/pyca/cryptography/blob/main/src/cryptography/hazmat/bindings/openssl/binding.py#L176 |
|
I think we need the legacy stuff you mentionned in : #80 (comment) For what its worth, it is failing at this assert statement: |
|
I didn't see the ping in conda-forge/openssl-feedstock#96 (maybe due to it being edited in, or perhaps I missed it). Might as well try...? |
|
@conda-forge-admin, please rerender |
h-vetinari
force-pushed
the
rebuild-openssl3-0-1_h370c22
branch
from
9bbc66e to
f58fc61
Compare
…nda-forge-pinning 2022.07.06.01.52.02
h-vetinari
force-pushed
the
rebuild-openssl3-0-1_h370c22
branch
from
e319ccf to
08416a2
Compare
|
Lets just skip the memory leak tests? |
I'm not comfortable with pushing leaking builds to people. Some of those will inevitably used in long-running services, and leaking memory continuously is not great at all. More importantly, leaking memory from OpenSSL could be a security risk, so I'm pretty strongly opposed to just skip ahead (without a plan). I've been wanting to file an openssl issue, but haven't gotten around to it yet... |
|
@conda-forge-admin, please rerender |
…nda-forge-pinning 2022.08.01.12.11.42
|
I wonder what's so special about CPython 3.8 - it's the only CPython version that passes with no leaks 🤷 |
I had the exact same question, asked upstream for thoughts on this. No new insights so far though... |
|
One hypothesis: CPython 3.8 introduced a change that prevents the leak, but it was reverted at some point in the 3.9 cycle back to 3.7-like behavior. Maybe swiping through the micro versions of Python might reveal a closer version range? |
(Except that this variance over python minor versions makes it much less likely that it's a openssl-only issue, and more likely an issue with (C)Python) |
That sounds like a pretty good idea! |
|
@h-vetinari is letting the unix ones pass through an option at all? In a separate PR, so that this remains open. As you said in different threads, this has become a pain point in several corners... releasing the unix may help, but a maintainer will need to keep an eye on fixing windows eventually... |
Not really, unless we accept that the rest of the openssl migration stalls (not useful) or fully split out windows from the migration. I guess the latter is a choice we could make, and eventually redo a windows-only migration. |
For completeness, these were the results: #102 (comment) Same conclusion: only Python 3.8 works. |
|
Due to the |
This PR has been triggered in an effort to update openssl3.
Notes and instructions for merging this PR:
Please note that if you close this PR we presume that the feedstock has been rebuilt, so if you are going to perform the rebuild yourself don't close this PR until the your rebuild has been merged.
If this PR was opened in error or needs to be updated please add the
bot-rerunlabel to this PR. The bot will close this PR and schedule another one. If you do not have permissions to add this label, you can use the phrase@conda-forge-admin, please rerun botin a PR comment to have theconda-forge-adminadd it for you.This PR was created by the regro-cf-autotick-bot. The regro-cf-autotick-bot is a service to automatically track the dependency graph, migrate packages, and propose package version updates for conda-forge. Feel free to drop us a line if there are any issues! This PR was generated by https://github.com/regro/autotick-bot/actions/runs/2353479475, please use this URL for debugging.