On Fri, Apr 05, 2024 at 10:27:46AM +0900, Lars-Dominik Braun wrote: > Hi Efraim, > > > It turns out that the Python ecosystem bundles a version of nss-certs. > > This patch series should change it so that it uses the system nss-certs > > instead. > > I would change the comment at the top of core.py so it mentions this is > a Guix-specific version of certifi.py, so it’s clear the package has > been altered. You probably don’t need `_CA_CERTS = None`, since the > try…except clause covers all cases. > > Otherwise LGTM. I left the initial `_CA_CERTS = None` as a sort of initial declaration of the variable, since I don't really know python that well and I didn't think it was correct to declare it inside the try…except. I added the line at the top of core.py saying it was Guix specific and I also adjusted the commit message for python mentioning the $SSL_CERT_FILE in the natives-search-paths. Then I went to build my home-config and I realized what I'd done with the native-search-paths in python-3.10 and I moved it to the replacement python so it wouldn't cause a world rebuild. Patches pushed! -- Efraim Flashner רנשלפ םירפא GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted