bug#27081: [PATCH 2/2] gnu: python-cryptography: Update to 1.8.1.

[Leo Famulari <leo@famulari.name>]

[-- Attachment #1: Type: text/plain, Size: 1799 bytes --]

On Fri, May 26, 2017 at 03:19:06PM +0200, Marius Bakke wrote:
> Leo Famulari <leo@famulari.name> writes:
> 
> > * gnu/packages/python.scm (python-cryptography, python2-cryptography,
> > python-cryptography-vectors, python2-cryptography-vectors):
> > Update to 1.8.1.
> > (python-cryptography, python2-cryptography)[propagated-inputs]: Add
> > python-asn1crypto and python-packaging.
> 
> I'm very confused about the 'packaging' dependency. Grepping for
> 'packaging' in the code returns zero hits. Do you know how it's used?

Here are the results:

$ pwd
/home/leo/tmp/cryptography-1.8.1
$ grep -rI packaging
src/cryptography/utils.py:from packaging.version import parse
src/cryptography.egg-info/requires.txt:packaging

Did you search in another version of the code?

> How does it fail without it? A comment would be good.

The program uses the packaging.version module at run-time, and
simply crashes when it can't find it. Here is the part where it uses
code from that module:

$ sed -n 103,105p src/cryptography/utils.py
def _version_check(version, required_version):
    # This is used to check if we support update_into on CipherContext.
    return parse(version) >= parse(required_version)

This function gets used to check the version of python-cffi in
'src/cryptography/hazmat/primitives/ciphers/base.py' and branch based on
it.

Having read that code, perhaps we should try updating cffi soon. It
checks if cffi is version 1.7. We package 1.4.2; 1.10.0 is the latest.

> Also note, 1.8.2 was released a few hours ago. I assume you've tested
> some of the important-looking dependencies, so let's get this in :-)

Yes, of course I tested some important packages, like certbot :)

I'll retest with this new version. I don't expect big changes.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]