On Fri, 2022-06-24 at 11:42 +0200, Miro Hrončok wrote: > On 24. 06. 22 11:23, Dmitry Belyavskiy wrote: > > > > > > On Fri, Jun 24, 2022 at 11:20 AM Daniel P. Berrangé <berrange@xxxxxxxxxx > > <mailto:berrange@xxxxxxxxxx>> wrote: > > > > On Fri, Jun 24, 2022 at 11:13:13AM +0200, Dmitry Belyavskiy wrote: > > > On Wed, Jun 22, 2022 at 11:02 PM Miro Hrončok <mhroncok@xxxxxxxxxx > > <mailto:mhroncok@xxxxxxxxxx>> wrote: > > > > > > > On 22. 06. 22 21:05, Vipul Siddharth wrote: > > > > > We are going to deprecate openssl1.1 package, stop shipping the > > > > > corresponding devel package, and stop respecting crypto policies in > > > > > openssl1.1 package itself. > > > > > > > > +1 to deprecating it > > > > > > > > > > Great! > > > > > > -1 to stop shipping the devel package, this would mean we cannot build at > > > > least: > > > > > > > > - Python 2.7 > > > > despite our long term efforts, many things still need that, e.g. gimp, > > > > firefox (some builds do, then some don't), thunderbird etc., see > > > > https://fedora.portingdb.xyz/ <https://fedora.portingdb.xyz/> > > > > > > > > Or Python 3.6 (shipped for developers targeting RHEL 7/8). > > > > > > > > As long as OpenSSL 1.1 gets security fixes in RHEL 8, could we please > > > > leave the > > > > devel package? > > > > > > > > > > I'm not sure that if we don't remove the devel package, we will provide > > > strong enough motivation to get rid of the deprecating packages. > > > > If the openssl maintainers really strongly want to remove the > > devel pacakge, then don't call this deprecation because that > > is misleading. Call this purging openssl1.1 from the entire > > distro, such that it can only be used by 3rd party apps who > > have previously compiled against older Fedora openssl-devel. > > Be open about fact that this will cause FTBFS for any Fedora > > packages that stil uses openssl1 and their removal from the > > distro if they can't port to openssl3 very quickly. > > > > Do I correctly understand that the situation with Python is the most problematic? > > Are we able to solve it somehow? > > > > What I'm afraid of is that if we just declare the deprecation, we will stay > > with this package forever. > > Not forever, just until Python 2.7 is removed :D > > Seriously thou, my proposal is: > > - deprecate it now > - announce it goes away when RHEL 8 maintenance support ends > > Following the guidelines for deprecated packages: > https://docs.fedoraproject.org/en-US/packaging-guidelines/deprecating-packages/ > > # This is when RHEL 8 maintenance support is expected to end > # https://access.redhat.com/support/policy/updates/errata > # The life-cycle time spans and dates are subject to adjustment > Provides: deprecated() = 20290531 > > You are going to support OpenSSL 1.1 in RHEL 8 until that day anyway. > > This is also when we plan to remove Python 3.6: > https://lists.fedoraproject.org/archives/list/python-devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/W74WYEVGYAE57KVLCG73I75LZYKKUMXS/ > > And if Python 2.7 isn't removed by then, we can rip it out together with > OpenSSL 1.1 in Fedora 50. > Are you going to maintain it till Fedora 50 in the meantime? Simo. > -- > Miro Hrončok > -- > Phone: +420777974800 > IRC: mhroncok > _______________________________________________ > devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx > Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure -- Simo Sorce RHEL Crypto Team Red Hat, Inc _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
