On Wed, Aug 14, 2024 at 07:57:25PM +0200, Sebastian Andrzej Siewior wrote: > I'm sorry if this is causing trouble. I splitted the legacy provider out > and added a Recommends: assuming that it is pulled in by default. It did > not pop on the debci.
Presumably because it mostly affects indirect dependencies. > Is this causing enough trouble that you would say it needs a Depends: > until this is resolved? Well, so far I've had to add the environment variable to openssh, incremental, and twisted just so that I could get on with other things. But I have no real idea right now how much else might be affected. Maybe it's worth you filing an issue on https://github.com/pyca/cryptography/issues to let cryptography upstream know about the problem? That way you could explain the change and discuss whether it makes sense to change cryptography to match the Debian-specific layout here, or whether it makes sense to change Debian in some other way. A minimal reproducer on unstable is to install python3-cryptography and remove openssl-provider-legacy, then run "python3 -c 'import cryptography.hazmat.bindings.openssl.binding'". ('import OpenSSL' also fails, and is probably the most common way that packages will run into this.) Thanks, -- Colin Watson (he/him) [cjwat...@debian.org]
