On 29. 06. 22 17:45, Dmitry Belyavskiy wrote:
Dear Miro,
On Wed, Jun 29, 2022 at 5:27 PM Miro Hrončok <mhroncok(a)redhat.com
<mailto:mhroncok@redhat.com>> wrote:
On 29. 06. 22 17:11, Dmitry Belyavskiy wrote:
> Dear colleagues,
>
> If I correctly follow the discussion, the biggest show-stopper is Python
2.*,
> which has some incomplete patches to deal with OpenSSL 3.0.
We would also need it in for Python 3.6 and pypys.
Are RHEL 9 patches for Python 3 series relevant in this case?
Not at all. RHEL 9 is python3.9 and that runs on OpenSSL 3 in both RHEL 9 and
all supported Fedoras.
> If we assist you in moving these patches forward, can we
get rid of the
devel
> package and leave the compat package only for 3rd-party packages?
Please don't remove the devel package if you aim for deprecation. As other
have
said, removing the devel package is essentially retirement, not deprecation.
OK, it's not a problem to deprecate the package in the sense of
https://docs.fedoraproject.org/en-US/packaging-guidelines/deprecating-pac...
<
https://docs.fedoraproject.org/en-US/packaging-guidelines/deprecating-pac...
But we still want to get rid of it.
Right. But it makes sense to say:
Fedora 37: openssl1.1 is deprecated
Fedora XY: openssl1.1 is retired
Now you are mixing the two kinda together in a weird way. The change is called
"deprecation" but is in fact "incomplete retirement".
See e.g.:
Deprecation:
https://fedoraproject.org/wiki/Changes/DeprecateNose
Retirement:
https://fedoraproject.org/wiki/Changes/RetirePython3.7
> I don't think that the community really
requires support for this
package for 7
> years after its upstream sunset.
OpenSSL 3 was introduced in Fedora 36, that has *just* been released this
year.
This is a change proposal for Fedora 37, that is half a year after, not 7
years :/
Well, speaking about 7 years, I mean the idea to support the compat package
synchronously with RHEL 8.
Now I understand what you mean but I still don't understand what is the biggest
trouble. You do maintain this in RHEL 8, don't you?
I'd like to retire this package not later than, well, a release
after OpenSSL
1.1.1 EOL.
Is that happening on some known schedule or is it an event that will eventually
happen but we don't know when?
--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok