Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pin cryptography to versions compatible with pyopenssl #913

Closed
wants to merge 2 commits into from
Closed

Pin cryptography to versions compatible with pyopenssl #913

wants to merge 2 commits into from

Conversation

IzerOnadimQC
Copy link
Contributor

@IzerOnadimQC IzerOnadimQC commented Dec 2, 2024
edited
Loading

Checklist

  • Used a static YAML file for the patch if possible (instructions).
  • Only wrote code directly into generate_patch_json.py if absolutely necessary.
  • Ran pre-commit run -a and ensured all files pass the linting checks.
  • Ran python show_diff.py and posted the output as part of the PR.
  • Modifications won't affect packages built in the future.
Diff output 
$ python show_diff.py
================================================================================
================================================================================
linux-armv7l
================================================================================
================================================================================
win-32
win-32::pyopenssl-16.2.0-py27_0.tar.bz2
win-32::pyopenssl-16.2.0-py35_0.tar.bz2
win-32::pyopenssl-16.2.0-py36_0.tar.bz2
-    "cryptography >=1.3.4",
+    "cryptography >=1.3.4,<42.0.0a0",
win-32::pyopenssl-17.2.0-py27_0.tar.bz2
win-32::pyopenssl-17.2.0-py35_0.tar.bz2
win-32::pyopenssl-17.2.0-py36_0.tar.bz2
-    "cryptography >=1.9",
+    "cryptography >=1.9,<42.0.0a0",
win-32::pyopenssl-16.0.0-py27_0.tar.bz2
win-32::pyopenssl-16.0.0-py34_0.tar.bz2
win-32::pyopenssl-16.0.0-py35_0.tar.bz2
-    "cryptography >=1.3",
+    "cryptography >=1.3,<42.0.0a0",
win-32::pyopenssl-17.5.0-py27_1.tar.bz2
win-32::pyopenssl-17.5.0-py35_1.tar.bz2
win-32::pyopenssl-17.5.0-py36_1.tar.bz2
-    "cryptography >=2.1.4",
+    "cryptography >=2.1.4,<42.0.0a0",
================================================================================
================================================================================
linux-ppc64le
linux-ppc64le::pyopenssl-19.0.0-py27_0.tar.bz2
linux-ppc64le::pyopenssl-19.0.0-py36_0.tar.bz2
linux-ppc64le::pyopenssl-19.0.0-py37_0.tar.bz2
linux-ppc64le::pyopenssl-19.0.0-py38_0.tar.bz2
-    "cryptography >=2.2.1",
+    "cryptography >=2.2.1,<42.0.0a0",
linux-ppc64le::pyopenssl-19.1.0-py36_0.tar.bz2
linux-ppc64le::pyopenssl-19.1.0-py37_0.tar.bz2
linux-ppc64le::pyopenssl-19.1.0-py38_0.tar.bz2
-    "cryptography >=2.8",
+    "cryptography >=2.8,<42.0.0a0",
================================================================================
================================================================================
linux-aarch64
linux-aarch64::pyopenssl-19.0.0-py27_0.tar.bz2
linux-aarch64::pyopenssl-19.0.0-py36_0.tar.bz2
linux-aarch64::pyopenssl-19.0.0-py37_0.tar.bz2
linux-aarch64::pyopenssl-19.0.0-py38_0.tar.bz2
-    "cryptography >=2.2.1",
+    "cryptography >=2.2.1,<42.0.0a0",
linux-aarch64::pyopenssl-19.1.0-py36_0.tar.bz2
linux-aarch64::pyopenssl-19.1.0-py37_0.tar.bz2
linux-aarch64::pyopenssl-19.1.0-py38_0.tar.bz2
-    "cryptography >=2.8",
+    "cryptography >=2.8,<42.0.0a0",
================================================================================
================================================================================
osx-arm64
================================================================================
================================================================================
noarch
noarch::pyopenssl-21.0.0-pyhd8ed1ab_0.tar.bz2
-    "cryptography >=3.3",
+    "cryptography >=3.3,<42.0.0a0",
noarch::pyopenssl-19.1.0-py_1.tar.bz2
-    "cryptography >=2.8",
+    "cryptography >=2.8,<42.0.0a0",
noarch::pyopenssl-20.0.0-pyhd8ed1ab_0.tar.bz2
noarch::pyopenssl-20.0.1-pyhd8ed1ab_0.tar.bz2
-    "cryptography >=3.2",
+    "cryptography >=3.2,<42.0.0a0",
noarch::bitstring-4.1.0-pyhd8ed1ab_0.conda
-    "bitarray >=2.8.0,<3",
+    "bitarray >=2.8.0",
================================================================================
================================================================================
win-64
win-64::pyopenssl-17.5.0-py27_1.tar.bz2
win-64::pyopenssl-17.5.0-py35_1.tar.bz2
win-64::pyopenssl-17.5.0-py36_1.tar.bz2
-    "cryptography >=2.1.4",
+    "cryptography >=2.1.4,<42.0.0a0",
win-64::pyopenssl-16.0.0-py27_0.tar.bz2
win-64::pyopenssl-16.0.0-py34_0.tar.bz2
win-64::pyopenssl-16.0.0-py35_0.tar.bz2
-    "cryptography >=1.3",
+    "cryptography >=1.3,<42.0.0a0",
win-64::pyopenssl-18.0.0-py27_0.tar.bz2
win-64::pyopenssl-18.0.0-py27_1000.tar.bz2
win-64::pyopenssl-18.0.0-py35_0.tar.bz2
win-64::pyopenssl-18.0.0-py36_0.tar.bz2
win-64::pyopenssl-18.0.0-py36_1000.tar.bz2
win-64::pyopenssl-18.0.0-py37_0.tar.bz2
win-64::pyopenssl-18.0.0-py37_1000.tar.bz2
win-64::pyopenssl-19.0.0-py27_0.tar.bz2
win-64::pyopenssl-19.0.0-py36_0.tar.bz2
win-64::pyopenssl-19.0.0-py37_0.tar.bz2
win-64::pyopenssl-19.0.0-py38_0.tar.bz2
-    "cryptography >=2.2.1",
+    "cryptography >=2.2.1,<42.0.0a0",
win-64::pyopenssl-17.2.0-py27_0.tar.bz2
win-64::pyopenssl-17.2.0-py35_0.tar.bz2
win-64::pyopenssl-17.2.0-py36_0.tar.bz2
-    "cryptography >=1.9",
+    "cryptography >=1.9,<42.0.0a0",
win-64::pyopenssl-16.2.0-py27_0.tar.bz2
win-64::pyopenssl-16.2.0-py35_0.tar.bz2
win-64::pyopenssl-16.2.0-py36_0.tar.bz2
-    "cryptography >=1.3.4",
+    "cryptography >=1.3.4,<42.0.0a0",
win-64::pyopenssl-19.1.0-py27_0.tar.bz2
win-64::pyopenssl-19.1.0-py36_0.tar.bz2
win-64::pyopenssl-19.1.0-py37_0.tar.bz2
win-64::pyopenssl-19.1.0-py38_0.tar.bz2
-    "cryptography >=2.8",
+    "cryptography >=2.8,<42.0.0a0",
================================================================================
================================================================================
osx-64
osx-64::pyopenssl-17.2.0-py27_0.tar.bz2
osx-64::pyopenssl-17.2.0-py35_0.tar.bz2
osx-64::pyopenssl-17.2.0-py36_0.tar.bz2
osx-64::pyopenssl-17.4.0-py27_0.tar.bz2
osx-64::pyopenssl-17.4.0-py35_0.tar.bz2
osx-64::pyopenssl-17.4.0-py36_0.tar.bz2
-    "cryptography >=1.9",
+    "cryptography >=1.9,<42.0.0a0",
osx-64::pyopenssl-16.2.0-py27_0.tar.bz2
osx-64::pyopenssl-16.2.0-py35_0.tar.bz2
osx-64::pyopenssl-16.2.0-py36_0.tar.bz2
-    "cryptography >=1.3.4",
+    "cryptography >=1.3.4,<42.0.0a0",
osx-64::pyopenssl-19.1.0-py27_0.tar.bz2
osx-64::pyopenssl-19.1.0-py36_0.tar.bz2
osx-64::pyopenssl-19.1.0-py37_0.tar.bz2
osx-64::pyopenssl-19.1.0-py38_0.tar.bz2
-    "cryptography >=2.8",
+    "cryptography >=2.8,<42.0.0a0",
osx-64::pyopenssl-18.0.0-py27_0.tar.bz2
osx-64::pyopenssl-18.0.0-py27_1000.tar.bz2
osx-64::pyopenssl-18.0.0-py35_0.tar.bz2
osx-64::pyopenssl-18.0.0-py36_0.tar.bz2
osx-64::pyopenssl-18.0.0-py36_1000.tar.bz2
osx-64::pyopenssl-18.0.0-py37_0.tar.bz2
osx-64::pyopenssl-18.0.0-py37_1000.tar.bz2
osx-64::pyopenssl-19.0.0-py27_0.tar.bz2
osx-64::pyopenssl-19.0.0-py36_0.tar.bz2
osx-64::pyopenssl-19.0.0-py37_0.tar.bz2
osx-64::pyopenssl-19.0.0-py38_0.tar.bz2
-    "cryptography >=2.2.1",
+    "cryptography >=2.2.1,<42.0.0a0",
osx-64::pyopenssl-17.5.0-py27_1.tar.bz2
osx-64::pyopenssl-17.5.0-py35_1.tar.bz2
osx-64::pyopenssl-17.5.0-py36_1.tar.bz2
-    "cryptography >=2.1.4",
+    "cryptography >=2.1.4,<42.0.0a0",
osx-64::pyopenssl-16.0.0-py27_0.tar.bz2
osx-64::pyopenssl-16.0.0-py34_0.tar.bz2
osx-64::pyopenssl-16.0.0-py35_0.tar.bz2
osx-64::pyopenssl-16.0.0-py36_0.tar.bz2
-    "cryptography >=1.3",
+    "cryptography >=1.3,<42.0.0a0",
================================================================================
================================================================================
linux-64
linux-64::pyopenssl-17.2.0-py27_0.tar.bz2
linux-64::pyopenssl-17.2.0-py35_0.tar.bz2
linux-64::pyopenssl-17.2.0-py36_0.tar.bz2
linux-64::pyopenssl-17.4.0-py27_0.tar.bz2
linux-64::pyopenssl-17.4.0-py35_0.tar.bz2
linux-64::pyopenssl-17.4.0-py36_0.tar.bz2
-    "cryptography >=1.9",
+    "cryptography >=1.9,<42.0.0a0",
linux-64::pyopenssl-18.0.0-py27_0.tar.bz2
linux-64::pyopenssl-18.0.0-py27_1000.tar.bz2
linux-64::pyopenssl-18.0.0-py35_0.tar.bz2
linux-64::pyopenssl-18.0.0-py36_0.tar.bz2
linux-64::pyopenssl-18.0.0-py36_1000.tar.bz2
linux-64::pyopenssl-18.0.0-py37_0.tar.bz2
linux-64::pyopenssl-18.0.0-py37_1000.tar.bz2
linux-64::pyopenssl-19.0.0-py27_0.tar.bz2
linux-64::pyopenssl-19.0.0-py36_0.tar.bz2
linux-64::pyopenssl-19.0.0-py37_0.tar.bz2
linux-64::pyopenssl-19.0.0-py38_0.tar.bz2
-    "cryptography >=2.2.1",
+    "cryptography >=2.2.1,<42.0.0a0",
linux-64::pyopenssl-16.0.0-py27_0.tar.bz2
linux-64::pyopenssl-16.0.0-py34_0.tar.bz2
linux-64::pyopenssl-16.0.0-py35_0.tar.bz2
linux-64::pyopenssl-16.0.0-py36_0.tar.bz2
-    "cryptography >=1.3",
+    "cryptography >=1.3,<42.0.0a0",
linux-64::pyopenssl-19.1.0-py27_0.tar.bz2
linux-64::pyopenssl-19.1.0-py36_0.tar.bz2
linux-64::pyopenssl-19.1.0-py37_0.tar.bz2
linux-64::pyopenssl-19.1.0-py38_0.tar.bz2
-    "cryptography >=2.8",
+    "cryptography >=2.8,<42.0.0a0",
linux-64::pyopenssl-17.5.0-py27_1.tar.bz2
linux-64::pyopenssl-17.5.0-py35_1.tar.bz2
linux-64::pyopenssl-17.5.0-py36_1.tar.bz2
-    "cryptography >=2.1.4",
+    "cryptography >=2.1.4,<42.0.0a0",
linux-64::pyopenssl-16.2.0-py27_0.tar.bz2
linux-64::pyopenssl-16.2.0-py35_0.tar.bz2
linux-64::pyopenssl-16.2.0-py36_0.tar.bz2
-    "cryptography >=1.3.4",
+    "cryptography >=1.3.4,<42.0.0a0",

@conda-forge-admin
Copy link
Contributor

Hi! This is the friendly automated conda-forge-linting service.

I just wanted to let you know that I linted all conda-recipes in your PR (recipe/meta.yaml) and found it was in an excellent condition.

@IzerOnadimQC IzerOnadimQC marked this pull request as ready for review December 2, 2024 20:08
@IzerOnadimQC IzerOnadimQC requested a review from a team as a code owner December 2, 2024 20:08
@xhochy
Copy link
Member

xhochy commented Dec 2, 2024

fyi @conda-forge/cryptography

@maresb maresb mentioned this pull request Dec 2, 2024
Merged
5 tasks
@maresb
Copy link
Contributor

maresb commented Dec 2, 2024

I should have checked more carefully. I opened a duplicate in #918. Either should work. I certainly won't be offended if you close mine. I do the tightening slightly differently, as detailed in #918 (comment).

It would be great to get one of these merged soon, since I suspect this may be causing some fairly widespread breakage.

@IzerOnadimQC
Copy link
Contributor Author

I should have checked more carefully. I opened a duplicate in #918. Either should work. I certainly won't be offended if you close mine. I do the tightening slightly differently, as detailed in #918 (comment).

I'm not overly opinionated on which approach we take - AFAICT your approach would also fix the issue and does not seem overly constraining. The one thing I would say about your approach is that it could probably be made simpler by removing the existing version constraint, and just converting your version_lt to a version version_le, which, if I'm understanding correctly, would cover both cases.

It would be great to get one of these merged soon, since I suspect this may be causing some fairly widespread breakage.

Agreed. Could a member of @conda-forge/core please approve and merge either one?

@jakirkham
Copy link
Member

@h-vetinari could you please take a look at this PR and PR ( #918 )?

h-vetinari
h-vetinari approved these changes Dec 3, 2024
View reviewed changes
Copy link
Member

@h-vetinari h-vetinari left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

This was referenced Dec 3, 2024
Closed
Closed
@jorisvandenbossche jorisvandenbossche mentioned this pull request Dec 3, 2024
Closed
@maresb
Copy link
Contributor

maresb commented Dec 3, 2024

After sleeping on this, I think that my pins are slightly better because they are monotone. (With this version there is a very slight risk that the solver finds a local optimum with pyopenssl 21.0.0 and cryptography 41 since pyopenssl 22.0.0 requires cryptography <39.)

I think the comments here are more informative, so I'm going to copy those to my branch in #918.

@ocefpaf
Copy link
Member

ocefpaf commented Dec 3, 2024

Sorry, I saw #918 first. They are quite similar and thank you both. (I was still investigating this yesterday but this seems to be the right fix.)

@ocefpaf ocefpaf closed this Dec 3, 2024
@maresb
Copy link
Contributor

maresb commented Dec 3, 2024

Thanks @ocefpaf! I will open a new PR with proper attribution to ensure that @IzerOnadimQC's informative comments are preserved.

@maresb maresb mentioned this pull request Dec 3, 2024
Merged
@tsibley tsibley mentioned this pull request Dec 3, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@h-vetinari h-vetinari h-vetinari approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@IzerOnadimQC @conda-forge-admin @xhochy @maresb @jakirkham @ocefpaf @h-vetinari