Cryptography upstream has finally released a new version that unconditionally requires Rust. Naturally, Rust has rather poor keywording in Gentoo. Since cryptography is kinda likely to hit a secbug sooner or later, and upstream has explicitly declared they don't care at all about patching vulnerabilities in older versions, we need to start preparing for the necessity of dropping keywords everywhere. At this point, this means dropping: hppa ppc sparc ~alpha ~ia64 [~m68k ~mips ~s390] This is a tracker for packages that depend on cryptography on the non-exp arches listed above.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fbc82dfc0fd9213f3205747f1814737a985495f5 commit fbc82dfc0fd9213f3205747f1814737a985495f5 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-11-26 08:19:04 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-11-26 08:20:40 +0000 dev-python/cryptography: add 36.0.0, drop 3.4.7_p12052021 (Rust, unkeyworded) Unkeyworded while we figure out a plan to handle arches which currently do not support Rust. (We _might_ be able to handle some/all of them by building rust-bin bootstrap binaries ourselves, as Rust upstream handle some arches by giving them a lower tier of support w/o prebuilt Rust. Or we wait for the rustc + libgccjit backend. Or we wait for the GCC Rust frontend.) Bug: https://bugs.gentoo.org/769482 Bug: https://bugs.gentoo.org/827350 Bug: https://bugs.gentoo.org/769452 Signed-off-by: Sam James <sam@gentoo.org> dev-python/cryptography/Manifest | 53 ++++++---- ...p12052021.ebuild => cryptography-36.0.0.ebuild} | 107 +++++++++++---------- 2 files changed, 88 insertions(+), 72 deletions(-)
wd40 work solved this.