I'm not sure where the current level of resignation is at regarding dev-python/cryptography, but this might buy someone a few extra weeks: "If cryptography is installed, then dnspython will be able to do low-level DNSSEC RSA, DSA, ECDSA and EdDSA signature validation." - https://github.com/rthalley/dnspython/blob/master/doc/installation.rst For example, validating SPF records with mail-filter/spf-engine (which uses pyspf, which uses dnspython) does not require this feature. I would suggest USE=dnssec, to match its pyproject.toml.
Created attachment 783503 [details] dnspython-2.2.1-r1.ebuild
Created attachment 783506 [details] metadata.xml nothing unexpected here; lets me update the mail servers without spending a week building rust for a feature that isn't used
The problem is we don't necessarily know which of its reverse dependencies need the dnssec functionality.
(In reply to Sam James from comment #3) > The problem is we don't necessarily know which of its reverse dependencies > need the dnssec functionality. I _think_ it might be quite limited to e.g. just some bitcoin client thing, but I'm not sure.
Packages without working test suites get what they deserve =)
Alright, no objection from me then. It's a special case and worthwhile I think.
Sounds cool to me.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c3190a16c0773fd2de65a6573727dd0d1475784f commit c3190a16c0773fd2de65a6573727dd0d1475784f Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2022-06-26 10:43:37 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2022-07-04 06:57:29 +0000 dev-python/dnspython: Make DNSSEC support optional (cryptography dep) Thanks to Michael Orlitzky. Closes: https://bugs.gentoo.org/844058 Signed-off-by: Michał Górny <mgorny@gentoo.org> dev-python/dnspython/dnspython-2.2.1-r1.ebuild | 52 ++++++++++++++++++++++++++ dev-python/dnspython/metadata.xml | 6 +++ 2 files changed, 58 insertions(+)