On Tue, Mar 7, 2023 at 12:30 PM Jeremy Stanley <fungi@yuggoth.org> wrote:
On 2023-03-07 11:19:26 -0500 (-0500), Corey Bryant wrote: [...]
The current upper-constraint for cryptography is 38.0.2, but the various requirements.txt min versions are much lower (e.g. keystone has cryptography>=2.7). This is likely to lead to patches landing with features that are only in 38.0.2, so it will likely be difficult to enforce min version support. But perhaps a stance toward maintaining compatibility could be established. [...]
While introducing specific tests for this would not be trivial, maybe it's one of those situations where we try to avoid breaking compatibility with older versions and don't reject patches when people find that something has inadvertently started depending on a feature only available in the Rust-based builds? -- Jeremy Stanley
I'd be okay with an approach like this. Would this need to be formally adopted by the TC? Corey