On 2023-03-07 11:19:26 -0500 (-0500), Corey Bryant wrote:
[...]
> The current upper-constraint for cryptography is 38.0.2, but the
> various requirements.txt min versions are much lower (e.g.
> keystone has cryptography>=2.7). This is likely to lead to patches
> landing with features that are only in 38.0.2, so it will likely
> be difficult to enforce min version support. But perhaps a stance
> toward maintaining compatibility could be established.
[...]

While introducing specific tests for this would not be trivial,
maybe it's one of those situations where we try to avoid breaking
compatibility with older versions and don't reject patches when
people find that something has inadvertently started depending on a
feature only available in the Rust-based builds?
--
Jeremy Stanley