Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 27 Jul 2020 15:43:41 -0400
From:      "John W. O'Brien" <john@saltant.com>
To:        FreeBSD Python <freebsd-python@freebsd.org>
Subject:   security/py-pycryptodome: Soft dependency on devel/py-cffi
Message-ID:  <779685b4-2036-b128-da77-31a131d19951@saltant.com>

next in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--XWt9POXMgcztmH6KH0ccRnBavPl3k06bK
Content-Type: multipart/mixed; boundary="RbhGfFZIJw0e9ZQ5oddTwGEZL5idnB4V4"

--RbhGfFZIJw0e9ZQ5oddTwGEZL5idnB4V4
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

Greetings FreeBSD Python,

I have been mulling over a thing and would like the list's perspective
before I decide whether to take action or not.

security/py-pycryptodome will use devel/py-cffi if it is available [0]
or ctypes otherwise [1]. This makes me just a little bit uneasy since it
leaves the door open to certain Heisenbugs and red herrings. My question
is whether it warrants adding devel/py-cffi to RUN_DEPENDS to ensure
consistency behavior? If not, what about as an OPTION for those who care
about that sort of thing?

[0]
https://github.com/Legrandin/pycryptodome/blob/v3.9.8/lib/Crypto/Util/_ra=
w_api.py#L71-L161
[1]
https://github.com/Legrandin/pycryptodome/blob/v3.9.8/lib/Crypto/Util/_ra=
w_api.py#L163-L263
[2] https://en.wikipedia.org/wiki/Heisenbug

--=20
John W. O'Brien
OpenPGP keys:
    0x33C4D64B895DBF3B


--RbhGfFZIJw0e9ZQ5oddTwGEZL5idnB4V4--

--XWt9POXMgcztmH6KH0ccRnBavPl3k06bK
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQGTBAEBCgB9FiEEUgT925O8rsvNs2oHIjgwc/pAJtYFAl8fLm1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDUy
MDRGRERCOTNCQ0FFQ0JDREIzNkEwNzIyMzgzMDczRkE0MDI2RDYACgkQIjgwc/pA
JtZyUggAvoVnYv4WqUUepLTSZfrGnJ+IcAo+J10ED9RGAD58+Tb7lHYo9oGOaWPQ
NJg36sY7Dxh2oGFBdjV7m76JOzIa064svnQfKPgn+UHB6FrwbiPWOaXntfO9jm5j
mj1iO8DoYqAmVhW37EQryc678qFDz43n2aNCFmtJycSffHTX0g6YxMcIoPXsLeiU
hEOinZTPm7+qd8fgwmOr8pNmWOxqKNeYySy8gIZYujrtFEvx++JbrI94opnRUdkn
dGtmkDPSFwwhoDlzd+O9ZRkIWgXQIoy6X3v5EpeMWYI0hs+Y5+XX/FGtw9+NXJ5a
VCmH63TPZXwQKCnEphiZ1p47/EUMeA==
=0f1Y
-----END PGP SIGNATURE-----

--XWt9POXMgcztmH6KH0ccRnBavPl3k06bK--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?779685b4-2036-b128-da77-31a131d19951>