From nobody Wed Feb  7 14:12:10 2024
X-Original-To: python@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVMWH0RBwz59Rc9
	for <python@mlmmj.nyi.freebsd.org>; Wed,  7 Feb 2024 14:12:11 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TVMWG4nvHz47fJ
	for <python@FreeBSD.org>; Wed,  7 Feb 2024 14:12:10 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1707315130;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=6w0FKbzxzOlN2lg+0ZiQ67uBwZhGtJqFFWEzI42mjGc=;
	b=tta5uXRTEdA0sv7O9Lzp6Z61oOXRYd3FwNz7r8rbiTpY3Zm74Y4kKO9KDU9n0InsDKzYhG
	25Nk1xDbSPA7n0FbNvJkVYa72PseeSnctgHS19wPJq2hIGRTbuDyZvbEh6fcJubWpJ3KKQ
	cFrzGwQdpr6xiOWcoF8u7fxwFLpxD9Srt2sPVsQQe/jnjWHxsyEtJBX5TCQfyfx5Y9i9rZ
	2k3zskvg/B0QHGcentH6CUMvAAPQsDlW7quv4KQXP1H7pQQVLAJS4Y7ISm5C8lLonzaCKq
	FvCNO8qJgsR1Yssokkazyym46KXNfzlW1guBLuL9MqyZYmrBRL7UI7YJB35jLQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707315130; a=rsa-sha256; cv=none;
	b=D8ZLDw6DRUVqiFD6xHAIy7Cyvl6Haj8PFBT+V4kMjBRVQiQ77FgpPP7shGpv05LqhYnBVA
	RTfxs2jkPx7Joy9jf/0kXuDtmSDhTf0DCGN4/lwIaXNe6P8ktbvsqrdDhD+pLw/qYL+yOu
	7jJGTsRokihh84CcpE5bwP+J/nBTxoRk6oLcu8Uio+VQdz3RyDRS8sjQ8Wdrt6jHYn4EHf
	LQ4h8/M7K83oZ8Qrmf5KYsLQSwkd4hnoPw5oktdRohwjqpixtG44hBEkvcwfhNnqDd7aRF
	Bi34mehURLg5QI8teKseNyQBll8IC8/npZn14bbSetDE0zUYLkkbx6oF+IV1XQ==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TVMWG3s2Zz18yh
	for <python@FreeBSD.org>; Wed,  7 Feb 2024 14:12:10 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 417ECAbq022437
	for <python@FreeBSD.org>; Wed, 7 Feb 2024 14:12:10 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 417ECAoo022436
	for python@FreeBSD.org; Wed, 7 Feb 2024 14:12:10 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: python@FreeBSD.org
Subject: [Bug 275167] security/py-service-identity: merge duplicate of
 security/py-service_identity
Date: Wed, 07 Feb 2024 14:12:10 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Ports & Packages
X-Bugzilla-Component: Individual Port(s)
X-Bugzilla-Version: Latest
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: jcfyecrayz@liamekaens.com
X-Bugzilla-Status: Open
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: sunpoet@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-275167-21822-oUs6AGZEFP@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-275167-21822@https.bugs.freebsd.org/bugzilla/>
References: <bug-275167-21822@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: FreeBSD-specific Python issues <freebsd-python.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-python
List-Help: <mailto:python+help@freebsd.org>
List-Post: <mailto:python@freebsd.org>
List-Subscribe: <mailto:python+subscribe@freebsd.org>
List-Unsubscribe: <mailto:python+unsubscribe@freebsd.org>
Sender: owner-freebsd-python@freebsd.org
X-BeenThere: freebsd-python@freebsd.org
MIME-Version: 1.0

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D275167

--- Comment #22 from John Hein <jcfyecrayz@liamekaens.com> ---
I think this can be closed now.  The old port was deprecated and is now gon=
e.=20
Dependent ports have been updated to point to the new port.


Note that comment 20 has not been addressed - separate bug.


(In reply to Palle Girgensohn from comment #17)
First let me say that I understand the position to force ports to use a new=
er
version in some cases and started thinking along the same lines in this cas=
e at
first.

I came down on the side of deprecating the older version mainly for the
following reasons:

 (1) I don't know the ramifications of moving to a new update for all the
affected ports.  I took a look, but I realized I don't know enough.  For
example, for some of the ports that specify service-identity as a dependenc=
y, I
don't see a direct dependency.  Maybe the service-identity dependency should
just be removed for some of these ports.  If so, that's more correct - even
better than globally updating their dependency to a newer version.

 (2) There is ('was' now) indeed a run-time conflict between some of these
ports.  But, to be honest, most of these ports are not critical ports for t=
he
global ports tree.  I'm sure they are important to some, but I'm saying they
are not globally critical.  To me, this indicates that we don't have to act
without having a full understanding of the ramifications.  py-twisted is pr=
etty
important, and after some analysis, it seems that it can be updated to
service-identity 23.1.0. But I don't have the time to analyze all the affec=
ted
ports - at least not to a confidence level where I am comfortable with forc=
ing
them all to a new dependency version.

 (3) The maintainers of the affected ports should be able to evaluate and h=
ave
time to weigh in on updates for their port.

Doing global updates to ports without maintainer feedback should be done
sparingly unless the changes are obviously correct and necessary for the
greater good.

I fully understand why one would want to do the sweeping patch.  But this
didn't seem to rise to that level of emergency.  Allowing maintainers some =
time
to review seems reasonable.  Build failures are much less problematic than
run-time failures - the latter is harder to debug.

At the very least the maintainers of the affected ports should be explicitly
invited to review and given time to evaluate.

Generally, regardless whether we go the "deprecate" route or the "update all
affected ports now" route, we should invite all the affected maintainers to
evaluate how changes will affect their port (including whether the port rea=
lly
does need a direct dependency on service-identity).

--=20
You are receiving this mail because:
You are on the CC list for the bug.=