Move cryptography-based imports into fixture by mgorny · Pull Request #10686 · pypa/pip (original) (raw)

On a general note, I do not want to see pip getting sucked into that particular flamewar. So what I'm saying here would apply regardless of the whole rust issue - if cryptography explicitly checked architecture in setup.py and refused to build on these architectures, I'd be saying the same thing.

As a pure Python package, pip runs anywhere that Python runs, so I'm not entirely convinced by the "it's not a supported platform" argument. However, we only test on mainstream platforms and architectures, so the test suite doesn't need to run everywhere that pip runs. And that's fine, in my view. The test suite is not intended to run everywhere (nor do we offer support for it, in the sense that we offer support for pip itself). After all, for a long time, the pip test suite didn't all work on Windows, and that didn't mean we didn't support Windows... The test suite is something to help the pip developers produce reliable software, it's not a service we provide to our users.

I don't think our test suite should automatically skip tests if cryptography is unavailable. The features being tested are core pip features, and should be tested. "I don't have the full test environment available" should cause the test suite to fail, not just skip some tests. I'm fine with a pytest mark being added, so that the user can opt into skipping the affected tests, but IMO it has to be opt-in. (And we wouldn't guarantee that we'd ensure the mark was applied to any new tests that may get added - people can make mistakes, and see my comment above about the test suite not being "supported" in that sense).

Beyond this, I'm not personally interested in the architectures affected here, so like @pradyunsg I won't be getting involved in reviewing or merging PRs.