[Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 (original) (raw)

Paul G paul at ganssle.io
Sat Jan 13 21:48:49 EST 2018

One thing to note is that if getting Travis working with Python 3.7 is a pain, a huge number of libraries on PyPI probably just won't test against Python 3.7, which is not a great situation to be in.

It's probably worth contacting Travis to give them a head's up and see how likely it is that they'll be able to support Python 3.7 if it requires a newer version of these libraries.

On January 14, 2018 2:16:53 AM UTC, Brett Cannon <brett at python.org> wrote:

On Sat, Jan 13, 2018, 14:45 Christian Heimes, <christian at python.org> wrote:

On 2018-01-13 21:02, Brett Cannon wrote: > +1 from me as well for the improved security.

Thanks, Brett! How should we handle CPython's Travis CI tests? The 14.04 boxes have OpenSSL 1.0.1. To the best of my knowledge, Travis doesn't offer 16.04. We could either move to container-based testing with a 16.04 container, which would give us 1.0.2 Or we could compile our own copy of OpenSSL with my multissl builder and use some rpath magic. In order to test all new features, Ubuntu doesn't cut it. Even current snapshot of Ubuntu doesn't contain OpenSSL 1.1. Debian Stretch or Fedora would do the trick, though. Maybe Barry's work on official test container could leveraged testing? My guess is we either move to containers on Travis, see if we can manually install -- through apt or something -- a newer version of OpenSSL, or we look at alternative CI options. -Brett Regards, Christian -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20180114/0a001707/attachment.html>

More information about the Python-Dev mailing list