[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#921663: Please add python-certbot update to jessie-backports

Hi Holger and Brad

Here is a little more extensive list of dependencies:

python-certbot (of course as it is the one providing certbot)
python3-acme (>= 0.26.0~) - not in jessie, available in backports
python3-configargparse - not in jessie, available in backports
python3-cryptography (>= 1.2) - update needed (affecting something else?), available in backports
python3-josepy - not in jessie
python3-rfc3339 - not in jessie, available in backports
python3-sphinx (>= 1.6) - update needed (affecting something else?)

python-certbot-nginx and python-certbot-apache do not seem to add any additional dependencies that are not already in jessie.

I have not checked if any of the above packages require further dependencies so the list may grow larger.

Best regards

// Ola

On Sat, 9 Feb 2019 at 20:58, Brad Warren <bmw@eff.org> wrote:

> On Feb 9, 2019, at 6:19 AM, Holger Levsen <holger@layer-acht.org> wrote:
> On Sat, Feb 09, 2019 at 02:54:43PM +0100, Ola Lundqvist wrote:
>> I can also add that I have looked into this for myself and the number of
>> needed dependencies is rather large. So it is not just certbot that need an
>> update, we also need to include quite a few other packages too.
> how large exactly?
All of:

- python-acme
- python-certbot
- python-certbot-apache
- python-certbot-nginx
- python-josepy

would need to be added/updated like they were in Stretch. (The new python-josepy package comes from it being split out of python-acme.)

We have spent a lot of time upstream keeping compatibility with older versions of our dependencies and not adding new dependencies with the goal of making situations like this easier.

With that said, these Debian packages have switched from Python 2 to Python 3 since the last time they were updated in jessie-backports. The switch to Python 3 would either need to be undone (as we have kept compatibility with Python 2 upstream) or Python 3 versions of some of our dependencies would need to be added. I am not sure how many packages would be affected if the latter approach was taken.

> --
> tschau,
>       Holger
> -------------------------------------------------------------------------------
>               holger@(debian|reproducible-builds|layer-acht).org
>       PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C

 --- Inguza Technology AB --- MSc in Information Technology ----
/  ola@inguza.com                    Folkebogatan 26            \
|  opal@debian.org                   654 68 KARLSTAD            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /

Reply to: