Re: Bug#1115706: Not installable with python3-cryptography >= 44

To: Simon Josefsson <simon@josefsson.org>
Cc: debian-python@lists.debian.org, Andrey Rakhmatullin <wrar@debian.org>, 1115706@bugs.debian.org
Subject: Re: Bug#1115706: Not installable with python3-cryptography >= 44
From: Stefano Rivera <stefanor@debian.org>
Date: Fri, 19 Sep 2025 15:16:29 +0000
Message-id: <[🔎] mon3rw63gwfadrftvfozzxai3z4nqxvnite7so6dputkwze424@6xqxmscqirtu>
Mail-followup-to: Simon Josefsson <simon@josefsson.org>, debian-python@lists.debian.org, Andrey Rakhmatullin <wrar@debian.org>, 1115706@bugs.debian.org
In-reply-to: <[🔎] 87wm5u1tc7.fsf@josefsson.org>
References: <175826922917.2039399.2302457106203823282.reportbug@belkar.wrar.name> <87348i39kh.fsf@josefsson.org> <175826922917.2039399.2302457106203823282.reportbug@belkar.wrar.name> <aM1Qt4GZSnHYbN7M@belkar.wrar.name> <[🔎] 87wm5u1tc7.fsf@josefsson.org>

Hi Simon (2025.09.19_13:10:16_+0000)

Does anyone have thoughts on why some python packages use << versioning
on build dependencies even when there are no such versions released?


You sometimes see this. It's over-protective IMHO.

We don't always do this. Packages need to declare PEP386 (in practicePEP440) compliance for dh_python3 to do this. Or you have to pass--accept-upstream-versions.That's probably worth re-visiting, because everything is PEP440compliant, these days.

If this a python cultural upstream thing, is this something that should
be mirrored in Debian's Depends: versioning?

It's problematic for us to not mirror it, because then you can havepackages installed that don't have their dependencies met. pip doesn'tlike that. pkg_resources (IIRC) used to also get quite up set about it.

So, typically patching the upstream dependencies is appropriate in thesesituations.


Stefano

--
Stefano Rivera
  http://tumbleweed.org.za/
  +1 415 683 3272

Reply to:

Follow-Ups:
- Re: Bug#1115706: Not installable with python3-cryptography >= 44
  - From: Simon Josefsson <simon@josefsson.org>

References:
- Re: Bug#1115706: Not installable with python3-cryptography >= 44
  - From: Simon Josefsson <simon@josefsson.org>

Prev by Date: Re: Bug#1115706: Not installable with python3-cryptography >= 44
Next by Date: Re: Bug#1115706: Not installable with python3-cryptography >= 44
Previous by thread: Re: Bug#1115706: Not installable with python3-cryptography >= 44
Next by thread: Re: Bug#1115706: Not installable with python3-cryptography >= 44
Index(es):
- Date
- Thread