Bug 248712 - security/py-stem: Replace security/py-pycrypto with security/py-cryptography
Summary: security/py-stem: Replace security/py-pycrypto with security/py-cryptography
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Vinícius Zavam
URL: https://stem.torproject.org/change_lo...
Keywords: buildisok, needs-qa
Depends on:
Blocks: 248438 265390
  Show dependency treegraph
Reported: 2020-08-17 22:58 UTC by John W. O'Brien
Modified: 2022-08-07 15:03 UTC (History)
6 users (show)

See Also:
john: maintainer-feedback? (cs)
egypcio: maintainer-feedback? (rene)
john: merge-quarterly?

security/py-stem: Replace pycrypto with cryptography (823 bytes, patch)
2020-08-17 22:58 UTC, John W. O'Brien
koobs: maintainer-approval+
Details | Diff
[PATCH] security/py-stem: update cryptography modules, as used by upstream (921 bytes, patch)
2022-08-06 17:23 UTC, Vinícius Zavam
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description John W. O'Brien 2020-08-17 22:58:03 UTC
Created attachment 217292 [details]
security/py-stem: Replace pycrypto with cryptography


*   Replace security/py-pycrypto DEPENDS with security/py-cryptography


portlint: OK
poudriere: OK -- testport on 12.1R amd64 w/py27, py35, py36, py37 (default), py38


See also:

Upstream changelog for 1.6

Trac ticket
Comment 1 Automation User 2020-09-02 00:09:45 UTC
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/184571205
Comment 2 Kubilay Kocak freebsd_committer freebsd_triage 2020-09-20 11:38:51 UTC
Comment on attachment 217292 [details]
security/py-stem: Replace pycrypto with cryptography

Approved by: portmgr (maintainer timeout: > 2 weeks)

Pending QA)
Comment 3 Kubilay Kocak freebsd_committer freebsd_triage 2020-09-20 11:39:20 UTC
@John Can you provide some additional text for the commit log message which explains the 'why' of the dependency change. Thanks!
Comment 4 John W. O'Brien 2020-09-20 13:06:51 UTC
(In reply to Kubilay Kocak from comment #3)

pycrypto appears to be abandonware. The project has not released a new version since October 2013, and there have been no new commits to the official github repo [0] since June 2014. As noted in the issue description, the Stem project has deprecated pycrypto as an optional dependency and integrated with cryptography as its preferred replacement.

[0] https://github.com/pycrypto/pycrypto
Comment 5 John W. O'Brien 2020-10-01 04:14:00 UTC
(In reply to Kubilay Kocak from comment #2)
When you say this is approved "Pending QA", I am not sure what that means, and I worry that it dissuades potential committers who might otherwise take action to commit this patch. I reported positive portlint and poudriere results in the PR description, and the CI/CD machinery for which we have @swills to thank set "buildisok". The bar is too high. It is also unspecific.

What steps could I possibly take to move things along? What would satisfy "needs-qa"? What is missing here?
Comment 6 Rob LA LAU 2021-01-09 13:55:43 UTC
Actually, the Stem FAQ explicitly states that Stem does not have any dependencies; it will use cryptography if it is available, but it does not depend on it. So maybe it would be best to just delete the dependency.

If you decide to depend on a crypto package anyway, I can confirm that it works with security/py-pycryptodome as well (and pycrypto and pycryptodome conflict).
Comment 7 Carlo Strub freebsd_committer 2021-01-24 19:41:28 UTC
Agreed. Maybe it is best to remove the dependency.
Comment 8 Vinícius Zavam freebsd_committer 2022-08-06 17:23:25 UTC
Created attachment 235722 [details]
[PATCH] security/py-stem: update cryptography modules, as used by upstream

here I am adding an updated version of the first patch. it follows the changes made in upstream.

this one is confirmed to UNBREAK a prt depending on 'security/py-steam' (linked as Blocked here in bugzilla already).

if that's also the case, I would be also interested on adopting 'stem'. much appreciated
Comment 9 Vinícius Zavam freebsd_committer 2022-08-06 17:25:59 UTC
looping rene@ to flag attention to a patch fixing a DEPRECATED port, scheduled to be removed, just in case
Comment 10 Rene Ladan freebsd_committer 2022-08-06 19:58:51 UTC
(In reply to Vinícius Zavam from comment #9)

No need for my approval (but perhaps that's just because of the maintainer-feedback flags which in turn might be a quirk in Bugzilla?), feel free to fix this port.

The pending-QA is indeed vague IMO and since Koobs never answered that question it would be fair to ignore it.
Comment 11 commit-hook freebsd_committer 2022-08-07 15:00:22 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=f2a9a5c3bbd57761069645e422ed63fc64a694bd

commit f2a9a5c3bbd57761069645e422ed63fc64a694bd
Author:     Vinícius Zavam <egypcio@FreeBSD.org>
AuthorDate: 2022-08-07 14:53:48 +0000
Commit:     Vinícius Zavam <egypcio@FreeBSD.org>
CommitDate: 2022-08-07 14:59:16 +0000

    security/py-stem: Replace 'pycrypto with 'cryptography'

      * Fix 'DEPRECATED';
      * Maintainer reset per long time hiatus in Bugzilla (6months+);
      * Replace 'pycrypto with 'cryptography' (follow upstream);


    PR:             248712
    Reported by:    John W. O'Brien <john % saltant.com>
    Approved by:    rene@

 security/py-stem/Makefile | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)