GNU bug report logs -
#70179
[PATCH 0/3] Use system nss-certs in Python.
Previous Next
Reported by: Efraim Flashner <efraim <at> flashner.co.il>
Date: Thu, 4 Apr 2024 05:56:03 UTC
Severity: normal
Tags: patch
Done: Efraim Flashner <efraim <at> flashner.co.il>
Bug is archived. No further changes may be made.
Full log
Message #22 received at 70179-done <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Fri, Apr 05, 2024 at 10:27:46AM +0900, Lars-Dominik Braun wrote:
> Hi Efraim,
>
> > It turns out that the Python ecosystem bundles a version of nss-certs.
> > This patch series should change it so that it uses the system nss-certs
> > instead.
>
> I would change the comment at the top of core.py so it mentions this is
> a Guix-specific version of certifi.py, so it’s clear the package has
> been altered. You probably don’t need `_CA_CERTS = None`, since the
> try…except clause covers all cases.
>
> Otherwise LGTM.
I left the initial `_CA_CERTS = None` as a sort of initial declaration
of the variable, since I don't really know python that well and I didn't
think it was correct to declare it inside the try…except.
I added the line at the top of core.py saying it was Guix specific and I
also adjusted the commit message for python mentioning the
$SSL_CERT_FILE in the natives-search-paths.
Then I went to build my home-config and I realized what I'd done with
the native-search-paths in python-3.10 and I moved it to the replacement
python so it wouldn't cause a world rebuild.
Patches pushed!
--
Efraim Flashner <efraim <at> flashner.co.il> רנשלפ םירפא
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 1 year and 103 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.