-
-
Notifications
You must be signed in to change notification settings - Fork 12.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove OpenSSL 1.0 #46876
Remove OpenSSL 1.0 #46876
Conversation
Question for fellow @Homebrew/core maintainers: do we wait to remove it at the last minute (on 2019-12-31)? I say let's do it now, to avoid accidental reuse (like we recently merged 3 new formulas with |
@BrewTestBot test this please |
As a FYI: the latest Debian (experimental) patch is https://sources.debian.org/data/main/v/virtuoso-opensource/7.2.5.1+dfsg-2/debian/patches/ssl1.1.patch |
@Bo98 I'm happy with a Debian patch if it applies cleanly. Could you open a PR? |
@Bo98 and can you ensure the Debian patch was submitted upstream and add a comment to the upstream submission? Thanks ❤️ |
@fxcoudert I'll test it out shortly. @MikeMcQuaid Debian say they forwarded it via openlink/virtuoso-opensource#583, but that's not strictly true since there's small differences. I will look and see what those differences are and mention it in a comment upstream. |
I have left a review upstream noting the differences. See the linked pull request above for that. I've applied the patches to Homebrew and opened a pull request at #46885. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 💯
Interesting pgloader test issue spotted:
|
Perfect, thanks! |
@fxcoudert Initially in the CI in the PostgreSQL 12.1 pull request, but I’ve reproduced it locally as well (without any changes). |
Fix here: #46909. |
One possibility to throw on the table, if developers still potentially needing this is a concern, is to move it to |
🍾 Time to |
I get something like this:
Interestingly,
Is there a reason I get the warning? |
Yes, you aren't alone: https://discourse.brew.sh/t/installed-formulae-depend-on-openssl-diverging-from-spec-dependency-on-openssl-1-1/6294/2
@MikeMcQuaid Any thoughts on this issue? |
Yes, those applications are linked against |
In short: dependencies declared in a formula may not match those after installation (which are based on the actual linkage which may vary depending on the build system of the application and annoying opportunistic linkage). |
Instead of |
Hello, I've got a need for |
@dgholz We're definitely not shipping unmaintained software (https://docs.brew.sh/Acceptable-Formulae), especially one that known for its security risks. But due to the modular nature of Homebrew, it's very easy to maintain a formula in your own tap: https://docs.brew.sh/How-to-Create-and-Maintain-a-Tap (and you can even provide bottles for it!) |
@dgholz |
Thanks, running |
The supported way to still use OpenSSL 1.0 is to use |
OpenSSL 1.0 will reach EOL on 2019-12-31
virtuoso
is the last remaining one, it's not in a good shape, and has medium-low install count (17 installs per month) virtuoso-opensource: build against openssl 1.1.0 openlink/virtuoso-opensource#583 (comment)Will only test this PR once #46875 is merged