You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Depending on Python and OpenSSL for a Rust project that aims to replace the OpenSSL dependency looks kind of embarrassing. By moving to a Rust build script, not only would it be faster, but you'd be able to use existing libraries directly rather than delegating to OpenSSL.
There are two ways to do this:
Use a regular build.rs. This requires that each consumer download the list of certificates and generate the list of roots themselves, which means any certificate could poof out from under people without any crate version change. That is probably undesirable.
Use external Rust code to update the lib.rs, as the Python script currently does, before publish. The code would have to be executed via another crate or via cargo-script.
In either case, you'd be eliminating the dependency on competing crypto libraries (which OpenSSL is), and eliminating the dependency on a completely unrelated, external programming language (Python). Modern Linux systems do not even have Python installed by default, so it's one more step for users looking to contribute to this project. Additionally, as a small bonus, the build script would work on Windows. It is a small bonus given Windows' unsuitability to low-level applications, as any serious developer will be using WSL anyway, but even if only for drive-by contributions, it is a small victory.
The text was updated successfully, but these errors were encountered:
Depending on Python and OpenSSL for a Rust project that aims to replace the OpenSSL dependency looks kind of embarrassing. By moving to a Rust build script, not only would it be faster, but you'd be able to use existing libraries directly rather than delegating to OpenSSL.
There are two ways to do this:
build.rs
. This requires that each consumer download the list of certificates and generate the list of roots themselves, which means any certificate could poof out from under people without any crate version change. That is probably undesirable.cargo-script
.In either case, you'd be eliminating the dependency on competing crypto libraries (which OpenSSL is), and eliminating the dependency on a completely unrelated, external programming language (Python). Modern Linux systems do not even have Python installed by default, so it's one more step for users looking to contribute to this project. Additionally, as a small bonus, the build script would work on Windows. It is a small bonus given Windows' unsuitability to low-level applications, as any serious developer will be using WSL anyway, but even if only for drive-by contributions, it is a small victory.
The text was updated successfully, but these errors were encountered: