もっと詳しく

Ariadne Conill looks
at the difficulties caused by the OpenSSL 3 transition
in the
context of Alpine Linux.

For distributions, however, the story is different:
cryptography moved to using Rust, because they wanted to
leverage all of the static analysis capabilities built into the
language. This, too, is a reasonable decision, from a development
perspective. From the ecosystem perspective, however, it is
problematic, as the Rust ecosystem is still rapidly evolving, and
so we cannot support a single branch of the Rust compiler for an
entire 2 year lifecycle, which means it exists in community. Our
solution, historically, has been to hold cryptography at
the latest version that did not require Rust to build. However,
that version is not compatible with OpenSSL 3, and so it will
eventually need to be upgraded to a new version which is. And so,
since cryptography has to move to community, so does
paramiko and Ansible.