Changelog:
https://cryptography.io/en/latest/changelog/#v2-6-1
Important changes:
- BACKWARDS INCOMPATIBLE: Removed
cryptography.hazmat.primitives.asymmetric.utils.encode_rfc6979_signature
and
cryptography.hazmat.primitives.asymmetric.utils.decode_rfc6979_signature,
which had been deprecated for nearly 4 years. Use
encode_dss_signature() and decode_dss_signature() instead.
- BACKWARDS INCOMPATIBLE: Removed cryptography.x509.Certificate.serial,
which had been deprecated for nearly 3 years. Use serial_number
instead.
This should make the management easier. The package cryptography_vectors
contains the test vectors for cryptography and should therefore always
have the same version. By linking the version of cryptography_vectors to
cryptography, this simply cannot be forgotten.
All hail Meson!
One serious issue is that building docs does not work.
We patch gobject-introspection to use absolute paths for shared libraries
in GIR files. Building the NetworkManager docs relies on the produced
introspection data but since the library is not yet installed
at the time the docs are generated, the build will fail.
It works in Autotools for some reason; they probably use
the pregenerated GIRs from the tarball.
Disabling the docs completely is not possible at the moment either,
since nmc [depends on them][1].
I have decided to fix this by pointing the installed location to the one
in the build directory using libredirect. Unfortunately, we cannot just set
the environment variables directly, since the build system runs
the documentation generator in a clean environment.
I have also added man, doc and devdoc outputs so the generated files have
somewhere to go.
Secondly, since Nix store is immutable, we also cannot use the package prefix
for configuration and mutable state data. At the same time, we cannot write
to the appropriate global directories during build. Autotools allowed to change
this in installFlags but Meson lacks similar mechanism so we need to patch
the build files.
Finally, I also removed the at_console patch since the permission has been
removed in 0.9.10.
[1]: https://bugzilla.gnome.org/show_bug.cgi?id=796755
It is useful to make these dynamic and not bake them into gcc. This
means we don’t have to rebuild gcc to change these values. Instead, we
will pass cflags to gcc based on platform values. This was already
done hackily for android gcc (which is multi-target), but not for our
own gccs which are single target.
To accomplish this, we need to add a few things:
- add ‘arch’ to cpu
- add NIX_CFLAGS_COMPILE_BEFORE flag (goes before args)
- set -march everywhere
- set mcpu, mfpu, mmode, and mtune based on targetPlatform.gcc flags
cc-wrapper: only set -march when it is in the cpu type
Some architectures don’t have a good mapping of -march. For instance
POWER architecture doesn’t support the -march flag at all!
https://gcc.gnu.org/onlinedocs/gcc/RS_002f6000-and-PowerPC-Options.html#RS_002f6000-and-PowerPC-Options
