Hi Leo,
On Wed, 17 Feb 2021 at 22:43, Leo Famulari <leo@famulari.name> wrote:
Toggle quote (13 lines)
>> OpenSSL 1.0 is no longer supported as free software. As research> continues, new bugs are discovered and there are no fixes available.>> We should remove it soon. Since Qt 4 depends on it, we can remove them> at the same time [0].>> Some packages will probably have to be removed, since they depend on> OpenSSL 1.0 and have not been updated to use more recent versions.>> OpenSSL 1.0 is used in the Rust bootstrap, unfortunately, so we will> have to preserve some package of it, but it will be hidden.
Well, it needs some care I guess.
$ guix refresh -l openssl@1.0Building the following 1930 packages would ensure 2048 dependentpackages are rebuilt
On the other hand, grepping for "openssl-1.0" returns:
16 matches12 files contained matches1522 files searched
File: distributed.scmFile: networking.scmFile: databases.scmFile: rust.scmFile: web-browsers.scmFile: android.scmFile: web.scmFile: crypto.scmFile: messaging.scmFile: ntp.scmFile: crates-io.scmFile: qt.scm
Therefore, a good start seems to try to build all the 16 packagesdepending on openssl@1.0 with openssl@1.1. And mark them with acomment if they fail. But I guess that openssl@1.0 is a strongrequirement for these 16 packages.
For instance, the package psyclpc (gnu packages messaging) could beremoved since it does not build and use openssl@1.0.
Cheers,simon