Convert remaining python2 applications over to python3 #101964
Comments
jonringer
added
0.kind: enhancement
Use python3 Sphinx package instead of python2 Sphinx package, to avoid build-time dependency on python 2, as per NixOS#101964
Why are those in this list? Do they have a python2 variant? |
|
not entirely sure. It could be that some library they use, uses python2 to do something like generate docs. So they aren't directly using python2 packages. |
I assume those are mostly cases of Python 3 packages that depend on some non-Python package that in turn depends on some Python 2 package (e.g. The following can help to navigate the dependency trees more efficiently ( $ nix-tree $(nix-instantiate -A python3Packages.aria2p)Should I try to write a script (or does someone already know/have one) to ping the maintainers of the affected packages? |
The root is on the left and then use vim style key bindings or arrow keys. |
|
cachix fixed in 59c53bc |
Use python3 Sphinx package instead of python2 Sphinx package, to avoid build-time dependency on python 2, as per #101964
|
I added some directions on how to locate cryptography in a dependency tree |
|
oh, |
|
I tried packaging |
Asciidoc is severely outdated and is replaced by asciidoctor. Eliminating asciidoc gets rid of a python2 dependency, see NixOS#101964
Main motivation was to port it to Python3 which is due to NixOS#101964. So: - Switch from asciidoc to asciidoc-py3 - Switch from Python 2 to Python 3 - This needs autoreconfHook now - We also need to do some patching in a2x.py - Switch to patchShebangs (more readable) - Only input w3m if we actually build with it
Main motivation was to port it to Python3 which is due to #101964. So: - Switch from asciidoc to asciidoc-py3 - Switch from Python 2 to Python 3 - This needs autoreconfHook now - We also need to do some patching in a2x.py - Switch to patchShebangs (more readable) - Only input w3m if we actually build with it
dotlambda
added
9.needs: clean-up
and removed
3.skill: good-first-bug
|
Next step would be to make |
|
Working on this in #117570. |
|
I marked this as stale due to inactivity. → More info |
stale
bot
added
the
2.status: stale
|
Some updates:
|
stale
bot
removed
the
2.status: stale
stale
bot
added
the
2.status: stale
stale
bot
removed
the
2.status: stale
|
The only application left is NixOps, but there already is |
and others
In #101929 we have many important programs (e.g.
cachix) still using python2 in their builds. This list doesn't constitute python2 applications, but rather packages which have python2Packages.cryptography somewhere in their dependency graph. So these will be affected whenpython2Packages.cryptographydoes get marked as vulnerable.This issue to track the conversion process over to python3, packages still needing to be converted are listed below. This list isn't exhaustive, just those that use the soon-to-be-marked-vulnerable pythonPackages.cryptography:
Finding the dependency
For most dependencies, it should be pretty obvious where python2 comes from, for more "difficult" packages. You may need to do some digging.
nix-tree + nix-instantiate
you can run
nix-shell -p nix-tree --run "nix-tree $(nix-instantiate default.nix -A <package>)to get the entire build dependency tree, then search for the cryptography package, and then you should be able to trace which dependencies are introducing it.nix why-depends
alternatively, you can use
nix why-dependsnix why-depends --all -f default.nix <package> python2Packages.cryptographycan also be used, however, this will require you to re-build the package, which may take more time than parsing the dependency tree aboveThe text was updated successfully, but these errors were encountered: