Remove cryptography (depends on #5952)

[srittau]

cryptography added py.typed in release 3.4.4, released 2021-02-09.

[hauntsaninja]

One fun and different thing about types-cryptography is that other typeshed packages depend on it: paramiko, PyJWT, openssl-python.

So we will need to ensure stub packages can depend on non-typeshed-stub-packages.

[hauntsaninja]

Just in case, does anyone feel strongly against allowing stub packages from depending on real PEP 561 packages? cc @JukkaL

[srittau]

What do you mean by "real" PEP 561 packages?

[Akuli]

Perhaps packages that contain .py files and a py.typed file.

[hauntsaninja]

Yup, I started with "real packages", clarified to "PEP 561 packages", but missed editing out the "real". Basically packages that can be arbitrarily big, do complicated setup.py things, be system dependent, yada yada

[srittau]

Not speaking about stubs packages in general, but I think it's reasonable if typeshed packages depend on dependencies of the corresponding upstream package. I.e. if package foo depends on cryptography, it's fine that our foo-types depends on cryptography as well, since it doesn't introduce "new" dependencies. Apart from that we should vet dependencies carefully.

[JukkaL]

I agree with @srittau.

I think that it would be sufficient to maintain an allowlist of vetted dependencies. I'd expect that the number of such dependencies will be fairly small, so it shouldn't be much effort to maintain.

[srittau]

Blocked by #5952.

[Akuli]

What is the current status of this? Can we now make other packages depend on cryptography?