Message ID | cover.1712210069.git.efraim@flashner.co.il |
---|---|
Headers | show |
Series | Use system nss-certs in Python. | expand |
Hi Efraim, > It turns out that the Python ecosystem bundles a version of nss-certs. > This patch series should change it so that it uses the system nss-certs > instead. I would change the comment at the top of core.py so it mentions this is a Guix-specific version of certifi.py, so it’s clear the package has been altered. You probably don’t need `_CA_CERTS = None`, since the try…except clause covers all cases. Otherwise LGTM. Lars
On Fri, Apr 05, 2024 at 10:27:46AM +0900, Lars-Dominik Braun wrote: > Hi Efraim, > > > It turns out that the Python ecosystem bundles a version of nss-certs. > > This patch series should change it so that it uses the system nss-certs > > instead. > > I would change the comment at the top of core.py so it mentions this is > a Guix-specific version of certifi.py, so it’s clear the package has > been altered. You probably don’t need `_CA_CERTS = None`, since the > try…except clause covers all cases. > > Otherwise LGTM. I left the initial `_CA_CERTS = None` as a sort of initial declaration of the variable, since I don't really know python that well and I didn't think it was correct to declare it inside the try…except. I added the line at the top of core.py saying it was Guix specific and I also adjusted the commit message for python mentioning the $SSL_CERT_FILE in the natives-search-paths. Then I went to build my home-config and I realized what I'd done with the native-search-paths in python-3.10 and I moved it to the replacement python so it wouldn't cause a world rebuild. Patches pushed!
On Sun, Apr 07, 2024 at 03:06:29PM +0300, Efraim Flashner wrote:
> Patches pushed!
Thanks so much Efraim!