search

freedomofpress / securedrop

GitHub repository for the SecureDrop whistleblower platform. Do not submit tips here!
https://securedrop.org/
Other
3.62k stars 688 forks source link

Use packaged maturin to build redwood wheel #6901

Open legoktm opened 1 year ago

legoktm commented 1 year ago

Currently we install maturin from pypi and in #6884 we switch to a homegrown script to build the wheel so we can avoid having to review/audit the maturin dependency.

However, maturin is getting close to being packaged in Debian (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999850) so we hopefully could use that to do the build, and since it comes from Debian we don't need to review it all ourselves. It should be a static build so we could copy it from Debian unstable/testing and run it on focal (hopefully there's no glibc, etc. conflict).

Probably we would want to create a separate component on apt.freedom.press to mirror this build dependency.

legoktm commented 1 year ago

maturin is now in unstable \o/ https://packages.debian.org/unstable/python3-maturin

There are two dependency issues though :/ needs glibc 2.34 (focal has 2.31) and needs python-tomli, and that only shipped in jammy (per https://launchpad.net/ubuntu/+source/python-tomli)