OpenSSL 3.0 transition plans
Robie Basak
robie.basak at ubuntu.com
Mon Oct 11 10:39:00 UTC 2021
Hi Simon,
Thank you for working on this!
On Sat, Oct 02, 2021 at 02:01:10AM -0700, Simon Chopin wrote:
> As stated, the transition should only take place if main is ready for
> it. As far as universe is concerned, in an ideal world all the 180
> packages above would be fixed in time for the release. However, if not
> so, we'll either remove the package from the release or, if *really*
> necessary, would introduce a compatibility openssl-1.1 package. The
> latter option is of course highly undesirable.
I think it's worth noting what happened with nodejs in Bionic:
https://bugs.launchpad.net/ubuntu/+source/nodejs/+bug/1779863
https://bugs.launchpad.net/ubuntu/+source/nodejs/+bug/1794589
Summary: nodejs incorporated the version of openssl it gets built with
into its ABI, causing incompatibility between binary modules built in
different places if they mismatch, contrary to ecosystem expectations.
Upstream therefore considers[1] the openssl version that must be used
"locked" for a particular nodejs version. But if we use the version
upstream wants, and that differs from our "default" version, then the
resulting co-installability conflict between the two -dev packages
results in users complaining about that instead.
It might be worth someone looking into this early in order to try to
avoid or mitigate a recurrence of this kind of issue.
HTH!
Robie
[1] I don't know if this is still the case.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20211011/1ed8a8f2/attachment.sig>
More information about the ubuntu-devel
mailing list