cachepot icon indicating copy to clipboard operation
cachepot copied to clipboard
verified publisher icon paritytech

Prune openssl

Open Xanewok opened this issue 4 years ago • 3 comments

There was an attempt to remove openssl in favour of pure Rust implementation at https://github.com/paritytech/sccache/pull/67, however we still include it via rouille > tiny_http implementation. We track moving off rouille at https://github.com/paritytech/sccache/issues/39.

The benefit, as I understand it, is to make the build and distribution easier or more portable, however we do build and ship the binary by using the openssl/vendored feature already in Actions and GitLab, so I'm not sure how critical this issue is.

@drahnr @TriplEight is it something that we want to resolve in the nearest future?

Xanewok avatar Jul 11 '21 12:07 Xanewok

I agree that this not an immediate priority, #67 will resolve this incidentally.

Generally I consider it an advantage to avoid openssl entirely, mostly due to the fact of requiring a C++ compiler and the general topic of reproducibility. It's a nice to have, eventually.

drahnr avatar Jul 13 '21 19:07 drahnr

I'm in favour of that, I will free us from having openssl as a dependency in many places. But we already wait for so long, definitely not a prio right now.

TriplEight avatar Jul 14 '21 15:07 TriplEight

As I understand, after merging #131 we're still blocked upstream by https://github.com/briansmith/webpki/issues/54 (we can't use rustls without IP support); is that correct @montekki?

Xanewok avatar Feb 05 '22 00:02 Xanewok