)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":28223,"name":"Cedric Jeanneret","display_name":"cjeanner (Tengu)","email":"cjeanner@redhat.com","username":"cjeanner"},"change_message_id":"a92c629cada773a0ffbc5d21cd2891a43067561d","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"ebfc293c_2b663f56","updated":"2022-11-24 16:19:35.000000000","message":"Hello there,\n\nWould it be possible to do this bump for stable/zed? I know it\u0027s usually not really accepted, but since this release runs on cs9, it would be good to get a correct version of the mentioned libraries.\n\nThank you for your feedback!","commit_id":"8076ce92b829866dc96028db62947bbe3e0014d5"},{"author":{"_account_id":12898,"name":"Tony Breeds","email":"tony@bakeyournoodle.com","username":"tonyb"},"change_message_id":"c1447edc676b52e22e1cae5bc07586ed91c818c2","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"6e7f352c_4f04a66d","updated":"2023-11-09 17:17:07.000000000","message":"I\u0027m still -1 on this.  It\u0027s possible the zed is now untestable on CS9 which is rough.\n\nFor reference:\n\n[tony@thor requirements]$ for b in master stable/{2023.2,2023.1,zed} ; do git grep -Ei \u0027^(pyopenssl|crypto)\u0027 origin/${b} -- upper-constraints.txt ; done\norigin/master:upper-constraints.txt:105:pyOpenSSL\u003d\u003d\u003d23.2.0\norigin/master:upper-constraints.txt:191:cryptography\u003d\u003d\u003d41.0.4\norigin/stable/2023.2:upper-constraints.txt:105:pyOpenSSL\u003d\u003d\u003d23.1.1\norigin/stable/2023.2:upper-constraints.txt:190:cryptography\u003d\u003d\u003d40.0.2\norigin/stable/2023.1:upper-constraints.txt:104:pyOpenSSL\u003d\u003d\u003d22.1.0\norigin/stable/2023.1:upper-constraints.txt:186:cryptography\u003d\u003d\u003d38.0.2\norigin/stable/zed:upper-constraints.txt:104:pyOpenSSL\u003d\u003d\u003d22.0.0\norigin/stable/zed:upper-constraints.txt:185:cryptography\u003d\u003d\u003d36.0.2\n[tony@thor requirements]$","commit_id":"8076ce92b829866dc96028db62947bbe3e0014d5"},{"author":{"_account_id":24072,"name":"Marcin Juszkiewicz","email":"mjuszkiewicz@redhat.com","username":"hrw"},"change_message_id":"d289574cc6cbd6a0b69dcc8e9b8e7b5037cc7074","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"7265cc94_87a6046f","updated":"2023-03-20 16:32:43.000000000","message":"Maybe it should be bumped to 38.0.3 or 39?\n\nINFO:kolla.common.utils.openstack-base:WARNING: The candidate selected for download or install is a yanked version: \u0027cryptography\u0027 candidate (version 38.0.2 at https://files.pythonhosted.or\ng/packages/98/89/98df97a1b7c14bebe75dc64d88d3c997dae8370cc75e00fc0c5e3fdb6300/cryptography-38.0.2-cp36-abi3-manylinux_2_28_aarch64.whl (from https://pypi.org/simple/cryptography/) (requires\n-python:\u003e\u003d3.6))                                                                                                                                                                              INFO:kolla.common.utils.openstack-base:Reason for being yanked: Regression in OpenSSL.","commit_id":"8076ce92b829866dc96028db62947bbe3e0014d5"},{"author":{"_account_id":12898,"name":"Tony Breeds","email":"tony@bakeyournoodle.com","username":"tonyb"},"change_message_id":"3e28bd7d60727d0f327a1040e0a6237992bcbf25","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"5c4c50ca_aae1697c","updated":"2023-03-21 01:01:38.000000000","message":"This is a tricky one.  We do need to check the deltas on the bumped versions.  The fact that we needed a barbican fix implies to be that we\u0027re in a dangerous.\n\nPart of the challenge here is the constraits file is largely to stabalise testing in the gate even more so on stable branches, NOT about saying this is the version of $x that *has* to be used.  We expect distros to ship secure versions.\n\nI also understand that this is largely at odds with perception and use.\n\nSo:\n\nI\u0027m -1 because it doesn\u0027t fix or stabalise the gate\nI\u0027m -1 because it clearly alters APIs which has a potential do destabalise the gate\nI\u0027m +0 Beacuse I don\u0027t understand the conversation WRT rust runtimes and crypography\n\nI need to look ate the change logs for the impacted libraries","commit_id":"8076ce92b829866dc96028db62947bbe3e0014d5"},{"author":{"_account_id":12898,"name":"Tony Breeds","email":"tony@bakeyournoodle.com","username":"tonyb"},"change_message_id":"35880644ed0b77eda86191fe3094f1b7a2c88829","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"10717dd5_d797a606","in_reply_to":"5d041c06_70a92c23","updated":"2023-03-21 17:41:27.000000000","message":"Like I said that\u0027s possible as follow-on changes after release etc. There are larger issues to consider as part of this change","commit_id":"8076ce92b829866dc96028db62947bbe3e0014d5"},{"author":{"_account_id":12898,"name":"Tony Breeds","email":"tony@bakeyournoodle.com","username":"tonyb"},"change_message_id":"3e28bd7d60727d0f327a1040e0a6237992bcbf25","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"7ebf7b12_978cb27d","in_reply_to":"7265cc94_87a6046f","updated":"2023-03-21 01:01:38.000000000","message":"We can\u0027t do that as then zed would have newer versions that master or antelope/2023.1.  At some stage in the future we could look at doing the update you request but certainly not here\n\n\n[tony@thor requirements]$ for b in master stable/{2023.1,zed} ; do git grep -Ei \u0027^(pyopenssl|crypto)\u0027 origin/${b} -- upper-constraints.txt ; done\norigin/master:upper-constraints.txt:104:pyOpenSSL\u003d\u003d\u003d22.1.0\norigin/master:upper-constraints.txt:186:cryptography\u003d\u003d\u003d38.0.2\norigin/stable/2023.1:upper-constraints.txt:104:pyOpenSSL\u003d\u003d\u003d22.1.0\norigin/stable/2023.1:upper-constraints.txt:186:cryptography\u003d\u003d\u003d38.0.2\norigin/stable/zed:upper-constraints.txt:104:pyOpenSSL\u003d\u003d\u003d22.0.0\norigin/stable/zed:upper-constraints.txt:185:cryptography\u003d\u003d\u003d36.0.2","commit_id":"8076ce92b829866dc96028db62947bbe3e0014d5"},{"author":{"_account_id":24072,"name":"Marcin Juszkiewicz","email":"mjuszkiewicz@redhat.com","username":"hrw"},"change_message_id":"ae3dba05dc5d71a91e77adff5dff963bd79f28ae","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"5d041c06_70a92c23","in_reply_to":"7ebf7b12_978cb27d","updated":"2023-03-21 10:36:40.000000000","message":"master to 39+, antelope/zed to 38.0.3 then?","commit_id":"8076ce92b829866dc96028db62947bbe3e0014d5"}]}