Hi Leo, On Wed, 17 Feb 2021 at 22:43, Leo Famulari <l...@famulari.name> wrote: > > OpenSSL 1.0 is no longer supported as free software. As research > continues, new bugs are discovered and there are no fixes available. > > We should remove it soon. Since Qt 4 depends on it, we can remove them > at the same time [0]. > > Some packages will probably have to be removed, since they depend on > OpenSSL 1.0 and have not been updated to use more recent versions. > > OpenSSL 1.0 is used in the Rust bootstrap, unfortunately, so we will > have to preserve some package of it, but it will be hidden.
Well, it needs some care I guess. $ guix refresh -l openssl@1.0 Building the following 1930 packages would ensure 2048 dependent packages are rebuilt On the other hand, grepping for "openssl-1.0" returns: 16 matches 12 files contained matches 1522 files searched File: distributed.scm File: networking.scm File: databases.scm File: rust.scm File: web-browsers.scm File: android.scm File: web.scm File: crypto.scm File: messaging.scm File: ntp.scm File: crates-io.scm File: qt.scm Therefore, a good start seems to try to build all the 16 packages depending on openssl@1.0 with openssl@1.1. And mark them with a comment if they fail. But I guess that openssl@1.0 is a strong requirement for these 16 packages. For instance, the package psyclpc (gnu packages messaging) could be removed since it does not build and use openssl@1.0. Cheers, simon
