[Cryptography-dev] Upcoming pyOpenSSL release

[Hynek Schlawack]

Hi,

after a (too) long time, we’re zeroing in to a new pyOpenSSL release.  Currently we’re mostly waiting for cryptography 1.3 to drop and to understand this very scary test failure: https://github.com/pyca/pyopenssl/issues/447

***

At that occasion, I would like to raise a few questions and explanations:

# The version number will now follow CalVer.

It’s known that I don’t like SemVer, however this case is a bit more subtle.  pyOpenSSL is old and mature. Therefore a 0.x version is ludicrous.  However going 1.0 doesn’t make any sense because there will never be a 2.0.  We will keep it alive as long as possible, but there will be no compatibility breaking changes to be expected.  I still believe in cryptography.tls.

# The communities need to coalesce.

This is both an announcement and a question.  I refuse to take care of the #pyopenssl channel and the pyopenssl-users mailing list.  They have to be merged into PyCa.

Now the question is: should I just send everyone to cryptography-dev and #cryptography-dev or are we going forth and finally do a #pyca/#pyca-dev channels and/or mailing lists?

# Domain?

We spoke a few times about it without a real conclusion.  I find having a pyca.io like pypa.io would be neato.

# CoC

The PSF CoC is crap.  Anyone opposed adopting http://contributor-covenant.org which seems to be the general consensus outside “my constitutional rights are violated if I can’t go full Torvalds in code review” circles?

Best,
—h