You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We use this crate on one of our projects, once we bumped it to version 0.10.7, we started getting failures for the license checks in cargo-deny, since openblas-build now uses ureq for downloading the openblas source, which brings in a dependency with a MPL-2.0 license to the Cargo.lock file (it has been brought up in ureq repo as well algesten/ureq#478).
ureq does have some feature flags that provide the possibility to use native-tls, the lib doesn't implement the default tls config when using native-tls feature flag (https://github.com/algesten/ureq/blob/main/src/lib.rs#L377-L397), but it allows to setup an agent explicitly by providing the tls config (as it is done in this test https://github.com/algesten/ureq/blob/main/src/lib.rs#L583-L595).
There was a proposal for adding feature flag in ureq that includes rustls with the native-certs flag so that the default agent can work with the native-certs (algesten/ureq#482), but it was rejected, so currently it is not possible to just tweak the feature flags on ureq and exclude the unwanted sub-dependencies.
The idea of this PR is to add feature flags to openblas-src and openblas-build that allows users to choose which tls config they want to use. This PR introduces 2 feature flags (tls which includes the default tls that ureq uses, and native-certs which uses native-tls and native-certs feature flags in ureq).
The default flags are set to use the tls feature flag, but worth to note is that this would probably be a breaking change when the default features are disabled and neither of these flags are enabled.
Any thoughts on this?
I look forward to you feedback!
Using native-certs crate looks better for keeping dependencies list simple.
The default flags are set to use the tls feature flag, but worth to note is that this would probably be a breaking change when the default features are disabled and neither of these flags are enabled.
To avoid this issue, we should use only native-certs case without introducing the feature flag.
Using native-certs crate looks better for keeping dependencies list simple.
The default flags are set to use the tls feature flag, but worth to note is that this would probably be a breaking change when the default features are disabled and neither of these flags are enabled.
To avoid this issue, we should use only native-certs case without introducing the feature flag.
Thanks for the feedback 🙌
I've removed the introduced feature flags and updated the PR to use native-certs by default as you suggested.
lazareviczoran
changed the title
Add feature flags to enable native-tls usage of ureq
Use native-tls/native-certs features of ureq crate
Jan 10, 2023
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
lazareviczoran
changed the title
Hello!
We use this crate on one of our projects, once we bumped it to version 0.10.7, we started getting failures for the license checks in cargo-deny, since openblas-build now uses
ureqfor downloading the openblas source, which brings in a dependency with a MPL-2.0 license to the Cargo.lock file (it has been brought up in ureq repo as well algesten/ureq#478).ureqdoes have some feature flags that provide the possibility to use native-tls, the lib doesn't implement the default tls config when usingnative-tlsfeature flag (https://github.com/algesten/ureq/blob/main/src/lib.rs#L377-L397), but it allows to setup an agent explicitly by providing the tls config (as it is done in this test https://github.com/algesten/ureq/blob/main/src/lib.rs#L583-L595).There was a proposal for adding feature flag in
ureqthat includesrustlswith thenative-certsflag so that the default agent can work with thenative-certs(algesten/ureq#482), but it was rejected, so currently it is not possible to just tweak the feature flags onureqand exclude the unwanted sub-dependencies.The idea of this PR is to add feature flags to
openblas-srcandopenblas-buildthat allows users to choose which tls config they want to use. This PR introduces 2 feature flags (tlswhich includes the default tls thaturequses, andnative-certswhich usesnative-tlsandnative-certsfeature flags inureq).The default flags are set to use the
tlsfeature flag, but worth to note is that this would probably be a breaking change when the default features are disabled and neither of these flags are enabled.Any thoughts on this?
I look forward to you feedback!