Sigh. Thanks for the issue report, gdt.
Here's what I know so far: 1. The Tahoe-LAFS build system (which is based on setuptools) will download and execute any package which pypi.python.org says is the "foo" package, if any part of Tahoe-LAFS transitively depends on a package named "foo". To change it so that it *doesn't* automatically download packages over the Net is ticket #1220. 2. pyOpenSSL just updated from 0.13 to 0.14, and newly depends on a new project named cryptography.io: https://cryptography.io . To deal with this is ticket #2193. My current plan for #2193 is to pin Tahoe-LAFS's dependency on pyOpenSSL ¹ to pyOpenSSL == 0.13. I have a question for you: how did "cryptography" and "six" get into the dependencies that setuptools is trying to satisfy (in your transcript above)? I would guess that "cryptography" got in there because of "pyOpenSSL", and that "six" got in there because of "cryptography", but why didn't your build use the pyOpenSSL package that was already installed!? I have a suggestion for you: go ahead and patch Tahoe-LAFS's src/allmydata/_auto_deps.py to specify "pyOpenSSL == 0.13" instead of just "pyOpenSSL" if it helps. Please let us know what you learn. See also relevant tickets #1582, #2055, and #2077. Regards, Zooko ¹ https://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/src/allmydata/_auto_deps.py?annotate=blame&rev=7bb07fb5e28756fa13ba5190e6c39003c84d3e1e#L41 https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1220# build/install should be able to refrain from getting dependencies https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1582# setuptools delenda est https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2055# Building tahoe safely is non-trivial https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2077# pip packaging plan https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2193# pyOpenSSL 0.14 pulls in a bunch of new dependencies _______________________________________________ tahoe-dev mailing list tahoe-dev@tahoe-lafs.org https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
