[Pkg-rust-maintainers] Bug#1038381: src:rust-sequoia-net: fails to migrate to testing for too long: Build-Depends not available

Mon Jul 3 18:46:15 BST 2023

> Your package src:rust-sequoia-net has been trying to 
> migrate for 94 days [2] (yes, partially due to the freeze). 

This package was uploaded to unstable by mistake, it should
have been uploaded to experimental. Since it wasn't built
on any architectures I decided the least disruptive thing
to do during the freeze was to leave it alone.

Anyway, the freeze is over and sequoia-openpgp is updated,
however there are still a couple of issues with this package.

The first is that it depends on an old version of
rust-base64, that one is trivially dealt with and indeed
has already been fixed in experimental.

The second however is it has a dependency on
rust-trust-dns-client, this dependency is "optional" but
"enabled by default".

rust-trust-dns-client is currently only available on
five out of 9 release architectures. This is due to
dependencies on rust-rustls and rust-ring which are
optional (and not enabled by default) at the cargo
level but effectively mandatory with the current debian
packaging.

rust-rustls is architecture limited because of a
dependency on rust-ring. The current version of rust-ring
is architecture limited because it relies on assembler
code for major parts of it's functionality.

There has been some work upstream on making rust-ring
more portable, but given the nature of the code, I would
be reluctant to try and take it as a patch in Debian
before it is included in an upstream release.

So that IMO leaves the following options to move forward
with this in the absense of a new upstream version of
ring that is portable to all release architectures.

1. Simply patch out the feature in rust-sequoia-net, the
    reason I don't like this is because it's an enabled
    by default feature, downstream patches may suffer
    build failures with no obvious cause.
2. Implement https://salsa.debian.org/rust-team/debcargo/-/issues/49
    and use it in the trust-dns packages, I did start
    doing some thinking about how I would implement it
    but I failed to find time when I was in the right
    frame of mind to do anything about it.
3. Manually patch the trust-dns packages to only expose
    the rustls/ring features on the architectures where
    they are supported, similar to what is currently done
    for the reqwest package.
4. Drop the rustls/ring support in the trust-dns
    packages completely.
5. Drop sequoia-net and it's reverse dependencies on
    architectures that do not support ring.