Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MSRV in the future #7172

Open
reaperhulk opened this issue May 2, 2022 · 0 comments
Open

MSRV in the future #7172

reaperhulk opened this issue May 2, 2022 · 0 comments

Comments

@reaperhulk
Copy link

@reaperhulk reaperhulk commented May 2, 2022

When we added Rust to cryptography we originally required a rustc of >=1.45. Through initial feedback we dropped this MSRV to 1.41 to ease the transition. Time, however, marches ever onward. We will need to update it in the future (and in version 38.0 we've announced an increase in MSRV to 1.48). How conservative should we be moving forward?

Some data: Wheels vs sdists

A very large percentage of our users obtain a wheel. Here is the last 30 days of downloads:
Screen Shot 2022-05-01 at 20 58 40
Within just the Rust-required versions (35+):
Screen Shot 2022-05-01 at 20 56 00

Due to the sheer volume of downloads even a less than 2% sdist rate results in nearly 2 million sdist downloads. It is that <2% (along with distribution packagers) who are potentially affected by choices around our MSRV.

Advantages of conservatism

Users who do not receive a wheel need to install a compatible rustc. With newer version requirements the odds of needing to use rustup rather than the system package manager increase. Ubuntu backports newer rustc, but most other distributions do not. Additionally, users who do compile (and do not use CI systems where newer rust is automatically installed and upgraded over time) will occasionally have their systems break due to an MSRV increase.

Advantages to aggressive upgrades

Some potential features and performance optimizations are gated behind newer rustc versions. For example, support for SSH certificate parsing could be added via ssh-key, except the MSRV is 1.57. Similarly, we've had multiple PRs to our own asn1 crate blocked by MSRV concerns:

I am tentatively in favor of being significantly more aggressive in our MSRV, but Alex and I are both interested in hearing from the community.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

1 participant