Skip to content

Initial abi3t support#15063

Merged
alex merged 17 commits into
pyca:mainfrom
ngoldbaum:abi3t
Jul 6, 2026
Merged

Initial abi3t support#15063
alex merged 17 commits into
pyca:mainfrom
ngoldbaum:abi3t

Conversation

@ngoldbaum

@ngoldbaum ngoldbaum commented Jun 18, 2026

Copy link
Copy Markdown
Contributor

Build abi3t wheels on python 3.15 and newer.

Comment thread src/rust/cryptography-cffi/build.rs Outdated
Comment thread src/rust/cryptography-cffi/build.rs Outdated
Comment thread src/rust/cryptography-cffi/build.rs Outdated
@alex

alex commented Jun 18, 2026

Copy link
Copy Markdown
Member

Thanks for working on this!

Comment thread src/rust/cryptography-cffi/build.rs Outdated
Comment thread pyproject.toml Outdated
@ngoldbaum

Copy link
Copy Markdown
Contributor Author

OK great, it looks like the only failing CI jobs use a Rust compiler that's too old to build Maturin. There are two Windows jobs that timed out but I'm not worried about that because building Maturin on Windows is very slow.

I opened PyO3/maturin#3233 to fix the bug in Maturin.

I'll try to work on getting the CFFI and Maturin PRs that I'm depending on here merged.

@alex

alex commented Jun 18, 2026

Copy link
Copy Markdown
Member

In practice those iwll be solved by a maturin release with wheels

messense pushed a commit to PyO3/maturin that referenced this pull request Jun 19, 2026
The `&& !force_target_abi` was [introduced incorrectly by
me](https://github.com/PyO3/maturin/blame/main/src/compile.rs#L898) in
#3226 and hasn't yet shown up in a release. I hit this testing abi3t
builds for cryptography with from-source builds of maturin:
pyca/cryptography#15063.

To better help Maturin's CI catch issues that are load-bearing for the
cryptography project, I also added a test crate that uses CFFI like
cryptography does: cooperatively with PyO3 and using PYO3_PYTHON to
shell out and run a CFFI script.

I manually verified that the new integration test fails on maturin's
current `main` branch.
@ngoldbaum

Copy link
Copy Markdown
Contributor Author

Maturin cut a 1.14.1 release so now all that's needed is CFFI.

@ngoldbaum

Copy link
Copy Markdown
Contributor Author

Looks like unconditionally requiring Maturin 1.14.1 or newer works in CI 🥳

I can probably upstream part of this while we wait for CFFI to do a release but for now I think I'll just wait for that before finishing this up.

@alex

alex commented Jun 19, 2026

Copy link
Copy Markdown
Member

The src/rust/cryptography-cffi/build.rs bits look like they could be split out if you wanted.

@ngoldbaum ngoldbaum marked this pull request as ready for review July 6, 2026 22:36
@ngoldbaum

Copy link
Copy Markdown
Contributor Author

@alex I think this is ready now.

@reaperhulk

Copy link
Copy Markdown
Member

This is now a very small PR 😄 What's the next step after merging this?

@alex alex left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need to update version bounds on cffi or anything?

@ngoldbaum

Copy link
Copy Markdown
Contributor Author

Do we need to update version bounds on cffi or anything?

I don't think so. The first CFFI release with Python 3.15 support is CFFI 2.1, which is >= 2.0. 2.0 is fine for older Python versions.

What's the next step after merging this?

Probably worth doing a dry-run of the release automation to verify that you do actually get three wheels per platform out to upload to PyPI. Other than that, I think just a release advertising Python 3.15 support.

@alex

alex commented Jul 6, 2026

Copy link
Copy Markdown
Member

Do we need >=2.1; python_version >= '3.15'?

@ngoldbaum

Copy link
Copy Markdown
Contributor Author

Do we need >=2.1; python_version >= '3.15'?

Sure, let's add that just in case someone does something weird.

Comment thread pyproject.toml Outdated

# Must be kept in sync with `project.dependencies`
"cffi>=2.0.0; platform_python_implementation != 'PyPy'",
"cffi>=2.1; python_version >= '3.15'",

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ugh, do we need the and platform_python_implementation != 'PyPy' just in case?

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm pretty sure we're safe given the status of Python 3.12 support in PyPy, but let's add it just to cover our bases I guess...

https://github.com/orgs/pypy/discussions/5145

@alex

alex commented Jul 6, 2026

Copy link
Copy Markdown
Member

better safe than sorry 🙃

@alex alex merged commit 7547200 into pyca:main Jul 6, 2026
116 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Development

Successfully merging this pull request may close these issues.

3 participants