add no-GIL Python to CI matrix

Question

add no-GIL Python to CI matrix

cfm opened this issue a year ago · 1 comments

Description

As soon as Debian packages a no-GIL Python build, we should add it to our CI matrix, to begin to sniff out places where our concurrency may take the GIL for granted (e.g., #1440).

Hat-tip: @eaon.

How will this impact SecureDrop users?

No user-facing changes.

How would this affect the SecureDrop Workstation threat model?

No threat-model implications.

User Stories

As an upstream change, I like to prey on the unprepared.

Answer 1 · 2023-08-22T15:33:54.000Z

FYI, there's a container image provided by the no-GIL CPython reference implementation that is based on Debian bullseye, so this may already be trivial to do.

As far as I've read, no-GIL Python wouldn't suddenly usurp GIL Python (especially not in Debian I imagine, plus the current builds support enabling it manually with a PYTHONGIL=1 environment variable set) but I do believe that awareness of how concurrency could become an issue in the future is useful for long-term planning in general and next-gen architecture work in particular.