Okay, looks like everything's green with the same number of skips; aside from the allowed failures, which fail in the same way as on other PRs with the previous infrastructure. As a minor, 2-line meta-change to the CI infrastructure, I didn't think this merited a NEWS entry, but I'm happy to add one if desired.

There were Openssl compatibility issues in the past and xenial used to be less stable. I would request waiting for people working closely with buildbots to review this before merging and also backporting since this changes base image of one of primary CI. See also some discussion in https://bugs.python.org/issue34009 .

Thanks @tirkarthi .

There were Openssl compatibility issues in the past

To note, at least according to the issue you linked, these issues were reported with Trusty, whereas the OpenSSL version distributed with Xenial is compatible. Therefore, we could switch back to the distro-provided version, though it makes sense to keep it building its own version to demonstrate how to do so, exercise that functionality and ensure compatibility with the latest OpenSSL.

While were at it, should we also bump the version up to the latest 1.1.1b, which is the current LTS branch (with 1.0.2 EoL in Dec. 2019 and 1.1.0 EoL in a few months, in September)?

xenial used to be less stable

We will indeed want to confirm this with the relevant parties, as this is not a trivial change, but I do note just based on the thread, the one individual who commented about Xenial not working reliably later took it back, saying it only required extra configuration (which is no longer the case). However, there may be other issues of which I'm aware (we ourselves haven't had any since spyder-ide/spyder#8802 , but obviously we're not exactly CPython).

Thanks for the details. I was curious and just used search where the thread came up. I too would be happy to have it clarified along with backporting by someone else for the upgrade.

I searched for related terms as well, but for whatever reason didn't find that particular thread. Thanks for the heads up.

Thanks @CAM-Gerlach for the PR, and @methane for merging it 🌮🎉.. I'm working now to backport this PR to: 2.7, 3.7.
🐍🍒⛏🤖

GH-12404 is a backport of this pull request to the 2.7 branch.

GH-12405 is a backport of this pull request to the 3.7 branch.