From unknown Mon Jun 23 07:48:20 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#36841 <36841@debbugs.gnu.org> To: bug#36841 <36841@debbugs.gnu.org> Subject: Status: [PATCH] build/cargo-build-system: Patch cargo checksums. Reply-To: bug#36841 <36841@debbugs.gnu.org> Date: Mon, 23 Jun 2025 14:48:20 +0000 retitle 36841 [PATCH] build/cargo-build-system: Patch cargo checksums. reassign 36841 guix-patches submitter 36841 Efraim Flashner severity 36841 normal tag 36841 patch thanks From debbugs-submit-bounces@debbugs.gnu.org Mon Jul 29 15:04:40 2019 Received: (at submit) by debbugs.gnu.org; 29 Jul 2019 19:04:40 +0000 Received: from localhost ([127.0.0.1]:49144 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsAwp-0000DT-S0 for submit@debbugs.gnu.org; Mon, 29 Jul 2019 15:04:40 -0400 Received: from lists.gnu.org ([209.51.188.17]:44018) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsAwo-0000DM-AP for submit@debbugs.gnu.org; Mon, 29 Jul 2019 15:04:38 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:60495) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hsAwn-0001OI-8m for guix-patches@gnu.org; Mon, 29 Jul 2019 15:04:38 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,URIBL_BLOCKED autolearn=disabled version=3.3.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hsAwl-0003aY-DG for guix-patches@gnu.org; Mon, 29 Jul 2019 15:04:37 -0400 Received: from flashner.co.il ([178.62.234.194]:53098) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hsAwj-0003ZW-EN for guix-patches@gnu.org; Mon, 29 Jul 2019 15:04:34 -0400 Received: from localhost (unknown [31.210.177.218]) by flashner.co.il (Postfix) with ESMTPSA id 782DC4003A; Mon, 29 Jul 2019 19:04:28 +0000 (UTC) From: Efraim Flashner To: guix-patches@gnu.org Subject: [PATCH] build/cargo-build-system: Patch cargo checksums. Date: Mon, 29 Jul 2019 22:04:22 +0300 Message-Id: <20190729190422.6834-1-efraim@flashner.co.il> X-Mailer: git-send-email 2.22.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 178.62.234.194 X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit Cc: Efraim Flashner X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) * guix/build/cargo-build-system.scm (patch-cargo-checksums): New phase. (%standard-phases): Add 'patch-cargo-checksums after 'patch-generated-file-shebangs. --- guix/build/cargo-build-system.scm | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/guix/build/cargo-build-system.scm b/guix/build/cargo-build-s= ystem.scm index f38de16cf7..8e1ee62f65 100644 --- a/guix/build/cargo-build-system.scm +++ b/guix/build/cargo-build-system.scm @@ -2,6 +2,7 @@ ;;; Copyright =C2=A9 2016 David Craven ;;; Copyright =C2=A9 2017 Mathieu Othacehe ;;; Copyright =C2=A9 2019 Ivan Petkov +;;; Copyright =C2=A9 2019 Efraim Flashner ;;; ;;; This file is part of GNU Guix. ;;; @@ -121,6 +122,23 @@ directory =3D '" port) (setenv "CC" (string-append (assoc-ref inputs "gcc") "/bin/gcc")) #t) =20 +;; After patching the 'patch-generated-file-shebangs phase any vendored = crates +;; will have a mismatch on their checksum. +(define* (patch-cargo-checksums #:key + (vendor-dir "guix-vendor") + #:allow-other-keys) + "Patch the checksums of the vendored crates after patching their sheba= ngs." + (for-each + (lambda (filename) + (delete-file filename) + (let* ((dir (dirname filename))) + (display (string-append + "patch-cargo-checksums: generate-checksums for " + dir "\n")) + (generate-checksums dir))) + (find-files "guix-vendor" ".cargo-checksum.json")) + #t) + (define* (build #:key skip-build? (cargo-build-flags '("--release")) @@ -162,7 +180,8 @@ directory =3D '" port) (replace 'configure configure) (replace 'build build) (replace 'check check) - (replace 'install install))) + (replace 'install install) + (add-after 'patch-generated-file-shebangs 'patch-cargo-checksums pat= ch-cargo-checksums))) =20 (define* (cargo-build #:key inputs (phases %standard-phases) #:allow-other-keys #:rest args) --=20 2.22.0 From debbugs-submit-bounces@debbugs.gnu.org Mon Jul 29 21:44:42 2019 Received: (at 36841) by debbugs.gnu.org; 30 Jul 2019 01:44:42 +0000 Received: from localhost ([127.0.0.1]:49374 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsHBy-0002zG-Fa for submit@debbugs.gnu.org; Mon, 29 Jul 2019 21:44:42 -0400 Received: from mail-pf1-f193.google.com ([209.85.210.193]:37978) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsHBv-0002z1-Oy for 36841@debbugs.gnu.org; Mon, 29 Jul 2019 21:44:40 -0400 Received: by mail-pf1-f193.google.com with SMTP id y15so28945677pfn.5 for <36841@debbugs.gnu.org>; Mon, 29 Jul 2019 18:44:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=54LhiN5GxdG1vcMEVR+AMwBa9SXCH+ycGIGBXbrTd9Y=; b=g235aSqIFJtKSnuU3SP3ddHK0P8uem0Ve4gLJisq6UE82YYcHxczbQRY7VKsR336sB it3bd7AY3a/M5X+VFqN2XFmAnMfzUftUBzfv9+ADbZfcZKKAHn2XyyeJRbIP3VJA9/f7 l8IEcUH7ZIkOMfq6lboLORJQWpgvUH3TvH4s9OA564SI0sYcFAXHdKYhlp7FW7orQkGy dMUHTaP9/YqZ8LjzC74ZahS+mt/kBCVq71jlb6eJci3uztVr9ZcRXDXtuQV8DgJXaiAc imjPeWqTiYMa3mzWokPuSdbSSVGX5HqMlneSJN9K/Jnj3ggzRuF7o/SloyR4kPNef4yr 8ANg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=54LhiN5GxdG1vcMEVR+AMwBa9SXCH+ycGIGBXbrTd9Y=; b=R/syEGsoNRbOlwejCmTSgliH/jkT4XjxyyuPqoxaXKjZvJNg2yNv5crFWCtrrp5lbj FfRUvCZY+pT+DR597Px3RI6SFuUITtENQtx7PRxJLpCPDZSfdutTrVV+9JPKcD1u8XKJ nwXMLofPYbhWbuvqqlsCUARC+P/yZHvLXSlcJI6yjJg1kt3onUqE6l3Ljo5V+IMbQX5x A6YBhmyOf4BNCf/FC6U4UKajYcv5QOdk+qf5enOav0vvYhoGcxAGulwSIsIjjEPXB+CW WYyeRrvkt+VL9aBsfbXtdSqBmFkfJnluqegd8ePw834SCucNwJ0vTKlCl4z7tvp/mt+t mq6A== X-Gm-Message-State: APjAAAUp4J63BStNgfl0xqfsART5VVtLjHJtOFmKHtwFcPlbZolL2NoB U0D+VXOYuY7lE1qSwZNGAFQ= X-Google-Smtp-Source: APXvYqznpNTlJSsL9r7dDcU5UXaOsGBDyDudOCsCjmBkvWYcme/Yt9bb9UxacIyCd3WCvlXfs6y58g== X-Received: by 2002:a62:f202:: with SMTP id m2mr40711836pfh.6.1564451073949; Mon, 29 Jul 2019 18:44:33 -0700 (PDT) Received: from ?IPv6:2601:602:9a00:1784:113b:db60:86cc:a758? ([2601:602:9a00:1784:113b:db60:86cc:a758]) by smtp.gmail.com with ESMTPSA id a6sm56533207pjs.31.2019.07.29.18.44.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 29 Jul 2019 18:44:33 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Subject: Re: [bug#36841] [PATCH] build/cargo-build-system: Patch cargo checksums. From: Ivan Petkov In-Reply-To: <20190729190422.6834-1-efraim@flashner.co.il> Date: Mon, 29 Jul 2019 18:44:31 -0700 Content-Transfer-Encoding: quoted-printable Message-Id: References: <20190729190422.6834-1-efraim@flashner.co.il> To: Efraim Flashner X-Mailer: Apple Mail (2.3445.9.1) X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 36841 Cc: 36841@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi Efraim, > On Jul 29, 2019, at 12:04 PM, Efraim Flashner = wrote: >=20 > +;; After patching the 'patch-generated-file-shebangs phase any = vendored crates > +;; will have a mismatch on their checksum. > +(define* (patch-cargo-checksums #:key > + (vendor-dir "guix-vendor") > + #:allow-other-keys) [snip] > + (replace 'install install) > + (add-after 'patch-generated-file-shebangs 'patch-cargo-checksums = patch-cargo-checksums))) I can=E2=80=99t quite remember the order the phases run in off the top = of my head. Would it be possible to make the configure/checksum generation phase run after shebang-patching = (or ensure the patching happens first)? It would avoid having to checksum all the files twice = that way=E2=80=A6 =E2=80=94Ivan= From debbugs-submit-bounces@debbugs.gnu.org Tue Jul 30 01:59:17 2019 Received: (at 36841-done) by debbugs.gnu.org; 30 Jul 2019 05:59:17 +0000 Received: from localhost ([127.0.0.1]:49433 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsLAL-0001FU-07 for submit@debbugs.gnu.org; Tue, 30 Jul 2019 01:59:17 -0400 Received: from flashner.co.il ([178.62.234.194]:55498) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsLAI-0001FE-JT for 36841-done@debbugs.gnu.org; Tue, 30 Jul 2019 01:59:15 -0400 Received: from localhost (unknown [31.210.177.218]) by flashner.co.il (Postfix) with ESMTPSA id 3A18B40262; Tue, 30 Jul 2019 05:59:08 +0000 (UTC) Date: Tue, 30 Jul 2019 08:59:03 +0300 From: Efraim Flashner To: Ivan Petkov Subject: Re: [bug#36841] [PATCH] build/cargo-build-system: Patch cargo checksums. Message-ID: <20190730055903.GA21431@E2140> References: <20190729190422.6834-1-efraim@flashner.co.il> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="Nq2Wo0NMKNjxTN9z" Content-Disposition: inline In-Reply-To: X-PGP-Key-ID: 0x41AAE7DCCA3D8351 X-PGP-Key: https://flashner.co.il/~efraim/efraim_flashner.asc X-PGP-Fingerprint: A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 User-Agent: Mutt/1.12.1 (2019-06-15) X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 36841-done Cc: 36841-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --Nq2Wo0NMKNjxTN9z Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jul 29, 2019 at 06:44:31PM -0700, Ivan Petkov wrote: > Hi Efraim, >=20 > > On Jul 29, 2019, at 12:04 PM, Efraim Flashner w= rote: > >=20 > > +;; After patching the 'patch-generated-file-shebangs phase any vendore= d crates > > +;; will have a mismatch on their checksum. > > +(define* (patch-cargo-checksums #:key > > + (vendor-dir "guix-vendor") > > + #:allow-other-keys) >=20 > [snip] >=20 > > + (replace 'install install) > > + (add-after 'patch-generated-file-shebangs 'patch-cargo-checksums p= atch-cargo-checksums))) >=20 > I can=E2=80=99t quite remember the order the phases run in off the top of= my head. Would it be possible to > make the configure/checksum generation phase run after shebang-patching (= or ensure the patching > happens first)? It would avoid having to checksum all the files twice tha= t way=E2=80=A6 >=20 > =E2=80=94Ivan I thought about it a bit more after I sent the patch, and I'm pretty sure this is only needed when there's a Cargo.lock file in the build directory. So in actuality it should be more like: (when (file-exists? "Cargo.lock") (begin (delete-file "Cargo.lock") (invoke "cargo" "generate-lockfile") (patch-cargo-checksums ...))) I'm going to close this bug/patch and re-submit it when I've given it a bit more work so it doesn't do the expensive compute-checksums computation on all builds. --=20 Efraim Flashner =D7=90=D7=A4=D7=A8=D7=99=D7=9D = =D7=A4=D7=9C=D7=A9=D7=A0=D7=A8 GPG key =3D A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted --Nq2Wo0NMKNjxTN9z Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAl0/3KcACgkQQarn3Mo9 g1H3aQ//akdxq8W2TFkmjCSevYDslzd5TFDYjI5t0elrF+Pt7mMCVSBjIcD5vhII SVqVEJNti0vHcSC9KpeiFmsnK66wWBivJFP53Wkt3zBfcJvykwX2PjdQd7eEzzt5 SPosX9QHcwstUunbeWNagYEv2N1RH/9CSts9QqzUOBC9R/MYwtQ9Hv06Bdt93wgt iXsUrfsGW5071LRNt3Abo9oKwiSiftAtk4aJw72wuwo5BQrxPGLQjHs5zvkpRwGt SbrNiQJVDv3XA+C2U2Z4B9m5EhIQL4jHL5gP2K4Ugogc1f9+wZGVEnZ4sKQkPeXv EBnLrNj1vaAf/N+fE5HRzeJcE12pNkgvT16ykARzPOGdeWQqOZTv2rc1RsfcExH1 UNUqgx8iKuhmzS687vsNTC0pFVDEM8/Kd7mdWqJdeJUA8Im4p4UbUWp97bE2S45X pHZt1kX3A1O16bEqbfnRBvohKSZYKLE+K1LHFhWwCpNi7d51/nB4u1S6EEurPAgJ vFHblmunO4hzHI/TnF43N8g3FwNvIkia8jA7P3t0Vtg71LXH1RscadohvNyW12Vw dsNGXb8/ZqE9VGHE67PbBjnw1S3RDadccheEK+Kplwt5rubMl/NADvpcV8XjuXaJ wq/WGKV2jgFXSoZWTer/Cebc602+OKf7bChcBJqo4EtuSU6EI1o= =DmXb -----END PGP SIGNATURE----- --Nq2Wo0NMKNjxTN9z-- From debbugs-submit-bounces@debbugs.gnu.org Tue Jul 30 04:18:06 2019 Received: (at 36841) by debbugs.gnu.org; 30 Jul 2019 08:18:06 +0000 Received: from localhost ([127.0.0.1]:49505 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsNKf-0004Xw-Qz for submit@debbugs.gnu.org; Tue, 30 Jul 2019 04:18:06 -0400 Received: from flashner.co.il ([178.62.234.194]:55746) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsNKe-0004X4-GI for 36841@debbugs.gnu.org; Tue, 30 Jul 2019 04:18:05 -0400 Received: from localhost (unknown [31.210.177.218]) by flashner.co.il (Postfix) with ESMTPSA id 88F3B400D2; Tue, 30 Jul 2019 08:17:58 +0000 (UTC) Date: Tue, 30 Jul 2019 11:17:57 +0300 From: Efraim Flashner To: Ivan Petkov Subject: Re: [bug#36841] [PATCH] build/cargo-build-system: Patch cargo checksums. Message-ID: <20190730081757.GB21431@E2140> References: <20190729190422.6834-1-efraim@flashner.co.il> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="bKyqfOwhbdpXa4YI" Content-Disposition: inline In-Reply-To: X-PGP-Key-ID: 0x41AAE7DCCA3D8351 X-PGP-Key: https://flashner.co.il/~efraim/efraim_flashner.asc X-PGP-Fingerprint: A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 User-Agent: Mutt/1.12.1 (2019-06-15) X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 36841 Cc: 36841@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --bKyqfOwhbdpXa4YI Content-Type: multipart/mixed; boundary="DKU6Jbt7q3WqK7+M" Content-Disposition: inline --DKU6Jbt7q3WqK7+M Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jul 29, 2019 at 06:44:31PM -0700, Ivan Petkov wrote: > Hi Efraim, >=20 > > On Jul 29, 2019, at 12:04 PM, Efraim Flashner w= rote: > >=20 > > +;; After patching the 'patch-generated-file-shebangs phase any vendore= d crates > > +;; will have a mismatch on their checksum. > > +(define* (patch-cargo-checksums #:key > > + (vendor-dir "guix-vendor") > > + #:allow-other-keys) >=20 > [snip] >=20 > > + (replace 'install install) > > + (add-after 'patch-generated-file-shebangs 'patch-cargo-checksums p= atch-cargo-checksums))) >=20 > I can=E2=80=99t quite remember the order the phases run in off the top of= my head. Would it be possible to > make the configure/checksum generation phase run after shebang-patching (= or ensure the patching > happens first)? It would avoid having to checksum all the files twice tha= t way=E2=80=A6 The 'configure phase could be renamed the plop-vendored-crates-into-place phase. It actually can't come after the 'patch-generated-file-shebangs phase since then there won't be any vendored crates to patch. If we remove the generate-checksums call from 'configure then there won't be a .cargo-checksum.json to remove and regenerate during the 'patch-cargo-checksums phase, so I've changed that to search for "Cargo.toml$" and not delete it. Not as robust as "for each top-level directory in the 'vendor-dir'", but should be good enough. --=20 Efraim Flashner =D7=90=D7=A4=D7=A8=D7=99=D7=9D = =D7=A4=D7=9C=D7=A9=D7=A0=D7=A8 GPG key =3D A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted --DKU6Jbt7q3WqK7+M Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="0001-build-cargo-build-system-Patch-cargo-checksums.patch" Content-Transfer-Encoding: quoted-printable =46rom abf262fbe7ed8d9a532a3ce63cb7453c1666d914 Mon Sep 17 00:00:00 2001 =46rom: Efraim Flashner Date: Mon, 29 Jul 2019 22:01:05 +0300 Subject: [PATCH] build/cargo-build-system: Patch cargo checksums. * guix/build/cargo-build-system.scm (update-cargo-lock, patch-cargo-checksums): New phases. (%standard-phases): Add 'update=3Dcargo-lock after 'configure and 'patch-cargo-checksums after 'patch-generated-file-shebangs. --- guix/build/cargo-build-system.scm | 37 ++++++++++++++++++++++++++++--- 1 file changed, 34 insertions(+), 3 deletions(-) diff --git a/guix/build/cargo-build-system.scm b/guix/build/cargo-build-sys= tem.scm index f38de16cf7..dfc7923c8d 100644 --- a/guix/build/cargo-build-system.scm +++ b/guix/build/cargo-build-system.scm @@ -2,6 +2,7 @@ ;;; Copyright =C2=A9 2016 David Craven ;;; Copyright =C2=A9 2017 Mathieu Othacehe ;;; Copyright =C2=A9 2019 Ivan Petkov +;;; Copyright =C2=A9 2019 Efraim Flashner ;;; ;;; This file is part of GNU Guix. ;;; @@ -94,8 +95,7 @@ Cargo.toml file present at its root." ;; so that we can generate any cargo checksums. ;; The --strip-components argument is needed to prevent crea= ting ;; an extra directory within `crate-dir`. - (invoke "tar" "xvf" path "-C" crate-dir "--strip-components"= "1") - (generate-checksums crate-dir))))) + (invoke "tar" "xvf" path "-C" crate-dir "--strip-components"= "1"))))) inputs) =20 ;; Configure cargo to actually use this new directory. @@ -121,6 +121,35 @@ directory =3D '" port) (setenv "CC" (string-append (assoc-ref inputs "gcc") "/bin/gcc")) #t) =20 +;; The Cargo.lock file tells the build system which crates are required for +;; building and hardcodes their version and checksum. In order to build w= ith +;; the inputs we provide, we need to recreate the file with our inputs. +(define* (update-cargo-lock #:key + (vendor-dir "guix-vendor") + #:allow-other-keys) + "Regenerate the Cargo.lock file with the current build inputs." + (when (file-exists? "Cargo.lock") + (begin + (delete-file "Cargo.lock") + (invoke "cargo" "generate-lockfile"))) + #t) + +;; After the 'patch-generated-file-shebangs phase any vendored crates who = have +;; their shebangs patched will have a mismatch on their checksum. +(define* (patch-cargo-checksums #:key + (vendor-dir "guix-vendor") + #:allow-other-keys) + "Patch the checksums of the vendored crates after patching their shebang= s." + (for-each + (lambda (filename) + (let* ((dir (dirname filename))) + (display (string-append + "patch-cargo-checksums: generate-checksums for " + dir "\n")) + (generate-checksums dir))) + (find-files "guix-vendor" "Cargo.toml$")) + #t) + (define* (build #:key skip-build? (cargo-build-flags '("--release")) @@ -162,7 +191,9 @@ directory =3D '" port) (replace 'configure configure) (replace 'build build) (replace 'check check) - (replace 'install install))) + (replace 'install install) + (add-after 'configure 'update-cargo-lock update-cargo-lock) + (add-after 'patch-generated-file-shebangs 'patch-cargo-checksums patch= -cargo-checksums))) =20 (define* (cargo-build #:key inputs (phases %standard-phases) #:allow-other-keys #:rest args) --=20 2.22.0 --DKU6Jbt7q3WqK7+M-- --bKyqfOwhbdpXa4YI Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAl0//SwACgkQQarn3Mo9 g1Fiag/+KYGYP2xW/0v6xusUK2Yv47LhcSEz2fJ9vg5orrAX3+jzZ+kkuzeNlkSL ubVpL9dHZsuJ94UIiJ+yvQdqcJKBdZ6fM4cp5KMLf+CPfoapdavngOd0eITbXp8R fwn5hjYvPCzisHewMcHRB2mPHNvFaWzyrC0rU/lKvfO7FdNUnz2BtiSTLy9GXx8F ro0TJEbK48nat3NAcOHD0D7SVIdzJYxk7YREOIFmzs4O0/VuWD/SJOGB3M/d6+lT QzLBh0QDtE5PovyFo7iwYrj5rx5BYZJ3Wfl6sS8Je4wT1tvX3yTeAF6SPH7Z5+H7 owYghTtsEYx6tHnUun+st4INxup5TI5xFV+O43K4DsWpJb3YaeTyaqebQV7HWkmi P8jdVe1Gsrx3FC54ArrVPO+VdMc0NS7wCmHZgIjVxFreEkYHXlD5ty1ZepG610yV gIoym7aj/aIDAkkinWrbmIfy7iKk0qatAkrWUg3NSfD1WgnBiECEZCUg81YHQUbK oV2Xv/XQoQ72i6di8BzY1UP3cl5dFEcodC64vzTLA97tsSOB9DE+IFfx83as2sIS afVA6rMaT/uFabVyCmiIOkStOEaNnd9S3snHgn7ULUk9zuqozbsW0OhGL8ElvPUP 9Xfl2xXxlNQnGIGDjgmbL79fA0w46op3Uc4ZSzGK99aM2OFNzYo= =CBt1 -----END PGP SIGNATURE----- --bKyqfOwhbdpXa4YI-- From debbugs-submit-bounces@debbugs.gnu.org Tue Jul 30 06:47:10 2019 Received: (at 36841) by debbugs.gnu.org; 30 Jul 2019 10:47:10 +0000 Received: from localhost ([127.0.0.1]:49612 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsPev-0003yx-N8 for submit@debbugs.gnu.org; Tue, 30 Jul 2019 06:47:10 -0400 Received: from flashner.co.il ([178.62.234.194]:56070) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsPes-0003yR-Em for 36841@debbugs.gnu.org; Tue, 30 Jul 2019 06:47:07 -0400 Received: from localhost (unknown [31.210.177.218]) by flashner.co.il (Postfix) with ESMTPSA id ED12240262; Tue, 30 Jul 2019 10:46:59 +0000 (UTC) Date: Tue, 30 Jul 2019 13:46:58 +0300 From: Efraim Flashner To: Ivan Petkov Subject: Re: [bug#36841] [PATCH v3] build/cargo-build-system: Patch cargo checksums. Message-ID: <20190730104658.GC21431@E2140> References: <20190729190422.6834-1-efraim@flashner.co.il> <20190730081757.GB21431@E2140> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="pY3vCvL1qV+PayAL" Content-Disposition: inline In-Reply-To: <20190730081757.GB21431@E2140> X-PGP-Key-ID: 0x41AAE7DCCA3D8351 X-PGP-Key: https://flashner.co.il/~efraim/efraim_flashner.asc X-PGP-Fingerprint: A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 User-Agent: Mutt/1.12.1 (2019-06-15) X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 36841 Cc: 36841@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --pY3vCvL1qV+PayAL Content-Type: multipart/mixed; boundary="at6+YcpfzWZg/htY" Content-Disposition: inline --at6+YcpfzWZg/htY Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jul 30, 2019 at 11:17:57AM +0300, Efraim Flashner wrote: > On Mon, Jul 29, 2019 at 06:44:31PM -0700, Ivan Petkov wrote: > > Hi Efraim, > >=20 > > > On Jul 29, 2019, at 12:04 PM, Efraim Flashner = wrote: > > >=20 > > > +;; After patching the 'patch-generated-file-shebangs phase any vendo= red crates > > > +;; will have a mismatch on their checksum. > > > +(define* (patch-cargo-checksums #:key > > > + (vendor-dir "guix-vendor") > > > + #:allow-other-keys) > >=20 > > [snip] > >=20 > > > + (replace 'install install) > > > + (add-after 'patch-generated-file-shebangs 'patch-cargo-checksums= patch-cargo-checksums))) > >=20 > > I can=E2=80=99t quite remember the order the phases run in off the top = of my head. Would it be possible to > > make the configure/checksum generation phase run after shebang-patching= (or ensure the patching > > happens first)? It would avoid having to checksum all the files twice t= hat way=E2=80=A6 >=20 > The 'configure phase could be renamed the plop-vendored-crates-into-place > phase. It actually can't come after the 'patch-generated-file-shebangs > phase since then there won't be any vendored crates to patch. >=20 > If we remove the generate-checksums call from 'configure then there > won't be a .cargo-checksum.json to remove and regenerate during the > 'patch-cargo-checksums phase, so I've changed that to search for > "Cargo.toml$" and not delete it. Not as robust as "for each top-level > directory in the 'vendor-dir'", but should be good enough. >=20 This one I'm pretty happy with. The checksums are only generated twice when there's a Cargo.lock file present and I've factored out the function to generate all the checksums. When that's moved to (guix build cargo-utils) it can be used by the rust compilers and icecat. --=20 Efraim Flashner =D7=90=D7=A4=D7=A8=D7=99=D7=9D = =D7=A4=D7=9C=D7=A9=D7=A0=D7=A8 GPG key =3D A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted --at6+YcpfzWZg/htY Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="0001-build-cargo-build-system-Patch-cargo-checksums.patch" Content-Transfer-Encoding: quoted-printable =46rom d1252887da416b664090bfcee0d84729abb0fbc4 Mon Sep 17 00:00:00 2001 =46rom: Efraim Flashner Date: Mon, 29 Jul 2019 22:01:05 +0300 Subject: [PATCH] build/cargo-build-system: Patch cargo checksums. * guix/build/cargo-build-system.scm (generate-all-checksums): New procedure. (update-cargo-lock, patch-cargo-checksums): New phases. (%standard-phases): Add 'update=3Dcargo-lock after 'configure and 'patch-cargo-checksums after 'patch-generated-file-shebangs. --- guix/build/cargo-build-system.scm | 48 +++++++++++++++++++++++++++++-- 1 file changed, 45 insertions(+), 3 deletions(-) diff --git a/guix/build/cargo-build-system.scm b/guix/build/cargo-build-sys= tem.scm index f38de16cf7..7d363a18a5 100644 --- a/guix/build/cargo-build-system.scm +++ b/guix/build/cargo-build-system.scm @@ -2,6 +2,7 @@ ;;; Copyright =C2=A9 2016 David Craven ;;; Copyright =C2=A9 2017 Mathieu Othacehe ;;; Copyright =C2=A9 2019 Ivan Petkov +;;; Copyright =C2=A9 2019 Efraim Flashner ;;; ;;; This file is part of GNU Guix. ;;; @@ -39,6 +40,21 @@ ;; ;; Code: =20 +;; TODO: Move this to (guix build cargo-utils). Will cause a full rebuild +;; of all rust compilers. + +(define (generate-all-checksums dir-name) + (for-each + (lambda (filename) + (let* ((dir (dirname filename)) + (checksum-file (string-append dir "/.cargo-checksum.json"))) + (when (file-exists? checksum-file) (delete-file checksum-file)) + (display (string-append + "patch-cargo-checksums: generate-checksums for " + dir "\n")) + (generate-checksums dir))) + (find-files dir-name "Cargo.toml$"))) + (define (manifest-targets) "Extract all targets from the Cargo.toml manifest" (let* ((port (open-input-pipe "cargo read-manifest")) @@ -94,8 +110,7 @@ Cargo.toml file present at its root." ;; so that we can generate any cargo checksums. ;; The --strip-components argument is needed to prevent crea= ting ;; an extra directory within `crate-dir`. - (invoke "tar" "xvf" path "-C" crate-dir "--strip-components"= "1") - (generate-checksums crate-dir))))) + (invoke "tar" "xvf" path "-C" crate-dir "--strip-components"= "1"))))) inputs) =20 ;; Configure cargo to actually use this new directory. @@ -121,6 +136,31 @@ directory =3D '" port) (setenv "CC" (string-append (assoc-ref inputs "gcc") "/bin/gcc")) #t) =20 +;; The Cargo.lock file tells the build system which crates are required for +;; building and hardcodes their version and checksum. In order to build w= ith +;; the inputs we provide, we need to recreate the file with our inputs. +(define* (update-cargo-lock #:key + (vendor-dir "guix-vendor") + #:allow-other-keys) + "Regenerate the Cargo.lock file with the current build inputs." + (when (file-exists? "Cargo.lock") + (begin + ;; Unfortunately we can't generate a Cargo.lock file until the check= sums + ;; are generated, so we have an extra round of generate-all-checksum= s here. + (generate-all-checksums vendor-dir) + (delete-file "Cargo.lock") + (invoke "cargo" "generate-lockfile"))) + #t) + +;; After the 'patch-generated-file-shebangs phase any vendored crates who = have +;; their shebangs patched will have a mismatch on their checksum. +(define* (patch-cargo-checksums #:key + (vendor-dir "guix-vendor") + #:allow-other-keys) + "Patch the checksums of the vendored crates after patching their shebang= s." + (generate-all-checksums vendor-dir) + #t) + (define* (build #:key skip-build? (cargo-build-flags '("--release")) @@ -162,7 +202,9 @@ directory =3D '" port) (replace 'configure configure) (replace 'build build) (replace 'check check) - (replace 'install install))) + (replace 'install install) + (add-after 'configure 'update-cargo-lock update-cargo-lock) + (add-after 'patch-generated-file-shebangs 'patch-cargo-checksums patch= -cargo-checksums))) =20 (define* (cargo-build #:key inputs (phases %standard-phases) #:allow-other-keys #:rest args) --=20 2.22.0 --at6+YcpfzWZg/htY-- --pY3vCvL1qV+PayAL Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAl1AIBkACgkQQarn3Mo9 g1GACA//e4dcPbOOFaUhlmGrBYhtHAWOQwP+EbIekBDrVjWVRHR2HZo8CJy/lvDG 8Xy04HTNPQBP3U1HRuU9jZWKOW+LLNKIWoJrLURcPjP6EcuCA7dnEXXG0qjk/wNk pa6yBI4TS62nHa0dB6SFWynUELBi2BVhjbUfKqlWvsnZ9A68A3QfJxc2A4AJJO/A iA+eTREkRWslils7KHmGoTdhcFCL17FTXBkX/xGVkO3hF6YVKJ1DCIgbt9lZONnP vn9bjmjNSu38ut6K5lJf0uI11YcByoArhZIL19r3ZJ7a6iD7Fe+oQMMsunuVjJ7t DuQLQdMCnOjoqNxSgmLGc/B/cFAn3FR8vIPY5hnMKQC2kkjH0kbpLqKG6hhWFfR0 +fI7oqIfppO5J61+t8odp7umZnporxdxXt8be7fRbYZBewRuRNY59EBdk3qQItOf desamHFqIpeuNWSGAZF82KU5vEx4OcPKHgkhgz4d+XnDJI/WrTbPN3Oif5Ggu5fM +qwseoFvPSwOraxwxlUz6N2Z7X+rW1dA3SRFBq3Wza4ox3OAhB0RsyX+ORE2qmWY Ik3Ch6sFA8QgUODgGNAD2t2swumQG6123HlmHkEt2GZYzLPE+bgKE5sW81rkE/zy wbIMWQ+bwV6rTBsG1RpzDUyGaofIYJ9VvW67HZcJtagwhz8OUZI= =mXxC -----END PGP SIGNATURE----- --pY3vCvL1qV+PayAL-- From debbugs-submit-bounces@debbugs.gnu.org Wed Jul 31 23:00:16 2019 Received: (at 36841) by debbugs.gnu.org; 1 Aug 2019 03:00:16 +0000 Received: from localhost ([127.0.0.1]:53338 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ht1KA-0000Vt-1y for submit@debbugs.gnu.org; Wed, 31 Jul 2019 23:00:15 -0400 Received: from mail-pf1-f193.google.com ([209.85.210.193]:37878) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ht1K7-0000Uk-9S for 36841@debbugs.gnu.org; Wed, 31 Jul 2019 23:00:13 -0400 Received: by mail-pf1-f193.google.com with SMTP id 19so33057231pfa.4 for <36841@debbugs.gnu.org>; Wed, 31 Jul 2019 20:00:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc:message-id:references :to; bh=ZGinU+0jAGI2UDM110mMabQM3XZZt3v1fqoQYKMdK54=; b=me8mpg//FjVIQKapO1YrNQb1+sNxRqEfCL9lPCQfC/xX6+Rs5tm77mF5pY4lMSuIhS yM54wvBZOoz6KuCCAhAqJRXgIeqZgcXiqFKcr60ygbLj0yKx96BtHSJa7Ky1iDAdbm6Y Q1mo+XFazg/LsN9ncphtg1XkCWcUsXxL3pL0pP/yVsVdWL5JB3BKSOEY1A62oO6Lux05 JIzmYZEddeVOGkqhWdN1kLrX2mRxy+SeHKd1XVCTIcD4ASopTNg8Reg7/4qfjKp5RLzT CeUYfyatkPX+/Lhk55+S+eLiqcZwR81O/EkTXyb4J9d+kqqBbIBYaxrgZP8SxBYp3XjN UEDQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=ZGinU+0jAGI2UDM110mMabQM3XZZt3v1fqoQYKMdK54=; b=Oo5knHu6j24WtWGCJrXSgqnOfskkqKzGn9ywon+5oYQHmHMeOZNg+/KmtWzNg1wSDN 9PJMWxa98+tiCWmOSdSvgxmhxwLfwHdqY1Z14NZz+Thg0DAbO1waWbMjdSpo3e649PUi JXPIroPwOCKXs+vN9nD58ejh3pxIQgSidwSA1r9hjTRJ5OkGHxRBd0nUTu6t7xpadmyY cyfKfJ0ZNE52t4eeSFlCImaZiUdZHO2i51SLxR3Ovi8FcGW867cQ/J9V4IgorjRffD5A 6VXoN2oH9e5hJfZqc8BCRRF3x2tuQxOF54ICnINcTYlyJX8Y0q1JiE3m0617RgzOZ1wU RDRw== X-Gm-Message-State: APjAAAVOZco8G+loR2YenTkIZYhq/bq4cO7ztzpRiejiu4fyo7JkgRQX ROCMM5LBWLLNqO8mehL3fB8= X-Google-Smtp-Source: APXvYqwsi1VljS6PV8u+QjCu737hTRvnZSWKNU1QJAlOqAfHAnYghqd5fGwkz3BAZZlFd6vd7QOwZg== X-Received: by 2002:aa7:9531:: with SMTP id c17mr52542578pfp.130.1564628405509; Wed, 31 Jul 2019 20:00:05 -0700 (PDT) Received: from ?IPv6:2601:602:9a00:1784:7138:8394:234:efe5? ([2601:602:9a00:1784:7138:8394:234:efe5]) by smtp.gmail.com with ESMTPSA id q19sm74318571pfc.62.2019.07.31.20.00.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 20:00:04 -0700 (PDT) Content-Type: multipart/alternative; boundary="Apple-Mail=_88EB5865-4A9A-4F0D-92C6-0ADA06951E77" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Subject: Re: [bug#36841] [PATCH v3] build/cargo-build-system: Patch cargo checksums. From: Ivan Petkov In-Reply-To: <20190730104658.GC21431@E2140> Date: Wed, 31 Jul 2019 20:00:00 -0700 Message-Id: <6580AB76-AB78-4758-B71F-FE08687B9A33@gmail.com> References: <20190729190422.6834-1-efraim@flashner.co.il> <20190730081757.GB21431@E2140> <20190730104658.GC21431@E2140> To: Efraim Flashner X-Mailer: Apple Mail (2.3445.9.1) X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 36841 Cc: 36841@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --Apple-Mail=_88EB5865-4A9A-4F0D-92C6-0ADA06951E77 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi Efraim, > On Jul 30, 2019, at 3:46 AM, Efraim Flashner = wrote: >=20 > This one I'm pretty happy with. The checksums are only generated twice > when there's a Cargo.lock file present and I've factored out the > function to generate all the checksums. When that's moved to (guix = build > cargo-utils) it can be used by the rust compilers and icecat. Overall the patch makes sense to me! However, I am curious what are some of the situations in which you=E2=80=99= re encountering a Cargo.lock file? In a system like guix which maintains all = dependencies immutably and consistently, the Cargo.lock file is virtually useless (in fact it = *could* be harmful if an application is released with a Cargo.lock file pinning to a = particular vulnerable dependency which needs to be updated, requiring patching of the = Cargo.lock file). I=E2=80=99d be willing to go as far as suggest we unconditionally delete = any Cargo.lock file in source tarballs and let cargo generate its own replacement using the = vendor directory we have supplied. (Imports from crates.io = also never include a Cargo.lock file, so this may only pertain if we=E2=80=99re performing a direct = source import=E2=80=A6) =E2=80=94Ivan= --Apple-Mail=_88EB5865-4A9A-4F0D-92C6-0ADA06951E77 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Hi = Efraim,

On Jul 30, 2019, at 3:46 AM, Efraim Flashner = <efraim@flashner.co.il> wrote:

This = one I'm pretty happy with. The checksums are only generated twice
when there's a Cargo.lock file present and I've factored out = the
function to generate all the checksums. When that's = moved to (guix build
cargo-utils) it can be used by the = rust compilers and icecat.

Overall the patch makes sense to me!

However, I am curious what are some of = the situations in which you=E2=80=99re encountering
a= Cargo.lock file? In a system like guix which maintains all dependencies = immutably
and consistently, the Cargo.lock file is = virtually useless (in fact it *could* be harmful
if = an application is released with a Cargo.lock file pinning to a = particular vulnerable
dependency which needs to be = updated, requiring patching of the Cargo.lock file).

I=E2=80=99d be willing = to go as far as suggest we unconditionally delete any Cargo.lock = file
in source tarballs and let cargo generate its = own replacement using the vendor
directory we have = supplied. (Imports from crates.io also never include a Cargo.lock
file, so this may only pertain if we=E2=80=99re performing a = direct source import=E2=80=A6)

=E2=80=94Ivan
= --Apple-Mail=_88EB5865-4A9A-4F0D-92C6-0ADA06951E77-- From debbugs-submit-bounces@debbugs.gnu.org Thu Aug 01 07:15:38 2019 Received: (at 36841) by debbugs.gnu.org; 1 Aug 2019 11:15:38 +0000 Received: from localhost ([127.0.0.1]:53569 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ht93Z-0005zZ-UE for submit@debbugs.gnu.org; Thu, 01 Aug 2019 07:15:38 -0400 Received: from flashner.co.il ([178.62.234.194]:32882) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ht93X-0005zJ-74 for 36841@debbugs.gnu.org; Thu, 01 Aug 2019 07:15:35 -0400 Received: from localhost (unknown [31.210.177.218]) by flashner.co.il (Postfix) with ESMTPSA id E66444020B; Thu, 1 Aug 2019 11:15:28 +0000 (UTC) Date: Thu, 1 Aug 2019 14:15:26 +0300 From: Efraim Flashner To: Ivan Petkov Subject: Re: [bug#36841] [PATCH v3] build/cargo-build-system: Patch cargo checksums. Message-ID: <20190801111526.GA6265@E2140> References: <20190729190422.6834-1-efraim@flashner.co.il> <20190730081757.GB21431@E2140> <20190730104658.GC21431@E2140> <6580AB76-AB78-4758-B71F-FE08687B9A33@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="T4sUOijqQbZv57TR" Content-Disposition: inline In-Reply-To: <6580AB76-AB78-4758-B71F-FE08687B9A33@gmail.com> X-PGP-Key-ID: 0x41AAE7DCCA3D8351 X-PGP-Key: https://flashner.co.il/~efraim/efraim_flashner.asc X-PGP-Fingerprint: A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 User-Agent: Mutt/1.12.1 (2019-06-15) X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 36841 Cc: 36841@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --T4sUOijqQbZv57TR Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 31, 2019 at 08:00:00PM -0700, Ivan Petkov wrote: > Hi Efraim, >=20 > > On Jul 30, 2019, at 3:46 AM, Efraim Flashner wr= ote: > >=20 > > This one I'm pretty happy with. The checksums are only generated twice > > when there's a Cargo.lock file present and I've factored out the > > function to generate all the checksums. When that's moved to (guix build > > cargo-utils) it can be used by the rust compilers and icecat. >=20 > Overall the patch makes sense to me! >=20 > However, I am curious what are some of the situations in which you=E2=80= =99re encountering > a Cargo.lock file? In a system like guix which maintains all dependencies= immutably > and consistently, the Cargo.lock file is virtually useless (in fact it *c= ould* be harmful > if an application is released with a Cargo.lock file pinning to a particu= lar vulnerable > dependency which needs to be updated, requiring patching of the Cargo.loc= k file). One is the package that I'm actually targeting, https://github.com/chfi/rus= t-qtlreaper/ , and three of the others are rust-regex and rust-compiler-builtins and rust-env-logger. All three of them I got from $(guix import crate foo). `guix import crate env-logger`, for example, returns this: https://static.crates.io/crates/env_logger/env_logger-0.6.2.crate >=20 > I=E2=80=99d be willing to go as far as suggest we unconditionally delete = any Cargo.lock file > in source tarballs and let cargo generate its own replacement using the v= endor > directory we have supplied. (Imports from crates.io a= lso never include a Cargo.lock > file, so this may only pertain if we=E2=80=99re performing a direct sourc= e import=E2=80=A6) This is basically what my 'update-cargo-lock phase does. Otherwise we end up packaging arbitrary versions of crates to satisfy whatever version they were using when they last updated their Cargo.lock. >=20 > =E2=80=94Ivan --=20 Efraim Flashner =D7=90=D7=A4=D7=A8=D7=99=D7=9D = =D7=A4=D7=9C=D7=A9=D7=A0=D7=A8 GPG key =3D A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted --T4sUOijqQbZv57TR Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAl1Cyb4ACgkQQarn3Mo9 g1GOGxAAhGpN3IS8G8UqUcAlFhgk/LmqeHGbjjFBQUclHDv30Mxo11civt+2uE6Q amtFP3WzyTo+xYVzk7vOG9SKH5JSbPmzJRMu2uxLEKf99Qp4woNd/moMkV7lW4Qy xZ01lJv7zNzDBVJITe835bnclscfuK16K8QDxxaruY+kbiCUMa35q28p9DogVatB rBn0Arg91lo+RycgQpUzGTHw17G3vWKmwRufElIlN/8nbkq5vkrRypLUdUhr86tH 76JiIQfX0KGr04r46mBJOELdmh9FdbcWuBVU5U5rRLKx3nUPKV7i+6E5CEsbZVkh 17UWVobRSeIQ1Lj3r5507go7VmcMVjFpuCvBscNWVuZL9r6n0W5TvXzZm/IbwNDE QLEuMAB8PV5gcIDKWOJn9EjhetToXMBpqVTiQVdCA+M06kIHBiho0Y2ZRU+C4kLj keXaQCmzC3sR2wAuXKRsH5mJNeJ+yxY5gq9QKwwQOdfTjgTgTAieidJ26+/G/fn/ C8KEJlBcWeQNn5Im/ktCp9gXbAXx1oIgjbZmAc6SfogghttDMFvivPWMHGIn1QC3 SssRs2v5rsr+gQ65/s4R/LPvu+dQUobMp4xkC56n9Vi6qu+V86P7xSzLSCrMmF17 +SglaEZ9KZDI8GZ2I8Lh8vMU1zZ4ldvcsSky7ushlAm+qQLr7Fs= =XjrY -----END PGP SIGNATURE----- --T4sUOijqQbZv57TR-- From debbugs-submit-bounces@debbugs.gnu.org Sun Aug 04 04:57:23 2019 Received: (at 36841-done) by debbugs.gnu.org; 4 Aug 2019 08:57:23 +0000 Received: from localhost ([127.0.0.1]:60411 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1huCKQ-00049J-V9 for submit@debbugs.gnu.org; Sun, 04 Aug 2019 04:57:23 -0400 Received: from flashner.co.il ([178.62.234.194]:39954) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1huCKO-000495-UN for 36841-done@debbugs.gnu.org; Sun, 04 Aug 2019 04:57:21 -0400 Received: from localhost (unknown [31.210.177.218]) by flashner.co.il (Postfix) with ESMTPSA id 615BC400D2; Sun, 4 Aug 2019 08:57:14 +0000 (UTC) Date: Sun, 4 Aug 2019 11:57:12 +0300 From: Efraim Flashner To: Ivan Petkov Subject: Re: [bug#36841] [PATCH v3] build/cargo-build-system: Patch cargo checksums. Message-ID: <20190804085712.GB2421@E2140> References: <20190729190422.6834-1-efraim@flashner.co.il> <20190730081757.GB21431@E2140> <20190730104658.GC21431@E2140> <6580AB76-AB78-4758-B71F-FE08687B9A33@gmail.com> <20190801111526.GA6265@E2140> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="WhfpMioaduB5tiZL" Content-Disposition: inline In-Reply-To: <20190801111526.GA6265@E2140> X-PGP-Key-ID: 0x41AAE7DCCA3D8351 X-PGP-Key: https://flashner.co.il/~efraim/efraim_flashner.asc X-PGP-Fingerprint: A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 User-Agent: Mutt/1.12.1 (2019-06-15) X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 36841-done Cc: 36841-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --WhfpMioaduB5tiZL Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Pushed with an update to the documentation --=20 Efraim Flashner =D7=90=D7=A4=D7=A8=D7=99=D7=9D = =D7=A4=D7=9C=D7=A9=D7=A0=D7=A8 GPG key =3D A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted --WhfpMioaduB5tiZL Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAl1GnegACgkQQarn3Mo9 g1GLOg/6AhkUNWk9IVoq1V9KPVK7jXpvw6hKo3uSTun7VdHCkh2PynBU0Bj7ApIi YN9ndaBE6A5NFOK/n5Fj6psQ7jPtrKBGnRBkrEOfpqAP938i+RlAIYMBDdcaB0Qw Kc8YLOpamUc50DcnnPtFP5GIpL2S8RO4k5Um0AnHm1/4SKTOnftjZ3oqgwEcwgAT s+cQQWIntqL7u73hkXBryvv1v445Y1JuyTfxGMpZIJKTOU+Mlj8Yy9Gs7okkk6gC QkYdnN75sdaKTUD0DWAyQj9E1gL+iJbVxWS1+8+GFD192OJfNguexAWaqzzIcJ9d i9WAfMhE+uyF5GLuZLnt3KIuQggkvW6pTU8j3WRBJnxSqeQN9eX5m40vj56cBK0k 6pQAWow+8xRofm6OMjXDPQ6GsRiH3++KN/N9EBXy+sO7RAaHX77Onb4KFAqzzor/ tGYRGjNWQzIauK9lw831dfG+Z/7dsZZ3HQPszrqreDvP593dTJVN2gIR/CEWyxZ1 vB0faapyTgrqn1h/i+uQ4MJu407QNGWbXByNTwFtF7qFpleEn63v3nALLDofEbxq V/OICXmg/4SmpUmVbmC9jmJjc4wYBZWphcFV0FiDjYoCu0bEjoCmFzQ6fhNCEh9Q S3reURu/58zYCwXi24t9eQHTO4z/Q33wgsRzsIBbtxR5+6qQaJo= =i4m3 -----END PGP SIGNATURE----- --WhfpMioaduB5tiZL-- From unknown Mon Jun 23 07:48:20 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Sun, 01 Sep 2019 11:24:05 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator