GNU bug report logs - #76444
[PATCH] Blind update of Hanwen's go-fuse broke Gocryptfs

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Felix Lechner <felix.lechner <at> lease-up.com>
Subject: bug#76444: closed (Re: bug#76444: [PATCH v1] gnu: go-github-com-hanwen-go-fuse-v2:
 Downgrade to 2.5.0. (Closes: #76444))
Date: Thu, 20 Feb 2025 21:04:03 +0000

[Message part 1 (text/plain, inline)]

Your bug report

#76444: [PATCH] Blind update of Hanwen's go-fuse broke Gocryptfs

which was filed against the guix package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 76444 <at> debbugs.gnu.org.

-- 
76444: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=76444
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: Leo Famulari <leo <at> famulari.name>
To: Felix Lechner via Bug reports for GNU Guix <bug-guix <at> gnu.org>
Cc: 76444-done <at> debbugs.gnu.org, Felix Lechner <felix.lechner <at> lease-up.com>
Subject: Re: bug#76444: [PATCH v1] gnu: go-github-com-hanwen-go-fuse-v2:
 Downgrade to 2.5.0. (Closes: #76444)
Date: Thu, 20 Feb 2025 16:03:18 -0500

On Thu, Feb 20, 2025 at 11:26:27AM -0800, Felix Lechner via Bug reports for GNU Guix wrote:
> Change-Id: Idf9059dc969b3c4447e2576ae0601199f20e2525

I wrote the commit message and pushed as
1ce2226aec1e5b5f5cdeff47c0452a46e6c608a5

[Message part 3 (message/rfc822, inline)]

From: Felix Lechner <felix.lechner <at> lease-up.com>
To: bug-guix <at> gnu.org
Subject: [PATCH] Blind update of Hanwen's go-fuse broke Gocryptfs
Date: Thu, 20 Feb 2025 10:59:21 -0800

Package: guix
Severity: grave
Tags: patch

Hi,

The blind update of Hanwen's go-fuse to 2.7.2 [1] broke Gocryptfs. [2]

I have a working patch, which will appear here shortly.

As a general note, I disagree with Guix's stance to diverge from go.mod
when present.  I spent several hours tracking down the error and testing
the fix (not to mention bothering upstream) for nothing.  It should have
never happened

Meanwhile, I was unable to log in. [3]

It is a gross overestimation that the Go team can outsmart upstream
developers who provide a specific list of prerequisites.  It's also an
error because packaging Goland prerequisites---if one can call it
that---involves no more than tarring up source files.  That step has few
prerequisites and rebuids are rare.  Multiple source versions do not
burden the substitute servers.

The security argument is likewise bogus, as this bug shows.  Any changes
to the prerequisites should be submitted upstream (or be patched when
upstream is unresponsive).

There are several ways to implement prerequisite tracking: Maybe it's
switching package variables to functions that pull the correct version
(or commit).  The consuming package definition should then be generated
from go.mod when present.  Thanks!

Kind regards
Felix

P.S. Sharlatan, thanks for fixing Bug#71795!

[1] https://git.savannah.gnu.org/cgit/guix.git/commit/?id=d12c7edb32e3a3b2f57e8afee7ddcf4f7015363e
[2] https://github.com/rfjakob/gocryptfs/issues/897
[3] https://debbugs.gnu.org/cgi/bugreport.cgi?bug=76105#11

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.