cargo-auditable-cargo-wrapper: don't wrap if cargo-auditable is meta.broken #250615
Conversation
|
|
So where is the master switch to disable "audit" everywhere, including packages like |
|
This change appears to break overlays that override cargo (such as fenix). |
You can overlay |
Yeah, well,
Until recently you only had to do one of those two things. In the future will people have to do three things? There needs to be one single place where users can opt out of this, instead of having to constantly track the development of a feature simply to not use it. I welcome suggestions on alternative locations for that single point-of-opt-out. |
ghost
marked this pull request as draft
ghost
marked this pull request as ready for review
|
Can I ask why you would need to globally turn off cargo-auditable? |
ghost
changed the title
Because I don't want to use it. Also, like so many things related to cargo, it duplicates functionality that nix already provides. And does so quite poorly. |
|
Are there drawback to using cargo-auditable? |
Please don't derail the discussion. |
I'm just asking because I would prefer to fix the issue you are experiencing instead of having to create a workaround, if that's possible. |
The issue I am experiencing is that I do not wish to use This PR fixes the issue I am experiencing. You can fix the issue by merging it. |
ofborg
bot
added
10.rebuild-darwin: 0
10.rebuild-linux: 0
and removed
10.rebuild-darwin: 501+
10.rebuild-darwin: 5001+
labels
There was a problem hiding this comment.
I would appreciate it if you weren't being passive-aggressive in the replies.
Anyway, I don't think we should introduce a passthru for this, instead we can just mark cargo-auditable as broken in the overlay.
With this patch
--- a/pkgs/development/compilers/rust/1_71.nix
+++ b/pkgs/development/compilers/rust/1_71.nix
@@ -52,7 +52,7 @@ import ./default.nix {
mips64el-unknown-linux-gnuabi64 = "de5fd0b249fbb95b9b67928ba08d7ec49f18f0ae25cbe1b0ede3c02390d7b93a";
};
- selectRustPackage = pkgs: pkgs.rust_1_71;
+ selectRustPackage = pkgs: pkgs.rust;
rustcPatches = [ ];
}
--- a/pkgs/development/compilers/rust/cargo-auditable-cargo-wrapper.nix
+++ b/pkgs/development/compilers/rust/cargo-auditable-cargo-wrapper.nix
@@ -1,13 +1,16 @@
{ lib, runCommand, makeBinaryWrapper, cargo, cargo-auditable }:
-runCommand "auditable-${cargo.name}" {
- nativeBuildInputs = [ makeBinaryWrapper ];
- meta = cargo-auditable.meta // {
- mainProgram = "cargo";
- };
-} ''
- mkdir -p $out/bin
- makeWrapper ${cargo}/bin/cargo $out/bin/cargo \
- --set CARGO_AUDITABLE_IGNORE_UNSUPPORTED 1 \
- --prefix PATH : ${lib.makeBinPath [ cargo cargo-auditable ]}
-''
+if cargo-auditable.meta.broken then
+ cargo
+else
+ runCommand "auditable-${cargo.name}" {
+ nativeBuildInputs = [ makeBinaryWrapper ];
+ meta = cargo-auditable.meta // {
+ mainProgram = "cargo";
+ };
+ } ''
+ mkdir -p $out/bin
+ makeWrapper ${cargo}/bin/cargo $out/bin/cargo \
+ --set CARGO_AUDITABLE_IGNORE_UNSUPPORTED 1 \
+ --prefix PATH : ${lib.makeBinPath [ cargo cargo-auditable ]}
+ ''The following overlay works for me
final: prev: {
rustPackages = prev.rustPackages.overrideScope (_: prevRust: {
cargo-auditable = prevRust.cargo-auditable.overrideAttrs (old: {
meta = old.meta // {
broken = true;
};
});
});
rust = prev.rust // {
packages = prev.rust.packages // {
stable = final.rustPackages;
};
};
}It is a little more code than I would like, but one could possibly deduplicate the top-level rust attributes to simplify the overlay. Though that would probably go into a separate PR.
There was a problem hiding this comment.
For the commit message, I don't think cargo-auditable: respect user's choices is descriptive enough. For my suggested solution, it should probably be something like cargo-auditable-cargo-wrapper: don't wrap if cargo-auditable is broken.
And for the rest of the commit message, it should be cargo-auditable instead of cargo-audit, and I assume you mean buildRustPackage instead of buildRustCrate?
…broken Recent changes to `cargo-auditable-cargo-wrapper` and `librsvg` caused it to ignore the user's decision to opt out of `cargo-audit` functionality, partially because `librsvg` does not use `buildRustPackage`. This commit restores the single-point-of-opt-out from this mis-named functionality: `cargo-audit.meta.broken`.
ghost
marked this pull request as draft
I don't see anything aggressive about my replies. Nixpkgs is policy-free and I want to keep it that way. My own policy choices are not relevant to that goal. Every time somebody tries to impose their own policy choices on nixpkgs, the debate takes a predictable path: they try to steer the conversation towards my policy choices, and explain why their policy choices are better. It's tedious and distracting, so I refuse to be drawn into it. Aggression has nothing to do with it.
Yes, I've been doing that, which is how I discovered that
(which causes
I'm not excited about further-overloading
Yes, thanks for noticing that. |
ghost
changed the title
|
Rebuilding to verify this; will undraftify when built. |
ghost
marked this pull request as ready for review
|
I do think we need better ways to control global policy decisions, but I don't have a design in mind. This change is great, it's the right thing to do to fall back to |
I would say that drawbacks are listed here: rust-lang/rfcs#2801 — either case, I find cargo-auditable to be extremely cheap and would pursue enabling it by default on a large scale beyond Nixpkgs, obviously, I also agree that it's important to let anyone override this default and opt out as they deem it fit, including, beyond Nixpkgs. It will make things easier when this feature lands upstream hopefully. |
There was a problem hiding this comment.
I wasn't able to make it work without this patch:
--- a/pkgs/development/compilers/rust/1_71.nix
+++ b/pkgs/development/compilers/rust/1_71.nix
@@ -52,7 +52,7 @@ import ./default.nix {
mips64el-unknown-linux-gnuabi64 = "de5fd0b249fbb95b9b67928ba08d7ec49f18f0ae25cbe1b0ede3c02390d7b93a";
};
- selectRustPackage = pkgs: pkgs.rust_1_71;
+ selectRustPackage = pkgs: pkgs.rust;
rustcPatches = [ ];
}but lgtm if you managed to make this work
one nitpick in the commit message: cargo-audit -> cargo-auditable, though it can be edited with a squash merge so we don't have to wait for ofborg again
|
@figsoda did something break for you without that patch? I don't see a clear connection from the code. |
This overlay wasn't working correctly for me without that patch, you would probably need to overlay final: prev: {
rustPackages = prev.rustPackages.overrideScope (_: prevRust: {
cargo-auditable = prevRust.cargo-auditable.overrideAttrs (old: {
meta = old.meta // {
broken = true;
};
});
});
rust = prev.rust // {
packages = prev.rust.packages // {
stable = final.rustPackages;
};
};
} |
|
Oh, that makes sense now. I'm ok with this being hard to overlay since the scope is reduced to handling builds gracefully on systems that cargo-auditable doesn't support. There's still room for future work targeted at making usage of cargo-auditable a configurable option. @amjoseph-nixpkgs can you address the typo that was pointed out in the commit message (i.e. cargo-audit -> cargo-auditable)? I think we can merge then. |
If you want, you can edit the commit message with a squash merge. Not sure if this change alone fixes @amjoseph-nixpkgs's issues, but this PR lgtm. |
|
Cool, it worked! |
Recent changes to
cargo-auditable-cargo-wrapperandlibrsvgcaused it to ignore the user's decision to opt out ofcargo-auditfunctionality, partially becauselibrsvgdoes not usebuildRustPackage.This commit restores the single-point-of-opt-out from this mis-named functionality:
cargo-audit.meta.broken.