keep track of crates that are whitelisted to be used even if yanked #6611
Conversation
src/cargo/core/source/source_id.rs
Outdated
| pub fn load<'a>( | ||
| self, | ||
| config: &'a Config, | ||
| yanked_whitelist: HashSet<PackageId>, |
There was a problem hiding this comment.
It might help clean things up to plumb through &HashSet<PackageId> mostly and then only clone when necessary at the bottom
There was a problem hiding this comment.
I have been experimenting but plumbing thure the lifetime can be annoying. I will try again.
There was a problem hiding this comment.
Oh and to be clear I wouldn't connect the lifetime to anything, only passing around a borrow and then when it needs to be stored cloning it
|
☔ The latest upstream changes (presumably #6591) made this pull request unmergeable. Please resolve the merge conflicts. |
Eh2406
force-pushed
the
conservative-updates
branch
2 times, most recently
from
7ea62a1
to
3608368
Compare
Eh2406
force-pushed
the
conservative-updates
branch
from
85bbda3
to
9a6a382
Compare
|
I think I have addressed your suggestions. Next time I look at this it will be time to add a test, suggestions welcome. |
Eh2406
force-pushed
the
conservative-updates
branch
from
9a6a382
to
192073b
Compare
Eh2406
force-pushed
the
conservative-updates
branch
from
97609cd
to
6953ef8
Compare
|
Ok that is 2 tests and it seems to not be working. :-( |
|
Oh so I bet this is related to replaced sources. In |
|
(the "related to" being that the package ids aren't equal I think because the source ids change as they flow through the config source) |
|
Still not passing. Is it something silly? I am worried that it has to do with poisoning all of a registry leading to us whitelisting to little. |
|
Hm without digging in too much just yet, it may be that the replacement happens the other way around or something like that? Or maybe something needs to be swapped? It may be worthwhile to add some debugging prints and such to see if the failing tests can be diagnosed more directly too |
|
cargo\sources\registry\index.rs pub fn query_inner(
...
+ if !yanked_whitelist.is_empty() {
+ println!("dep.name: {:?} dep.source_id(): {:?}", name, dep.source_id().to_string());
+ println!("yanked_whitelist: {:?}", yanked_whitelist);
+ }then running yanks_in_lockfiles_are_ok_with_new_dep dep.name: "bar" dep.source_id(): "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`"
yanked_whitelist: {PackageId { name: "foo", version: "0.0.1", source: "C:\\...\\cargo\\target\\cit\\t0\\foo" }}
dep.name: "baz" dep.source_id(): "registry `C:\\....\\cargo\\target\\cit\\t0\\registry`"
yanked_whitelist: {PackageId { name: "foo", version: "0.0.1", source: "C:\\...\\cargo\\target\\cit\\t0\\foo" }}
dep.name: "bar" dep.source_id(): "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`"
yanked_whitelist: {PackageId { name: "foo", version: "0.0.1", source: "C:\\...\\cargo\\target\\cit\\t0\\foo" }}
dep.name: "bar" dep.source_id(): "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`"
yanked_whitelist: {PackageId { name: "foo", version: "0.0.1", source: "C:\\...\\cargo\\target\\cit\\t0\\foo" }}So "bar" is not making it to the yanked_whitelist yanks_in_lockfiles_are_ok_for_other_update running `C:\Users\...\cargo\target\debug\cargo.exe build`
running `C:\Users\...\cargo\target\debug\cargo.exe build`
dep.name: "bar" dep.source_id(): "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`"
yanked_whitelist: {PackageId { name: "baz", version: "0.0.1", source: "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`" }, PackageId { name: "bar", version: "0.0.1", source: "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`" }, PackageId { name: "foo", version: "0.0.1", source: "C:\\...\\cargo\\target\\cit\\t0\\foo" }}
dep.name: "baz" dep.source_id(): "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`"
yanked_whitelist: {PackageId { name: "baz", version: "0.0.1", source: "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`" }, PackageId { name: "bar", version: "0.0.1", source: "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`" }, PackageId { name: "foo", version: "0.0.1", source: "C:\\...\\cargo\\target\\cit\\t0\\foo" }}
dep.name: "bar" dep.source_id(): "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`"
yanked_whitelist: {PackageId { name: "baz", version: "0.0.1", source: "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`" }, PackageId { name: "bar", version: "0.0.1", source: "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`" }, PackageId { name: "foo", version: "0.0.1", source: "C:\\...\\cargo\\target\\cit\\t0\\foo" }}
dep.name: "baz" dep.source_id(): "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`"
yanked_whitelist: {PackageId { name: "baz", version: "0.0.1", source: "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`" }, PackageId { name: "bar", version: "0.0.1", source: "registry `C:\\...\\cargo\\target\\cit\\t0\\registry`" }, PackageId { name: "foo", version: "0.0.1", source: "C:\\...\\cargo\\target\\cit\\t0\\foo" }}So I think we are mapping the source correctly |
|
Oh right, turns out this location is too aggressive and is the wrong place for this check. Let's go back to an explicit method to add an entry to the whitelist, and then regardless of update flags add the entire previous lockfile to the whitelist. |
This reverts commit 4fb53e5
|
Ok reverted the relevant commit. I think |
|
Given the number of people who are dealing with broken builds, feel free to push to this PR if that is faster than explaining an idea. |
If we're updating a crate then its previous version in the lock file is no longer whitelisted. We may want to perhaps change this in the future!
|
Ok I've pushed up a few commits I found locally, but they don't fix the issue. I have, however, found the issue! The problem is that we're loading a registry when the whitelist is empty, and then afterwards we're adding to the whitelist. The update of the whitelist in the second step isn't getting propagated to the registry source because the registry source is always loaded. The offending add is here: I'm open to possible solutions. I think we'll want some sort of assertion one way or another to ensure this doesn't happen (e.g. if the whitelist is updated the are no loaded sources), but that's somewhat difficult as we add sources in a few places. Otherwise we could try just taking the whitelist a lot sooner, but that may make taking the whitelist a bit larger. Other solutions could involve passing the whitelist through the |
|
I don't think I understand the levels of abstractions well enough to have anything intelligent to say on how this "should" be solved. If you have a more concrete set of steps I can try to follow them. |
When sources already exist in a `PackageRegistry` and the whitelist is updated in the package registry, be sure to update all the existing sources to ensure that everyone gets the same view of the intended whitelist.
|
Ok I've pushed a commit which I believe fixes the tests and makes this pass everything now, want to take a look @Eh2406? |
|
That is a clever solution. LGTM, for all I understand it. |
alexcrichton
changed the title
|
@bors: r+ Alright, let's merge this then! |
|
📌 Commit 4a2f810 has been approved by |
keep track of crates that are whitelisted to be used even if yanked This is a start on #6609. It definitely needs tests that the bug is fixed, and to reduce the clones. But for now let's see what CI thinks.
|
☀️ Test successful - checks-travis, status-appveyor |
Bump cargo to 865cb70 Merged PRs: * Replace util::without_prefix with Path::strip_prefix rust-lang/cargo#6620 * keep track of crates that are whitelisted to be used even if yanked rust-lang/cargo#6611 * Fix default DYLD_FALLBACK_LIBRARY_PATH on MacOS. rust-lang/cargo#6625 * Bail when trying to run "test --doc --no-run" rust-lang/cargo#6628 * In cargo test's help, add that examples are built rust-lang/cargo#6619 * Extract & re-use filter_targets in cargo_compile rust-lang/cargo#6621 * Test cleanup: remove unnecessary with_status(0) rust-lang/cargo#6630 * Fix run's help message rust-lang/cargo#6631 * Some updates to bash completion. rust-lang/cargo#6644 * Introduce Source::download_now rust-lang/cargo#6637 * Switch from unused_imports to deprecated to test unfixable warnings rust-lang/cargo#6649
Bump cargo to 865cb70 Merged PRs: * Replace util::without_prefix with Path::strip_prefix rust-lang/cargo#6620 * keep track of crates that are whitelisted to be used even if yanked rust-lang/cargo#6611 * Fix default DYLD_FALLBACK_LIBRARY_PATH on MacOS. rust-lang/cargo#6625 * Bail when trying to run "test --doc --no-run" rust-lang/cargo#6628 * In cargo test's help, add that examples are built rust-lang/cargo#6619 * Extract & re-use filter_targets in cargo_compile rust-lang/cargo#6621 * Test cleanup: remove unnecessary with_status(0) rust-lang/cargo#6630 * Fix run's help message rust-lang/cargo#6631 * Some updates to bash completion. rust-lang/cargo#6644 * Introduce Source::download_now rust-lang/cargo#6637 * Switch from unused_imports to deprecated to test unfixable warnings rust-lang/cargo#6649
This is a start on #6609. It definitely needs tests that the bug is fixed, and to reduce the clones. But for now let's see what CI thinks.