[Buildroot] [PATCH 14/16] package/pkg-cargo: add support for unlocked packages

James Hilliard james.hilliard1 at gmail.com
Mon Jun 3 18:55:36 UTC 2024 

On Mon, Jun 3, 2024 at 12:43 PM Yann E. MORIN <yann.morin.1998 at free.fr> wrote:
>
> James, All,
>
> On 2024-06-03 11:48 -0600, James Hilliard spake thusly:
> > On Mon, Jun 3, 2024 at 5:52 AM Yann E. MORIN <yann.morin.1998 at free.fr> wrote:
> > > Hmmm... Indeed, this would cause quite some grief if we would change the
> > > Cargo.lock...
> > > However, I don't see an easy solution to this issue... :-/
> > > Well, I do have an idea, and it would definitely work, but it would be
> > > *excessively* ugly... I'll try to implement it, but as an additional
> > > change on-top of the existing series, because I am not sure it would br
> > > meaningful in the end... Let's see...
> > Probably it would be good enough to say take the first 7 characters of the
> > sha256 hash(same length as a git shorthash) of the Cargo.lock file and
> > incorporate that into the archive filename appended to the package version.
>
> The problem with short hashes, is that they are much less unique than
> full hashes. We've excluded using short hashes wherever we had the
> choice (see for example the recent git export-subst attribute, where we
> replace the short-hash placeholder with the full-length hash). So I
> would refrain from using a short-hash anywhere else as well.

Well the short hash would only need to be unique per package version so
I think it would work fine in this case.

>
> There is a simpler solution, though, which is to rely on the .mk to set
> the version and be done with it:
>
>  1. it is very seldom that a cargo package is not locked, so we don't
>     need anything too complex;
>  2. for unlocked packages, we'll very seldom update our Cargo.lock, so
>     we don't need anything too fancy;
>  3. if one forgets to update the version when updating Cargo.lock,
>     there will be a hash mismatch on download anyway, so we'll notice.

Ok, but how would we handle a case where we need to update the
Cargo.lock but are unable to update the version(i.e. if the package does
not have a newer version).

Are you thinking of something like setting the Cargo.lock version in the .mk
and incorporating that in the archive somehow?

>
> So that's what I've gone with. It requires a few tricks and tweaks here
> and there, but this is already working since a few hours ago, but I got
> distracted and did not have time to finish the work (and the commit
> logs); maybe later tonight, or tomorrow...
>
> Regards,
> Yann E. MORIN.
>
> --
> .-----------------.--------------------.------------------.--------------------.
> |  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
> | +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
> | +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
> | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
> '------------------------------^-------^------------------^--------------------'

More information about the buildroot mailing list