Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Recompute all cargoSha256/cargoHash #121994

Closed
danieldk opened this issue May 7, 2021 · 4 comments · Fixed by #122016
Closed

Recompute all cargoSha256/cargoHash #121994

danieldk opened this issue May 7, 2021 · 4 comments · Fixed by #122016
Labels
0.kind: bug Something is broken 6.topic: reproducible builds 6.topic: rust

Comments

@danieldk
Copy link
Contributor

danieldk commented May 7, 2021

Describe the bug

Rust 1.50.0 incorporated a Cargo change (rust-lang/cargo#8937) in which cargo vendor erroneously changed permissions of vendored crates. This was fixed in Rust 1.51.0 (rust-lang/cargo#9131). Unfortunately, this means that all cargoSha256/cargoHashes produced during the Rust 1.50.0 cycle are potentially broken.

The long-term solution for this issue is that we should probably apply our own normalization for permissions (#121259). But first, we should check/update cargoSha256/cargoHash tree-wide.
@danieldk danieldk added the 0.kind: bug Something is broken label May 7, 2021
@danieldk danieldk mentioned this issue May 7, 2021
Closed
@dotlambda
Copy link
Member

dotlambda commented May 7, 2021
edited
Loading

Couldn't we apply the patch from rust-lang/cargo#9131 to our cargo?
EDIT: I misread it. We have 1.51.0, but some hashes were computed with 1.50.0.

@danieldk
Copy link
Contributor Author

danieldk commented May 7, 2021

We have 1.51.0, but some hashes were computed with 1.50.0.

Indeed. One of my machines is currently recomputing all the hashes. So hopefully I'll be able to do a PR later today.

@danieldk danieldk mentioned this issue May 7, 2021
Merged
10 tasks
danieldk added a commit to danieldk/nixpkgs that referenced this issue May 8, 2021
@danieldk
treewide: fix cargoSha256/cargoHash
39d4e1c 
Rust 1.50.0 incorporated a Cargo change (rust-lang/cargo#8937) in
which cargo vendor erroneously changed permissions of vendored
crates. This was fixed in Rust
1.51.0 (rust-lang/cargo#9131). Unfortunately, this means that all
cargoSha256/cargoHashes produced during the Rust 1.50.0 cycle are
potentially broken.

This change updates cargoSha256/cargoHash tree-wide.

Fixes NixOS#121994.
jonringer pushed a commit that referenced this issue May 8, 2021
@danieldk
treewide: fix cargoSha256/cargoHash
85f9682 
Rust 1.50.0 incorporated a Cargo change (rust-lang/cargo#8937) in
which cargo vendor erroneously changed permissions of vendored
crates. This was fixed in Rust
1.51.0 (rust-lang/cargo#9131). Unfortunately, this means that all
cargoSha256/cargoHashes produced during the Rust 1.50.0 cycle are
potentially broken.

This change updates cargoSha256/cargoHash tree-wide.

Fixes #121994.
@jonringer
Copy link
Contributor

#122016 has been merged

@nixos-discourse
Copy link

This issue has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/cargo-lock-considered-harmful/49047/3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0.kind: bug Something is broken 6.topic: reproducible builds 6.topic: rust
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

treewide: fix cargoSha256/cargoHash danieldk/nixpkgs
5 participants
@danieldk @veprbl @dotlambda @jonringer @nixos-discourse