libgnome-keyring: Unify

[jtojnar]

Description of changes

No need to have two API compatible copies of this ancient and deprecated library.

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • sandbox = relaxed
  • sandbox = true
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

---

Add a 👍 reaction to pull requests you find important.

[jtojnar]

Opened NixOS/cabal2nix#625 for that.

[doronbehar]

Looks good overall.

[doronbehar]

I don't understand the end of this sentence, but for sure this word is missing:

Suggested change

	# not ideal to use -config scripts but it's not possible switch it to pkg-config
	# binaries in dev have a for build shebang
	# not ideal to use -config scripts but it's not possible to switch it to pkg-config

[jtojnar]

Same here, I just cherry-picked @Artturin’s commit and gave up on it.

I believe it is supposed to be parsed “binaries in dev have (a (for build) shebang)”

[doronbehar]

Same here, I just cherry-picked @Artturin’s commit and gave up on it.

I believe it is supposed to be parsed “binaries in dev have (a (for build) shebang)”

@Artturin gave their 👍 for rephrasing that sentence as you said.

[doronbehar]

Maybe we should try to use autoreconfHook?

[jtojnar]

I do not want to touch this. It should die already.

[doronbehar]

I do not want to touch this. It should die already.

Oh I think the 1st commit's title is misleading - you are in fact editing the expression of the attribute libgnome-keyring, and not libgnome-keyring3.

[jtojnar]

It is modifying what was gnome.libgnome-keyring (libgnome-keyring3) at the time of the commit. The package is only renamed later.

[doronbehar]

I do not want to touch this. It should die already.

This is the comment that confused me BTW - why should it die?

[jtojnar]

It adds extra maintenance work just to support few apps that could not be bothered to migrate to libsecret in the 10+ years libgnome-keyring has been deprecated.

[doronbehar]

It adds extra maintenance work just to support few apps that could not be bothered to migrate to libsecret in the 10+ years libgnome-keyring has been deprecated.

Ahh OK so libgnome-keyring is replaced by libgnome-keyring3 which should really be replaced by libsecret.

Still though, if we don't have that many packages still depending on libgnome-keyring or libgnome-keyring3, I'd make the effort to try to add autoreconfHook, but I don't care too much about this old library to insist on that :).

[doronbehar]

Those libraries actually have the same API.

Hmm I tend to think maybe we should use a lib.warn alias instead? Maybe there are other differences we are not aware of?

[jtojnar]

Well, one difference is that the newer version marks everything deprecated so it can cause problems if some project has deprecations disabled. But I do not expect that to happen – most consumers do not even include the headers, they just dlopen the library. And I would expect sizeable portion to be unused – the library has been deprecated for over 10 years.

Here is the abidiff for peace of mind:

$ nix shell nixpkgs#libabigail -c abidiff /nix/store/q36nxj41f071n2m7d3xffski2q02kvfa-libgnome-keyring-2.32.0/lib/libgnome-keyring.so.0.1.1  /nix/store/dyz4bhii86r5mqinayic77yv2rbfn8fr-libgnome-keyring-3.12.0/lib/libgnome-keyring.so.0.2.0
Functions changes summary: 0 Removed, 0 Changed, 0 Added function
Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
Function symbols changes summary: 0 Removed, 12 Added function symbols not referenced by debug info
Variable symbols changes summary: 0 Removed, 1 Added variable symbol not referenced by debug info

12 Added function symbols not referenced by debug info:

  [A] gnome_keyring_access_control_get_type
  [A] gnome_keyring_application_ref_get_type
  [A] gnome_keyring_attribute_get_string
  [A] gnome_keyring_attribute_get_type
  [A] gnome_keyring_attribute_get_uint32
  [A] gnome_keyring_attribute_list_get_type
  [A] gnome_keyring_attribute_list_new
  [A] gnome_keyring_attribute_list_to_glist
  [A] gnome_keyring_found_copy
  [A] gnome_keyring_found_get_type
  [A] gnome_keyring_info_get_type
  [A] gnome_keyring_item_info_get_gtype

1 Added variable symbol not referenced by debug info:

  [A] SECMEM_pool_data_v1_0

[doronbehar]

Well, one difference is that the newer version marks everything deprecated so it can cause problems if some project has deprecations disabled. But I do not expect that to happen – most consumers do not even include the headers, they just dlopen the library. And I would expect sizeable portion to be unused – the library has been deprecated for over 10 years.

Here is the abidiff for peace of mind:

OK Great it's nice to get confidence that this won't break anything, but still, the reason to add a lib.warn is to distribute the update - that's our role as a distribution IMO (same arguments as in the "How to introduce a breaking version bump" discourse thread).

[jtojnar]

I do not think there is a consensus on lib.warn yet so I decided to go with status quo for aliases.nix and not add it here.

[doronbehar]

If the 1st commit has only a misleading title, but correct contents, it can be removed IMO.

[jtojnar]

If the 1st commit has only a misleading title, but correct contents, it can be removed IMO.

Not sure why you think it an be removed.

My primary concern when deciding on commit contents is ease of reviewing and similar git blame archaeology. As a result, I tend to make commits minimal, to be reviewed one-by-one. Each commit applied individually (after all dependencies were already applied) should also keep the tree in a good state (again to keep bisection working), which enforces topological ordering on the commits.

[doronbehar]

My primary concern when deciding on commit contents is ease of reviewing and similar git blame archaeology.

Yea I agree with this goal, I just got confused between the two version of the libgnome-keyring package - I thought you edit one of them, and right afterwards delete them.

[jtojnar]

The guidelines require an existing attribute name as the commit header tag, so renames should be new: rename from old. I agree that it can be a bit confusing.