Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

multiple matching crates when deps are duplicated (local deps) #37

Closed
brson opened this issue Jul 12, 2017 · 2 comments
Closed

multiple matching crates when deps are duplicated (local deps) #37

brson opened this issue Jul 12, 2017 · 2 comments
Labels

Comments

@brson
Copy link
Collaborator

brson commented Jul 12, 2017

https://github.com/brson/rust-skeptic/pull/36 fixed this problem for crates.io dependencies but it still shows up for local dependencies because the fingerprint looks different.

@brson
Copy link
Collaborator Author

brson commented Jul 12, 2017

@budziq
Copy link
Owner

budziq commented Jul 13, 2017

In fact the remote VCS based dependencies will be broken too.

Here is a braindump on how to tackle these problems in the (likely) case I'll not be able to work on this issue in the upcoming weeks.

Current implementation of dependency deduplication

  • parses Cargo.lock [root][dependencies] section in search of valid crate names and crate version pairs
  • parses all internal cargo .fingerprint files which are in the form of
{PROJECT_ROOT}/target/{BUILD_TYPE}/.fingerprint/{CRATE_NAME}-{CRATE_BUILD_HASH}/lib-{CRATE_NAME}-{CRATE_BUILD_HASH}.json 

for example

/some/path/target/debug/.fingerprint/skeptic-e3787ed99bbcb291/lib-skeptic-e3787ed99bbcb291.json 

searching for following JSON construct containing the crate version under [local][precalculated] or [local][0][precalculated]:

"local": {
    "Precalculated": "0.10.1"
},
  • the version obtained from .fingerprint is correlated with one from Cargo.lock
    • in case there are multiple hits with given (name, version) the one with highest mtime is selected
  • the rlib path for given dependency is calculated as
{PROJECT_ROOT}/target/{BUILD_TYPE}/deps/lib{CRATE_NAME}-{CRATE_BUILD_HASH}.rlib

for example

/some/path/target/debug/deps/libskeptic-e3787ed99bbcb291.rlib
  • the obtained rlibs are linked to each skeptic test if given rlib exists

The problem with local PATH and VCS based dependencies

Both local and VCS dependencies will not work in current setup due to different .fingerprint format

  • local path dependency - here the "Precalculated" is replaced by a path to fingerprint from which we cannot read the version but can still infer the rlib path.
    "local": {
        "MtimeBased": [
            [
                1499933308,
                284260699
            ],
            "/some/path/target/debug/.fingerprint/skeptic-f99537cab0ea0278/dep-lib-skeptic-f99537cab0ea0278"
        ]
    },
  • remote VCS dependency - the "Precalculated" shows VCS commit id instead of version we can use semver crate to differentiate the two cases
    "local": {
        "Precalculated": "4f04f1e58bf2839735f692a511f502ad48ec0f48"
    },

In both cases we are still able to obtain rlib paths but we loose the correlation with Cargo.lock. At the moment my best idea would be to just fallback to selecting the rlib with highest mtime in case we are handling PATH or VCS based dependency and cross our fingers 😞

@brson Honestly, this is an awful hackjob and we may need to wait for cargo buildplans rust-lang/cargo#3815 to solve this issue reasonably.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants