Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Geiger Failed to match & Failed to parse - Tracker #240

Open
2 tasks
Tracked by #241
pinkforest opened this issue Jan 6, 2022 · 6 comments
Open
2 tasks
Tracked by #241

Geiger Failed to match & Failed to parse - Tracker #240

pinkforest opened this issue Jan 6, 2022 · 6 comments
Labels
bug Something isn't working good first issue Good for newcomers

Comments

@pinkforest
Copy link
Collaborator

pinkforest commented Jan 6, 2022

git2-rs - Example 1

Repro

docker run -ti --rm rust /bin/bash

    cargo install cargo-geiger --git https://github.com/rust-secure-code/cargo-geiger --force
    mkdir app ; cd app
    git clone https://github.com/rust-lang/git2-rs.git .
    cargo geiger

rustc

rustup --version
rustup 1.24.3 (ce5817a94 2021-05-31)
info: This is the version for the rustup toolchain manager, not the rustc compiler.
info: The currently active `rustc` version is `rustc 1.57.0 (f1edd0429 2021-11-29)`

toolchain

rustup toolchain list  
1.57.0-x86_64-unknown-linux-gnu (default)

Suspect Errors - Unwanted 1 - Failed to match

Failed to match (ignoring source) package: form_urlencoded with version: ^1.0.0
Failed to match (ignoring source) package: idna with version: ^0.2.0
Failed to match (ignoring source) package: matches with version: ^0.1
Failed to match (ignoring source) package: percent-encoding with version: ^2.1.0
Failed to match (ignoring source) package: serde with version: ^1.0
Failed to match (ignoring source) package: bencher with version: ^0.1
Failed to match (ignoring source) package: serde_json with version: ^1.0
Failed to match (ignoring source) package: form_urlencoded with version: ^1.0.0
Failed to match (ignoring source) package: idna with version: ^0.2.0
Failed to match (ignoring source) package: matches with version: ^0.1
Failed to match (ignoring source) package: percent-encoding with version: ^2.1.0
Failed to match (ignoring source) package: serde with version: ^1.0
Failed to match (ignoring source) package: bencher with version: ^0.1
Failed to match (ignoring source) package: serde_json with version: ^1.0
Failed to match (ignoring source) package: matches with version: ^0.1
Failed to match (ignoring source) package: unicode-bidi with version: ^0.3
Failed to match (ignoring source) package: unicode-normalization with version: ^0.1.17
Failed to match (ignoring source) package: assert_matches with version: ^1.3
Failed to match (ignoring source) package: bencher with version: ^0.1
Failed to match (ignoring source) package: rustc-test with version: ^0.3
Failed to match (ignoring source) package: serde_json with version: ^1.0
Failed to match (ignoring source) package: arbitrary with version: ^1
Failed to match (ignoring source) package: serde with version: ^1.0
Failed to match (ignoring source) package: tinyvec_macros with version: ^0.1
Failed to match (ignoring source) package: criterion with version: ^0.3.0
Failed to match (ignoring source) package: serde_test with version: ^1.0
Failed to match (ignoring source) package: smallvec with version: ^1
Failed to match (ignoring source) package: flame with version: ^0.2
Failed to match (ignoring source) package: flamer with version: ^0.4
Failed to match (ignoring source) package: serde with version: >=0.8, <2.0
Failed to match (ignoring source) package: serde_test with version: >=0.8, <2.0
Failed to match (ignoring source) package: cfg-if with version: ^1.0
Failed to match (ignoring source) package: serde with version: ^1.0
Failed to match (ignoring source) package: sval with version: ^1.0.0-alpha.5
Failed to match (ignoring source) package: value-bag with version: ^1.0.0-alpha.6
Failed to match (ignoring source) package: serde with version: ^1.0
Failed to match (ignoring source) package: serde_test with version: ^1.0
Failed to match (ignoring source) package: sval with version: ^1.0.0-alpha.5
Failed to match (ignoring source) package: value-bag with version: ^1.0.0-alpha.6
Failed to match (ignoring source) package: compiler_builtins with version: ^0.1.2
Failed to match (ignoring source) package: rustc-std-workspace-core with version: ^1.0.0
Failed to match (ignoring source) package: rustversion with version: ^1.0
Failed to match (ignoring source) package: serde with version: ^1.0
Failed to match (ignoring source) package: serde_derive with version: ^1.0
Failed to match (ignoring source) package: serde_json with version: ^1.0
Failed to match (ignoring source) package: trybuild with version: ^1.0
Failed to match (ignoring source) package: walkdir with version: ^2.3
Failed to match (ignoring source) package: compiler_builtins with version: ^0.1.2
Failed to match (ignoring source) package: rustc-std-workspace-core with version: ^1.0.0
Failed to match (ignoring source) package: rustversion with version: ^1.0
Failed to match (ignoring source) package: serde with version: ^1.0
Failed to match (ignoring source) package: serde_derive with version: ^1.0
Failed to match (ignoring source) package: serde_json with version: ^1.0
Failed to match (ignoring source) package: trybuild with version: ^1.0
Failed to match (ignoring source) package: walkdir with version: ^2.3
Failed to match (ignoring source) package: compiler_builtins with version: ^0.1.2
Failed to match (ignoring source) package: rustc-std-workspace-core with version: ^1.0.0
Failed to match (ignoring source) package: rustversion with version: ^1.0
Failed to match (ignoring source) package: serde with version: ^1.0
Failed to match (ignoring source) package: serde_derive with version: ^1.0
Failed to match (ignoring source) package: serde_json with version: ^1.0
Failed to match (ignoring source) package: trybuild with version: ^1.0
Failed to match (ignoring source) package: walkdir with version: ^2.3

Suspect Errors - Unwanted 2 - Failed to parse

Failed to parse file: /usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/serde_json-1.0.74/src/features_check/error.rs, Syn(Error("expected one of: fn, extern, use, static, const, unsafe, mod, type, struct, enum, union, trait, auto, impl, default, macro, identifier, self, super, crate, ::"), "/usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/serde_json-1.0.74/src/features_check/error.rs")

Resolution

  • 1- Investigate, Resolve Failed to match error (ignoring package) or suppress it if nonsense
  • 2- Investigate, Resolve why error.rs fails

Investigation

TBD - It all seems to build fine?

@pinkforest
Copy link
Collaborator Author

pinkforest commented Jan 6, 2022

From https://gitlab.com/schmilblick/violetear/web-api - Example 2

Same repro or nightly as well tested as part of #65

From issue #65 using
via https://gitlab.com/schmilblick/violetear/web-api/tree/master
https://gitlab.com/schmilblick/violetear/web-api.git

Failed to parse file: /usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/clap-2.33.0/src/args/any_arg.rs, Syn(Error("expected `:`"), "/usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/clap-2.33.0/src/args/any_arg.rs") 
Failed to parse file: /usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/dtoa-0.4.4/src/lib.rs, Syn(Error("expected `:`"), "/usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/dtoa-0.4.4/src/lib.rs") 
Failed to parse file: /usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/futures-0.1.28/src/future/mod.rs, Syn(Error("expected `:`"), "/usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/futures-0.1.28/src/future/mod.rs") 
Failed to parse file: /usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/mio-0.6.19/test/benchmark.rs, Syn(Error("expected one of: `for`, parentheses, `fn`, `unsafe`, `extern`, identifier, `::`, `<`, square brackets, `*`, `&`, `!`, `impl`, `_`, lifetime"), "/usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/mio-0.6.19/test/benchmark.rs") 
Failed to parse file: /usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/syn-0.15.44/tests/features/error.rs, Syn(Error("expected one of: `fn`, `extern`, `use`, `static`, `const`, `unsafe`, `mod`, `type`, `struct`, `enum`, `union`, `trait`, `auto`, `impl`, `default`, `macro`, identifier, `self`, `super`, `crate`, `::`"), "/usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/syn-0.15.44/tests/features/error.rs") 
Failed to parse file: /usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/tokio-udp-0.1.3/tests/udp.rs, Syn(Error("expected `:`"), "/usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/tokio-udp-0.1.3/tests/udp.rs") 
    Scanning done
WARNING: Dependency file was never scanned: /usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/dtoa-0.4.4/src/lib.rs
WARNING: Dependency file was never scanned: /usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/futures-0.1.28/src/future/mod.rs
WARNING: Dependency file was never scanned: /usr/local/cargo/registry/src/github.com-1ecc6299db9ec823/clap-2.33.0/src/args/any_arg.rs

Additional Resolution

  • 3 - Separately warnings seem to prevent including files to be scanned - some parser failure somewhere

@pinkforest pinkforest changed the title Geiger rust-lang/git2-rs Errors - Failed to match & Failed to parse Geiger Failed to match & Failed to parse - Tracker Jan 6, 2022
@pinkforest
Copy link
Collaborator Author

tokio/tokio - Example 3

From #13

More failed to match

Failed to match (ignoring source) package: proc-macro2 with version: ^1.0.32
Failed to match (ignoring source) package: quote with version: ^1.0
Failed to match (ignoring source) package: unicode-xid with version: ^0.2
Failed to match (ignoring source) package: anyhow with version: ^1.0
Failed to match (ignoring source) package: automod with version: ^1.0
Failed to match (ignoring source) package: flate2 with version: ^1.0
Failed to match (ignoring source) package: insta with version: ^1.0
Failed to match (ignoring source) package: rayon with version: ^1.0
Failed to match (ignoring source) package: ref-cast with version: ^1.0
Failed to match (ignoring source) package: regex with version: ^1.0
Failed to match (ignoring source) package: reqwest with version: ^0.11
Failed to match (ignoring source) package: syn-test-suite with version: ^0
Failed to match (ignoring source) package: tar with version: ^0.4.16
Failed to match (ignoring source) package: termcolor with version: ^1.0
Failed to match (ignoring source) package: walkdir with version: ^2.1
Failed to match (ignoring source) package: proc-macro2 with version: ^1.0.36
Failed to match (ignoring source) package: rustversion with version: ^1.0
Failed to match (ignoring source) package: trybuild with version: ^1.0.52
Failed to match (ignoring source) package: macrotest with version: ^1.0.8
Failed to match (ignoring source) package: rustversion with version: ^1
Failed to match (ignoring source) package: static_assertions with version: ^1
Failed to match (ignoring source) package: trybuild with version: ^1.0.49

ilyatrefilov added a commit to ilyatrefilov/cargo-geiger that referenced this issue Feb 18, 2022
This fixes the issue with `Failed to match` errors, which was caused by
cargo-metadata behaviour of not resolving dev-dependencies of crate
dependency. Now we check if crate is root and if not, we won't collect
dev deps for this package, cause they are anyways not in krates graph,
which relies on cargo-metadata `resolve` output field.
Also changed argument for `Failed to match` error, cause it mentioned
not the real one unmatched package.

Relates to geiger-rs#240
@pinkforest
Copy link
Collaborator Author

pinkforest commented Feb 19, 2022

#263 by @ilyatrefilov seems to have fixed most Failed to match ones

We still have left at git2-rs:

Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index) 
Failed to match (ignoring source) package: serde 1.0.136 (registry+https://github.com/rust-lang/crates.io-index)

This is probably due to lack of workspace support as the dependency in Cargo.lock comes via workspace member - systest - which we don't add into graph

[[package]]
name = "systest"
dependencies = [
 ..
 "ctest",
]

[[package]]
name = "ctest"
version = "0.2.22"
dependencies = [
 ..
 "syntex_syntax2",
]

[[package]]
name = "syntex_syntax2"
version = "0.0.2"
dependencies = [
  ..
  "serde",
  "extprim",
]

[[package]]
name = "extprim"
version = "1.7.1"
dependencies = [
   ..
   "serde",
]

pinkforest pushed a commit that referenced this issue Feb 19, 2022
This fixes the issue with `Failed to match` errors, which was caused by
cargo-metadata behaviour of not resolving dev-dependencies of crate
dependency. Now we check if crate is root and if not, we won't collect
dev deps for this package, cause they are anyways not in krates graph,
which relies on cargo-metadata `resolve` output field.
Also changed argument for `Failed to match` error, cause it mentioned
not the real one unmatched package.

Relates to #240
@pinkforest pinkforest removed their assignment Feb 19, 2022
@NuSkooler
Copy link

NuSkooler commented Jan 6, 2023

I'm also using a workspace and get this in my projects. Can provide info if that would be helpful:

ex line:

Failed to match (ignoring source) package: unicode-xid 0.2.4 (registry+https://github.com/rust-lang/crates.io-index)

@pinkforest
Copy link
Collaborator Author

I've fallen behind so my apologies about that. Would you like to do a PR to help work on this ?

@NuSkooler
Copy link

@pinkforest To be honest, I'm not even sure where to start looking. Is there a document somewhere that describes development with this project? I'd be happy to attempt!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working good first issue Good for newcomers
Projects
None yet
Development

No branches or pull requests

2 participants