Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scan untracked files in git for packaging/deps #1584

Merged
merged 1 commit into from
May 5, 2015
Merged

Scan untracked files in git for packaging/deps #1584

merged 1 commit into from
May 5, 2015

Conversation

alexcrichton
Copy link
Member

Closes #797
Closes #1575

This is a reopening of #1170 but I see the two closed issues as important enough that this needs to land in some form or another, and I'm more comfortable with always taking into account untracked files than only if there isn't a commit yet.

@alexcrichton
Copy link
Member Author

r? @brson

cc @huonw

@rust-highfive rust-highfive assigned brson and unassigned huonw May 5, 2015
@rust-highfive
Copy link

r? @huonw

(rust_highfive has picked a reviewer for you, use r? to override)

@brson
Copy link
Contributor

brson commented May 5, 2015

@bors r+

@bors
Copy link
Contributor

bors commented May 5, 2015

📌 Commit a8e9ce2 has been approved by brson

@bors
Copy link
Contributor

bors commented May 5, 2015

⌛ Testing commit a8e9ce2 with merge aa8ee2d...

bors added a commit that referenced this pull request May 5, 2015
@bors
Auto merge of #1584 - alexcrichton:issue-797, r=brson
aa8ee2d 
Closes #797
Closes #1575 

This is a reopening of #1170 but I see the two closed issues as important enough that this needs to land in some form or another, and I'm more comfortable with always taking into account untracked files than only if there isn't a commit yet.
@bors
Copy link
Contributor

bors commented May 5, 2015

☀️ Test successful - cargo-linux-32, cargo-linux-64, cargo-mac-32, cargo-mac-64, cargo-win-32, cargo-win-64

@bors bors merged commit a8e9ce2 into rust-lang:master May 5, 2015
@bluss
Copy link
Member

bluss commented May 9, 2015

Using the today's latest rustc+cargo, I see a lot of junk files in the generated cargo package. Crates.io thankfully refused the upload.

Crate was usually 30K to upload, went up to 18M (yeah, I had some untracked junk in my working directory..).

cargo package (used by cargo publish) will include all non-ignored untracked files in the working directory. Untidy crate authors will have to be careful!

Is that caused by this?

cargo 0.2.0-nightly (0d75eb6 2015-05-07) (built 2015-05-08)

@bluss bluss mentioned this pull request May 9, 2015
Closed
@Manishearth
Copy link
Member

Can these be printed in the normal cargo publish output as a yellow note about "these files are being uploaded" ?

@shepmaster
Copy link
Member

Can these be printed in the normal cargo publish

And hopefully in cargo package as well, so we can fix the issue before our files are uploaded? This scares me that someone might accidentally have a file full of secure information that gets uploaded somewhere...

@alexcrichton alexcrichton deleted the issue-797 branch May 11, 2015 16:34
@alexcrichton
Copy link
Member Author

@bluss yes those extra contents were likely caused by this patch, thanks for opening #1597 as well!

@shepmaster this change mirrors the behavior for path sources and other possible VCSs, so it's just bringing the git implementation more in-line with other repositories. Note that this should still be respecting .gitignore, however, which I would expect all credentials of various sorts to be located in.

@Manishearth
Copy link
Member

I would expect all credentials of various sorts to be located in.

In situations involving security it's better to assume laziness/incompetence/whatever. Especially when this seems like a nuance in Cargo's functionality that most folks won't know in the first place.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@brson brson

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

cargo doc ignores changes to files not added to git repository cargo package is not working
8 participants
@alexcrichton @rust-highfive @brson @bors @bluss @Manishearth @shepmaster @huonw