sequoia: 0.18.0 -> 0.19.0 #96180
sequoia: 0.18.0 -> 0.19.0 #96180
Conversation
doronbehar
force-pushed
the
pkg/sequoia
branch
from
d7bf2e9
to
4a2bdd7
Compare
doronbehar
force-pushed
the
pkg/sequoia
branch
from
4a2bdd7
to
bdd92c4
Compare
|
Result of 2 packages were built:
Otherwise, thanks for the update! Not much else to say after @puzzlewolf's review |
|
BTW, just out of curiosity, do you actively use this package? At the time I packaged it, I thought and I still think it's important we have it packaged in the best possible manner because GnuPG is old and annoying (Just today I ran into this) but it's not usable for my usage for a password manager.. So I just keep maintaining it for the sake of everyone else. |
|
I don't know if you were asking me, but I haven't had the time to invest into switching from GPG unfortunately :-/ I agree that the GPG cli is quite hard to grok, and that's in part why I think the sequoia project is important, and hence why I put myself as maintainer. I'd like to use it more, though... I've also had my share of pinentry issues with SSH x) |
| substituteInPlace openpgp-ffi/Makefile \ | ||
| --replace 'git grep' 'grep -R' |
There was a problem hiding this comment.
Oddly, the string git grep that is substituted here has not been in the Makefile since sequoia 0.11.0. I'd guess the problem this line solved is not there anymore?
The package from this PR builds (on my machine) even without leaveDotGit = true;. Are there circumstances where it's needed?
There was a problem hiding this comment.
Correct. But, note the (harmless?) errors you get without it at the beginning:
unpacking sources
unpacking source archive /nix/store/b7h3ypagny9sz9y50kl2a0bdvywmvf3m-sequoia
source root is sequoia
unpacking source archive /nix/store/nsijfzfig03h0vdlabdw0xlkmlf708ny-sequoia-0.19.0-vendor.tar.gz
setting SOURCE_DATE_EPOCH to timestamp 315619200 of file sequoia/tool/tests/sq-sign.rs
patching sources
Validating consistency between /build/sequoia/Cargo.lock and /build/sequoia-0.19.0-vendor.tar.gz/Cargo.lock
configuring
no configure script, doing nothing
building
build flags: SHELL=/nix/store/j206pskg2yzyla1cnfrb9kb5n5bfvjgm-bash-4.4-p23/bin/bash PREFIX=/nix/store/42wx89vypywfm2qpvwb68zkmqgcpcxsl-sequoia-0.19.0 build-release
make -Copenpgp-ffi build-release
fatal: not a git repository (or any of the parent directories): .git
make[1]: Entering directory '/build/sequoia/openpgp-ffi'
Upstream seems to be relying on this in some way. I also would like to avoid the scenario where in future releases, lacking a.git directory will lead to errors making the build fail.
There was a problem hiding this comment.
Unless it is essential for it to build I'd recommend removing leaveDotGit: #8567
There was a problem hiding this comment.
Upstream removes the .git directory from source distributions (dist target in the main Makefile), and they build without that error. So, I guess we should be fine with removing .git, too. However, I have not found out where the error line comes from 🤷
The signed source distributions are available at https://sequoia-pgp.org/dist/. I'd like to switch to those in the long run, and also verify the signatures :)
There was a problem hiding this comment.
The signed source distributions are available at sequoia-pgp.org/dist. I'd like to switch to those in the long run, and also verify the signatures :)
That would be terrific indeed, but it's kind of hard to get a tarball out of these archives in a Nix expression - it seems we'd need gpg in order to verify the signature which kind of defeats the purpose of creating a new openPGP software (to get rid of gpg).
I'm switching back to fetchFromGitLab and hopefully we won't encounter "not a git directory" build failures in the future.
There was a problem hiding this comment.
Also, the distribution tarball shouldn't be different then the gitlab tarballs, as it seems according to: https://gitlab.com/sequoia-pgp/sequoia/-/blob/v0.19.0/Makefile#L119
There was a problem hiding this comment.
That's true. Now I'm really confused about the not a git repository line. It definitely didn't show up when I ran make -Copenpgp-ffi build-release from the source distribution.
doronbehar
force-pushed
the
pkg/sequoia
branch
from
bdd92c4
to
269c445
Compare
Format inputs with newlines for easier future diffs. Use pkg-config instead of pkgconfig. Use llvmPackages_10 - the same version used by rustc. Remove a substituteInPlace hook not doing anything since 0.11.0.
doronbehar
force-pushed
the
pkg/sequoia
branch
from
269c445
to
7179b10
Compare
|
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/any-interest-in-checkings-signatures-while-building-packages/8918/9 |
|
The darwin builds hangs for ever... I'm merging anyway. Nag us in an issue Darwin users if you encounter issues. |
Format inputs with newlines for easier future diffs.
Use pkg-config instead of pkgconfig.
Use llvmPackages_10 - the same version used by rustc.
Use fetchgit instead of fetchFromGitLab since the first can
leaveDotGit.Remove some part of hooks not needed thanks to fetchgit now used.
Motivation for this change
Things done
sandboxinnix.confon non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"./result/bin/)nix path-info -Sbefore and after)