2115a2037c
This has several advantages:
1. It takes up less space on disk in-between builds in the nix store.
2. It uses less space in the binary cache for vendor derivation packages.
3. It uses less network traffic downloading from the binary cache.
4. It plays nicely with hashed mirrors like tarballs.nixos.org, which only
substitute --flat hashes on single files (not recursive directory hashes).
5. It's consistent with how simple `fetchurl` src derivations work.
6. It provides a stronger abstraction between input src-package and output
package, e.g., it's harder to accidentally depend on the src derivation at
runtime by referencing something like `${src}/etc/index.html`. Likewise, in
the store it's harder to get confused with something that is just there as a
build-time dependency vs. a runtime dependency, since the build-time
src dependencies are tarred up.
Disadvantages are:
1. It takes slightly longer to untar at the start of a build.
As currently implemented, this attaches the compacted vendor.tar.gz feature as a
rider on `verifyCargoDeps`, since both of them are relatively newly implemented
behavior that change the `cargoSha256`.
If this PR is accepted, I will push forward the remaining rust packages with a
series of treewide PRs to update the `cargoSha256`s.
|
||
|---|---|---|
| .. | ||
| build-rust-crate | ||
| patch-registry-deps | ||
| cargo-vendor-normalise.py | ||
| carnix.nix | ||
| crates-io.nix | ||
| default-crate-overrides.nix | ||
| default.nix | ||
| fetchcargo-default-config.toml | ||
| fetchcargo.nix | ||
| fetchCargoTarball.nix | ||
| fetchcrate.nix | ||
| README.md | ||
Updated fetchCargo behavior
Changes to the fetchcargo.nix behavior that cause changes to the cargoSha256
are somewhat disruptive, so historically we've added conditionals to provide
backwards compatibility. We've now accumulated enough of these that it makes
sense to do a clean sweep updating hashes, and delete the conditionals in the
fetcher to simplify maintenance and implementation complexity. These
conditionals are:
-
When cargo vendors dependencies, it generates a config. Previously, we were hard-coding our own config, but this fails if there are git dependencies. We have conditional logic to sometimes copy the vendored cargo config in, and sometimes not.
-
When a user updates the src package, they may forget to update the
cargoSha256. We have an opt-in conditional flag to add theCargo.lockinto the vendor dir for inspection and compare at build-time, but it defaults to false. -
We were previously vendoring into a directory with a recursive hash, but would like to vendor into a compressed tar.gz file instead, for the reasons specified in the git commit message adding this feature.
Migration plan
-
(DONE in this PR) Implement
fetchCargoTarballas a separate, clean fetcher implementation along-sidefetchcargo. RenameverifyCargoDeps(default false) tolegacyCargoFetcher(default true), which switches the fetcher implementation used. ReplaceverifyCargoDeps = true;withlegacyCargoFetcher = false;in Rust applications. -
Send a treewide Rust PR that sets
legacyCargoFetcher = true;in all Rust applications not using this (which is ~200 of them), with a note to maintainers to delete if updating the package. Change the default inbuildRustPackageto false. -
Go through all Rust src packages deleting the
legacyCargoFetcher = false;line and re-computing thecargoSha256, merging as we go. -
Delete the
fetchcargo.niximplementation entirely and also remove:
- All overrides in application-level packages
- The
fetchcargo-default-config.tomland conditionals around using it when no$CARGO_CONFIGexists - This README.md file