Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cargo registry - respect renamed dependencies #32430

Merged
merged 6 commits into from
Nov 12, 2024
Merged

cargo registry - respect renamed dependencies #32430

merged 6 commits into from
Nov 12, 2024

Conversation

usbalbin
Copy link
Contributor

@usbalbin usbalbin commented Nov 5, 2024
edited by wxiaoguang
Loading

rust allows renaming dependencies such as when depending on multiple versions of the same package. This is not supported by gitea as discovered in #31500 . This PR tries to address that.

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Nov 5, 2024
@pull-request-size pull-request-size bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Nov 5, 2024
@github-actions github-actions bot added the modifies/go Pull requests that update Go code label Nov 5, 2024
@usbalbin
Copy link
Contributor Author

usbalbin commented Nov 5, 2024

This is my first PR to gitea and first ever two lines of go code so please keep that in mind :)

From what I can tell there is some sort of testing machinery in tests/integration/api_packages_cargo_test.go . Should I update that to test this?

delvh
delvh approved these changes Nov 5, 2024
View reviewed changes
Copy link
Member

@delvh delvh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks fine to me, but I'm not certain if that is doing everything it should.
It's probably best if @KN4CK3R looks at it as well.

@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Nov 5, 2024
@usbalbin
Copy link
Contributor Author

usbalbin commented Nov 5, 2024
edited
Loading

The links i used:
API :
publish

{
    [...]
    "deps": [
        {
            // Name of the dependency.
            // If the dependency is renamed from the original package name,
            // this is the original name. The new package name is stored in
            // the `explicit_name_in_toml` field.
            "name": "rand",
            [...]
            // If the dependency is renamed, this is a string of the new
            // package name. If not specified or null, this dependency is not
            // renamed.
            "explicit_name_in_toml": null,
        }
    ],
    [...]
}

Registry index
JSON schema

[...]
"deps": [
        {
            // Name of the dependency.
            // If the dependency is renamed from the original package name,
            // this is the new name. The original package name is stored in
            // the `package` field.
            "name": "rand",
            [...]
            // If the dependency is renamed, this is a string of the actual
            // package name. If not specified or null, this dependency is not
            // renamed.
            "package": null,
    }
    [...]
}

usbalbin
usbalbin commented Nov 5, 2024
View reviewed changes
modules/packages/cargo/parser.go Outdated
@@ -137,14 +137,15 @@ func parsePackage(r io.Reader) (*Package, error) {
dependencies := make([]*Dependency, 0, len(meta.Deps))
for _, dep := range meta.Deps {
dependencies = append(dependencies, &Dependency{
Name: dep.Name,
Name: dep.ExplicitNameInToml,
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should probably default to dep.Name if dep.ExplicitNameInToml is not set

@lunny
Copy link
Member

lunny commented Nov 5, 2024

It's better to have a test for that.

@wxiaoguang
Copy link
Contributor

From what I can tell there is some sort of testing machinery in tests/integration/api_packages_cargo_test.go . Should I update that to test this?

I think it needs some tests, if there is any difficulty, I could also help to write one if you don't mind.

@usbalbin @wxiaoguang
Update modules/packages/cargo/parser.go
d46a559 
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
@pull-request-size pull-request-size bot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Nov 11, 2024
@usbalbin
Copy link
Contributor Author

From what I can tell there is some sort of testing machinery in tests/integration/api_packages_cargo_test.go . Should I update that to test this?

I think it needs some tests, if there is any difficulty, I could also help to write one if you don't mind.

Yes please, that would be much appreciated :)

@pull-request-size pull-request-size bot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Nov 12, 2024
@wxiaoguang wxiaoguang force-pushed the fix_cargo_rename_deps branch from 1e38f91 to 461249d Compare November 12, 2024 02:16
@wxiaoguang
Copy link
Contributor

done in 461249d

@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Nov 12, 2024
@lunny lunny added the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Nov 12, 2024
@lunny lunny added the type/bug label Nov 12, 2024
@lunny lunny added the backport/v1.22 This PR should be backported to Gitea 1.22 label Nov 12, 2024
@lunny lunny enabled auto-merge (squash) November 12, 2024 02:50
@lunny lunny merged commit 2763766 into go-gitea:main Nov 12, 2024
25 of 26 checks passed
@GiteaBot GiteaBot added this to the 1.24.0 milestone Nov 12, 2024
GiteaBot pushed a commit to GiteaBot/gitea that referenced this pull request Nov 12, 2024
@usbalbin @wxiaoguang @GiteaBot
cargo registry - respect renamed dependencies (go-gitea#32430)
0104dc8 
rust allows renaming dependencies such as when depending on multiple
versions of the same package. This is not supported by gitea as
discovered in go-gitea#31500 . This PR tries to address that.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
@GiteaBot GiteaBot removed the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Nov 12, 2024
@GiteaBot GiteaBot mentioned this pull request Nov 12, 2024
Merged
@GiteaBot GiteaBot added the backport/done All backports for this PR have been created label Nov 12, 2024
wxiaoguang added a commit that referenced this pull request Nov 12, 2024
@GiteaBot @usbalbin @wxiaoguang
cargo registry - respect renamed dependencies (#32430) (#32478)
b48df10 
Backport #32430 by usbalbin

Co-authored-by: Albin Hedman <albin9604@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
@usbalbin
Copy link
Contributor Author

done in 461249d

Thank you! :)

zjjhot added a commit to zjjhot/gitea that referenced this pull request Nov 13, 2024
@zjjhot
Merge remote-tracking branch 'giteaofficial/main'
16d7ba9 
* giteaofficial/main:
  Disable Oauth check if oauth disabled (go-gitea#32368)
  Update JS and PY dependencies (go-gitea#32482)
  Update `github.com/meilisearch/meilisearch-go` (go-gitea#32484)
  Fix test fixtures for user2/lfs.git (go-gitea#32477)
  Limit org member view of restricted users (go-gitea#32211)
  cargo registry - respect renamed dependencies (go-gitea#32430)
  Refactor LFS SSH and internal routers (go-gitea#32473)
  Fix a number of typescript issues (go-gitea#32459)
  Harden runner updateTask and updateLog api (go-gitea#32462)
  Move some functions from issue.go to standalone files (go-gitea#32468)
@lunny lunny modified the milestones: 1.24.0, 1.23.0 Nov 13, 2024
@usbalbin usbalbin mentioned this pull request Nov 14, 2024
Closed
TKaxv-7S added a commit to TKaxv-7S/gitea that referenced this pull request Dec 1, 2024
@TKaxv-7S
Merge tag 'v1.22.4' into release/v1.22
c787b16 
* SECURITY
  * Fix basic auth with webauthn (go-gitea#32531) (go-gitea#32536)
  * Refactor internal routers (partial backport, auth token const time comparing) (go-gitea#32473) (go-gitea#32479)
* PERFORMANCE
  * Remove transaction for archive download (go-gitea#32186) (go-gitea#32520)
* BUGFIXES
  * Fix `missing signature key` error when pulling Docker images with `SERVE_DIRECT` enabled (go-gitea#32365) (go-gitea#32397)
  * Fix get reviewers fails when selecting user without pull request permissions unit (go-gitea#32415) (go-gitea#32616)
  * Fix adding index files to tmp directory (go-gitea#32360) (go-gitea#32593)
  * Fix PR creation on forked repositories via API (go-gitea#31863) (go-gitea#32591)
  * Fix missing menu tabs in organization project view page (go-gitea#32313) (go-gitea#32592)
  * Support HTTP POST requests to `/userinfo`, aligning to OpenID Core specification (go-gitea#32578) (go-gitea#32594)
  * Fix debian package clean up cron job (go-gitea#32351) (go-gitea#32590)
  * Fix GetInactiveUsers (go-gitea#32540) (go-gitea#32588)
  * Allow the actions user to login via the jwt token (go-gitea#32527) (go-gitea#32580)
  * Fix submodule parsing (go-gitea#32571) (go-gitea#32577)
  * Refactor find forks and fix possible bugs that weaken permissions check (go-gitea#32528) (go-gitea#32547)
  * Fix some places that don't respect org full name setting (go-gitea#32243) (go-gitea#32550)
  * Refactor push mirror find and add check for updating push mirror (go-gitea#32539) (go-gitea#32549)
  * Fix basic auth with webauthn (go-gitea#32531) (go-gitea#32536)
  * Fix artifact v4 upload above 8MB (go-gitea#31664) (go-gitea#32523)
  * Fix oauth2 error handle not return immediately (go-gitea#32514) (go-gitea#32516)
  * Fix action not triggered when commit message is too long (go-gitea#32498) (go-gitea#32507)
  * Fix `GetRepoLink` nil pointer dereference on dashboard feed page when repo is deleted with actions enabled (go-gitea#32501) (go-gitea#32502)
  * Fix `missing signature key` error when pulling Docker images with `SERVE_DIRECT` enabled (go-gitea#32397) (go-gitea#32397)
  * Fix the permission check for user search API and limit the number of returned users for `/user/search` (go-gitea#32310)
  * Fix SearchIssues swagger docs (go-gitea#32208) (go-gitea#32298)
  * Fix dropdown content overflow (go-gitea#31610) (go-gitea#32250)
  * Disable Oauth check if oauth disabled (go-gitea#32368) (go-gitea#32480)
  * Respect renamed dependencies of Cargo registry (go-gitea#32430) (go-gitea#32478)
  * Fix mermaid diagram height when initially hidden (go-gitea#32457) (go-gitea#32464)
  * Fix broken releases when re-pushing tags (go-gitea#32435) (go-gitea#32449)
  * Only provide the commit summary for Discord webhook push events (go-gitea#32432) (go-gitea#32447)
  * Only query team tables if repository is under org when getting assignees (go-gitea#32414) (go-gitea#32426)
  * Fix created_unix for mirroring (go-gitea#32342) (go-gitea#32406)
  * Respect UI.ExploreDefaultSort setting again (go-gitea#32357) (go-gitea#32385)
  * Fix broken image when editing comment with non-image attachments (go-gitea#32319) (go-gitea#32345)
  * Fix disable 2fa bug (go-gitea#32320) (go-gitea#32330)
  * Always update expiration time when creating an artifact (go-gitea#32281) (go-gitea#32285)
  * Fix null errors on conversation holder (go-gitea#32258) (go-gitea#32266) (go-gitea#32282)
  * Only rename a user when they should receive a different name (go-gitea#32247) (go-gitea#32249)
  * Fix checkbox bug on private/archive filter (go-gitea#32236) (go-gitea#32240)
  * Add a doctor check to disable the "Actions" unit for mirrors (go-gitea#32424) (go-gitea#32497)
  * Quick fix milestone deadline 9999 (go-gitea#32423)
  * Make `show stats` work when only one file changed (go-gitea#32244) (go-gitea#32268)
  * Make `owner/repo/pulls` handlers use "PR reader" permission (go-gitea#32254) (go-gitea#32265)
  * Update scheduled tasks even if changes are pushed by "ActionsUser" (go-gitea#32246) (go-gitea#32252)
* MISC
  * Remove unnecessary code: `GetPushMirrorsByRepoID` called on all repo pages (go-gitea#32560) (go-gitea#32567)
  * Improve some sanitizer rules (go-gitea#32534)
  * Update nix development environment vor v1.22.x (go-gitea#32495)
  * Add warn log when deleting inactive users (go-gitea#32318) (go-gitea#32321)
  * Update github.com/go-enry/go-enry to v2.9.1 (go-gitea#32295) (go-gitea#32296)
  * Warn users when they try to use a non-root-url to sign in/up (go-gitea#32272) (go-gitea#32273)

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEumb2f9c/cFjXEtMIw7fJG2Mvc4oFAmdEyeoACgkQw7fJG2Mv
# c4pythAAn57Z9Csfd8UrHbCd87SBlEGydhlng5Oc99pQIAvExR0hc9VFWjt5pFr4
# aXTajtzb/sDQkAPZEiL45CL471z+Ga81ixaKRfrBeMiSECB0wBaL4+XH94qQ3lw3
# /dNfQsc9bUnomGWQyEIbQ6mT85fJdvBD1nibUSH3b5P4WqOBHbY9YlehPmE96KY2
# 9k1IYvBvcfCjK6njVQ7m+sFOr7/Y2ZHe9FeN8hEf/1Bfnc75wtkeNyeXnlNe67Eo
# ViFzcA35WyTXw4NRY+TG/8xZEXHl8DuOuUdPoBqkpFw9TzxR2svO0QLzRIHgJP+t
# /Cdd16zZd6fQ+ET+DV8IaF2wlXdEgVDWs2aT04VDLGpSw9czxsUEUQ0ETWFFomXN
# //goTLu1B3fVQYrE9MK2vfUQGe2Su3ChGwNtNEK9bMQpO6sLFGRE0nPgBJMPJ0yA
# bfPhRlsVxnyEToqeKoC77wv0kPiOkzPfDm6sFLAt+tATcij5UlTU4nVXyXsELk14
# p5mtsTfaEqiH3U+JW0Drz8wV7nk8F599lZbYO92M3Z59bqC5TsOVYgqb1ODTpqQO
# 7gLdgdKmQbKWTPHLA9Hz+0/3bT1MirMRdtXW7TmgW83TuN37wOuElCmXmJTN2feY
# LG4k417kVrBwF+fdGPXo+T7H0MqxX1fTkVftG3C63sdaRQrUM1M=
# =jyQM
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue, Nov 26, 2024  3:03:06 AM
# gpg:                using RSA key BA66F67FD73F7058D712D308C3B7C91B632F738A
# gpg: Note: database_open 134217901 waiting for lock (held by 1152) ...
# gpg: Note: database_open 134217901 waiting for lock (held by 1152) ...
# gpg: Note: database_open 134217901 waiting for lock (held by 1152) ...
# gpg: Note: database_open 134217901 waiting for lock (held by 1152) ...
# gpg: Note: database_open 134217901 waiting for lock (held by 1152) ...
# gpg: keydb_search failed: Connection timed out
# gpg: Note: database_open 134217901 waiting for lock (held by 1152) ...
# gpg: Note: database_open 134217901 waiting for lock (held by 1152) ...
# gpg: Note: database_open 134217901 waiting for lock (held by 1152) ...
# gpg: Note: database_open 134217901 waiting for lock (held by 1152) ...
# gpg: Note: database_open 134217901 waiting for lock (held by 1152) ...
# gpg: keydb_search failed: Connection timed out
# gpg: Can't check signature: No public key
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@delvh delvh delvh approved these changes

@wxiaoguang wxiaoguang wxiaoguang approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created backport/v1.22 This PR should be backported to Gitea 1.22 lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/go Pull requests that update Go code size/M Denotes a PR that changes 30-99 lines, ignoring generated files. type/bug
Projects
None yet
Milestone
1.23.0
Development

Successfully merging this pull request may close these issues.
5 participants
@usbalbin @lunny @wxiaoguang @delvh @GiteaBot