itsscb/cargo
1
0
Fork 0
mirror of https://github.com/rust-lang/cargo.git synced 2025-09-25 11:14:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use the shared source building in package

Browse Source 
This changes the registry validation slightly, adding in a check
forbidding implicit source replacement. This affects the tests (which
configure a dummy registry for source replacement), so we also weaken
the checks by only erroring for registry issues when there are actually
local dependencies.
This commit is contained in:
Joe Neeman 2024-08-19 12:06:11 +07:00
parent b3860a4a66
commit a9987f0982
3 changed files with 34 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
src/cargo/ops/cargo_package.rs
View File

@ -1,4 +1,4 @@
use std::collections::{BTreeSet, HashMap, HashSet};
use std::collections::{BTreeSet, HashMap};
use std::fs::{self, File};
use std::io::prelude::*;
use std::io::SeekFrom;
@ -16,7 +16,7 @@ use crate::core::{Package, PackageId, PackageSet, Resolve, SourceId};
use crate::ops::lockfile::LOCKFILE_NAME;
use crate::ops::registry::{infer_registry, RegistryOrIndex};
use crate::sources::registry::index::{IndexPackage, RegistryDependency};
use crate::sources::{PathSource, SourceConfigMap, CRATES_IO_REGISTRY};
use crate::sources::{PathSource, CRATES_IO_REGISTRY};
use crate::util::cache_lock::CacheLockMode;
use crate::util::context::JobsConfig;
use crate::util::errors::CargoResult;
@ -202,19 +202,28 @@ pub fn package(ws: &Workspace<'_>, opts: &PackageOpts<'_>) -> CargoResult<Vec<Fi
// below, and will be validated during the verification step.
}
let deps = local_deps(pkgs.iter().map(|(p, f)| ((*p).clone(), f.clone())));
let just_pkgs: Vec<_> = pkgs.iter().map(|p| p.0).collect();
let publish_reg = get_registry(ws.gctx(), &just_pkgs, opts.reg_or_index.clone())?;
debug!("packaging for registry {publish_reg}");
// The publish registry doesn't matter unless there are local dependencies,
// so only try to get one if we need it. If they explicitly passed a
// registry on the CLI, we check it no matter what.
let sid = if deps.has_no_dependencies() && opts.reg_or_index.is_none() {
None
} else {
let sid = get_registry(ws.gctx(), &just_pkgs, opts.reg_or_index.clone())?;
debug!("packaging for registry {}", sid);
Some(sid)
};
let mut local_reg = if ws.gctx().cli_unstable().package_workspace {
let reg_dir = ws.target_dir().join("package").join("tmp-registry");
Some(TmpRegistry::new(ws.gctx(), reg_dir, publish_reg)?)
sid.map(|sid| TmpRegistry::new(ws.gctx(), reg_dir, sid))
.transpose()?
} else {
None
};
let deps = local_deps(pkgs.iter().map(|(p, f)| ((*p).clone(), f.clone())));
// Packages need to be created in dependency order, because dependencies must
// be added to our local overlay before we can create lockfiles that depend on them.
let sorted_pkgs = deps.sort();
@ -258,52 +267,35 @@ pub fn package(ws: &Workspace<'_>, opts: &PackageOpts<'_>) -> CargoResult<Vec<Fi
/// packages that we're packaging: if we're packaging foo-bin and foo-lib, and foo-bin
/// depends on foo-lib, then the foo-lib entry in foo-bin's lockfile will depend on the
/// registry that we're building packages for.
pub(crate) fn get_registry(
fn get_registry(
gctx: &GlobalContext,
pkgs: &[&Package],
reg_or_index: Option<RegistryOrIndex>,
) -> CargoResult<SourceId> {
let reg_or_index = match reg_or_index {
let reg_or_index = match reg_or_index.clone() {
Some(r) => Some(r),
None => infer_registry(pkgs)?,
};
// Validate the registry against the packages' allow-lists.
let reg = reg_or_index
.clone()
.unwrap_or_else(|| RegistryOrIndex::Registry(CRATES_IO_REGISTRY.to_owned()));
// Validate the registry against the packages' allow-lists. For backwards compatibility, we
// skip this if only a single package is being published (because in that case the registry
// doesn't affect the packaging step).
if pkgs.len() > 1 {
if let RegistryOrIndex::Registry(reg_name) = &reg {
for pkg in pkgs {
if let Some(allowed) = pkg.publish().as_ref() {
if !allowed.iter().any(|a| a == reg_name) {
bail!(
if let RegistryOrIndex::Registry(reg_name) = reg {
for pkg in pkgs {
if let Some(allowed) = pkg.publish().as_ref() {
if !allowed.iter().any(|a| a == &reg_name) {
bail!(
"`{}` cannot be packaged.\n\
The registry `{}` is not listed in the `package.publish` value in Cargo.toml.",
pkg.name(),
reg_name
);
}
}
}
}
}
let sid = match reg {
RegistryOrIndex::Index(url) => SourceId::for_registry(&url)?,
RegistryOrIndex::Registry(reg) if reg == CRATES_IO_REGISTRY => SourceId::crates_io(gctx)?,
RegistryOrIndex::Registry(reg) => SourceId::alt_registry(gctx, &reg)?,
};
// Load source replacements that are built-in to Cargo.
let sid = SourceConfigMap::empty(gctx)?
.load(sid, &HashSet::new())?
.replaced_source_id();
Ok(sid)
Ok(ops::registry::get_source_id(gctx, reg_or_index.as_ref())?.replacement)
}
/// Just the part of the dependency graph that's between the packages we're packaging.
@ -322,6 +314,12 @@ impl LocalDependencies {
.map(|name| self.packages[&name].clone())
.collect()
}
pub fn has_no_dependencies(&self) -> bool {
self.graph
.iter()
.all(|node| self.graph.edges(node).next().is_none())
}
}
/// Build just the part of the dependency graph that's between the given packages,

2
src/cargo/ops/registry/mod.rs
View File

@ -191,7 +191,7 @@ fn registry(
///
/// The return value is a pair of `SourceId`s: The first may be a built-in replacement of
/// crates.io (such as index.crates.io), while the second is always the original source.
fn get_source_id(
pub(crate) fn get_source_id(
gctx: &GlobalContext,
reg_or_index: Option<&RegistryOrIndex>,
) -> CargoResult<RegistrySourceIds> {

3
tests/testsuite/package.rs
View File

@ -5999,7 +5999,8 @@ fn registry_not_in_publish_list() {
.masquerade_as_nightly_cargo(&["package-workspace"])
.with_status(101)
.with_stderr_data(str![[r#"
[ERROR] registry index was not found in any configuration: `alternative`
[ERROR] `foo` cannot be packaged.
The registry `alternative` is not listed in the `package.publish` value in Cargo.toml.
"#]])
.run();