cfallin opened PR #3616 from check-isle-feature
to main
:
Some use-cases are very sensitive to the number of crates pulled in,
both for audit-related reasons and for build-time reasons.Our manifest-based ISLE-up-to-date approach in #3534 was meant to help
with this while still avoiding the footgun of a completely opt-in source
rebuild: by including generated source in the checked-in tree, and just
checking that source is up to date, we allow for fast builds without the
whole ISLE compiler meta-step, but still catch attempted use of stale
generated source (and allow the developer to opt-in to regenerating the
in-tree source).Unfortunately this still requires the hash algorithm itself (
sha2
)
which turns out to pull in a number of other small crates. In cases
where we know the source won't be stale -- for example, depending on the
main
branch in git, or a published crate version of
cranelift-codegen
-- the checks are actually not needed at all.This PR thus introduces a feature
check-isle
that controls whether
build.rs
does the checks. It is on by default, so developer safety
remains: if someone checks out the source, modifies some ISLE, and then
does acargo build
, they will get an error that helps them with the
proper steps to regenerate the source. But, dependencies that know what
they are doing can turn it off withdefault-features = false
.I've verified that we have the expected small dependency tree now:
$ cargo tree --depth 1 -p cranelift-codegen --no-default-features --features "std unwind all-arch" cranelift-codegen v0.79.0 (/home/cfallin/work/wasmtime/cranelift/codegen) ├── cranelift-bforest v0.79.0 (/home/cfallin/work/wasmtime/cranelift/bforest) ├── cranelift-codegen-shared v0.79.0 (/home/cfallin/work/wasmtime/cranelift/codegen/shared) ├── cranelift-entity v0.79.0 (/home/cfallin/work/wasmtime/cranelift/entity) ├── gimli v0.26.1 ├── log v0.4.14 ├── regalloc v0.0.33 ├── smallvec v1.6.1 └── target-lexicon v0.12.0 [build-dependencies] ├── cranelift-codegen-meta v0.79.0 (/home/cfallin/work/wasmtime/cranelift/codegen/meta) └── sha2 v0.9.8 [dev-dependencies] └── criterion v0.3.5
Fixes #3609.
The diff looks wonky here but all I did was put the ISLE-related
logic inside amod isle { ... }
with a conditional-on-feature directive
and then alter the toplevel a bit.<!--
Please ensure that the following steps are all taken care of before submitting
the PR.
[ ] This has been discussed in issue #..., or if not, please tell us why
here.[ ] A short description of what this does, why it is needed; if the
description becomes long, the matter should probably be discussed in an issue
first.[ ] This PR contains test cases, if meaningful.
- [ ] A reviewer from the core maintainer team has been assigned for this PR.
If you don't know who could review this, please indicate so. The list of
suggested reviewers on the right can help you.Please ensure all communication adheres to the code of conduct.
-->
cfallin requested alexcrichton for a review on PR #3616.
cfallin updated PR #3616 from check-isle-feature
to main
.
cfallin edited PR #3616 from check-isle-feature
to main
:
Some use-cases are very sensitive to the number of crates pulled in,
both for audit-related reasons and for build-time reasons.Our manifest-based ISLE-up-to-date approach in #3534 was meant to help
with this while still avoiding the footgun of a completely opt-in source
rebuild: by including generated source in the checked-in tree, and just
checking that source is up to date, we allow for fast builds without the
whole ISLE compiler meta-step, but still catch attempted use of stale
generated source (and allow the developer to opt-in to regenerating the
in-tree source).Unfortunately this still requires the hash algorithm itself (
sha2
)
which turns out to pull in a number of other small crates. In cases
where we know the source won't be stale -- for example, depending on the
main
branch in git, or a published crate version of
cranelift-codegen
-- the checks are actually not needed at all.This PR thus introduces a feature
check-isle
that controls whether
build.rs
does the checks. It is on by default, so developer safety
remains: if someone checks out the source, modifies some ISLE, and then
does acargo build
, they will get an error that helps them with the
proper steps to regenerate the source. But, dependencies that know what
they are doing can turn it off withdefault-features = false
.I've verified that we have the expected small dependency tree now:
$ cargo tree --depth 1 -p cranelift-codegen --no-default-features --features "std unwind all-arch" cranelift-codegen v0.79.0 (/home/cfallin/work/wasmtime/cranelift/codegen) ├── cranelift-bforest v0.79.0 (/home/cfallin/work/wasmtime/cranelift/bforest) ├── cranelift-codegen-shared v0.79.0 (/home/cfallin/work/wasmtime/cranelift/codegen/shared) ├── cranelift-entity v0.79.0 (/home/cfallin/work/wasmtime/cranelift/entity) ├── gimli v0.26.1 ├── log v0.4.14 ├── regalloc v0.0.33 ├── smallvec v1.6.1 └── target-lexicon v0.12.0 [build-dependencies] └── cranelift-codegen-meta v0.79.0 (/home/cfallin/work/wasmtime/cranelift/codegen/meta) [dev-dependencies] └── criterion v0.3.5
Fixes #3609.
The diff looks wonky here but all I did was put the ISLE-related
logic inside amod isle { ... }
with a conditional-on-feature directive
and then alter the toplevel a bit.<!--
Please ensure that the following steps are all taken care of before submitting
the PR.
[ ] This has been discussed in issue #..., or if not, please tell us why
here.[ ] A short description of what this does, why it is needed; if the
description becomes long, the matter should probably be discussed in an issue
first.[ ] This PR contains test cases, if meaningful.
- [ ] A reviewer from the core maintainer team has been assigned for this PR.
If you don't know who could review this, please indicate so. The list of
suggested reviewers on the right can help you.Please ensure all communication adheres to the code of conduct.
-->
cfallin closed without merge PR #3616.
Last updated: Dec 23 2024 at 12:05 UTC