[Buildroot] [PATCH 00/16] support/download: allow downloading unlocked cargo packages (branch yem/cargo-unchained)

[Buildroot] [PATCH 00/16] support/download: allow downloading unlocked cargo packages (branch yem/cargo-unchained)

[Yann E. MORIN]

Hello All!

Some maintainers refuse to commit a CArgo.lock in their repository [0],
so there are cargo packages that are unlocked.

However, we currently require that a Cargo.lock be present: we call
"cargo venodor --locked"; if there is no Cargo.lock, cargo fails.

This series adds support for downloading unlocked cargo packages; the
series is articulated in three steps:

 1. preparatory cleanups (shelcheck, readability...)

 2. extend the download infra to pass arbitrary options to the
    post-process helpers; use that to pass the path of the manifest
    instead of using an environment variable

 3. add support for unlocked cargo packages by passing a new option to
    the cargo post-process helper; add documentation and check-package.

 4. (off-by-one) add an RFC-style package to demonstrate the unlocked
    cargo package

Regards,
Yann E. MORIN.


----------------------------------------------------------------
Yann E. MORIN (16):
      package/pkg-download: symplify calling parameters
      package/pkg-generic: split long, unreadable DOWNLOAD line
      utils/check-package: add option to run the test-suite
      utils/checkpackagelib: instruct shellcheck to follow included files
      support/download/dl-wrapper: fix shellcheck errors
      support/download/cargo-post-process: fix shellcheck
      support/download: pass post-process options to post-process helper
      support/download: accept manifest path as a post-process option
      pakcage/pkg-cargo: use post-process opts to pass manifest path
      package/pkg-python: use post-process opts to pass Cargo manifest path
      package/python-bcrypt: use post-process opts to pass Cargo manifest path
      support/download: no longer support BR_CARGO_MANIFEST_PATH in cargo post-process
      docs/manual: rephrase end of vendoring section
      package/pkg-cargo: add support for unlocked packages
      utils/checkpackagelib: add test for default _CARGO_LOCKED
      RFC: package/anvil: new package

 .checkpackageignore                    |  2 --
 docs/manual/adding-packages-cargo.adoc | 27 +++++++++++++++++++++++----
 package/Config.in                      |  1 +
 package/anvil/Config.in                | 20 ++++++++++++++++++++
 package/anvil/anvil.mk                 | 30 ++++++++++++++++++++++++++++++
 package/pkg-cargo.mk                   | 17 +++++++++++++++--
 package/pkg-download.mk                | 33 ++++++++++++++++-----------------
 package/pkg-generic.mk                 | 12 +++++++++---
 package/pkg-python.mk                  |  6 +++---
 package/python-bcrypt/python-bcrypt.mk |  5 ++---
 support/download/cargo-post-process    | 33 ++++++++++++++++++++++++++++-----
 support/download/dl-wrapper            | 26 ++++++++++++++++++--------
 utils/check-package                    | 10 ++++++++++
 utils/checkpackagelib/lib_mk.py        |  8 ++++++++
 utils/checkpackagelib/readme.txt       |  1 +
 utils/checkpackagelib/test_lib_mk.py   | 18 ++++++++++++++++++
 utils/checkpackagelib/tool.py          |  2 +-
 17 files changed, 203 insertions(+), 48 deletions(-)
 create mode 100644 package/anvil/Config.in
 create mode 100644 package/anvil/anvil.mk

--
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 01/16] package/pkg-download: symplify calling parameters

[Yann E. MORIN]

The DOWNLOAD macro is always called in package context, so the PKG
variable is always set, and thus we do not need to pass the package
as a parameter.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
 package/pkg-download.mk | 33 ++++++++++++++++-----------------
 package/pkg-generic.mk  |  6 +++---
 2 files changed, 19 insertions(+), 20 deletions(-)

diff --git a/package/pkg-download.mk b/package/pkg-download.mk
index bec213fb71..0c6ec6771a 100644
--- a/package/pkg-download.mk
+++ b/package/pkg-download.mk
@@ -102,30 +102,29 @@ endif
 # source from the list returned by DOWNLOAD_URIS.
 #
 # Argument 1 is the source location
-# Argument 2 is the upper-case package name
-# Argument 3 is a space-separated list of optional arguments
+# Argument 2 is a space-separated list of optional arguments
 #
 ################################################################################
 
 define DOWNLOAD
-	$(Q)mkdir -p $($(2)_DL_DIR)
-	$(Q)$(EXTRA_ENV) $($(2)_DL_ENV) \
+	$(Q)mkdir -p $($(PKG)_DL_DIR)
+	$(Q)$(EXTRA_ENV) $($(PKG)_DL_ENV) \
 	BR_NO_CHECK_HASH_FOR="$(if $(BR2_DOWNLOAD_FORCE_CHECK_HASHES),,$(BR_NO_CHECK_HASH_FOR))" \
-		flock $($(2)_DL_DIR)/.lock $(DL_WRAPPER) \
-		-c '$($(2)_DL_VERSION)' \
-		-d '$($(2)_DL_DIR)' \
+		flock $($(PKG)_DL_DIR)/.lock $(DL_WRAPPER) \
+		-c '$($(PKG)_DL_VERSION)' \
+		-d '$($(PKG)_DL_DIR)' \
 		-D '$(DL_DIR)' \
 		-f '$(notdir $(1))' \
-		$(foreach f,$($(2)_HASH_FILES),-H '$(f)') \
-		-n '$($(2)_DL_SUBDIR)-$($(2)_VERSION)' \
-		-N '$($(2)_RAWNAME)' \
-		-o '$($(2)_DL_DIR)/$(notdir $(1))' \
-		$(if $(filter YES,$($(2)_SVN_EXTERNALS)),-r) \
-		$(if $($(2)_GIT_SUBMODULES),-r) \
-		$(if $($(2)_GIT_LFS),-l) \
-		$(foreach uri,$(call DOWNLOAD_URIS,$(1),$(2)),-u $(uri)) \
-		$(3) \
+		$(foreach f,$($(PKG)_HASH_FILES),-H '$(f)') \
+		-n '$($(PKG)_DL_SUBDIR)-$($(PKG)_VERSION)' \
+		-N '$($(PKG)_RAWNAME)' \
+		-o '$($(PKG)_DL_DIR)/$(notdir $(1))' \
+		$(if $(filter YES,$($(PKG)_SVN_EXTERNALS)),-r) \
+		$(if $($(PKG)_GIT_SUBMODULES),-r) \
+		$(if $($(PKG)_GIT_LFS),-l) \
+		$(foreach uri,$(call DOWNLOAD_URIS,$(1),$(PKG)),-u $(uri)) \
+		$(2) \
 		$(QUIET) \
 		-- \
-		$($(2)_DL_OPTS)
+		$($(PKG)_DL_OPTS)
 endef
diff --git a/package/pkg-generic.mk b/package/pkg-generic.mk
index a2749320c3..da02cb2d32 100644
--- a/package/pkg-generic.mk
+++ b/package/pkg-generic.mk
@@ -182,8 +182,8 @@ $(BUILD_DIR)/%/.stamp_downloaded:
 			break ; \
 		fi ; \
 	done
-	$(if $($(PKG)_MAIN_DOWNLOAD),$(call DOWNLOAD,$($(PKG)_MAIN_DOWNLOAD),$(PKG),$(patsubst %,-p '%',$($(PKG)_DOWNLOAD_POST_PROCESS))))
-	$(foreach p,$($(PKG)_ADDITIONAL_DOWNLOADS),$(call DOWNLOAD,$(p),$(PKG))$(sep))
+	$(if $($(PKG)_MAIN_DOWNLOAD),$(call DOWNLOAD,$($(PKG)_MAIN_DOWNLOAD),$(patsubst %,-p '%',$($(PKG)_DOWNLOAD_POST_PROCESS))))
+	$(foreach p,$($(PKG)_ADDITIONAL_DOWNLOADS),$(call DOWNLOAD,$(p))$(sep))
 	$(foreach hook,$($(PKG)_POST_DOWNLOAD_HOOKS),$(call $(hook))$(sep))
 	$(Q)mkdir -p $(@D)
 	@$(call step_end,download)
@@ -192,7 +192,7 @@ $(BUILD_DIR)/%/.stamp_downloaded:
 # Retrieve actual source archive, e.g. for prebuilt external toolchains
 $(BUILD_DIR)/%/.stamp_actual_downloaded:
 	@$(call step_start,actual-download)
-	$(call DOWNLOAD,$($(PKG)_ACTUAL_SOURCE_SITE)/$($(PKG)_ACTUAL_SOURCE_TARBALL),$(PKG))
+	$(call DOWNLOAD,$($(PKG)_ACTUAL_SOURCE_SITE)/$($(PKG)_ACTUAL_SOURCE_TARBALL))
 	$(Q)mkdir -p $(@D)
 	@$(call step_end,actual-download)
 	$(Q)touch $@
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 02/16] package/pkg-generic: split long, unreadable DOWNLOAD line

[Yann E. MORIN]

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

---
Note: when \ is used for line continuation, make replaces all leading
blanks on continuation lines, with a single space. This causes the
second and following parameters to contain a single leading space, and
the last one a single trailing space:

    FOO = $(info ARG1="$(1)" ARG2="$(2)")
    all:
        @:$(call FOO, \
            blark, \
            bleark \
        )

    $ make
    ARG1=" blark" ARG2=" bleark "

So, this split must come *after* the change in the API of DOWNLOAD,
otherwise it would try to expand $($(2)_PKGDIR) into $( PKGNAME_PKG_DIR)
which would yield an empty string, causing mkdir to whine.
---
 package/pkg-generic.mk | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/package/pkg-generic.mk b/package/pkg-generic.mk
index da02cb2d32..8f1e6dc8e5 100644
--- a/package/pkg-generic.mk
+++ b/package/pkg-generic.mk
@@ -182,7 +182,12 @@ $(BUILD_DIR)/%/.stamp_downloaded:
 			break ; \
 		fi ; \
 	done
-	$(if $($(PKG)_MAIN_DOWNLOAD),$(call DOWNLOAD,$($(PKG)_MAIN_DOWNLOAD),$(patsubst %,-p '%',$($(PKG)_DOWNLOAD_POST_PROCESS))))
+	$(if $($(PKG)_MAIN_DOWNLOAD), \
+		$(call DOWNLOAD, \
+			$($(PKG)_MAIN_DOWNLOAD), \
+			$(patsubst %,-p '%',$($(PKG)_DOWNLOAD_POST_PROCESS)) \
+		) \
+	)
 	$(foreach p,$($(PKG)_ADDITIONAL_DOWNLOADS),$(call DOWNLOAD,$(p))$(sep))
 	$(foreach hook,$($(PKG)_POST_DOWNLOAD_HOOKS),$(call $(hook))$(sep))
 	$(Q)mkdir -p $(@D)
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 03/16] utils/check-package: add option to run the test-suite

[Yann E. MORIN]

Currently, how to run the check-package test-suite is thoroughly under-
documented. There is one hint in the commit log for commit fc254881e6df
(utils/checkpackagelib: add unit tests), and another in commit
242e9d72e7d2 (utils/docker-run: new script); the former is hard to find,
and the latter is about an unrelated script, so harder yet to find...

Add a new option to check-package, that will make it run its test-suite.
Since pytest is only needed for the test-suite, only import it in that
case.

pytest will be default create a cache of the tests (not sure what it is
about, though), so instruct it not to (esp. since the tree can be
read-only).

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@datacom.com.br>
---
 utils/check-package              | 10 ++++++++++
 utils/checkpackagelib/readme.txt |  1 +
 2 files changed, 11 insertions(+)

diff --git a/utils/check-package b/utils/check-package
index cbb3613e19..f759d88a89 100755
--- a/utils/check-package
+++ b/utils/check-package
@@ -85,6 +85,9 @@ def parse_args():
     parser.add_argument("--failed-only", action="store_true", help="print only"
                         " the name of the functions that failed (debug)")
 
+    parser.add_argument("--test-suite", action="store_true", help="Run the"
+                        " test-suite")
+
     flags = parser.parse_args()
 
     flags.ignore_list = get_ignored_parsers_per_file(flags.intree_only, flags.ignore_filename)
@@ -287,6 +290,13 @@ def __main__():
     global flags
     flags = parse_args()
 
+    if flags.test_suite:
+        import pytest
+        return pytest.main(
+            # Disable writing/loading a cache with: -p no:cacheprovider
+            ["-v", "-p", "no:cacheprovider", os.path.dirname(__file__)]
+        )
+
     if flags.intree_only:
         # change all paths received to be relative to the base dir
         base_dir = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
diff --git a/utils/checkpackagelib/readme.txt b/utils/checkpackagelib/readme.txt
index 3bfe289607..b3e8c67100 100644
--- a/utils/checkpackagelib/readme.txt
+++ b/utils/checkpackagelib/readme.txt
@@ -23,6 +23,7 @@ How the scripts are structured:
 - lib_type.py contains check functions specific to files of this type.
 
 Some hints when changing this code:
+- test your changes: utils/check-package --test-suite
 - prefer O(n) algorithms, where n is the total number of lines in the files
   processed.
 - when there is no other reason for ordering, use alphabetical order (e.g. keep
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 04/16] utils/checkpackagelib: instruct shellcheck to follow included files

[Yann E. MORIN]

We do have a few shell scripts that have source directives (either with
'source' or with '.'), and they all are currently either globally
ignored in .checkpackageignore, or have shellcheck directives to ignore
the source statement (SC1090).

So, we can safely instruct shellcheck where to lookup for sourced files;
that does not trigger any new error.

This will alow fixing some shellcheck errors in later commits.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@datacom.com.br>
---
 utils/checkpackagelib/tool.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/utils/checkpackagelib/tool.py b/utils/checkpackagelib/tool.py
index 907ada704f..e12e1fa406 100644
--- a/utils/checkpackagelib/tool.py
+++ b/utils/checkpackagelib/tool.py
@@ -31,7 +31,7 @@ class Flake8(_Tool):
 
 class Shellcheck(_Tool):
     def run(self):
-        cmd = ['shellcheck', self.filename]
+        cmd = ['shellcheck', "-x", self.filename]
         try:
             p = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
             stdout = p.communicate()[0]
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 05/16] support/download/dl-wrapper: fix shellcheck errors

[Yann E. MORIN]

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
---
 .checkpackageignore         |  1 -
 support/download/dl-wrapper | 20 ++++++++++++++------
 2 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/.checkpackageignore b/.checkpackageignore
index 1c5ab08f5f..e7180718c7 100644
--- a/.checkpackageignore
+++ b/.checkpackageignore
@@ -1661,7 +1661,6 @@ support/dependencies/dependencies.sh Shellcheck
 support/download/bzr Shellcheck lib_shellscript.ConsecutiveEmptyLines
 support/download/cargo-post-process Shellcheck
 support/download/cvs Shellcheck
-support/download/dl-wrapper Shellcheck
 support/download/file Shellcheck
 support/download/go-post-process Shellcheck
 support/download/hg Shellcheck
diff --git a/support/download/dl-wrapper b/support/download/dl-wrapper
index 35428faeef..67a9718d9d 100755
--- a/support/download/dl-wrapper
+++ b/support/download/dl-wrapper
@@ -22,7 +22,7 @@ export BR_BACKEND_DL_GETOPTS=":hc:d:o:n:N:H:lru:qf:e"
 main() {
     local OPT OPTARG
     local backend output large_file recurse quiet rc
-    local -a uris hfiles
+    local -a uris hfiles backend_opts
 
     # Parse our options; anything after '--' is for the backend
     while getopts ":c:d:D:o:n:N:H:lrf:u:qp:" OPT; do
@@ -58,6 +58,7 @@ main() {
     # If we can neither link nor copy, fallback to doing a download.
     # NOTE! This is not atomic, is subject to TOCTTOU, but the whole
     # dl-wrapper runs under an flock, so we're safe.
+    # shellcheck disable=SC2166  # -a works in this case
     if [ ! -e "${output}" -a -e "${old_dl_dir}/${filename}" ]; then
         ln "${old_dl_dir}/${filename}" "${output}" || \
         cp "${old_dl_dir}/${filename}" "${output}" || \
@@ -111,6 +112,12 @@ main() {
         tmpd="$(mktemp -d "${BUILD_DIR}/.${output##*/}.XXXXXX")"
         tmpf="${tmpd}/output"
 
+        # shellcheck disable=SC2206  # all three are dash-options
+        backend_opts=( ${quiet} ${large_file} ${recurse} )
+        if [ "${urlencode}" ]; then
+            backend_opts+=( -e )
+        fi
+
         # Helpers expect to run in a directory that is *really* trashable, so
         # they are free to create whatever files and/or sub-dirs they might need.
         # Doing the 'cd' here rather than in all backends is easier.
@@ -121,7 +128,6 @@ main() {
         # the next URI until it succeeds. Once out of URI to try, we need to
         # cleanup and exit.
         if ! "${OLDPWD}/support/download/${backend}" \
-                $([ -n "${urlencode}" ] && printf %s '-e') \
                 -c "${cset}" \
                 -d "${dl_dir}" \
                 -n "${raw_base_name}" \
@@ -129,7 +135,9 @@ main() {
                 -f "${filename}" \
                 -u "${uri}" \
                 -o "${tmpf}" \
-                ${quiet} ${large_file} ${recurse} -- "${@}"
+                "${backend_opts[@]}" \
+                -- \
+                "${@}"
         then
             # cd back to keep path coherence
             cd "${OLDPWD}"
@@ -193,8 +201,8 @@ main() {
     # Some backends (cp and scp) may create executable files, so we need to
     # carry the executable bit if needed.
     [ -x "${tmpf}" ] && new_mode=755 || new_mode=644
-    new_mode=$(printf "%04o" $((0${new_mode} & ~0$(umask))))
-    chmod ${new_mode} "${tmp_output}"
+    new_mode="$(printf "%04o" $((0${new_mode} & ~0$(umask))))"
+    chmod "${new_mode}" "${tmp_output}"
 
     # We must *not* unlink tmp_output, otherwise there is a small window
     # during which another download process may create the same tmp_output
@@ -226,7 +234,7 @@ main() {
 
 trace()  { local msg="${1}"; shift; printf "%s: ${msg}" "${my_name}" "${@}"; }
 warn()   { trace "${@}" >&2; }
-errorN() { local ret="${1}"; shift; warn "${@}"; exit ${ret}; }
+errorN() { local ret="${1}"; shift; warn "${@}"; exit "${ret}"; }
 error()  { errorN 1 "${@}"; }
 
 my_name="${0##*/}"
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 06/16] support/download/cargo-post-process: fix shellcheck

[Yann E. MORIN]

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
---
 .checkpackageignore                 | 1 -
 support/download/cargo-post-process | 3 ++-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.checkpackageignore b/.checkpackageignore
index e7180718c7..42a9ec8661 100644
--- a/.checkpackageignore
+++ b/.checkpackageignore
@@ -1659,7 +1659,6 @@ support/dependencies/check-host-tar.sh Shellcheck
 support/dependencies/check-host-xzcat.sh Shellcheck
 support/dependencies/dependencies.sh Shellcheck
 support/download/bzr Shellcheck lib_shellscript.ConsecutiveEmptyLines
-support/download/cargo-post-process Shellcheck
 support/download/cvs Shellcheck
 support/download/file Shellcheck
 support/download/go-post-process Shellcheck
diff --git a/support/download/cargo-post-process b/support/download/cargo-post-process
index 3f4666c006..b94b160315 100755
--- a/support/download/cargo-post-process
+++ b/support/download/cargo-post-process
@@ -2,6 +2,7 @@
 
 set -e
 
+# shellcheck source=helpers source-path=SCRIPTDIR
 . "${0%/*}/helpers"
 
 while getopts "n:o:" OPT; do
@@ -28,7 +29,7 @@ mkdir -p .cargo/
 mkdir -p "${CARGO_HOME}"
 flock "${CARGO_HOME}"/.br-lock \
 cargo vendor \
-    --manifest-path ${BR_CARGO_MANIFEST_PATH-Cargo.toml} \
+    --manifest-path "${BR_CARGO_MANIFEST_PATH-Cargo.toml}" \
     --locked VENDOR \
     > .cargo/config
 
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 07/16] support/download: pass post-process options to post-process helper

[Yann E. MORIN]

Currently, we have no explicit, dedicated way to pass information to the
download post-process scripts, even though we do already need to pass
the path to the manifest when it is not the default, which we do with an
environment variable.

We'll soon need to be able to pass additional information to
post-process scripts, like instructing cargo to not use a lock file when
the package is not locked.

Extend the dl-wrapper with a new option with an argument, where the
argument will be passed as-is to the post-process script.

We explicitly do not document this new variable, as it is expected to
only be used in our package infrastructures (although there is currently
exactly one package that will directly need it, and we hope to drop that
in the future).

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
 package/pkg-generic.mk      | 1 +
 support/download/dl-wrapper | 8 +++++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/package/pkg-generic.mk b/package/pkg-generic.mk
index 8f1e6dc8e5..edeaa1348d 100644
--- a/package/pkg-generic.mk
+++ b/package/pkg-generic.mk
@@ -186,6 +186,7 @@ $(BUILD_DIR)/%/.stamp_downloaded:
 		$(call DOWNLOAD, \
 			$($(PKG)_MAIN_DOWNLOAD), \
 			$(patsubst %,-p '%',$($(PKG)_DOWNLOAD_POST_PROCESS)) \
+			$(patsubst %,-P '%',$($(PKG)_DOWNLOAD_POST_PROCESS_OPTS)) \
 		) \
 	)
 	$(foreach p,$($(PKG)_ADDITIONAL_DOWNLOADS),$(call DOWNLOAD,$(p))$(sep))
diff --git a/support/download/dl-wrapper b/support/download/dl-wrapper
index 67a9718d9d..40d6fde44c 100755
--- a/support/download/dl-wrapper
+++ b/support/download/dl-wrapper
@@ -22,10 +22,10 @@ export BR_BACKEND_DL_GETOPTS=":hc:d:o:n:N:H:lru:qf:e"
 main() {
     local OPT OPTARG
     local backend output large_file recurse quiet rc
-    local -a uris hfiles backend_opts
+    local -a uris hfiles backend_opts post_process_opts
 
     # Parse our options; anything after '--' is for the backend
-    while getopts ":c:d:D:o:n:N:H:lrf:u:qp:" OPT; do
+    while getopts ":c:d:D:o:n:N:H:lrf:u:qp:P:" OPT; do
         case "${OPT}" in
         c)  cset="${OPTARG}";;
         d)  dl_dir="${OPTARG}";;
@@ -39,6 +39,7 @@ main() {
         f)  filename="${OPTARG}";;
         u)  uris+=( "${OPTARG}" );;
         p)  post_process="${OPTARG}";;
+        P)  post_process_opts+=( "${OPTARG}" );;
         q)  quiet="-q";;
         :)  error "option '%s' expects a mandatory argument\n" "${OPTARG}";;
         \?) error "unknown option '%s'\n" "${OPTARG}";;
@@ -148,7 +149,8 @@ main() {
         if [ -n "${post_process}" ] ; then
             if ! "${OLDPWD}/support/download/${post_process}-post-process" \
                     -o "${tmpf}" \
-                    -n "${raw_base_name}"
+                    -n "${raw_base_name}" \
+                    "${post_process_opts[@]}"
             then
                 # cd back to keep path coherence
                 cd "${OLDPWD}"
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 08/16] support/download: accept manifest path as a post-process option

[Yann E. MORIN]

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
---
 support/download/cargo-post-process | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/support/download/cargo-post-process b/support/download/cargo-post-process
index b94b160315..a9fbced466 100755
--- a/support/download/cargo-post-process
+++ b/support/download/cargo-post-process
@@ -5,10 +5,12 @@ set -e
 # shellcheck source=helpers source-path=SCRIPTDIR
 . "${0%/*}/helpers"
 
-while getopts "n:o:" OPT; do
+manifest="${BR_CARGO_MANIFEST_PATH-Cargo.toml}"
+while getopts "n:o:m:" OPT; do
     case "${OPT}" in
     o)  output="${OPTARG}";;
     n)  base_name="${OPTARG}";;
+    m)  manifest="${OPTARG}";;
     :)  error "option '%s' expects a mandatory argument\n" "${OPTARG}";;
     \?) error "unknown option '%s'\n" "${OPTARG}";;
     esac
@@ -29,7 +31,7 @@ mkdir -p .cargo/
 mkdir -p "${CARGO_HOME}"
 flock "${CARGO_HOME}"/.br-lock \
 cargo vendor \
-    --manifest-path "${BR_CARGO_MANIFEST_PATH-Cargo.toml}" \
+    --manifest-path "${manifest}" \
     --locked VENDOR \
     > .cargo/config
 
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 09/16] pakcage/pkg-cargo: use post-process opts to pass manifest path

[Yann E. MORIN]

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
---
 package/pkg-cargo.mk | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package/pkg-cargo.mk b/package/pkg-cargo.mk
index 47ce68bf02..41dfcbd096 100644
--- a/package/pkg-cargo.mk
+++ b/package/pkg-cargo.mk
@@ -192,7 +192,7 @@ $(2)_DL_ENV += CARGO_HOME=$$(BR_CARGO_HOME)
 
 # If building in a sub directory, use that to find the Cargo.toml
 ifneq ($$($(2)_SUBDIR),)
-$(2)_DL_ENV += BR_CARGO_MANIFEST_PATH=$$($(2)_SUBDIR)/Cargo.toml
+$(2)_DOWNLOAD_POST_PROCESS_OPTS += -m$$($(2)_SUBDIR)/Cargo.toml
 endif
 
 # Because we append vendored info, we can't rely on the values being empty
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 10/16] package/pkg-python: use post-process opts to pass Cargo manifest path

[Yann E. MORIN]

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
 package/pkg-python.mk | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/pkg-python.mk b/package/pkg-python.mk
index 88fadecd54..2c1641d170 100644
--- a/package/pkg-python.mk
+++ b/package/pkg-python.mk
@@ -275,14 +275,14 @@ $(2)_DL_ENV = $$(HOST_PKG_CARGO_ENV)
 endif
 ifndef $(2)_CARGO_MANIFEST_PATH
 ifdef $(3)_CARGO_MANIFEST_PATH
-$(2)_DL_ENV += BR_CARGO_MANIFEST_PATH=$$($(3)_CARGO_MANIFEST_PATH)
+$(2)_DOWNLOAD_POST_PROCESS_OPTS += -m$$($(3)_CARGO_MANIFEST_PATH)
 else
 ifneq ($$($(2)_SUBDIR),)
-$(2)_DL_ENV += BR_CARGO_MANIFEST_PATH=$$($(2)_SUBDIR)/Cargo.toml
+$(2)_DOWNLOAD_POST_PROCESS_OPTS += -m$$($(2)_SUBDIR)/Cargo.toml
 endif
 endif
 else
-$(2)_DL_ENV += BR_CARGO_MANIFEST_PATH=$$($(2)_CARGO_MANIFEST_PATH)
+$(2)_DOWNLOAD_POST_PROCESS_OPTS += -m$$($(2)_CARGO_MANIFEST_PATH)
 endif
 endif
 
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 11/16] package/python-bcrypt: use post-process opts to pass Cargo manifest path

[Yann E. MORIN]

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
---
 package/python-bcrypt/python-bcrypt.mk | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/package/python-bcrypt/python-bcrypt.mk b/package/python-bcrypt/python-bcrypt.mk
index f3137401d7..f09c67441e 100644
--- a/package/python-bcrypt/python-bcrypt.mk
+++ b/package/python-bcrypt/python-bcrypt.mk
@@ -19,9 +19,8 @@ PYTHON_BCRYPT_ENV = \
 	PYO3_CROSS_LIB_DIR="$(STAGING_DIR)/usr/lib/python$(PYTHON3_VERSION_MAJOR)"
 # We need to vendor the Cargo crates at download time
 PYTHON_BCRYPT_DOWNLOAD_POST_PROCESS = cargo
+PYTHON_BCRYPT_DOWNLOAD_POST_PROCESS_OPTS = -m src/_bcrypt/Cargo.toml
 PYTHON_BCRYPT_DOWNLOAD_DEPENDENCIES = host-rustc
-PYTHON_BCRYPT_DL_ENV = \
-	$(PKG_CARGO_ENV) \
-	BR_CARGO_MANIFEST_PATH=src/_bcrypt/Cargo.toml
+PYTHON_BCRYPT_DL_ENV = $(PKG_CARGO_ENV)
 
 $(eval $(python-package))
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 12/16] support/download: no longer support BR_CARGO_MANIFEST_PATH in cargo post-process

[Yann E. MORIN]

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
---
 support/download/cargo-post-process | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/support/download/cargo-post-process b/support/download/cargo-post-process
index a9fbced466..12198051a4 100755
--- a/support/download/cargo-post-process
+++ b/support/download/cargo-post-process
@@ -5,7 +5,12 @@ set -e
 # shellcheck source=helpers source-path=SCRIPTDIR
 . "${0%/*}/helpers"
 
-manifest="${BR_CARGO_MANIFEST_PATH-Cargo.toml}"
+if [ "${BR_CARGO_MANIFEST_PATH}" ]; then
+    printf 'Setting BR_CARGO_MANIFEST_PATH is no longer supported; use post-process options.\n' >&2
+    exit 1
+fi
+
+manifest=Cargo.toml
 while getopts "n:o:m:" OPT; do
     case "${OPT}" in
     o)  output="${OPTARG}";;
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 13/16] docs/manual: rephrase end of vendoring section

[Yann E. MORIN]

The current phrasing is dubious: the vendoring does not detect any
change in the dependencies; quite the opposite, in fact: once the
archive has been generated locally, no update to the vendored
dependencies is ever done.

Rephrase the end of the section to mention the term "vendoring", and
to drop the dubious claim; retain the off-line build reference, though,
as this is indeed correct.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
---
 docs/manual/adding-packages-cargo.adoc | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/docs/manual/adding-packages-cargo.adoc b/docs/manual/adding-packages-cargo.adoc
index e18fd9ce23..8a2292e7b6 100644
--- a/docs/manual/adding-packages-cargo.adoc
+++ b/docs/manual/adding-packages-cargo.adoc
@@ -93,8 +93,5 @@ repositories, listed in its +Cargo.toml+ file. Buildroot automatically
 takes care of downloading such dependencies as part of the download
 step of packages that use the +cargo-package+ infrastructure. Such
 dependencies are then kept together with the package source code in
-the tarball cached in Buildroot's +DL_DIR+, and therefore the hash of
-the package's tarball includes such dependencies.
-
-This mechanism ensures that any change in the dependencies will be
-detected, and allows the build to be performed completely offline.
+the tarball cached in Buildroot's +DL_DIR+. This is referred to as
+_vendoring_. Vendoring allows for a completely off-line build.
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 14/16] package/pkg-cargo: add support for unlocked packages

[Yann E. MORIN]

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
---
 docs/manual/adding-packages-cargo.adoc | 22 ++++++++++++++++++++++
 package/pkg-cargo.mk                   | 15 ++++++++++++++-
 support/download/cargo-post-process    | 25 ++++++++++++++++++++-----
 3 files changed, 56 insertions(+), 6 deletions(-)

diff --git a/docs/manual/adding-packages-cargo.adoc b/docs/manual/adding-packages-cargo.adoc
index 8a2292e7b6..0ed529a770 100644
--- a/docs/manual/adding-packages-cargo.adoc
+++ b/docs/manual/adding-packages-cargo.adoc
@@ -82,12 +82,17 @@ typical packages will therefore only use a few of them.
   environment of +cargo+ invocations. It used at both build and
   installation time
 
+* +FOO_CARGO_LOCKED+ can be set to +YES+ (the default) or +NO+, to
+  specify whether the source tree has been cargo-locked or not. See
+  below for xref:cargo-vendoring[more details].
+
 * +FOO_CARGO_BUILD_OPTS+ can be used to pass additional options to
   +cargo+ at build time.
 
 * +FOO_CARGO_INSTALL_OPTS+ can be used to pass additional options to
   +cargo+ at install time.
 
+[[cargo-vendoring]]
 A crate can depend on other libraries from crates.io or git
 repositories, listed in its +Cargo.toml+ file. Buildroot automatically
 takes care of downloading such dependencies as part of the download
@@ -95,3 +100,20 @@ step of packages that use the +cargo-package+ infrastructure. Such
 dependencies are then kept together with the package source code in
 the tarball cached in Buildroot's +DL_DIR+. This is referred to as
 _vendoring_. Vendoring allows for a completely off-line build.
+
+When a package source tree contains a +Cargo.lock+ file, the package has
+been _locked_: cargo did store the versions for the complete dependency
+chain in the +Cargo.lock+ file; that is then reused by cargo during the
+vendoring, which yields a reproducible dependency chain, and thus a
+reproducible tarball; therefore, it is possible to compute a hash for
+that archive. If a package was however not locked, then the versions for
+the dependencies are unknown, the dependency chain is not reproducible,
+and the archive is then not reproducible, which implies there can be no
+hash for that archive.
+
+Packages are normally locked, so Buildroot will by default instruct
+cargo to atttempt a locked vendoring; for a package that was not locked,
+this would fail; in that case, +FOO_CARGO_LOCKED+ must be set to +NO+ so
+Buildroot does not request cargo to attempt a locked vendoring. It is an
+error to set +FOO_CARGO_LOCKED+ to +NO+ for a locked package, as it is
+to set it to +YES+ (or not set it at all) on an unlocked package.
diff --git a/package/pkg-cargo.mk b/package/pkg-cargo.mk
index 41dfcbd096..90e4facf52 100644
--- a/package/pkg-cargo.mk
+++ b/package/pkg-cargo.mk
@@ -195,6 +195,18 @@ ifneq ($$($(2)_SUBDIR),)
 $(2)_DOWNLOAD_POST_PROCESS_OPTS += -m$$($(2)_SUBDIR)/Cargo.toml
 endif
 
+ifndef $(2)_CARGO_LOCKED
+ ifdef $(3)_CARGO_LOCKED
+  $(2)_CARGO_LOCKED = $$($(3)_CARGO_LOCKED)
+ else
+  $(2)_CARGO_LOCKED = YES
+ endif
+endif
+
+ifeq ($$($(2)_CARGO_LOCKED),NO)
+$(2)_DOWNLOAD_POST_PROCESS_OPTS += -u
+endif
+
 # Because we append vendored info, we can't rely on the values being empty
 # once we eventually get into the generic-package infra. So, we duplicate
 # the heuristics here
@@ -225,7 +237,8 @@ endif
 #    dependencies should have been built by the download post
 #    process logic
 #  * --locked to force cargo to use the Cargo.lock file, which ensures
-#    that a fixed set of dependency versions is used
+#    that cargo does not update the dependencies we got during the
+#    vendoring, at download time
 
 #
 # Build step. Only define it if not already defined by the package .mk
diff --git a/support/download/cargo-post-process b/support/download/cargo-post-process
index 12198051a4..880a800600 100755
--- a/support/download/cargo-post-process
+++ b/support/download/cargo-post-process
@@ -11,11 +11,13 @@ if [ "${BR_CARGO_MANIFEST_PATH}" ]; then
 fi
 
 manifest=Cargo.toml
-while getopts "n:o:m:" OPT; do
+locked=true
+while getopts "n:o:m:u" OPT; do
     case "${OPT}" in
     o)  output="${OPTARG}";;
     n)  base_name="${OPTARG}";;
     m)  manifest="${OPTARG}";;
+    u)  locked=false;;
     :)  error "option '%s' expects a mandatory argument\n" "${OPTARG}";;
     \?) error "unknown option '%s'\n" "${OPTARG}";;
     esac
@@ -26,19 +28,32 @@ if tar tf "${output}" | grep -q "^[^/]*/VENDOR" ; then
     exit 0
 fi
 
+declare -a vendor_opts
+vendor_opts=( --manifest-path "${manifest}" )
+if ${locked}; then
+    vendor_opts+=( --locked )
+fi
+
 post_process_unpack "${base_name}" "${output}"
 
 # Do the Cargo vendoring
 pushd "${base_name}" > /dev/null
 
+if [ -e Cargo.lock ] && ! ${locked}; then
+    printf 'Unlocked vendoring was requested, but source tree has a Cargo.lock\n'
+    exit 1
+elif [ ! -e Cargo.lock ] && ${locked}; then
+    # Although cargo itself would check for that, and error out in such
+    # a case, the error message can be confusing, so do it ourselves
+    printf 'Locked vendoring was requested, but source tree has no Cargo.lock\n'
+    exit 1
+fi >&2
+
 # Create the local .cargo/config with vendor info
 mkdir -p .cargo/
 mkdir -p "${CARGO_HOME}"
 flock "${CARGO_HOME}"/.br-lock \
-cargo vendor \
-    --manifest-path "${manifest}" \
-    --locked VENDOR \
-    > .cargo/config
+cargo vendor "${vendor_opts[@]}" VENDOR > .cargo/config
 
 # "cargo vendor' outputs on stderr a message directing to add some data
 # to the project's .cargo/config.toml, data that it outputs on stdout.
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 14/16] package/pkg-cargo: add support for unlocked packages

[James Hilliard]

On Sun, Jun 2, 2024 at 2:42 PM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
>
> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
> ---
>  docs/manual/adding-packages-cargo.adoc | 22 ++++++++++++++++++++++
>  package/pkg-cargo.mk                   | 15 ++++++++++++++-
>  support/download/cargo-post-process    | 25 ++++++++++++++++++++-----
>  3 files changed, 56 insertions(+), 6 deletions(-)
>
> diff --git a/docs/manual/adding-packages-cargo.adoc b/docs/manual/adding-packages-cargo.adoc
> index 8a2292e7b6..0ed529a770 100644
> --- a/docs/manual/adding-packages-cargo.adoc
> +++ b/docs/manual/adding-packages-cargo.adoc
> @@ -82,12 +82,17 @@ typical packages will therefore only use a few of them.
>    environment of +cargo+ invocations. It used at both build and
>    installation time
>
> +* +FOO_CARGO_LOCKED+ can be set to +YES+ (the default) or +NO+, to
> +  specify whether the source tree has been cargo-locked or not. See
> +  below for xref:cargo-vendoring[more details].
> +
>  * +FOO_CARGO_BUILD_OPTS+ can be used to pass additional options to
>    +cargo+ at build time.
>
>  * +FOO_CARGO_INSTALL_OPTS+ can be used to pass additional options to
>    +cargo+ at install time.
>
> +[[cargo-vendoring]]
>  A crate can depend on other libraries from crates.io or git
>  repositories, listed in its +Cargo.toml+ file. Buildroot automatically
>  takes care of downloading such dependencies as part of the download
> @@ -95,3 +100,20 @@ step of packages that use the +cargo-package+ infrastructure. Such
>  dependencies are then kept together with the package source code in
>  the tarball cached in Buildroot's +DL_DIR+. This is referred to as
>  _vendoring_. Vendoring allows for a completely off-line build.
> +
> +When a package source tree contains a +Cargo.lock+ file, the package has
> +been _locked_: cargo did store the versions for the complete dependency
> +chain in the +Cargo.lock+ file; that is then reused by cargo during the
> +vendoring, which yields a reproducible dependency chain, and thus a
> +reproducible tarball; therefore, it is possible to compute a hash for
> +that archive. If a package was however not locked, then the versions for
> +the dependencies are unknown, the dependency chain is not reproducible,
> +and the archive is then not reproducible, which implies there can be no
> +hash for that archive.

Hmm, for these cases shouldn't we generate and commit the lockfile to
the buildroot package so that we can then generate a deterministic archive
and archive hash?

I think we want to have the ability to make these packages deterministic
even if upstream fails to provide a Cargo.lock file.

> +
> +Packages are normally locked, so Buildroot will by default instruct
> +cargo to atttempt a locked vendoring; for a package that was not locked,
> +this would fail; in that case, +FOO_CARGO_LOCKED+ must be set to +NO+ so
> +Buildroot does not request cargo to attempt a locked vendoring. It is an
> +error to set +FOO_CARGO_LOCKED+ to +NO+ for a locked package, as it is
> +to set it to +YES+ (or not set it at all) on an unlocked package.
> diff --git a/package/pkg-cargo.mk b/package/pkg-cargo.mk
> index 41dfcbd096..90e4facf52 100644
> --- a/package/pkg-cargo.mk
> +++ b/package/pkg-cargo.mk
> @@ -195,6 +195,18 @@ ifneq ($$($(2)_SUBDIR),)
>  $(2)_DOWNLOAD_POST_PROCESS_OPTS += -m$$($(2)_SUBDIR)/Cargo.toml
>  endif
>
> +ifndef $(2)_CARGO_LOCKED
> + ifdef $(3)_CARGO_LOCKED
> +  $(2)_CARGO_LOCKED = $$($(3)_CARGO_LOCKED)
> + else
> +  $(2)_CARGO_LOCKED = YES
> + endif
> +endif
> +
> +ifeq ($$($(2)_CARGO_LOCKED),NO)
> +$(2)_DOWNLOAD_POST_PROCESS_OPTS += -u
> +endif
> +
>  # Because we append vendored info, we can't rely on the values being empty
>  # once we eventually get into the generic-package infra. So, we duplicate
>  # the heuristics here
> @@ -225,7 +237,8 @@ endif
>  #    dependencies should have been built by the download post
>  #    process logic
>  #  * --locked to force cargo to use the Cargo.lock file, which ensures
> -#    that a fixed set of dependency versions is used
> +#    that cargo does not update the dependencies we got during the
> +#    vendoring, at download time
>
>  #
>  # Build step. Only define it if not already defined by the package .mk
> diff --git a/support/download/cargo-post-process b/support/download/cargo-post-process
> index 12198051a4..880a800600 100755
> --- a/support/download/cargo-post-process
> +++ b/support/download/cargo-post-process
> @@ -11,11 +11,13 @@ if [ "${BR_CARGO_MANIFEST_PATH}" ]; then
>  fi
>
>  manifest=Cargo.toml
> -while getopts "n:o:m:" OPT; do
> +locked=true
> +while getopts "n:o:m:u" OPT; do
>      case "${OPT}" in
>      o)  output="${OPTARG}";;
>      n)  base_name="${OPTARG}";;
>      m)  manifest="${OPTARG}";;
> +    u)  locked=false;;
>      :)  error "option '%s' expects a mandatory argument\n" "${OPTARG}";;
>      \?) error "unknown option '%s'\n" "${OPTARG}";;
>      esac
> @@ -26,19 +28,32 @@ if tar tf "${output}" | grep -q "^[^/]*/VENDOR" ; then
>      exit 0
>  fi
>
> +declare -a vendor_opts
> +vendor_opts=( --manifest-path "${manifest}" )
> +if ${locked}; then
> +    vendor_opts+=( --locked )
> +fi
> +
>  post_process_unpack "${base_name}" "${output}"
>
>  # Do the Cargo vendoring
>  pushd "${base_name}" > /dev/null
>
> +if [ -e Cargo.lock ] && ! ${locked}; then
> +    printf 'Unlocked vendoring was requested, but source tree has a Cargo.lock\n'
> +    exit 1
> +elif [ ! -e Cargo.lock ] && ${locked}; then
> +    # Although cargo itself would check for that, and error out in such
> +    # a case, the error message can be confusing, so do it ourselves
> +    printf 'Locked vendoring was requested, but source tree has no Cargo.lock\n'
> +    exit 1
> +fi >&2
> +
>  # Create the local .cargo/config with vendor info
>  mkdir -p .cargo/
>  mkdir -p "${CARGO_HOME}"
>  flock "${CARGO_HOME}"/.br-lock \
> -cargo vendor \
> -    --manifest-path "${manifest}" \
> -    --locked VENDOR \
> -    > .cargo/config
> +cargo vendor "${vendor_opts[@]}" VENDOR > .cargo/config
>
>  # "cargo vendor' outputs on stderr a message directing to add some data
>  # to the project's .cargo/config.toml, data that it outputs on stdout.
> --
> 2.45.1
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 14/16] package/pkg-cargo: add support for unlocked packages

[Yann E. MORIN]

James, All,

On 2024-06-02 14:53 -0600, James Hilliard spake thusly:
> On Sun, Jun 2, 2024 at 2:42 PM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
[--SNIP--]
> > +When a package source tree contains a +Cargo.lock+ file, the package has
> > +been _locked_: cargo did store the versions for the complete dependency
> > +chain in the +Cargo.lock+ file; that is then reused by cargo during the
> > +vendoring, which yields a reproducible dependency chain, and thus a
> > +reproducible tarball; therefore, it is possible to compute a hash for
> > +that archive. If a package was however not locked, then the versions for
> > +the dependencies are unknown, the dependency chain is not reproducible,
> > +and the archive is then not reproducible, which implies there can be no
> > +hash for that archive.
> 
> Hmm, for these cases shouldn't we generate and commit the lockfile to
> the buildroot package so that we can then generate a deterministic archive
> and archive hash?

Thanks for the quick feedback! :-)
That's a good idea, indeed!

Instead of introducing the -u option, we'd do something like:

In foo.mk:

    FOO_CARGO_LOCKED = buildroot  (or whatever nmeans "not uptream")

in pkg-cargo.mk:

    $(2)_CARGO_LOCKED ?= upstream  (or anything that means "OK!!!")

in pkg-download.mk:

    dl-wrapper \
        [...] \
        $(if $(filter buildroot,$($(PKG)_CARGO_LOCKED)),-L $($(PKG)_PKGDIR)/Cargo.lock \
        [...]

and in cargo-post-process (pseudo code):

    if option -L is given:
        copy -L arg to ./Cargo.lock
    endif

    [ -f Cargo.lock ] || die 'No way!'

Was that what you had in mind?

> I think we want to have the ability to make these packages deterministic
> even if upstream fails to provide a Cargo.lock file.

Yes, the lack of reproducibility was really bothering me. But if we can
easily create a Cargo.lock without too much issue, then your suggestion
would be great!

Regards,
Yann E. MORIN.

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 14/16] package/pkg-cargo: add support for unlocked packages

[James Hilliard]

On Sun, Jun 2, 2024 at 3:15 PM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
>
> James, All,
>
> On 2024-06-02 14:53 -0600, James Hilliard spake thusly:
> > On Sun, Jun 2, 2024 at 2:42 PM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
> [--SNIP--]
> > > +When a package source tree contains a +Cargo.lock+ file, the package has
> > > +been _locked_: cargo did store the versions for the complete dependency
> > > +chain in the +Cargo.lock+ file; that is then reused by cargo during the
> > > +vendoring, which yields a reproducible dependency chain, and thus a
> > > +reproducible tarball; therefore, it is possible to compute a hash for
> > > +that archive. If a package was however not locked, then the versions for
> > > +the dependencies are unknown, the dependency chain is not reproducible,
> > > +and the archive is then not reproducible, which implies there can be no
> > > +hash for that archive.
> >
> > Hmm, for these cases shouldn't we generate and commit the lockfile to
> > the buildroot package so that we can then generate a deterministic archive
> > and archive hash?
>
> Thanks for the quick feedback! :-)
> That's a good idea, indeed!
>
> Instead of introducing the -u option, we'd do something like:
>
> In foo.mk:
>
>     FOO_CARGO_LOCKED = buildroot  (or whatever nmeans "not uptream")
>
> in pkg-cargo.mk:
>
>     $(2)_CARGO_LOCKED ?= upstream  (or anything that means "OK!!!")
>
> in pkg-download.mk:
>
>     dl-wrapper \
>         [...] \
>         $(if $(filter buildroot,$($(PKG)_CARGO_LOCKED)),-L $($(PKG)_PKGDIR)/Cargo.lock \
>         [...]
>
> and in cargo-post-process (pseudo code):
>
>     if option -L is given:
>         copy -L arg to ./Cargo.lock
>     endif
>
>     [ -f Cargo.lock ] || die 'No way!'
>
> Was that what you had in mind?

Yeah, something along those lines, one thing that might be a bit tricky is
that we probably need to incorporate the Cargo.lock file hash or something
like that in the archive name, so that way if the Cargo.lock file needs to be
regenerated the archive name will also be appropriately changed at the same
time.

>
> > I think we want to have the ability to make these packages deterministic
> > even if upstream fails to provide a Cargo.lock file.
>
> Yes, the lack of reproducibility was really bothering me. But if we can
> easily create a Cargo.lock without too much issue, then your suggestion
> would be great!
>
> Regards,
> Yann E. MORIN.
>
> --
> .-----------------.--------------------.------------------.--------------------.
> |  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
> | +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
> | +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
> | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
> '------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 14/16] package/pkg-cargo: add support for unlocked packages

[Yann E. MORIN]

James, All,

On 2024-06-02 15:25 -0600, James Hilliard spake thusly:
> On Sun, Jun 2, 2024 at 3:15 PM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
> > On 2024-06-02 14:53 -0600, James Hilliard spake thusly:
> > > On Sun, Jun 2, 2024 at 2:42 PM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
[--SNIP--]
> > > > +When a package source tree contains a +Cargo.lock+ file, the package has
> > > > +been _locked_: cargo did store the versions for the complete dependency
> > > > +chain in the +Cargo.lock+ file; that is then reused by cargo during the
> > > > +vendoring, which yields a reproducible dependency chain, and thus a
> > > > +reproducible tarball; therefore, it is possible to compute a hash for
> > > > +that archive. If a package was however not locked, then the versions for
> > > > +the dependencies are unknown, the dependency chain is not reproducible,
> > > > +and the archive is then not reproducible, which implies there can be no
> > > > +hash for that archive.
> > > Hmm, for these cases shouldn't we generate and commit the lockfile to
> > > the buildroot package so that we can then generate a deterministic archive
> > > and archive hash?
[--SNIP--]
> Yeah, something along those lines, one thing that might be a bit tricky is
> that we probably need to incorporate the Cargo.lock file hash or something
> like that in the archive name, so that way if the Cargo.lock file needs to be
> regenerated the archive name will also be appropriately changed at the same
> time.

Hmmm... Indeed, this would cause quite some grief if we would change the
Cargo.lock...

However, I don't see an easy solution to this issue... :-/

Well, I do have an idea, and it would definitely work, but it would be
*excessively* ugly... I'll try to implement it, but as an additional
change on-top of the existing series, because I am not sure it would br
meaningful in the end... Let's see...

Regards,
Yann E. MORIN.

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 14/16] package/pkg-cargo: add support for unlocked packages

[James Hilliard]

On Mon, Jun 3, 2024 at 5:52 AM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
>
> James, All,
>
> On 2024-06-02 15:25 -0600, James Hilliard spake thusly:
> > On Sun, Jun 2, 2024 at 3:15 PM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
> > > On 2024-06-02 14:53 -0600, James Hilliard spake thusly:
> > > > On Sun, Jun 2, 2024 at 2:42 PM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
> [--SNIP--]
> > > > > +When a package source tree contains a +Cargo.lock+ file, the package has
> > > > > +been _locked_: cargo did store the versions for the complete dependency
> > > > > +chain in the +Cargo.lock+ file; that is then reused by cargo during the
> > > > > +vendoring, which yields a reproducible dependency chain, and thus a
> > > > > +reproducible tarball; therefore, it is possible to compute a hash for
> > > > > +that archive. If a package was however not locked, then the versions for
> > > > > +the dependencies are unknown, the dependency chain is not reproducible,
> > > > > +and the archive is then not reproducible, which implies there can be no
> > > > > +hash for that archive.
> > > > Hmm, for these cases shouldn't we generate and commit the lockfile to
> > > > the buildroot package so that we can then generate a deterministic archive
> > > > and archive hash?
> [--SNIP--]
> > Yeah, something along those lines, one thing that might be a bit tricky is
> > that we probably need to incorporate the Cargo.lock file hash or something
> > like that in the archive name, so that way if the Cargo.lock file needs to be
> > regenerated the archive name will also be appropriately changed at the same
> > time.
>
> Hmmm... Indeed, this would cause quite some grief if we would change the
> Cargo.lock...
>
> However, I don't see an easy solution to this issue... :-/
>
> Well, I do have an idea, and it would definitely work, but it would be
> *excessively* ugly... I'll try to implement it, but as an additional
> change on-top of the existing series, because I am not sure it would br
> meaningful in the end... Let's see...

Probably it would be good enough to say take the first 7 characters of the
sha256 hash(same length as a git shorthash) of the Cargo.lock file and
incorporate that into the archive filename appended to the package version.

>
> Regards,
> Yann E. MORIN.
>
> --
> .-----------------.--------------------.------------------.--------------------.
> |  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
> | +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
> | +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
> | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
> '------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 14/16] package/pkg-cargo: add support for unlocked packages

[Yann E. MORIN]

James, All,

On 2024-06-03 11:48 -0600, James Hilliard spake thusly:
> On Mon, Jun 3, 2024 at 5:52 AM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
> > Hmmm... Indeed, this would cause quite some grief if we would change the
> > Cargo.lock...
> > However, I don't see an easy solution to this issue... :-/
> > Well, I do have an idea, and it would definitely work, but it would be
> > *excessively* ugly... I'll try to implement it, but as an additional
> > change on-top of the existing series, because I am not sure it would br
> > meaningful in the end... Let's see...
> Probably it would be good enough to say take the first 7 characters of the
> sha256 hash(same length as a git shorthash) of the Cargo.lock file and
> incorporate that into the archive filename appended to the package version.

The problem with short hashes, is that they are much less unique than
full hashes. We've excluded using short hashes wherever we had the
choice (see for example the recent git export-subst attribute, where we
replace the short-hash placeholder with the full-length hash). So I
would refrain from using a short-hash anywhere else as well.

There is a simpler solution, though, which is to rely on the .mk to set
the version and be done with it:

 1. it is very seldom that a cargo package is not locked, so we don't
    need anything too complex;
 2. for unlocked packages, we'll very seldom update our Cargo.lock, so
    we don't need anything too fancy;
 3. if one forgets to update the version when updating Cargo.lock,
    there will be a hash mismatch on download anyway, so we'll notice.

So that's what I've gone with. It requires a few tricks and tweaks here
and there, but this is already working since a few hours ago, but I got
distracted and did not have time to finish the work (and the commit
logs); maybe later tonight, or tomorrow...

Regards,
Yann E. MORIN.

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 14/16] package/pkg-cargo: add support for unlocked packages

[James Hilliard]

On Mon, Jun 3, 2024 at 12:43 PM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
>
> James, All,
>
> On 2024-06-03 11:48 -0600, James Hilliard spake thusly:
> > On Mon, Jun 3, 2024 at 5:52 AM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
> > > Hmmm... Indeed, this would cause quite some grief if we would change the
> > > Cargo.lock...
> > > However, I don't see an easy solution to this issue... :-/
> > > Well, I do have an idea, and it would definitely work, but it would be
> > > *excessively* ugly... I'll try to implement it, but as an additional
> > > change on-top of the existing series, because I am not sure it would br
> > > meaningful in the end... Let's see...
> > Probably it would be good enough to say take the first 7 characters of the
> > sha256 hash(same length as a git shorthash) of the Cargo.lock file and
> > incorporate that into the archive filename appended to the package version.
>
> The problem with short hashes, is that they are much less unique than
> full hashes. We've excluded using short hashes wherever we had the
> choice (see for example the recent git export-subst attribute, where we
> replace the short-hash placeholder with the full-length hash). So I
> would refrain from using a short-hash anywhere else as well.

Well the short hash would only need to be unique per package version so
I think it would work fine in this case.

>
> There is a simpler solution, though, which is to rely on the .mk to set
> the version and be done with it:
>
>  1. it is very seldom that a cargo package is not locked, so we don't
>     need anything too complex;
>  2. for unlocked packages, we'll very seldom update our Cargo.lock, so
>     we don't need anything too fancy;
>  3. if one forgets to update the version when updating Cargo.lock,
>     there will be a hash mismatch on download anyway, so we'll notice.

Ok, but how would we handle a case where we need to update the
Cargo.lock but are unable to update the version(i.e. if the package does
not have a newer version).

Are you thinking of something like setting the Cargo.lock version in the .mk
and incorporating that in the archive somehow?

>
> So that's what I've gone with. It requires a few tricks and tweaks here
> and there, but this is already working since a few hours ago, but I got
> distracted and did not have time to finish the work (and the commit
> logs); maybe later tonight, or tomorrow...
>
> Regards,
> Yann E. MORIN.
>
> --
> .-----------------.--------------------.------------------.--------------------.
> |  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
> | +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
> | +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
> | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
> '------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 14/16] package/pkg-cargo: add support for unlocked packages

[Yann E. MORIN]

James, All,

On 2024-06-03 12:55 -0600, James Hilliard spake thusly:
> On Mon, Jun 3, 2024 at 12:43 PM Yann E. MORIN <yann.morin.1998@free.fr> wrote:
[--SNIP--]
> > The problem with short hashes, is that they are much less unique than
> > full hashes. [--SNIP--]
> Well the short hash would only need to be unique per package version so
> I think it would work fine in this case.

"All will be fine" I shouted at him as he was falling down the lava
lake... ;-)

Yes, you are right, that it should not cause any issue in practice.
However, getting the hash (short or full) means spawning a sub-shell;
it is not very great... Especially compared to the simpler solution,
below...

> > There is a simpler solution, though, which is to rely on the .mk to set
> > the version and be done with it:
> >
> >  1. it is very seldom that a cargo package is not locked, so we don't
> >     need anything too complex;
> >  2. for unlocked packages, we'll very seldom update our Cargo.lock, so
> >     we don't need anything too fancy;
> >  3. if one forgets to update the version when updating Cargo.lock,
> >     there will be a hash mismatch on download anyway, so we'll notice.
> 
> Ok, but how would we handle a case where we need to update the
> Cargo.lock but are unable to update the version(i.e. if the package does
> not have a newer version).

I was not speaking about the version of the package, but that of the
archive, like we have -git4, -cargo2, etc...

> Are you thinking of something like setting the Cargo.lock version in the .mk
> and incorporating that in the archive somehow?

Yes, exactly that: FOO_CARGO_LOCK_VERSION = N

And then the infra can append a -lockN suffix when it constructs the
archive filename.

Damn, you got me to reveal my cunning plan in advance! ;-)

Regards,
Yann E. MORIN.

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 15/16] utils/checkpackagelib: add test for default _CARGO_LOCKED

[Yann E. MORIN]

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@datacom.com.br>
---
 utils/checkpackagelib/lib_mk.py      |  8 ++++++++
 utils/checkpackagelib/test_lib_mk.py | 18 ++++++++++++++++++
 2 files changed, 26 insertions(+)

diff --git a/utils/checkpackagelib/lib_mk.py b/utils/checkpackagelib/lib_mk.py
index ce2ab5157c..4e9264ba35 100644
--- a/utils/checkpackagelib/lib_mk.py
+++ b/utils/checkpackagelib/lib_mk.py
@@ -322,6 +322,8 @@ class UselessFlag(_CheckFunction):
     DEFAULT_AUTOTOOLS_FLAG = re.compile(r"^.*{}".format("|".join([
         r"_AUTORECONF\s*=\s*NO",
         r"_LIBTOOL_PATCH\s*=\s*YES"])))
+    DEFAULT_CARGO_FLAG = re.compile(r"^.*{}".format("|".join([
+        r"_CARGO_LOCKED\s*=\s*YES"])))
     DEFAULT_GENERIC_FLAG = re.compile(r"^.*{}".format("|".join([
         r"_INSTALL_IMAGES\s*=\s*NO",
         r"_INSTALL_REDISTRIBUTE\s*=\s*YES",
@@ -357,6 +359,12 @@ class UselessFlag(_CheckFunction):
                     .format(self.filename, lineno, self.url_to_manual),
                     text]
 
+        if self.DEFAULT_CARGO_FLAG.search(text):
+            return ["{}:{}: useless default value "
+                    "({}#_infrastructure_for_cargo_based_packages)"
+                    .format(self.filename, lineno, self.url_to_manual),
+                    text]
+
 
 class VariableWithBraces(_CheckFunction):
     VARIABLE_WITH_BRACES = re.compile(r"^[^#].*[^$]\${\w+}")
diff --git a/utils/checkpackagelib/test_lib_mk.py b/utils/checkpackagelib/test_lib_mk.py
index 2086237ebb..bc26e16f8c 100644
--- a/utils/checkpackagelib/test_lib_mk.py
+++ b/utils/checkpackagelib/test_lib_mk.py
@@ -599,6 +599,24 @@ UselessFlag = [
      'any.mk',
      'ANY_LIBTOOL_PATCH= \t NO\n',
      []),
+    ('cargo locked no',
+     'any.mk',
+     'ANY_CARGO_LOCKED=NO\n',
+     []),
+    ('host cargo locked no',
+     'any.mk',
+     'HOST_ANY_CARGO_LOCKED=NO\n',
+     []),
+    ('cargo locked yes',
+     'any.mk',
+     'HOST_ANY_CARGO_LOCKED=YES\n',
+     [['any.mk:1: useless default value (url#_infrastructure_for_cargo_based_packages)',
+       'HOST_ANY_CARGO_LOCKED=YES\n']]),
+    ('host cargo locked yes',
+     'any.mk',
+     'ANY_CARGO_LOCKED=YES\n',
+     [['any.mk:1: useless default value (url#_infrastructure_for_cargo_based_packages)',
+       'ANY_CARGO_LOCKED=YES\n']]),
     ('generic',
      'any.mk',
      'ANY_INSTALL_IMAGES = NO\n'
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [PATCH 16/16] RFC: package/anvil: new package

[Yann E. MORIN]

Thie is an RFC, because it has only been build-tested to validate the
cargo-unlocked case; there has been no runtime test of anvil.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
---
 package/Config.in       |  1 +
 package/anvil/Config.in | 20 ++++++++++++++++++++
 package/anvil/anvil.mk  | 30 ++++++++++++++++++++++++++++++
 3 files changed, 51 insertions(+)
 create mode 100644 package/anvil/Config.in
 create mode 100644 package/anvil/anvil.mk

diff --git a/package/Config.in b/package/Config.in
index 1b6a5b0dab..74635118bc 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -314,6 +314,7 @@ endmenu
 menu "Graphic libraries and applications (graphic/text)"
 
 comment "Graphic applications"
+	source "package/anvil/Config.in"
 	source "package/cage/Config.in"
 	source "package/cog/Config.in"
 	source "package/dmenu-wayland/Config.in"
diff --git a/package/anvil/Config.in b/package/anvil/Config.in
new file mode 100644
index 0000000000..eb65a9fb53
--- /dev/null
+++ b/package/anvil/Config.in
@@ -0,0 +1,20 @@
+config BR2_PACKAGE_ANVIL
+	bool "anvil"
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
+	depends on !BR2_STATIC_LIBS  # wayland
+	depends on BR2_TOOLCHAIN_HAS_THREADS  # wayland
+	depends on BR2_PACKAGE_HAS_UDEV
+	depends on BR2_PACKAGE_MESA3D_GBM
+	select BR2_PACKAGE_HOST_RUSTC
+	select BR2_PACKAGE_LIBINPUT
+	select BR2_PACKAGE_LIBXKBCOMMON
+	select BR2_PACKAGE_PIXMAN
+	select BR2_PACKAGE_SEATD
+	select BR2_PACKAGE_WAYLAND
+
+comment "anvil needs udev /dev amangement, mesa3d w/ gbm, a toolchain w/ threads, shared libs"
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
+	depends on BR2_STATIC_LIBS \
+		|| !BR2_TOOLCHAIN_HAS_THREADS \
+		|| !BR2_PACKAGE_HAS_UDEV \
+		|| !BR2_PACKAGE_MESA3D_GBM
diff --git a/package/anvil/anvil.mk b/package/anvil/anvil.mk
new file mode 100644
index 0000000000..7de9f3e06d
--- /dev/null
+++ b/package/anvil/anvil.mk
@@ -0,0 +1,30 @@
+################################################################################
+#
+# anvil
+#
+################################################################################
+
+ANVIL_VERSION = fb44b240ea4a3aa39a6b92f5bede23301ab9a26e
+ANVIL_SITE = https://github.com/Smithay/smithay
+ANVIL_SITE_METHOD = git
+
+# Upstream refuses to lock their package:
+# https://github.com/Smithay/smithay/issues/496
+ANVIL_CARGO_LOCKED = NO
+
+ANVIL_SUBDIR = anvil
+
+ANVIL_DEPENDENCIES = \
+	libinput \
+	libxkbcommon \
+	mesa3d \
+	pixman \
+	seatd \
+	udev \
+	wayland
+
+ifeq ($(BR2_PACKAGE_XWAYLAND),y)
+ANVIL_DEPENDENCIES += xwayland
+endif
+
+$(eval $(cargo-package))
-- 
2.45.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot