bors [Mon, 21 Dec 2020 19:37:30 +0000 (19:37 +0000)]
Auto merge of #8976 - ebroto:rustc_workspace_wrapper, r=ehuss
Stabilize RUSTC_WORKSPACE_WRAPPER
Stabilizing this environment variable would allow Clippy to fix a long-standing usability problem, [clippy#4612](https://github.com/rust-lang/rust-clippy/issues/4612).
It's also the last step towards stabilizing the `--fix` command-line argument in Clippy, that allows applying suggestions automatically when the lint supports it.
bors [Sat, 19 Dec 2020 15:23:22 +0000 (15:23 +0000)]
Auto merge of #8987 - jonhoo:metadata-target-filtering, r=ehuss
Make cargo metadata and tree respect target
Previously, the `metadata` and `tree` subcommands would download
dependencies for all targets, regardless of whether those targets were
actually enabled. This PR updates them so that they only download the
same dependencies that building would do with the requested target(s).
`cargo metadata` still includes all targets by default; you can only opt
_out_ using `--filter-platform`. Ideally it should use `--target` the
same way `tree` does, but it's too late to change that now.
bors [Fri, 18 Dec 2020 18:21:58 +0000 (18:21 +0000)]
Auto merge of #8996 - alexcrichton:revert, r=ehuss
Revert #8954 - changing rustdoc's cwd
This PR reverts https://github.com/rust-lang/cargo/pull/8954 in reference to https://github.com/rust-lang/cargo/issues/8993 and https://github.com/rust-lang/cargo/issues/8992 where there's still definitely a bug to be fixed but we should probably avoid regressing in the meantime.
Jon Gjengset [Wed, 16 Dec 2020 20:16:07 +0000 (12:16 -0800)]
Make cargo metadata and tree respect target
Previously, the `metadata` and `tree` subcommands would download
dependencies for all targets, regardless of whether those targets were
actually enabled. This PR updates them so that they only download the
same dependencies that building would do with the requested target(s).
`cargo metadata` still includes all targets by default; you can only opt
_out_ using `--filter-platform`. Ideally it should use `--target` the
same way `tree` does, but it's too late to change that now.
bors [Wed, 16 Dec 2020 21:37:20 +0000 (21:37 +0000)]
Auto merge of #8984 - ehuss:reject-ambiguous-git, r=Eh2406
Reject ambiguous git dependency declaration.
This rejects a git dependency that specifies more than one of `branch`, `tag`, or `rev`. Cargo does not handle this case very well, and this warning has been in place for 4 years (since #2940).
bors [Wed, 16 Dec 2020 14:35:53 +0000 (14:35 +0000)]
Auto merge of #8978 - joshtriplett:faq-clarification, r=Eh2406
Clarify FAQ entry wording about lockfiles
I received a report that this FAQ entry (and in particular the wording
"across whatever machine") generated some confusion. Reword the FAQ
entry for clarity.
Josh Triplett [Wed, 16 Dec 2020 03:38:26 +0000 (19:38 -0800)]
Clarify FAQ entry wording about lockfiles
I received a report that this FAQ entry (and in particular the wording
"across whatever machine") generated some confusion. Reword the FAQ
entry for clarity.
bors [Mon, 14 Dec 2020 17:21:26 +0000 (17:21 +0000)]
Auto merge of #8973 - ehuss:rerun-if-directory, r=alexcrichton
Check if rerun-if-changed points to a directory.
This changes it so that if a build script emits `cargo:rerun-if-changed` pointing to a directory, then Cargo will scan the entire directory for changes (instead of just looking at the mtime of the directory itself). I think this is more useful, as otherwise build scripts have to recreate this logic.
I've tried to make it semi-intelligent in the face of symbolic links. It checks the mtime of the link and its target, and follows the link if it points to a directory.
There are a few other edge cases. For example, if it doesn't have permission for a directory, it will skip it. I think this is relatively reasonable, though it's hard to say for sure.
bors [Mon, 14 Dec 2020 16:22:53 +0000 (16:22 +0000)]
Auto merge of #8934 - ehuss:token-process, r=alexcrichton
Implement external credential process. (RFC 2730)
This adds a config setting for an external process to run to fetch the token for a registry. See `unstable.md` for more details.
As part of this, it adds a new `logout` command. This is currently gated on nightly with the appropriate `-Z` flag.
I have included four sample wrappers that integrate with the macOS Keychain, Windows Credential Manager, GNOME libsecret, and 1password. I'm not sure if we'll ultimately ship these, but I would like to. Primarily this provided a proof-of-concept to see if the design works.
**Patch Walkthrough**
This is a brief overview of the changes:
- Adds the `logout` command. With `cargo logout -Z unstable-options`, this allows removing the `token` from `.cargo/credentials`. With `cargo logout -Z credential-process`, this launches the process with the `erase` argument to remove the token from storage.
- Credential-process handling is in the `ops/registry/auth.rs` module. I think it is pretty straightforward, it just launches the process with the appropriate store/get/erase argument.
- `ops::registry::registry()` now returns the `RegistryConfig` to make it easier to pass the config information around.
- `crates/credential/cargo-credential` is a helper crate for writing credential processes.
- A special shorthand of the `cargo:` prefix for a credential process will launch the named process from the `libexec` directory in the sysroot (or, more specifically, the `libexec` directory next to the `cargo` process). For example `credential-process = "cargo:macos-keychain"`. My intent is to bundle these in the pre-built rust-lang distributions, and this should "just work" when used with rustup. I'm not sure how that will work with other Rust distributions, but I'm guessing they can figure it out. This should make it much easier for users to get started, but does add some integration complexity.
**Questions**
- I'm on the fence about the name `credential-process` vs `credentials-process`, which sounds more natural? (Or something else?)
- I'm uneasy about the behavior when both `token` and `credential-process` is specified (see `warn_both_token_and_process` test). Currently it issues a warning and uses `token`. Does that make sense? What about the case where you have `registries.foo.token` for a specific registry, but then have a general `registry.credential-process` for the default (it currently warns and uses the token, maybe it should not warn?)?
- I am still pretty uneasy with writing FFI wrappers, so maybe those could get a little extra scrutiny? They seem to work, but I have not extensively tested them (I tried login, publish, and logout). I have not previously used these APIs, so I am not familiar with them.
- Testing the wrappers I think will be quite difficult, because some require TTY interaction (and 1password requires an online account). Or, for example in the macOS case, it has GUI dialog box where I can use my fingerprint scanner. Right now, I just build them in CI to make sure they compile.
- 1password is a little weird in that it passes the token on the command-line, which is not very secure on some systems (other processes can see these sometimes). The only alternative I can think of is to not support `cargo login` and require the user to manually enter the token in the 1password GUI. I don't think the concern is too large (1password themselves seem to think it is acceptable). Should this be OK?
- I'm a little uneasy with the design of `cargo login`, where it passes the token in stdin. If the wrapper requires stdin for user interaction (such as entering a password to unlock), this is quite awkward. There is a hack in the 1password example that demonstrates using `/dev/tty` and `CONIN$`, which *seems* to work, but I'm worried is fragile. I'm not very comfortable passing the token in environment variables, because those can be visible to other processes (like CLI args), but in some situations that shouldn't be too risky. Another option is to use a separate file descriptor/handle to pass the token in. Implementing that in Rust in a cross-platform way is not terribly easy, so I wanted to open this up for discussion first.
bors [Sat, 12 Dec 2020 17:38:07 +0000 (17:38 +0000)]
Auto merge of #8969 - alexcrichton:fix-cycle, r=ehuss
Fix the unit dependency graph with dev-dependency `links`
This commit fixes #8966 by updating the unit generation logic to avoid
generating an erroneous circular dependency between the execution of two
build scripts. This has been present for Cargo in a long time since #5651
(an accidental regression), but the situation appears rare enough that
we didn't get to it until now!
Alex Crichton [Fri, 11 Dec 2020 17:57:49 +0000 (09:57 -0800)]
Fix the unit dependency graph with dev-dependency `links`
This commit fixes #8966 by updating the unit generation logic to avoid
generating an erroneous circular dependency between the execution of two
build scripts. This has been present for Cargo in a long time since #5651
(an accidental regression), but the situation appears rare enough that
we didn't get to it until now!
bors [Mon, 7 Dec 2020 23:08:44 +0000 (23:08 +0000)]
Auto merge of #8953 - hkennyv:clarify-package-edition-docs, r=Eh2406
Clarify cargo manifest edition field docs
addresses #8951
This PR aims to clarify the documentation for the `edition` field in the Cargo manifest.
The confusion (IME) stems from the behavior of `cargo new` (defaults to writing edition = "2018") being confused for the default behavior of how Cargo interprets the manifest (`edition` is an optional key, defaults to 2015).
would love to get some other thoughts on how we can clarify this since it seems like I'm not the only one who got confused `@Eh2406`
bors [Mon, 7 Dec 2020 16:01:07 +0000 (16:01 +0000)]
Auto merge of #8950 - ehuss:publish-tarball-metadata, r=alexcrichton
Workaround fs issue in `cargo publish`.
`cargo publish` can fail on some filesystems with a mysterious "No such file or directory". The issue is that `statx` (and `fstat`) will fail on the 9p filesystem (which happens to be used by WSL2) after a file has been [renamed](https://github.com/rust-lang/cargo/blame/27187096a380fdd3b747b5d5ec3396b7af67a6f9/src/cargo/ops/cargo_package.rs#L133-L138). The solution for this workaround is to use seek instead of fstat to determine the length of the tarball.
More information about the 9p problem can be found at https://bugs.launchpad.net/qemu/+bug/1336794 and https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg06382.html.
bors [Fri, 4 Dec 2020 21:51:05 +0000 (21:51 +0000)]
Auto merge of #8942 - ehuss:panic-no-roots, r=alexcrichton
Fix panic with -Zbuild-std and no roots.
If a build command is run without any roots (like `cargo build` in a project with only tests), then cargo would panic with `-Z build-std`. This is because some parts of the code assumes that all units in the unit graph are reachable from the roots. However, the code was "attaching" the std units to the graph without a root.
The particular line that was panicking was [this one](https://github.com/rust-lang/cargo/blob/5c40b7f6dc94cffae0107d034ac1d1c6d3da18bf/src/cargo/core/compiler/context/mod.rs#L475) where it iterates over the units to check for collisions. The outputs are calculated based on the roots (since they metadata computation has to walk the dep graph), so without any roots there was no metadata, and thus no outputs.
bors [Fri, 4 Dec 2020 15:14:25 +0000 (15:14 +0000)]
Auto merge of #8937 - alexcrichton:optimize-vendor-a-bit, r=Eh2406
Slightly optimize `cargo vendor`
I've noticed recently that `cargo vendor` feels really sluggish and
slow, and apparently this is primarily because we delete the registry
caches and re-extract all the tarballs. This commit implements one
possible optimization without changing this, however, which is that
currently we both copy a file and checksum it, but that ends up reading
all the contents twice. Those two functions are now folded into one,
shaving about 3s locally from Cargo's own vendor times.
Alex Crichton [Thu, 3 Dec 2020 16:25:45 +0000 (08:25 -0800)]
Slightly optimize `cargo vendor`
I've noticed recently that `cargo vendor` feels really sluggish and
slow, and apparently this is primarily because we delete the registry
caches and re-extract all the tarballs. This commit implements one
possible optimization without changing this, however, which is that
currently we both copy a file and checksum it, but that ends up reading
all the contents twice. Those two functions are now folded into one,
shaving about 3s locally from Cargo's own vendor times.
bors [Wed, 2 Dec 2020 22:12:37 +0000 (22:12 +0000)]
Auto merge of #8929 - ehuss:fix-git-config-author, r=Eh2406
Fix test escaping __CARGO_TEST_ROOT
#8886 added a test which unsets `__CARGO_TEST_ROOT`, but that environment variable is there for a reason. This causes problems as it causes that test to load the `.cargo/config` from the real home directory, which if it contains a `[cargo-new]` section, causes the test to fail.
The fix here is to change `find_tests_git_config` so that it behaves more like the real git config loader, but avoids escaping the test sandbox. There are some subtle issues here, like #7469, which I believe should still work correctly.
bors [Wed, 2 Dec 2020 14:39:12 +0000 (14:39 +0000)]
Auto merge of #8930 - ehuss:fix-semver-msg, r=Eh2406
Fix semver documentation tests.
GitHub just updated the VM image to include the latest stable rust (1.48), which included some minor changes to diagnostic outputs. This updates the semver chapter tests which validates that the correct error is displayed for the 1.48 release. These diagnostics were changed via https://github.com/rust-lang/rust/pull/76524 and https://github.com/rust-lang/rust/pull/73996.
Anil P [Wed, 2 Dec 2020 05:42:33 +0000 (23:42 -0600)]
Fix: unavailable author for cargo new
- if author name and email not found from config or env variables, defaults to an empty author list authors = []
- simplified selection of name + email from available choices in (fn mk)
bors [Wed, 2 Dec 2020 01:44:30 +0000 (01:44 +0000)]
Auto merge of #8725 - chaaz:master, r=ehuss
Add "--workspace" to update command
My `--bin` project has CI which updates the version number in `Cargo.toml`, which it then commits. However, this means that any further cargo command (`build`, `test`, etc) will update the existing `Cargo.lock` file (updating the root version), causing some frustration for users. Furthermore, it breaks the `publish` command, which requires the repo to be current.
I've added a `sync-lockfile` command to simply update the root version in the `Cargo.lock` file to match the `Cargo.toml` in the same way that simple commands like `fetch` do. If no `Cargo.lock` file is present, and new one is generated based on the index.
This is a demo PR for Pre-RFC conversation at https://internals.rust-lang.org/t/pre-rfc-cargo-command-to-just-sync-lockfile/13119, but may become a real PR if it gets approval.
bors [Tue, 1 Dec 2020 15:34:20 +0000 (15:34 +0000)]
Auto merge of #8877 - jyn514:rustdoc-map, r=alexcrichton
Set docs.rs as the default extern-map for crates.io
Helps address https://github.com/rust-lang/cargo/issues/8296, specifically the bit needed for https://github.com/rust-lang/docs.rs/issues/1177.
r? `@ehuss`
bors [Mon, 30 Nov 2020 16:18:13 +0000 (16:18 +0000)]
Auto merge of #8920 - ehuss:publish-dev-dependencies, r=Eh2406
Remove version from dev-dependencies to make it easier to publish.
Since #7333, released in 1.40, Cargo will strip dev-dependencies that don't have a version. These two crates aren't published to crates.io, and thus they have to be commented out each time a release is made. This change avoids that step.
bors [Mon, 30 Nov 2020 15:25:11 +0000 (15:25 +0000)]
Auto merge of #8908 - JoshMcguigan:dependency-queue-cost, r=alexcrichton
update dependency queue to consider cost for each node
In support of #7437, this updates the dependency queue implementation to consider a non-fixed cost for each node. The behavior of this implementation should match the previous implementation if all units are assigned the same cost by the code which calls the `queue` method (which is what we do for now).
In the future I can think of at least two ways these costs could be used:
1. Use some known constant value by default (say 100 as I've done in this PR), and allow the user to provide hints for certain units to influence compilation order (as requested in #7437).
2. Take timing data from a previous compilation (perhaps the json output of `cargo build -Ztimings=json`) and use the actual time required to compile a given unit (in milliseconds) as its cost. Any units not included in the provided timing data could perhaps have their cost set to the median cost of all crates included in the timing data.