Implemented "ignore-expiry" flag as in "cabal --ignore-expiry #4614
Conversation
|
Hi @l984, thanks for the PR. We usually ask for people to raise issues before requesting a PR, so would you kindly provide answers to the following questions:
In addition, you've ticked the box saying 'The documentation has been updated if necessary' but you haven't updated any documentation, and it is necessary. If this PR is to be merged it will need that. There are also no tests; it would be good to see an integration test for this. Thanks! |
dbaynard
added
missing-ghc-release
awaiting-response
and removed
missing-ghc-release
labels
|
Hi and thank you for the quick response! Original motivationMy original idea was to implement local stack/hackage partial mirror However, stack/hackage package management system apparently implements This PR introduces a new optional How the problem looks without the PRWithout this PR when using stack with outdated mirror stack complains Honestly I do not really understand the motives behind these The PR solves this problem. What does this PR doThe default behaviour remains the same. However, the new optional References to the documentaion about timestamp/expiry logicDocumentation about timestamp and expiration time is probably Expiry logic is implemented by the checkForUpdates and documentation Finally, here is cabal documentation about Free softwareWithout any possibility to disable expiration checks the user of From my point of view this approach takes away control from the user More things to be done about this PRDocumentationThe PR already has an update to the documentation - see the change in TestsIt would be difficult to make proper testcases - I would certainly Thank you! |
|
Hi @l984, thank you for answering the questions. Going through your responses, I realised that it would be helpful to have a quick repro (rather than having to wait for the cache to expire). Can you reproduce this by editing your timestamp file?
This seems reasonable. The scoping looks appropriate; too. I'm slightly concerned that it might result in non-reproducible builds (as a user may make changes to their local hackage, necessary for a package to compile, and other users will not be able to compile that package) but I don't think that is changed by this PR.
Super helpful — thanks. Shall we add The hackage security readme, too, which explains the detail (timestamp ensures that the hackage snapshot as a whole is up to date). Can you edit the timestamp and have the hackage snapshot work, in current stack/cabal-installl?
I don't understand the restrictions. I think the the link I've put just above might help — by my reading, it's for cache invalidation (including preventing 'freeze attacks').
If by 'hackage update process' you mean any disruption to you updating your copy, then you're not quite correct. Stack is aware of hackage mirrors, which is useful on the uncommon occasions that the main hackage mirror is down (it used to use the fpcomplete mirror by default — I believe that's been changed, now). The update may fail because of local connectivity problems. In that case, will stack (or cabal-install) use the cached version, or refuse because it has expired? If by 'hackage update process' you mean that hackage itself is no longer updated, then yes there will be problems, but I would not expect them to differ from those with other similar public services.
Yes, please.
If updating the timestamp manually fixes the issue (and indeed triggers it) that's a way to proceed. |
Note: Documentation fixes for https://docs.haskellstack.org/en/stable/ should target the "stable" branch, not master.
Please include the following checklist in your PR:
Please also shortly describe how you tested your change. Bonus points for added tests!
This change simply exposes the same functionality which cabal already implements and exposes using "--ignore-expiry" flag.