New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Worker: Add make update-wrap-file
task
#938
Conversation
- Usage example: `make update-subproject SUBPROJECT=openssl`. ### Bonus Tracks - Make comments in `Makefile` respect max length ~80 columns. - Order tasks in `Makefile`. - Update `libuv` by using the new `make update-subproject` task.
Off topic: I did this to update OpenSSL given the recent CVE-2022-3786 and CVE-2022-3602, however last version of OpenSSL in https://mesonbuild.com/Wrapdb-projects.html is still 3.0.2-1, which is really outdated :( How are we supposed to deal with this? |
Ohhh.... why this? I didn't do anything in this PR that may have caused this... https://github.com/versatica/mediasoup/actions/runs/3387127006/jobs/5627440846#step:6:124 |
Just do the changes suggested in the error. Can be new version of Meson requires it. |
How can this PR cause that? I didn't change Meson version. |
Change done. |
I believe is a meson auto update, or a fresh installation in github actions. |
I'm updating [wrap-file]
directory = openssl-3.0.7
source_url = https://www.openssl.org/source/openssl-3.0.7.tar.gz
source_filename = openssl-3.0.7.tar.gz
source_hash = 83049d042a260e696f62406ac5c08bf706fd84383f945cf21bd61e9ed95c396e
[provide]
libcrypto = libcrypto_dep
libssl = libssl_dep
openssl = openssl_dep Then I run
|
which makes sense since, indeed, there is no |
So, so the thing is that, in previous [wrap-file]
directory = openssl-3.0.2
source_url = https://www.openssl.org/source/openssl-3.0.2.tar.gz
source_filename = openssl-3.0.2.tar.gz
source_hash = 98e91ccead4d4756ae3c9cde5e09191a8e586d9f4d50838e7ec09d6411dfdb63
patch_filename = openssl_3.0.2-1_patch.zip
patch_url = https://wrapdb.mesonbuild.com/v2/openssl_3.0.2-1/get_patch
patch_hash = 762ab4ea94d02178d6a1d3eb63409c2c4d61315d358391cdac62df15211174d4
[provide]
libcrypto = libcrypto_dep
libssl = libssl_dep
openssl = openssl_dep This makes Meson fetch a special patch file from https://wrapdb.mesonbuild.com/v2/openssl_3.0.2-1/get_patch which is a zip file that contains |
ok, this is too much for me... Maybe caused by issue rust-lang/rust-clippy#9538 which may be fixed by PR rust-lang/rust-clippy#9662. |
Ok, I've compared However it's not gonna work since the path zip must contain a folder with same name as the desired subproject to patch, which in our case is |
It's not that straightforward, There are specific instructions to create/update meson wrap subprojects here https://mesonbuild.com/Adding-new-projects-to-wrapdb.html |
make update-subproject
taskmake update-wrap-file
task
I see. However take a look to how complex making this for a new openss version is. This is the README in the patch file in mesonbuild for openssl-3.0.2: OpenSSL for MesonHow this works?TL;DR: this wrap abuses OpenSSL build system within Node.js. Node.js has OpenSSL built-in with additional scripting around it to generate configs for GYP build system and thus bypass OpenSSL's native build system. This wrap abuses that feature by replacing bundled OpenSSL with upstream version, patching mentioned mechanism to also generate a bunch of During installation unmodified Node.js tarball will be downloaded, its bundled OpenSSL will be replaced with upstream version and patched with How to update to newer releaseUnless Node.js changes the mechanism we abuse above (unlikely, but possible, please check the diff between corresponding versions), Just update OpenSSL version in wrap file, update Node.js version in
Generated files in AcknowledgementThis OpenSSL port wouldn't be possible without Node.js project under MIT license, whose OpenSSL build system was decomposed and heavily refactored. |
Indeed @nazar-pc did the previous one https://github.com/mesonbuild/wrapdb/commits/master/subprojects/openssl.wrap |
I'll create a new ticket for the openssl update stuff and leave this PR just for what it was intended: add a new make task |
This and other might be related to Rust version upgrade. Run As to OpenSSL update you'll need to update it in Meson wraps first unless someone else did it. According to https://mesonbuild.com/Wrapdb-projects.html version there is quite old and needs to be updated, you can see one of the PRs I did and follow readme as you already noticed. For instance here: mesonbuild/wrapdb#281 Same about libuv, here is an example of upgrade (basically read upstream CMakeLists changes and tweak meson.build): mesonbuild/wrapdb#367 |
New Rust version was just released earlier today, so this is probably why you hit those warnings, I'll send a PR fixing them. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@nazar-pc assuming that you are gonna fix the Rust "clippy" related issues in a separate PR, are we good with this PR?
Yes, looks fine to me
make update-wrap-file SUBPROJECT=openssl
.Bonus Tracks
Makefile
respect max length ~80 columns.Makefile
.libuv
by using the newmake update-subproject
task.