From e3eedd8b5326b8de2e6fe8941e1851bdbad673ab Mon Sep 17 00:00:00 2001 From: Jiahao XU Date: Sun, 24 Mar 2024 11:07:04 +1100 Subject: [PATCH 1/2] Remove dep reqwest from gix Instead forward reqwest feature defined in gix-transport Signed-off-by: Jiahao XU --- Cargo.lock | 1 - gix-transport/Cargo.toml | 42 +++++++++++-- gix/Cargo.toml | 130 +++++++++++++++++++++++++++++---------- 3 files changed, 133 insertions(+), 40 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 3cad9420faf..3602c0db39f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1336,7 +1336,6 @@ dependencies = [ "pretty_assertions", "prodash 28.0.0", "regex", - "reqwest", "serde", "serial_test", "signal-hook", diff --git a/gix-transport/Cargo.toml b/gix-transport/Cargo.toml index 7e7a2774714..2232a215775 100644 --- a/gix-transport/Cargo.toml +++ b/gix-transport/Cargo.toml @@ -22,20 +22,42 @@ default = [] ## If set, blocking implementations of the typical git transports become available in `crate::client` blocking-client = ["gix-packetline/blocking-io"] ## Implies `blocking-client`, and adds support for the http and https transports. -http-client = ["base64", "gix-features/io-pipe", "blocking-client", "gix-credentials"] +http-client = [ + "base64", + "gix-features/io-pipe", + "blocking-client", + "gix-credentials", +] ## Implies `http-client`, and adds support for the http and https transports using the Rust bindings for `libcurl`. http-client-curl = ["curl", "http-client"] ### Implies `http-client` and adds support for http and https transports using the blocking version of `reqwest`. http-client-reqwest = ["reqwest", "http-client"] +## Stacks with `blocking-http-transport-reqwest` and enables `https://` via the `rustls` crate. +http-client-reqwest-rust-tls = ["http-client-reqwest", "reqwest/rustls-tls"] +## Stacks with `blocking-http-transport-reqwest` and enables `https://` via the `rustls` crate. +## This also makes use of `trust-dns` to avoid `getaddrinfo`, but note it comes with its own problems. +http-client-reqwest-rust-tls-trust-dns = [ + "http-client-reqwest", + "reqwest/rustls-tls", + "reqwest/trust-dns", +] +## Stacks with `blocking-http-transport-reqwest` and enables `https://` via the `native-tls` crate. +http-client-reqwest-native-tls = ["http-client-reqwest", "reqwest/default-tls"] ## If set, an async implementations of the git transports becomes available in `crate::client`. ## Suitable for implementing your own transports while using git's way of communication, typically in conjunction with a custom server. ## **Note** that the _blocking_ client has a wide range of available transports, with the _async_ version of it supporting only the TCP based `git` transport leaving you ## with the responsibility to providing such an implementation of `futures-io::AsyncRead/AsyncWrite` yourself. -async-client = ["gix-packetline/async-io", "async-trait", "futures-lite", "futures-io", "pin-project-lite"] +async-client = [ + "gix-packetline/async-io", + "async-trait", + "futures-lite", + "futures-io", + "pin-project-lite", +] #! ### Other ## Data structures implement `serde::Serialize` and `serde::Deserialize`. -serde= ["dep:serde"] +serde = ["dep:serde"] [[test]] name = "blocking-transport" @@ -61,8 +83,14 @@ gix-packetline = { version = "^0.17.5", path = "../gix-packetline" } gix-credentials = { version = "^0.24.2", path = "../gix-credentials", optional = true } gix-quote = { version = "^0.4.12", path = "../gix-quote" } -serde = { version = "1.0.114", optional = true, default-features = false, features = ["std", "derive"]} -bstr = { version = "1.3.0", default-features = false, features = ["std", "unicode"] } +serde = { version = "1.0.114", optional = true, default-features = false, features = [ + "std", + "derive", +] } +bstr = { version = "1.3.0", default-features = false, features = [ + "std", + "unicode", +] } thiserror = "1.0.26" # for async-client @@ -87,7 +115,9 @@ async-std = { version = "1.12.0", optional = true } document-features = { version = "0.2.0", optional = true } [dev-dependencies] -gix-pack = { path = "../gix-pack", default-features = false, features = ["streaming-input"] } +gix-pack = { path = "../gix-pack", default-features = false, features = [ + "streaming-input", +] } gix-hash = { path = "../gix-hash" } async-std = { version = "1.9.0", features = ["attributes"] } maybe-async = "0.2.6" diff --git a/gix/Cargo.toml b/gix/Cargo.toml index a5547f8bff3..a044afd84ce 100644 --- a/gix/Cargo.toml +++ b/gix/Cargo.toml @@ -51,10 +51,25 @@ default = ["max-performance-safe", "comfort", "basic", "extras"] basic = ["blob-diff", "revision", "index"] ## Various additional features and capabilities that are not necessarily part of what most users would need. -extras = ["worktree-stream", "worktree-archive", "revparse-regex", "mailmap", "excludes", "attributes", "worktree-mutation", "credentials", "interrupt", "status", "dirwalk"] +extras = [ + "worktree-stream", + "worktree-archive", + "revparse-regex", + "mailmap", + "excludes", + "attributes", + "worktree-mutation", + "credentials", + "interrupt", + "status", + "dirwalk", +] ## Various progress-related features that improve the look of progress message units. -comfort = ["gix-features/progress-unit-bytes", "gix-features/progress-unit-human-numbers"] +comfort = [ + "gix-features/progress-unit-bytes", + "gix-features/progress-unit-human-numbers", +] #! #### Components #! @@ -87,7 +102,15 @@ worktree-mutation = ["attributes", "dep:gix-worktree-state"] excludes = ["dep:gix-ignore", "dep:gix-worktree", "index"] ## Query attributes and excludes. Enables access to pathspecs, worktree checkouts, filter-pipelines and submodules. -attributes = ["excludes", "dep:gix-filter", "dep:gix-pathspec", "dep:gix-attributes", "dep:gix-submodule", "gix-worktree?/attributes", "command"] +attributes = [ + "excludes", + "dep:gix-filter", + "dep:gix-pathspec", + "dep:gix-attributes", + "dep:gix-submodule", + "gix-worktree?/attributes", + "command", +] ## Add support for mailmaps, as way of determining the final name of commmiters and authors. mailmap = ["dep:gix-mailmap", "revision"] @@ -119,24 +142,57 @@ worktree-archive = ["gix-archive", "worktree-stream", "attributes"] #! Making a choice here also affects which crypto-library ends up being used. ## Make `gix-protocol` available along with an async client. -async-network-client = ["gix-protocol/async-client", "gix-pack/streaming-input", "attributes", "credentials"] +async-network-client = [ + "gix-protocol/async-client", + "gix-pack/streaming-input", + "attributes", + "credentials", +] ## Use this if your crate uses `async-std` as runtime, and enable basic runtime integration when connecting to remote servers via the `git://` protocol. -async-network-client-async-std = ["async-std", "async-network-client", "gix-transport/async-std"] +async-network-client-async-std = [ + "async-std", + "async-network-client", + "gix-transport/async-std", +] ## Make `gix-protocol` available along with a blocking client, providing access to the `file://`, `git://` and `ssh://` transports. -blocking-network-client = ["gix-protocol/blocking-client", "gix-pack/streaming-input", "attributes", "credentials"] +blocking-network-client = [ + "gix-protocol/blocking-client", + "gix-pack/streaming-input", + "attributes", + "credentials", +] ## Stacks with `blocking-network-client` to provide support for HTTP/S using **curl**, and implies blocking networking as a whole, making the `https://` transport available. -blocking-http-transport-curl = ["blocking-network-client", "gix-transport/http-client-curl"] +blocking-http-transport-curl = [ + "blocking-network-client", + "gix-transport/http-client-curl", +] ## Stacks with `blocking-http-transport-curl` and also enables the `rustls` backend to avoid `openssl`. -blocking-http-transport-curl-rustls = ["blocking-http-transport-curl", "dep:curl", "curl?/rustls"] +blocking-http-transport-curl-rustls = [ + "blocking-http-transport-curl", + "dep:curl", + "curl?/rustls", +] ## Stacks with `blocking-network-client` to provide support for HTTP/S using **reqwest**, and implies blocking networking as a whole, making the `https://` transport available. -blocking-http-transport-reqwest = ["blocking-network-client", "gix-transport/http-client-reqwest"] +blocking-http-transport-reqwest = [ + "blocking-network-client", + "gix-transport/http-client-reqwest", +] ## Stacks with `blocking-http-transport-reqwest` and enables `https://` via the `rustls` crate. -blocking-http-transport-reqwest-rust-tls = ["blocking-http-transport-reqwest", "reqwest/rustls-tls"] +blocking-http-transport-reqwest-rust-tls = [ + "blocking-http-transport-reqwest", + "gix-transport/http-client-reqwest-rust-tls", +] ## Stacks with `blocking-http-transport-reqwest` and enables `https://` via the `rustls` crate. ## This also makes use of `trust-dns` to avoid `getaddrinfo`, but note it comes with its own problems. -blocking-http-transport-reqwest-rust-tls-trust-dns = ["blocking-http-transport-reqwest", "reqwest/rustls-tls", "reqwest/trust-dns"] +blocking-http-transport-reqwest-rust-tls-trust-dns = [ + "blocking-http-transport-reqwest", + "gix-transport/http-client-reqwest-rust-tls-trust-dns", +] ## Stacks with `blocking-http-transport-reqwest` and enables `https://` via the `native-tls` crate. -blocking-http-transport-reqwest-native-tls = ["blocking-http-transport-reqwest", "reqwest/default-tls"] +blocking-http-transport-reqwest-native-tls = [ + "blocking-http-transport-reqwest", + "gix-transport/http-client-reqwest-native-tls", +] #! #### Performance @@ -147,20 +203,13 @@ blocking-http-transport-reqwest-native-tls = ["blocking-http-transport-reqwest", ## Activate features that maximize performance, like using threads, but leave everything else that might affect compatibility out to allow users more fine-grained ## control over performance features like which `zlib*` implementation to use. ## No C toolchain is involved. -max-control = [ - "parallel", - "pack-cache-lru-static", - "pack-cache-lru-dynamic", -] +max-control = ["parallel", "pack-cache-lru-static", "pack-cache-lru-dynamic"] ## Activate features that maximize performance, like usage of threads, `and access to caching in object databases, skipping the ones known to cause compile failures ## on some platforms. ## Note that this configuration still uses a pure Rust zlib implementation which isn't the fastest compared to its C-alternatives. ## No C toolchain is involved. -max-performance-safe = [ - "max-control", - "parallel-walkdir" -] +max-performance-safe = ["max-control", "parallel-walkdir"] ## If set, walkdir iterators will be multi-threaded which affects the listing of loose objects and references. ## Note, however, that this will use `rayon` under the hood and spawn threads for each traversal to avoid a global rayon thread pool. @@ -215,7 +264,8 @@ zlib-stock = ["gix-features/zlib-stock"] verbose-object-parsing-errors = ["gix-object/verbose-object-parsing-errors"] ## Data structures implement `serde::Serialize` and `serde::Deserialize`. -serde = ["dep:serde", +serde = [ + "dep:serde", "gix-pack/serde", "gix-object/serde", "gix-protocol?/serde", @@ -230,7 +280,8 @@ serde = ["dep:serde", "gix-revision/serde", "gix-worktree?/serde", "gix-commitgraph/serde", - "gix-credentials?/serde"] + "gix-credentials?/serde", +] ## Re-export the progress tree root which allows to obtain progress from various functions which take `impl gix::Progress`. ## Applications which want to display progress will probably need this implementation. @@ -240,7 +291,6 @@ progress-tree = ["prodash/progress-tree"] cache-efficiency-debug = ["gix-features/cache-efficiency-debug"] - [dependencies] gix-macros = { version = "^0.1.4", path = "../gix-macros" } gix-utils = { version = "^0.1.11", path = "../gix-utils" } @@ -261,7 +311,9 @@ gix-odb = { version = "^0.59.0", path = "../gix-odb" } gix-hash = { version = "^0.14.2", path = "../gix-hash" } gix-object = { version = "^0.42.1", path = "../gix-object" } gix-actor = { version = "^0.31.1", path = "../gix-actor" } -gix-pack = { version = "^0.49.0", path = "../gix-pack", default-features = false, features = ["object-cache-dynamic"] } +gix-pack = { version = "^0.49.0", path = "../gix-pack", default-features = false, features = [ + "object-cache-dynamic", +] } gix-revision = { version = "^0.27.0", path = "../gix-revision", default-features = false } gix-revwalk = { version = "^0.13.0", path = "../gix-revwalk" } gix-negotiate = { version = "^0.13.0", path = "../gix-negotiate", optional = true } @@ -271,7 +323,10 @@ gix-url = { version = "^0.27.2", path = "../gix-url" } gix-traverse = { version = "^0.38.0", path = "../gix-traverse" } gix-diff = { version = "^0.42.0", path = "../gix-diff", default-features = false } gix-mailmap = { version = "^0.23.0", path = "../gix-mailmap", optional = true } -gix-features = { version = "^0.38.1", path = "../gix-features", features = ["progress", "once_cell"] } +gix-features = { version = "^0.38.1", path = "../gix-features", features = [ + "progress", + "once_cell", +] } gix-trace = { version = "^0.1.8", path = "../gix-trace" } gix-glob = { version = "^0.16.2", path = "../gix-glob" } @@ -286,7 +341,9 @@ gix-hashtable = { version = "^0.5.2", path = "../gix-hashtable" } gix-commitgraph = { version = "^0.24.2", path = "../gix-commitgraph" } gix-pathspec = { version = "^0.7.2", path = "../gix-pathspec", optional = true } gix-submodule = { version = "^0.10.0", path = "../gix-submodule", optional = true } -gix-status = { version = "^0.8.0", path = "../gix-status", optional = true, features = ["worktree-rewrites"] } +gix-status = { version = "^0.8.0", path = "../gix-status", optional = true, features = [ + "worktree-rewrites", +] } gix-command = { version = "^0.3.6", path = "../gix-command", optional = true } gix-worktree-stream = { version = "^0.11.0", path = "../gix-worktree-stream", optional = true } @@ -301,7 +358,9 @@ prodash = { workspace = true, optional = true, features = ["progress-tree"] } once_cell = "1.14.0" signal-hook = { version = "0.3.9", default-features = false, optional = true } thiserror = "1.0.26" -serde = { version = "1.0.114", optional = true, default-features = false, features = ["derive"] } +serde = { version = "1.0.114", optional = true, default-features = false, features = [ + "derive", +] } smallvec = "1.9.0" async-std = { version = "1.12.0", optional = true } @@ -312,10 +371,9 @@ curl = { workspace = true, optional = true } ## ## If disabled, the text will be search verbatim in any portion of the commit message, similar to ## how a simple unanchored regex of only 'normal' characters would work. -regex = { version = "1.6.0", optional = true, default-features = false, features = ["std"] } - -# For internal use to allow pure-Rust builds without openssl. -reqwest = { workspace = true, optional = true } +regex = { version = "1.6.0", optional = true, default-features = false, features = [ + "std", +] } # for `interrupt` module parking_lot = "0.12.1" @@ -332,4 +390,10 @@ serial_test = { version = "2.0.0", default-features = false } async-std = { version = "1.12.0", features = ["attributes"] } [package.metadata.docs.rs] -features = ["document-features", "max-performance", "blocking-network-client", "blocking-http-transport-curl", "serde"] +features = [ + "document-features", + "max-performance", + "blocking-network-client", + "blocking-http-transport-curl", + "serde", +] From 98cfbec51276bbd6caa48fd6d8942247df091c94 Mon Sep 17 00:00:00 2001 From: Sebastian Thiel Date: Sun, 24 Mar 2024 09:29:32 +0100 Subject: [PATCH 2/2] fix: forward `curl` rustls feature from `gix-transport` to avoid `curl` in `gix`. (#1328) This removes the `curl` dependency just for configuring it, and removes a hazard which became evident with reqwest. --- Cargo.lock | 1 - gix-transport/Cargo.toml | 2 ++ gix/Cargo.toml | 6 +----- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 3602c0db39f..52878592a24 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1280,7 +1280,6 @@ version = "0.61.1" dependencies = [ "anyhow", "async-std", - "curl", "document-features", "gix-actor 0.31.1", "gix-archive", diff --git a/gix-transport/Cargo.toml b/gix-transport/Cargo.toml index 2232a215775..8b36faede0a 100644 --- a/gix-transport/Cargo.toml +++ b/gix-transport/Cargo.toml @@ -30,6 +30,8 @@ http-client = [ ] ## Implies `http-client`, and adds support for the http and https transports using the Rust bindings for `libcurl`. http-client-curl = ["curl", "http-client"] +## Implies `http-client-curl` and enables `rustls` for creationg `https://` connections. +http-client-curl-rust-tls = ["http-client-curl", "curl/rustls"] ### Implies `http-client` and adds support for http and https transports using the blocking version of `reqwest`. http-client-reqwest = ["reqwest", "http-client"] ## Stacks with `blocking-http-transport-reqwest` and enables `https://` via the `rustls` crate. diff --git a/gix/Cargo.toml b/gix/Cargo.toml index a044afd84ce..6a6a9a9b48b 100644 --- a/gix/Cargo.toml +++ b/gix/Cargo.toml @@ -169,8 +169,7 @@ blocking-http-transport-curl = [ ## Stacks with `blocking-http-transport-curl` and also enables the `rustls` backend to avoid `openssl`. blocking-http-transport-curl-rustls = [ "blocking-http-transport-curl", - "dep:curl", - "curl?/rustls", + "gix-transport/http-client-curl-rust-tls", ] ## Stacks with `blocking-network-client` to provide support for HTTP/S using **reqwest**, and implies blocking networking as a whole, making the `https://` transport available. blocking-http-transport-reqwest = [ @@ -364,9 +363,6 @@ serde = { version = "1.0.114", optional = true, default-features = false, featur smallvec = "1.9.0" async-std = { version = "1.12.0", optional = true } -# Used for feature-configuration only. -curl = { workspace = true, optional = true } - ## For use in rev-parse, which provides searching commits by running a regex on their message. ## ## If disabled, the text will be search verbatim in any portion of the commit message, similar to