Skip to content

buf: remove reliance of tests on git file transport#199015

Merged
SuperSandro2000 merged 1 commit intoNixOS:masterfrom
sternenseemann:buf-fix-build
Nov 7, 2022
Merged

buf: remove reliance of tests on git file transport#199015
SuperSandro2000 merged 1 commit intoNixOS:masterfrom
sternenseemann:buf-fix-build

Conversation

@sternenseemann
Copy link
Member

@sternenseemann sternenseemann commented Nov 1, 2022

A recent git security update disabled the file transport by default, see https://github.blog/2022-10-18-git-security-vulnerabilities-announced/#cve-2022-39253

We can pick an upstream patch which needed to be rebased unfortunately, so we can't fetch it directly from GitHub.

Description of changes
Things done
  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 22.11 Release Notes (or backporting 22.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
    • (Release notes changes) Ran nixos/doc/manual/md-to-db.sh to update generated release notes
  • Fits CONTRIBUTING.md.

@sternenseemann sternenseemann mentioned this pull request Nov 1, 2022
Merged
@ofborg ofborg bot requested review from 06kellyjac, lrewega and raboof November 1, 2022 17:55
@ofborg ofborg bot added 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-darwin: 1 This PR causes 1 package to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. labels Nov 1, 2022
@06kellyjac
Copy link
Member

06kellyjac commented Nov 1, 2022

If this is just a test failure due to a change in Git's behaviour can we just delete private/pkg/git/git_test.go in preCheck?
Then we dont need this patch file. We dont run golangci-lint anyway so dont need that part

@sternenseemann
Copy link
Member Author

sternenseemann commented Nov 1, 2022

I think it's easier to patch which can be dropped with the next buf release easily as it's already upstream. I can filter the ci file out in the patch, but it's also not like it really matters…

@sternenseemann
buf: remove reliance of tests on git file transport
ebb0a9b 
A recent git security update disabled the file transport by default,
see https://github.blog/2022-10-18-git-security-vulnerabilities-announced/#cve-2022-39253

We can pick an upstream patch which needed to be rebased unfortunately,
so we can't fetch it directly from GitHub.
@sternenseemann
Copy link
Member Author

sternenseemann commented Nov 1, 2022

Dropped the ci config file from the patch.

@vcunat vcunat changed the base branch from staging-next to master November 2, 2022 16:34
raphaelr
raphaelr reviewed Nov 7, 2022
View reviewed changes
Copy link
Contributor

@raphaelr raphaelr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Result of nixpkgs-review pr 199015 run on x86_64-linux 1

1 package built:
  • buf

I don't have strong opnions about whether to patch the test or disable it

@SuperSandro2000 SuperSandro2000 merged commit e054227 into NixOS:master Nov 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lrewega lrewega Awaiting requested review from lrewega

@06kellyjac 06kellyjac Awaiting requested review from 06kellyjac

@raboof raboof Awaiting requested review from raboof

1 more reviewer

@raphaelr raphaelr raphaelr left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-darwin: 1 This PR causes 1 package to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sternenseemann @06kellyjac @raphaelr @SuperSandro2000