279260 – security/cargo-audit: broken without ca_root_nss

Bug 279260 - security/cargo-audit: broken without ca_root_nss

Summary: security/cargo-audit: broken without ca_root_nss

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	Mikael Urankar

URL:
Keywords:

Depends on:
Blocks:

Reported:	2024-05-23 19:14 UTC by Alan Somers
Modified:	2024-05-28 17:18 UTC (History)
CC List:	0 users

See Also:

Flags:	bugzilla: maintainer-feedback? (mikael)

Attachments
Update port to 0.20.0 (71.12 KB, patch) 2024-05-24 17:28 UTC, Alan Somers	mikael: maintainer-approval+	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alan Somers freebsd_committer

2024-05-23 19:14:45 UTC

cargo-audit has been failing in Cirrus CI ever since 14.0 and 13.3 were released (it works in 13.2).  The symptom is similar to https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=276557 , but the root cause is different.  A workaround is to install the ca_root_nss package (which is installed by default on the 13.2 release image in GCP; that's why cargo-audit works there).

Until upstream fixes the root cause, can we please add ca_root_nss as a RUN_DEPENDS?

https://github.com/rustsec/rustsec/issues/1137

Comment 1 Mikael Urankar freebsd_committer

2024-05-24 15:18:40 UTC

Yup, if you have a patch ready (run_depends + bump portrevision):
Approved by: mikael

Otherwise I'll try to find some time next week to fix it.

Comment 2 Alan Somers freebsd_committer

2024-05-24 15:27:01 UTC

Ok, I'll do it.  Shall I update to 0.20.0 at the same time?
https://github.com/rustsec/rustsec/blob/main/cargo-audit/CHANGELOG.md#0200-2024-02-16

Comment 3 Mikael Urankar freebsd_committer

2024-05-24 17:22:22 UTC

(In reply to Alan Somers from comment #2)
It's tricky to update cargo-audit due to the multiple crates. If it builds fine with poudriere testport, go for it.

Comment 4 Alan Somers freebsd_committer

2024-05-24 17:28:21 UTC

Created attachment 250924 [details]
Update port to 0.20.0

Here's the patch.  I found that I had to add the CARGO_CARGOLOCK line in order to make "make cargo-crates" work.  How did you do it before?

Comment 5 Mikael Urankar freebsd_committer

2024-05-28 17:07:20 UTC

(In reply to Alan Somers from comment #4)
I was searching all the Cargo.toml, generated the corresponding Cargo.lock file and used the various Cargo scripts in /usr/ports/Mk/Scripts to create CARGO_CRATES.
Your solution seems easier.
You can take maintainership of this port if you want.

Comment 6 commit-hook freebsd_committer

2024-05-28 17:14:58 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=a2441a424dbb04fbd70cdee0367ad9f57b0f86ce

commit a2441a424dbb04fbd70cdee0367ad9f57b0f86ce
Author:     Alan Somers <asomers@FreeBSD.org>
AuthorDate: 2024-05-24 17:25:58 +0000
Commit:     Alan Somers <asomers@FreeBSD.org>
CommitDate: 2024-05-28 17:14:01 +0000

    security/cargo-audit: version 0.20.0

    https://github.com/rustsec/rustsec/blob/main/cargo-audit/CHANGELOG.md#0200-2024-02-16

    Also, make ca_root_nss a RUN_DEPENDS to workaround
    https://github.com/rustsec/rustsec/issues/1137

    PR:             279260
    Approved by:    mikael (maintainer)

 security/cargo-audit/Makefile        |   8 +-
 security/cargo-audit/Makefile.crates | 177 ++++++-----------
 security/cargo-audit/distinfo        | 356 +++++++++++------------------------
 3 files changed, 166 insertions(+), 375 deletions(-)

Comment 7 Alan Somers freebsd_committer

2024-05-28 17:18:45 UTC

I just committed it.  Though, on second thought, a better strategy than setting CARGO_CARGOLOCK and WRKSRC_SUBDIR might just be to set CARGO_CARGOTOML.  That's what sysutils/gstat-rs does.