Package: sccache
Version: 0.4.0~~pre8-8
Severity: serious
Tags: patch
Recent updates to the rust crates in Debian mean that sccache needs a few
tweaks.
Firstly sccache has a dependency on librust-bstr+default-dev which seems
to be unused, we would appreciate it if you could drop this as it's
preventing decrufting after rust-bstr switched to collapse_features and
the cruft package seems to be causing spurious reports of puiparts
regressions.
Secondly base64 has been updated to 0.21, fixing sccache to build with
this means dropping the existing base64 patch and picking a new patch
from upstream.
Thirdly, there is an inconsistency between the Cargo dependency on
the semver crate and the Debian dependency. It looks like said
inconsistency was previously covered up by the Package being pulled in
indirectly but this is no longer the case.
A debdiff fixing all these issues is attached, If I get no response I
will probably NMU this in a few days.
diff -Nru sccache-0.4.0~~pre8/debian/changelog
sccache-0.4.0~~pre8/debian/changelog
--- sccache-0.4.0~~pre8/debian/changelog 2023-03-03 00:45:46.000000000
+0000
+++ sccache-0.4.0~~pre8/debian/changelog 2023-06-20 08:08:00.000000000
+0000
@@ -1,3 +1,15 @@
+sccache (0.4.0~~pre8-8.1) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload.
+ * Drop build-dependency on librust-bstr+default-dev, the crate doesn't
+ seem to use it directly and it's blocking decrufting.
+ * Drop patch for base64 0.13, add patch from upstream git for base64
+ 0.21 and update build-dependency accordingly.
+ * Update build-dependency from librust-semver-0.9+default-dev
+ to librust-semver-1.0+default-dev to match dependency in Cargo.toml.
+
+ -- Peter Michael Green <plugw...@debian.org> Tue, 20 Jun 2023 08:08:00 +0000
+
sccache (0.4.0~~pre8-8) unstable; urgency=medium
* fix pass cargo arguments also to subcommand install
diff -Nru sccache-0.4.0~~pre8/debian/control sccache-0.4.0~~pre8/debian/control
--- sccache-0.4.0~~pre8/debian/control 2023-02-12 15:34:42.000000000 +0000
+++ sccache-0.4.0~~pre8/debian/control 2023-06-20 08:08:00.000000000 +0000
@@ -13,10 +13,9 @@
librust-assert-cmd-2+default-dev <!nocheck>,
librust-async-trait-0.1+default-dev (>= 0.1.52),
librust-atty-0.2+default-dev,
- librust-base64-0.13+default-dev,
+ librust-base64-0.21+default-dev,
librust-bincode-1+default-dev,
librust-blake3-1+default-dev,
- librust-bstr+default-dev,
librust-byteorder-1+default-dev,
librust-bytes-1+default-dev,
librust-chrono-0.4+default-dev,
@@ -49,7 +48,7 @@
librust-reqwest-0.11+json-dev,
librust-reqwest-0.11+stream-dev,
librust-retry-2+default-dev,
- librust-semver-0.9+default-dev,
+ librust-semver-1.0+default-dev,
librust-serde-1+default-dev,
librust-serde-derive-1+default-dev,
librust-serde-json-1+default-dev,
diff -Nru sccache-0.4.0~~pre8/debian/patches/0001_base64.patch
sccache-0.4.0~~pre8/debian/patches/0001_base64.patch
--- sccache-0.4.0~~pre8/debian/patches/0001_base64.patch 1970-01-01
00:00:00.000000000 +0000
+++ sccache-0.4.0~~pre8/debian/patches/0001_base64.patch 2023-06-20
08:08:00.000000000 +0000
@@ -0,0 +1,133 @@
+This patch contains the parts of the upstream commit described below that
+relate to the update of the base64 crate. Cargo.lock changes are also excluded
+since Debian doesn't use Cargo.lock.
+
+commit 408ae947d7c36f0510695bc991438ce2e180d099
+Author: Xuanwo <git...@xuanwo.io>
+Date: Sun Feb 26 15:09:53 2023 +0800
+
+ deps: Bump toml and base64 (#1619)
+
+ Signed-off-by: Xuanwo <git...@xuanwo.io>
+
+diff --git a/Cargo.toml b/Cargo.toml
+index 964efa8..67fad6b 100644
+--- a/Cargo.toml
++++ b/Cargo.toml
+@@ -27,7 +27,7 @@ anyhow = "1.0"
+ ar = "0.9"
+ async-trait = "0.1"
+ atty = "0.2.6"
+-base64 = "0.20"
++base64 = "0.21"
+ bincode = "1"
+ blake3 = "1"
+ byteorder = "1.0"
+diff --git a/src/bin/sccache-dist/main.rs b/src/bin/sccache-dist/main.rs
+index effdb98..5975aeb 100644
+--- a/src/bin/sccache-dist/main.rs
++++ b/src/bin/sccache-dist/main.rs
+@@ -22,6 +22,7 @@ extern crate tar;
+ extern crate void;
+
+ use anyhow::{bail, Context, Error, Result};
++use base64::Engine;
+ use rand::{rngs::OsRng, RngCore};
+ use sccache::config::{
+ scheduler as scheduler_config, server as server_config,
INSECURE_DIST_CLIENT_TOKEN,
+@@ -144,7 +145,7 @@ fn run(command: Command) -> Result<i32> {
+ let mut bytes = vec![0; num_bytes];
+ OsRng.fill_bytes(&mut bytes);
+ // As long as it can be copied, it doesn't matter if this is
base64 or hex etc
+- println!("{}", base64::encode_engine(&bytes,
&BASE64_URL_SAFE_ENGINE));
++ println!("{}", BASE64_URL_SAFE_ENGINE.encode(bytes));
+ Ok(0)
+ }
+ Command::Auth(AuthSubcommand::JwtHS256ServerToken {
+@@ -152,7 +153,7 @@ fn run(command: Command) -> Result<i32> {
+ server_id,
+ }) => {
+ let header = jwt::Header::new(jwt::Algorithm::HS256);
+- let secret_key = base64::decode_engine(&secret_key,
&BASE64_URL_SAFE_ENGINE)?;
++ let secret_key = BASE64_URL_SAFE_ENGINE.decode(&secret_key)?;
+ let token = create_jwt_server_token(server_id, &header,
&secret_key)
+ .context("Failed to create server token")?;
+ println!("{}", token);
+@@ -197,7 +198,8 @@ fn run(command: Command) -> Result<i32> {
+ Box::new(move |server_token|
check_server_token(server_token, &token))
+ }
+ scheduler_config::ServerAuth::JwtHS256 { secret_key } => {
+- let secret_key = base64::decode_engine(&secret_key,
&BASE64_URL_SAFE_ENGINE)
++ let secret_key = BASE64_URL_SAFE_ENGINE
++ .decode(&secret_key)
+ .context("Secret key base64 invalid")?;
+ if secret_key.len() != 256 / 8 {
+ bail!("Size of secret key incorrect")
+diff --git a/src/bin/sccache-dist/token_check.rs
b/src/bin/sccache-dist/token_check.rs
+index 0f1c7b6..ef56c91 100644
+--- a/src/bin/sccache-dist/token_check.rs
++++ b/src/bin/sccache-dist/token_check.rs
+@@ -1,5 +1,6 @@
+ use crate::jwt;
+ use anyhow::{bail, Context, Result};
++use base64::Engine;
+ use sccache::dist::http::{ClientAuthCheck, ClientVisibleMsg};
+ use sccache::util::{new_reqwest_blocking_client, BASE64_URL_SAFE_ENGINE};
+ use std::collections::HashMap;
+@@ -29,9 +30,11 @@ impl Jwk {
+ }
+
+ // JWK is big-endian, openssl bignum from_slice is big-endian
+- let n = base64::decode_engine(&self.n, &BASE64_URL_SAFE_ENGINE)
++ let n = BASE64_URL_SAFE_ENGINE
++ .decode(&self.n)
+ .context("Failed to base64 decode n")?;
+- let e = base64::decode_engine(&self.e, &BASE64_URL_SAFE_ENGINE)
++ let e = BASE64_URL_SAFE_ENGINE
++ .decode(&self.e)
+ .context("Failed to base64 decode e")?;
+ let n_bn = openssl::bn::BigNum::from_slice(&n)
+ .context("Failed to create openssl bignum from n")?;
+diff --git a/src/dist/client_auth.rs b/src/dist/client_auth.rs
+index 0991713..c61a959 100644
+--- a/src/dist/client_auth.rs
++++ b/src/dist/client_auth.rs
+@@ -86,6 +86,7 @@ mod code_grant_pkce {
+ };
+ use crate::util::new_reqwest_blocking_client;
+ use crate::util::BASE64_URL_SAFE_ENGINE;
++ use base64::Engine;
+ use futures::channel::oneshot;
+ use hyper::{Body, Method, Request, Response, StatusCode};
+ use rand::{rngs::OsRng, RngCore};
+@@ -146,10 +147,10 @@ mod code_grant_pkce {
+ pub fn generate_verifier_and_challenge() -> Result<(String, String)> {
+ let mut code_verifier_bytes = vec![0; NUM_CODE_VERIFIER_BYTES];
+ OsRng.fill_bytes(&mut code_verifier_bytes);
+- let code_verifier = base64::encode_engine(&code_verifier_bytes,
&BASE64_URL_SAFE_ENGINE);
++ let code_verifier =
BASE64_URL_SAFE_ENGINE.encode(&code_verifier_bytes);
+ let mut hasher = Sha256::new();
+ hasher.update(&code_verifier);
+- let code_challenge = base64::encode_engine(hasher.finalize(),
&BASE64_URL_SAFE_ENGINE);
++ let code_challenge = BASE64_URL_SAFE_ENGINE.encode(hasher.finalize());
+ Ok((code_verifier, code_challenge))
+ }
+
+diff --git a/src/util.rs b/src/util.rs
+index e4d04f7..24a57e4 100644
+--- a/src/util.rs
++++ b/src/util.rs
+@@ -31,11 +31,8 @@ use std::time::Duration;
+ use crate::errors::*;
+
+ /// The url safe engine for base64.
+-pub const BASE64_URL_SAFE_ENGINE: base64::engine::fast_portable::FastPortable
=
+- base64::engine::fast_portable::FastPortable::from(
+- &base64::alphabet::URL_SAFE,
+- base64::engine::fast_portable::NO_PAD,
+- );
++pub const BASE64_URL_SAFE_ENGINE: base64::engine::GeneralPurpose =
++ base64::engine::general_purpose::URL_SAFE_NO_PAD;
+
+ #[derive(Clone)]
+ pub struct Digest {
diff -Nru sccache-0.4.0~~pre8/debian/patches/2010_base64.patch
sccache-0.4.0~~pre8/debian/patches/2010_base64.patch
--- sccache-0.4.0~~pre8/debian/patches/2010_base64.patch 2023-02-24
08:20:36.000000000 +0000
+++ sccache-0.4.0~~pre8/debian/patches/2010_base64.patch 1970-01-01
00:00:00.000000000 +0000
@@ -1,127 +0,0 @@
-Description: use older crate base64
- Needed to match Debian-packaged base64 v0.13.0.
- .
- This essentially reverts upstream git commit 9bf4e41.
-Author: Jonas Smedegaard <d...@jones.dk>
-Bug-Debian: https://bugs.debian.org/1026812
-Last-Update: 2022-12-22
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
---- a/Cargo.toml
-+++ b/Cargo.toml
-@@ -27,7 +27,7 @@
- ar = "0.9"
- async-trait = "0.1"
- atty = "0.2.6"
--base64 = "0.20"
-+base64 = "0.13"
- bincode = "1"
- blake3 = "1"
- byteorder = "1.0"
---- a/src/bin/sccache-dist/main.rs
-+++ b/src/bin/sccache-dist/main.rs
-@@ -34,7 +34,6 @@
- UpdateJobStateResult,
- };
- use sccache::util::daemonize;
--use sccache::util::BASE64_URL_SAFE_ENGINE;
- use std::collections::{btree_map, BTreeMap, HashMap, HashSet};
- use std::env;
- use std::io;
-@@ -144,7 +143,7 @@
- let mut bytes = vec![0; num_bytes];
- OsRng.fill_bytes(&mut bytes);
- // As long as it can be copied, it doesn't matter if this is
base64 or hex etc
-- println!("{}", base64::encode_engine(&bytes,
&BASE64_URL_SAFE_ENGINE));
-+ println!("{}", base64::encode_config(&bytes,
base64::URL_SAFE_NO_PAD));
- Ok(0)
- }
- Command::Auth(AuthSubcommand::JwtHS256ServerToken {
-@@ -152,7 +151,7 @@
- server_id,
- }) => {
- let header = jwt::Header::new(jwt::Algorithm::HS256);
-- let secret_key = base64::decode_engine(&secret_key,
&BASE64_URL_SAFE_ENGINE)?;
-+ let secret_key = base64::decode_config(&secret_key,
base64::URL_SAFE_NO_PAD)?;
- let token = create_jwt_server_token(server_id, &header,
&secret_key)
- .context("Failed to create server token")?;
- println!("{}", token);
-@@ -197,7 +196,7 @@
- Box::new(move |server_token|
check_server_token(server_token, &token))
- }
- scheduler_config::ServerAuth::JwtHS256 { secret_key } => {
-- let secret_key = base64::decode_engine(&secret_key,
&BASE64_URL_SAFE_ENGINE)
-+ let secret_key = base64::decode_config(&secret_key,
base64::URL_SAFE_NO_PAD)
- .context("Secret key base64 invalid")?;
- if secret_key.len() != 256 / 8 {
- bail!("Size of secret key incorrect")
---- a/src/bin/sccache-dist/token_check.rs
-+++ b/src/bin/sccache-dist/token_check.rs
-@@ -1,7 +1,7 @@
- use crate::jwt;
- use anyhow::{bail, Context, Result};
- use sccache::dist::http::{ClientAuthCheck, ClientVisibleMsg};
--use sccache::util::{new_reqwest_blocking_client, BASE64_URL_SAFE_ENGINE};
-+use sccache::util::new_reqwest_blocking_client;
- use std::collections::HashMap;
- use std::result::Result as StdResult;
- use std::sync::Mutex;
-@@ -29,9 +29,9 @@
- }
-
- // JWK is big-endian, openssl bignum from_slice is big-endian
-- let n = base64::decode_engine(&self.n, &BASE64_URL_SAFE_ENGINE)
-+ let n = base64::decode_config(&self.n, base64::URL_SAFE)
- .context("Failed to base64 decode n")?;
-- let e = base64::decode_engine(&self.e, &BASE64_URL_SAFE_ENGINE)
-+ let e = base64::decode_config(&self.e, base64::URL_SAFE)
- .context("Failed to base64 decode e")?;
- let n_bn = openssl::bn::BigNum::from_slice(&n)
- .context("Failed to create openssl bignum from n")?;
---- a/src/dist/client_auth.rs
-+++ b/src/dist/client_auth.rs
-@@ -85,7 +85,6 @@
- REDIRECT_WITH_AUTH_JSON,
- };
- use crate::util::new_reqwest_blocking_client;
-- use crate::util::BASE64_URL_SAFE_ENGINE;
- use futures::channel::oneshot;
- use hyper::{Body, Method, Request, Response, StatusCode};
- use rand::{rngs::OsRng, RngCore};
-@@ -110,7 +109,6 @@
- // Code response - https://tools.ietf.org/html/rfc6749#section-4.1.2
- const CODE_RESULT_PARAM: &str = "code";
- const STATE_RESULT_PARAM: &str = "state";
--
- // Token request - https://tools.ietf.org/html/rfc7636#section-4.5
- #[derive(Serialize)]
- struct TokenRequest<'a> {
-@@ -146,10 +144,10 @@
- pub fn generate_verifier_and_challenge() -> Result<(String, String)> {
- let mut code_verifier_bytes = vec![0; NUM_CODE_VERIFIER_BYTES];
- OsRng.fill_bytes(&mut code_verifier_bytes);
-- let code_verifier = base64::encode_engine(&code_verifier_bytes,
&BASE64_URL_SAFE_ENGINE);
-+ let code_verifier = base64::encode_config(&code_verifier_bytes,
base64::URL_SAFE_NO_PAD);
- let mut hasher = Sha256::new();
- hasher.update(&code_verifier);
-- let code_challenge = base64::encode_engine(hasher.finalize(),
&BASE64_URL_SAFE_ENGINE);
-+ let code_challenge = base64::encode_config(hasher.finalize(),
base64::URL_SAFE_NO_PAD);
- Ok((code_verifier, code_challenge))
- }
-
---- a/src/util.rs
-+++ b/src/util.rs
-@@ -30,13 +30,6 @@
-
- use crate::errors::*;
-
--/// The url safe engine for base64.
--pub const BASE64_URL_SAFE_ENGINE: base64::engine::fast_portable::FastPortable
=
-- base64::engine::fast_portable::FastPortable::from(
-- &base64::alphabet::URL_SAFE,
-- base64::engine::fast_portable::NO_PAD,
-- );
--
- #[derive(Clone)]
- pub struct Digest {
- inner: blake3_Hasher,
diff -Nru sccache-0.4.0~~pre8/debian/patches/series
sccache-0.4.0~~pre8/debian/patches/series
--- sccache-0.4.0~~pre8/debian/patches/series 2023-02-24 08:20:36.000000000
+0000
+++ sccache-0.4.0~~pre8/debian/patches/series 2023-06-20 08:08:00.000000000
+0000
@@ -1,3 +1,4 @@
+0001_base64.patch
1001_optional_tests.patch
1006_tests_network.patch
2001_no_dist-server.patch
@@ -9,7 +10,6 @@
2007_sha2.patch
2008_assert_cmd.patch
2009_thirtyfour_sync.patch
-2010_base64.patch
2011_serial_test.patch
2012_predicates.patch
2013_fs_err.patch
