Gankra
commented
6 months ago I almost started doing this in #793 and then quickly backed off as the abyss of that PR grew deeper and deeper... but like doing this would make that change a lot cleaner.
Open Gankra opened 6 months ago
Gankra
commented
6 months ago I almost started doing this in #793 and then quickly backed off as the abyss of that PR grew deeper and deeper... but like doing this would make that change a lot cleaner.
ashleygwilliams
commented
4 months ago @Gankra is this "done" - i know that #848 at "worst" made a ton of progress here
mistydemeo
commented
3 months ago Checking in again - we made substantive changes in #848. Do you see us needing additional changes?
Gankra
commented
3 months ago Oh hmm! We should probably do a look over it at some point but I think yeah the main issues have been fixed. Although in a 1.0 we could breaks some parser compat and delete some lingering deprecated fields.
Gankra
commented
3 months ago Remaining work is deleting deprecated fields:
Gankra
commented
3 months ago Oh and maybe we should write some docs about philosophy/structure/patterns to follow when adding stuff to this
The cargo-dist dist-manifest.json format is an amalgam of bolted on concepts and features and needs a major cleanup.
per-machine info
dist-manifest is lacking a proper notion of "per-machine" output info, where things like linkage (what packages you dynamically linked, sdk/libc versions), toolchain-info (compiler version, os version), and unpredictable values (debuginfo, hashes) can be transferred. This info could be consumed by installers (checksums, sysdeps), checkers (complain about dynamic openssl), and receipts (SBOMs, attestation, reproducibility).
Linkage has a partial implementation but it's more "over there" and doesn't really scale.
The totally-global "system_info" subsection is a useless farce because of this.
remove changelogs
changelogs, like READMEs are a classic example of "arbitrary user input that can get infinitely long and cause serious issues to a metadata system". it should ideally not be contained in the dist-manifest. This raises some questions about where if anywhere oranda should get "clean" changelogs from, but at worst we can just teach it how to "strip" the autogen tables in a github release.