Open geiseri opened 5 months ago
you cannot disable the
openssl
feature due to #35694.
This is not right. You just have to be very explicit, and and there must be no reverse dependencies which prevent your choice.
Add a schannel feature flag that will disable OpenSSL ...
Provide a "negative" feature flag that would disable the openssl option ...
Features must be additive. Downstreams cannot take away what other downstream requested.
This is not right. You just have to be very explicit, and and there must be no reverse dependencies which prevent your choice.
I am not sure I follow here. I am using manifest mode and adding qtactiveqt
into the project, so that depends on qtbase
as such it uses default features, and ignores my setting.
If features must be additive then it seems to me that "Option 1" would be the best bet since on Windows it would seem that OpenSSL would be redundant.
Here is how I came to that conclusion:
PS C:\Users\geiseri\vcpkg> .\vcpkg.exe depend-info qtactiveqt
vcpkg-cmake:
vcpkg-cmake-config:
vcpkg-tool-meson:
zlib: vcpkg-cmake
brotli: vcpkg-cmake, vcpkg-cmake-config
bzip2[tool]: vcpkg-cmake
egl-registry:
libpng: vcpkg-cmake, vcpkg-cmake-config, zlib
pkgconf: vcpkg-tool-meson
vcpkg-cmake-get-vars: vcpkg-cmake
freetype[brotli, bzip2, zlib, png]: brotli, bzip2, libpng, vcpkg-cmake, vcpkg-cmake-config, zlib
lz4: vcpkg-cmake, vcpkg-cmake-config
opengl-registry: egl-registry
openssl: vcpkg-cmake, vcpkg-cmake-config, vcpkg-cmake-get-vars
vcpkg-pkgconfig-get-modules: pkgconf
double-conversion: vcpkg-cmake, vcpkg-cmake-config
harfbuzz[freetype]: freetype, vcpkg-tool-meson
icu[tools]:
libjpeg-turbo: vcpkg-cmake, vcpkg-cmake-config
libpq[lz4, openssl, zlib]: lz4, openssl, vcpkg-cmake-get-vars, vcpkg-pkgconfig-get-modules, zlib
opengl: opengl-registry
pcre2[platform-default-features, jit]: vcpkg-cmake, vcpkg-cmake-config
sqlite3[json1]: vcpkg-cmake, vcpkg-cmake-config
zstd: vcpkg-cmake, vcpkg-cmake-config
qtbase[brotli, concurrent, default-features, sql-sqlite, freetype, jpeg, dbus, gui, doubleconversion, harfbuzz, icu, network, opengl, openssl, pcre2, png, sql, sql-psql, testlib, thread, widgets, zstd]: brotli, double-conversion, freetype, harfbuzz, icu, libjpeg-turbo, libpng, libpq, opengl, openssl, pcre2, sqlite3, vcpkg-cmake, vcpkg-cmake-config, zlib, zstd
qtactiveqt: qtbase
Is that understanding incorrect?
I am using manifest mode and adding
qtactiveqt
into the project, so that depends onqtbase
as such it uses default features, and ignores my setting.
Show your manifest.
The point of default-features is that they are enabled if you don't ask for something else.
Here, you would also need to add qtbase
with "default-features": false
to your manifest (aka top-level manifest). It is under your control.
PS C:\Users\geiseri\vcpkg> .\vcpkg.exe depend-info qtactiveqt
depend-info
used to be very restricted. My recent contributions, part of the next tool update, will allow a more elaborate request:
$ ./vcpkg.mine depend-info qtactiveqt qtbase[core] --host-triplet x64-windows
vcpkg-cmake:
vcpkg-cmake-config:
egl-registry:
zlib: vcpkg-cmake
brotli: vcpkg-cmake, vcpkg-cmake-config
bzip2[tool]: vcpkg-cmake
libpng: vcpkg-cmake, vcpkg-cmake-config, zlib
opengl-registry: egl-registry
double-conversion: vcpkg-cmake, vcpkg-cmake-config
freetype[png, bzip2, zlib, brotli]: brotli, bzip2, libpng, vcpkg-cmake, vcpkg-cmake-config, zlib
opengl: opengl-registry
pcre2[platform-default-features, jit]: vcpkg-cmake, vcpkg-cmake-config
qtbase[thread, gui, widgets, freetype, doubleconversion]: double-conversion, freetype, opengl, pcre2, vcpkg-cmake, vcpkg-cmake-config, zlib
qtactiveqt: qtbase
In the meantime, you can try
vcpkg install --dry-run qtactiveqt qtbase[core] --host-triplet x64-windows
Here is my current manifest:
{
"name": "hive-windows-client",
"version-string": "v1.3.5",
"dependencies": [
{
"name": "qtbase",
"default-features": false,
"features": [
"concurrent",
"doubleconversion",
"freetype",
"gui",
"harfbuzz",
"icu",
"jpeg",
"network",
"opengl",
"pcre2",
"png",
"testlib",
"thread",
"widgets",
"zstd"
]
},
"qtimageformats",
"qtactiveqt",
"qtsvg",
"qtwebsockets",
"atlmfc",
"magic-enum",
{
"name": "spdlog",
"features": [
"wchar"
]
},
"cppwinrt",
"fmt",
"simonbrunel-qtpromise"
]
}
So if I run the vcpkg install
with those deps I see:
PS C:\Users\geiseri\vcpkg> .\vcpkg.exe install --dry-run qtactiveqt qtbase[core] qtimageformats qtwebsockets qtsvg atlmfc magic-enum spdlog[wchar] cppwinrt fmt simonbrunel-qtpromise --host-triplet x64-windows
Computing installation plan...
The following packages will be built and installed:
* atl:x64-windows@0
atlmfc:x64-windows@0#3
* brotli:x64-windows@1.1.0#1
* bzip2[core,tool]:x64-windows@1.0.8#5
cppwinrt:x64-windows@2.0.240111.5
* double-conversion:x64-windows@3.3.0
* egl-registry:x64-windows@2024-01-25
fmt:x64-windows@10.2.1#2
* freeglut:x64-windows@3.4.0#1
* freetype[brotli,bzip2,core,png,zlib]:x64-windows@2.13.2#1
* harfbuzz[core,freetype]:x64-windows@8.4.0
* icu[core,tools]:x64-windows@74.2#1
* jasper[core,default-features,opengl]:x64-windows@4.2.1
* libjpeg-turbo:x64-windows@3.0.2
* liblzma:x64-windows@5.4.4
* libpng:x64-windows@1.6.43
* libpq[core,lz4,openssl,zlib]:x64-windows@16.2#1
* libwebp[core,libwebpmux,nearlossless,simd,unicode]:x64-windows@1.3.2
* lz4:x64-windows@1.9.4#1
magic-enum:x64-windows@0.9.5
* opengl:x64-windows@2022-12-04#3
* opengl-registry:x64-windows@2024-02-10#1
* openssl:x64-windows@3.2.1#2
* pcre2[core,jit,platform-default-features]:x64-windows@10.42#2
* pkgconf:x64-windows@2.2.0
qtactiveqt:x64-windows@6.6.1
qtbase[brotli,concurrent,core,dbus,default-features,doubleconversion,freetype,gui,harfbuzz,icu,jpeg,network,opengl,openssl,pcre2,png,sql,sql-psql,sql-sqlite,testlib,thread,widgets,zstd]:x64-windows@6.6.1#12
qtimageformats[core,default-features,jasper,tiff,webp]:x64-windows@6.6.1#1
qtsvg:x64-windows@6.6.1#1
qtwebsockets:x64-windows@6.6.1#1
simonbrunel-qtpromise:x64-windows@0.7.0
spdlog[core,wchar]:x64-windows@1.13.0#1
* sqlite3[core,json1]:x64-windows@3.45.2
* tiff[core,jpeg,lzma,zip]:x64-windows@4.6.0#4
* vcpkg-cmake:x64-windows@2023-05-04
* vcpkg-cmake-config:x64-windows@2022-02-06#1
* vcpkg-cmake-get-vars:x64-windows@2023-12-31
* vcpkg-pkgconfig-get-modules:x64-windows@2023-09-06
* vcpkg-tool-meson:x64-windows@1.3.2#2
* zlib:x64-windows@1.3.1
* zstd:x64-windows@1.5.5#2
Additional packages (*) will be modified to complete this operation.
So after some mucking around I discovered that simonbrunel-qtpromise
is the offender.
If I understand correctly it would be because it has
"dependencies": [
"qtbase",
{
"name": "vcpkg-cmake",
"host": true
}
]
and not
"dependencies": [
{
"name": "qtbase",
"default-features": false
{
"name": "vcpkg-cmake",
"host": true
}
]
Indeed, simonbrunel-qtpromise
is a port which prevents the choice. And it shouldn't.
Is your feature request related to a problem? Please describe.
I am shipping on windows so I can use the
schannel
TLS backend instead of theopenssl
backend. Right now no matter what the OpenSSL libraries are shipped since you cannot disable theopenssl
feature due to #35694. While not normally an issue I would prefer to not have OpenSSL libraries in the final package because it causes customers "automated vulnerability scans" to trip every few months. Currently I have a step to manually delete the files from the install root before it is packaged.Proposed solution
This could be attacked one of three ways:
securetransport
on iOS. (Windows would always have schannel and Qt will autodetect that fact and compile it as long as nothing else disables it.)schannel
feature flag that will disable OpenSSL and enableschannel
similar to how thesecuretransport
feature flag works. (At least would give developers an option to explicitly use one or the other. Not sure if they would ever want both.)testilb
andsql
)Describe alternatives you've considered
I just copied the port files locally and removed openssl.
Additional context
No response