GNU bug report logs - #76444
[PATCH] Blind update of Hanwen's go-fuse broke Gocryptfs

Previous Next

To reply to this bug, email your comments to 76444 AT debbugs.gnu.org.
There is no need to reopen the bug first.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Felix Lechner <felix.lechner <at> lease-up.com>
To: bug-guix <at> gnu.org
Subject: [PATCH] Blind update of Hanwen's go-fuse broke Gocryptfs
Date: Thu, 20 Feb 2025 10:59:21 -0800

Package: guix
Severity: grave
Tags: patch

Hi,

The blind update of Hanwen's go-fuse to 2.7.2 [1] broke Gocryptfs. [2]

I have a working patch, which will appear here shortly.

As a general note, I disagree with Guix's stance to diverge from go.mod
when present.  I spent several hours tracking down the error and testing
the fix (not to mention bothering upstream) for nothing.  It should have
never happened

Meanwhile, I was unable to log in. [3]

It is a gross overestimation that the Go team can outsmart upstream
developers who provide a specific list of prerequisites.  It's also an
error because packaging Goland prerequisites---if one can call it
that---involves no more than tarring up source files.  That step has few
prerequisites and rebuids are rare.  Multiple source versions do not
burden the substitute servers.

The security argument is likewise bogus, as this bug shows.  Any changes
to the prerequisites should be submitted upstream (or be patched when
upstream is unresponsive).

There are several ways to implement prerequisite tracking: Maybe it's
switching package variables to functions that pull the correct version
(or commit).  The consuming package definition should then be generated
from go.mod when present.  Thanks!

Kind regards
Felix

P.S. Sharlatan, thanks for fixing Bug#71795!

[1] https://git.savannah.gnu.org/cgit/guix.git/commit/?id=d12c7edb32e3a3b2f57e8afee7ddcf4f7015363e
[2] https://github.com/rfjakob/gocryptfs/issues/897
[3] https://debbugs.gnu.org/cgi/bugreport.cgi?bug=76105#11

Message #8 received at 76444 <at> debbugs.gnu.org (full text, mbox):

From: Felix Lechner <felix.lechner <at> lease-up.com>
To: 76444 <at> debbugs.gnu.org
Cc: Felix Lechner <felix.lechner <at> lease-up.com>
Subject: [PATCH v1] gnu: go-github-com-hanwen-go-fuse-v2: Downgrade to 2.5.0.
 (Closes: #76444)
Date: Thu, 20 Feb 2025 11:26:27 -0800

Change-Id: Idf9059dc969b3c4447e2576ae0601199f20e2525
---
 gnu/packages/golang-xyz.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/golang-xyz.scm b/gnu/packages/golang-xyz.scm
index 2539311e1b..67957caae0 100644
--- a/gnu/packages/golang-xyz.scm
+++ b/gnu/packages/golang-xyz.scm
@@ -6886,7 +6886,7 @@ (define-public go-github-com-hanwen-go-fuse-v2
   (package
     (inherit go-github-com-hanwen-go-fuse)
     (name "go-github-com-hanwen-go-fuse-v2")
-    (version "2.7.2")
+    (version "2.5.0")  ;check go,mod in gocryptfs before upgrading
     (source
      (origin
        (method git-fetch)
@@ -6895,7 +6895,7 @@ (define-public go-github-com-hanwen-go-fuse-v2
              (commit (string-append "v" version))))
        (file-name (git-file-name name version))
        (sha256
-        (base32 "1fcf94chf9ffgjk0wcpnlz0kfb69m2fwzfn4k348kal75x178aar"))))
+        (base32 "0wgx8gwimgf7rp7j23cl6bxx1gzzarda2kqz91i64ydc124jsqmr"))))
     (build-system go-build-system)
     (arguments
      (substitute-keyword-arguments

base-commit: 40e83f8f72fc831c94dc6d42664be50db755344b
-- 
2.48.1

Message #11 received at 76444 <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: Felix Lechner via Bug reports for GNU Guix <bug-guix <at> gnu.org>
Cc: 76444 <at> debbugs.gnu.org, Katherine Cox-Buday <cox.katherine.e+guix <at> gmail.com>,
 Sharlatan Hellseher <sharlatanus <at> gmail.com>
Subject: Re: bug#76444: [PATCH] Blind update of Hanwen's go-fuse broke
 Gocryptfs
Date: Thu, 20 Feb 2025 15:44:44 -0500

On Thu, Feb 20, 2025 at 10:59:21AM -0800, Felix Lechner via Bug reports for GNU Guix wrote:
> The blind update of Hanwen's go-fuse to 2.7.2 [1] broke Gocryptfs. [2]

Hi, thanks for debugging and sending a patch. What do you mean by
"blind" in this context?

> As a general note, I disagree with Guix's stance to diverge from go.mod
> when present.

Agreed, I think we need to rethink how we package Go software. But as
always, the people doing the work should have the final say, and I'm not
doing that work these days.

Message #17 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: Felix Lechner via Bug reports for GNU Guix <bug-guix <at> gnu.org>
Cc: 76444-done <at> debbugs.gnu.org, Felix Lechner <felix.lechner <at> lease-up.com>
Subject: Re: bug#76444: [PATCH v1] gnu: go-github-com-hanwen-go-fuse-v2:
 Downgrade to 2.5.0. (Closes: #76444)
Date: Thu, 20 Feb 2025 16:03:18 -0500

On Thu, Feb 20, 2025 at 11:26:27AM -0800, Felix Lechner via Bug reports for GNU Guix wrote:
> Change-Id: Idf9059dc969b3c4447e2576ae0601199f20e2525

I wrote the commit message and pushed as
1ce2226aec1e5b5f5cdeff47c0452a46e6c608a5

Message #25 received at 76444 <at> debbugs.gnu.org (full text, mbox):

From: Sharlatan Hellseher <sharlatanus <at> gmail.com>
To: 76444 <at> debbugs.gnu.org
Cc: guix-devel <at> gnu.org, felix.lechner <at> lease-up.com, leo <at> famulari.name
Subject: [PATCH] Blind update of Hanwen's go-fuse broke Gocryptfs
Date: Thu, 20 Feb 2025 22:01:06 +0000

[Message part 1 (text/plain, inline)]

Hi,

It's might be me for few months (14+) updating the Golang stack in Guix
to some workable fresh state to bring new projects in.

Few steps are taken in place:
- make sure ALL tests are enabled by providing ./... to "go test"
- make sure as much tests passed as possible
- make sure the final executable at list can be run

After that applied there are 100% of packages which use go-build-system
are buildable right now.

What is not tested:
- all features or breaking changes on runtime which requires much more
time and familiarity with software

Please open issues with CC go-team for any optimizations on that process
;-) feel free to submit more patches!

And yeah, let's grow the go-team with more volunteers.
 wV
---
Oleg

[signature.asc (application/pgp-signature, inline)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.