This is an automated email from the ASF dual-hosted git repository.
kou pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/arrow.git
The following commit(s) were added to refs/heads/master by this push:
new b90e7dd ARROW-13787: [C++] Verify third-party downloads
b90e7dd is described below
commit b90e7ddfc9a2d18366322868eca1e1d7c562123d
Author: karldw <[email protected]>
AuthorDate: Sun Aug 29 05:58:32 2021 +0900
ARROW-13787: [C++] Verify third-party downloads
Closes #11021 from karldw/checksum-thirdparty
Authored-by: karldw <[email protected]>
Signed-off-by: Sutou Kouhei <[email protected]>
---
cpp/cmake_modules/ThirdpartyToolchain.cmake | 33 ++++++++++++++++++++++++++---
cpp/thirdparty/versions.txt | 29 ++++++++++++++++++++++++-
2 files changed, 58 insertions(+), 4 deletions(-)
diff --git a/cpp/cmake_modules/ThirdpartyToolchain.cmake
b/cpp/cmake_modules/ThirdpartyToolchain.cmake
index 7390b0a..9c4da8b 100644
--- a/cpp/cmake_modules/ThirdpartyToolchain.cmake
+++ b/cpp/cmake_modules/ThirdpartyToolchain.cmake
@@ -769,6 +769,7 @@ macro(build_boost)
externalproject_add(boost_ep
URL ${BOOST_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_BOOST_BUILD_SHA256_CHECKSUM}"
BUILD_BYPRODUCTS ${BOOST_BUILD_PRODUCTS}
BUILD_IN_SOURCE 1
CONFIGURE_COMMAND ${BOOST_CONFIGURE_COMMAND}
@@ -781,7 +782,8 @@ macro(build_boost)
BUILD_COMMAND ""
CONFIGURE_COMMAND ""
INSTALL_COMMAND ""
- URL ${BOOST_SOURCE_URL})
+ URL ${BOOST_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_BOOST_BUILD_SHA256_CHECKSUM}")
endif()
set(Boost_INCLUDE_DIR "${BOOST_PREFIX}")
set(Boost_INCLUDE_DIRS "${Boost_INCLUDE_DIR}")
@@ -938,6 +940,7 @@ macro(build_snappy)
BUILD_IN_SOURCE 1
INSTALL_DIR ${SNAPPY_PREFIX}
URL ${SNAPPY_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_SNAPPY_BUILD_SHA256_CHECKSUM}"
CMAKE_ARGS ${SNAPPY_CMAKE_ARGS}
BUILD_BYPRODUCTS "${SNAPPY_STATIC_LIB}")
@@ -987,6 +990,7 @@ macro(build_brotli)
externalproject_add(brotli_ep
URL ${BROTLI_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_BROTLI_BUILD_SHA256_CHECKSUM}"
BUILD_BYPRODUCTS "${BROTLI_STATIC_LIBRARY_ENC}"
"${BROTLI_STATIC_LIBRARY_DEC}"
"${BROTLI_STATIC_LIBRARY_COMMON}"
@@ -1126,6 +1130,7 @@ macro(build_glog)
-DCMAKE_CXX_FLAGS=${GLOG_CMAKE_CXX_FLAGS})
externalproject_add(glog_ep
URL ${GLOG_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_GLOG_BUILD_SHA256_CHECKSUM}"
BUILD_IN_SOURCE 1
BUILD_BYPRODUCTS "${GLOG_STATIC_LIB}"
CMAKE_ARGS ${GLOG_CMAKE_ARGS} ${EP_LOG_OPTIONS})
@@ -1191,6 +1196,7 @@ macro(build_gflags)
file(MAKE_DIRECTORY "${GFLAGS_INCLUDE_DIR}")
externalproject_add(gflags_ep
URL ${GFLAGS_SOURCE_URL} ${EP_LOG_OPTIONS}
+ URL_HASH "SHA256=${ARROW_GFLAGS_BUILD_SHA256_CHECKSUM}"
BUILD_IN_SOURCE 1
BUILD_BYPRODUCTS "${GFLAGS_STATIC_LIB}"
CMAKE_ARGS ${GFLAGS_CMAKE_ARGS})
@@ -1295,7 +1301,7 @@ macro(build_thrift)
externalproject_add(thrift_ep
URL ${THRIFT_SOURCE_URL}
- URL_HASH "MD5=${ARROW_THRIFT_BUILD_MD5_CHECKSUM}"
+ URL_HASH "SHA256=${ARROW_THRIFT_BUILD_SHA256_CHECKSUM}"
BUILD_BYPRODUCTS "${THRIFT_STATIC_LIB}"
CMAKE_ARGS ${THRIFT_CMAKE_ARGS}
DEPENDS ${THRIFT_DEPENDENCIES} ${EP_LOG_OPTIONS})
@@ -1387,7 +1393,8 @@ macro(build_protobuf)
BUILD_BYPRODUCTS "${PROTOBUF_STATIC_LIB}"
"${PROTOBUF_COMPILER}"
${EP_LOG_OPTIONS}
BUILD_IN_SOURCE 1
- URL ${PROTOBUF_SOURCE_URL})
+ URL ${PROTOBUF_SOURCE_URL}
+ URL_HASH
"SHA256=${ARROW_PROTOBUF_BUILD_SHA256_CHECKSUM}")
file(MAKE_DIRECTORY "${PROTOBUF_INCLUDE_DIR}")
@@ -1537,6 +1544,7 @@ if(ARROW_JEMALLOC)
endif()
externalproject_add(jemalloc_ep
URL ${JEMALLOC_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_JEMALLOC_BUILD_SHA256_CHECKSUM}"
PATCH_COMMAND touch doc/jemalloc.3 doc/jemalloc.html
# The prefix "je_arrow_" must be kept in
sync with the value in memory_pool.cc
CONFIGURE_COMMAND ${JEMALLOC_CONFIGURE_COMMAND}
@@ -1593,6 +1601,7 @@ if(ARROW_MIMALLOC)
externalproject_add(mimalloc_ep
URL ${MIMALLOC_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_MIMALLOC_BUILD_SHA256_CHECKSUM}"
CMAKE_ARGS ${MIMALLOC_CMAKE_ARGS}
BUILD_BYPRODUCTS "${MIMALLOC_STATIC_LIB}")
@@ -1681,6 +1690,7 @@ macro(build_gtest)
externalproject_add(googletest_ep
URL ${GTEST_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_GTEST_BUILD_SHA256_CHECKSUM}"
BUILD_BYPRODUCTS ${GTEST_SHARED_LIB}
${GTEST_MAIN_SHARED_LIB}
${GMOCK_SHARED_LIB}
CMAKE_ARGS ${GTEST_CMAKE_ARGS} ${EP_LOG_OPTIONS})
@@ -1825,6 +1835,7 @@ macro(build_benchmark)
externalproject_add(gbenchmark_ep
URL ${GBENCHMARK_SOURCE_URL}
+ URL_HASH
"SHA256=${ARROW_GBENCHMARK_BUILD_SHA256_CHECKSUM}"
BUILD_BYPRODUCTS "${GBENCHMARK_STATIC_LIB}"
"${GBENCHMARK_MAIN_STATIC_LIB}"
CMAKE_ARGS ${GBENCHMARK_CMAKE_ARGS} ${EP_LOG_OPTIONS})
@@ -1878,6 +1889,7 @@ macro(build_rapidjson)
${EP_LOG_OPTIONS}
PREFIX "${CMAKE_BINARY_DIR}"
URL ${RAPIDJSON_SOURCE_URL}
+ URL_HASH
"SHA256=${ARROW_RAPIDJSON_BUILD_SHA256_CHECKSUM}"
CMAKE_ARGS ${RAPIDJSON_CMAKE_ARGS})
set(RAPIDJSON_INCLUDE_DIR "${RAPIDJSON_PREFIX}/include")
@@ -1916,6 +1928,7 @@ macro(build_xsimd)
${EP_LOG_OPTIONS}
PREFIX "${CMAKE_BINARY_DIR}"
URL ${XSIMD_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_XSIMD_BUILD_SHA256_CHECKSUM}"
CMAKE_ARGS ${XSIMD_CMAKE_ARGS})
set(XSIMD_INCLUDE_DIR "${XSIMD_PREFIX}/include")
@@ -1952,6 +1965,7 @@ macro(build_zlib)
externalproject_add(zlib_ep
URL ${ZLIB_SOURCE_URL} ${EP_LOG_OPTIONS}
+ URL_HASH "SHA256=${ARROW_ZLIB_BUILD_SHA256_CHECKSUM}"
BUILD_BYPRODUCTS "${ZLIB_STATIC_LIB}"
CMAKE_ARGS ${ZLIB_CMAKE_ARGS})
@@ -2007,6 +2021,7 @@ macro(build_lz4)
# We need to copy the header in lib to directory outside of the build
externalproject_add(lz4_ep
URL ${LZ4_SOURCE_URL} ${EP_LOG_OPTIONS}
+ URL_HASH "SHA256=${ARROW_LZ4_BUILD_SHA256_CHECKSUM}"
UPDATE_COMMAND ${CMAKE_COMMAND} -E copy_directory
"${LZ4_BUILD_DIR}/lib"
"${LZ4_PREFIX}/include"
${LZ4_PATCH_COMMAND}
@@ -2075,6 +2090,7 @@ macro(build_zstd)
SOURCE_SUBDIR "build/cmake"
INSTALL_DIR ${ZSTD_PREFIX}
URL ${ZSTD_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_ZSTD_BUILD_SHA256_CHECKSUM}"
BUILD_BYPRODUCTS "${ZSTD_STATIC_LIB}")
file(MAKE_DIRECTORY "${ZSTD_PREFIX}/include")
@@ -2136,6 +2152,7 @@ macro(build_re2)
${EP_LOG_OPTIONS}
INSTALL_DIR ${RE2_PREFIX}
URL ${RE2_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_RE2_BUILD_SHA256_CHECKSUM}"
CMAKE_ARGS ${RE2_CMAKE_ARGS}
BUILD_BYPRODUCTS "${RE2_STATIC_LIB}")
@@ -2194,6 +2211,7 @@ macro(build_bzip2)
${BZIP2_EXTRA_ARGS}
INSTALL_DIR ${BZIP2_PREFIX}
URL ${ARROW_BZIP2_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_BZIP2_BUILD_SHA256_CHECKSUM}"
BUILD_BYPRODUCTS "${BZIP2_STATIC_LIB}")
file(MAKE_DIRECTORY "${BZIP2_PREFIX}/include")
@@ -2248,6 +2266,7 @@ macro(build_utf8proc)
CMAKE_ARGS ${UTF8PROC_CMAKE_ARGS}
INSTALL_DIR ${UTF8PROC_PREFIX}
URL ${ARROW_UTF8PROC_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_UTF8PROC_BUILD_SHA256_CHECKSUM}"
BUILD_BYPRODUCTS "${UTF8PROC_STATIC_LIB}")
file(MAKE_DIRECTORY "${UTF8PROC_PREFIX}/include")
@@ -2309,6 +2328,7 @@ macro(build_cares)
externalproject_add(cares_ep
${EP_LOG_OPTIONS}
URL ${CARES_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_CARES_BUILD_SHA256_CHECKSUM}"
CMAKE_ARGS ${CARES_CMAKE_ARGS}
BUILD_BYPRODUCTS "${CARES_STATIC_LIB}")
@@ -2399,6 +2419,7 @@ macro(build_grpc)
externalproject_add(absl_ep
${EP_LOG_OPTIONS}
URL ${ABSL_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_ABSL_BUILD_SHA256_CHECKSUM}"
CMAKE_ARGS ${ABSL_CMAKE_ARGS}
BUILD_BYPRODUCTS ${ABSL_BUILD_BYPRODUCTS})
@@ -2507,6 +2528,7 @@ macro(build_grpc)
# vendored dependencies such as c-ares...
externalproject_add(grpc_ep
URL ${GRPC_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_GRPC_BUILD_SHA256_CHECKSUM}"
LIST_SEPARATOR |
BUILD_BYPRODUCTS ${GRPC_STATIC_LIBRARY_GPR}
${GRPC_STATIC_LIBRARY_GRPC}
@@ -2702,6 +2724,7 @@ macro(build_orc)
externalproject_add(orc_ep
URL ${ORC_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_ORC_BUILD_SHA256_CHECKSUM}"
BUILD_BYPRODUCTS ${ORC_STATIC_LIB}
CMAKE_ARGS ${ORC_CMAKE_ARGS} ${EP_LOG_OPTIONS})
@@ -2812,6 +2835,7 @@ macro(build_awssdk)
externalproject_add(aws_c_common_ep
${EP_LOG_OPTIONS}
URL ${AWS_C_COMMON_SOURCE_URL}
+ URL_HASH
"SHA256=${ARROW_AWS_C_COMMON_BUILD_SHA256_CHECKSUM}"
CMAKE_ARGS ${AWSSDK_COMMON_CMAKE_ARGS}
BUILD_BYPRODUCTS ${AWS_C_COMMON_STATIC_LIBRARY})
add_dependencies(AWS::aws-c-common aws_c_common_ep)
@@ -2819,6 +2843,7 @@ macro(build_awssdk)
externalproject_add(aws_checksums_ep
${EP_LOG_OPTIONS}
URL ${AWS_CHECKSUMS_SOURCE_URL}
+ URL_HASH
"SHA256=${ARROW_AWS_CHECKSUMS_BUILD_SHA256_CHECKSUM}"
CMAKE_ARGS ${AWSSDK_COMMON_CMAKE_ARGS}
BUILD_BYPRODUCTS ${AWS_CHECKSUMS_STATIC_LIBRARY}
DEPENDS aws_c_common_ep)
@@ -2827,6 +2852,7 @@ macro(build_awssdk)
externalproject_add(aws_c_event_stream_ep
${EP_LOG_OPTIONS}
URL ${AWS_C_EVENT_STREAM_SOURCE_URL}
+ URL_HASH
"SHA256=${ARROW_AWS_C_EVENT_STREAM_BUILD_SHA256_CHECKSUM}"
CMAKE_ARGS ${AWSSDK_COMMON_CMAKE_ARGS}
BUILD_BYPRODUCTS ${AWS_C_EVENT_STREAM_STATIC_LIBRARY}
DEPENDS aws_checksums_ep)
@@ -2835,6 +2861,7 @@ macro(build_awssdk)
externalproject_add(awssdk_ep
${EP_LOG_OPTIONS}
URL ${AWSSDK_SOURCE_URL}
+ URL_HASH "SHA256=${ARROW_AWSSDK_BUILD_SHA256_CHECKSUM}"
CMAKE_ARGS ${AWSSDK_CMAKE_ARGS}
BUILD_BYPRODUCTS
${AWS_CPP_SDK_COGNITO_IDENTITY_STATIC_LIBRARY}
${AWS_CPP_SDK_CORE_STATIC_LIBRARY}
diff --git a/cpp/thirdparty/versions.txt b/cpp/thirdparty/versions.txt
index 1b1e602..8021914 100644
--- a/cpp/thirdparty/versions.txt
+++ b/cpp/thirdparty/versions.txt
@@ -25,38 +25,65 @@
# Abseil LTS branch, Sept 2020, Patch 2
ARROW_ABSL_BUILD_VERSION=0f3bb466b868b523cf1dc9b2aaaed65c77b28862
+ARROW_ABSL_BUILD_SHA256_CHECKSUM=3d74cdc98b42fd4257d91f652575206de195e2c824fcd8d6e6d227f85cb143ef
ARROW_AWSSDK_BUILD_VERSION=1.8.133
+ARROW_AWSSDK_BUILD_SHA256_CHECKSUM=d6c495bc06be5e21dac716571305d77437e7cfd62a2226b8fe48d9ab5785a8d6
ARROW_AWS_CHECKSUMS_BUILD_VERSION=v0.1.10
+ARROW_AWS_CHECKSUMS_BUILD_SHA256_CHECKSUM=c9d0100a5743765fc8034e34e2310f77f59b1adab6f2e2f2d4d2a3bd81b2a36d
ARROW_AWS_C_COMMON_BUILD_VERSION=v0.5.10
+ARROW_AWS_C_COMMON_BUILD_SHA256_CHECKSUM=ff9c33f427c12b56821110330d9b18b54f076f4b9f66a5bb13bcada305256b8e
ARROW_AWS_C_EVENT_STREAM_BUILD_VERSION=v0.1.5
+ARROW_AWS_C_EVENT_STREAM_BUILD_SHA256_CHECKSUM=f1b423a487b5d6dca118bfc0d0c6cc596dc476b282258a3228e73a8f730422d4
ARROW_BOOST_BUILD_VERSION=1.75.0
+ARROW_BOOST_BUILD_SHA256_CHECKSUM=cb97b36e2295a321c34851e0455bc2630ad6c691d4f9f589170066cd11c835b4
ARROW_BROTLI_BUILD_VERSION=v1.0.9
+ARROW_BROTLI_BUILD_SHA256_CHECKSUM=f9e8d81d0405ba66d181529af42a3354f838c939095ff99930da6aa9cdf6fe46
ARROW_BZIP2_BUILD_VERSION=1.0.8
+ARROW_BZIP2_BUILD_SHA256_CHECKSUM=ab5a03176ee106d3f0fa90e381da478ddae405918153cca248e682cd0c4a2269
ARROW_CARES_BUILD_VERSION=1.17.1
+ARROW_CARES_BUILD_SHA256_CHECKSUM=d73dd0f6de824afd407ce10750ea081af47eba52b8a6cb307d220131ad93fc40
ARROW_GBENCHMARK_BUILD_VERSION=v1.5.2
+ARROW_GBENCHMARK_BUILD_SHA256_CHECKSUM=dccbdab796baa1043f04982147e67bb6e118fe610da2c65f88912d73987e700c
ARROW_GFLAGS_BUILD_VERSION=v2.2.2
+ARROW_GFLAGS_BUILD_SHA256_CHECKSUM=34af2f15cf7367513b352bdcd2493ab14ce43692d2dcd9dfc499492966c64dcf
ARROW_GLOG_BUILD_VERSION=v0.4.0
+ARROW_GLOG_BUILD_SHA256_CHECKSUM=f28359aeba12f30d73d9e4711ef356dc842886968112162bc73002645139c39c
ARROW_GRPC_BUILD_VERSION=v1.35.0
+ARROW_GRPC_BUILD_SHA256_CHECKSUM=27dd2fc5c9809ddcde8eb6fa1fa278a3486566dfc28335fca13eb8df8bd3b958
ARROW_GTEST_BUILD_VERSION=1.10.0
+ARROW_GTEST_BUILD_SHA256_CHECKSUM=9dc9157a9a1551ec7a7e43daea9a694a0bb5fb8bec81235d8a1e6ef64c716dcb
ARROW_JEMALLOC_BUILD_VERSION=5.2.1
+ARROW_JEMALLOC_BUILD_SHA256_CHECKSUM=34330e5ce276099e2e8950d9335db5a875689a4c6a56751ef3b1d8c537f887f6
ARROW_LZ4_BUILD_VERSION=v1.9.3
+ARROW_LZ4_BUILD_SHA256_CHECKSUM=030644df4611007ff7dc962d981f390361e6c97a34e5cbc393ddfbe019ffe2c1
# mimalloc 1.6.7 didn't build on Visual Studio 2015
# https://github.com/microsoft/mimalloc/issues/353
ARROW_MIMALLOC_BUILD_VERSION=v1.7.2
+ARROW_MIMALLOC_BUILD_SHA256_CHECKSUM=b1912e354565a4b698410f7583c0f83934a6dbb3ade54ab7ddcb1569320936bd
ARROW_ORC_BUILD_VERSION=1.6.9
+ARROW_ORC_BUILD_SHA256_CHECKSUM=2b79f1152454a38abd7b361b407f65689e275f1fb28d4293892e42fbebcc0a9d
ARROW_PROTOBUF_BUILD_VERSION=v3.14.0
+ARROW_PROTOBUF_BUILD_SHA256_CHECKSUM=6dd0f6b20094910fbb7f1f7908688df01af2d4f6c5c21331b9f636048674aebf
# Because of https://github.com/Tencent/rapidjson/pull/1323, we require
# a pre-release version of RapidJSON to build with GCC 8 without
# warnings.
ARROW_RAPIDJSON_BUILD_VERSION=1a803826f1197b5e30703afe4b9c0e7dd48074f5
+ARROW_RAPIDJSON_BUILD_SHA256_CHECKSUM=0b6b780b6c534bfb0b23d29910bfe361e486bcfeaf106db8bc8995792072905a
ARROW_RE2_BUILD_VERSION=2021-02-02
+ARROW_RE2_BUILD_SHA256_CHECKSUM=1396ab50c06c1a8885fb68bf49a5ecfd989163015fd96699a180d6414937f33f
ARROW_SNAPPY_BUILD_VERSION=1.1.8
+ARROW_SNAPPY_BUILD_SHA256_CHECKSUM=16b677f07832a612b0836178db7f374e414f94657c138e6993cbfc5dcc58651f
ARROW_THRIFT_BUILD_VERSION=0.13.0
-ARROW_THRIFT_BUILD_MD5_CHECKSUM=38a27d391a2b03214b444cb13d5664f1
+ARROW_THRIFT_BUILD_SHA256_CHECKSUM=7ad348b88033af46ce49148097afe354d513c1fca7c607b59c33ebb6064b5179
ARROW_UTF8PROC_BUILD_VERSION=v2.6.1
+ARROW_UTF8PROC_BUILD_SHA256_CHECKSUM=4c06a9dc4017e8a2438ef80ee371d45868bda2237a98b26554de7a95406b283b
ARROW_XSIMD_BUILD_VERSION=e9234cd6e6f4428fc260073b2c34ffe86fda1f34
+ARROW_XSIMD_BUILD_SHA256_CHECKSUM=1e98bae41abae7f3f6fa4c70ec2dcad008d831876009aa047fb69fd5b24076fd
ARROW_ZLIB_BUILD_VERSION=1.2.11
+ARROW_ZLIB_BUILD_SHA256_CHECKSUM=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1
ARROW_ZSTD_BUILD_VERSION=v1.5.0
+ARROW_ZSTD_BUILD_SHA256_CHECKSUM=0d9ade222c64e912d6957b11c923e214e2e010a18f39bec102f572e693ba2867
+
# The first field is the name of the environment variable expected by cmake.
# This _must_ match what is defined. The second field is the name of the
