Re: [HEADS-UP] Upcoming Rust SIG mini-mass-rebuild

[Fabio Valentini]

On Mon, May 20, 2024 at 9:29 PM Fabio Valentini  wrote:
>
> Hi all,
>
> As discussed in the Fedora Rust channel on Matrix, I am planning to do
> a mini-mass-rebuild of all Rust applications (that are co-maintained
> by the Rust SIG), likely by the end of this week. I estimate that it
> will involve just shy of 200 packages per branch.

This is now done. The updates are in bodhi:

https://bodhi.fedoraproject.org/updates/FEDORA-2024-c4bf73eb40
https://bodhi.fedoraproject.org/updates/FEDORA-2024-ce2936b568
https://bodhi.fedoraproject.org/updates/FEDORA-2024-40ee18b2e7
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-74745ddb2a

I have included some additional (non rust-*) packages, including some
GNOME applications (gnome-tour, snapshot, loupe, librsvg2).
The EPEL9 builds have only picked up security fixes but not the better
debuginfo, since that change has not yet landed in RHEL 9's Rust
toolchain.

A quick check shows that debuginfo seems to be 10-15 MB larger after
the toolchain changes that landed in the package for Rust 1.78 in
Fedora. So it looks like debuginfo should indeed be more complete now
- and hopefully backtraces should now be on par with backtraces
generated by binaries that were built with the "official" upstream
Rust toolchain.

Fabio
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[HEADS-UP] Upcoming Rust SIG mini-mass-rebuild

[Fabio Valentini]

Hi all,

As discussed in the Fedora Rust channel on Matrix, I am planning to do
a mini-mass-rebuild of all Rust applications (that are co-maintained
by the Rust SIG), likely by the end of this week. I estimate that it
will involve just shy of 200 packages per branch.

The motivation for a mini-mass-rebuild is two-fold:

1. Until very recently, the Rust standard library (shipped as a static
archive by the "rust" package) was accidentally shipped with stripped
debuginfo, which resulted in Rust applications that linked the
standard library to have incomplete debuginfo - and as a result, they
produced incomplete backtraces for any stack traces that involved the
Rust standard library. This has been fixed since rust 1.78, but
applications need to be rebuilt to pick up this improvement.

2. I regularly rebuild applications for "major" / "high priority"
security issues in Rust crates, but there are a few accumulated
"minor" / "low priority" security issues where I didn't yet have the
time to rebuild the affected applications against the library versions
that contain the necessary fixes. A mini-mass-rebuild would take care
of all of these at the same time.

I plan to only rebuild Rust applications that are associated with the
Rust SIG (i.e. packages "rust-*"), but no other packages (for example,
firefox, thunderbird, or librsvg2). If any maintainers of packages
that contain Rust code but that are not co-maintained by the Rust SIG
would like their packages to be included in the mini-mass-rebuild as
well, just let me know and I'll add them to my list.

Fabio

PS: Packages that build with vendored Rust dependencies (there are a
handful of them, and most are not co-maintained by the Rust SIG) would
only benefit from better debuginfo / backtraces, but not from security
updates (that would require manually updating the vendor tarball),
which is why I will not include them in the mini-mass-rebuild.
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue