[tor-bugs] #31588 [Applications/Tor Browser]: Be smarter about vendoring for Rust projects

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Nov 15 12:30:11 UTC 2019


#31588: Be smarter about vendoring for Rust projects
--------------------------------------+--------------------------
 Reporter:  gk                        |          Owner:  tbb-team
     Type:  task                      |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tbb-rbm                   |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by boklm):

 If Mozilla is vendoring most of the rust dependencies we need, I think we
 could generate a tarball from `tor-browser.git/third_party/rust`, and
 include it in the `cbindgen` project, and in other rust projects that we
 build. That way we don't need to manually update a tarball of vendored
 projects.

 If we want to avoid generating a new tarball (which will probably involve
 generating a tarball containing all the firefox tree, extracting it, and
 generating a new tarball from the `third_party/rust` directory only), we
 can re-use the `src-firefox-$version.tar.xz` tarball which we already
 generate.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31588#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list