From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:c151::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id 4IBEI896UWCQPgAA0tVLHw (envelope-from ) for ; Wed, 17 Mar 2021 03:43:11 +0000 Received: from aspmx2.migadu.com ([2001:41d0:2:c151::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id 8Kb0Hs96UWDUVAAAbx9fmQ (envelope-from ) for ; Wed, 17 Mar 2021 03:43:11 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx2.migadu.com (Postfix) with ESMTPS id E703815998 for ; Wed, 17 Mar 2021 04:43:10 +0100 (CET) Received: from localhost ([::1]:59892 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lMN5R-0007u3-Ma for larch@yhetil.org; Tue, 16 Mar 2021 23:43:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:39764) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lMN5K-0007ss-44 for guix-patches@gnu.org; Tue, 16 Mar 2021 23:43:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:58336) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lMN5J-0005Nh-SZ for guix-patches@gnu.org; Tue, 16 Mar 2021 23:43:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lMN5J-0004fA-QI for guix-patches@gnu.org; Tue, 16 Mar 2021 23:43:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#47187] [PATCH] gnu: Add c-lightning. Resent-From: ZmnSCPxj Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 17 Mar 2021 03:43:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47187 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: =?UTF-8?Q?L=C3=A9o?= Le Bouter Cc: "47187@debbugs.gnu.org" <47187@debbugs.gnu.org> Received: via spool by 47187-submit@debbugs.gnu.org id=B47187.161595256117892 (code B ref 47187); Wed, 17 Mar 2021 03:43:01 +0000 Received: (at 47187) by debbugs.gnu.org; 17 Mar 2021 03:42:41 +0000 Received: from localhost ([127.0.0.1]:41647 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lMN4y-0004eV-OI for submit@debbugs.gnu.org; Tue, 16 Mar 2021 23:42:41 -0400 Received: from mail-40138.protonmail.ch ([185.70.40.138]:56551) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lMN4w-0004eI-2g for 47187@debbugs.gnu.org; Tue, 16 Mar 2021 23:42:39 -0400 Date: Wed, 17 Mar 2021 03:42:27 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail; t=1615952551; bh=XuoBC/wHVyU1GLPthFiRR9L9vhKeKQoE8ql1s3jfhfU=; h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References:From; b=krbPXf78K0zpyqvbkBWqjMw1whXD2Tk4jaSXhLp8LYJ+MMoMi62slQx2eiDLKp1Yg s7tB5g9427KN7jw9ldOzdq32LW2X5f76n+Mrdloah0SxRQ1KuLv8Fx2V2QeHA3iHPj VEvoyV5eSm1fbNXbCPa2ElNnUXy9PML9ExZpNa9c= Message-ID: In-Reply-To: <8f7d4c04d96fdf8cf1239c476c4c869f92446ada.camel@zaclys.net> References: <81c654076d3c07c0f7d1657b4e44dce29a01eca2.camel@zaclys.net> <9436292ea880757cf47a5ce59879e6e7098ff195.camel@zaclys.net> <8f7d4c04d96fdf8cf1239c476c4c869f92446ada.camel@zaclys.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" Reply-to: ZmnSCPxj X-ACL-Warn: , ZmnSCPxj via Guix-patches From: ZmnSCPxj via Guix-patches via X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1615952591; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=XuoBC/wHVyU1GLPthFiRR9L9vhKeKQoE8ql1s3jfhfU=; b=YnWKRZ/Vk9AD6A+O6eoY9ka2OlNcX2Df3WZBsGb8Ty7ORruAFEyCewQZawjapTJCH0IvbB ka4UcdNBnoie3kKVzVRIzXYgpj812be9i9GEDXVk9FRBkBYJln8cYyYP6znrKd8Gq/HunM Lmib++ciIJWo/ktBTPu6Hamwmpd2HF4MCyAxJDcZnD0Latpiphqohr6igjwXKBxP977y1H z26WQ+zF+mrX6OrFd1Q4v8/FSWiorZu5NZlJnGsmKJyC5VlyFoh0eiFqCzV7dOQLTJKtMR 6xNcQ/yyIC1T6qWv9mP1/+flkvoi8d+5WAonRdsbUdjCzsTjjZLhgKvmuKkZtQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1615952591; a=rsa-sha256; cv=none; b=OBe+3mlsJCvLNiNT5XSY9diuxFNaz/wvzcc/oHwv2AQAsuGsXTQmnTlA0byP7+oqeK9OuK 7UgEVh4+hqU+eAVLBXZfiKXzmYahJM5z9SrpVbR2XaEHp/h1hpddDvSE/TPzCX43ulVQx4 sBu53Fy9yQVeJytCIV5LMxfBBbFu669YDrxAUPZsFXLQk4XHEGm8Bmyz4iNi/FFg0xVk/l HyYseRemkEoZ1PhEMc8TgIRBl3DKOJI1gLnoDi6NlT5Bcj64Njvkzpz7/JlNwmUqww7pLa gNjBZCqcXqROunyHqvmDU1gz1WowWKRDXKM2JUGklpkb0FB4G/k0bbb+wLheKA== ARC-Authentication-Results: i=1; aspmx2.migadu.com; dkim=fail ("headers rsa verify failed") header.d=protonmail.com header.s=protonmail header.b=krbPXf78; spf=pass (aspmx2.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Spam-Score: -2.90 Authentication-Results: aspmx2.migadu.com; dkim=fail ("headers rsa verify failed") header.d=protonmail.com header.s=protonmail header.b=krbPXf78; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx2.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Queue-Id: E703815998 X-Spam-Score: -2.90 X-Migadu-Scanner: scn0.migadu.com X-TUID: 1geXcMP7ud9b Good morning Leo, > > Yes, it is true that there is something of a requirement of a strict > > behavior here, I suppose it is possible to use `git-fetch` instead of > > `url-fetch` for our external libraries. > > Yes you can use git-fetch, to make sure we are on the same page, are > you speaking of strict behavior requirements like for Bitcoin Core's > consensus code? Well we need to produce signatures and transactions that pass Bitcoin Core = signature validation at least, so it is best to use a version of `libsecp25= 6k1` (which produces signatures) that we know works, as well as `libwally-c= ore` (which produces transactions). I would personally use the `libsecp256k1` version that `libwally-core` vend= ors in as well, since there may be specific interactions between `libwally-= core` and `libsecp256k1` that may be different if we use the Bitcoin Core v= ersion of `libsecp256k1`. For `libsodium`, at least the hashing has to work correctly, but I think it= is simple enough that strict behavior requirements are not so onerous. Indeed, we usually get this from the OS (but we need a later feature than t= hat available on some old Ubuntu versions, which is why it got vendored in)= , so I should probably "just" add it as an input. > > > How do I generate `guix hash` for `git-fetch`ed `source`s? > > Actually what I do is put a wrong hash in and then copy the "actual > hash" from the error. I havent found another way but this definitely > feels subpar and prevents much verification before putting in the hash, > better suggestions welcome. Haha I shall do so as well. > > > However it also means that every release of C-Lightning I have to go > > double-check what git commit to use for each library (though `jsmn` > > and `libbacktrace` at least seem very stable). > > But it looks to me that unvendoring will require more extensive > > patching of the `Makefile` and an even larger maintenance burden on > > Guix side? > > Unvendoring is more or less a policy because we must be able to audit > each piece of software separately for freedom issues (licenses, > violations to the GNU FSDG), and it eases work for security-patching > also. I understand. This will require a largish amount of work I think. Would this technique be acceptable? * `add-before 'configure 'unvendor-externals` * `rm -rf` the vendored externals. * `ln -s` the needed `.h` and `.la`/`.a`/`.so` files from the `inputs` to= the expected paths within the `external/` directory. ? > > Please do, I am not very familiar with any Python infrastructure and > > am primarily a C programmer here, I just barely hack together some > > kind of test in Python. > > If you can list the Python dependencies and their version I can look at > packaging them. We have a `requirements.txt` file which contains this, I duplicate below: ``` # Dependencies required to build and test c-lightning https://github.com/ElementsProject/libwally-core/releases/download/release_= 0.8.0/wallycore-0.8.0-cp36-cp36m-linux_x86_64.whl; 'linux' in sys_platform = and python_version =3D=3D '3.6' https://github.com/ElementsProject/libwally-core/releases/download/release_= 0.8.0/wallycore-0.8.0-cp37-cp37m-linux_x86_64.whl; 'linux' in sys_platform = and python_version =3D=3D '3.7' https://github.com/ElementsProject/libwally-core/releases/download/release_= 0.8.0/wallycore-0.8.0-cp37-cp37m-macosx_10_14_x86_64.whl; sys_platform =3D= =3D 'darwin' and python_version =3D=3D '3.7' mrkd ~=3D 0.1.6 Mako ~=3D 1.1.3 # Dependencies from pyln-client Sphinx ~=3D 3.4.0 flake8=3D=3D3.7.8 recommonmark>=3D0.7.* sphinx-rtd-theme=3D=3D0.4.2 sphinxcontrib-websupport=3D=3D1.1.0 tqdm=3D=3D4.32.2 # Dependencies from pyln-testing Flask=3D=3D1.1.* cheroot=3D=3D8.5.* ephemeral-port-reserve=3D=3D1.1.1 filelock=3D=3D3.0.* flaky ~=3D 3.7.0 psutil=3D=3D5.7.* psycopg2-binary=3D=3D2.8.* pytest-rerunfailures=3D=3D9.1.1 pytest-timeout ~=3D 1.4.2 pytest-xdist ~=3D 2.2.0 pytest=3D=3D6.1.* python-bitcoinlib=3D=3D0.11.* # Dependencies from pyln-proto base58 ~=3D 2.0.1 bitstring ~=3D 3.1.6 coincurve ~=3D 13.0.0 cryptography ~=3D 3.2 mypy ~=3D 0.790 pysocks ~=3D 1.7.1 # Dependencies from pyln-spec # None ``` Incidentally, we also install some Python modules. How do I "properly" export the Python modules within Guix? Regards, ZmnSCPxj