* GHC packages' inputs leak in guix shell
@ 2023-08-15 6:51 Saku Laesvuori
2023-08-24 9:11 ` Simon Tournier
0 siblings, 1 reply; 9+ messages in thread
From: Saku Laesvuori @ 2023-08-15 6:51 UTC (permalink / raw)
To: help-guix
[-- Attachment #1: Type: text/plain, Size: 434 bytes --]
Running `guix shell --pure ghc-esqueleto -D ghc-bytestring-builder`
results in an environment that has the base64-bytestring package (from
ghc-base64-bytestring) visible, even though it is not listed on listed
the command line (ghc-bytestring-builder doesn't dependend on it). It
seems to "leak" from the inputs of ghc-esqueleto which does depend on
ghc-base64-bytestring.
Is this a bug in guix or is it unavoidable for some reason?
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: GHC packages' inputs leak in guix shell
2023-08-15 6:51 GHC packages' inputs leak in guix shell Saku Laesvuori
@ 2023-08-24 9:11 ` Simon Tournier
2023-08-24 16:16 ` Saku Laesvuori
0 siblings, 1 reply; 9+ messages in thread
From: Simon Tournier @ 2023-08-24 9:11 UTC (permalink / raw)
To: Saku Laesvuori, help-guix
Hi,
On Tue, 15 Aug 2023 at 09:51, Saku Laesvuori <saku@laesvuori.fi> wrote:
> Running `guix shell --pure ghc-esqueleto -D ghc-bytestring-builder`
> results in an environment that has the base64-bytestring package (from
> ghc-base64-bytestring) visible, even though it is not listed on listed
> the command line (ghc-bytestring-builder doesn't dependend on it). It
> seems to "leak" from the inputs of ghc-esqueleto which does depend on
> ghc-base64-bytestring.
What do you mean by “leak”?
Does it happen if you run
guix shell -C ghc-esqueleto -D ghc-bytestring-builder
?
Cheers,
simon
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: GHC packages' inputs leak in guix shell
2023-08-24 9:11 ` Simon Tournier
@ 2023-08-24 16:16 ` Saku Laesvuori
2023-08-28 11:40 ` Simon Tournier
0 siblings, 1 reply; 9+ messages in thread
From: Saku Laesvuori @ 2023-08-24 16:16 UTC (permalink / raw)
To: Simon Tournier; +Cc: help-guix
[-- Attachment #1: Type: text/plain, Size: 750 bytes --]
> > Running `guix shell --pure ghc-esqueleto -D ghc-bytestring-builder`
> > results in an environment that has the base64-bytestring package (from
> > ghc-base64-bytestring) visible, even though it is not listed on listed
> > the command line (ghc-bytestring-builder doesn't dependend on it). It
> > seems to "leak" from the inputs of ghc-esqueleto which does depend on
> > ghc-base64-bytestring.
>
> What do you mean by “leak”?
I would expect packages to keep their (non-propagated) inputs separate
from the environment I use. Here ghc-esqueleto makes it's haskell inputs
visible to the ghc in my environment.
> Does it happen if you run
>
> guix shell -C ghc-esqueleto -D ghc-bytestring-builder
>
> ?
Yes it does.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: GHC packages' inputs leak in guix shell
2023-08-24 16:16 ` Saku Laesvuori
@ 2023-08-28 11:40 ` Simon Tournier
2023-08-28 19:15 ` Saku Laesvuori
2023-08-29 7:12 ` Lars-Dominik Braun
0 siblings, 2 replies; 9+ messages in thread
From: Simon Tournier @ 2023-08-28 11:40 UTC (permalink / raw)
To: Saku Laesvuori; +Cc: help-guix, Lars-Dominik Braun
Hi,
On Thu, 24 Aug 2023 at 19:16, Saku Laesvuori <saku@laesvuori.fi> wrote:
>> > Running `guix shell --pure ghc-esqueleto -D ghc-bytestring-builder`
>> > results in an environment that has the base64-bytestring package (from
>> > ghc-base64-bytestring) visible, even though it is not listed on listed
>> > the command line (ghc-bytestring-builder doesn't dependend on it). It
>> > seems to "leak" from the inputs of ghc-esqueleto which does depend on
>> > ghc-base64-bytestring.
>>
>> What do you mean by “leak”?
>
> I would expect packages to keep their (non-propagated) inputs separate
> from the environment I use. Here ghc-esqueleto makes it's haskell inputs
> visible to the ghc in my environment.
Could you be more explicit?
The package ghc-base64-bytestring does not seems being propagated; the
store item ghc-base64-bytestring does not appear in the profile
generated by “guix shell”. However,
--8<---------------cut here---------------start------------->8---
$ guix shell -C ghc-esqueleto ghc gcc-toolchain -- ghci
GHCi, version 9.2.5: https://www.haskell.org/ghc/ :? for help
ghci> import Data.ByteString.Base64.URL.Lazy
ghci> :t encode
encode
:: Data.ByteString.Lazy.Internal.ByteString
-> Data.ByteString.Lazy.Internal.ByteString
--8<---------------cut here---------------end--------------->8---
and instead, you would like:
<no location info>: error:
Could not find module `Data.ByteString.Base64.URL.Lazy'
It is not a module in the current program, or in any known package.
Right? Well, I do not know if it is possible. I guess it is because of
this file:
--8<---------------cut here---------------start------------->8---
$ find $(guix build ghc-esqueleto) -type f -print | grep base64
/gnu/store/zqax59v1v537h26g0kypka6klaaahnqf-ghc-esqueleto-3.5.8.1/lib/ghc-9.2.5/ghc-esqueleto-3.5.8.1.conf.d/base64-bytestring-1.2.1.0-CQYLTs5ShsEFl2lwe4hRrI.conf
--8<---------------cut here---------------end--------------->8---
Lars, WDYT?
Cheers,
simon
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: GHC packages' inputs leak in guix shell
2023-08-28 11:40 ` Simon Tournier
@ 2023-08-28 19:15 ` Saku Laesvuori
2023-08-29 7:12 ` Lars-Dominik Braun
1 sibling, 0 replies; 9+ messages in thread
From: Saku Laesvuori @ 2023-08-28 19:15 UTC (permalink / raw)
To: Simon Tournier; +Cc: help-guix, Lars-Dominik Braun
[-- Attachment #1: Type: text/plain, Size: 2688 bytes --]
On Mon, Aug 28, 2023 at 01:40:14PM +0200, Simon Tournier wrote:
> Hi,
>
> On Thu, 24 Aug 2023 at 19:16, Saku Laesvuori <saku@laesvuori.fi> wrote:
> >> > Running `guix shell --pure ghc-esqueleto -D ghc-bytestring-builder`
> >> > results in an environment that has the base64-bytestring package (from
> >> > ghc-base64-bytestring) visible, even though it is not listed on listed
> >> > the command line (ghc-bytestring-builder doesn't dependend on it). It
> >> > seems to "leak" from the inputs of ghc-esqueleto which does depend on
> >> > ghc-base64-bytestring.
> >>
> >> What do you mean by “leak”?
> >
> > I would expect packages to keep their (non-propagated) inputs separate
> > from the environment I use. Here ghc-esqueleto makes it's haskell inputs
> > visible to the ghc in my environment.
>
> Could you be more explicit?
>
> The package ghc-base64-bytestring does not seems being propagated; the
> store item ghc-base64-bytestring does not appear in the profile
> generated by “guix shell”.
Yes, it is not propagated but it's still visible to ghc, which is not
something I would expect. I'd expect to not be able to import modules
from packages that are not in any of the active profiles.
> However,
>
> --8<---------------cut here---------------start------------->8---
> $ guix shell -C ghc-esqueleto ghc gcc-toolchain -- ghci
> GHCi, version 9.2.5: https://www.haskell.org/ghc/ :? for help
> ghci> import Data.ByteString.Base64.URL.Lazy
> ghci> :t encode
> encode
> :: Data.ByteString.Lazy.Internal.ByteString
> -> Data.ByteString.Lazy.Internal.ByteString
> --8<---------------cut here---------------end--------------->8---
>
> and instead, you would like:
>
> <no location info>: error:
> Could not find module `Data.ByteString.Base64.URL.Lazy'
> It is not a module in the current program, or in any known package.
>
> Right?
Exactly.
> Well, I do not know if it is possible. I guess it is because of this
> file:
>
> --8<---------------cut here---------------start------------->8---
> $ find $(guix build ghc-esqueleto) -type f -print | grep base64
> /gnu/store/zqax59v1v537h26g0kypka6klaaahnqf-ghc-esqueleto-3.5.8.1/lib/ghc-9.2.5/ghc-esqueleto-3.5.8.1.conf.d/base64-bytestring-1.2.1.0-CQYLTs5ShsEFl2lwe4hRrI.conf
> --8<---------------cut here---------------end--------------->8---
I think that is most likely the reason. I don't think cabal has this
problem (I haven't actually used cabal much at all so this is just
speculation), so it could be possible to fix. Of course, cabal-install
and guix have different ways of packaging so it might also be
impossible.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: GHC packages' inputs leak in guix shell
2023-08-28 11:40 ` Simon Tournier
2023-08-28 19:15 ` Saku Laesvuori
@ 2023-08-29 7:12 ` Lars-Dominik Braun
2023-08-29 20:30 ` Saku Laesvuori
1 sibling, 1 reply; 9+ messages in thread
From: Lars-Dominik Braun @ 2023-08-29 7:12 UTC (permalink / raw)
To: Simon Tournier; +Cc: Saku Laesvuori, help-guix
Hi Simon,
> Right? Well, I do not know if it is possible. I guess it is because of
> this file:
>
> --8<---------------cut here---------------start------------->8---
> $ find $(guix build ghc-esqueleto) -type f -print | grep base64
> /gnu/store/zqax59v1v537h26g0kypka6klaaahnqf-ghc-esqueleto-3.5.8.1/lib/ghc-9.2.5/ghc-esqueleto-3.5.8.1.conf.d/base64-bytestring-1.2.1.0-CQYLTs5ShsEFl2lwe4hRrI.conf
> --8<---------------cut here---------------end--------------->8---
>
> Lars, WDYT?
your analysis is correct, but due to the nature of how Haskell builds work
we cannot remove that file (because anything depending on ghc-esqueleto
would not build any more) or relocate it to a different output (because
that would cause a cycle).
I can’t check right now, but I’m guessing a plain `cabal install`
would also add base64-bytestring to GHC’s visible packages?
Cheers,
Lars
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: GHC packages' inputs leak in guix shell
2023-08-29 7:12 ` Lars-Dominik Braun
@ 2023-08-29 20:30 ` Saku Laesvuori
2023-09-09 10:05 ` Saku Laesvuori
0 siblings, 1 reply; 9+ messages in thread
From: Saku Laesvuori @ 2023-08-29 20:30 UTC (permalink / raw)
To: Lars-Dominik Braun; +Cc: Simon Tournier, help-guix
[-- Attachment #1: Type: text/plain, Size: 968 bytes --]
> I can’t check right now, but I’m guessing a plain `cabal install`
> would also add base64-bytestring to GHC’s visible packages?
I tested with cabal-install and it somehow manages to hide the haskell
packages that are installed as dependencies.
```
$ guix shell -CN cabal-install coreutils zlib -D ghc-old-time
## Building old-time failed so I added it's inputs.
## Zlib is also required for building the dependency chain.
$ cabal update
$ env -u GHC_PACKAGE_PATH cabal install --lib esqueleto
$ ghci
ﬦ import Database.Esqueleto.Experimental
-- This works, so the package from cabal-install is visible
ﬦ import Data.ByteString.Base64.URL.Lazy
<no location info>: error:
Could not load module `Data.ByteString.Base64.URL.Lazy'
It is a member of the hidden package `base64-bytestring-1.2.1.0'.
You can run `:set -package base64-bytestring' to expose it.
(Note: this unloads all the modules in the current scope.)
```
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: GHC packages' inputs leak in guix shell
2023-08-29 20:30 ` Saku Laesvuori
@ 2023-09-09 10:05 ` Saku Laesvuori
2023-10-04 18:26 ` bug#66347: GHC packages " Simon Tournier
0 siblings, 1 reply; 9+ messages in thread
From: Saku Laesvuori @ 2023-09-09 10:05 UTC (permalink / raw)
To: Lars-Dominik Braun; +Cc: Simon Tournier, help-guix
[-- Attachment #1: Type: text/plain, Size: 4605 bytes --]
> > I can’t check right now, but I’m guessing a plain `cabal install`
> > would also add base64-bytestring to GHC’s visible packages?
>
> I tested with cabal-install and it somehow manages to hide the haskell
> packages that are installed as dependencies.
Apparently cabal uses ghc environments[1], which are files that define a
list of flags for ghc, to hide all packages except the explicitly
installed ones. Guix could probably also create a file like that for
every profile that contains ghc and/or packages for it. Another way
would be adding a phase to hide all the haskell packages in the
package-db ($out/lib/ghc-9.2.5/ghc-esqueleto-3.5.8.1.conf.d) except for
the package itself.
Creating environment files could maybe cause problems when combining
profiles, so I think hiding dependency packages in a build phase would
be a better solution. I tried this with ghc-esqueleto and it seems to
work (though I'm sure the code isn't particularly clean and it certainly
is slower than I would like).
[1]: https://ghc.gitlab.haskell.org/ghc/doc/users_guide/packages.html#package-environments
```
(define-public ghc-esqueleto
(package
(name "ghc-esqueleto")
(version "3.5.8.1")
(source (origin
(method url-fetch)
(uri (hackage-uri "esqueleto" version))
(sha256
(base32
"0k7h2hbxv14x0kq9w2wi83h0swzlri99ic9rj76540l39yqwjc5v"))))
(build-system haskell-build-system)
(properties '((upstream-name . "esqueleto")))
(inputs (list ghc-aeson
ghc-attoparsec
ghc-blaze-html
ghc-conduit
ghc-monad-logger
ghc-persistent
ghc-resourcet
ghc-tagged
ghc-unliftio
ghc-unordered-containers
openssl
zlib))
(native-inputs (list ghc-hspec
ghc-hspec-core
ghc-mysql
ghc-mysql-simple
ghc-persistent-mysql
ghc-persistent-postgresql
ghc-persistent-sqlite
ghc-postgresql-simple
ghc-quickcheck))
(arguments
(list
#:tests? #f ; Needs a running MySQLd.
#:phases #~(modify-phases %standard-phases
(add-after 'register 'hide-dependencies
(begin
(use-modules (srfi srfi-1)
(ice-9 popen)
(ice-9 rdelim))
(lambda* (#:key name inputs #:allow-other-keys)
(let* ((out #$output)
(lib (string-append out "/lib"))
(haskell (assoc-ref inputs "haskell"))
(name-version (strip-store-file-name haskell))
(version (last (string-split name-version #\-)))
(conf-dir (string-append lib "/ghc-" version "/" name ".conf.d"))
(port (open-input-pipe
(string-append "ghc-pkg list --simple-output "
"--package-db=" conf-dir)))
(pkgs (string-split (read-line port) #\space))
(ghc-pkg (lambda (args)
(apply invoke "ghc-pkg"
(string-append "--package-db=" conf-dir)
args))))
(for-each (lambda (pkg)
(ghc-pkg (list "hide" pkg)))
pkgs)
(ghc-pkg (list "expose" (string-drop name 4)))))))))) ; drop "ghc-"
(home-page "https://github.com/bitemyapp/esqueleto")
(synopsis "Type-safe embedded domain specific language for SQL queries")
(description
"This library provides a type-safe embedded domain specific
language (EDSL) for SQL queries that works with SQL backends as provided by
@code{ghc-persistent}. Its language closely resembles SQL, so you don't have
to learn new concepts, just new syntax, and it's fairly easy to predict the
generated SQL and optimize it for your backend.")
(license license:bsd-3)))
```
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#66347: GHC packages inputs leak in guix shell
2023-09-09 10:05 ` Saku Laesvuori
@ 2023-10-04 18:26 ` Simon Tournier
0 siblings, 0 replies; 9+ messages in thread
From: Simon Tournier @ 2023-10-04 18:26 UTC (permalink / raw)
To: 66347
Hi,
Consider this:
--8<---------------cut here---------------start------------->8---
$ guix shell -C ghc-esqueleto ghc gcc-toolchain -- ghci
GHCi, version 9.2.5: https://www.haskell.org/ghc/ :? for help
ghci> import Data.ByteString.Base64.URL.Lazy
ghci> :t encode
encode
:: Data.ByteString.Lazy.Internal.ByteString
-> Data.ByteString.Lazy.Internal.ByteString
--8<---------------cut here---------------end--------------->8---
The package ghc-base64-bytestring should not be visible and instead, the
user should see:
<no location info>: error:
Could not find module `Data.ByteString.Base64.URL.Lazy'
It is not a module in the current program, or in any known package.
See discussion for more details if needed.
GHC packages' inputs leak in guix shell
Saku Laesvuori <saku@laesvuori.fi>
Tue, 15 Aug 2023 09:51:50 +0300
id:20230815065150.5joaxyts646mnpex@X-kone
https://lists.gnu.org/archive/html/help-guix/2023-08
https://yhetil.org/guix/20230815065150.5joaxyts646mnpex@X-kone
As reported in the discussion above, cabal is not exposing the package
required as dependency.
--8<---------------cut here---------------start------------->8---
$ guix shell -CN cabal-install coreutils zlib -D ghc-old-time
$ cabal update
$ env -u GHC_PACKAGE_PATH cabal install --lib esqueleto
$ ghci
ghci> import Database.Esqueleto.Experimental
ghci> :t encode
<interactive>:1:1: error: Variable not in scope: encode
ghci> import Data.ByteString.Base64.URL.Lazy
<no location info>: error:
Could not load module `Data.ByteString.Base64.URL.Lazy'
It is a member of the hidden package `base64-bytestring-1.2.1.0'.
You can run `:set -package base64-bytestring' to expose it.
(Note: this unloads all the modules in the current scope.)
--8<---------------cut here---------------end--------------->8---
Cheers,
simon
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2023-10-04 18:33 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-08-15 6:51 GHC packages' inputs leak in guix shell Saku Laesvuori
2023-08-24 9:11 ` Simon Tournier
2023-08-24 16:16 ` Saku Laesvuori
2023-08-28 11:40 ` Simon Tournier
2023-08-28 19:15 ` Saku Laesvuori
2023-08-29 7:12 ` Lars-Dominik Braun
2023-08-29 20:30 ` Saku Laesvuori
2023-09-09 10:05 ` Saku Laesvuori
2023-10-04 18:26 ` bug#66347: GHC packages " Simon Tournier
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.