| 16 Apr 2025 |
 hexa | I subsequently get asked to provide a hash for the git dependency | 00:12:30 |
| hexa | error: No hash was found while vendoring the git dependency sysinfo-0.33.1. You can add
a hash through the `outputHashes` argument of `importCargoLock`:
outputHashes = {
"sysinfo-0.33.1" = "<hash>";
};
If you use `buildRustPackage`, you can add this attribute to the `cargoLock`
attribute set.
| 00:12:33 |
| hexa | but during the build it tries to fetch the sysinfo git sources | 00:13:10 |
| hexa | sentry-relay> pypa build flags: --no-isolation --outdir dist/ --wheel
sentry-relay> * Getting build dependencies for wheel...
sentry-relay> * Building wheel...
sentry-relay> running bdist_wheel
sentry-relay> running build
sentry-relay> running build_py
sentry-relay> creating build/lib/sentry_relay
sentry-relay> copying sentry_relay/__init__.py -> build/lib/sentry_relay
sentry-relay> copying sentry_relay/processing.py -> build/lib/sentry_relay
sentry-relay> copying sentry_relay/utils.py -> build/lib/sentry_relay
sentry-relay> copying sentry_relay/exceptions.py -> build/lib/sentry_relay
sentry-relay> copying sentry_relay/auth.py -> build/lib/sentry_relay
sentry-relay> copying sentry_relay/consts.py -> build/lib/sentry_relay
sentry-relay> copying sentry_relay/py.typed -> build/lib/sentry_relay
sentry-relay> Updating crates.io index
sentry-relay> warning: spurious network error (3 tries remaining): [6] Could not resolve hostname (Could not resolve host: index.crates.io)
sentry-relay> warning: spurious network error (2 tries remaining): [6] Could not resolve hostname (Could not resolve host: index.crates.io)
sentry-relay> warning: spurious network error (1 tries remaining): [6] Could not resolve hostname (Could not resolve host: index.crates.io)
sentry-relay> Updating git repository `https://github.com/getsentry/sysinfo.git`
sentry-relay> warning: spurious network error (3 tries remaining): failed to resolve address for github.com: Temporary failure in name resolution; class=Net (12)
sentry-relay> warning: spurious network error (2 tries remaining): failed to resolve address for github.com: Temporary failure in name resolution; class=Net (12)
sentry-relay> warning: spurious network error (1 tries remaining): failed to resolve address for github.com: Temporary failure in name resolution; class=Net (12)
sentry-relay> error: failed to get `sysinfo` as a dependency of package `relay-server v25.4.0 (/build/source/relay-server)`
sentry-relay>
sentry-relay> Caused by:
sentry-relay> failed to load source for dependency `sysinfo`
sentry-relay>
sentry-relay> Caused by:
sentry-relay> Unable to update https://github.com/getsentry/sysinfo.git?rev=15b3be3273ba286740122fed7bb7dccd2a79dc8f#15b3be32
sentry-relay>
sentry-relay> Caused by:
sentry-relay> failed to clone into: /build/.home/.cargo/git/db/sysinfo-bfa15ca2329ff574
sentry-relay>
sentry-relay> Caused by:
sentry-relay> revision 15b3be3273ba286740122fed7bb7dccd2a79dc8f not found
sentry-relay>
sentry-relay> Caused by:
sentry-relay> network failure seems to have happened
sentry-relay> if a proxy or similar is necessary `net.git-fetch-with-cli` may help here
sentry-relay> https://doc.rust-lang.org/cargo/reference/config.html#netgit-fetch-with-cli
sentry-relay>
sentry-relay> Caused by:
sentry-relay> failed to resolve address for github.com: Temporary failure in name resolution; class=Net (12)
sentry-relay>
sentry-relay> ERROR Backend subprocess exited when trying to invoke build_wheel
| 00:13:28 |
| hexa | Cargo.toml for reference | 00:13:54 |
 @aloisw:julia0815.de | Can you share the nix code? | 04:29:34 |
 Toma | In reply to @hexa:lossy.network
trying to package https://github.com/getsentry/relay/tree/25.4.0 and I'm hitting a bump in the road You could try using rustPlatform.fetchCargoVendor instead, hopefully it will have more obvious error messages
(also it doesn't need a hash for every git dep) | 06:22:21 |
| hexa | https://github.com/mweinelt/nixpkgs/tree/sentry | 14:20:35 |
| hexa | same error | 14:20:56 |
| hexa | * https://github.com/mweinelt/nixpkgs/blob/sentry/pkgs/development/python-modules/sentry-relay/default.nix | 14:21:42 |
 emily | (licence is wrong btw) | 14:30:59 |
| emily | it looks like you haven't set cargoRoot on the fetchCargoVendor, I think that may be required | 14:31:43 |
| @aloisw:julia0815.de | The rustPlatform.cargoSetupHook is missing too. | 14:33:00 |
| emily | oh | 14:33:11 |
| hexa | oops | 14:33:21 |
| emily | that's probably the main issue, yes | 14:33:22 |
| @aloisw:julia0815.de | Well one of the issues, the build still fails with the hook present but with a different error. | 14:33:49 |
| emily | "A Competing Use means making the Software available to others in a commercial product or service that: … substitutes for any other product or service we offer using the Software that exists as of the date we make the Software available" I like how they get to rugpull by starting a competing service that copies your product. | 14:34:27 |
| hexa | yeah, I found https://open.sentry.io/licensing/ pretty reasonable | 14:36:39 |
| hexa | given the territory of unfree licensing | 14:37:03 |
| hexa | and given that they came from bsl | 14:37:25 |
| @aloisw:julia0815.de | In reply to @emilazy:matrix.org
"A Competing Use means making the Software available to others in a commercial product or service that: … substitutes for any other product or service we offer using the Software that exists as of the date we make the Software available" I like how they get to rugpull by starting a competing service that copies your product. Doesn't that exists as of the date we make the Software available mean that they cannot rugpull? | 14:41:33 |
| @aloisw:julia0815.de | (of course I do not know how that behaves with respect to updates) | 14:41:59 |
| emily | right I don't mean that the licence itself is revocable (that would be beyond the pale). just that they can clone your product and then the next day you can't apply a security fix. IOW they can rugpull the software-over-time rather than a specific artefact, which is what most people care about.
compare with the usual anti-competition licence clause that's more like "you can't offer this specific software as SaaS" without exposing you to the unbounded growing portfolio of the company | 14:45:03 |
| emily | (I just find it more eyebrow-raising because it means they can AWS your FOSS all they want despite drafting a licence to stop you doing so with their software) | 14:46:02 |
| emily | anyway, unlikely to be much concrete risk in practice for most users of course. | 14:46:26 |
| @aloisw:julia0815.de | Right, that's what is not clear to me, does "the Software" include security fixes or is every new patch a new "Software"? | 14:46:41 |
| emily | well, really it's more like: usually getting AWS'd doesn't mean you have to shut down your version | 14:47:12 |
| @aloisw:julia0815.de | In any case I'm really tired of these "look at how much worse we were before, sure that's reasonable now" arguments (not limited to software licensing btw). | 14:47:22 |
| emily |
The "Software" is each version of the software that we make available under these Terms and Conditions, as indicated by our inclusion of these Terms and Conditions with the Software.
I'd assume that "any other product or service we offer using the Software that exists as of the date we make the Software available" means when they make each specific version available
| 14:48:04 |
