Message ID | 20220826130843.264607-1-johan.oudinet@gmail.com |
---|---|
State | Accepted |
Headers | show |
Series | [v2] package/forge: new package | expand |
Johan, All, On 2022-08-26 15:08 +0200, Johan Oudinet spake thusly: > A native implementation of TLS (and various other cryptographic tools) > in JavaScript. > > Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com> [--SNIP--] > diff --git a/package/forge/forge.mk b/package/forge/forge.mk > new file mode 100644 > index 0000000000..c26f550c83 > --- /dev/null > +++ b/package/forge/forge.mk > @@ -0,0 +1,28 @@ > +################################################################################ > +# > +# forge > +# > +################################################################################ > + > +FORGE_VERSION = 1.3.1 > +FORGE_SITE = $(call github,digitalbazaar,forge,v$(FORGE_VERSION)) > +FORGE_LICENSE = BSD-3-Clause, GPL-2.0 > +FORGE_LICENSE_FILES = LICENSE > + > +FORGE_DEPENDENCIES = host-nodejs > + > +define FORGE_BUILD_CMDS > + cd $(@D) && $(NPM) install && $(NPM) run build So we have to install before we can build? I would have expected the other way around... I have (almost) zero experience with npm, so I am not sure about the semantics of 'install' vs. 'build'. Also, where does 'install' installs things? Regards, Yann E. MORIN. > +endef > + > +# Install .min.js as .js > +define FORGE_INSTALL_TARGET_CMDS > + $(INSTALL) -m 644 -D $(@D)/dist/forge.all.min.js \ > + $(TARGET_DIR)/var/www/forge.all.js > + $(INSTALL) -m 644 -D $(@D)/dist/forge.min.js \ > + $(TARGET_DIR)/var/www/forge.js > + $(INSTALL) -m 644 -D $(@D)/dist/prime.worker.min.js \ > + $(TARGET_DIR)/var/www/prime.worker.js > +endef > + > +$(eval $(generic-package)) > -- > 2.34.1 > > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot
Hello, On Sat, 27 Aug 2022 10:47:32 +0200 "Yann E. MORIN" <yann.morin.1998@free.fr> wrote: > > +FORGE_VERSION = 1.3.1 > > +FORGE_SITE = $(call github,digitalbazaar,forge,v$(FORGE_VERSION)) > > +FORGE_LICENSE = BSD-3-Clause, GPL-2.0 > > +FORGE_LICENSE_FILES = LICENSE > > + > > +FORGE_DEPENDENCIES = host-nodejs > > + > > +define FORGE_BUILD_CMDS > > + cd $(@D) && $(NPM) install && $(NPM) run build > > So we have to install before we can build? I would have expected the > other way around... I have (almost) zero experience with npm, so I am > not sure about the semantics of 'install' vs. 'build'. > > Also, where does 'install' installs things? And side questions are: - Does this $(NPM) install step downloads stuff? If it does, then it's wrong, because it works around Buildroot's download infrastructure. - Does this $(NPM) install step installs extra stuff? If it does, are these extra things accounted for from a legal information perspective? Yeah, I know, annoying questions :-) Thanks! Thomas
Thomas, All, On 2022-08-28 10:06 +0200, Thomas Petazzoni spake thusly: > On Sat, 27 Aug 2022 10:47:32 +0200 > "Yann E. MORIN" <yann.morin.1998@free.fr> wrote: [--SNIP--] > > > +define FORGE_BUILD_CMDS > > > + cd $(@D) && $(NPM) install && $(NPM) run build [--SNIP--] > And side questions are: > - Does this $(NPM) install step downloads stuff? If it does, then it's > wrong, because it works around Buildroot's download infrastructure. Yes, as far as I understand, that's where the vendoring step happens. Unless we have a download post-process step like we have for go and cargo, there is not much we can do about that. See also my further reply on the previous iteration [0]. Also that install-then-build sequence seems to be canon, see [1]. But before we introduce either a download prost-process and/or an npm-package infrastructure, it would be better [2] to have more than two data-points. [0] https://lore.kernel.org/buildroot/20220826210712.GE37358@scaer/ [1] https://lore.kernel.org/buildroot/20220827093603.GT37358@scaer/ [2] I said "better", not "nice", on purpose. ;-] > - Does this $(NPM) install step installs extra stuff? If it does, are > these extra things accounted for from a legal information > perspective? Yeah, it does install the vendored stuff. And of course it is not accounted for, what did you hope? ;-) So, yes, FORGE_LICENSE should include something like: , vendored dependencies licenses probably not listed > Yeah, I know, annoying questions :-) Hehe... :-] Regards, Yann E. MORIN.
Yann, Thomas, All, On Sun, Aug 28, 2022 at 10:35 AM Yann E. MORIN <yann.morin.1998@free.fr> wrote: > On 2022-08-28 10:06 +0200, Thomas Petazzoni spake thusly: > > On Sat, 27 Aug 2022 10:47:32 +0200 > > "Yann E. MORIN" <yann.morin.1998@free.fr> wrote: > [--SNIP--] > > > > +define FORGE_BUILD_CMDS > > > > + cd $(@D) && $(NPM) install && $(NPM) run build > [--SNIP--] > > And side questions are: > > - Does this $(NPM) install step downloads stuff? If it does, then it's > > wrong, because it works around Buildroot's download infrastructure. > > Yes, as far as I understand, that's where the vendoring step happens. > Unless we have a download post-process step like we have for go and > cargo, there is not much we can do about that. See also my further reply > on the previous iteration [0]. > > Also that install-then-build sequence seems to be canon, see [1]. > > But before we introduce either a download prost-process and/or an > npm-package infrastructure, it would be better [2] to have more than > two data-points. > > [0] https://lore.kernel.org/buildroot/20220826210712.GE37358@scaer/ > [1] https://lore.kernel.org/buildroot/20220827093603.GT37358@scaer/ > [2] I said "better", not "nice", on purpose. ;-] This is exactly that. > > - Does this $(NPM) install step installs extra stuff? If it does, are > > these extra things accounted for from a legal information > > perspective? > > Yeah, it does install the vendored stuff. And of course it is not > accounted for, what did you hope? ;-) > > So, yes, FORGE_LICENSE should include something like: > > , vendored dependencies licenses probably not listed > Ok, do I propose a v3 with the suggested sentence to FORGE_LICENSE or should I do something else?
Hello Johan, On Fri, 26 Aug 2022 15:08:43 +0200 Johan Oudinet <johan.oudinet@gmail.com> wrote: > A native implementation of TLS (and various other cryptographic tools) > in JavaScript. > > Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com> > --- > Changes v1 -> v2: > - build with npm (suggested by Yann E. Morin) > --- > DEVELOPERS | 1 + > package/Config.in | 1 + > package/forge/Config.in | 10 ++++++++++ > package/forge/forge.hash | 3 +++ > package/forge/forge.mk | 28 ++++++++++++++++++++++++++++ > 5 files changed, 43 insertions(+) > create mode 100644 package/forge/Config.in > create mode 100644 package/forge/forge.hash > create mode 100644 package/forge/forge.mk I have applied, but after changing the patch to do like we did for chartjs: use pre-compiled JS files. Indeed, having a dependency on host-nodejs is really heavy, and the fact that we don't have vendoring support yet makes using npm during the build not very nice. So for the time being, we'll use pre-generated JS files. See: https://gitlab.com/buildroot.org/buildroot/-/commit/d1938358ec119869a63af7622391f6a8de1fbb16 Thanks a lot! Thomas
diff --git a/DEVELOPERS b/DEVELOPERS index d2bd0d809a..c7e6407cdc 100644 --- a/DEVELOPERS +++ b/DEVELOPERS @@ -1530,6 +1530,7 @@ F: package/erlang-p1-xmpp/ F: package/erlang-p1-yaml/ F: package/erlang-p1-yconf/ F: package/erlang-p1-zlib/ +F: package/forge/ F: package/nginx-dav-ext/ F: package/vis-network/ F: package/vuejs/ diff --git a/package/Config.in b/package/Config.in index d1c098c48f..c073c82611 100644 --- a/package/Config.in +++ b/package/Config.in @@ -1687,6 +1687,7 @@ endif source "package/duktape/Config.in" source "package/explorercanvas/Config.in" source "package/flot/Config.in" + source "package/forge/Config.in" source "package/jquery/Config.in" if BR2_PACKAGE_JQUERY menu "External jQuery plugins" diff --git a/package/forge/Config.in b/package/forge/Config.in new file mode 100644 index 0000000000..87a3fcb3e0 --- /dev/null +++ b/package/forge/Config.in @@ -0,0 +1,10 @@ +config BR2_PACKAGE_FORGE + bool "forge" + depends on BR2_PACKAGE_HOST_QEMU_USER_ARCH_SUPPORTS # host-nodejs + depends on BR2_HOST_GCC_AT_LEAST_8 # host-nodejs + select BR2_PACKAGE_HOST_NODEJS + help + A native implementation of TLS (and various other + cryptographic tools) in JavaScript. + + https://github.com/digitalbazaar/forge diff --git a/package/forge/forge.hash b/package/forge/forge.hash new file mode 100644 index 0000000000..3f73d3e050 --- /dev/null +++ b/package/forge/forge.hash @@ -0,0 +1,3 @@ +# Locally computed +sha256 b330b05ef109a00fc96ae188a3a9ac6c9053a511957a5c9534f7635fefee45a2 forge-1.3.1.tar.gz +sha256 f63ff0e4e239244aa79280da2dd4811a0469e5e201caf5cbc0d97c3a1dff8e82 LICENSE diff --git a/package/forge/forge.mk b/package/forge/forge.mk new file mode 100644 index 0000000000..c26f550c83 --- /dev/null +++ b/package/forge/forge.mk @@ -0,0 +1,28 @@ +################################################################################ +# +# forge +# +################################################################################ + +FORGE_VERSION = 1.3.1 +FORGE_SITE = $(call github,digitalbazaar,forge,v$(FORGE_VERSION)) +FORGE_LICENSE = BSD-3-Clause, GPL-2.0 +FORGE_LICENSE_FILES = LICENSE + +FORGE_DEPENDENCIES = host-nodejs + +define FORGE_BUILD_CMDS + cd $(@D) && $(NPM) install && $(NPM) run build +endef + +# Install .min.js as .js +define FORGE_INSTALL_TARGET_CMDS + $(INSTALL) -m 644 -D $(@D)/dist/forge.all.min.js \ + $(TARGET_DIR)/var/www/forge.all.js + $(INSTALL) -m 644 -D $(@D)/dist/forge.min.js \ + $(TARGET_DIR)/var/www/forge.js + $(INSTALL) -m 644 -D $(@D)/dist/prime.worker.min.js \ + $(TARGET_DIR)/var/www/prime.worker.js +endef + +$(eval $(generic-package))
A native implementation of TLS (and various other cryptographic tools) in JavaScript. Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com> --- Changes v1 -> v2: - build with npm (suggested by Yann E. Morin) --- DEVELOPERS | 1 + package/Config.in | 1 + package/forge/Config.in | 10 ++++++++++ package/forge/forge.hash | 3 +++ package/forge/forge.mk | 28 ++++++++++++++++++++++++++++ 5 files changed, 43 insertions(+) create mode 100644 package/forge/Config.in create mode 100644 package/forge/forge.hash create mode 100644 package/forge/forge.mk