Re: holding rust at a particular version

On Tue, Apr 16, 2024 at 04:19:34AM +0100, Jamie Landeg-Jones wrote:

>I don't use poudriere, but for normal port buidling, and
>specifically for rust, set this is /etc/make.conf:
>
>CARGO_BUILDDEP= "any-version"

this might have fixed it for me - testing right now

>If you then install a new rust port, it won't require updating rust.
>
>However, as you noticed, all the rust ports get version-bumped when
>there is a new rust, so presumably if your setup does a "build all new ports",
>then they will be affected by this.

yeah. The other method would be taking the commit back to 1.76
and checking that none of the ports I'm using which are dependent on rust
are themselves requiring a version bump for vuln reasons.

The entire exercise is to get round having to build latest rust
locally on a weak system. Rust is a special case because it won't
build under qemu. rust on arm64 pkg servers is 1.76 but in
ports it's 1.77.

>Secondly, I'm sure some people reading this are screaming in horror - there
>are obviously reasons why it's been decided to bump all the rust ports,
>support and security issues based on previous rust versions being just two,
>so, take this advice with a pinch of salt.

I don't know what the reasons are. If it's to patch a vuln, and that vuln
is either in rust itself or in something that needs it to build, then
fair enough, it's just going to have to build latest rust.

>On my slower machines I less care about, I have a script that automatically
>sets the DEFAULT_VERSIONS for various things (in a file /var/run/port-default.versions.mk
>that is loaded by make.conf) to the latest currently installed version - but
>only if that version is still a valid port in the ports tree.
>
>It's here if you're interested: https://www.catflap.org/jamie/freebsd/

The DEFAULT_VERSIONS for rust in /var/run/port-default.versions.mk
are either rust or rust-nightly. I can't see how the version can be held
to a numeric value here.

thanks for everything. your link looks interesting.
--