Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't depend on hashable directly #10140

Closed
phadej opened this issue Jun 24, 2024 · 0 comments · Fixed by #10316
Closed

Don't depend on hashable directly #10140

phadej opened this issue Jun 24, 2024 · 0 comments · Fixed by #10316
Labels
attention: pr-welcome newcomer newcomer: 3-multi-file-refactor type: enhancement

Comments

@phadej
Copy link
Collaborator

phadej commented Jun 24, 2024
edited
Loading

AFAICT, the hashable is used for semi-persistent, low-rate hashing. The hashable is not designed for that:

localFileNameForRemoteTarball :: URI -> FilePath
localFileNameForRemoteTarball uri =
  mangleName uri
    ++ "-"
    ++ showHex locationHash ""
  where
    mangleName =
      truncateString 10
        . dropExtension
        . dropExtension
        . takeFileName
        . dropTrailingPathSeparator
        . uriPath

    locationHash :: Word
    locationHash = fromIntegral (Hashable.hash (uriToString id uri ""))

You'd be better of to use e.g. https://hackage.haskell.org/package/cryptohash-sha256 on which cabal-install depends through hackage-security anyway.

Clarification: the usage is persistent, if the user happens to have even the same cabal-install version compiled against the different hashable versions; they won't find the same local files / caches. Don't use hashable for persistence.
jaspervdj added a commit to jaspervdj/cabal that referenced this issue Sep 5, 2024
@jaspervdj
Remove hashable dependency
bf37272 
See haskell#10140
@jaspervdj jaspervdj mentioned this issue Sep 5, 2024
Merged
2 tasks
jaspervdj added a commit to jaspervdj/cabal that referenced this issue Sep 5, 2024
@jaspervdj
Remove hashable dependency
19ab916 
See haskell#10140
jaspervdj added a commit to jaspervdj/cabal that referenced this issue Sep 5, 2024
@jaspervdj
Remove hashable dependency
9dd2457 
See haskell#10140
@ulysses4ever ulysses4ever linked a pull request Oct 2, 2024 that will close this issue
Remove hashable dependency #10316
Merged
2 tasks
@mergify mergify bot closed this as completed in #10316 Nov 7, 2024
@mergify mergify bot mentioned this issue Nov 7, 2024
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
attention: pr-welcome newcomer newcomer: 3-multi-file-refactor type: enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remove hashable dependency jaspervdj/cabal
2 participants
@phadej @ulysses4ever