Skip to content

build.zig.zon file .hash does not include executable bit in practice #16272

New issue
New issue
Closed
Closed
build.zig.zon file .hash does not include executable bit in practice#16272
Labels
bugObserved behavior contradicts documented or intended behaviorzig build systemstd.Build, the build runner, `zig build` subcommand, package management
Milestone
0.12.0
@emidoots

Description

@emidoots
emidoots
opened on Jun 30, 2023

Zig Version

0.11.0-dev.3890+43c98dc11

Steps to Reproduce and Observed Behavior

I was implementing a tool in Go to calculate/update build.zig.zon file hashes. While doing this, I noticed that the Zig implementation in src/Package.zig currently doesn't include executable file bit information in practice.

If I download/extract this tarball using my system tar extractor, you can see we have at least two executable files in it:

freetype-26f9ea0ce8ec934d9d53caec80f6b3d0f857892b % ls -lah *.sh
-rwxrwxr-x  1 slimsag  staff   248B Jun 29 01:13 update.sh
-rwxrwxr-x  1 slimsag  staff   318B Jun 29 01:13 verify.sh

However, if I modify this code in the stdlib to print the file hash and result of isExecutable:

zig/src/Package.zig

Line 718 in 0a6cd25

hasher.update(&.{ 0, @intFromBool(try isExecutable(file)) });

Then we find isExecutable always returns false:

update.sh: 3ade16b05234cffff8aa60857d4ee2f1a90698da63e908148aefe45242ae8075 - false
verify.sh: 7359f08ae3202633064963b58058ef193d2f358c28abe08c035550e3bad8571e - false

This appears to be due to this TODO during tar extraction:

zig/src/Package.zig

Lines 603 to 611 in 0a6cd25

try std.tar.pipeToFileSystem(out_dir, decompress.reader(), .{
.strip_components = 1,
// TODO: we would like to set this to executable_bit_only, but two
// things need to happen before that:
// 1. the tar implementation needs to support it
// 2. the hashing algorithm here needs to support detecting the is_executable
// bit on Windows from the ACLs (see the isExecutable function).
.mode_mode = .ignore,
});

Importantly, this applies to all unix platforms too - not just windows - so once this is fixed, everyone's build.zig.zon file hashes will change.

Expected Behavior

build.zig.zon hashes include executable bit information in them

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugObserved behavior contradicts documented or intended behaviorzig build systemstd.Build, the build runner, `zig build` subcommand, package management

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions