fix: extract whole archive instead of subset#3604
Merged
Merged
Conversation
alexghr
commented
Dec 6, 2023
| resolveDependency(parent: NoirPackage, config: NoirDependencyConfig): Promise<NoirDependency | null> { | ||
| if ('path' in config) { | ||
| const parentPath = parent.getPackagePath(); | ||
| const dependencyPath = isAbsolute(config.path) ? config.path : join(parentPath, config.path); |
Contributor
Author
There was a problem hiding this comment.
Kinda worried about someone putting /etc/passwd in their dependency list. Maybe we make it only accept relative deps?
Contributor
There was a problem hiding this comment.
resolveDependency is only used for loading stuff, right? We're not writing to the resolved directory at any time? If so, I think it's not that bad, since at most it'd exfiltrate /etc/passwd to the noir compiler, and won't overwrite anything.
Contributor
Author
There was a problem hiding this comment.
Yep, that's how it works. The Github resolver does write to the disk (to unzip the archive), but writing to the disk is strictly checked (can only write to a given subfolder).
Collaborator
Benchmark resultsMetrics with a significant change:
Detailed resultsAll benchmarks are run on txs on the This benchmark source data is available in JSON format on S3 here. Values are compared against data from master at commit L2 block published to L1Each column represents the number of txs on an L2 block published to L1.
L2 chain processingEach column represents the number of blocks on the L2 chain where each block has 16 txs.
Circuits statsStats on running time and I/O sizes collected for every circuit run across all benchmarks.
MiscellaneousTransaction sizes based on how many contracts are deployed in the tx.
|
spalladino
approved these changes
Dec 6, 2023
spalladino
left a comment
spalladino
left a comment
Contributor
There was a problem hiding this comment.
I understand that this would fix things for aztec-nr just because its dependencies happen to be on the same repository, right? If so, let's make sure we roll back this change when we implement a more thorough solution. But it looks good to get us out from this issue!
| resolveDependency(parent: NoirPackage, config: NoirDependencyConfig): Promise<NoirDependency | null> { | ||
| if ('path' in config) { | ||
| const parentPath = parent.getPackagePath(); | ||
| const dependencyPath = isAbsolute(config.path) ? config.path : join(parentPath, config.path); |
Contributor
There was a problem hiding this comment.
resolveDependency is only used for loading stuff, right? We're not writing to the resolved directory at any time? If so, I think it's not that bad, since at most it'd exfiltrate /etc/passwd to the noir compiler, and won't overwrite anything.
alexghr
pushed a commit
that referenced
this pull request
Dec 6, 2023
🤖 I have created a release *beep* *boop* --- <details><summary>aztec-packages: 0.16.7</summary> ## [0.16.7](aztec-packages-v0.16.6...aztec-packages-v0.16.7) (2023-12-06) ### Features * Encapsulated Goblin ([#3524](#3524)) ([2f08423](2f08423)) ### Bug Fixes * Extract whole archive instead of subset ([#3604](#3604)) ([cb000d8](cb000d8)) ### Documentation * **yellow-paper:** Note hash, nullifier, and public data trees ([#3518](#3518)) ([0e2db8b](0e2db8b)) </details> <details><summary>barretenberg.js: 0.16.7</summary> ## [0.16.7](barretenberg.js-v0.16.6...barretenberg.js-v0.16.7) (2023-12-06) ### Miscellaneous * **barretenberg.js:** Synchronize aztec-packages versions </details> <details><summary>barretenberg: 0.16.7</summary> ## [0.16.7](barretenberg-v0.16.6...barretenberg-v0.16.7) (2023-12-06) ### Features * Encapsulated Goblin ([#3524](#3524)) ([2f08423](2f08423)) </details> --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
AztecBot
added a commit
to AztecProtocol/barretenberg
that referenced
this pull request
Dec 7, 2023
🤖 I have created a release *beep* *boop* --- <details><summary>aztec-packages: 0.16.7</summary> ## [0.16.7](AztecProtocol/aztec-packages@aztec-packages-v0.16.6...aztec-packages-v0.16.7) (2023-12-06) ### Features * Encapsulated Goblin ([#3524](AztecProtocol/aztec-packages#3524)) ([2f08423](AztecProtocol/aztec-packages@2f08423)) ### Bug Fixes * Extract whole archive instead of subset ([#3604](AztecProtocol/aztec-packages#3604)) ([cb000d8](AztecProtocol/aztec-packages@cb000d8)) ### Documentation * **yellow-paper:** Note hash, nullifier, and public data trees ([#3518](AztecProtocol/aztec-packages#3518)) ([0e2db8b](AztecProtocol/aztec-packages@0e2db8b)) </details> <details><summary>barretenberg.js: 0.16.7</summary> ## [0.16.7](AztecProtocol/aztec-packages@barretenberg.js-v0.16.6...barretenberg.js-v0.16.7) (2023-12-06) ### Miscellaneous * **barretenberg.js:** Synchronize aztec-packages versions </details> <details><summary>barretenberg: 0.16.7</summary> ## [0.16.7](AztecProtocol/aztec-packages@barretenberg-v0.16.6...barretenberg-v0.16.7) (2023-12-06) ### Features * Encapsulated Goblin ([#3524](AztecProtocol/aztec-packages#3524)) ([2f08423](AztecProtocol/aztec-packages@2f08423)) </details> --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
This was referenced Dec 11, 2023
alexghr
added a commit
that referenced
this pull request
Dec 15, 2023
This PR fixes an issue with how we mirror code in the monorepo to aztecprotocol/aztec-nr. A while back the root aztec library added a dependency on noir-protocol-circuits. In the monorepo this is achieved by use of a relative path in Nargo.toml. This works fine for contracts that pull in Aztec.nr through the monorepo (see also #3604) but it breaks projects that use [AztecProtocol/aztec-nr](https://github.com/AztecProtocol/aztec-nr) because the relative path won't exist in the mirrored repo. What this PR does is map any relative dependencies to protocol circuits to a git dependency before pushing that commit to the mirrored repo. It then undoes this change before pushing to the monorepo (we want to keep using relative paths in the monorepo). I would've preferred using `yq` since it claims it suports TOML (and is included in the default Github actions package list) but its support is limited to only basic types (so no objects like `{path="..."}`) and it can only read toml but not write it. mikefarah/yq#1364 (comment)
michaelelliot
pushed a commit
to Swoir/noir_rs
that referenced
this pull request
Feb 28, 2024
This PR fixes an issue with how we mirror code in the monorepo to aztecprotocol/aztec-nr. A while back the root aztec library added a dependency on noir-protocol-circuits. In the monorepo this is achieved by use of a relative path in Nargo.toml. This works fine for contracts that pull in Aztec.nr through the monorepo (see also AztecProtocol#3604) but it breaks projects that use [AztecProtocol/aztec-nr](https://github.com/AztecProtocol/aztec-nr) because the relative path won't exist in the mirrored repo. What this PR does is map any relative dependencies to protocol circuits to a git dependency before pushing that commit to the mirrored repo. It then undoes this change before pushing to the monorepo (we want to keep using relative paths in the monorepo). I would've preferred using `yq` since it claims it suports TOML (and is included in the default Github actions package list) but its support is limited to only basic types (so no objects like `{path="..."}`) and it can only read toml but not write it. mikefarah/yq#1364 (comment)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR changes the behaviour of the dependency resolver in noir-compiler to extract a whole zip archiver from Github instead of cherry-picking just the given path. This makes it so that relative dependencies inside the archive are resolved correctly with the tradeoff that now it extract everything (e.g. aztec-packages extracts 80mb but aztec-nr is only ~1MB of code)