Only invoke vendor_rust if network isolation set #533
Conversation
See: python-wheel-build#529 While improving the vendor logic for more complex source cases this fixes building cryptography if network isolation turned off Signed-off-by: Pris Nasrat <[email protected]>
There was a problem hiding this comment.
This should be a separate option. I don't like the idea that the network isolation flags affects how sdists and packages are built. It should be a separate option.
Network isolation is not available on most platforms except some Linux systems. Even on Linux, network isolation is only possible in some cases. For example, it doesn't work in user containers on Ubuntu unless root disables a policy.
I hadn't considered that, but it's a good point. Maybe the default behavior depends on whether network isolation is enabled? Or are they completely unrelated? |
If we decide to make vendoring optional, then it should be a separate option. Hermetic builds and vendoring are not tightly coupled. All possible combination of network isolation flag and vendor flag have a use case
(1) and (3) are currently not possible because we don't have an option to disable vendoring. Several Linux distros like Fedora follow approach (3). Fedora installs Rust crates from RPMs and configures cargo to use local, pre-installed packages instead of crates.io. |
See: #529
While improving the vendor logic for more complex source cases this fixes building cryptography if network isolation turned off
Signed-off-by: Pris Nasrat [email protected]