Packaging Rust Applications for the NPM Registry
Recently I packaged my project git-cliff (changelog generator written in Rust) for NPM with the help of my friend @atlj. I thought this would be an interesting topic for a blog post since it has a certain technical depth about distributing binaries and frankly it still amazes me how the whole thing works so smoothly. So let's create a simple Rust project, package it for NPM and fully automate the release process via GitHub Actions.
https://blog.orhun.dev/packaging-rust-for-npm/
#planetarch
Recently I packaged my project git-cliff (changelog generator written in Rust) for NPM with the help of my friend @atlj. I thought this would be an interesting topic for a blog post since it has a certain technical depth about distributing binaries and frankly it still amazes me how the whole thing works so smoothly. So let's create a simple Rust project, package it for NPM and fully automate the release process via GitHub Actions.
https://blog.orhun.dev/packaging-rust-for-npm/
#planetarch
π4
Call for participation: Git packaging POC
https://lists.archlinux.org/archives/li β¦ WE6GFWUJN/ Hi everyone! Levente and I have been busy preparing a test environment for the new git package workflow, which is going to replace the svn repository. To test the new git package setup install
https://bbs.archlinux.org/viewtopic.php?id=283222
#planetarch
https://lists.archlinux.org/archives/li β¦ WE6GFWUJN/ Hi everyone! Levente and I have been busy preparing a test environment for the new git package workflow, which is going to replace the svn repository. To test the new git package setup install
devtools-git-poc from the community repository and use the new pkgctl utility. Please check each time if there is a new upgrade before playing around. The goal of the testing is to figure out UX issues, bugs and larger issues that would need to be dealt with before a git migration can happen. It's therefor very important that people sit down and play around β¦https://bbs.archlinux.org/viewtopic.php?id=283222
#planetarch
π₯3
Switch to the base-devel meta package requires manual intervention
On February 2nd, the
If you installed the
https://archlinux.org/news/switch-to-the-base-devel-meta-package-requires-manual-intervention/
#news
On February 2nd, the
base-devel package group has been replaced by a meta package of the same name. If you installed the
base-devel package group prior to this date, explicitly re-install it to get the new base-devel package installed on the system:pacman -Syu base-develhttps://archlinux.org/news/switch-to-the-base-devel-meta-package-requires-manual-intervention/
#news
π3π₯2π1
Zig Bits 0x1: Returning slices from functions
I decided to start a new blog series called "Zig Bits" where I share interesting bits of information about the Zig programming language. It is written especially for beginners because I'm also a beginner.
https://blog.orhun.dev/zig-bits-01/
#planetarch
I decided to start a new blog series called "Zig Bits" where I share interesting bits of information about the Zig programming language. It is written especially for beginners because I'm also a beginner.
https://blog.orhun.dev/zig-bits-01/
#planetarch
Introducing runst: Handle desktop notifications neatly on Linux!
https://blog.orhun.dev/introducing-runst/
#planetarch
runst is a dead simple notification daemon 𦑠In this post, I'm introducing the project and giving different usage examples that will improve your Linux desktop experience.https://blog.orhun.dev/introducing-runst/
#planetarch
π3π1
If you have one project and you keep bragging about it, just stop.
Some thoughts on projects and ego management.
https://blog.orhun.dev/manage-your-ego/
#planetarch
Some thoughts on projects and ego management.
https://blog.orhun.dev/manage-your-ego/
#planetarch
π3
Arch Linux in February 2023
Git packaging sources
All major workflow and usability requirements for the
https://monthly-reports.archlinux.page/2023/02/
#planetarch
Git packaging sources
All major workflow and usability requirements for the
pkgctl tooling have been finished and a experimental devtools-git-poc package has been put into the repositories. Furthermore the proof of concept sandbox environment has been set up and rolled out to anyone interested in testing. In the current phase we will collect feedback to catch bugs and further usability improvements [0]. We are still very eagerly seeking for more testers.https://monthly-reports.archlinux.page/2023/02/
#planetarch
π1
Zig Bits 0x2: Using defer to defeat memory leaks
Let's talk about how to detect memory leaks in Zig and avoid them by using the
https://blog.orhun.dev/zig-bits-02/
#planetarch
Let's talk about how to detect memory leaks in Zig and avoid them by using the
defer statement.https://blog.orhun.dev/zig-bits-02/
#planetarch
Setting up a packaging environment for Alpine Linux (introducing alpkg)
Recently I have been interested in Alpine Linux and thought it would be nice to maintain some Rust packages in their repositories. In this post, I will share my notes/adventures on setting up a packaging environment and a tool called "alpkg" for automating this process.
https://blog.orhun.dev/alpine-packaging-setup/
#planetarch
Recently I have been interested in Alpine Linux and thought it would be nice to maintain some Rust packages in their repositories. In this post, I will share my notes/adventures on setting up a packaging environment and a tool called "alpkg" for automating this process.
https://blog.orhun.dev/alpine-packaging-setup/
#planetarch
π3
Writing a Linux executable from scratch with x86_64-unknown-none and Rust
I recently mentioned on the internet I did work in this direction and a friend of mine asked me to write a blogpost on this. I didnβt blog for a long time (keeping all the goodness for myself hehe), so here we go. π¦ To set the scene, letβs assume we want to make an exectuable binary for x86_64 Linux thatβs supposed to be extremely portable. It should work on both Debian and Arch Linux. It should work on systems without glibc like Alpine Linux. It should even work in a FROM scratch Docker container. In a more serious setting β¦
https://vulns.xyz/2023/03/linux-executable-from-scratch-with-x86_64-unknown-none-rust/
#planetarch
I recently mentioned on the internet I did work in this direction and a friend of mine asked me to write a blogpost on this. I didnβt blog for a long time (keeping all the goodness for myself hehe), so here we go. π¦ To set the scene, letβs assume we want to make an exectuable binary for x86_64 Linux thatβs supposed to be extremely portable. It should work on both Debian and Arch Linux. It should work on systems without glibc like Alpine Linux. It should even work in a FROM scratch Docker container. In a more serious setting β¦
https://vulns.xyz/2023/03/linux-executable-from-scratch-with-x86_64-unknown-none-rust/
#planetarch
March
Arch Linux in March 2023 # Git packaging sources # We have improved a lot of pieces in pkgctl according to the feedback from the sandbox environment. Most notably it is possible to provide GitLab tokens via the DEVTOOLS_GITLAB_TOKEN environment variable, pass nocheck to the build command for bootstrap builds, handle subrelease pkgrels as well as several bugfixes. We are doing another round of testing and would like to proceed with the rollout afterwards.
https://monthly-reports.archlinux.page/2023/03/
#planetarch
Arch Linux in March 2023 # Git packaging sources # We have improved a lot of pieces in pkgctl according to the feedback from the sandbox environment. Most notably it is possible to provide GitLab tokens via the DEVTOOLS_GITLAB_TOKEN environment variable, pass nocheck to the build command for bootstrap builds, handle subrelease pkgrels as well as several bugfixes. We are doing another round of testing and would like to proceed with the rollout afterwards.
https://monthly-reports.archlinux.page/2023/03/
#planetarch
π3
Zig Bits 0x3: Mastering project management in Zig
In this post, I'm sharing tips & tricks about managing/maintaining an open-source Zig project and mentioning the commonly used practices. I'm also giving a brief introduction to my first-ever Zig project "**linuxwave**" which led to the writing of this series.
https://blog.orhun.dev/zig-bits-03/
#planetarch
In this post, I'm sharing tips & tricks about managing/maintaining an open-source Zig project and mentioning the commonly used practices. I'm also giving a brief introduction to my first-ever Zig project "**linuxwave**" which led to the writing of this series.
https://blog.orhun.dev/zig-bits-03/
#planetarch
Golang crypto/ecdh and the TPM
I have lately been trying to learn more about the Trusted Platform Module (TPM) as they are capable of key creation and sealing secrets in a secure manner. They are common hardware these days and make for a reasonable ways to store secrets. age is a file encryption/decryption tool from Filippo Valsorda which a lot of people have been using to replace GnuPG for things like password-store. It has a few plugins doing things like storing keys on Yubikey, Trezor hardware wallets or the Apple Secure Enclave, however it doesnβt have a TPM plugin.
https://linderud.dev/blog/golang-crypto/ecdh-and-the-tpm/
#planetarch
I have lately been trying to learn more about the Trusted Platform Module (TPM) as they are capable of key creation and sealing secrets in a secure manner. They are common hardware these days and make for a reasonable ways to store secrets. age is a file encryption/decryption tool from Filippo Valsorda which a lot of people have been using to replace GnuPG for things like password-store. It has a few plugins doing things like storing keys on Yubikey, Trezor hardware wallets or the Apple Secure Enclave, however it doesnβt have a TPM plugin.
https://linderud.dev/blog/golang-crypto/ecdh-and-the-tpm/
#planetarch
April
Arch Linux in April 2023 # project management # Weβve create a GitLab Board [0\] to track all tasks related to project management and project leadership. This Board allows us to visualize the exact state of tasks using different lanes and labels, making it easier to keep track of ongoing progress. Additionally, tasks will receive comments and lane updates to reflect the latest developments. This is another step towards providing increased transparency, structure, and visibility for our staff and users alike.
https://monthly-reports.archlinux.page/2023/04/
#planetarch
Arch Linux in April 2023 # project management # Weβve create a GitLab Board [0\] to track all tasks related to project management and project leadership. This Board allows us to visualize the exact state of tasks using different lanes and labels, making it easier to keep track of ongoing progress. Additionally, tasks will receive comments and lane updates to reflect the latest developments. This is another step towards providing increased transparency, structure, and visibility for our staff and users alike.
https://monthly-reports.archlinux.page/2023/04/
#planetarch
π8
Git migration announcement
This Friday morning (2023-05-19) the Git packaging migration will start until Sunday (2023-05-21). The Arch Linux packaging team will not be able to update packages in any of the repositories during this period.
Notification when the migration starts, and when it is completed, will be published on the
How does this impact Arch Linux users?
The
All affected repositories will be provided as empty repositories for a transition period after the migration. For regular users, this means that everything works as before.
Note: After the migration is done, users that have the testing repositories enabled need to include the new repositories (
Other changes:
* SVN access is discontinued and will dissappear.
* The svn2git mirror will no longer be updated.
*
How does this impact Arch Linux tier 1 mirrors?
During the migration rsync and HTTP access will be shut down. We will send an email notification to arch-mirrors once everything has been finished.
How does this impact Arch Linux packagers?
Packagers will not be able to patch and update their packages. The internal Tier 0 mirror is also going to be disabled for the duration of this migration.
https://archlinux.org/news/git-migration-announcement/
#news
This Friday morning (2023-05-19) the Git packaging migration will start until Sunday (2023-05-21). The Arch Linux packaging team will not be able to update packages in any of the repositories during this period.
Notification when the migration starts, and when it is completed, will be published on the
[arch-dev-public] mailing list.How does this impact Arch Linux users?
The
[testing] repository will be split into [core-testing] and [extra-testing], the [staging] repository will be split into [core-staging] and [extra-staging]. The [community] repository will be merged into [extra] and will therefore be empty after the migration.All affected repositories will be provided as empty repositories for a transition period after the migration. For regular users, this means that everything works as before.
Note: After the migration is done, users that have the testing repositories enabled need to include the new repositories (
[core-testing] and [extra-testing] instead of [testing]) in their pacman.conf before updating their system.Other changes:
* SVN access is discontinued and will dissappear.
* The svn2git mirror will no longer be updated.
*
asp, which relies on the svn2git mirror, will stop working. It is replaced by pkgctl repo clone.How does this impact Arch Linux tier 1 mirrors?
During the migration rsync and HTTP access will be shut down. We will send an email notification to arch-mirrors once everything has been finished.
How does this impact Arch Linux packagers?
Packagers will not be able to patch and update their packages. The internal Tier 0 mirror is also going to be disabled for the duration of this migration.
https://archlinux.org/news/git-migration-announcement/
#news
π3π2β€βπ₯1π―1π1
Git migration completed
We are proud to announce that the migration to Git packaging succeeded! π₯³
Thanks to everyone who has helped during the migration!
Package sources are now available on GitLab. Note that the bugtracker is still flyspray and that merge requests are not accepted as of now. We intend to open the issue tracker and merge requests on the Gitlab package repos in the near future.
Mirrors are syncing again, but it may take a bit of time until your mirror of choice has caught up.
## For users
Update your system and merge the pacman pacnew
For users of the now deprecated
For some more detailed instructions on how to obtain PKGBUILDs see the corresponding wiki article.
## For packagers
Before starting, first uninstall
Make sure you have both, an updated devtools and pacman on your system:
Additionally clean up old chroots in
For instruction on how to use
https://archlinux.org/news/git-migration-completed/
#news
We are proud to announce that the migration to Git packaging succeeded! π₯³
Thanks to everyone who has helped during the migration!
Package sources are now available on GitLab. Note that the bugtracker is still flyspray and that merge requests are not accepted as of now. We intend to open the issue tracker and merge requests on the Gitlab package repos in the near future.
Mirrors are syncing again, but it may take a bit of time until your mirror of choice has caught up.
## For users
Update your system and merge the pacman pacnew
/etc/pacman.conf.pacnew file. This is required as we have moved the [community] repository into [extra].$ pacman -Syu "pacman>=6.0.2-7"
For users of the now deprecated
asp tool, you will need to switch to pkgctl:$ pacman -Syu "devtools>=1:1.0.0-1"
$ pkgctl repo clone linux
For some more detailed instructions on how to obtain PKGBUILDs see the corresponding wiki article.
## For packagers
Before starting, first uninstall
devtools-git-poc and remove any repos from your filesystem that you cloned during the git proof-of-concept testing.Make sure you have both, an updated devtools and pacman on your system:
$ pacman -Syu "devtools>=1:1.0.0-1" "pacman>=6.0.2-7"
Additionally clean up old chroots in
/var/lib/archbuild/$ rm -rf /var/lib/archbuild/
# or optionally, use the --clean option for pkgctl build *ONCE*
$ pkgctl build --clean
For instruction on how to use
pkgctl, please take a look at the "How to be a packager" wiki article and also consult the man page of each subcommand for further information:$ man pkgctl-build
$ man pkgctl-repo-clone
https://archlinux.org/news/git-migration-completed/
#news
π12π5
OpenBLAS >= 0.3.23-2 update requires manual intervention
The openblas package prior to version 0.3.23-2 doesn't ship optimized LAPACK routine and CBLAS/LAPACKE interfaces for compatibility. This decision has been reverted now, and the ability to choose a different default system BLAS/LAPACK implementation while keeping openblas installed is now provided to allow future co-installation of BLIS, ATLAS, etc.
The default BLAS implementation will be used for most packages like NumPy or R. Please install "blas-openblas" and "blas64-openblas" to make OpenBLAS the default BLAS implementation, just like the old behavior.
Unfortunately you will get errors on updating if you currently have OpenBLAS installed as the default BLAS implementation:
error: failed to prepare transaction (could not satisfy dependencies) :: installing openblas (0.3.23-2) breaks dependency 'blas' required by cblas :: installing openblas (0.3.23-2) breaks dependency 'blas' required by lapack
Please append your preferred default BLAS implementation to the regular -Syu command line to get around it. For example:
or
https://archlinux.org/news/openblas-0323-2-update-requires-manual-intervention/
#news
The openblas package prior to version 0.3.23-2 doesn't ship optimized LAPACK routine and CBLAS/LAPACKE interfaces for compatibility. This decision has been reverted now, and the ability to choose a different default system BLAS/LAPACK implementation while keeping openblas installed is now provided to allow future co-installation of BLIS, ATLAS, etc.
The default BLAS implementation will be used for most packages like NumPy or R. Please install "blas-openblas" and "blas64-openblas" to make OpenBLAS the default BLAS implementation, just like the old behavior.
Unfortunately you will get errors on updating if you currently have OpenBLAS installed as the default BLAS implementation:
error: failed to prepare transaction (could not satisfy dependencies) :: installing openblas (0.3.23-2) breaks dependency 'blas' required by cblas :: installing openblas (0.3.23-2) breaks dependency 'blas' required by lapack
Please append your preferred default BLAS implementation to the regular -Syu command line to get around it. For example:
pacman -Syu blas-openblas
or
pacman -Syu blas
https://archlinux.org/news/openblas-0323-2-update-requires-manual-intervention/
#news
TeX Live package reorganization
Starting from version 2023.66594-9, TeX Live packages have been reorganized to mirror upstream collections. Even though the new
which means the euler CTAN package is contained in
A new metapackage texlive-meta is available to install all subpackages (except for language specific ones), and the new texlive-doc package provides the full documentation for offline use.
https://archlinux.org/news/tex-live-package-reorganization/
#news
Starting from version 2023.66594-9, TeX Live packages have been reorganized to mirror upstream collections. Even though the new
texlive-basic replaces the old texlive-core, many of the texlive-core contents (including language specific files) are now split between different packages. To find out which Arch package contains a specific CTAN package, you can use the tlmgr utility, eg.$ tlmgr info euler | grep collection
collection: collection-latexrecommended
which means the euler CTAN package is contained in
texlive-latexrecommended. You may also use pacman -F to query for specific files.A new metapackage texlive-meta is available to install all subpackages (except for language specific ones), and the new texlive-doc package provides the full documentation for offline use.
https://archlinux.org/news/tex-live-package-reorganization/
#news
π3
budgie-desktop >= 10.7.2-6 update requires manual intervention
When upgrading from budgie-desktop 10.7.2-5 to 10.7.2-6, the package mutter43 must be replaced with magpie-wm, which currently depends on mutter. As mutter43 conflicts with mutter, manual intervention is required to complete the upgrade.
First remove mutter43, then immediately perform the upgrade. Do not relog or reboot between these steps.
https://archlinux.org/news/budgie-desktop-1072-6-update-requires-manual-intervention/
#news
When upgrading from budgie-desktop 10.7.2-5 to 10.7.2-6, the package mutter43 must be replaced with magpie-wm, which currently depends on mutter. As mutter43 conflicts with mutter, manual intervention is required to complete the upgrade.
First remove mutter43, then immediately perform the upgrade. Do not relog or reboot between these steps.
pacman -Rdd mutter43pacman -Syuhttps://archlinux.org/news/budgie-desktop-1072-6-update-requires-manual-intervention/
#news
π7
ansible-core >= 2.15.3-1 update may require manual intervention
As of
This means that, starting from version
Regarding the documentation, it is available online: https://docs.ansible.com/
As for the configuration file, as explained in the wiki, a base config can be generated with the following command:
After updating from
To restore it, run the following command:
https://archlinux.org/news/ansible-core-2153-1-update-may-require-manual-intervention/
#news
As of
ansible-core 2.15.3, upstream moved documentation and examples to a separate dedicated repository (see the related changelogs). This means that, starting from version
2.15.3 the ansible-core package will stop shipping documentation and a default configuration example under /etc/ansible/ansible.cfg.Regarding the documentation, it is available online: https://docs.ansible.com/
As for the configuration file, as explained in the wiki, a base config can be generated with the following command:
ansible-config init --disabled > ansible.cfgAfter updating from
ansible-core <= 2.15.2-1 to >= 2.15.3-1, everyone using a custom global Ansible configuration file stored under /etc/ansible/ansible.cfg will have their configuration saved as a pacsave file. To restore it, run the following command:
mv /etc/ansible/ansible.cfg.pacsave /etc/ansible/ansible.cfghttps://archlinux.org/news/ansible-core-2153-1-update-may-require-manual-intervention/
#news
Changes to default password hashing algorithm and umask settings
With shadow >=
Furthermore, the umask [2] settings are now configured in /etc/login.defs instead of /etc/profile.
This should not require any manual intervention.
Reasons for Yescrypt
The password-based key derivation function (KDF) and password hashing scheme yescrypt has been chosen due to its adoption (readily available in libxcrypt, which is used by pam [3]) and its stronger resilience towards password cracking attempts over SHA512.
Although the winner of the Password Hashing Competition [4] has been argon2, this even more resilient algorithm is not yet available in libxcrypt [5][6].
Configuring yescrypt
The
General list of changes
βͺοΈyescrypt is used as default password hashing algorithm, instead of SHA512
βͺοΈpam honors the chosen
βͺοΈchanges in the filesystem (>=
#news
With shadow >=
4.14.0, Arch Linux's default password hashing algorithm changed from SHA512 to yescrypt [1].Furthermore, the umask [2] settings are now configured in /etc/login.defs instead of /etc/profile.
This should not require any manual intervention.
Reasons for Yescrypt
The password-based key derivation function (KDF) and password hashing scheme yescrypt has been chosen due to its adoption (readily available in libxcrypt, which is used by pam [3]) and its stronger resilience towards password cracking attempts over SHA512.
Although the winner of the Password Hashing Competition [4] has been argon2, this even more resilient algorithm is not yet available in libxcrypt [5][6].
Configuring yescrypt
The
YESCRYPT_COST_FACTOR setting in /etc/login.defs is currently without effect, until pam implements reading its value [7]. If a YESCRYPT_COST_FACTOR higher (or lower) than the default (5) is needed, it can be set using the rounds option of the pam_unix [8] module (i.e. in /etc/pam.d/system-auth).General list of changes
βͺοΈyescrypt is used as default password hashing algorithm, instead of SHA512
βͺοΈpam honors the chosen
ENCRYPT_METHOD in /etc/login.defs and does not override the chosen method anymoreβͺοΈchanges in the filesystem (>=
2023.09.18) and pambase (>= 20230918) packages ensure, that umask is set centrally in /etc/login.defs instead of /etc/profile
https://archlinux.org/news/changes-to-default-password-hashing-algorithm-and-umask-settings/#news
β€6