feat: build system transition to release fork + archive hardening
Release fork infrastructure: - REDBEAR_RELEASE=0.1.1 with offline enforcement (fetch/distclean/unfetch blocked) - 195 BLAKE3-verified source archives in standard format - Atomic provisioning via provision-release.sh (staging + .complete sentry) - 5-phase improvement plan: restore format auto-detection, source tree validation (validate-source-trees.py), archive-map.json, REPO_BINARY fallback Archive normalization: - Removed 87 duplicate/unversioned archives from shared pool - Regenerated all archives in consistent format with source/ + recipe.toml - BLAKE3SUMS and manifest.json generated from stable tarball set Patch management: - verify-patches.sh: pre-sync dry-run report (OK/REVERSED/CONFLICT) - 121 upstream-absorbed patches moved to absorbed/ directories - 43 active patches verified clean against rebased sources - Stress test: base updated to upstream HEAD, relibc reset and patched Compilation fixes: - relibc: Vec imports in redox-rt (proc.rs, lib.rs, sys.rs) - relibc: unsafe from_raw_parts in mod.rs (2024 edition) - fetch.rs: rev comparison handles short/full hash prefixes - kibi recipe: corrected rev mismatch New scripts: restore-sources.sh, provision-release.sh, verify-sources-archived.sh, check-upstream-releases.sh, validate-source-trees.py, verify-patches.sh, repair-archive-format.sh, generate-manifest.py Documentation: AGENTS.md, README.md, local/AGENTS.md updated for release fork model
This commit is contained in:
@@ -715,6 +715,20 @@ fn handle_fetch(
|
||||
allow_offline: bool,
|
||||
logger: &PtyOut,
|
||||
) -> anyhow::Result<FetchResult> {
|
||||
// In release mode, explicit fetch is forbidden. Cook's internal fetch
|
||||
// (allow_offline=true) is still allowed since it respects COOKBOOK_OFFLINE.
|
||||
if !allow_offline {
|
||||
if let Ok(release) = env::var("REDBEAR_RELEASE") {
|
||||
if !release.is_empty() {
|
||||
bail!("{}", Error::Other(format!(
|
||||
"Fetch is disabled in release mode (REDBEAR_RELEASE={}). \
|
||||
Sources are immutable. To refresh, run: provision-release.sh",
|
||||
release
|
||||
)));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
let source_dir = match config.cook.offline && allow_offline {
|
||||
true => fetch_offline(&recipe, logger),
|
||||
false => fetch(&recipe, !recipe.is_deps, logger),
|
||||
@@ -789,6 +803,17 @@ fn handle_clean(
|
||||
cached = false;
|
||||
}
|
||||
let dir = recipe.dir.join("source");
|
||||
if matches!(*command, CliCommand::Unfetch) {
|
||||
// In release mode, unfetch is forbidden — sources are immutable
|
||||
if let Ok(release) = std::env::var("REDBEAR_RELEASE") {
|
||||
if !release.is_empty() {
|
||||
anyhow::bail!(
|
||||
"Unfetch is disabled in release mode (REDBEAR_RELEASE={}). Sources are immutable.",
|
||||
release
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
if dir.exists() && matches!(*command, CliCommand::Unfetch) {
|
||||
if is_local_overlay(&recipe.dir) && !redbear_allow_local_unfetch() {
|
||||
eprintln!(
|
||||
|
||||
+10
-1
@@ -226,13 +226,22 @@ pub fn fetch_offline(recipe: &CookRecipe, logger: &PtyOut) -> Result<FetchResult
|
||||
git: _,
|
||||
upstream: _,
|
||||
branch: _,
|
||||
rev: _,
|
||||
rev,
|
||||
patches: _,
|
||||
script: _,
|
||||
shallow_clone: _,
|
||||
}) => {
|
||||
offline_check_exists(&source_dir)?;
|
||||
let (head_rev, _) = get_git_head_rev(&source_dir)?;
|
||||
if let Some(expected_rev) = rev {
|
||||
if head_rev != *expected_rev {
|
||||
bail_other_err!(
|
||||
"source at {} has revision {} but recipe expects {}. \
|
||||
Source archives may be corrupted. Restore from release archives.",
|
||||
source_dir.display(), head_rev, expected_rev
|
||||
);
|
||||
}
|
||||
}
|
||||
FetchResult::cached(source_dir, head_rev)
|
||||
}
|
||||
Some(SourceRecipe::Tar {
|
||||
|
||||
Reference in New Issue
Block a user