hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-17 08:24:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
adfaae02e773ba7b52f82a79f727af0d508145fc
codeql/ruby/extractor/Cargo.toml
Cornelius Riemenschneider 8c46b61e85 Ruby: Change how we pull in shared/tree-sitter-extractor dependency 
Previously, we pulled in the shared tree-sitter extractor via a `git`
dependency in `Cargo.toml` to address a `rules_rust` limitation (no `path`
dependencies outside of the cargo workspace)). This was a problem,
as that means we're cloning `github/codeql` _again_ for the build, which is
quite slow.

I found another way that is faster, and still produces correct builds
for both `cargo`` and `rules_rust`:
* Cargo depends on a fake crate that has the same dependencies as the real crate (thanks to `sync-files.py`). Therefore, cargo pulls in the right dependencies into the lockfile, which bazel targets
* For local builds, we override the path to that dependency in a cargo config, so we're pulling in the correct code
* rules_rust only uses `path` dependencies for collecting transitive dependencies, it never pulls in the code from there. So far that, we manually provide a `BUILD.bazel` file for the shared extractor, and depend on that.
2024-05-24 15:37:35 +02:00

36 lines
1.8 KiB
TOML
Raw Blame History

[workspace]
[package]
name = "codeql-extractor-ruby"
description = "CodeQL Ruby extractor"
version = "0.1.0"
authors = ["GitHub"]
edition = "2021"
# When changing/updating these, the `cargo-bazel-lock.json` file has to be regenerated.
# Run `CARGO_BAZEL_REPIN=true CARGO_BAZEL_REPIN_ONLY=ruby_deps ./tools/bazel sync --only=ruby_deps`
# in the `semmle-code` repository to do so.
# For more information, check out the documentation at
# https://bazelbuild.github.io/rules_rust/crate_universe.html#repinning--updating-dependencies
# In the future, the hope is to move this handling of the dependencies entirely into the `codeql` repository,
# but that depends on `rules_rust` being fully compatible with bzlmod, which they aren't yet
# (c.f. https://github.com/bazelbuild/rules_rust/issues/2452).
# Warning: The process takes >5min on my M1 mac, so do wait for a while.
[dependencies]
tree-sitter = ">= 0.22.6"
tree-sitter-embedded-template = { git = "https://github.com/tree-sitter/tree-sitter-embedded-template.git", rev = "38d5004a797298dc42c85e7706c5ceac46a3f29f" }
tree-sitter-ruby = { git = "https://github.com/tree-sitter/tree-sitter-ruby.git", rev = "b41dc0f4c8e040905fcbb5d93bab667541c08ec7" }
clap = { version = "4.2", features = ["derive"] }
tracing = "0.1"
tracing-subscriber = { version = "0.3.3", features = ["env-filter"] }
rayon = "1.5.0"
regex = "1.7.1"
encoding = "0.2"
lazy_static = "1.4.0"
# Ideally, we'd like to pull this in via a relative path.
# However, our bazel/rust tooling chokes on this, c.f. https://github.com/bazelbuild/rules_rust/issues/1525
# Therefore, we have a pretty bad hack in place instead, see README.md in the codeql-extractor-fake-crate directory.
codeql-extractor = { path = "codeql-extractor-fake-crate" }
[patch.crates-io]
tree-sitter = { git = "https://github.com/redsun82/tree-sitter.git", rev = "1f5c1112ceaa8fc6aff61d1852690407670d2a96" }
Reference in New Issue View Git Blame Copy Permalink