ext/phar: inject timestamp for flushing #20577
Conversation
The objective of this is to potentially allow userland to set the timestamp to allow building reproducible phars
|
Thanks for this ! If I understand correctly, getting time from |
|
I also had this to deal with userland objects & reproducible phars, that came from a discussion in another's repo. #14143 I'd have to think how this all fits together with reproducibility etc and if this is the "easiest" way etc... |
|
I vaguely remember #14143, I admit I'm a bit lost there I would need to dig back into that. But vague understanding is that it is about getting the correct value for the timestamp instead whatever value the PHAR was created at. My naïve understand of the issue is that at the moment when you build a PHAR there is simply no API to set the timestamp. For context, what most people use in practice in PHP land is use seld/phar-utils which reads the file and look up at the position to directly update the timestamp there, with the caveat that it needs to re-sign the PHAR. So ideally would be cool to simply be able to do |
| if (SUCCESS == spl_iterator_apply(obj, (spl_iterator_apply_func_t) phar_build, (void *) &pass)) { | ||
| phar_obj->archive->ufp = pass.fp; | ||
| phar_flush(phar_obj->archive, &error); | ||
| // TODO: Set to &pass; struct? |
Over 9000!
IIUC that belongs to PHP script code getenv()/$_SERVER/etc. calls, correct.
^ this is what you normally want. and here it goes in (if it makes it). this is great! @drupol /E: current example there (ref)
|
The PR allows you to override the implementations of getMTime() etc such that they are called instead of using the default one.
Right. And setTimestamp() on its own is likely not enough. Ideally you have setTimestamp() on the Phar class itself, and also a setMTime() for the phar file info object.
That's a bit ad-hoc and won't cover phars built by other means. |
That sounds good. In Composer fwiw we only add files using Phar::addFromString as we do some preprocessing ("compression" by removing comments from the code). Having a way to override the file timestamps either using setter after or just a unique filemtime for the whole phar sounds good to me. If I can delete that hackish phar-utils lib in some years I'll be glad :) Given this is a rarely used API I don't think the ergonomics matter a whole lot here, but thanks for working on this in whichever form it ends up taking. |
|
Now remembering file mode. If we touch mtime, we should probably also offer someting here as this can also effect reproducibility. Don't want to bikeshed here or something,, for fully reproducible phars over the PHP epoche, these need to be changed. |
I guess, the issue is that there might be other metadata that should also be controllable from the user? I'm happy to extend this by passing along some sort of "metadata" struct (possibly just timestamp + flags?) to be applied to all files. But I don't know what are the things that need control. |
Instead of accepting only a filename (as before), why not also allow the stringable SplFileInfo public interface for mtime and other file meta-data? |
|
Frankly, I don't want to couple more SPL jank with Phar. I would rather create a new final PharDataMetaData class that contains a few properties that can override file metadata than piggy-back on SplFileInfo... |
Understandable, but doesn't exactly that lead to that anti-pattern? Normally we can't fight the confusion with that, despite this is what we all want, right? /E: As I commented above, most important for me is getting the code churn. The chatter is just food for thought, the programmer should practice as they feel best and comfortable. |
I don't understand what antipattern you are talking about. |
Most prominently Big Ball of Mud and Piecemeal Growth (ebd.) came to my mind. @Girgias |
7 participants
The objective of this is to potentially allow userland to set the timestamp to allow building reproducible phars.
People this might interest in the long run: