-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove git2 dependency #934
base: main
Are you sure you want to change the base?
Conversation
c77e930
to
bf0943d
Compare
Updated title and removed WIP from it since it's already marked as a draft and thus can't be accidentally merged, even by myself or Julian. |
ac05a6e
to
53eabcf
Compare
…ased implementation Signed-off-by: Patrick Casey <patrick.casey1@outlook.com>
…ased implementation Signed-off-by: Patrick Casey <patrick.casey1@outlook.com>
…x-based implementation Signed-off-by: Patrick Casey <patrick.casey1@outlook.com>
…' implementation Signed-off-by: Patrick Casey <patrick.casey1@outlook.com>
81bd5e2
to
ccd9945
Compare
Great work on this Patrick. I'm getting:
do you remember if there were any steps you needed to take to get gix to work with MITRE certs? |
I'm wondering if we don't have to do something like |
Talking with @alilleybrinker , we feel that the issue is Gix is not picking up native cert store, and is using webpki instead. We need to figure out how to do that without re-introducing openssl |
Signed-off-by: Patrick Casey <patrick.casey1@outlook.com>
Signed-off-by: Patrick Casey <patrick.casey1@outlook.com>
ccd9945
to
efcd4e7
Compare
Signed-off-by: Patrick Casey <patrick.casey1@outlook.com>
1cfcf07
to
58e004f
Compare
Waiting for a response from the |
Update: discussed during team sync today. Will continue waiting on guidance from the gitoxide folks rather than trying to maintain a patched fork with the support for certificate changes we need. |
Overview
This PR is split into 5 different commits to make it easier to review and revert, if there is a problem in the future. The commits are as follows:
git2
-basedfetch
implementation withgix
-based implementationgit2
-basedclone
implementation withgix
-based implementationgit2
-basedcheckout
implementation withgix
-based implementationgit2
dependency and remaininggit2
code (logging shim, rustls transport shim...)gix
functionality with user facing output, so progress is visible to userBenefits
git2
andopenssl
dependenciesgix
forgit
operations, as it is already in use withmitre/git
pluginhc check
when agit clone
is needed (~5% fastermitre/hipcheck
, ~8% fasterserde-rs/serde
)Comparison of User Facing Output
main
git cloneremove-git2-dependency
git cloneBuild Timings
Note: All benchmarks were performed on an Ubuntu 24.04 machine with 8 CPUs and 32 GB of RAM
cargo build --workspace
Benchmark Command
Results
cargo build --workspace --release
Benchmark Command
Results
Cold Repo Analysis Benchmark
mitre/hipcheck
cold starttesting a repo with ~700 commits
benchmark command
benchmark result
serde-rs/serde
cold starttesting a repo with ~4000 commits
benchmark command
benchmark result
numpy/numpy
cold starttesting a repo with ~38000 commits
benchmark command
benchmark result
Manual testing performed
Since this change impacts the way repos are retrieved and/or updated, I performed the following manual tests to verify the new implementation is working correctly:
hc
run requiring a clonehc
run with existing repo, fetch & pull neededTest PyPI Package without version
Test PyPI package with version
Test NPM Package without version
Test NPM Package without version