Skip to content

Create a vcpkg overlay for cpprestsdk and libyaml #5424

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
May 5, 2025
Merged

Create a vcpkg overlay for cpprestsdk and libyaml #5424

merged 12 commits into from
May 5, 2025

Conversation

florelis
Copy link
Member

@florelis florelis commented May 2, 2025
edited by microsoft-github-policy-service bot
Loading

This PR adds a local port overlay so that we can have our own custom vcpkg ports. In particular we use it to:

  1. Apply a patch to cpprestsdk for certificate pinning, without cloning the whole project
  2. Apply a patch to libyaml for a security vulnerability, as there is no updated version with the fix

These ports are mostly a copy of the official ports, but with the patches we want applied. Unfortunately the original port recipes were already applying some patches, and we had to include them here because vcpkg provides no mechanism to apply a single additional patch on top of an existing port.

Notes for the future:

  • We could potentially use the port overlay to create ports of the other libraries we have clones of, without having all their code checked in
  • For libyaml, instead of applying a patch we could simply change the base commit to one that already has that change
  • For libyaml, we could also try to contribute the patch to the official port
Microsoft Reviewers: Open in CodeFlow

@florelis florelis requested a review from a team as a code owner May 2, 2025 01:04
florelis added 6 commits May 2, 2025 14:48
@florelis
Add function to clone port
a7c4d0e
@florelis
Make single script
19c5377
@florelis
Use port overlays created by script
7556272
@florelis
Add patch to portfile
24b2426
@florelis
Merge branch 'master' into vcpkg-overlay
cce321c 
# Conflicts:
#	src/cpprestsdk/cpprestsdk.vcxproj
@florelis
Merge branch 'master' into vcpkg-overlay
10bd1b4 
# Conflicts:
#	src/AppInstallerCommonCore/AppInstallerCommonCore.vcxproj
#	src/AppInstallerSharedLib/AppInstallerSharedLib.vcxproj
JohnMcPMS
JohnMcPMS reviewed May 5, 2025
View reviewed changes
cgmanifest.json
@@ -33,7 +33,7 @@
"type": "git",
"git": {
"repositoryUrl": "https://github.com/microsoft/sfs-client.git",
"commitHash": "ff315ecfa2ef2953d8a808e51e8a61a4e0759180"
"commitHash": "2c891fc7a770e8ba2fec34fc6b545c672beb37e6"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did you mean to update the SFS Client entry? It appears to be a libyaml commit hash.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did not. Fixed now to add libyaml

@florelis florelis merged commit 0ff8521 into microsoft:master May 5, 2025
9 checks passed
@florelis florelis deleted the vcpkg-overlay branch May 5, 2025 20:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JohnMcPMS JohnMcPMS JohnMcPMS approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@florelis @JohnMcPMS