mirrors/zig
1
0
Fork 0
mirror of https://codeberg.org/ziglang/zig.git synced 2025-12-06 05:44:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zig/doc/build.zig.zon.md
Andrew Kelley d6a88ed74d introduce package id and redo hash format again 
Introduces the `id` field to `build.zig.zon`.

Together with name, this represents a globally unique package
identifier. This field should be initialized with a 16-bit random number
when the package is first created, and then *never change*. This allows
Zig to unambiguously detect when one package is an updated version of
another.

When forking a Zig project, this id should be regenerated with a new
random number if the upstream project is still maintained. Otherwise,
the fork is *hostile*, attempting to take control over the original
project's identity.

`0x0000` is invalid because it obviously means a random number wasn't
used.

`0xffff` is reserved to represent "naked" packages.

Tracking issue #14288

Additionally:

* Fix bad path in error messages regarding build.zig.zon file.
* Manifest validates that `name` and `version` field of build.zig.zon
  are maximum 32 bytes.
* Introduce error for root package to not switch to enum literal for
  name.
* Introduce error for root package to omit `id`.
* Update init template to generate `id`
* Update init template to populate `minimum_zig_version`.
* New package hash format changes:
  - name and version limited to 32 bytes via error rather than truncation
  - truncate sha256 to 192 bits rather than 40 bits
  - include the package id

This means that, given only the package hashes for a complete dependency
tree, it is possible to perform version selection and know the final
size on disk, without doing any fetching whatsoever. This prevents
wasted bandwidth since package versions not selected do not need to be
fetched.
2025-02-26 11:42:03 -08:00

3.1 KiB
Raw Blame History

build.zig.zon Documentation

This is the manifest file for build.zig scripts. It is named build.zig.zon in order to make it clear that it is metadata specifically pertaining to build.zig.

  • build root - the directory that contains build.zig

Top-Level Fields

name

Enum literal. Required.

This is the default name used by packages depending on this one. For example, when a user runs zig fetch --save <url>, this field is used as the key in the dependencies table. Although the user can choose a different name, most users will stick with this provided value.

It is redundant to include "zig" in this name because it is already within the Zig package namespace.

Must be a valid bare Zig identifier (don't @ me), limited to 32 bytes.

id

Together with name, this represents a globally unique package identifier. This field should be initialized with a 16-bit random number when the package is first created, and then never change. This allows Zig to unambiguously detect when one package is an updated version of another.

When forking a Zig project, this id should be regenerated with a new random number if the upstream project is still maintained. Otherwise, the fork is hostile, attempting to take control over the original project's identity.

0x0000 is invalid because it obviously means a random number wasn't used.

0xffff is reserved to represent "naked" packages.

version

String. Required.

semver

Limited to 32 bytes.

minimum_zig_version

String. Optional.

semver

This is currently advisory only; the compiler does not yet do anything with this version.

dependencies

Struct.

Each dependency must either provide a url and hash, or a path.

url

String.

When updating this field to a new URL, be sure to delete the corresponding hash, otherwise you are communicating that you expect to find the old hash at the new URL. If the contents of a URL change this will result in a hash mismatch which will prevent zig from using it.

hash

String.

multihash

This is computed from the file contents of the directory of files that is obtained after fetching url and applying the inclusion rules given by paths.

This field is the source of truth; packages do not come from a url; they come from a hash. url is just one of many possible mirrors for how to obtain a package matching this hash.

path

String.

When this is provided, the package is found in a directory relative to the build root. In this case the package's hash is irrelevant and therefore not computed. This field and url are mutually exclusive.

lazy

Boolean.

When this is set to true, a package is declared to be lazily fetched. This makes the dependency only get fetched if it is actually used.

paths

List. Required.

Specifies the set of files and directories that are included in this package. Paths are relative to the build root. Use the empty string ("") to refer to the build root itself.

Only files included in the package are used to compute a package's hash.