Context: follow-up on PR #144 (closed — thanks for the clear review @alessandrogario).
On macOS hosts with TCC/sandbox restrictions, $TMPDIR points under /var/folders/... which is per-user and can be purged by the OS mid-run if the session leader changes or the process is backgrounded. This caused intermittent failures in my environment where mquire staged packages under that tree and later couldn't read them back.
Proposal for discussion (not a PR):
- Allow
--staging-dir <path> CLI flag override.
- Default precedence:
MQUIRE_STAGING_DIR env var if set$XDG_CACHE_HOME/mquire/staging on Linux~/Library/Caches/mquire/staging on macOS- fallback to
$TMPDIR only when neither writable
- Preserve existing
$TMPDIR behavior on platforms where the new defaults don't apply, so no behavioral change for current users.
Open questions for maintainers:
- Is the macOS
$TMPDIR volatility reproducible in trailofbits' own CI/dev environments? If not, scope could be narrower (flag-only, no default change).
- Preferred env var name? Happy to follow project conventions.
- Scope — is
mquire stage the only consumer of temp dirs, or are there others to unify?
Happy to draft a PR against whatever plan you endorse — no changes to defaults without your sign-off.
Context: follow-up on PR #144 (closed — thanks for the clear review @alessandrogario).
On macOS hosts with TCC/sandbox restrictions,
$TMPDIRpoints under/var/folders/...which is per-user and can be purged by the OS mid-run if the session leader changes or the process is backgrounded. This caused intermittent failures in my environment where mquire staged packages under that tree and later couldn't read them back.Proposal for discussion (not a PR):
--staging-dir <path>CLI flag override.MQUIRE_STAGING_DIRenv var if set$XDG_CACHE_HOME/mquire/stagingon Linux~/Library/Caches/mquire/stagingon macOS$TMPDIRonly when neither writable$TMPDIRbehavior on platforms where the new defaults don't apply, so no behavioral change for current users.Open questions for maintainers:
$TMPDIRvolatility reproducible in trailofbits' own CI/dev environments? If not, scope could be narrower (flag-only, no default change).mquire stagethe only consumer of temp dirs, or are there others to unify?Happy to draft a PR against whatever plan you endorse — no changes to defaults without your sign-off.