You said:
0:03.33 error: failed to select a version for getrandom.
0:03.33 ... required by package mozilla-central-workspace-hack v0.1.0 (/var/tmp/portage/www-client/firefox-115.31.0/work/firefox-115.31.0/build/workspace-hack)
0:03.33 ... which satisfies path dependency mozilla-central-workspace-hack (locked to 0.1.0) of package jsrust_shared v0.1.0 (/var/tmp/portage/www-client/firefox-115.31.0/work/firefox-115.31.0/js/src/rust/shared)
0:03.33 ... which satisfies path dependency jsrust_shared (locked to 0.1.0) of package jsrust v0.1.0 (/var/tmp/portage/www-client/firefox-115.31.0/work/firefox-115.31.0/js/src/rust)
0:03.33 versions that meet the requirements >=0.2 are: 0.3.3
0:03.33 the package mozilla-central-workspace-hack depends on getrandom, with features: custom but getrandom does not have these features.
0:03.33 failed to select a version for getrandom which could resolve this conflict
Good, this error is actually very informative. What you’ve hit is a known Firefox vendoring trap, not a misunderstanding on your part.
Let’s break it down cleanly and then I’ll tell you exactly what to do.
mozilla-central-workspace-hack
└─ depends on getrandom with feature "custom"
But:
getrandom 0.3.3 does NOT have a feature called "custom"
Cargo searched only:
third_party/rust/
and found exactly one version:
getrandom = 0.3.3
So it cannot satisfy:
getrandom >=0.2 + feature = "custom"
because that feature does not exist in 0.3.x.
Firefox does not use upstream getrandom normally.
Mozilla patches getrandom and exposes a non-upstream feature:
features = ["custom"]
That feature exists only in Mozilla’s vendored + patched copy, typically:
getrandom 0.2.x (Mozilla-patched)
Your vendoring state now has:
| Crate | Expected | Found |
|---|---|---|
| getrandom | 0.2.x + custom | 0.3.3 (upstream) |
This is why Cargo says:
perhaps a crate was updated and forgotten to be re-vendored?
It’s being extremely literal.
This constraint:
getrandom >=0.2
✔ allows 0.3.3
❌ does not guarantee the Mozilla-only custom feature exists
Features are not versioned. Cargo doesn’t know Mozilla relies on a fork.
One of the following is true (likely more than one):
third_party/rust/getrandomwas replaced with upstreamCargo.lockwas regenerated outside of Mozilla’s workflowmach vendor rustwas skipped / partially broken- Gentoo ebuild overrode vendored crates
- A transitive dependency pulled in
getrandom 0.3.x
Any one of these breaks Firefox.
Firefox 115 ESR expects:
getrandom 0.2.x (patched)
ls third_party/rust/getrandom
grep '^version' third_party/rust/getrandom/Cargo.tomlIf it says 0.3.x, that is the bug.
From firefox-115.31.0 source tarball or git tag:
third_party/rust/getrandom/should already be present and patched.
If it is missing or wrong, you must re-vendor exactly Mozilla’s set:
./mach vendor rust- with Mozilla’s
Cargo.lock - without upgrading any crates
- without internet upgrades
Do not do any of these:
>=0.2>=0.64- remove features
- upgrade crates “just to make it build”
Firefox is not a normal Rust project.
Mozilla:
- Injects entropy from Gecko / NSS
- Disables OS randomness paths
- Avoids WASI / sandbox breakage
- Needs deterministic builds
Hence:
features = ["custom"]
is intentional, not accidental.
In mozilla-central-workspace-hack/Cargo.toml you should see something like:
getrandom = { version = "0.2", features = ["custom"] }And in third_party/rust/getrandom:
- Patched source
- No registry metadata
- Mozilla-specific code paths
- This is not a semver issue
- This is not a Cargo misunderstanding
- You upgraded a Mozilla-patched crate
getrandom 0.3.xcannot work here- Restore exact vendored Rust deps
If you want, next I can:
- tell you which Gentoo ebuild step caused this
- show how to diff Mozilla vs upstream getrandom
- explain why workspace-hack exists at all
- give you a checklist to verify your vendoring tree