Skip to content

chore: fix build-from-source failure: pin dump_syms to =2.3.4, ship Cargo.lock in npm package#18

Merged
bobbyg603 merged 2 commits intomainfrom
copilot/fix-goblin-version-conflict
Mar 26, 2026
Merged

chore: fix build-from-source failure: pin dump_syms to =2.3.4, ship Cargo.lock in npm package#18
bobbyg603 merged 2 commits intomainfrom
copilot/fix-goblin-version-conflict

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Mar 26, 2026
edited
Loading

dump_syms@2.3.7 has a transitive goblin crate version conflict (0.8.2 vs 0.10.5) that causes compilation to fail. Because Cargo.lock was excluded from the npm files list, fresh from-source builds (fallback-to-build path) resolved to 2.3.7 instead of the locked 2.3.4.

Changes

  • Cargo.toml: Tighten dump_syms from the open range "2.3.1" to exact pin "=2.3.4" — the last known-good version before the broken 2.3.7
  • package.json: Add Cargo.lock to files so the npm package ships the lock file, ensuring reproducible dependency resolution for from-source builds
Original prompt

This section details on the original issue you should resolve

<issue_title>Build from source fails: goblin version conflict in dump_syms 2.3.7</issue_title>
<issue_description>## Problem

Building node-dump-syms from source fails with a Rust compilation error due to conflicting versions of the goblin crate in dump_syms@2.3.7.

error[E0308]: mismatched types
  --> dump_syms-2.3.7/src/object_info.rs:143:21
   = note: there are multiple different versions of crate `goblin` in the dependency graph
   expected `goblin::pe::exception::ExceptionData<'_>` (goblin 0.8.2)
      found `ExceptionData<'_>` (goblin 0.10.5)

Environment

  • macOS Darwin 25.3.0 (arm64)
  • Node.js v24.14.0 (ABI 137)
  • Rust 1.94.0
  • node-dump-syms@3.0.11

Context

The fallback-to-build path is triggered because no prebuilt binary exists for ABI 137 (see #15). The build then fails due to this upstream dump_syms dependency conflict.

This blocks Android .so symbol uploads via @bugsplat/symbol-upload -m on Node.js v24.</issue_description>

Comments on the Issue (you are @copilot in this section)

⚡ Quickly spin up Copilot coding agent tasks from anywhere on your macOS or Windows machine with Raycast.

@bobbyg603
Fix goblin version conflict: pin dump_syms to =2.3.4 and include Carg…
48795c2 
…o.lock in npm files

Co-authored-by: bobbyg603 <2646053+bobbyg603@users.noreply.github.com>
Agent-Logs-Url: https://github.com/BugSplat-Git/node-dump-syms/sessions/51be9dc9-71e8-498c-bdb3-64e6816fa145
Copilot AI changed the title [WIP] Fix build failure due to goblin version conflict in dump_syms 2.3.7 Fix build-from-source failure: pin dump_syms to =2.3.4, ship Cargo.lock in npm package Mar 26, 2026
Copilot AI requested a review from bobbyg603 March 26, 2026 02:41
@bobbyg603 bobbyg603 marked this pull request as ready for review March 26, 2026 02:44
Copilot AI review requested due to automatic review settings March 26, 2026 02:44
Copilot AI reviewed Mar 26, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses build-from-source failures in node-dump-syms by preventing Cargo from resolving to a known-bad dump_syms release (which triggers a transitive goblin version conflict) and by ensuring the npm package includes the Rust lockfile for reproducible dependency resolution.

Changes:

  • Pin Rust dependency dump_syms to an exact known-good version (=2.3.4).
  • Include Cargo.lock in the npm package files list so from-source builds use the intended lockfile.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
Cargo.toml Pins dump_syms to =2.3.4 to avoid the broken release and prevent semver drift.
package.json Ships Cargo.lock in the published npm package for reproducible Cargo resolution during fallback builds.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@bobbyg603 bobbyg603 changed the title Fix build-from-source failure: pin dump_syms to =2.3.4, ship Cargo.lock in npm package chore: fix build-from-source failure: pin dump_syms to =2.3.4, ship Cargo.lock in npm package Mar 26, 2026
@bobbyg603 bobbyg603 merged commit 4e6d19d into main Mar 26, 2026
7 checks passed
@bobbyg603 bobbyg603 deleted the copilot/fix-goblin-version-conflict branch March 26, 2026 19:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@splatyourbugs splatyourbugs splatyourbugs approved these changes

+1 more reviewer

@bobbyg603 bobbyg603 bobbyg603 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@bobbyg603 bobbyg603

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Build from source fails: goblin version conflict in dump_syms 2.3.7

4 participants

@bobbyg603 @splatyourbugs