Replace unmaintained encoding dep with maintained encoding_rs dep #4694
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SleeplessOne1917
requested review from
Nutomic,
dessalines,
phiresky and
dullbananas
as code owners
SleeplessOne1917
commented
May 2, 2024
crates/api_common/src/request.rs
Outdated
| } | ||
| if charset != UTF_8.name() { | ||
| if let Some(encoding) = Encoding::for_label(charset.as_bytes()) { | ||
| page = HTML::from_string(encoding.decode(html_bytes).0.into_owned(), None)?; |
There was a problem hiding this comment.
We don't need to specify to replace malformed sequences because this decode already does that.
Decode complete input to Cow<'a, str> with BOM sniffing and with malformed sequences replaced with the REPLACEMENT CHARACTER when the entire input is available as a single buffer (i.e. the end of the buffer marks the end of the stream).
Nutomic
approved these changes
May 3, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I used cargo-audit to audit our dependencies and found some vulnerabilities. There are some severe vulnerabilities that are from indirect dependencies. I am currently working on this.
In addition to the sever, there are 3 warnings for using unmaintained crates. I couldn't find a crate that did the same thing as
safemem, andyaml-rustis an indirect dependency of the latest version ofmarkdown-it. However,, I was able to find a replacement for the encoding crate we use.I replaced
encoding, which hasn't had an update in 7 years withencoding_rs, which was last updated less than a month ago and has about 10 times the all time downloads and 16 times recent downloads compared to the former.