Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade dependencies and remove deprecated failure, which causes GitHub security alerts #208

Merged
merged 5 commits into from
Aug 21, 2022
Merged

Upgrade dependencies and remove deprecated failure, which causes GitHub security alerts #208

merged 5 commits into from
Aug 21, 2022

Conversation

AdrianEddy
Copy link
Contributor

@AdrianEddy AdrianEddy commented Aug 20, 2022
edited
Loading

  • Migrate from failure to thiserror
  • Update most dependencies to recent versions
  • Migrate from r#try! macro to ? operator
  • Fix warnings

There were also security alerts for crossbeam 0.7 used by qutex. I see that dependency was updated on git, but not published to crates.io, so I used git dependency in Cargo.toml. It would be great if you can publish updated qutex so we can just use the new version here.

One last dependency that was not updated is futures 0.1. There were many changes in the API and I also see qutex can use 0.3 beta. I think we can separate this one for now - update all other dependencies, and take care of futures in ocl and qutex separately.

This PR also includes changes from #201 and #199 as they were dependency updates too, as well as #183, #170, #171 for warnings. Also after this PR is merged #178 can be closed.

It would be great if you could merge this PR, it causes GitHub Security alerts on dependent projects.

@c0gent
Copy link
Member

c0gent commented Aug 21, 2022

Looks great. Really appreciate your help.

Qutex is published.

Thanks again and let me know if anything else needs my attention.

@c0gent c0gent merged commit a5f4dc3 into cogciprocate:master Aug 21, 2022
This was referenced Aug 21, 2022
Closed
Closed
Closed
Closed
Closed
Closed
@AdrianEddy
Copy link
Contributor Author

amazing, thank you very much! If you could just replace qutex = { git = "https://github.com/cogciprocate/qutex.git" } with qutex = "0.2.4" in ocl/Cargo.toml and release updated ocl to crates.io that would be great!

@AdrianEddy
Copy link
Contributor Author

also sorry I missed, PR #179 can also be closed, it's included here as well

@c0gent c0gent mentioned this pull request Aug 23, 2022
Closed
@c0gent
Copy link
Member

c0gent commented Aug 23, 2022

Done. Thanks again!

@AdrianEddy
Copy link
Contributor Author

Also one more thing, it looks like the ocl-core-vector on crates.io differs from the git version, and it contains dependency to num 0.1, you can see this here: https://crates.io/crates/ocl-core-vector/0.1.0/dependencies (and verify here https://crates.io/api/v1/crates/ocl-core-vector/0.1.0/download )
The version in git depends on num-traits 0.2 instead, and it doesn't pull legacy dependencies.

Sorry to bother you like that but it would be really nice to also update ocl-core-vector on crates.io to get rid of that old dependency

@AdrianEddy
Copy link
Contributor Author

AdrianEddy commented Aug 30, 2022
edited
Loading

@c0gent any news on releasing the updated ocl-core-vector to crates.io? This one produces one last warning on dependent projects
image

@c0gent
Copy link
Member

c0gent commented Aug 30, 2022

Sorry for the delay. Published!

@AdrianEddy
Copy link
Contributor Author

Thank you very much! Now everything is looking good 👍

@c0gent c0gent mentioned this pull request Feb 21, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@AdrianEddy @c0gent