Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add expat and libxml2 to list of allowed version ranges #23603

Merged

Conversation

RubenRBS
Copy link
Member

Document bounds for libxml2 and expat

/cc @mayeut who's been pushing for this lately, thanks!

@RubenRBS RubenRBS self-assigned this Apr 17, 2024
Copy link
Contributor

🤖 Beep Boop! This pull request is making changes to 'docs//'.

👋 @prince-chrismc @MartinDelille @Croydon you might be interested. 😉

Copy link
Contributor

@ericLemanissier ericLemanissier left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is libpng not allowed any more ?

@RubenRBS
Copy link
Member Author

Good catch @ericLemanissier, unintended, fixed now :)

Copy link
Member

@uilianries uilianries left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

@conan-center-bot conan-center-bot merged commit 5570376 into conan-io:master Apr 23, 2024
9 checks passed
franramirez688 pushed a commit to toge/conan-center-index that referenced this pull request Apr 23, 2024
* Add expat and libxml2 to list of allowed version ranges

* Typo

* Update docs/adding_packages/dependencies.md
* Zlib: `[>=1.2.11 <2]`
* Libpng: `[>=1.6 <2]`
* Expat: `[>=2.6.2 <3]`
* Libxml2: `[>=2.12.5 <3]`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It there a rational for such high lower bound? I know that some recipes are not compatible with libxml2 2.12.x due to removal of few functions.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, this is just the version that had no cve at the time of writing

Note that when necessary, we can nudge the verison ranges to fit when a library does not support newer versions, I'll add a note, thanks for the heads up :)

Copy link
Member Author

@RubenRBS RubenRBS Jun 7, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pinging @SpaceIm in case you don't get answer notifications! (Which is what happened to me, if you comment on old cclosed issues, feel free to ping so I dont lose the notification!)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

5 participants