Add expat and libxml2 to list of allowed version ranges #23603
Conversation
|
🤖 Beep Boop! This pull request is making changes to 'docs//'. 👋 @prince-chrismc @MartinDelille @Croydon you might be interested. 😉 |
|
Good catch @ericLemanissier, unintended, fixed now :) |
* Add expat and libxml2 to list of allowed version ranges * Typo * Update docs/adding_packages/dependencies.md
| * Zlib: `[>=1.2.11 <2]` | ||
| * Libpng: `[>=1.6 <2]` | ||
| * Expat: `[>=2.6.2 <3]` | ||
| * Libxml2: `[>=2.12.5 <3]` |
There was a problem hiding this comment.
It there a rational for such high lower bound? I know that some recipes are not compatible with libxml2 2.12.x due to removal of few functions.
There was a problem hiding this comment.
Hi, this is just the version that had no cve at the time of writing
Note that when necessary, we can nudge the verison ranges to fit when a library does not support newer versions, I'll add a note, thanks for the heads up :)
There was a problem hiding this comment.
Pinging @SpaceIm in case you don't get answer notifications! (Which is what happened to me, if you comment on old cclosed issues, feel free to ping so I dont lose the notification!)
Document bounds for libxml2 and expat
/cc @mayeut who's been pushing for this lately, thanks!