Skip to content

Bump mockito to 0.31.1 #21

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 26, 2024
Merged

Bump mockito to 0.31.1 #21

merged 1 commit into from
Apr 26, 2024

Conversation

@Pi-Cla
Copy link

@Pi-Cla Pi-Cla commented Apr 12, 2024

Fixes a RUSTSEC advisory where mockito was depending on an unmaintained crate
lipanski/mockito#145

Bump mockito to 0.31.1
251e550 
Fixes a RUSTSEC advisory where mockito was depending
on an unmaintained crate
lipanski/mockito#145
@Pi-Cla
Copy link
Author

Pi-Cla commented Apr 12, 2024

Bumping it further requires us to rewrite some stuff due to breaking changes (whereas I mainly just want to make sure we are not depending on any unmaintained crates)

lpil
lpil reviewed Apr 22, 2024
View reviewed changes
Copy link
Member

@lpil lpil left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello! I think this doesn't upgrade mockito, the upper bound is the same before and after this commit.

https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html

@Pi-Cla
Copy link
Author

Pi-Cla commented Apr 23, 2024

Hello! I think this doesn't upgrade mockito, the upper bound is the same before and after this commit.

https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html

Looking at cargo reference you linked it lists this:

0.2    :=  >=0.2.0, <0.3.0

mockito is a v0 package so a dependency on 0.30.0 means it can not be increased to 0.31.1.
The dependency currently is:

0.30    :=  >=0.30.0, <0.31.0

This will bump it up to:

0.31.1    :=  >=0.31.1, <0.32.0

@Pi-Cla Pi-Cla mentioned this pull request Apr 23, 2024
Merged
@lpil
Copy link
Member

lpil commented Apr 26, 2024

Ah! I missed the v0 bit. Thank you for explaining that to me

@lpil lpil merged commit 32fab65 into gleam-lang:main Apr 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lpil lpil lpil approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Pi-Cla @lpil