Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update gix to version 0.62 #10451

Merged
merged 1 commit into from Apr 15, 2024
Merged

Update gix to version 0.62 #10451

merged 1 commit into from Apr 15, 2024

Conversation

blinxen
Copy link
Contributor

@blinxen blinxen commented Apr 15, 2024

This update contains a security fix for
https://rustsec.org/advisories/RUSTSEC-2024-0335.html

@pascalkuthe
Copy link
Member

pascalkuthe commented Apr 15, 2024
edited

It's fine to update but not really relevant to us since we don't use that gitoxide functionality. In fact the relevant features are disabled we don't even have the crate that is actually affected by this (gix-transport) in our dependency tree

@blinxen
Copy link
Contributor Author

blinxen commented Apr 15, 2024

That is true, however this change is motivated by the gitoxide update in Fedora. Because the project (gitoxide) consists of around 70 crates, we can't support multiple versions of it. That is why I would like to update all Fedora packages that require gitoxide to use the new version. This makes the life of package maintainers easier :D.

@blinxen
Copy link
Contributor Author

blinxen commented Apr 15, 2024

I would appreciate it if this could get merged however it doesn't really have a big priority right now.

pascalkuthe
pascalkuthe approved these changes Apr 15, 2024
View reviewed changes
Copy link
Member

@pascalkuthe pascalkuthe left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We would have updated this automatically with dependabot (#10453) so merging this is fine

Just confused why this helps fedora since I would assume fedora would package the last release and not our master branch and just apply a patch to that.

@the-mikedavis the-mikedavis merged commit 70459b2 into helix-editor:master Apr 15, 2024
6 checks passed
@the-mikedavis the-mikedavis mentioned this pull request Apr 15, 2024
Closed
@blinxen
Copy link
Contributor Author

blinxen commented Apr 15, 2024

We would have updated this automatically with dependabot (#10453) so merging this is fine

Ah, I missed that PR

Just confused why this helps fedora since I would assume fedora would package the last release and not our master branch and just apply a patch to that.

I created this PR to make sure it landed in the next release which according to the milestones should be soon.

shaleh pushed a commit to shaleh/helix that referenced this pull request Apr 16, 2024
@blinxen @shaleh
Update gix to version 0.62 (helix-editor#10451)
91a0a04 
This update contains a security fix for
https://rustsec.org/advisories/RUSTSEC-2024-0335.html
postsolar pushed a commit to postsolar/helix that referenced this pull request Apr 20, 2024
@blinxen @postsolar
Update gix to version 0.62 (helix-editor#10451)
10545cb 
This update contains a security fix for
https://rustsec.org/advisories/RUSTSEC-2024-0335.html
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@the-mikedavis the-mikedavis the-mikedavis approved these changes

@pascalkuthe pascalkuthe pascalkuthe approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@blinxen @pascalkuthe @the-mikedavis