[core] Refactor Cargo.toml and remove syntect from core #314
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nazmulidris
changed the title
nazmulidris
force-pushed
the
nazmulidris/refactor-deps-in-core
branch
from
6d753d7
to
89c1189
Compare
…all ambiguous names to be explicit This is an attempt to isolate the use of syntect to just 1 crate: r3bl_tui. It has been removed from the core crate. However, it is not possible to remove syntect from the lolcat / color_wheel modules as they are intrinsically tied together. Basically, they need to be able to render output, and for that they need to be in the r3bl_tui crate which has a dependency on syntect and this can't be removed. safemem is no longer maintained, you can see the following output from running cargo deny check advisories. 180 │ safemem 0.3.3 registry+https://github.com/rust-lang/crates.io-index │ ------------------------------------------------------------------- unmaintained advisory detected │ = ID: RUSTSEC-2023-0081 = Advisory: https://rustsec.org/advisories/RUSTSEC-2023-0081 = The latest crates.io release was in 2019. The repository has been archived by the author. = Announcement: https://github.com/abonander/safemem = Solution: No safe upgrade is available! = safemem v0.3.3 └── line-wrap v0.1.1 └── plist v1.6.0 └── syntect v5.1.0 └── r3bl_tui v0.5.2 └── r3bl-cmdr v0.0.11 More info: - #314 - ebarnard/rust-plist#134 - trishume/syntect#521 This `safemem` issue is resolved since the dependencies of syntect, `line-wrap` and `plist` are both updated. By pinning the version of `plist` to `1.6.1` (`cargo update -p plist --precise 1.6.1`) and checking in `Cargo.toml`, this resolves the `safemem` issue.
…eg: r3bl_terminal_async
`yaml-rust` crate is unmaintained 1) `syntect` author won't update this dep to a fork of it due to lack of trust concerns with this new fork: trishume/syntect#526 2) cargo-deny produces this output: error[unmaintained]: yaml-rust is unmaintained. ┌─ /home/nazmul/github/r3bl-open-core/Cargo.lock:295:1 │ 295 │ yaml-rust 0.4.5 registry+https://github.com/rust-lang/crates.io-index │ --------------------------------------------------------------------- unmaintained advisory detected │ = ID: RUSTSEC-2024-0320 = Advisory: https://rustsec.org/advisories/RUSTSEC-2024-0320 = The maintainer seems [unreachable](chyh1990/yaml-rust#197). Many issues and pull requests have been submitted over the years without any [response](chyh1990/yaml-rust#160). ## Alternatives Consider switching to the actively maintained `yaml-rust2` fork of the original project: - [yaml-rust2](https://github.com/Ethiraric/yaml-rust2) - [yaml-rust2 @ crates.io](https://crates.io/crates/yaml-rust2)) = Announcement: rustsec/advisory-db#1921 = Solution: No safe upgrade is available! = yaml-rust v0.4.5 └── syntect v5.1.0 └── r3bl_tui v0.5.2 └── r3bl-cmdr v0.0.11
nazmulidris
force-pushed
the
nazmulidris/refactor-deps-in-core
branch
from
0b76484
to
6222434
Compare
nazmulidris
added a commit
that referenced
this pull request
Apr 15, 2024
…all ambiguous names to be explicit This is an attempt to isolate the use of syntect to just 1 crate: r3bl_tui. It has been removed from the core crate. However, it is not possible to remove syntect from the lolcat / color_wheel modules as they are intrinsically tied together. Basically, they need to be able to render output, and for that they need to be in the r3bl_tui crate which has a dependency on syntect and this can't be removed. safemem is no longer maintained, you can see the following output from running cargo deny check advisories. 180 │ safemem 0.3.3 registry+https://github.com/rust-lang/crates.io-index │ ------------------------------------------------------------------- unmaintained advisory detected │ = ID: RUSTSEC-2023-0081 = Advisory: https://rustsec.org/advisories/RUSTSEC-2023-0081 = The latest crates.io release was in 2019. The repository has been archived by the author. = Announcement: https://github.com/abonander/safemem = Solution: No safe upgrade is available! = safemem v0.3.3 └── line-wrap v0.1.1 └── plist v1.6.0 └── syntect v5.1.0 └── r3bl_tui v0.5.2 └── r3bl-cmdr v0.0.11 More info: - #314 - ebarnard/rust-plist#134 - trishume/syntect#521 This `safemem` issue is resolved since the dependencies of syntect, `line-wrap` and `plist` are both updated. By pinning the version of `plist` to `1.6.1` (`cargo update -p plist --precise 1.6.1`) and checking in `Cargo.toml`, this resolves the `safemem` issue.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updates
[ ] Feb 25: ebarnard/rust-plist#134. A PR is open to update plist so it uses the latest line-wrap v0.2.0
[ ] Next step will be to raise a PR against syntect to use the latest plist version.
Context
This is an attempt to isolate the use of syntect to just 1 crate:
r3bl_tui. It has been removed from thecorecrate. However, it is not possible to removesyntectfrom thelolcat/color_wheelmodules as they are intrinsically tied together. Basically, they need to be able to render output, and for that they need to be in ther3bl_tuicrate which has a dependency onsyntectand this can't be removed.safememis no longer maintained, you can see the following output from runningcargo deny check advisories.180 │ safemem 0.3.3 registry+https://github.com/rust-lang/crates.io-index │ ------------------------------------------------------------------- unmaintained advisory detected │ = ID: RUSTSEC-2023-0081 = Advisory: https://rustsec.org/advisories/RUSTSEC-2023-0081 = The latest crates.io release was in 2019. The repository has been archived by the author. = Announcement: https://github.com/abonander/safemem = Solution: No safe upgrade is available! = safemem v0.3.3 └── line-wrap v0.1.1 └── plist v1.6.0 └── syntect v5.1.0 └── r3bl_tui v0.5.2 └── r3bl-cmdr v0.0.11