Update gix to 0.82 (with security fixes and hardened parsers)#16941
Update gix to 0.82 (with security fixes and hardened parsers)#16941weihanglo merged 1 commit intorust-lang:masterfrom
gix to 0.82 (with security fixes and hardened parsers)#16941Conversation
rustbot
added
the
S-waiting-on-review
|
r? @weihanglo rustbot has assigned @weihanglo. Use Why was this reviewer chosen?The reviewer was selected based on:
|
There was a problem hiding this comment.
Thanks! Do we have any changelog that I can follow?
There was a problem hiding this comment.
That's difficult for the lack of one global changelog.
There is one per crate effectively, and this would be a way to surface all of them.
GitoxideLabs/gitoxide@gix-v0.81.0...gix-v0.82.0
Short version of this release is hardening and security fixes. The respective advisories are still something I have to publish.
There was a problem hiding this comment.
And I realize that the main gix release (v0.82) is quite usable for an overview:
https://github.com/GitoxideLabs/gitoxide/releases/tag/gix-v0.82.0
Now with a list of advisories.
There was a problem hiding this comment.
Yeah I saw the info/exclude as was wonder if there is anything related to cargo package. Turns out that we dont even have test around this (and hope people dont publish under worktrees).
I'll need to look closer to those advisories over the weekend. Seems like some related to stable features Cargo relies on, like file traversing/listing?
Regardless, thank you for fixing all of them!!
rustbot
removed
the
S-waiting-on-review
|
Is the underlying problem in the previous version fixed and the processes that led to it? |
4 participants
This seems to have been an eventless update locally.
Tasks