Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix patched zerovec-derive version #2007

Merged
merged 1 commit into from
Jul 8, 2024
Merged

Conversation

Manishearth
Copy link
Contributor

We accidentally proposed the wrong version here in #1990

zerovec 0.10.4 and zerovec-derive 0.10.3 are patched.

We accidentally proposed the wrong version here.

zerovec 0.10.4 and zerovec-derive 0.10.3 are patched.
@Manishearth
Copy link
Contributor Author

@tarcieri potential CI that could be added: something that at least warns rustsec maintainers when there are no patched versions available

@Shnatsel Shnatsel merged commit 502a1ba into rustsec:main Jul 8, 2024
1 check passed
@Manishearth Manishearth deleted the patch-1 branch July 8, 2024 17:05
@Manishearth
Copy link
Contributor Author

Thanks for the quick merge, @Shnatsel !!

@Shnatsel
Copy link
Member

Shnatsel commented Jul 8, 2024

Thanks for the fix!

Yes, we've looked into doing this on CI, but that would require building out an infrastructure for warnings. Sometimes we publish an advisory a few hours before the patched version goes up on crates.io, so we need something that is restricted to the PR, surfaced on Github nicely and is easy to ignore if need be. We don't really have the manpower for that right now, but patches would be welcome.

@Manishearth
Copy link
Contributor Author

I was envisioning a non blocking CI job that fails when files touched in the current PR don't have available versions. Not too complex.

(don't have time now but may take a stab at this at some point)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants