Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

why were prior versions yanked? #37

Closed
cgwalters opened this issue Dec 2, 2022 · 3 comments
Closed

why were prior versions yanked? #37

cgwalters opened this issue Dec 2, 2022 · 3 comments

Comments

@cgwalters
Copy link

We had code that is building fine with hyper 0.14 and hyper-staticfile 0.6. It seems the prior versions were yanked - why?
@cgwalters cgwalters mentioned this issue Dec 2, 2022
Merged
@stephank
Copy link
Owner

stephank commented Dec 3, 2022

Because of RUSTSEC-2022-0069.

I believe yanking should not affect locked dependencies in Cargo.lock? Alternatively, is upgrading to 0.9.2 an obstacle?

@stephank
Copy link
Owner

stephank commented Feb 4, 2023

It looks like you managed to upgrade it in ostree, that's great! Sorry it was such an unexpected breakage.

It appears I can't really specify a reason when yanking a package. The releases page is what I've been using to communicate things, but maybe that's not the most obvious place. If you have a suggestion, I'd love to hear. Is there a place you'd look first to find a reason?

@cgwalters
Copy link
Author

Yes, I think if there was a hit for the word "yank" on the releases page that would have helped.

Anyways, yes we can close this. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@stephank @cgwalters