[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #22905 [Core Tor/Tor]: Cargo.lock and Cargo.toml specify incompatible dependencies for libc



#22905: Cargo.lock and Cargo.toml specify incompatible dependencies for libc
-----------------------------+----------------------------------
 Reporter:  isis             |          Owner:
     Type:  defect           |         Status:  new
 Priority:  Medium           |      Milestone:  Tor: unspecified
Component:  Core Tor/Tor     |        Version:
 Severity:  Normal           |     Resolution:
 Keywords:  rust, tor-build  |  Actual Points:
Parent ID:                   |         Points:
 Reviewer:                   |        Sponsor:  SponsorZ
-----------------------------+----------------------------------
Changes (by chelseakomlo):

 * cc: acrichton@… (removed)


Comment:

 Replying to [comment:2 alexcrichton]:

 > In any case though I'd probably recommend avoiding `"*"` dependencies.
 If you use more targeted dependencies (like `"0.2.24"` which stands for
 "semver compatible with 0.2.24" which is actually `>=0.2.24, < 0.3`) then
 you can typically use `cargo update` to safely update dependencies without
 worrying about actually breaking your code. This'll help to easily pick up
 bug fixes and such in libraries without accidentally introducing breakage
 sometimes.

 I think this is a good policy to follow in general, and something we do as
 a development requirement going forward.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22905#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs