New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump git2 from 0.14.2 to 0.14.4 #1085
Conversation
@dependabot rebase |
cb38090
to
d9de891
Compare
Bumps [git2](https://github.com/rust-lang/git2-rs) from 0.14.2 to 0.14.4. - [Release notes](https://github.com/rust-lang/git2-rs/releases) - [Commits](rust-lang/git2-rs@0.14.2...0.14.4) --- updated-dependencies: - dependency-name: git2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
d9de891
to
44c7bf3
Compare
Note this effectively makes delta require rust 1.60 as explained in actual error for search engines
debian testing still only ships 1.59 so I reverted this commit locally for now... |
This reverts commit 511d501.
Thanks very much @martinetd, I've reverted it in master. Incidentally, dependabot is a bit of a minefield! I wonder whether I should really be using it? I'm not going to study the consequences of each update carefully. I'm open to any advice here. |
tough one. dependabot can be quite handy and I didn't check thoroughly but if you have confidence in CI coverage I'd say it's probably OK -- these should catch most problems, and it's better to keep things updated than forget and run cargo outdated once in a blue moon. In this particular case the issue is that CI uses rustup, which will always pick an up to date version of rust vs. distros which lag behind quite a bit. Adding a new rust version column to the matrix that'd be stable for most, and sprinkle some older versions is easy enough (untested): diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index c78ae7860ca3..b81f70f4ef24 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -14,20 +14,21 @@ jobs:
strategy:
matrix:
job:
- - { os: macos-latest, target: x86_64-apple-darwin, use-cross: false }
- - { os: windows-latest, target: x86_64-pc-windows-msvc, use-cross: false }
- - { os: ubuntu-latest , target: x86_64-unknown-linux-gnu, use-cross: false }
- - { os: ubuntu-latest, target: x86_64-unknown-linux-musl, use-cross: true }
- - { os: ubuntu-latest, target: i686-unknown-linux-gnu, use-cross: true }
- - { os: ubuntu-latest, target: arm-unknown-linux-gnueabihf, use-cross: true }
- - { os: ubuntu-latest, target: aarch64-unknown-linux-gnu, use-cross: true }
+ - { os: macos-latest, target: x86_64-apple-darwin, use-cross: false, toolchain: stable }
+ - { os: windows-latest, target: x86_64-pc-windows-msvc, use-cross: false, toolchain: stable }
+ - { os: ubuntu-latest , target: x86_64-unknown-linux-gnu, use-cross: false, toolchain: stable }
+ - { os: ubuntu-latest, target: x86_64-unknown-linux-musl, use-cross: true, toolchain: stable }
+ - { os: ubuntu-latest, target: i686-unknown-linux-gnu, use-cross: true, toolchain: stable }
+ - { os: ubuntu-latest, target: arm-unknown-linux-gnueabihf, use-cross: true, toolchain: stable }
+ - { os: ubuntu-latest, target: aarch64-unknown-linux-gnu, use-cross: true, toolchain: stable }
+ - { os: ubuntu-latest , target: x86_64-unknown-linux-gnu, use-cross: false, toolchain: 1.48.0 } # debian stable version
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Install Rust
uses: actions-rs/toolchain@v1
with:
- toolchain: stable
+ toolchain: ${{ matrix.job.toolchain }}
target: ${{ matrix.job.target }}
profile: minimal
override: true
@@ -55,7 +56,7 @@ jobs:
- name: Install Rust
uses: actions-rs/toolchain@v1
with:
- toolchain: stable
+ toolchain: ${{ matrix.job.toolchain }}
profile: minimal
override: true
- name: Build for release
@@ -80,7 +81,7 @@ jobs:
- name: Install Rust
uses: actions-rs/toolchain@v1
with:
- toolchain: stable
+ toolchain: ${{ matrix.job.toolchain }}
profile: minimal
override: true
components: rustfmt
@@ -99,7 +100,7 @@ jobs:
- name: Install Rust
uses: actions-rs/toolchain@v1
with:
- toolchain: stable
+ toolchain: ${{ matrix.job.toolchain }}
profile: minimal
override: true
components: clippy
@@ -115,10 +116,10 @@ jobs:
steps:
- name: Checkout repository
uses: actions/checkout@v2
- - name: Install stable toolchain
+ - name: Install ${{ matrix.job.toolchain }} toolchain
uses: actions-rs/toolchain@v1
with:
- toolchain: stable
+ toolchain: ${{ matrix.job.toolchain }}
override: true
- name: Run cargo-tarpaulin
uses: actions-rs/tarpaulin@v0.1 but actively tracking for a distro's version which would be better is quite annoying; I don't know if it's worth doing. |
Bumps git2 from 0.14.2 to 0.14.4.
Commits
d6f4560
git2 0.14.4 and libgit2-sys 0.13.46316180
ImplementTree::get_name
usingTree::get_name_bytes
to avoid duplication23a5340
AddTree::get_name_bytes
to handle non-UTF-8 entry names31d3ff0
Add binding for git_commit_body9d33858
git2 0.14.3 and libgit2-sys 0.13.3d8ee105
Avoid unconditional dependency on libssh2-sys when using zlib-ng-compat (#833)2d391e9
Update Readme (#834)71a2466
clarify license4d104dd
rustfmt3bc2640
Don't let pkg-config add system lib dirs to the search pathDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)