Ed Page
8e68a0a8ba
refactor: Sanitize via PackageName
2023-12-13 13:19:49 -06:00
Ed Page
1da305301c
refactor: Validate via RegistryName/PackageName
2023-12-13 13:03:27 -06:00
Ed Page
db2e314077
fix: Improve registry name errors?
...
Because of workspace inheritance, the errors aren't the greatest
2023-12-13 11:37:08 -06:00
Ed Page
6b6eb06714
fix: Improve package name errors
2023-12-13 11:27:02 -06:00
Ed Page
00bde96c18
refactor(schema): Reduce str newtype duplication
2023-12-13 11:05:57 -06:00
Ed Page
847804d566
refactor(cli): Validate via ProfileName
...
I was going to have clap use `ProfileName` but the `cargo rustc
--profile` (yes that specific) accepts `check`
as a profile name and we convert that to `dev` later in the process,
making that not work.
2023-12-13 10:53:40 -06:00
Ed Page
a3976cd47c
fix: Improve profile name errors
2023-12-13 10:53:40 -06:00
Ed Page
586b010663
refactor: Do all feature name validation through FeatureName
2023-12-13 10:53:40 -06:00
Ed Page
4e1fac8ce5
refactor: Remove unused feature location parameter
2023-12-13 10:53:40 -06:00
Ed Page
c1d9b76401
fix: Improve feature name errors
...
This moves feature name validation early enough in the process to get
TOML errors.
2023-12-13 10:53:40 -06:00
Ed Page
a8a376cab1
refactor: Allow more/less feature name locations
2023-12-13 10:53:40 -06:00
Ed Page
b2afdccc47
refactor: Use inline formatting
2023-12-13 10:53:40 -06:00
Ed Page
f0bc0d2ae2
refactor: Consolidate name validation logicc
2023-12-13 10:53:40 -06:00
Ed Page
b0ce24a79d
refactor: Consolidate feature name validation logic
2023-12-13 10:53:40 -06:00
bors
58745cb1c5
Auto merge of #13174 - rust-lang:dependabot/cargo/zerocopy-0.7.31, r=epage
...
chore(deps): bump zerocopy from 0.7.29 to 0.7.31
Bumps [zerocopy](https://github.com/google/zerocopy ) from 0.7.29 to 0.7.31.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/google/zerocopy/releases ">zerocopy's releases</a>.</em></p>
<blockquote>
<h2>v0.7.30</h2>
<h2>What's Changed</h2>
<ul>
<li>[policies] Document yanking policy by <a href="https://github.com/joshlf "><code>`@joshlf</code></a>` in <a href="https://redirect.github.com/google/zerocopy/pull/677 ">google/zerocopy#677</a></li>
<li>[ci] Roll pinned nightly toolchain by <a href="https://github.com/google-pr-creation-bot "><code>`@google-pr-creation-bot</code></a>` in <a href="https://redirect.github.com/google/zerocopy/pull/680 ">google/zerocopy#680</a></li>
<li>[readme] Link to GitHub Releases (<a href="https://redirect.github.com/google/zerocopy/issues/692 ">#692</a>) by <a href="https://github.com/joshlf "><code>`@joshlf</code></a>` in <a href="https://redirect.github.com/google/zerocopy/pull/693 ">google/zerocopy#693</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/google/zerocopy/compare/v0.7.29...v0.7.30 ">https://github.com/google/zerocopy/compare/v0.7.29...v0.7.30 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="7d3a8f9ea6
"><code>7d3a8f9</code></a> Fix soundness hole in Ref::into_ref and into_mut (<a href="https://redirect.github.com/google/zerocopy/issues/721 ">#721</a>)</li>
<li><a href="961612f110
"><code>961612f</code></a> [readme] Link to GitHub Releases (<a href="https://redirect.github.com/google/zerocopy/issues/692 ">#692</a>) (<a href="https://redirect.github.com/google/zerocopy/issues/693 ">#693</a>)</li>
<li><a href="449b78c67f
"><code>449b78c</code></a> [ci] Roll pinned nightly toolchain (<a href="https://redirect.github.com/google/zerocopy/issues/680 ">#680</a>)</li>
<li><a href="8f7d88b90e
"><code>8f7d88b</code></a> [policies] Document yanking policy (<a href="https://redirect.github.com/google/zerocopy/issues/677 ">#677</a>)</li>
<li>See full diff in <a href="https://github.com/google/zerocopy/compare/v0.7.29...v0.7.31 ">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zerocopy&package-manager=cargo&previous-version=0.7.29&new-version=0.7.31 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/rust-lang/cargo/network/alerts ).
</details>
2023-12-15 15:44:04 +00:00
bors
e9a1b4bf0b
Auto merge of #13173 - ChrisDenton:SHGetKnownFolderPath, r=weihanglo
...
Replace SHGetFolderPathW with SHGetKnownFolderPath
### What does this PR try to resolve?
Resolves #13138 by replacing `SHGetFolderPathW` with `SHGetKnownFolderPath`.
### How should we test and review this PR?
Aside from running the existing tests, this introduces two new functions whose documentation you may want to double check: [`SHGetKnownFolderPath`](https://learn.microsoft.com/en-us/windows/win32/api/shlobj_core/nf-shlobj_core-shgetknownfolderpath ) and [`CoTaskMemFree`](https://learn.microsoft.com/en-us/windows/win32/api/combaseapi/nf-combaseapi-cotaskmemfree ).
2023-12-15 05:27:06 +00:00
dependabot[bot]
aae72a55f5
chore(deps): bump zerocopy from 0.7.29 to 0.7.31
...
Bumps [zerocopy](https://github.com/google/zerocopy ) from 0.7.29 to 0.7.31.
- [Release notes](https://github.com/google/zerocopy/releases )
- [Changelog](https://github.com/google/zerocopy/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google/zerocopy/compare/v0.7.29...v0.7.31 )
---
updated-dependencies:
- dependency-name: zerocopy
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-15 03:56:34 +00:00
Chris Denton
6e11c77384
Replace SHGetFolderPathW with SHGetKnownFolderPath
2023-12-15 03:36:39 +00:00
bors
6982b443cf
Auto merge of #13167 - weihanglo:bump-check-skip-home, r=epage
...
chore(bump-check): dont check `home` against beta/stable branches
2023-12-14 01:13:36 +00:00
Weihang Lo
516313379e
chore(bump-check): dont check home against beta/stable branches
...
The publish of home is not tied with Rust release process, hence.
2023-12-13 18:21:55 -05:00
bors
078a65bffb
Auto merge of #13164 - epage:empty, r=weihanglo
...
fix: Fill in more empty name holes
### What does this PR try to resolve?
This is a follow up to #13152 and expands on work done in #12928 .
This is also part of #12801 as I am refactoring how we do validation so that it parts of it can move into the schema, removing the last dependency the schema has on the rest of cargo.
### How should we test and review this PR?
This prevents empty registry names which should be fine for the same reason as preventing empty feature names in #12928 , that this was a regression due to changes in toml parsers
### Additional information
2023-12-13 20:29:59 +00:00
Ed Page
a383185c38
refactor: Centralize empty name check
2023-12-13 10:46:38 -06:00
Ed Page
2db5c9dd59
fix(new): Catch empty package names earlier
2023-12-13 10:44:55 -06:00
Ed Page
9de03cd1fd
fix(add): Catch empty dep name early
2023-12-13 10:43:55 -06:00
Ed Page
1791353689
fix!: Disallow empty registry names
...
This was allowed when switching from `toml` v0.5 to `toml_edit` which
started allowing empty keys when parsing TOML.
This mirrors the change
we made for disallowing empty feature names in #12928 .
2023-12-13 10:38:37 -06:00
Ed Page
7200646a97
test: Demonstrate existing empty name errors
2023-12-13 10:38:34 -06:00
bors
8412d30873
Auto merge of #13152 - hi-rustin:rustin-patch-empty-name, r=epage
...
Do not allow empty name in package ID spec
2023-12-13 01:22:37 +00:00
bors
0e18edfb82
Auto merge of #13159 - heiher:bump-openssl, r=weihanglo
...
chore(deps): update rust crate openssl to 0.10.61
### What does this PR try to resolve?
Bump rust crate `openssl` to `0.10.61`.
This is a major bump that Cargo starts depending on OpenSSL v3 via [openssl-src@300.1.2+3.1.1](https://crates.io/crates/openssl-src/300.1.2+3.1.1 )
Some other notes:
* OpenSSL 3.1.1 was released on [2023-05-30](https://github.com/openssl/openssl/blob/master/CHANGES.md#changes-between-310-and-311-30-may-2023 ).
* Starting from 1.6 [libgit2 supports OpenSSL v3](https://github.com/libgit2/libgit2/blob/main/docs/changelog.md#v16 )
* Starting from 1.10.0 [libssh2 supports OpenSSL v3](https://libssh2.org/changes.html#1.10.0 )
* OpenSSL 1.1.1 [is EOL](https://www.openssl.org/blog/blog/2023/03/28/1.1.1-EOL/ ).
* curl seems to support OpenSSL v3 before it got released.
### How should we test and review this PR?
Build test.
### Additional information
The openssl build issue for loongarch is resolved.
2023-12-12 18:58:15 +00:00
bors
7c722f76ed
Auto merge of #13134 - arlosi:vendor-libgit2, r=ehuss
...
`all-static` feature should include `vendored-libgit2`
Cargo has an `all-static` feature which is supposed to statically link dependencies for distributing.
However, it doesn't include `libgit2`. If the system has a compatible version of `libgit2` and `pkg-config` installed, then the `all-static` build will still use the system `libgit2`.
2023-12-12 17:50:31 +00:00
bors
73eeb849e2
Auto merge of #13160 - Turbo87:crates-io-status-codes, r=weihanglo
...
doc/registry-web-api: Adjust success response code documentation
see #13158 :)
2023-12-12 17:13:31 +00:00
Tobias Bieniek
9cb5eed6ce
doc/registry-web-api: Adjust success response code documentation
2023-12-12 17:54:56 +01:00
bors
1aa9df1a5b
Auto merge of #13158 - Turbo87:crates-io-status-codes, r=epage
...
crates-io: Add support for other 2xx HTTP status codes
Replying with `201 Created` of `202 Accepted` should not result in showing errors.
Related:
- https://github.com/rust-lang/cargo/issues/3995
- https://github.com/rust-lang/cargo/pull/6771
2023-12-12 14:52:31 +00:00
WANG Rui
8e9a62d51e
chore(deps): update rust crate openssl to 0.10.61
2023-12-12 21:29:45 +08:00
Tobias Bieniek
32d4c0fd80
crates-io: Add support for other 2xx HTTP status codes
...
Replying with `201 Created` of `202 Accepted` should not result in showing errors.
2023-12-12 13:33:03 +01:00
bors
5dc5118c53
Auto merge of #13156 - hi-rustin:rustin-patch-fix-nightly-test, r=epage
...
Remove the deleted feature test_2018_feature from the test
2023-12-12 03:04:52 +00:00
hi-rustin
e540c66e09
Remove the deleted feature test_2018_feature
from the test
...
Signed-off-by: hi-rustin <rustin.liu@gmail.com>
2023-12-12 10:54:29 +08:00
bors
489f93f4f1
Auto merge of #13154 - epage:schema, r=weihanglo
...
refactor(schema): Remove reliance on cargo types
### What does this PR try to resolve?
This is another step towards #12801 .
The only thing left is `validate_package_name` which I left out because I want to explore ways of handing that and don't want this commit blocked on it
### How should we test and review this PR?
### Additional information
2023-12-11 23:16:07 +00:00
bors
a0339b0ae3
Auto merge of #13155 - epage:lint, r=weihanglo
...
fix(toml)!: Disallow `[lints]` in virtual workspaces
This was missed with the initial `[lints]` implementation.
While this is a breaking change, this is aligned with ones we've done in the past. A lot of times, we warn first. My hope is that isn't needed this time because
- It only exists virtual workspaces so they aren't published
- It is a nop to have this which is likely to be caught
- This is so new that the number of people using it, and likely running into this case, is quite low.
2023-12-11 20:30:22 +00:00
Ed Page
48c72b9aa7
docs(schema): Raise awareness of validation when updating
2023-12-11 14:18:10 -06:00
Ed Page
66ce16c72b
fix(toml)!: Disallow [lints]
in virtual workspaces
...
This was missed with the initial `[lints]` implementation.
While this is a breaking change, this is aligned with ones we've done in
the past. A lot of times, we warn first. My hope is that isn't needed
this time because
- It only exists virtual workspaces so they aren't published
- It is a nop to have this which is likely to be caught
- This is so new that the number of people using it, and likely running
into this case, is quite low.
2023-12-11 14:10:01 -06:00
Ed Page
808e2a174f
refactor(schema): Adopt RustVersion
2023-12-11 13:44:14 -06:00
Ed Page
085d860f54
refactor(schema): Remove reliance on CargoResult
2023-12-11 13:37:01 -06:00
Ed Page
0c81f7a293
refactor(schema): Remove reliance on IntoUrl
2023-12-11 13:36:01 -06:00
bors
7688d896a8
Auto merge of #13135 - linyihai:limit-priv-to-library, r=epage
...
Limit exported-private-dependencies lints to libraries
### What does this PR try to resolve?
Completed https://github.com/rust-lang/cargo/issues/13039 .
This PR limit `exported-private-dependencies` lint in libraray `Target`.
### How should we test and review this PR?
Your can checkout out 2348ac2a20edf772495349d7911938251e343bf1 and run test, it will failed and then it will be passed in the commit 2348ac2a20edf772495349d7911938251e343bf1
### Additional information
2023-12-11 17:22:22 +00:00
bors
991ad8c0dd
Auto merge of #13148 - weihanglo:bump-gix-index, r=epage
...
chore: update to gix-index@0.27.1
This is for fixing build failure in
https://github.com/rust-lang/rust/pull/118765#issuecomment-1848579803
2023-12-11 15:23:48 +00:00
Ed Page
6ad58cd672
refactor(schema): Remove unused function
...
I think a bad merge conflict resolution brought this back.
2023-12-11 09:05:25 -06:00
hi-rustin
1248522eb2
fix: validate package name from URL
...
Signed-off-by: hi-rustin <rustin.liu@gmail.com>
2023-12-11 10:11:29 +08:00
hi-rustin
4dc1178281
test: add a case for bad package URLs starting with numbers
...
Signed-off-by: hi-rustin <rustin.liu@gmail.com>
2023-12-11 10:10:54 +08:00
hi-rustin
442636b949
test: add a case for parsing URL spec without name
...
Signed-off-by: hi-rustin <rustin.liu@gmail.com>
2023-12-11 10:10:21 +08:00
hi-rustin
b1642b51a5
fix: validate if name is empty
...
Signed-off-by: hi-rustin <rustin.liu@gmail.com>
2023-12-11 10:09:35 +08:00