Jiahao XU

With enough people downloading it, it'd be automatically build. The build pipeline seems to work without issues. BTW we do not guarantee the availability of any crate, it'd best-effort support.

Hello, cargo-quickinstall build packages if there are requests for it (i.e. someone uses cargo-binstall/cargo-quickinstall to install a package), we do not guarantee that every package you need is built on...

Hello, cargo-quickinstall build packages if there are requests for it (i.e. someone uses cargo-binstall/cargo-quickinstall to install a package), we do not guarantee that every package you need is built on...

Thank you for reporting this! cc @alsuren we have to investigate this, I have no idea how that happens. I have the feeling that something we installed on windows via...

https://github.com/cargo-bins/cargo-quickinstall/actions/runs/17261615966 This is the CI for the windows build, I will take a look at the commands run

Checked the CI, choco didn't install anything, which makes me think is one of our github account is compromised?

> Routes that I would like to double check include cache poisoning (I was very careful to avoid using any caches in the original design, so it may be easy...

Yeah..just looks like LLVM generates stuff differently, doesn't look like some malicious code is being slipped in

> see if there is a way to quickly restore the assets from recent builds and recalculate the signatures for them I think the build artifacts also include the signature?

@silver-ymz is right, it's blocked on that issue and I don't have much time to work on it recently. Would probably have to re-consider how to implement it, probably reducing...