Sergey "Shnatsel" Davidoff
Sergey "Shnatsel" Davidoff
I've filed an issue upstream: https://github.com/rust-lang/cargo/issues/12336 But the turnaround on Cargo issues is not very quick, so I might have to work around this somehow - perhaps with another call...
Unfortunately this is a bug in Cargo itself, and AFAIK there is nothing I can really do to fix that in `cargo auditable`. The proper way to do this would...
https://github.com/rust-lang/rfcs/pull/3553 would be the proper, correct solution to this problem. Until then, there may be hope for working around Cargo passing nonexistent features to `rustc`, which causes these failures. When...
Fortunately that is not a problem if I run `cargo metadata --no-deps`, which is what I am going to do. This creates its own problems - it is difficult to...
I have prototyped a fix in the https://github.com/rust-secure-code/cargo-auditable/tree/fix-dep-features branch. Tests pass, but I don't have a way to check if that fixes the issue because the latest versions of gitoxide,...
Okay, I managed to reproduce this on `gitoxide` if I check out v0.24.0 tag. My "fix" doesn't actually fix it. Debugging time!
Okay, it seems that `cargo metadata` is buggy and reports that `gix-features` has the feature `prodash` when it actually doesn't, it just has a `dep:prodash` syntax without the actual feature....
I am not aware of any such mechanism. Perhaps there is some nightly config flag to keep going on failures? It's worth taking a look at, but I doubt there...
@figsoda would this cause any issues for Nix, e.g. blow up the binary size? I understand Nix uses Git a lot in its workflows. When the package is built, does...
That's a good point, but on the other hand I don't really want to diverge from the hash recorded in `Cargo.lock` and reported by `cargo metadata` - that seems like...