Alex Gaynor
Alex Gaynor
Your assessment is correct. As a result, this change will have substantial negative impact on the Python community. https://github.com/actions/runner/pull/3128 sketches out a direction Github could take to resolve this, but...
So the error is coming from here: https://github.com/rustsec/rustsec/blob/main/cargo-lock/src/dependency/tree.rs#L45-L47 The source ID for the dependency in question looks like: ``` SourceId { url: Url { scheme: "https", cannot_be_a_base: false, username: "",...
``` diff --git a/cargo-lock/src/package/source.rs b/cargo-lock/src/package/source.rs index 48e6fd6..4d9fde5 100644 --- a/cargo-lock/src/package/source.rs +++ b/cargo-lock/src/package/source.rs @@ -91,6 +91,15 @@ impl SourceId { name: self.name.clone(), }; } + } else if let SourceKind::Git(GitReference::Branch(name)) =...
Interesting, looks like we have to migrate a few other properties over first. If you're up for it, that'd be a great contribution, if not I'll make time to work...
I won't get to it this weekend, so if you're up for it, please have a shot! On Wed, Jun 26, 2024 at 6:03 PM Attila Szakacs ***@***.***> wrote: >...
We've now got a basic pyproject.toml, so you should be able to rebase on main and do this now.
What you're asking for is really an SBOM for wheels. Unfortunately there's no current specification or standard for these. If and when there's an SBOM standard for wheels, we'll generate...
They've said that they're waiting to see what `pip` does before adding anything to `uv pip`, for the obvious reasons :-)
@dependabot rebase
Yes, this flaw is documented here: https://github.com/pyca/bcrypt?tab=readme-ov-file#maximum-password-length Really at this point bcrypt exists for historic compatibility and new applications should use scrypt or argon2id (as documented here: https://github.com/pyca/bcrypt?tab=readme-ov-file#bcrypt) Is there...