dependabot-core icon indicating copy to clipboard operation
dependabot-core copied to clipboard
verified publisher icon dependabot

Rust: "Dependabot can't parse your Cargo.toml" error triggered by Cargo `[lints]` table

Open kpreid opened this issue 1 year ago • 0 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Package ecosystem

Cargo

Package manager version

cargo 1.80.1 (376290515 2024-07-16)

Language version

rustc 1.80.1 (3f5fd8dd4 2024-08-06)

Manifest location and content before the Dependabot update

Reduced Cargo.toml test case, tested at the root of a repo:

[package]
name = "problem"

[lints]
clippy.should_panic_without_expect = "deny"
clippy.pedantic = { level = "warn", priority = -1 }

I uploaded this to https://github.com/kpreid/dependabot-investigation.

dependabot.yml content

version: 2
updates:
  - package-ecosystem: "cargo"
    directory: "/"
    schedule:
      interval: "weekly"
      time: "17:00"
      timezone: "America/Los_Angeles"
    versioning-strategy: "auto"

Updated dependency

No response

What you expected to see, versus what you actually saw

The file is valid according to Cargo, but Dependabot fails to parse the file. It gives no line number or other detail in the log, only:

updater | 2024/08/16 04:52:09 ERROR <job_870136100> Error during file fetching; aborting: /Cargo.toml not parseable
  proxy | 2024/08/16 04:52:10 [008] POST /update_jobs/870136100/record_update_job_error
  proxy | 2024/08/16 04:52:10 [008] 204 /update_jobs/870136100/record_update_job_error
  proxy | 2024/08/16 04:52:10 [010] PATCH /update_jobs/870136100/mark_as_processed
  proxy | 2024/08/16 04:52:10 [010] 204 /update_jobs/870136100/mark_as_processed
updater | 2024/08/16 04:52:10 INFO <job_870136100> Finished job processing
updater | 2024/08/16 04:52:10 INFO Results:
Dependabot encountered '1' error(s) during execution, please check the logs for more details.
+-------------------------------+
|            Errors             |
+-------------------------------+
| dependency_file_not_parseable |
+-------------------------------+

Native package manager behavior

The problem is not with updating, but with reading the file at all. Cargo accepts this Cargo.toml file.

Images of the diff or a link to the PR, issue, or logs

No response

Smallest manifest that reproduces the issue

No response

kpreid avatar Aug 16 '24 05:08 kpreid