OpenSK icon indicating copy to clipboard operation
OpenSK copied to clipboard

Published 20 hours ago verified publisher icon google

Add a CI workflow to run cargo-outdated checks

Open gendx opened this issue 4 years ago • 2 comments

The cargo-outdated tool checks for outdated dependencies in a Cargo.toml. As a complement to cargo-audit which checks for vulnerable dependencies, we should leverage that to make sure dependencies are up-to-date.

gendx avatar Jun 26 '20 12:06 gendx

Without the --depth argument, it's too verbose.

But this seems to be fine:

Name     Project  Compat  Latest  Kind         Platform
----     -------  ------  ------  ----         --------
elf2tab  0.4.0    ---     0.6.0   Development  ---

jmichelp avatar Aug 20 '20 09:08 jmichelp

Blocked by https://github.com/kbknapp/cargo-outdated/issues/241

Not only the produced JSON output is truncated (resulting in an empty JSON when it shouldn't be for example) but the produced JSON is also changing from a run to another.

jmichelp avatar Oct 14 '20 14:10 jmichelp

Now that we pin Cargo.lock files, we don't want outdated notifications. Instead, we will upgrade compiler versions and packages before a release (or earlier, if cargo audit notifies us of problems).

Will be fixed with #663 .

kaczmarczyck avatar Nov 09 '23 13:11 kaczmarczyck