rustsec
comrak v0.14 update issues
Copying and pasting my comment from #655. See also: #645.
Build failure: https://github.com/rustsec/rustsec/runs/8025899590?check_suite_focus=true#step:7:117
I'm a bit confused in that it's only failing on macOS (and only on Rust 1.57; it passes on stable) and the error seems to be JSON-related:
---- advisories_found_but_ignored_json stdout ----
thread 'advisories_found_but_ignored_json' panicked at 'called `Result::unwrap()` on an `Err` value: Error("EOF while parsing a value", line: 1, column: 0)', cargo-audit/tests/acceptance.rs:70:35
...which seems to come from here:
https://github.com/serde-rs/json/blob/dab5ed3ee97cef5e2b796513f8d9e4c7416e44bf/src/error.rs#L293
I am unable to reproduce this problem locally using Rust 1.57.0 on macOS.
Not easy if it passes in pull requests. We could try to see what serde fails to parse with something like https://github.com/rustsec/rustsec/pull/661.
btw comrak is bringing ansi_term via clap2 and we got ansi_term advisory because of it: https://github.com/rustsec/rustsec/issues/654
It's because comrak by default-features - that brings clap2 - is configured for it's own [[bin]] target where as we consume it as lib.
We should use default-features = false with it - sent a PR in #677 to get rid of not needed deps.
Also when comrak was updated to 0.14 .lock (in repo) wasn't updated so my PR syncs .lock with that as well
Also re: that pipe - Think it would need to read stderr for debug if it's crashing ?
The stdout would not capture anything if the runner process just panic'd in the background and spat it's guts into STDERR
Also STDOUT buffering can be flaky, flush() and auto flush on STDOUT is pretty complicated affair
I mean.. the process could have also just ran and exited without flushing before someting was trying to read it's buffered output
I didn't get too into abscissa how it uses things .. might be just std io buf/macos red herring