-
By introducing cargo lockfile to the project and examples, we will:
- Make `Dependabot` work. As you may notice, we don't have any PRs from `Dependabot` even though we had some dependency updates.
…
-
Hey!
I'm trying to run `nix develop github:vic/gleam-nix --override-input gleam path:$PWD`. However I'm getting the following error:
```sh
warning: not writing modified lock file of flake 'git…
-
cargo-audit 0.20.0 crashes when run on the master branch of the Nix repository. The problem seems to be that the master branch uses a git dependency, and specifies a git branch rather than a revision…
-
# Introduction
I've been doing a little investigation on the impact of `Cargo.lock` files because, if you run `ncdu` against a Nixpkgs checkout, they're usually the largest individual files you com…
Atemu updated
1 month ago
-
**Describe the enhancement**
As mentioned in https://github.com/payjoin/rust-payjoin/issues/337, it's way clearer having a `Cargo.lock` file than having the pinned dependencies only on the READ…
-
### Describe the bug
There are lots of CVEs in the lock file. Some of these might be dev-deps because osv-scanner isnt that smart, however some are in real deps.
#5076 for using a smarter t…
-
Hi,
Given the guidance in https://blog.rust-lang.org/2023/08/29/committing-lockfiles.html I think it'd be good to add `Cargo.lock` to repository and un-gitignore it.
I had a case of using old re…
-
```
$ cargo install --locked paru
Updating crates.io index
Installing paru v1.11.0
Updating crates.io index
Updating crates.io index
Compiling tokio-macros v1.8.0
Compiling …
-
### Description
Running: `cargo install --locked typst-cli` for `typst-cli v0.11.1` led to a compilation error caused by the `time` crate (version 0.3.34). See https://github.com/rust-lang/rust/pul…
-
As far as I know, there is no provision in recent recommandations for Cargo usage to not have Cargo.lock in version control for packages.