search

dependabot / feedback

The old feedback repository for Dependabot. Click below for the new repository.
https://github.com/dependabot/dependabot-core
93 stars 28 forks source link

[Rust] Unable to detect build.rs in crate #943

Closed quittle closed 4 years ago

quittle commented 4 years ago

Package manage/ecosystem Rust

Manifest contents prior to update

Cargo.toml

[package]
name = "wowser-glfw-sys"
version = "0.0.1"
authors = ["Dustin Toff <me@dustintoff.com>"]
edition = "2018"
links = "glfw3"

[build-dependencies]
cmake = "0"
git2 = "0"
bindgen = "0"

There is also a build.rs in the same directory.

Updated dependency N/A

What you expected to see, versus what you actually saw Dependabot should be able to succeed in analyzing my project and suggesting updates.

It doesn't, however, and fails to parse the manifest with the error

info: syncing channel updates for '1.43.1-x86_64-unknown-linux-gnu'
info: latest update on 2020-05-07, rust version 1.43.1 (8d69840ab 2020-05-04)
info: downloading component 'cargo'
info: downloading component 'clippy'
info: downloading component 'rust-docs'
info: downloading component 'rust-std'
info: downloading component 'rustc'
info: downloading component 'rustfmt'
info: installing component 'cargo'
info: installing component 'clippy'
info: installing component 'rust-docs'
info: installing component 'rust-std'
info: installing component 'rustc'
info: installing component 'rustfmt'
error: failed to parse manifest at `/home/dependabot/dependabot-updater/dependabot_tmp_dir/wowser-glfw-sys/Cargo.toml`

Caused by:
  package `wowser-glfw-sys v0.0.1 (/home/dependabot/dependabot-updater/dependabot_tmp_dir/wowser-glfw-sys)` specifies that it links to `glfw3` but does not have a custom build script

Images of the diff or a link to the PR, issue or logs Repository: https://github.com/quittle/wowser Root Cargo.toml: https://github.com/quittle/wowser/blob/master/Cargo.toml Subcrate Cargo.toml: https://github.com/quittle/wowser/blob/master/wowser-glfw-sys/Cargo.toml Subcrate build.rs: https://github.com/quittle/wowser/blob/master/wowser-glfw-sys/build.rsc Dependabot-raised issue: https://github.com/quittle/wowser/issues Dependabot run logs: dependabot-build-log.txt

Potentially related issue: https://github.com/dependabot/dependabot-core/issues/1627

feelepxyz commented 4 years ago

Dependabot currently doesn't fetch or run this Build.rs file which is why it's failing. We're looking into adding a dummy version of this file as we have disabled evaluating user-code when running updates.

Related issue: https://github.com/bytecodealliance/wasmtime/issues/1684#issuecomament-634686521

jurre commented 4 years ago

I've fixed this behavior in dependabot-core, will try to roll out the change to production today, thanks for flagging it @quittle and thanks for the direction for the fix @feelepxyz 🎉