Newly downloaded cache is considered expired

rust-secure-code / cargo-supply-chain

Gather author, contributor and publisher data on crates in your dependency graph.

Apache License 2.0

315 stars 18 forks source link

Newly downloaded cache is considered expired #15

Closed Shnatsel closed 3 years ago

Shnatsel commented 3 years ago

I've run cargo supply-chain update just now, yet I'm getting the following message:

Ignoring expired cache, older than a day.
  Run `cargo supply-chain update` to update it.

HeroicKatora commented 3 years ago

Currently the meta data for the downloaded dump is:

"timestamp":"2020-10-10T14:00:13.291796393Z"

So that's correct. We might want to delay the expiry by one or two hours to give some leeway for the upload time.

HeroicKatora commented 3 years ago

This should be solved (for now). The new default expiration is 48 hours giving the crates-io team a full day for upload. The update command has also gotten smart enough to recognize a newer version by its changed E-Tag.

Shnatsel commented 3 years ago

Confirming that this is fixed.