Closed djc closed 6 months ago
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 97.19%. Comparing base (
439331b
) to head (a2423a0
).
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
So this is failing our MSRV checks because aws-lc-sys pulls in bindgen (as an optional build-dependency) and bindgen pulls in regex and regex now has an MSRV of 1.65. It's a bit tricky because AIUI the bindgen dependency is optional for aws-lc-sys on platforms for which they have pregenerated bindings, which seems to be all the tier 1 ones at this point?
We could avoid updating regex in our Cargo.lock
to prove to ourselves that the library otherwise still works on 1.60 but downstream users (using the aws-lc-rs provider) will probably still think we no longer support 1.60?
I wonder if we should take 1.65? It'd mean we can use let-else, for example. The downside of that is debian stable is on 1.63.
It also feels silly because it looks like regex is not really a core dependency for bindgen, it's used to provide what looks like potentially optional API (which it seems aws-lc-rs doesn't actually use)...
The downside of that is debian stable is on 1.63.
I wonder how long we'd have to wait for Debian to get 1.65 :thinking:
The downside of that is debian stable is on 1.63.
I wonder how long we'd have to wait for Debian to get 1.65 :thinking:
I think for the last bump they went from 1.48 to 1.63. I don't think we'll want to wait that long...
cpu force-pushed the update-deps branch from 492824e to ec2bf76
I force pushed an update to pull in aws-lc-rs 1.6.4 since the 1.6.3 release with the bindgen issue was yanked.
error: package
rustix v0.38.32
cannot be built because it requires rustc 1.63 or newer, while the currently active rustc version is 1.61.0
~It looks like we might still need to consider an MSRV bump, but to a much more reasonable 1.63. That's in Debian stable, and we were talking about taking it already over in https://github.com/rustls/rustls/pull/1885 for hashbrown
. I think we should do it. Agree?~ This was confusion from forgetting to update the locked aws-lc-sys dep too.
I think we should do it. Agree?
Yep!
Ah, should have tried 1.63 as MSRV first:
error: package
regex-automata v0.4.6
cannot be built because it requires rustc 1.65 or newer, while the currently active rustc version is 1.63.0
~It looks like a bindgen
build dep is still bringing in regex 1.10.4. I see the MSRV build fail w/ 1.63.~ This was confusion from forgetting to update the locked aws-lc-sys dep too.
I'm confused why https://github.com/rustls/rustls/pull/1888 builds green with an MSRV of 1.61 given the above. I'm missing some detail :thinking:
I'm missing some detail 🤔
It looks like Rustls is using aws-lc-sys 0.14.1 while webpki is using 0.14.0
vs
Maybe because aws-lc-rs has fixed their issue in 1.6.3 in 1.6.4?
I can repro that locally, but then if I do:
$ cargo update
Updating crates.io index
Updating aws-lc-sys v0.14.0 -> v0.14.1
Updating syn v2.0.57 -> v2.0.58
That fixes it (because aws-lc-rs -> aws-lc-sys -> build-dependencies drops bindgen).
Maybe because aws-lc-rs has fixed their issue in 1.6.3 in 1.6.4?
I'm using aws-lc-rs 1.6.4 in both, but aws-lc-sys didn't get bumped in the lockfile here where it did in the main repo.
Ok, all fixed up. No MSRV change required.
Sorry for the confusion!
@ctz @djc Can one of you re-review since I pushed changes to this branch?
I cancelled this job that looked stuck and started it again.
To replace #240.