Stream: git-wasmtime

Topic: wasmtime / issue #6672 update toml, zstd


view this post on Zulip Wasmtime GitHub notifications bot (Jun 29 2023 at 22:25):

xxchan commented on issue #6672:

guess serde has breaking changes

view this post on Zulip Wasmtime GitHub notifications bot (Jul 06 2023 at 00:09):

jameysharp commented on issue #6672:

Thank you for this PR! Keeping dependencies up to date is a good idea. I'm curious though: What prompted you to update these specific dependencies?

We'll need to evaluate the cargo vet changes separately from the actual dependency updates here. We've generally been having a core-team member merge any changes to supply-chain/ first, and then asking contributors to rebase on top. In this case, we need to take some time to evaluate whether we want to trust the same publishers that Mozilla does.

I'll bring this up at tomorrow's Wasmtime meeting, and try to get consensus soon so we can merge the rest of your PR.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 06 2023 at 08:13):

xxchan commented on issue #6672:

I'm curious though: What prompted you to update these specific dependencies?

Mainly just because of duplicated dependencies introduced when adding wasmtime as a dependency.

view this post on Zulip Wasmtime GitHub notifications bot (Jul 07 2023 at 23:11):

jameysharp commented on issue #6672:

Since #6697 has merged, this PR should be easier to land now.

Prompted by this PR, I'm now investigating some potential issues in the zstd crate dependency tree. Let's not try to upgrade that until I've sorted things out. But if you'd like to rebase the rest of the changes on current main we can see what cargo vet stuff I missed, if anything.


Last updated: Dec 23 2024 at 12:05 UTC