[Pkg-rust-maintainers] Bug#1027331: Bug#1027331: rust-openssl: Please update to v0.10.45

Sylvestre Ledru sylvestre at debian.org
Fri Dec 30 15:18:54 GMT 2022


Le 30/12/2022 à 15:49, Jonas Smedegaard a écrit :
> Quoting Sylvestre Ledru (2022-12-30 15:20:45)
>> FYI, this isn't a mandatory upgrade for sccache. it works fine with the current version of rust-openssl from the archive
>> (just like most of the sccache updates)
> Thanks, I am aware of that.
>
> But upstream choosing to tighten not only Cargo.lock but also Cargo.toml
> can only be interpreted as lack of promise that it will work.
>
> Occationally I initiate dialogues with upstreams challenging the sanity
> of such (in my opinion too agressive) push for new libraries, but sadly
> my experiences with Rust upstream developers having strong opinions
> discourages my patience initiating such conversations.
>
> I would certainly appreciate if you, with your upstream hat on, relaxed
> crate dependencies where needlessly tight.  I consider that more hlpful
> than comments in bugreports like this: Upstream agressive dependency
> handling causes busywork downstream, with investigating sanity, and
> patching sources, and filing bugreports like this.

Unfortunately for Debian, this is the common way to do rust development 
for many upstream projects.

We try to update often to new version of dependencies to identify 
quickly potential regressions in the various crates +
dependabot makes this super easy.

Cheers,
Sylvestre



More information about the Pkg-rust-maintainers mailing list