git.delta.rocks / jrsonnet / refs/commits / be1ca0e13d7d

difftreelog

fix avoid problematic serde release

Yaroslav Bolyukin2023-08-19parent: #19baaf2.patch.diff
in: master
It doesn't work with the downstream nix users of jrsonnet, and may cause
security issues.

Upstream issue: https://github.com/serde-rs/serde/issues/2538

7 files changed

modifiedCargo.tomldiffbeforeafterboth
after · Cargo.toml
1[workspace]2package.version = "0.5.0-pre95"3package.repository = "https://github.com/CertainLach/jrsonnet"4members = ["crates/*", "bindings/jsonnet", "cmds/jrsonnet", "tests"]5default-members = ["cmds/jrsonnet"]6resolver = "2"78[workspace.dependencies]9jrsonnet-evaluator = { path = "./crates/jrsonnet-evaluator", version = "0.5.0-pre95" }10jrsonnet-macros = { path = "./crates/jrsonnet-macros", version = "0.5.0-pre95" }11jrsonnet-parser = { path = "./crates/jrsonnet-parser", version = "0.5.0-pre95" }12jrsonnet-interner = { path = "./crates/jrsonnet-interner", version = "0.5.0-pre95" }13jrsonnet-stdlib = { path = "./crates/jrsonnet-stdlib", version = "0.5.0-pre95" }14jrsonnet-cli = { path = "./crates/jrsonnet-cli", version = "0.5.0-pre95" }15jrsonnet-types = { path = "./crates/jrsonnet-types", version = "0.5.0-pre95" }1617jrsonnet-gcmodule = "0.3.6"1819# <= 1.0.171 due to serde-rs/serde#253820serde = { version = ">= 1.0.126, <= 1.0.171" }2122#[profile.test]23#opt-level = 12425[profile.release]26opt-level = 327lto = "fat"28codegen-units = 129debug = 030panic = "abort"31strip = true3233[profile.releasedebug]34inherits = "release"35debug = 236panic = "unwind"37strip = false
modifiedcmds/jrsonnet/Cargo.tomldiffbeforeafterboth
--- a/cmds/jrsonnet/Cargo.toml
+++ b/cmds/jrsonnet/Cargo.toml
@@ -42,3 +42,5 @@
 thiserror = "1.0"
 clap = { version = "4.1", features = ["derive"] }
 clap_complete = { version = "4.1" }
+serde_json = "1.0.104"
+serde = { workspace = true, features = ["derive"] }
modifiedcrates/jrsonnet-evaluator/Cargo.tomldiffbeforeafterboth
--- a/crates/jrsonnet-evaluator/Cargo.toml
+++ b/crates/jrsonnet-evaluator/Cargo.toml
@@ -47,7 +47,7 @@
 # Friendly errors
 strsim = { version = "0.10.0" }
 
-serde = "1.0"
+serde.workspace = true
 
 anyhow = { version = "1.0", optional = true }
 # Serialized stdlib
modifiedcrates/jrsonnet-interner/Cargo.tomldiffbeforeafterboth
--- a/crates/jrsonnet-interner/Cargo.toml
+++ b/crates/jrsonnet-interner/Cargo.toml
@@ -19,7 +19,7 @@
 [dependencies]
 jrsonnet-gcmodule.workspace = true
 
-serde = { version = "1.0", optional = true }
+serde = { workspace = true, optional = true }
 structdump = { version = "0.2.0", optional = true }
 
 rustc-hash = "1.1"
modifiedcrates/jrsonnet-parser/Cargo.tomldiffbeforeafterboth
--- a/crates/jrsonnet-parser/Cargo.toml
+++ b/crates/jrsonnet-parser/Cargo.toml
@@ -35,5 +35,5 @@
 
 peg = "0.8.1"
 
-serde = { version = "1.0", features = ["derive", "rc"], optional = true }
+serde = { workspace = true, features = ["derive", "rc"], optional = true }
 structdump = { version = "0.2.0", features = ["derive"], optional = true }
modifiedcrates/jrsonnet-stdlib/Cargo.tomldiffbeforeafterboth
--- a/crates/jrsonnet-stdlib/Cargo.toml
+++ b/crates/jrsonnet-stdlib/Cargo.toml
@@ -30,7 +30,7 @@
 # Used for stdlib AST serialization
 bincode = { version = "1.3", optional = true }
 # Used both for stdlib AST serialization and std.parseJson/std.parseYaml
-serde = "1.0"
+serde.workspace = true
 
 # std.md5
 md5 = "0.7.0"
modifiedtests/Cargo.tomldiffbeforeafterboth
--- a/tests/Cargo.toml
+++ b/tests/Cargo.toml
@@ -8,4 +8,4 @@
 jrsonnet-evaluator.workspace = true
 jrsonnet-gcmodule.workspace = true
 jrsonnet-stdlib.workspace = true
-serde = "1.0.142"
+serde.workspace = true