Replace unmaintained yaml-rust dependency with yaml-rust2
#600
Conversation
|
The bat syntax regression test fails:
It looks like the This PR introduces a regression for bat, but only because bat's regression test includes a file with seemingly invalid syntax. How do we resolve this? |
|
Oop, I think merging this was a breaking change. I was hoping to get out a |
|
My bad, I probably rushed a bit because I felt that we should probably have upgraded this dependency a while ago... Would it make sense to push a commit reverting this PR, make the minor release, then revert the revert? 😅 |
|
I think that should work out totally fine 👍 |
|
Just to be clear, I don't have cargo publish permissions for syntect so it will need one of the other maintainers to perform the release |
|
@keith-hall I can add you as owner for https://crates.io/crates/syntect so you can make releases on your own. If you'd like? |
|
Sure, that could be convenient, thanks 👍 do we have any documentation on the release process/checklist for syntect? I had a quick look but didn't see anything |
|
I invited you as owner now. I don't think there is a checklist, but I think doing this is sufficient:
My recommendation is to not have any long-term auth token around. Best would be if we enabled trusted publishing. Here is a minimal example from one of my projects: https://github.com/Enselic/snapshot-testing/blob/main/.github/workflows/release.yml. But that is a nice-to-have and not blocking any releases. |
|
Thanks, release has been made. I noticed we have a Release workflow in syntect, but when I tried it, it didn't work:
So I published manually for now. And raised a new PR to re-apply yaml-rust2: #602 |
Replace the unmaintained
yaml-rustdependency withyaml-rust2, as recommended by RUSTSEC-2024-0320.Even though the dependency is renamed in
Cargo.toml, the public API still changes as can be seen in the updatedtests/snapshots/public-api.txt.Supersedes #544 (has merge conflicts) and #555 (fails CI).