On August 21, 2022 11:24 am, Uli Schlachter wrote: > Package: cargo > Version: 0.57.0-7+b1 > Severity: important > Tags: upstream > X-Debbugs-Cc: psyc...@znc.in > > Hi, > > recently I tried to update some dependencies of a crate and cargo e.g. > claimed that libc 0.2.126 is the newest version, even though 0.2.127 was > released on August 3rd. I reported [#11009] about this. Someone from > upstream then suggested that this is related to the update from libgit2 > 1.1 to libgit 1.3 [#9976] and that this issue was already fixed upstream > a while ago [#9979]. If I understand GitHub's UI correctly, the fix is > part of cargo 1.59. > > Apparently, somewhere between libgit2 and cargo, something with forced > pushes... happens? I did not really understand the details. > > Cheers, > Uli > > [#11009]: https://github.com/rust-lang/cargo/issues/11009 > [#9976]: https://github.com/rust-lang/cargo/issues/9976 > [#9979]: https://github.com/rust-lang/cargo/pull/9979
thanks for filing upstream and linking all these! also see the related bug[0] filed for rust-debcargo (which uses src:rust-cargo , which is also affected and would need to be fixed). I'm currently in the process of updating both src:cargo and src:rust-cargo to 0.63[1], but that process is quite involved and will take a while. since this issue is easily worked around (clear cache/update cache once using git CLI instead of libgit2) I (personally) won't prepare bugfix updates and instead focus on organizing reviews for the update to the new upstream version before the freeze. note that I am just helping out and am not the official maintainer of cargo, Ximin or another DD from the rust team might be willing to prepare such release ;) 0: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016573 1: https://salsa.debian.org/rust-team/cargo/-/merge_requests/14
