Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependency Versions Mask Cargo.toml Versions #117

Closed
BenD0G opened this issue Aug 30, 2024 · 1 comment · Fixed by #128
Closed

Dependency Versions Mask Cargo.toml Versions #117

BenD0G opened this issue Aug 30, 2024 · 1 comment · Fixed by #128
Milestone
0.7.10

Comments

@BenD0G
Copy link

BenD0G commented Aug 30, 2024
edited
Loading

Describe the bug
Dependi will incorrectly mark outdated versions with a green tick, if a dependency contains an up-to-date version of the same crate. At time of writing, rand is on 0.8.5:
image

To Reproduce
Steps to reproduce the behavior:
Make sure you have Lock File Enabled on.
Make a new crate, with this dependency section:

[dependencies]
proptest = "1.5"
rand = "0.1"

Dependi will mark rand with a tick. In the generated lock file, note that we have

[[package]]
name = "rand"
version = "0.1.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2d37d90a6118f2925173cb2b778aaabda804247d389cbff6f39fb558fddda113"
dependencies = [
 "libc 0.1.12",
 "log",
]

[[package]]
name = "rand"
version = "0.8.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
dependencies = [
 "libc 0.2.158",
 "rand_chacha",
 "rand_core",
]

Expected behavior
Dependi should warn that you have specified an outdated version in your TOML file.

Screenshots
image

Desktop (please complete the following information):

  • OS: Ubuntu
  • Version: 24.04

Additional context
Possibly related to #112.
@kadirkaang kadirkaang mentioned this issue Sep 5, 2024
Merged
@kadirkaang kadirkaang linked a pull request Sep 5, 2024 that will close this issue
refactor: Improve validation logic in TomlLockParser #128
Merged
@serayuzgur serayuzgur added this to the 0.7.10 milestone Sep 6, 2024
@MOzanGul
Copy link

Hi @BenD0G , we have fixed this issue per your request in our new version.
We'd be really happy if you could review Dependi, here is our reviews page.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.7.10
Development

Successfully merging a pull request may close this issue.

refactor: Improve validation logic in TomlLockParser filllabs/dependi
3 participants
@serayuzgur @BenD0G @MOzanGul