Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update to zip 0.5 to resolve bzip2 issue #1600

Merged
merged 1 commit into from
Dec 20, 2023
Merged

Update to zip 0.5 to resolve bzip2 issue #1600

merged 1 commit into from
Dec 20, 2023

Conversation

chriskrycho
Copy link
Contributor

This only gets us part of the way to fully updated, but our MSRV and the transitive MSRV of one of zip's dependencies means we cannot yet upgrade all the way to v0.6 (latest). It is sufficient to get the vulnerability eliminated, though!

Fixes #1599

@chriskrycho
Update to zip 0.5 to resolve bzip2 issue
6bc65c4 
This only gets us part of the way to fully updated, but our MSRV and the
transitive MSRV of one of zip's dependencies means we cannot yet upgrade
all the way to v0.6 (latest). It is sufficient to get the vulnerability
eliminated, though!

Fixes #1599
@chriskrycho chriskrycho added the dependencies Pull requests that update a dependency file label Dec 20, 2023
@chriskrycho
Copy link
Contributor Author

Note: this is failing two smoke tests locally:

  • volta_fetch::fetch_node
  • volta_install::install_node

It's unclear why that would be, and it's possible it's not a real issue. Will dig in further at some point later (or just be happy if CI is ✅!).

@chriskrycho
Copy link
Contributor Author

Hooray, they pass! I do need to dig into why they failed locally, though, so that we don't end up in flakey test hell.

@chriskrycho chriskrycho merged commit 57591c0 into main Dec 20, 2023
10 of 11 checks passed
@chriskrycho chriskrycho deleted the bump-zip branch December 20, 2023 15:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Upgrade to latest version of zip
1 participant
@chriskrycho