Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix spiffy issue #635

Merged
merged 5 commits into from
Sep 6, 2022
Merged

Fix spiffy issue #635

merged 5 commits into from
Sep 6, 2022

Conversation

gowthamsk-arm
Copy link
Contributor

Bump psa_crypto and spiffy versions to resolve the security advisory reported from the cargo audit check.

Resolves #602

Signed-off-by: Gowtham Suresh Kumar gowtham.sureshkumar@arm.com

@gowthamsk-arm
Update spiffy and psa-crypto crates
2bee861 
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
@gowthamsk-arm
Remove cargo audit ignored advisories
8bc9585 
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
@gowthamsk-arm
Fix clippy issues
fd1d59a 
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
mohamedasaker-arm
mohamedasaker-arm reviewed Sep 5, 2022
View reviewed changes
Cargo.lock
@@ -33,15 +33,48 @@ dependencies = [

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need all these changes, or can we make these updates separately and include what is necessary for this change?
From the CI, it seems that the new hashbrown package isn't compatible with the old compiler 1.53

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes are automatically done after running cargo update. Yes, I and Ionut had a chat on this. Looks like we need to update that to 1.56. But for this to happen we need to make sure that latest version of OpenSUSE Leap uses 1.56 or above. I have already asked Guillaume Gardet. Waiting for his response.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, depending on what exactly changed in those two dependencies that we bumped, it could end in tens/hundreds of other dependencies getting bumped/added/removed... Such is life in Cargo Land.

@gowthamsk-arm
Bump down indexmap to 1.8.2
27b5d7a 
The indexmap crate 1.9.1 uses a version of hashbrown crate which
is not compilable with rust 1.53.0. This rust version is
required for supporting OpenSUSE Leap.

Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
ionut-arm
ionut-arm approved these changes Sep 6, 2022
View reviewed changes
Copy link
Member

@ionut-arm ionut-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✔️

mohamedasaker-arm
mohamedasaker-arm approved these changes Sep 6, 2022
View reviewed changes
Copy link
Contributor

@mohamedasaker-arm mohamedasaker-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the Fix 🥇

@gowthamsk-arm gowthamsk-arm merged commit 710320e into parallaxsecond:main Sep 6, 2022
@gowthamsk-arm gowthamsk-arm deleted the fix_spiffy_issue branch February 21, 2023 17:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ionut-arm ionut-arm ionut-arm approved these changes

@mohamedasaker-arm mohamedasaker-arm mohamedasaker-arm approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update Spiffe dependency
3 participants
@gowthamsk-arm @ionut-arm @mohamedasaker-arm