Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add repository field to Cargo.toml #11

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add repository field to Cargo.toml #11

wants to merge 1 commit into from

Conversation

paolobarbolini
Copy link

@paolobarbolini paolobarbolini commented Mar 30, 2024
edited
Loading

This adds the repository field to Cargo.toml, making it easier for crates.io users to find the repository hosting the crate's source code. This issue was found by scraping our indirect dependencies from crates.io and verifying that they meet certain criteria. Could a new patch release be made after this PR is merged?

Closes #5
Closes #9

@link2xt
Copy link

link2xt commented Mar 31, 2024

I am also looking at our dependencies now and out of 569 dependencies only 14 don't have "repository" set. I am trying to ensure that crates are reproducible from the original repos, but already found that some crates have been published from dirty working directories. Good thing is that if packages are built from clean tree, crates built with cargo package are byte-for-byte reproducible.

You might be interested in some previous research on the state of crates.io: https://codeandbitters.com/published-crate-analysis/

This was referenced Mar 31, 2024
Merged
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Cargo.toml is missing "repository" link
2 participants
@paolobarbolini @link2xt