Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

feat: emit dependency relationships found in Cargo.lock #3443

Merged
merged 3 commits into from
Nov 14, 2024
Merged

feat: emit dependency relationships found in Cargo.lock #3443

merged 3 commits into from
Nov 14, 2024

Conversation

willmurphyscode
Copy link
Contributor

@willmurphyscode willmurphyscode commented Nov 14, 2024
edited
Loading

Include updating test dependency to have dependencies on multiple versions of the same crate.

Description

Partially implements #572 by adding support for emitting dependency relationships between crates as enumerated in Cargo.lock files.

Fixes #2353.

Type of change

This is a new feature.

Checklist:

  • I have added unit tests that cover changed behavior
  • I have tested my code in common scenarios and confirmed there are no regressions
  • I have added comments to my code, particularly in hard-to-understand sections

@willmurphyscode
feat: emit dependency relationships found in Cargo.lock
64c06b2 
Include updating test dependency to have dependencies on multiple
versions of the same crate.

Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
@willmurphyscode willmurphyscode added the enhancement New feature or request label Nov 14, 2024
@willmurphyscode
only use version and source
95dd9ea 
I haven't actually seen the other two types of keys in the wild.

Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
wagoodman
wagoodman approved these changes Nov 14, 2024
View reviewed changes
Copy link
Contributor

@wagoodman wagoodman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice!

Just an fyi, there is a dependency.Specifier and processor for these kinds of things (see the dpkg dependency and its usage as a cataloger post-processor.

The one difference with that specific approach and here is that we'd want to still keep dependencies from the single cargo.lock related (and not related to seemingly overlapping dependencies in other cargo.lock files), which means it's use as a post-processor across all packages found by the cataloger wouldn't be correct, but it could be used within the cataloger instead as a post-processor, thus reusing the abstraction.

No need to change this code on the PR, but could be helpful for future PRs like this one.

@willmurphyscode
fix: don't emit dependency to unseen package
2d0cb3c 
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
@willmurphyscode willmurphyscode merged commit bc35345 into main Nov 14, 2024
12 checks passed
@willmurphyscode willmurphyscode deleted the feat-cargo-lock-dep-relationships branch November 14, 2024 21:45
@BrewTestBot BrewTestBot mentioned this pull request Nov 21, 2024
Merged
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@wagoodman wagoodman wagoodman approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
OSS
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Surface Rust dependency relationships
2 participants
@willmurphyscode @wagoodman