Skip to content

Pin clap dependency on CI#605

Merged
alex merged 1 commit intoalex:mainfrom
trail-of-forks:ft/pin-clap
Mar 18, 2026
Merged

Pin clap dependency on CI#605
alex merged 1 commit intoalex:mainfrom
trail-of-forks:ft/pin-clap

Conversation

@facutuesca
Copy link
Contributor

@facutuesca facutuesca commented Mar 17, 2026
edited
Loading

clap 4.6.0 was released with a MSRV of 1.85, so we pin until our MSRV is high enough.

Motivated by our CI now failing with Rust 1.83.0: log

We pin clap to version 4.5.61, which is the last version where clap
has a compatible MSRV. This can be updated once our MSRV is >= 1.85.

We also pin clap_lex, a transitive dependency, since the latest version
(1.1.0) also has an incompatible MSRV.

@facutuesca facutuesca marked this pull request as draft March 17, 2026 22:37
@facutuesca
Copy link
Contributor Author

facutuesca commented Mar 17, 2026

Mm seems like a transitive dependency (clap_lex) also has the same issue (new version 1.1.0 released with MSRV == 1.85). @alex how would you prefer to fix this?

@facutuesca facutuesca mentioned this pull request Mar 17, 2026
Merged
@facutuesca facutuesca changed the title Pin clap dependency to ~4.5 Pin clap dependency to 4.5.57 Mar 17, 2026
@facutuesca
Copy link
Contributor Author

facutuesca commented Mar 17, 2026

I ended up fixing it by pinning to =4.5.57 instead of ~4.5, so that the transitive dependency clap_lex also has a compatible MSRV

@facutuesca facutuesca marked this pull request as ready for review March 17, 2026 23:06
alex
alex reviewed Mar 17, 2026
View reviewed changes
asn1parse/Cargo.toml Outdated
# We pin clap to version 4.5.57, which is the last version where both clap
# and its dependencies have a compatible MSRV. This can be updated once
# our MSRV is >= 1.85
clap = { version = "=4.5.57", features = ["derive"] }
Copy link
Owner

@alex alex Mar 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We shouldn't need to use an =, we should pin to the needed versions in ci.yml

Copy link
Owner

@alex alex Mar 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see cec0eff for the pattern

Copy link
Contributor Author

@facutuesca facutuesca Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed!

@facutuesca
Pin clap dependency on CI
438286b 
We pin clap to version 4.5.61, which is the last version where clap
has a compatible MSRV. This can be updated once our MSRV is >= 1.85.

We also pin clap_lex, a transitive dependency, since the latest version
(1.1.0) also has an incompatible MSRV.

Signed-off-by: Facundo Tuesca <facundo.tuesca@trailofbits.com>
@facutuesca facutuesca changed the title Pin clap dependency to 4.5.57 Pin clap dependency on CI Mar 18, 2026
@alex alex merged commit 25f7579 into alex:main Mar 18, 2026
13 checks passed
@facutuesca facutuesca deleted the ft/pin-clap branch March 18, 2026 00:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alex alex alex approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@facutuesca @alex