You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Due to use of zeroize in cryptographic projects with a forced specific version, it's hard to use cargo-outdated:
error: failed to select a version for `zeroize`.
... required by package `x25519-dalek v1.2.0`
... which satisfies dependency `x25519-dalek = "^1.2.0"` of package `libp2p-noise v0.38.0 (/tmp/cargo-outdatedu18zVN/transports/noise)`
... which satisfies path dependency `libp2p-noise` of package `libp2p v0.48.0 (/tmp/cargo-outdatedu18zVN)`
... which satisfies path dependency `libp2p` of package `libp2p-autonat v0.7.0 (/tmp/cargo-outdatedu18zVN/protocols/autonat)`
versions that meet the requirements `=1.3` are: 1.3.0
all possible versions conflict with previously selected packages.
previously selected package `zeroize v1.5.7`
... which satisfies dependency `zeroize = "^1.5.7"` of package `keygen v0.1.0 (/tmp/cargo-outdatedu18zVN/misc/keygen)`
failed to select a version for `zeroize` which could resolve this conflict
The text was updated successfully, but these errors were encountered:
kpp
changed the title
Crate zeroize breaks your project
Crates with '=version' break your project
Aug 30, 2022
Have the same issue with png crate being pinpoint to =0.17.6 in resvg crate.
I did pinpoint png to exactly the same version in my crate, but cargo-outdated doesn't consider it as an exact version and still treats like a version range:
error: failed to select a version for `png`.
... required by package `resvg v0.28.0`
... which satisfies dependency `resvg = "^0.28.0"` of package `my-crate v0.0.0 (/var/folders/0w/5v5r_jrx491dd5s5750mtmw00000gn/T/cargo-outdatedIfaGIF/services/file)`
versions that meet the requirements `=0.17.6` are: 0.17.6
all possible versions conflict with previously selected packages.
previously selected package `png v0.17.7`
... which satisfies dependency `png = "^0.17.7"` of package `my-crate v0.0.0 (/var/folders/0w/5v5r_jrx491dd5s5750mtmw00000gn/T/cargo-outdatedIfaGIF/services/file)`
failed to select a version for `png` which could resolve this conflict
cargo update, though, doesn't complain about anything.
Due to use of
zeroize
in cryptographic projects with a forced specific version, it's hard to use cargo-outdated:The text was updated successfully, but these errors were encountered: