Skip to content

Add repository field to Cargo.toml #11

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 6, 2025
Merged

Add repository field to Cargo.toml #11

merged 1 commit into from
Jan 6, 2025
+1 −0

Conversation

paolobarbolini
Copy link
Contributor

@paolobarbolini paolobarbolini commented Mar 30, 2024
edited
Loading

This adds the repository field to Cargo.toml, making it easier for crates.io users to find the repository hosting the crate's source code. This issue was found by scraping our indirect dependencies from crates.io and verifying that they meet certain criteria. Could a new patch release be made after this PR is merged?

Closes #5
Closes #9

@link2xt
Copy link

link2xt commented Mar 31, 2024

I am also looking at our dependencies now and out of 569 dependencies only 14 don't have "repository" set. I am trying to ensure that crates are reproducible from the original repos, but already found that some crates have been published from dirty working directories. Good thing is that if packages are built from clean tree, crates built with cargo package are byte-for-byte reproducible.

You might be interested in some previous research on the state of crates.io: https://codeandbitters.com/published-crate-analysis/

This was referenced Mar 31, 2024
Merged
Open
@eira-fransham
Copy link
Owner

LGTM, thank you!

@eira-fransham eira-fransham mentioned this pull request Jan 6, 2025
Closed
@eira-fransham eira-fransham merged commit 76e3231 into eira-fransham:master Jan 6, 2025
@paolobarbolini
Copy link
Contributor Author

Could you release a new version to crates.io?

@eira-fransham
Copy link
Owner

@paolobarbolini Should be done

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Cargo.toml is missing "repository" link
3 participants
@paolobarbolini @link2xt @eira-fransham