mirror of
https://github.com/EmbarkStudios/rust-gpu.git
synced 2024-11-22 14:56:27 +00:00
643c1ba950
Current https://deps.rs/repo/github/EmbarkStudios/rust-gpu is showing that this repo has an insecure dependencies with the tar crate. I believe this is because a previous tar v0.4.16 and earlier had a security advisory on it ([link](https://rustsec.org/advisories/RUSTSEC-2018-0002.html)) and that the deps.rs service does not yet support Cargo.lock where we had specified that we use a latest version. Tracked in https://github.com/deps-rs/deps.rs/issues/26 So simply force require latest tar crate version (that we were already using) in Cargo.toml here with the hope that https://deps.rs won't flag the repo as having insecure dependencies
25 lines
469 B
TOML
25 lines
469 B
TOML
[package]
|
|
name = "rustc_codegen_spirv"
|
|
version = "0.1.0"
|
|
authors = ["Embark <opensource@embark-studios.com>"]
|
|
edition = "2018"
|
|
license = "MIT OR Apache-2.0"
|
|
repository = "https://github.com/EmbarkStudios/rust-gpu"
|
|
#keywords = []
|
|
#categories = []
|
|
#readme = "README.md"
|
|
|
|
[lib]
|
|
crate-type = ["dylib"]
|
|
|
|
[dependencies]
|
|
bimap = "0.5"
|
|
rspirv = "0.7.0"
|
|
tar = "0.4.30"
|
|
thiserror = "1.0.20"
|
|
topological-sort = "0.1"
|
|
|
|
[dev-dependencies]
|
|
pretty_assertions = "0.6"
|
|
tempfile = "3.1"
|