From 593861989dffd815bce5be9a9d93783c4c747f94 Mon Sep 17 00:00:00 2001 From: Dax Pryce Date: Mon, 1 Aug 2022 13:42:12 -0700 Subject: [PATCH 1/2] Build with New Deps There's a [CVE](https://nvd.nist.gov/vuln/detail/CVE-2020-26235) out for the `time` crate, which `chrono` depends on. Our last build was so long ago that it was built using a version of `time` that had this issue. In theory, merely making a new build will rectify this. In theory. --- packages/pyo3/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/pyo3/Cargo.toml b/packages/pyo3/Cargo.toml index 3c34052..4fd2d43 100644 --- a/packages/pyo3/Cargo.toml +++ b/packages/pyo3/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "graspologic_native" -version = "1.1.1" +version = "1.1.2" authors = ["daxpryce@microsoft.com"] edition = "2018" license = "MIT" From cffe014c4c5fd73713b2ecc512d65b933f402b78 Mon Sep 17 00:00:00 2001 From: Dax Pryce Date: Mon, 1 Aug 2022 13:48:28 -0700 Subject: [PATCH 2/2] Maturin updates Maturin no longer builds sdists by default and has dropped support for --no-sdist --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4a52edf..8d2ce8c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -65,7 +65,7 @@ jobs: maturin-version: latest command: build target: x64 - args: -m packages/pyo3/Cargo.toml --release -i ${{env.pythonLocation}}\python.exe --no-sdist + args: -m packages/pyo3/Cargo.toml --release -i ${{env.pythonLocation}}\python.exe - uses: messense/maturin-action@v1 if: ${{ matrix.os == 'macos-latest' }} @@ -73,7 +73,7 @@ jobs: with: maturin-version: latest command: build - args: -m packages/pyo3/Cargo.toml --release --universal2 --no-sdist + args: -m packages/pyo3/Cargo.toml --release --universal2 - uses: messense/maturin-action@v1 if: ${{ matrix.os == 'ubuntu-latest' }}