[WIP] Bump digest, ed25519, signature, and sha2
#676
Conversation
Bumps the aforementioned dependencies to their latest (pre)releases
This makes it possible to publish a prerelease, which we otherwise can't do since we're sourcing `ed25519-dalek` from this git branch: dalek-cryptography/curve25519-dalek#676 This commit can be reverted immediately after we publish a crate release.
This makes it possible to publish a prerelease, which we otherwise can't do since we're sourcing `ed25519-dalek` from this git branch: dalek-cryptography/curve25519-dalek#676 This commit can be reverted immediately after we publish a crate release.
This makes it possible to publish a prerelease, which we otherwise can't do since we're sourcing `ed25519-dalek` from this git branch: dalek-cryptography/curve25519-dalek#676 This commit can be reverted immediately after we publish a crate release.
|
Hi, Are there any blockers for un-drafting this PR and merging it? FWIW I'm using -pre versions of these crates and they work really well :) Thanks for your time! 👋 |
|
We'd need to create separate branches for stable vs development so not as to block stable work |
|
What is the current state of this? I am currently trying to integrate |
|
We are discussing how to proceed. We might need to do a major version bump due to how aggressively people are reacting to MSRV bumps |
For 1.60 -> 1.72? Surely 1.72 (Aug 2023) is old enough to not warrant that.
Yikes, really? |
|
The new MSRV will be 1.85 when the You can see how people reacted here: RustCrypto/formats#1684 |
|
It's slightly surprising that /formats hopped on 2024 so quickly but I assume it had a good reason and was basically waiting for it. Still, lockfiles exist to solve this already; doesn't require pinning in manifests. And post-1.84 you can opt in to resolver=3 to get MSRV resolving automatically. Sucks that people are reacting like that instead of learning about the tools provided to help them. |
|
I pointed that out, but it seems some people were complaining about uncached It seems it doesn't matter if there are solutions, people have poorly configured builds and will show up to bitch you out with "Your shitty software which I don't care about broke my build" |
|
I expect (and indeed have experienced) the same vocal minority objecting to (cascading) major library releases. The solutions are much simpler for the MSRV case. I'll leave it at that. |
|
Yeah, it's definitely much simpler not to bump the version, though I'm not sure you can necessarily dismiss them as a "vocal minority" (especially when you're not the one dealing with them) |
Bumps the aforementioned dependencies to their latest (pre)releases.
See also: #620