diff options
author | Matthias Beyer <mail@beyermatthias.de> | 2020-12-07 13:22:53 +0100 |
---|---|---|
committer | Matthias Beyer <mail@beyermatthias.de> | 2020-12-07 13:22:53 +0100 |
commit | c334a447f1106d7eab24109f8ee572378bb49552 (patch) | |
tree | ccfc11f1998e7936fbc7fb9d4d5bcb9e4368b95a /Cargo.toml | |
parent | af04d39d28b952a4e77b169a339ec23163876360 (diff) |
Fix Licensing issue
The licensing issue fixed by this patch is described in the comment in
the code.
Signed-off-by: Matthias Beyer <mail@beyermatthias.de>
Diffstat (limited to 'Cargo.toml')
-rw-r--r-- | Cargo.toml | 16 |
1 files changed, 16 insertions, 0 deletions
@@ -47,6 +47,22 @@ colored = "2" syntect = "4.4" thiserror = "1" +# Hard-code rand to 0.4.4 +# +# Reason for this is this dependency chain: +# diesel -> uuid (0.6) -> rand (0.4) +# but rand 0.4.5 depends on fuchsia-cprng which has an unclear license +# rand 0.4.4 is yanked, rand 0.4.3 does not contain this dependency. +# +# We do not explicitely need this dependency, we just want to force cargo not to +# link against rand 0.4.5 because of this licensing issue. +# +# The proper solution for this would be to update "uuid" in diesel or +# to update "rand" in uuid 0.6. +# +# Upstream issue: https://github.com/rust-random/rand/issues/1071 +rand = "=0.4.3" + url = { version = "2", features = ["serde"] } tokio = { version = "0.2", features = ["macros", "fs"] } shiplift = { git = "https://github.com/softprops/shiplift", branch = "master" } |