Skip to content

SourceId serialization is ambiguous due to lack of escaping #11085

New issue
New issue
Closed
#12280
Closed
SourceId serialization is ambiguous due to lack of escaping#11085
#12280
Labels
A-lockfileArea: Cargo.lock issuesC-bugCategory: bugS-needs-designStatus: Needs someone to work further on the design for the feature or fix. NOT YET accepted.
@g2p

Description

@g2p
g2p
opened on Sep 14, 2022

Problem

I noticed this when cargo update (in compare_dependency_graphs) kept notifying me of spurious changes when referring to a branch name with a '+' character. Due to poor serialisation, deserializing a branch name from Cargo.lock gives a branch that doesn't match the one in Cargo.toml.

It's also possible to give a branch name that will spill into the 'precise' commit hash when deserializing.

Steps

No response

Possible Solution(s)

Will send a PR that fixes serialization to use the expected encoding, which is unambiguous.

Notes

No response

Version

cargo 1.65.0 (bd99c043c 2022-09-09)
release: 1.65.0
commit-hash: bd99c043ceeaa0318f1ce4633f796110ae182002
commit-date: 2022-09-09
host: x86_64-unknown-linux-gnu
libgit2: 1.5.0 (sys:0.15.0 vendored)
libcurl: 7.81.0 (sys:0.4.56+curl-7.83.1 system ssl:NSS/3.68.2)
os: Ubuntu 22.04 (jammy) [64-bit]

Metadata

Metadata

Assignees

No one assigned

    Labels

    A-lockfileArea: Cargo.lock issuesC-bugCategory: bugS-needs-designStatus: Needs someone to work further on the design for the feature or fix. NOT YET accepted.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions