-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Check depends for validity #70
Comments
adding this to the next iteration of fez (interestingly the tgz processor for fez fixed it only for the index, which is a bug). |
@patrickbkr looking at this a little more closely today. i no longer think this is a bug for the reason that it's impossible to programmatically discern the intention of the author. In this case it's apparent but this example is less obvious: tl;dr The |
Couldn't we instead check whether the values we do care about are sane? In the OP snippet |
@patrickbkr it's a little trickier than that, let me think about how this might be done. simply hardcoding it seems like a bad idea and this might be leaning more towards full on dist manager mode, which may be the path forward for fez but i'm hesitant to take on that work without help. the other way might be peeling fez back to just a library that mi6 or some other tool can use to upload dists but this is less appealing than full on dist management. |
Going to add this to v48 of fez. I ended up going for the |
Okay, a fix for this is incoming with RakuAST |
DateTime::Timezones:ver<0.4.1> has the following line in its META6.json:
Notice the extra
:
afterauth
. If I interpret my observations correctly, that dependency is ignored by zef without any notice.It would be nice if fez could validate dependency specs and prevent uploads of such malformed specs.
The text was updated successfully, but these errors were encountered: