### What does this PR try to resolve?
This is a horrible hack,
which lets the rustc invocation for learning target info always emit
warnings as warnings.
But at least it unblocks people who pass `-Awarnings` via RUSTFLAGS.
A long-term solution is a better interface
between build systems and the compiler.
See the discussion on Zulip:
https://rust-lang.zulipchat.com/#narrow/channel/131828-t-compiler/topic/Improving.20communication.20interface.20between.20cargo.2FrustcFixesrust-lang/cargo#8010
### How should we test and review this PR?
Ensure `CFG_DISABLE_CROSS_TESTS` is not set,
and run `cargo t --test testsuite
always_emit_warnings_as_warnings_when_learning_target_info`
This also additionally adds `wasm32-unknown-unknown` target to Cargo's
CI.
### Additional information
The main benefit is that it won't facilitate hangs due to attempts
to read from untrackable directory entries, like names pipes or
sockets.
Related to https://github.com/GitoxideLabs/gitoxide/pull/1629
This helps `-Ztrim-paths` build a stable cross-platform path for the
registry and git sources. Sources files then can be found from the same
path when debugging.
It also helps cache registry index all at once for all platforms,
for example the use case in rust-lang/cargo#14795
(despite they should use `cargo vendor` instead IMO).
Some caveats:
* Newer cargo will need to re-download files for global caches
(index files, git/registry sources).
The old cache is still kept and used when running with older cargoes.
* Windows is not really covered by the "cross-platform" hash,
because path prefix components like `C:` are always there.
That means hashes of some sources kind,
like local registry and local path,
are not going to be real cross-platform stable.
There might be hash collisions if you have two registries under the same
domain. This won't happen to crates.io, as the infra would have to
intentionally put another registry on index.crates.io to collide.
We don't consider this is an actual threat model, so we are not going to
use any cryptographically secure hash algorithm like BLAKE3.
See also <https://github.com/rust-lang/cargo/issues/13171#issuecomment-2181465128>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [cargo_metadata](https://redirect.github.com/oli-obk/cargo_metadata) |
workspace.dependencies | minor | `0.18.1` -> `0.19.0` |
---
### Release Notes
<details>
<summary>oli-obk/cargo_metadata (cargo_metadata)</summary>
###
[`v0.19.0`](https://redirect.github.com/oli-obk/cargo_metadata/blob/HEAD/CHANGELOG.md#0190---2024-11-20)
[Compare
Source](https://redirect.github.com/oli-obk/cargo_metadata/compare/0.18.1...0.19.0)
##### Added
- Re-exported `semver` crate directly.
- Added implementation of `std::ops::Index<&PackageId>` for `Resolve`.
- Added `pub fn is_kind(&self, name: TargetKind) -> bool` to `Target`.
- Added derived implementations of `PartialEq`, `Eq` and `Hash` for
`Metadata` and its members' types.
- Added default fields to `PackageBuilder`.
- Added `pub fn new(name:version:id:path:) -> Self` to `PackageBuilder`
for providing all required fields upfront.
##### Changed
- Bumped MSRV from `1.42.0` to `1.56.0`.
- Made `parse_stream` more versatile by accepting anything that
implements `Read`.
- Converted `TargetKind` and `CrateType` to an enum representation.
##### Removed
- Removed re-exports for `BuildMetadata` and `Prerelease` from `semver`
crate.
- Removed `.is_lib(…)`, `.is_bin(…)`, `.is_example(…)`, `.is_test(…)`,
`.is_bench(…)`, `.is_custom_build(…)`, and `.is_proc_macro(…)` from
`Target` (in favor of adding `.is_kind(…)`).
##### Fixed
- Added missing `manifest_path` field to `Artifact`. Fixes
[#​187](https://redirect.github.com/oli-obk/cargo_metadata/issues/187).
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "before 5am on the first day of the
month" (UTC), Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/rust-lang/cargo).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xOS4wIiwidXBkYXRlZEluVmVyIjoiMzkuMTkuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6W119-->
I'm unsure how we should be replacing these use cases, so I'm exploring
keeping them but making them use snapbox under the hood.
Part of the intent of snapbox is that it provides you the building
blocks to make what you need.
Add transactional semantics to `rustfix`
### What does this PR try to resolve?
This PR adds transactional semantics to `rustfix::Data`, enabling `rustfix::CodeFix` to apply `Suggestion`s as atomic units and rollback partially-applied changes when they conflict with existing ones. The basic approach and goals are discussed [in a comment on issue 14699](https://github.com/rust-lang/cargo/issues/14699#issuecomment-2427501232). In that comment, I proposed a solution which extended the existing `State` enumeration, but described an alternative that simplifies the overall tracking of incoming changes; this PR implements the latter.
### How should we test and review this PR?
I've added an additional test and updated the existing ones. The tests in `parse_and_replace` already cover this case, particularly thanks to https://github.com/rust-lang/cargo/pull/14765 added by `@weihanglo.` It's still a good idea to experiment with `cargo clippy --fix` on repos that match the cases described in these open issues.
### Additional information
Fixes#14699
Fixes rust-lang/rust-clippy/issues/13549
DirectorySourceOptions is marked as #[non_exhaustive], and only
exposes the Default trait, so we need to instantiate a mutable
instance using default(), and then change tpl_extension to the
value we want.
chore(deps): update rust crate security-framework to v3
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [security-framework](https://lib.rs/crates/security_framework) ([source](https://redirect.github.com/kornelski/rust-security-framework)) | workspace.dependencies | major | `2.11.1` -> `3.0.0` |
---
### Release Notes
<details>
<summary>kornelski/rust-security-framework (security-framework)</summary>
### [`v3.0.0`](https://redirect.github.com/kornelski/rust-security-framework/compare/v2.11.1...v3.0.0)
[Compare Source](https://redirect.github.com/kornelski/rust-security-framework/compare/v2.11.1...v3.0.0)
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "before 5am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/rust-lang/cargo).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xMzUuMiIsInVwZGF0ZWRJblZlciI6IjM4LjEzNS4yIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=-->
Added unstable-schema generation for Cargo.toml
### What does this PR try to resolve?
Added unstable-schema feature that generates JsonSchema for Cargo.toml
See #12883
finished first step of [plan](https://github.com/rust-lang/cargo/issues/12883#issuecomment-2407648385)
### Information
In cargo-util-schemas, run cargo test --feature unstable-schema . If there have been any changes to manifest.schema.json, rerun with env variable SNAPSHOTS=overwrite and it will update them.
### How should we test and review this PR?
In cargo-util-schemas run cargo test --features unstable-schema and it will generate manifest.schema.json
chore(deps): update rust crate pulldown-cmark to 0.12.0
### What does this PR try to resolve?
Closes#14667
### How should we test and review this PR?
Cargo build-man stopped giving errors after updating pulldown-cmark
### Additional information
initial version of checksum based freshness
Implementation for https://github.com/rust-lang/cargo/issues/14136 and resolves https://github.com/rust-lang/cargo/issues/6529
This PR implements the use of checksums in cargo fingerprints as an alternative to using mtimes. This is most useful on systems with poor mtime implementations.
This has a dependency on https://github.com/rust-lang/rust/pull/126930. It's expected this will increase the time it takes to declare a build to be fresh. Still this loss in performance may be preferable to the issues the ecosystem has had with the use of mtimes for determining freshness.
fix(complete): Don't complete files for any value
### What does this PR try to resolve?
We now need to opt-in to path completions for values, which can be as simple as setting the value parser to be for `PathBuf`s.
We'll now show a lot less irrelevant completions.
### How should we test and review this PR?
### Additional information
Add new intermediate boolean variables for each dependency and each dependency feature declared in a package.
This is used to simplify computation of the sat clauses.
Add support for multiple dependencies with the same name, if their kind or target is different.
A non-weak dependency feature for an optional dependency now activates a feature of the same name in the sat resolver.
We now need to opt-in to path completions for values, which can be as
simple as setting the value parser to be for `PathBuf`s.
We'll now show a lot less irrelevant completions.
chore(deps): bump gix-path from 0.10.9 to 0.10.11
Bumps [gix-path](https://github.com/Byron/gitoxide) from 0.10.9 to 0.10.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/Byron/gitoxide/releases">gix-path's releases</a>.</em></p>
<blockquote>
<h2>gix-path v0.10.10</h2>
<p>A maintenance release without user-facing changes.</p>
<h3>Commit Statistics</h3>
<ul>
<li>6 commits contributed to the release over the course of 12 calendar days.</li>
<li>35 days passed between releases.</li>
<li>0 commits were understood as <a href="https://www.conventionalcommits.org">conventional</a>.</li>
<li>0 issues like '(#ID)' were seen in commit messages</li>
</ul>
<h3>Commit Details</h3>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<ul>
<li><strong>Uncategorized</strong>
<ul>
<li>Prepare changelogs prior to release (0f25841)</li>
<li>Merge pull request <a href="https://redirect.github.com/Byron/gitoxide/issues/1523">#1523</a> from martinvonz/push-xmsuurxprnnw (83c9de0)</li>
<li>Remove <code>--system</code> from <code>git config</code> call as it fails on MacOS (6b1c243)</li>
<li>Run <code>git config -l</code> in temp dir when looking up system config (20ef4e9)</li>
<li>Merge branch 'push-ysnqkzlzwuwq' (e2c747d)</li>
<li>Don't show console on Windows (087594c)</li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="d19af16e1d"><code>d19af16</code></a> Release gix-date v0.9.0, gix-actor v0.31.6, gix-validate v0.9.0, gix-object v...</li>
<li><a href="0f2584178a"><code>0f25841</code></a> prepare changelogs prior to release</li>
<li><a href="9ed2b24e5d"><code>9ed2b24</code></a> Merge branch 'improvements'</li>
<li><a href="6990afd269"><code>6990afd</code></a> fix: similarity detection</li>
<li><a href="f8c5d9ce87"><code>f8c5d9c</code></a> fix similarity detection</li>
<li><a href="25a3f1b0b0"><code>25a3f1b</code></a> Merge pull request <a href="https://redirect.github.com/Byron/gitoxide/issues/1531">#1531</a> from EliahKagan/progress-typos</li>
<li><a href="ba72ee0f06"><code>ba72ee0</code></a> fix!: better peeling performance for reference traversal.</li>
<li><a href="9f9feb6545"><code>9f9feb6</code></a> add progress report for July</li>
<li><a href="b31d6b79fd"><code>b31d6b7</code></a> Fix typos in config support info</li>
<li><a href="242fedc973"><code>242fedc</code></a> Merge branch 'improvements'</li>
<li>Additional commits viewable in <a href="https://github.com/Byron/gitoxide/compare/gix-path-v0.10.9...gix-path-v0.10.10">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/rust-lang/cargo/network/alerts).
</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
