Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend swift-crypto allowed version range #249

Closed
wants to merge 2 commits into from
Closed

Extend swift-crypto allowed version range #249

wants to merge 2 commits into from

Conversation

Frizlab
Copy link
Contributor

@Frizlab Frizlab commented Mar 4, 2024

As per https://github.com/apple/swift-crypto/releases/tag/3.0.0 the version 3.0 should be allowed in the range for swift-crypto.
Not allowing this version makes using stripe-kit incompatible with jwt-kit 5 beta.

@Frizlab
Extend swift-crypto allowed version range
de03ec5 
As per https://github.com/apple/swift-crypto/releases/tag/3.0.0 the version 3.0 should be allowed in the range for swift-crypto. Not allowing this version makes using stripe-kit incompatible with jwt-kit 5 beta.
@Frizlab Frizlab requested a review from Andrewangeta as a code owner March 4, 2024 23:31
gwynne
gwynne reviewed Mar 4, 2024
View reviewed changes
Package.swift
@@ -14,7 +14,7 @@ let package = Package(
],
dependencies: [
.package(url: "https://github.com/swift-server/async-http-client.git", from: "1.1.0"),
.package(url: "https://github.com/apple/swift-crypto.git", "1.0.0" ..< "3.0.0"),
.package(url: "https://github.com/apple/swift-crypto.git", "1.0.0" ..< "4.0.0"),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given the JWTKit limitation on the minimum version, would it make more sense to just do from: "3.0.0" here? The only reason most Vapor packages don't do that is to try to remain compatible with other dependencies with the same issue.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given that it might prevent some people to get the latest releases of stripe-kit (e.g. a dependency set to from: "2.0.0" in a Package.swift file), I guess keeping the extended range would be more appropriate?
I’m ok for both solutions though.

@Frizlab Frizlab requested a review from gwynne March 14, 2024 09:30
@Frizlab Frizlab closed this by deleting the head repository May 9, 2024
@Frizlab Frizlab mentioned this pull request May 26, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Andrewangeta Andrewangeta Awaiting requested review from Andrewangeta Andrewangeta is a code owner

@gwynne gwynne Awaiting requested review from gwynne

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Frizlab @gwynne @Andrewangeta