|
|
|
|
|
|
by notriddle
1523 days ago
|
|
|
> What happens when a crate version has to be removed due to a critical CVE or court order (IP Law violation, perhaps)? CVE = The Yank flag. Cargo will refuse to add new yanked packages to a lock file, but if a yanked package is already in the lock file, it will still build. The package is not actually deleted. https://doc.rust-lang.org/cargo/commands/cargo-yank.html Legal = Hard delete. Nobody will go to jail just to avoid breaking your build. Of course, since crates.io and kernel.org are in the same legal jurisdiction, is there any actual difference here? |
|
|