CyberFrogJul 19, 2025
Rust's cargo package manager has a command to install standalone binaries into ~/.cargo/bin but it has no command to update these binaries for you :(

apparently you have to manually run cargo install <name> again for each binary to update it smh
Show threadCyberFrogJul 19, 2025
also I use the static site generator Zola and it is not packaged for my distribution of linux, and they don't publish it to crates.io, which means you need to just point cargo to the git repo and rawdog compile master to install it... I hate this lol
Show threadCyberFrogJul 19, 2025
god it pulls like 8 git submodules too, every time this happens I just think "yeah I'm definitely getting malware today"
Show threadCyberFrogJul 19, 2025

warning: the following packages contain code that will be rejected by a future version of Rust: quick-xml v0.17.2nice.

Show threadCyberFrogJul 19, 2025
the upstream is on version 0.38.0 fuck me, I hate this even more now
Show threadCyberFrog
well I have just learned about cargo audit which should at least make discovering all the crippling vulnerabilities I just installed a little easier
rustsec/cargo-audit/README.md at main · rustsec/rustsec

RustSec API & Tooling. Contribute to rustsec/rustsec development by creating an account on GitHub.

GitHub
Jul 20, 2025 at 12:08amWeb
Show threadCyberFrogJul 20, 2025
I installed 8 unmaintained packages, one has an unsoundness bug, and one has a DoS vulnerability that hasn't been fixed since 2020 because everyone just uses a fork except this one project I installed apparently

I love software :^)
Show threadd@nny disc@ mc²Jul 20, 2025
@froge i'm working on a solution for build scripts https://circumstances.run/@hipsterelectron/114610077000401178
d@nny disc@ mc² (@[email protected])

Content warning: ngi app on capillary the rust build tool

GSV Sleeper Service
Show threadCyberFrogJul 20, 2025
@hipsterelectron that seems nice tbh
Show threadd@nny disc@ mc²Jul 20, 2025
@froge i'm very very hopeful about it!!!