security/cargo-audit version 0.18.3 always fails in Cirrus CI, though version 0.17.6 does not. The likely problem seems to be that GCP (which Cirrus uses) has some kind of TLS proxy that does not work with the newer cargo-audit version. Since CI pipelines are a major use for this package, and since Cirrus is the most popular CI provider for Rust projects, I suggest that the port be rolled back to 0.17.6, if possible. Upstream issue: https://github.com/rustsec/rustsec/issues/1058 Workaround: instead of using this port, build from source with "cargo install --version=0.17.6 cargo-audit"
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=3e0bcb0ce169c4ec3d2d370eb02cbe59286722aa commit 3e0bcb0ce169c4ec3d2d370eb02cbe59286722aa Author: Mikael Urankar <mikael@FreeBSD.org> AuthorDate: 2024-01-25 15:06:34 +0000 Commit: Mikael Urankar <mikael@FreeBSD.org> CommitDate: 2024-01-25 15:31:26 +0000 security/cargo-audit: revert to 0.17.6 cargo-audit version 0.18.3 always fails in Cirrus CI, though version 0.17.6 does not. Upstream issue: https://github.com/rustsec/rustsec/issues/1058 PR: 276557 security/cargo-audit/Makefile | 7 +- security/cargo-audit/Makefile.crates | 386 +++++++---------- security/cargo-audit/distinfo | 778 +++++++++++++---------------------- 3 files changed, 437 insertions(+), 734 deletions(-)
I see that you raised PORTEPOCH. Are we now stuck with a PORTEPOCH forevermore?
Thanks!
(In reply to Alan Somers from comment #2) Yes