Update font dependencies: read-fonts 0.38.0, write-fonts 0.46.0#290
Update font dependencies: read-fonts 0.38.0, write-fonts 0.46.0#290
Conversation
…s 0.11.1, tracing-subscriber 0.3.23 Upgrade read-fonts and write-fonts together to avoid type mismatch errors caused by multiple versions of read-fonts in the dependency graph.
概述更新了 变更
代码审查工作量估计🎯 1 (琐碎) | ⏱️ ~3 分钟 诗
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@Cargo.toml`:
- Around line 11-13: Cargo.toml lists non-existent versions for the crates;
update the dependency versions for read-fonts and write-fonts to the published
versions (read-fonts = "0.37.0" and write-fonts = "0.45.0") or explicitly mark
them as pre-release/path/git dependencies if you intended to use unpublished
builds; locate the read-fonts and write-fonts entries in Cargo.toml and either
change the version strings to "0.37.0" and "0.45.0" respectively or replace them
with proper git/path specifications and add a brief comment explaining the
choice.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro
Run ID: 805a04d5-9c8b-47da-8635-710a7346655d
📒 Files selected for processing (1)
Cargo.toml
| font-types = "0.11.1" | ||
| read-fonts = "0.38.0" | ||
| write-fonts = "0.46.0" |
There was a problem hiding this comment.
🧩 Analysis chain
🌐 Web query:
read-fonts 0.38.0 changelog breaking changes
💡 Result:
No public changelog or specific breaking changes found for read-fonts version 0.38.0. The latest released version on crates.io is 0.37.0 (published 2026-01-07). Version 0.38.0 does not appear in crates.io version history, docs.rs documentation, or the project repository https://github.com/googlefonts/fontations releases/tags. References to 0.38.0 exist in forks like fontcull-read-fonts (likely a dependency fork) and a yanked skrifa 0.38.0 that exposed breaking changes in related crates (read-fonts 0.35.1 also yanked), but no details or official release for read-fonts 0.38.0 as of 2026-03-23.
Citations:
- 1: https://crates.io/crates/read-fonts
- 2: Build failure in write-fonts caused by incompatible change in read-fonts 0.35.1 googlefonts/fontations#1693
- 3: https://docs.rs/fontcull-read-fonts/latest/src/fontcull_read_fonts/generated/generated_postscript.rs.html
- 4: https://crates.io/crates/skrifa
- 5: https://github.com/googlefonts/fontations
- 6: https://docs.rs/crate/read-fonts/latest
🌐 Web query:
write-fonts 0.46.0 changelog breaking changes
💡 Result:
No changelog or breaking changes found for write-fonts version 0.46.0. The latest released version on crates.io is 0.45.0 (published 2026-01-07). The GitHub repository (googlefonts/fontations) lists tags up to write-fonts-v0.45.0, with no releases or tags for 0.46.0 as of 2026-03-23. Version lists on crates.io and licenses.dev also do not include 0.46.0.
Citations:
- 1: https://crates.io/crates/write-fonts
- 2: https://licenses.dev/v/cargo/write_fonts
- 3: https://docs.rs/write-fonts/
- 4: https://chromium.googlesource.com/external/github.com/googlefonts/fontations
- 5: https://github.com/googlefonts/fontations
- 6: https://github.com/googlefonts/fontations/tree/main/write-fonts
🏁 Script executed:
#!/bin/bash
# 描述:检查 font-types、read-fonts 和 write-fonts 的安全公告
for package in "font-types" "read-fonts" "write-fonts"; do
echo "=== Checking security advisories for $package ==="
gh api graphql -f query='
{
securityVulnerabilities(first: 5, ecosystem: RUST, package: "'"$package"'") {
nodes {
advisory {
summary
severity
publishedAt
}
vulnerableVersionRange
firstPatchedVersion {
identifier
}
}
}
}'
doneRepository: solarhell/font_obfuscator
Length of output: 672
🏁 Script executed:
cat -n Cargo.toml | head -30Repository: solarhell/font_obfuscator
Length of output: 983
🏁 Script executed:
grep -r "read-fonts\|write-fonts" --include="*.toml" --include="*.rs"Repository: solarhell/font_obfuscator
Length of output: 298
修正依赖版本号:指定的 read-fonts 和 write-fonts 版本在官方仓库中不存在。
Cargo.toml 指定的 read-fonts 0.38.0 和 write-fonts 0.46.0 在 crates.io 中不存在。根据官方记录,这些库的最新版本分别为 0.37.0 和 0.45.0(均发布于 2026-01-07)。项目将无法通过版本解析,导致编译失败。
请更正版本号为存在的版本,或说明这些是否为预发布版本/本地依赖。
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@Cargo.toml` around lines 11 - 13, Cargo.toml lists non-existent versions for
the crates; update the dependency versions for read-fonts and write-fonts to the
published versions (read-fonts = "0.37.0" and write-fonts = "0.45.0") or
explicitly mark them as pre-release/path/git dependencies if you intended to use
unpublished builds; locate the read-fonts and write-fonts entries in Cargo.toml
and either change the version strings to "0.37.0" and "0.45.0" respectively or
replace them with proper git/path specifications and add a brief comment
explaining the choice.
1 participant
Summary
read-fontsfrom 0.37.0 to 0.38.0write-fontsfrom 0.45.0 to 0.46.0font-typesfrom 0.11.0 to 0.11.1tracing-subscriberfrom 0.3.22 to 0.3.23Both
read-fontsandwrite-fontsmust be upgraded together to avoid type mismatch errors caused by multiple versions ofread-fontsin the dependency graph (fixes the CI failures in #288 and #289).Test plan
cargo checkpassesSummary by CodeRabbit
变更说明