Make aws-lc-rs include the bindgen feature when compiling for MSVC #1935
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR is due to a rabbit hole I fell down trying to address a severe issue brought up from running cargo-audit.
For the project I'm working on, this vulnerability comes up when running cargo-audit as just mentioned:
I already updated my project's direct dependency in its Cargo.toml, but it still shows up as an indirect dependency. Further, the vulnerability seems to be coming from actix-web, which is a very widely used crate. After some investigation, I discovered that I would need to update actix-net before I could update actix-web, so I made this PR.
However, several of the CI builds for Windows msvc in that PR failed and gave me this error:
This was caused by an issue with tokio-rustls. It exposes rustls's awc-lc-rs feature as a feature of the same name, but I can't export the bindgen with it unless I add it as a separate dependency. This brings me to the change I made in this PR.
That is why I made the aws-lc-rs dependency include the bindgen feature when targeting msvc in this PR.
Currently the build fails when I run
cargo check --target x86_64-pc-windows-msvc
from the root of this repo. I'm unsure if that's because my changes are wrong or if it's because I'm compiling it on a Linux machine.