Update dependencies and docs

This commit is contained in:
Eric Kidd 2020-06-05 09:22:59 -04:00
parent ca56eb3096
commit 47be0cd958
2 changed files with 21 additions and 14 deletions

View file

@ -4,8 +4,10 @@ FROM ubuntu:18.04
# The Rust toolchain to use when building our image. Set by `hooks/build`.
ARG TOOLCHAIN=stable
# The OpenSSL version to use. We parameterize this because many Rust
# projects will fail to build with 1.1.
# The OpenSSL version to use. We parameterize this because many Rust projects
# will fail to build with 1.1. Here is the place to check for new releases:
#
# - https://www.openssl.org/source/
#
# ALSO UPDATE hooks/build!
ARG OPENSSL_VERSION=1.1.1g
@ -14,14 +16,15 @@ ARG OPENSSL_VERSION=1.1.1g
# releases:
#
# - https://github.com/rust-lang/mdBook/releases
# - https://github.com/EmbarkStudios/cargo-about/releases
# - https://github.com/EmbarkStudios/cargo-deny/releases
# - http://zlib.net/
# - https://ftp.postgresql.org/pub/source/
ARG MDBOOK_VERSION=0.3.7
ARG CARGO_ABOUT_VERSION=0.2.2
ARG CARGO_DENY_VERSION=0.6.6
ARG CARGO_DENY_VERSION=0.6.7
ARG ZLIB_VERSION=1.2.11
ARG POSTGRESQL_VERSION=11.7
ARG POSTGRESQL_VERSION=11.8
# Make sure we have basic dev tools for building C libraries. Our goal
# here is to support the musl-libc builds and Cargo builds needed for a

View file

@ -2,14 +2,6 @@
[![Docker Image](https://img.shields.io/docker/pulls/ekidd/rust-musl-builder.svg?maxAge=2592000)](https://hub.docker.com/r/ekidd/rust-musl-builder/)
**OPENSSL SECURITY NOTE:** Previously, `stable` included OpenSSL 1.0.2, and `stable-openssl11` included OpenSSL 1.1.1. However, OpenSSL 1.0.2 is **no longer receiving security fixes,** so the new tagging system will be:
- `stable`: OpenSSL 1.1.1 and the latest stable Rust.
- **DEPRECATED** `stable-openssl11`: OpenSSL 1.1 and Rust 1.42.0. This will no longer be updated. Use `stable` instead.
- **DEPRECATED** `1.42.0-openssl10` and `nightly-2020-03-12-openssl10`: OpenSSL 1.0.2. These will not be updated to newer Rust. You will still be able to build newer OpenSSL 1.0.2 images manually.
I hate to break compatibility with projects that require OpenSSL 1.0.2, but since it will receive no future security updates, I no longer feel comfortable supplying pre-built images.
## What is this?
Do you want to compile a completely static Rust binary with no external dependencies? If so, try:
@ -48,6 +40,16 @@ compile [examples/using-diesel](./examples/using-diesel).
[comp]: https://rust-lang.github.io/rustup-components-history/index.html
### OpenSSL security note
Previously, `stable` included OpenSSL 1.0.2, and `stable-openssl11` included OpenSSL 1.1.1. However, OpenSSL 1.0.2 is **no longer receiving security fixes,** so the new tagging system will be:
- `stable`: OpenSSL 1.1.1 and the latest stable Rust.
- **DEPRECATED** `stable-openssl11`: OpenSSL 1.1 and Rust 1.42.0. This will no longer be updated. Use `stable` instead.
- **DEPRECATED** `1.42.0-openssl10` and `nightly-2020-03-12-openssl10`: OpenSSL 1.0.2. These will not be updated to newer Rust. You will still be able to build newer OpenSSL 1.0.2 images manually.
I hate to break compatibility with projects that require OpenSSL 1.0.2, but since it will receive no future security updates, I no longer feel comfortable supplying pre-built images.
## Caching builds
You may be able to speed up build performance by adding the following `-v` commands to the `rust-musl-builder` alias:
@ -83,8 +85,9 @@ This image also supports the following extra goodies:
- Basic compilation for `armv7` using `musl-libc`. Not all libraries are supported at the moment, however.
- [`mdbook`][mdbook] and `mdbook-graphviz` for building searchable HTML documentation from Markdown files. Build manuals to use alongside your `cargo doc` output!
- [`cargo audit`][audit] to check your Rust project for known security issues.
- [`cargo about`][about] to collect licenses for your dependencies.
- [`cargo deb`][deb] to build Debian packages
- [`cargo deny`][deny] to check your Rust project for known security issues.
## Making OpenSSL work
@ -219,8 +222,9 @@ Either the [Apache 2.0 license](./LICENSE-APACHE.txt), or the
[MIT license](./LICENSE-MIT.txt).
[Alpine Linux container]: https://hub.docker.com/_/alpine/
[audit]: https://github.com/RustSec/cargo-audit
[about]: https://github.com/EmbarkStudios/cargo-about
[deb]: https://github.com/mmstick/cargo-deb
[deny]: https://github.com/EmbarkStudios/cargo-deny
[mdbook]: https://github.com/rust-lang-nursery/mdBook
[musl-libc]: http://www.musl-libc.org/
[musl-gcc]: http://www.musl-libc.org/how.html