(arrow-rs-object-store) branch main updated: Remove unneeded files from published package (#505)

Fri, 17 Oct 2025 22:31:10 -0700 

This is an automated email from the ASF dual-hosted git repository.

mbrobbel pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-rs-object-store.git


The following commit(s) were added to refs/heads/main by this push:
     new 7da30ee  Remove unneeded files from published package (#505)
7da30ee is described below

commit 7da30eefd2a8a5d762472c53ca1ea99abdbce46a
Author: Georg Semmler <[email protected]>
AuthorDate: Tue Oct 14 09:13:29 2025 +0000

    Remove unneeded files from published package (#505)
    
    During a regular review of our dependencies I noticed that the
    published version of object-store crate contains several unneeded files.
    This includes various scripts from
    
[`dev/release`](https://github.com/apache/arrow-rs-object-store/tree/main/dev/release).
    While these scripts should not be a problem at all, they are still shell
    scripts that could contain malicous content and that could be executed
    at compile time. By excluding them it's possible to deny interpreted
    scripts for this crate by using [`cargo
    
deny`](https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html#the-interpreted-field-optional)
    
    This commit introduces an explicit `include` list in the `Cargo.toml`
    file to ensure only required files are included. I've choosen to only
    include relevant source code files. I personally prefer using `include`
    as it makes clear what should be in the crate rather than relying on
    `exclude` which only defines what shouldn't be in there.
    
    Finally this change reduces the size of the uploaded package from
    93 files, 1.3MiB (269.5KiB compressed) to 65 files, 1.1MiB (232.3KiB
    compressed), which results in a ~68GB/month traffic reduction for
    crates.io assuming the current ~2 million downloads per month and the
    compressed package sizes.
---
 Cargo.toml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Cargo.toml b/Cargo.toml
index eeb14dd..015e50f 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -25,6 +25,7 @@ description = "A generic object store interface for uniformly 
interacting with A
 keywords = ["object", "storage", "cloud"]
 repository = "https://github.com/apache/arrow-rs-object-store";
 rust-version = "1.64.0"
+include = ["src/**/*.rs", "README.md", "LICENSE.txt", "NOTICE.txt", 
"Cargo.toml"]
 
 [package.metadata.docs.rs]
 all-features = true

Reply via email to