martin-g commented on PR #2476: URL: https://github.com/apache/avro/pull/2476#issuecomment-1704707049
> With keepking `Cargo.lock`, we could mitigate it by letting dependabot regularly update `Cargo.lock`. > What do you think? Dependabot sends PRs for any new release of the direct dependencies. And I merge them as soon as possible! At the moment there are two pending PRs which are not merged yet because they require Rust 1.70.0 (and MSRV is 1.65.0). I am not aware of any issues caused by having Cargo.lock around. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
