#!/bin/sh set -eu # Compare the pinned vendor/rustyline tag against the latest stable # release published on crates.io. Fails when the vendored copy is # behind — this is the signal to review upstream for advisories and # either rebase the vendored copy or document why we are staying. UPSTREAM_FILE="vendor/rustyline/UPSTREAM" if [ ! -f "$UPSTREAM_FILE" ]; then echo "check_rustyline_upstream: missing $UPSTREAM_FILE" >&2 exit 1 fi pinned_tag="$(awk -F': *' '/^tag:/ { print $2; exit }' "$UPSTREAM_FILE")" if [ -z "$pinned_tag" ]; then echo "check_rustyline_upstream: could not read 'tag:' from $UPSTREAM_FILE" >&2 exit 1 fi pinned_version="${pinned_tag#v}" vendored_version="$(awk -F'"' '/^version =/ { print $2; exit }' vendor/rustyline/Cargo.toml)" if [ -z "$vendored_version" ]; then echo "check_rustyline_upstream: could not read version from vendor/rustyline/Cargo.toml" >&2 exit 1 fi if [ "$pinned_version" != "$vendored_version" ]; then cat >&2 <&2 exit 1 fi echo "pinned: $pinned_version" echo "latest: $latest_version" if [ "$pinned_version" != "$latest_version" ]; then cat >&2 <