| ▲ | swiftcoder 10 hours ago |
| Yep, every single transitive downstream consumer pulls a fresh copy on every CI run. It's kind of ridiculous, and it's like this in every modern ecosystem. For example, this is a completely empty rust crate, which I started years ago and never released, and it's still downloaded multiple times per day... https://crates.io/crates/ruble |
|
| ▲ | dwoxctbvgq 8 hours ago | parent | next [-] |
| Could it be caused by Crater runs? https://github.com/rust-lang/crater |
|
| ▲ | ModernMech 4 hours ago | parent | prev | next [-] |
| Oh so you're the reason we got btleplug!:P https://github.com/deviceplug/btleplug fwiw the downloads are probably automated crates.io indexers. |
|
| ▲ | fainpul 10 hours ago | parent | prev [-] |
| I'm confused. Why did you publish this? Who "uses" it? |
| |
| ▲ | swiftcoder 10 hours ago | parent [-] | | I published it purely to placeholder the name (and then life got in the way, and I never released the actual library). Nobody uses it at all, but some CI system is still polling at regular intervals... | | |
| ▲ | BobbyTables2 4 hours ago | parent | next [-] | | Wonder if someone has an internal crate named the same, but yours is getting pulled down for some tertiary use (license check, etc). Stuff like Docker that defaults to downloading things from Internet repos is kinda scary. There isn’t always a clear dividing line between the thing as a “tool” and the thing as a “repo”. At least with “git”, I know they I’m not going to end up cloning an artifact from an Internet repo just because I made a small typo… | |
| ▲ | fainpul 8 hours ago | parent | prev | next [-] | | But if no other crate depends on your crate and nobody directly uses it, why would any CI system download it? | | |
| ▲ | swiftcoder 6 hours ago | parent [-] | | I think some of the CI systems just monitor all published crates. For example, docs.io potentially pulls it to see if there is any new documentation |
| |
| ▲ | qludes 8 hours ago | parent | prev [-] | | So someone could reserve all the pronounceable crate names? | | |
| ▲ | swiftcoder 6 hours ago | parent [-] | | Yeah, it’s a known problem in the (non-namespaced) crates.io ecosystem. If someone else wants this name for their Bluetooth LE crate, I’ll happily hand over the keys, but obviously not every crate-squatter is so principled |
|
|
|
