You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
.args(&["--disable-shared","--enable-static"])// Only build static lib
.args(&["--prefix", out_dir.to_str().unwrap()])// Install on the outdir
.arg("--with-pic")// Build position-independent code (required by Rust)
.output()
That's of course portaudio team's fault. But it's possible to download portaudio code from git as a safer alternative — https://app.assembla.com/spaces/portaudio/git/source.
I think, rust-portaudio should use this safer way to download code.
The text was updated successfully, but these errors were encountered:
The tarball is only 1.5MB. The source code within could be vendored into the crate. Since it's available via git, it could be added to this project as a git submodule, which makes it easy to update and also easy to release new crates which already contain the source code and therefore don't have to hit the network to get it or worry about authenticating the retrieved artifact and unpacking it.
Build script attempts to download portaudio code through plain http and without any signature checking (because there aren't any) and then run it.
rust-portaudio/build.rs
Line 62 in c776b83
rust-portaudio/build.rs
Lines 75 to 91 in c776b83
That's of course portaudio team's fault. But it's possible to download portaudio code from git as a safer alternative — https://app.assembla.com/spaces/portaudio/git/source.
I think, rust-portaudio should use this safer way to download code.
The text was updated successfully, but these errors were encountered: