Only include files that are necessary for crates.io #1553
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Collaborator
|
Sorry for the delay. A new PR that does about the same thing made me remember your PR. You were first so I checked yours first. |
nilgoyette
requested changes
Dec 16, 2025
SwishSwushPow
force-pushed
the
include_fewer_things
branch
from
f21ccca to
7a09587
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi everyone 👋
While reviewing dependency updates in our project (trying to assure supply chain safety) I noticed that there are a couple of scripts, tests, benchmarks etc. that are not necessarily required to be published to crates.io. They make it harder to review
ndarraywhen checking the supply chain and I was wondering if it would be possible to remove these items from the published package. That would remove potential vectors for a security vulnerability in the future and it would also shrink the size ofndarrayfrom 309.5KiB to 237.6KiB compressed. :)The downside of course would be that e.g. the tests couldn't be run from the crate package anymore, but I'm not sure how popular that is.
I've tried to include all the files that are required (licenses) and that make reviewing things a bit easier (readme and release files can give a good context what has changed between versions).
Best regards!