I am not sure how fast this upgrade makes sense - there is barely anything depending on 0.20 since it's been out less than two weeks, including sccache, which only has the dependency bumped in git[0].
if sccache releases before base64 is upgraded in Debian, the change looks fairly mechanical and should thus be easy to temporarily revert. AFAICT: librust-alacritty-terminal-dev 0.17.0-1 librust-cookie-dev 0.16.0-1 base64 0.20 upstream release exists librust-fernet-dev 0.1.4-1+b1 librust-grep-printer-dev 0.1.6-1 (optional) librust-pem-dev 1.0.2-1 librust-plist-dev 1.3.1-1 (no upstream release for a year) librust-postgres-protocol-dev 0.6.4-1+b1 librust-reqwest-dev 0.11.11-3 librust-ron-dev 0.7.1-1 (one major release behind) librust-rustls-pemfile-dev 1.0.0-1+b1 librust-sequoia-autocrypt-dev 0.24.0-1 (no upstream release for a year) librust-sequoia-net-dev 0.25.0-2 librust-sequoia-openpgp-dev 1.10.0-4 (explicitly bumped to < 0.20!) librust-sniffglue-dev 0.15.0-3 (no upstream release for 10 months) librust-totp-rs-dev 3.0.1-2 (optional) librust-ureq-dev 2.5.0-4 except for cookie, which had a release seemingly just for updating base64, these are *all* still on 0.13 upstream. I'd rather not have to patch all of them to be compatible with the new interface, including checking for subtle bugs, when the single thing using it so far (in an unreleased version!) can be trivially made comaptible with the old, currently packaged version. once we reach some critical mass w.r.t. rdeps wanting 0.20, or if someone else steps up that wants to do that work, this obviously changes.. hope that's okay for the time being :) feel free to ping the bug if you have the feeling that the situation has changed! 0: https://github.com/mozilla/sccache/commit/9bf4e41e4c1d27b84c9790d68f4dab0eb7272a07
