-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cargo downgrades transitive dependency that should not change #14446
Comments
Haven't checked what is wrong, but here is the minimal repo in Cargo-flavored test code: #[cargo_test]
fn git_downgrade_with_duplicate_packages() {
Package::new("rustc-hash", "1.1.0").publish();
Package::new("rustc-hash", "2.0.0").publish();
let (git_project, repo) = git::new_repo("pubgrub", |project| {
project
.file(
"Cargo.toml",
r#"
[package]
name = "pubgrub"
edition = "2021"
[dependencies]
rustc-hash = ">=1.0.0, <3.0.0"
"#,
)
.file("src/lib.rs", "")
});
let rev1 = repo.revparse_single("HEAD").unwrap().id();
let p = project()
.file(
"Cargo.toml",
&format!(
r#"
[package]
name = "foo"
[dependencies]
rustc-hash1 = {{ version = "1", package = "rustc-hash" }}
rustc-hash2 = {{ version = "2", package = "rustc-hash" }}
pubgrub = {{ git = "{}", rev = "{rev1}" }}
"#,
git_project.url(),
),
)
.file("src/lib.rs", "")
.build();
p.cargo("fetch").run();
assert_e2e().eq(p.read_lockfile(), str![[r##"
# This file is automatically @generated by Cargo.
# It is not intended for manual editing.
version = 3
[[package]]
name = "foo"
version = "0.0.0"
dependencies = [
"pubgrub",
"rustc-hash 1.1.0",
"rustc-hash 2.0.0",
]
[[package]]
name = "pubgrub"
version = "0.0.0"
source = "git+[ROOTURL]/pubgrub?rev=de416b2ad7717e09e79a34de70330a07c8b9a0fb#de416b2ad7717e09e79a34de70330a07c8b9a0fb"
dependencies = [
"rustc-hash 2.0.0",
]
[[package]]
name = "rustc-hash"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1981f6ee594df09828a9d95ce56ebac0ee354f40d684bec2f14bd3f4e54356a3"
[[package]]
name = "rustc-hash"
version = "2.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bff208de0b08da920f89e127a4a0f70d2053783efc65d9e398907d1e127cda41"
"##]]);
git_project.change_file("src/lib.rs", "pub fn hello()");
git::add(&repo);
let rev2 = git::commit(&repo);
p.change_file(
"Cargo.toml",
&format!(
r#"
[package]
name = "foo"
[dependencies]
rustc-hash1 = {{ version = "1", package = "rustc-hash" }}
rustc-hash2 = {{ version = "2", package = "rustc-hash" }}
pubgrub = {{ git = "{}", rev = "{rev2}" }}
"#,
git_project.url(),
),
);
p.cargo("fetch").run();
assert_e2e().eq(p.read_lockfile(), str![[r##"
# This file is automatically @generated by Cargo.
# It is not intended for manual editing.
version = 3
[[package]]
name = "foo"
version = "0.0.0"
dependencies = [
"pubgrub",
"rustc-hash 1.1.0",
"rustc-hash 2.0.0",
]
[[package]]
name = "pubgrub"
version = "0.0.0"
source = "git+[ROOTURL]/pubgrub?rev=b5883bacc43c4055a9b1261f77f0c4dd9c2ceae3#b5883bacc43c4055a9b1261f77f0c4dd9c2ceae3"
dependencies = [
"rustc-hash 1.1.0",
]
[[package]]
name = "rustc-hash"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1981f6ee594df09828a9d95ce56ebac0ee354f40d684bec2f14bd3f4e54356a3"
[[package]]
name = "rustc-hash"
version = "2.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bff208de0b08da920f89e127a4a0f70d2053783efc65d9e398907d1e127cda41"
"##]]);
} This seems to only happen with Git dependencies. Editing a registry dependency with a wide version requirement doesn't have the same buggy behavior. |
I suspect this is similar to #5529. I don't remember the explanation why when there is a dependency range across multiple major semver versions that the resolver tends to downgrade to older versions. |
I suspect this is related to #14115. |
Problem
Our project, uv, depends on a git version of pubgrub. pubgrub depends on
rustc-hash = ">=1.0.0, <3.0.0"
. uv has dependencies with both rustc-hash 1 and rustc-hash 2. At6bd677d60d15ab950ae5466197cab4f3f2405bf4
,Cargo.lock
in uv has:Each time i bump the pubgrub revision in
Cargo.toml
, cargo downgrades the rustc version, even though pubgrub's dependencies didn't change:The only way to fix this is running
cargo update -p [email protected]
manually after each pubgrub update.Steps
git clone https://github.com/astral-sh/uv && cd uv && git checkout 6bd677d60d15ab950ae5466197cab4f3f2405bf4
Cargo.toml
, e.g. to388685a8711092971930986644cfed152d1a1f6c
cargo check
git diff
:Possible Solution(s)
During version resolution, cargo should use the version previously used for the package as preference, not another version in the lockfile, or if it has to use a version from the lockfile, it should use the higher version.
Notes
No response
Version
The text was updated successfully, but these errors were encountered: