Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use the lowest dependency versions when publishing #1145

Closed
kvark opened this issue Oct 24, 2017 · 2 comments
Closed

Use the lowest dependency versions when publishing #1145

kvark opened this issue Oct 24, 2017 · 2 comments

Comments

@kvark
Copy link

kvark commented Oct 24, 2017

Currently, when doing cargo publish it tries to build the project from scratch, downloading all the latest dependencies fulfilling the semantic version requirements. For example, having futures = "0.1" would fetch version "0.1.16" to test the build before publishing. This is a problem because the current crate may depend on some extra stuff added between, say, "0.1.12" and "0.1.16" but doesn't reflect that properly in the cargo configuration. The users having an earlier version in the Cargo.lock may get a broken build then (that sometimes can be solved by cargo update -p futures).

There is a simple thing cargo could do to enforce the minimum dependency versions: pick the minimally compatible version for building when publishing. Thus, if one dependency needs "0.1.12" and another needs "0.1", cargo publish should try building with "0.1.12" instead of taking the latest.

@carols10cents
Copy link
Member

We actually had the same thought as part of the public/private dependencies RFC; I'm pretty sure rust-lang/cargo#4100 is a duplicate of this issue so I'm going to close this one. Let me know if I'm missing anything!

@kvark
Copy link
Author

kvark commented Oct 25, 2017

Thanks @carols10cents ! I searched the bug list but somehow missed it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants