You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, when doing cargo publish it tries to build the project from scratch, downloading all the latest dependencies fulfilling the semantic version requirements. For example, having futures = "0.1" would fetch version "0.1.16" to test the build before publishing. This is a problem because the current crate may depend on some extra stuff added between, say, "0.1.12" and "0.1.16" but doesn't reflect that properly in the cargo configuration. The users having an earlier version in the Cargo.lock may get a broken build then (that sometimes can be solved by cargo update -p futures).
There is a simple thing cargo could do to enforce the minimum dependency versions: pick the minimally compatible version for building when publishing. Thus, if one dependency needs "0.1.12" and another needs "0.1", cargo publish should try building with "0.1.12" instead of taking the latest.
The text was updated successfully, but these errors were encountered:
We actually had the same thought as part of the public/private dependencies RFC; I'm pretty sure rust-lang/cargo#4100 is a duplicate of this issue so I'm going to close this one. Let me know if I'm missing anything!
Currently, when doing
cargo publish
it tries to build the project from scratch, downloading all the latest dependencies fulfilling the semantic version requirements. For example, havingfutures = "0.1"
would fetch version "0.1.16" to test the build before publishing. This is a problem because the current crate may depend on some extra stuff added between, say, "0.1.12" and "0.1.16" but doesn't reflect that properly in the cargo configuration. The users having an earlier version in theCargo.lock
may get a broken build then (that sometimes can be solved bycargo update -p futures
).There is a simple thing
cargo
could do to enforce the minimum dependency versions: pick the minimally compatible version for building when publishing. Thus, if one dependency needs "0.1.12" and another needs "0.1",cargo publish
should try building with "0.1.12" instead of taking the latest.The text was updated successfully, but these errors were encountered: