cargo-outdated icon indicating copy to clipboard operation
cargo-outdated copied to clipboard

Published 20 hours ago verified publisher icon kbknapp

Crates with '=version' break your project

Open kpp opened this issue 2 years ago • 2 comments

Due to use of zeroize in cryptographic projects with a forced specific version, it's hard to use cargo-outdated:

error: failed to select a version for `zeroize`.
    ... required by package `x25519-dalek v1.2.0`
    ... which satisfies dependency `x25519-dalek = "^1.2.0"` of package `libp2p-noise v0.38.0 (/tmp/cargo-outdatedu18zVN/transports/noise)`
    ... which satisfies path dependency `libp2p-noise` of package `libp2p v0.48.0 (/tmp/cargo-outdatedu18zVN)`
    ... which satisfies path dependency `libp2p` of package `libp2p-autonat v0.7.0 (/tmp/cargo-outdatedu18zVN/protocols/autonat)`
versions that meet the requirements `=1.3` are: 1.3.0

all possible versions conflict with previously selected packages.

  previously selected package `zeroize v1.5.7`
    ... which satisfies dependency `zeroize = "^1.5.7"` of package `keygen v0.1.0 (/tmp/cargo-outdatedu18zVN/misc/keygen)`

failed to select a version for `zeroize` which could resolve this conflict

kpp avatar Aug 30 '22 12:08 kpp

Have the same issue with png crate being pinpoint to =0.17.6 in resvg crate.

I did pinpoint png to exactly the same version in my crate, but cargo-outdated doesn't consider it as an exact version and still treats like a version range:

error: failed to select a version for `png`.
    ... required by package `resvg v0.28.0`
    ... which satisfies dependency `resvg = "^0.28.0"` of package `my-crate v0.0.0 (/var/folders/0w/5v5r_jrx491dd5s5750mtmw00000gn/T/cargo-outdatedIfaGIF/services/file)`
versions that meet the requirements `=0.17.6` are: 0.17.6

all possible versions conflict with previously selected packages.

  previously selected package `png v0.17.7`
    ... which satisfies dependency `png = "^0.17.7"` of package `my-crate v0.0.0 (/var/folders/0w/5v5r_jrx491dd5s5750mtmw00000gn/T/cargo-outdatedIfaGIF/services/file)`

failed to select a version for `png` which could resolve this conflict

cargo update, though, doesn't complain about anything.

tyranron avatar Dec 19 '22 09:12 tyranron

Seems to be the same as https://github.com/kbknapp/cargo-outdated/issues/315

tyranron avatar Dec 19 '22 09:12 tyranron